Digital Evidence Recovery (DER) is the internationally standardized process from KPMG to secure or recover digital evidence that may be used in legal proceedings. During this process, deleted data will be recovered that is often essential in the investigation of white-collar crime.
Electronic data from many data sources can be forensically secured at the highest possible quality. Through the creation of digital fingerprints (hash values), data sets can be “frozen” and the integrity of the data secured for further investigative steps.
You are involved in litigation, are being investigated, or are suspected of illegal price fixing. Or perhaps you have to perform a comprehensive internal audit of your company. In all these cases, you are faced with the task of sifting through a huge amount of electronic communications and documents, and, if required, to surrender such data to the other side or the authorities. We will help you, by means of a proven process, to find the relevant documents, to sift them efficiently, and to make them available in a processed form.
- We advise companies and law firms on navigating the maze of information, and focus quickly and cost effectively on the most relevant material.
- We can help gather, process and review large volumes of critical material in multiple formats from various locations in different languages.
- We look after the management of the entire evidence collection project, from planning to document preparation.
- We restore and analyze electronic data.
- We provide an intelligent data processing service, including elimination of duplicates and extraction of metadata ('hidden' data underlying electronic documents).
- We offer concept mapping applications, improving the efficiency of the review. We have web-based review facilities across multiple jurisdictions that help us identify and review key documents.
Organizations are increasingly being faced with the need to evaluate large volumes of data to identify fraud risks, abuse and wasted resources. These analyses can provide indicators of potentially suspicious, erroneous and improper activities, allowing risks to be predicted or identified.
- We evaluate unstructured data sets (e.g. from hard drives, network data, e-mail boxes) as part of digital evidence recovery/technology investigations
- We analyze structured data sets (e.g., databases, application data, telecommunication protocols, or protocols for access systems or for Internet or e-mail use) using our K-Trace tool
- We consolidate separate data sets when systems are changed for separate sites or company divisions or for separate applications
- We analyze and evaluate IT authorizations and the process of granting authorization for networks and applications