Forensic information technology is a key avenue of inquiry in most investigations. 

It is important to perform computer forensics and the process of electronic discovery by accessing all relevant electronic communications to decipher what has occurred and what evidence may be uncovered. This includes legal and ethical access to, and analysis of, electronic communication such as work emails, computer hard drives, chat logs, printers, faxes, building access control records, telephone, mobile ‘phones and devices, system access logs and so on.

That single ‘smoking gun’ email among masses of ‘big data’ can be the difference between uncovering and proving an event, or not. The accounting system containing relevant financial and other transactions is also routinely imaged and subject to computer forensics.digital_technologies_complex_grey - Copy.png

It is crucial that computer forensics is performed to ensure that there is a proven ‘chain-of-custody’ to ensure evidential integrity of searched data for the following key steps:

  • Data capture through forensic imaging
  • Data processing through forensic methods to ensure efficient reviewing
  • Data review on a platform or format that is efficient and effective to maximise identifying relevant facts


Data analytics leverages data relationships between different systems such as finance, procurement and HR systems. 

Organisations have masses of ‘big data’ sets of financial and non-financial data on which fraud or forensic data analytics can be applied as an efficient and effective method of fraud, bribery or corruption detection.

The Australian Standard AS 8001 Fraud and Corruption Control for example, and echoed by global and other standards and leading practice, highlights some of the elements of an effective fraud, bribery and corruption detection program of:

  • Post-transactional review
  • Data mining and real-time computer system analysis to identify suspicious transactions
  • Analysis of management accounting and other reports to identify trends