Under active development Content is continuously updated and improved

PRIV-10Law Enforcement Requests

>Control Description

Law enforcement agencies may submit requests for evidence; submitted requests are reviewed and tracked to resolution.

Theme

Process

Type

Preventive

Policy/Standard

Incident Management Policy

>Implementation Guidance

1. Ensure a process is defined, documented, and approved for law enforcement agencies to submit evidence requests for investigation. 2. Ensure these requests are appropriately tracked and resolved as per contractual and legal requirements. 3. Ensure any evidence sharing is done via secure methods to avoid unauthorized access to data. 4. Ensure only customer data relevant to the investigation is segregated and submitted if needed.

>Testing Procedure

1. Inspect and validate that a process is defined, documented, and approved for law enforcement agencies to submit evidence requests for investigation. 2. Validate for a sample of requests that they are appropriately tracked and resolved as per contractual and legal requirements. 3. Validate for a sample request whether the evidence sharing was done via secure methods to avoid unauthorized access to data. 4. Validate how customer data relevant to the investigation was segregated and submitted.

>Audit Artifacts

E-PRIV-10
E-PRIV-11
E-PRIV-12

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

Ask AI

Configure your API key to use AI features.