VirtualMetric - Infrastructure Monitoring Blog

Real time infrastructure monitoring, smart tracking and inventory reporting solution.

What is Forensic Analysis and Why is it Important for the Security of Your Infrastructure

What is Forensic Analysis and Why is it Important for the Security of Your Infrastructure

With the advent of cybercrime in recent years, tracking malicious online activities has become imperative for protecting operations in national security, public safety, law and government enforcement along with protecting private citizens. Consequently, the field of computer forensics is growing, now that legal entities and law enforcement has realized the value IT professionals can deliver.

What is Forensic Analysis

Forensic analysis definition can be described as a detailed process of detecting, investigating, and documenting the reason, course, and consequences of a security incident or violation against state and organization laws. Forensic analysis is often used for providing evidence in court hearings, especially in criminal investigations. It employs wide range of investigative procedures and technologies.

The Steps for Conducting Forensic Analysis

By tracking digital activity, investigators can relate digital information to physical evidence. Digital forensics can also allow investigators to discover planned attacks and prevent a crime from occurring. There are five critical forensic analysis components involved in conducting a detailed forensic analysis, all of which are involved in contributing towards a successful investigation.

1.   Developing Policy and Procedures

Whether it’s about a criminal conspiracy, cyber activity, or an intention to commit a crime, forensic evidence can be highly sensitive and delicate. Cybersecurity experts know how valuable the information is, and understand that if it’s not properly handled and protected, it can be compromised easily.

For this reason, it is important to develop and follow strict policies and procedures for all activities related to forensic analysis. These procedures may include instructions on how to prepare systems for retrieving evidence, where to store the retrieved evidence, when to authorize forensic investigators to recover potential evidence, and how to document the activities.

2.   Assess the Evidence

The second key step in the forensic investigation is assessing potential evidence in a cybercrime. This assessment involves classifying the cybercrime in question, such as one related to identity theft, social engineering, phishing, etc. The investigator then needs to determine the integrity and source of data before entering it as an evidence.

3.   Acquire Evidence

This involves devising a detailed, rigorous plan to acquire evidence. All information should be recorded and preserved, and documented before, during, and after the evidence acquisition. The policies regarding preserving the integrity of potential evidence mainly apply to this step, since without evidence, the forensic analysis may be considered futile.

The general guidelines to preserve evidence include using controlled boot discs for retrieving critical data, physically removing storage devices, and taking required steps to copy and shift the evidence to the forensic investigation team. It is important to document and authenticate all the evidence when in a court case.

4.   Examining the Evidence

To examine a potential evidence, there should be procedures to retrieve, copy, and store evidence within the appropriate database. It can include a number of approaches and methods for analyzing information, such as using an analysis software to look for data archives with specific file types or keywords, or retrieving recently-deleted files.

Data that is tagged with dates and times is of particular importance to the investigators, along with any encrypted or hidden files. It is also useful to analyze file names since it can help identify when the data was created, uploaded, or downloaded. It can also send files on a storage device to an online data transfer.

5.   Documenting and Reporting

Lastly, forensic investigators need to keep a record of not only software and hardware specifications, but also include all methods used in the investigation , including methods to test system functionality and copying, retrieving, and storing data. Documentation and reporting not only demonstrate how user integrity was preserved, but also ensures that all parties adhere.

Tools for Forensic Analysis

Whether you require forensic analysis for an investigation into unauthorized server access, a human resource case, or a high-profile data breach investigation, these open-source digital forensic tools can help carry out memory forensic analysis, forensic image exploration, hard drive analysis, and mobile forensics. The tools give ability to retrieve in-depth information about an infrastructure.

Here are some of them:

  •       Autopsy – It is an open-source GUI-based tool that analyzes smart phones and hard drives. It is used worldwide for investigating what happened in a computer.
  •       Wireshark – It is a network capture and analyzer software tool that sees what happens in the network.
  •       Encrypted Disk Detector – It helps in checking encrypted physical drives and supports Bitlocker, TrueCrypt, and Safeboot.
  •       Magnet RAM Capture – It is used to capture physical memory of a computer to analyze memory artifacts.
  •       Network Miner – It is a network forensic analyzer for Linux, Windows, and Mac OS X for detecting operating systems, hostname, open ports and sessions by PCAP file or through packet sniffing.

Importance of Forensic Analysis for the Security of Your Infrastructure

Forensic analysis importance can be understood by knowing the benefits it provides to your infrastructure’s security.

Preventing Hackers

With digital forensics, cyber security companies have been able to develop technology that prevents hackers from accessing a website, network, or device. By knowing the trends of how cyber criminals steal or exploit data, cyber security software firms are able to protect relevant data and scan networks to ensure that outside parties cannot access it.

Preventing Malware

Antimalware software is one of the biggest benefits resulting from digital forensics. Forensic analysis helps identify how a virus enters and behaves in a network infrastructure. The software developed as a result can detect malware and spyware and remove it before a vulnerability can be exploited.

Retrieving Deleted Information

For any digital investigation, it is crucial to recover deleted information – especially in a data breach or in case of identity theft. Digital forensics uses complex tools and techniques to recover information and present it in the court of law or even in situations without court cases where recovery of data is essential.

Identifying Vulnerabilities

Vulnerabilities are often not apparent, thus making it easy for hackers to exploit them. Forensic analysis techniques provide valuable information to present typical weak areas in an infrastructure, application, or website. Based upon this information, security software can pay attention to fix these vulnerable areas.

VirtualMetric provides monitoring and analysis tools to help you ensure performance and reliability of your infrastructure. Get a free 30-day trial today to find out how our products work.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • Applications & Services
  • Asset & Change Management
  • Case Studies
  • Discover VirtualMetric
  • IT Insights
  • Security & Auditing
  • Virtualization
  • February 2022
  • December 2021
  • November 2021
  • September 2021
  • August 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • February 2020
  • February 2019
  • December 2018
  • November 2018
  • October 2018
  • August 2018
  • February 2018
  • January 2018
  • December 2017

About VirtualMetric

  • AWS monitoring
  • Azure monitoring
  • change management
  • change tracking
  • dashboard playlist
  • infrastructure management
  • infrastructure monitoring
  • inventory monitoring
  • Linux monitoring
  • log analysis charts
  • log analysis software
  • log analysis tool
  • Log Analyzer
  • log monitoring
  • Microsoft Hyper-V
  • new release
  • partnership
  • performance
  • query-based notifications
  • real-time log analysis
  • sales manager
  • server monitoring
  • system administrator
  • virtual infrastructure monitoring
  • virtualization monitoring
  • VirtualMetric
  • VMware Monitoring
  • VMware monitoring tool
  • More from M-W
  • To save this word, you'll need to log in. Log In

Definition of forensic

 (Entry 1 of 2)

Definition of forensic  (Entry 2 of 2)

Did you know?

The noun forensic, meaning “an argumentative exercise” derives from the adjective forensic, whose earliest meaning in English is “belonging to, used in, or suitable to courts or to public discussion and debate.” The English word was derived from a Latin word forensic meaning “of the market place or form, public,” which in turn comes from the Latin word forum, meaning “market place, forum.”

Examples of forensic in a Sentence

These examples are programmatically compiled from various online sources to illustrate current usage of the word 'forensic.' Any opinions expressed in the examples do not represent those of Merriam-Webster or its editors. Send us feedback about these examples.

Word History

Adjective and Noun

Latin forensis public, forensic, from forum forum

1659, in the meaning defined at sense 1

1844, in the meaning defined at sense 2

Phrases Containing forensic

  • forensic odontology

Dictionary Entries Near forensic

Cite this entry.

“Forensic.” Merriam-Webster.com Dictionary , Merriam-Webster, https://www.merriam-webster.com/dictionary/forensic. Accessed 20 Feb. 2024.

Kids Definition

Kids definition of forensic.

from Latin forensis "of a forum, public," from forum "market, place of public discussion, court"

Medical Definition

Medical definition of forensic, legal definition, legal definition of forensic, more from merriam-webster on forensic.

Nglish: Translation of forensic for Spanish Speakers

Britannica English: Translation of forensic for Arabic Speakers

Subscribe to America's largest dictionary and get thousands more definitions and advanced search—ad free!

Play Quordle: Guess all four words in a limited number of tries.  Each of your guesses must be a real 5-letter word.

Can you solve 4 words at once?

Word of the day.

See Definitions and Examples »

Get Word of the Day daily email!

Popular in Grammar & Usage

8 grammar terms you used to know, but forgot, homophones, homographs, and homonyms, commonly misspelled words, a guide to em dashes, en dashes, and hyphens, absent letters that are heard anyway, popular in wordplay, 12 more bird names that sound like insults (and sometimes are), the words of the week - feb. 16, 9 superb owl words, 'gaslighting,' 'woke,' 'democracy,' and other top lookups, 10 words for lesser-known games and sports, games & quizzes.

Play Blossom: Solve today's spelling word game by finding as many words as you can using just 7 letters. Longer words score more points.

aafs-homepage-forensic-science-fingerprints-facial-recognition

What is Forensic Science?

The word forensic comes from the Latin word forensis :  public, to the forum or public discussion; argumentative, rhetorical, belonging to debate or discussion.  A relevant, modern definition of forensic is: relating to, used in, or suitable to a court of law.  Any science used for the purposes of the law is a forensic science. The forensic sciences are used around the world to resolve civil disputes, to justly enforce criminal laws and government regulations, and to protect public health.  Forensic scientists may be involved anytime an objective, scientific analysis is needed to find the truth and to seek justice in a legal proceeding. 

What Do Forensic Scientists Do?

What's a forensic scientist.

A forensic scientist is first a scientist. When a scientist's knowledge is used to help lawyers, juries, and judges understand the results of scientific tests, the scientist becomes a forensic scientist. Because the work of a forensic scientist is intended to be used in court and because scientific evidence can be very powerful, the forensic scientist must be accurate, methodical, detailed, and above all, unbiased. 

Analyze Information and Document Findings

In most cases, the item or items in question are provided to the forensic scientist for examination and analysis. In other cases, they may need to go to the scene to conduct an on-site analysis, gather evidence, or document facts for later analysis. Having been provided or having gathered the relevant information, the forensic scientist then has to decide which examinations, tests, or analyses are appropriate – and relevant – to the issue(s) in dispute. (Is that powder cocaine or not?  Did a defect in the road surface cause the crash?). They must conduct the most appropriate tests/analyses and document the process to interpret the results and document the steps followed to reach this conclusion or opinion.

Testify in Court as an Expert Witness

The forensic scientist will, at some point, have to testify. Testimony is the verbal statement of a witness, under oath, to the judge or jury. Forensic scientists are "expert" witnesses as opposed to ordinary or "fact" witnesses. Expert witnesses are permitted to testify not just about what the results of testing or analysis were ("facts"), but also to give an opinion about what those results mean. For example, a forensic scientist may testify about the observed, factual results of a chemical drug analysis and that, in their expert opinion, the results show that the tested substance is a specific drug, such as cocaine or heroin.

To qualify as an expert witness, the forensic scientist must have a solid, documented background of education, training, and experience in the scientific discipline used to conduct the examinations, testing, or analyses about which the forensic scientist wants to testify.

Being a member of the AAFS may assist in qualifying a forensic scientists as an expert witness. 

Become a Member

A party to a court case may challenge whether the scientist performed the tests correctly; whether the scientist interpreted the results accurately; or, whether the underlying science is valid and reliable. A party to a court case may additionally challenge whether the scientist is properly qualified to render an expert opinion or question the scientist's impartiality.

"If the law has made you a witness, remain a man of science. You have no victim to avenge, no guilty or innocent person to convict or save — you must bear testimony within the limits of science."

— Dr. P.C.H. Brouardel 19th-Century French Medico-Legalist

scientist-laboratory-examine-evidence-microscope

How do I Become a Forensic Scientist?

You will need:

  • Bachelor's degree in science - (chemistry, biology, physics, etc.) Take other courses in math, statistics, and writing skills.
  • Advanced degree – certain jobs require advanced degrees and specialized training.
  • Good speaking skills – courses enhancing your public presence and speaking ability are highly recommended.
  • Good note-taking and observation skills – take laboratory courses.
  • The ability to write an understandable scientific report
  • The ability to be unbiased, intellectual curiosity, and personal integrity

forensic-engineering-science-aafs-discipline-section

How Much Money Will I Make?

Income in the forensic sciences and average work weeks vary greatly depending on the type of job, the employer, and the work requirements. Most scientists in forensic laboratories work 40 hours per week.  Others work in the field, some may be "on call," and their work hours may vary. Every branch of forensic science offers opportunity for personal growth, career advancement, and increased financial compensation.

The average salary of a forensic scientist is estimated to be between $40,000 and $100,000 a year. 

U.S. flag

An official website of the United States government

Here’s how you know

Official websites use .gov A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

https://www.nist.gov/forensic-science

blue background with partial bright blue fingerprint overtop

Forensic Science

NIST is working to strengthen forensic practice through research and improved standards. Our efforts involve three key components:

We conduct scientific research in several forensic disciplines, including DNA, ballistics, fingerprint analysis, trace evidence, and digital, among others. We provide physical reference standards and data that help forensic laboratories validate their analytical methods and ensure accurate test results.

We also support CSAFE, a NIST Center of Excellence in Forensic Science, which is working to develop new statistical methods for use in evidence examination

We co-chaired, with the Department of Justice, the National Commission on Forensic Science , which formulated recommendations for the U.S. Attorney General on matters such as accreditation requirements for forensic science service providers.

We administer the Organization of Scientific Area Committees for Forensic Science  (OSAC), which is facilitating the development of science-based standards and guidelines for a broad array of forensic disciplines.

Featured Content

Forensic science topics.

  • Digital evidence
  • Drugs & toxicology
  • Firearms and toolmarks
  • Forensic biometrics
  • Forensic genetics
  • Trace evidence

What Is Forensic Science?

Forensic science is the use of scientific methods or expertise to investigate crimes or examine evidence that might be presented in a court of law. Forensic science comprises a diverse array of disciplines, from fingerprint and DNA analysis to anthropology and wildlife forensics. Though they represent varied disciplines, all forensic scientists face a common set of challenges. How do you ensure that forensic methods produce reliable results? How do you communicate findings to a jury or other nonexperts in a way that is accurate and understandable? How do you keep up with new technology without falling behind on casework? Meeting these and other challenges is critical to ensuring that forensic science remains a powerful force in support of justice and public safety.

Key Accomplishments

  • Forensic SRMs: NIST develops standard reference materials (SRMs) for forensic science, including the Standard Bullet and the Human DNA Quantitation Standard . By helping to ensure that forensic labs produce accurate measurements when analyzing crime scene evidence, these SRMs contribute to public safety and fairness in the criminal justice system.
  • Digital forensics: NIST’s National Software Reference Library is one of the largest publicly  known collections of computer software in the world and includes a database of millions of digital signatures from known software files. That database is a critical tool for computer forensics experts and vastly speeds up the investigation of crimes involving digital evidence.
  • Combating the opioid epidemic: Fentanyl and other synthetic opioids kill tens of thousands of Americans each year. NIST scientists have developed new tools  that help police and forensic chemists save lives by detecting and identifying these drugs safely, efficiently and reliably.
  • Forensic science standards: NIST is accelerating the development and adoption of high-quality, technically sound forensic science standards by administering the Organization of Scientific Area Committees for Forensic Science (OSAC). OSAC-approved standards define minimum requirements, best practices and standard protocols that help ensure that the results of forensic analysis are reliable and reproducible.  
  • Forensic DNA: NIST played a central role in developing the forensic DNA analysis techniques that have revolutionized crime fighting and have helped convict the guilty and exonerate the innocent. Among other things, NIST scientists have enabled enhanced DNA “fingerprints.”  

Black background. Photo of a penny. Next to the penny is a tiny amount of a white powder.

Safe, Efficient, Reliable: New Science in the Fight Against Killer Drugs

“A new drug might appear, then three or six months later it’s gone, replaced by something new,” said NIST chemist and program manager Marcela Najarro. “It’s a totally different ballgame than 10 or 15 years ago.”

To help with that issue and others, NIST researchers are giving law enforcement and public health experts new tools to combat fentanyl and other synthetic drugs.

A dark rectangle filled with colored triangles.

NIST Publishes Review of DNA Mixture Interpretation Methods

Spotlight: forensics videos and app for collecting trace evidence.

Carina Hahn sits at a workstation and looks at a computer screen.

Spotlight: Measuring the Decisions of Human Facial Forensic Examiners

A white van with its sliding door open, parked in a lot, with mountains in the background. Decals on the side refer to scientific studies.

Researchers Analyze THC in Breath of Cannabis Smokers

Stay in touch.

Sign up for our newsletter to stay up to date with the latest research, trends, and news for Forensic Science.

Primary tabs

Forensic means used in or suitable to  courts  of justice. The term comes from the Latin forensis, meaning “public” and forum, meaning “court.”

Forensic may also refer to something of, relating to, or involving the scientific methods used for investigating  crimes like DNA analysis, fingerprint analysis, or ballistics. This form of forensics is also sometimes termed forensic science.

[Last updated in January of 2023 by the Wex Definitions Team ]

  • THE LEGAL PROCESS
  • criminal law
  • criminal procedure
  • civil procedure
  • courts and procedure
  • criminal law and procedure
  • wex definitions
  • Directory Global directory
  • Logins Product logins
  • Support Support & training
  • Contact Contact us

meaning of forensic analysis

The Neutral Corner: Understanding a Digital Forensics Report

Daniel Garrie   Senior Partner & Co-Founder / Law & Forensics

15 Aug 2016 · 6 minute read

It is vital for lawyers to understand what digital evidence is, how forensic neutrals work, and what to look for when reviewing a forensics report

As technology rapidly advances, it is becoming more and more difficult to find the hidden truths contained in digital footprints. While this is often not a problem for most people, attorneys in recent years have begun to run into substantial problems in dealing with the complexities of modern digital evidence, namely an inability to know what to look for, and how to get it. These difficulties have led to the rise of forensic experts and other impartial “neutrals” that can assist lawyers in dealing with the intricacies of digital evidence.

In this blog post, I will examine what digital evidence is, how forensic neutrals work, and conclude with a few key points for the reader to consider when reviewing a forensic report.

Digital evidence refers to any type of evidence that is found on a computer, audio file, video recording, or digital image. Importantly, this includes data that may be hidden, erased, or otherwise altered, and requires forensic analysis in order to determine its content. This is a rather expansive definition, but it is the correct definition because there are at least traces of digital evidence wherever one may look. As a result, a natural question arises as to where one should look for useful evidence. There are, of course, the usual suspects: computers, phones, email accounts, local storage and cloud storage solutions, but these alone are no longer sufficient. With the rise of the Internet of Things, computers can be found almost anywhere, including, for example, a car’s black box, a fitness monitor that can track anything from the wearer’s GPS location to their heart rate, and even refrigerators that can actively monitor their own contents.

As a result of this superfluous quantity of data, it is important to seek the aid of a forensic neutral early in a case, as they can effectively cut through the surplus data, and help the parties find the most probative, and potentially dispositive, data.

As discussed briefly above, the rise of cloud computing and storage has led to new issues associated with collecting and analyzing digital evidence that is not controlled locally. While the cloud is undoubtedly a tool of great convenience, it can make the collection and analysis of data an incredibly difficult — even near impossible — task. Moreover, even if a forensic technician is physically and technologically able to collect and analyze the data, there may be other issues, such as extra-territorial disputes that force US laws into conflict with a myriad of foreign laws regarding data protection and privacy. In cases such as these, a forensic neutral can be instrumental in expeditiously resolving these cloud-centric disputes.

The rise of cloud computing and storage has led to new issues associated with collecting and analyzing digital evidence that is not controlled locally.

The next issue to tackle is how, once appointed, a forensic neutral performs his work. Any forensic neutral must begin his process by carefully documenting all sources of data that the parties may provide (usually called “repositories”), and creating a detailed chain of custody. The laws of evidence rightfully require these strict measures, which mean that before beginning his analysis, a forensic neutral must ensure that everything is properly documented and accounted for. The forensic neutral must then create an identical copy of whatever repository he will analyze to ensure the original data is not lost or modified. There are a variety of tools that can be employed to create a duplicate, but once an exact copy is created, verified and validated, the forensic neutral finally may begin his analysis.

After the analysis is complete, a forensic neutral will compile a report that outlines both his process and his findings. One of the key elements of any good forensic report is that another neutral, given the same repositories, should be able to follow the report, step-by-step, and achieve the same results. It is important to note that a proper forensic report is not a legal document —  it is a technical and scientific document. It does not contain arguments; it contains facts, namely the immutable truths found within the 1s and 0s of digital evidence.

Let’s look at a sample way a forensic report may be organized:

forensics

With respect to the quantity and quality of data contained in a forensic report, one should look to see whether the information included is superfluous or necessary. If a neutral wants to “beef up” a report with a substantial quantity of unnecessary information, it is not a hard task to do, but it often means that there was likely little useful content contained in the report. With respect to qualifications on the neutral’s findings, a good report will contain the following qualifications:

  • limitations of the particular tool(s) used;
  • applicability of the current technology and industry-standard best practices;
  • methodology or techniques such as search criteria or formulae; and
  • the scope of the investigation.

No report will ever be perfect, but a good report will identify the areas that might be a potential concern, highlighting the issues, and their implications for counsel and the court.

In sum, as data becomes more complex and more difficult to collect and analyze, courts and attorneys will increasingly turn to forensic neutrals to help find the truths contained within the parties’ digital footprints.

In upcoming blog posts, I will discuss how neutrals can assist on issues of electronic discovery and computer forensics to save clients time and money.

The thoughts expressed herein are solely those of the author, and not those of JAMS, Law & Forensics, the Journal of Law and Cyber Warfare, or Cardozo Law School. The author would like to thank Masha Simonova and Benjamin Dynkin as contributors.

  • Data Analytics
  • Digital Transformation & Operations
  • Legal Technology

Related posts

meaning of forensic analysis

Legalweek 2024: Current US AI regulation means adopting a strategic — and communicative — approach

meaning of forensic analysis

Forum: Practice Makes Perfect for Generative AI — An Interview with Northwestern’s Daniel Linna

meaning of forensic analysis

Legalweek 2024: How to traverse the treacherous cyber terrain? Start by keeping it simple

More insights.

meaning of forensic analysis

What the “State of the US Legal Market” report showed about law firm billing rate performance in 2023 and where it may go in 2024

meaning of forensic analysis

Needed AI skills facing unknown regulations and advancements

meaning of forensic analysis

Navigating the AI frontier: Taking a holistic approach to legal talent management

Go to the homepage

Example sentences forensic analysis

We needed cold, forensic analysis of what had gone wrong and how to stop it happening again.
I'm hoping for a scalpel-sharp, forensic analysis of the vagaries of market data.
The canonical works are able to withstand forensic analysis and sustain multiple interpretations.
A backlog of mobile phones and computers awaiting forensic analysis threatens to undermine cases for police forces already under pressure over the disclosure scandal.
With the facts teased from conjecture, dramatic re-enactments, expert hypotheses and forensic analysis provide an insight into a world of blood and sand.

Definition of 'forensic' forensic

IPA Pronunciation Guide

Definition of 'analysis' analysis

B2

Related word partners forensic analysis

Browse alphabetically forensic analysis.

  • forensic accountant
  • forensic accounting
  • forensic analysis
  • forensic analyst
  • forensic anthropologist
  • forensic anthropology
  • All ENGLISH words that begin with 'F'

Quick word challenge

Quiz Review

Score: 0 / 5

Tile

Wordle Helper

Tile

Scrabble Tools

  • Foundations of Forensics
  • Blood & Bodily Fluids
  • Child Abuse Allegations
  • Crime Scene Investigation
  • Death Investigation
  • Detection Dogs
  • Digital Evidence
  • Drug Analysis
  • Drug Recognition Experts
  • Eyewitness ID
  • Fingerprints
  • Forensic/Sexual Assault Exams
  • Measurement Uncertainty
  • Mental Health
  • Trace Evidence
  • Forensic Consultations
  • Featured Articles
  • Legislation
  • Discovery Motions
  • Funding for Experts
  • Motions for Appropriate Relief
  • Motions to Exclude Expert Testimony
  • Motions for Independent Testing
  • Motions to Preserve Evidence
  • Motions to Suppress
  • Analyst Certification Motions
  • Reports & Publications

Forensic Terminology

  • Online Research Tools
  • General Information
  • NC State Crime Lab Procedures
  • Charlotte Mecklenburg Crime Lab
  • CCBI Lab Procedures
  • NC OCME Toxicology Lab
  • Pitt Co. Sheriff’s Forensic Services
  • Sec. of State Digital Forensic Lab
  • Wilmington Police Dept Crime Lab
  • Private and Out-of-State Labs
  • News Articles
  • Browse All Experts
  • Working with Experts
  • Expert Services Project
  • Add or Update Expert Records
  • Find a Private Investigator
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Forensic Resources

North Carolina Office of Indigent Defense Services

In 2018, the Organization of Scientific Area Committees for Forensic Science (OSAC) created a Lexicon of Forensic Science Terminology to help facilitate communication across many disciplines. Additional terms can be accessed in the  OSAC Lexicon .

For medical terminology, these websites are helpful:

  • Forensic Nurse Terminology – Provides definitions for acronyms, abbreviations, and medical terminology related to forensic nursing.
  • Medical Abbreviations and Definitions – Searches the Merriam-Webster medical dictionary and provides definitions of thousands of medical terms.

If you would like to view a short video on scientific terminology recorded by Dr. Jay Gehlhausen and Logan Johnson, please see below. 

The following terms are frequently used to discuss forensic analysis. The definitions below explain the term as it is used in the context of forensic analysis.

Absorbance  – the measurement of how much light is absorbed by a substance. The inverse of transmittance.

Accessioning  – the process of receiving, sorting, and labeling samples. The specimen accessioner is also responsible for the accurate distribution of the samples to the correct departments for testing.

Accreditation  – a process by which a laboratory must prove to an accrediting agency that their processes, equipment, and employees are competent, credible, and accurate. The accrediting agency will inspect the laboratory and observe its operation. If the laboratory meets the accrediting agency’s expectations, they will receive an accreditation from that accrediting agency. Lab accreditation shows that the lab meets certain minimum standards, but does not guarantee that no errors will occur.

Accurate  – the proximity of measurement to the actual, correct value. For example, if your machine weighs a sample at 4.55 grams when the actual weight of the sample is 4.55 grams, then your machine is accurate. Compare to precise.

Aliquot  – a smaller portion of the whole sample. Instead of using the entire sample for testing, the scientist will take a small portion of the blood, urine, or serum to run tests. If the aliquot is destroyed by human or mechanical error or consumed by the testing process, the original sample is still intact and the scientist may take a new aliquot for additional testing.

Analyte  – the molecule of interest in the assay.

Assay  – refers to the entire process of analyzing a sample. Rather than calling the process an experiment, this term is used when the scientist is trying to figure out something. An assay is a scientific method that is proven, and thus, should produce accurate and precise results if performed correctly.

Bands  – can be used somewhat synonymously with “peaks” in infrared spectroscopy. While band represents a very complex analytical chemistry reaction, it will be sufficient to know that a band represents that a specific functional group is present in a molecule.

Base Peak  – the most intense, tallest, peak on a mass spectrum. This peak is assigned the abundance of 100.

Blank  – a blank is part of the quality control portion of the experiment. A blank is a solution containing none of the analyte of interest and is used to test the instrument. A blank should produce a negative result and will help demonstrate that the machine is functioning properly and that cross-contamination is not occurring in the machine.

Calibration curve  – a tool used in scientific analysis to calculate the concentration of a substance in an unknown sample. Several samples with a “known” concentration, typically starting with a smaller amount then increasing to a larger amount (for example, 5 mg/mL, 10 mg/mL, 25 mg/mL, etc.) are run prior to the unknown sample, and the results are plotted on a graph. (X-axis is concentration, while the Y-axis is the machine’s response). The plotting of this data should create a straight line (or close to it). The slope of this line can be used to calculate the concentration of the unknown sample.

Certification  – A scientist must be able to prove that they are knowledgeable in the field in which they are practicing and they must be able to prove that they are able to perform their assigned assays competently to receive a certification. The certifying body sets the standards and requirements for certification. A scientist may be certified in a specific field, or more specifically on a particular assay.

Compound  – a mixture; two or more of different things: molecules, solvents, reagents, etc.

Confirmatory test  – a test that is performed after a screening/presumptive test. This test will be able to identify a substance to the exclusion of all others. For example, gas chromatography/mass spectrometry is a confirmatory test in the field of drug analysis. These tests are expensive and typically time consuming. Typically these tests are only performed when a (quicker and less expensive) presumptive/screening test yields positive results.

Frequency  – the number of times a point on a wave passes a fixed reference point in one second. The unit for frequency is Hertz (Hz).

Functional group  – groups of atoms that share the same characteristics. These molecules as a group will produce specific, identifiable peaks on an IR spectrum.

Homogeneous  – uniform throughout. In drug chemistry and toxicology, liquids will typically be stirred or mixed thoroughly to ensure that all portions of the liquid contain the same analytes and same concentration of analytes. Complete homogeneity may not be possible in all situations.

Immunoassay  – a biochemical test used to determine the presence of a specific molecule or compound in a sample. An immunoassay uses and measures antibodies present in the sample to indirectly determine the presence of a compound in a sample.

Internal standard  – a substance that is added to the blank, calibration standards, and unknown sample to improve the precision of the assay. The internal standard contains a known concentration of a reference standard. The internal standard is part of the quality control of the experiment, and is included to test the adequacy of the individual assay run. If the response from the machine for the internal standard are unexpected, it is likely that the other results from that test are compromised.

Ion  – a molecule that has a number of electrons that does not match the number of protons. If an ion has fewer electrons than protons, it will be positively charged (known as a cation). If an ion has more electrons than protons, it will be negatively charged (known as an anion).

Metabolite  – a compound produced as a result of metabolism or due to a metabolic reaction.

Molecular ion  – the molecular ion is the peak on the mass spectrum that represents the molecular weight of the compound being analyzed. The molecular ion may or may not be present, and could be the base peak in some scenarios. This peak will often called the parent peak, and also will be symbolized as the M+ peak (since the molecular ion is a radical cation – a positively charged molecule due to the removal of one electron). Often, the molecular ion is accompanied by what are called isotopic peaks, which are labeled M+1 and M+2.

Molecule  – a molecule is a group of atoms bonded together that is the smallest possible amount of a particular substance that has all of the same characteristics unique to that substance.

Negative control  – part of the quality control for the assay. In toxicology testing, the negative control is blood, urine, or serum that contains none of the targeted analyte (drug). The negative control should receive no response from the machine and is used to check that the machine is working correctly.

Positive control  – part of the quality control of the assay. In toxicology testing, the positive control is blood, urine, or serum that contains a known amount the targeted analyte (drug). The positive control should receive a positive response from the machine for the drug in question. In ELISA testing, the positive control is used as the minimum threshold amount to test positive for a drug. If the concentration of a drug in a person’s blood is higher than the positive control, then the lab will report a positive result. In a confirmatory toxicology assay, the positive control is used for quality control and comparison, but is not the only factor used to make a conclusion.

Precise  – the proximity of two or more measurements to each other. For example, if your machine weighs a sample at 4.55 grams the first time, 4.56 grams the second time, and 4.55 grams a third time, your machine is fairly precise. Even if the true weight of the sample is 5.55 grams, the machine would be considered precise. Compare to accurate.

Presumptive test  – a screening test that is performed to determine if a substance may be present. Presumptive tests may produce false positive results, so results must be confirmed using a confirmatory test. In general, presumptive tests are faster and less expensive than confirmatory tests. Presumptive tests help analysts determine which samples should receive additional confirmatory testing.

Proficiency test  – a proficiency test is a sample provided by a proficiency testing company which should be tested in the exact manner as all other samples are tested. The laboratory sends their results back to the proficiency testing company for evaluation. The proficiency test is designed to test the laboratory’s procedures and performance to ensure that the laboratory results are accurate. Ideally, the analyst will not know that she is completing a proficiency test. This is called a blind proficiency test. However, proficiency testing is rarely conducted blindly in forensic labs. Proficiency test samples may not be an adequate test of an analyst’s ability to conduct forensic testing because forensic samples are often more complex than proficiency test samples.

Quality assurance (QA)  – a set of activities working to ensure the quality of the work of the entire laboratory. QA focuses on how well assays are running as a whole, consistency of results, and the adequacy of the scientists’ performance. QA is proactive – it attempts to develop and improve the scientific processes that used in the laboratory so that errors are prevented. Compare to Quality Control.

Quality control (QC ) – a set of activities performed on individual lab tests to ensure that the results being obtained are accurate. QC is reactive, whereby it aims to identify problems in the run and to correct the defects in individual results. QC may include the use of blanks, internal standards, negative controls, positive controls, etc. to measure the accuracy of the test on a certain batch of sample. Compare to Quality Assurance.

Sensitive  – when a machine or technique is referred to as sensitive it means that the machine or technique can detect very small amounts of a substance. Sensitivity is a quantitative characteristic. Compare to specific.

Specific  – when a machine or technique is referred to as specific it means that the machine or technique can detect certain molecules with great accuracy. Specificity is a qualitative characteristic. Compare to sensitive.

Transmittance  – the measurement of how much light travels through a sample. The inverse of absorbance.

Validation/method validation  – when a new machine, technology, or technique is introduced into the laboratory it must be validated via a validation procedure. While the method of validation changes based on what is being validated, validation typically entails the running of many known samples, which are compiled together to create a portfolio. This portfolio is examined to determine if the machine/technique is working properly and consistently. If it is determined to be working correctly, then the machine/technique will be implemented into the lab’s procedures. Note: many known samples may include tens or hundreds of samples, and the entire validation procedure may take some time.

Volatile  – evaporates or changes from liquid to gas easily at normal temperatures.

Wavelength  – Sound and light are made up of waves. A wave has both crests, the highest point, and troughs, the lowest point. A wavelength is a measure of distance between two successive points on a wave, as in: crest to crest or trough to trough. Wavelengths are typically measured in centimeters (cm).

Wavenumber  – the number of waves that exist over a specific distance. Wavenumbers are measured in inverse centimeters (cm-1).

  • Search Search Please fill out this field.
  • Financial Crime & Fraud
  • Definitions A - L

Financial Forensics: Meaning, Certification, Examples

Adam Hayes, Ph.D., CFA, is a financial writer with 15+ years Wall Street experience as a derivatives trader. Besides his extensive derivative trading expertise, Adam is an expert in economics and behavioral finance. Adam received his master's in economics from The New School for Social Research and his Ph.D. from the University of Wisconsin-Madison in sociology. He is a CFA charterholder as well as holding FINRA Series 7, 55 & 63 licenses. He currently researches and teaches economic sociology and the social studies of finance at the Hebrew University in Jerusalem.

meaning of forensic analysis

Erika Rasure is globally-recognized as a leading consumer economics subject matter expert, researcher, and educator. She is a financial therapist and transformational coach, with a special interest in helping women learn how to invest.

meaning of forensic analysis

What Is Financial Forensics?

Financial forensics is a field that combines criminal investigation skills with financial auditing skills to identify criminal financial activity coming from within or outside of an organization.

Financial forensics may be used in prevention, detection, and recovery activities to investigate terrorism and other criminal activity, provide oversight to private-sector and government organizations, and assess organizations' vulnerability to fraudulent activities.

In the world of investments, financial forensics experts look for companies to short or to try and win whistleblower awards.

Key Takeaways

  • Financial forensics is a field that combines criminal investigation skills with financial auditing to uncover criminal activities carried out by individuals or companies.
  • Financial forensics is used in the prevention, detection, and recovery related to criminal activities, such as money laundering, tax fraud, terrorism, and financial schemes.
  • To become certified in financial forensics, an individual must be a certified public accountant (CPA), pass the Certified Financial Forensics (CFF) exam, and meet certain requirements.
  • Financial forensics is also used by investors and traders to find investment opportunities.

Understanding Financial Forensics

Financial forensics is similar to forensic accounting , which utilizes accounting, auditing , and investigative skills to analyze a company's financial statements for possible fraud in conjunction with anticipated or ongoing legal action.

Forensic accountants analyze the financial statements of companies and individuals to look for tax fraud, money laundering , insider trading , scams, market manipulation, and other financial crimes. The goal is to discover these crimes, report them, prevent them if possible, and prosecute the individuals responsible. If financial theft has taken place, financial forensics is also used to recover any stolen funds.

Financial forensics is significantly used by intelligence agencies as well, such as the Federal Bureau of Investigation (FBI) and the Central Intelligence Agency (CIA) to uncover terrorism. As terrorist groups need funding to exist, this is a very effective measure in discovering terrorist cells.

Forensic accountants can be employed by companies, the government, and agencies like the Securities and Exchange Commission (SEC) and the Internal Revenue Service (IRS).

Forensic accountants can also help companies design accounting and auditing systems to manage, identify, and reduce risk. This has become increasingly popular as companies are looking for ways to prevent crime before it happens rather than discover it after the fact.

How to Become Certified in Financial Forensics

An individual wishing to become a forensic accountant must first be a certified public accountant (CPA). They would then need to take and pass the Certified Financial Forensics (CFF) exam offered by the American Institute for Certified Public Accountants (AICPA) to be a certified accountant in the field of financial forensics.

The exam focuses on two areas: core forensic knowledge and specialized forensic knowledge. It is offered year-round and has either a pass or fail score.

After passing the exam, an individual must complete the CFF Credential Application. This comes with requirements, which include having a minimum of 1,000 business hours experience in forensic accounting within the five years prior to completing the CFF application and 75 hours of forensic accounting-related continuing professional development (CPD), also within five years of completing the application.

CPAs that become certified in financial forensics are typically paid higher salaries and have more job opportunities open to them than those without the certification.

Real-World Examples

Two forensics experts made their names exposing two of the largest frauds in recent history.

Jim Chanos, noted short-seller at the helm of hedge fund Kynikos Associates, dug into the financial statements and other filings of Enron Corporation and uncovered irregularities regarding mark-to-market practices of its energy derivatives and violations of generally accepted accounting principles (GAAP) on matching policy in the company's merchant banking operations. Enron eventually imploded, delivering a tidy sum to Chanos's fund.

Harry Markopolos, an obscure securities professional in the early 2000s, attempted for several years to warn the Securities and Exchange Commission (SEC) and others about the Ponzi scheme perpetrated by Bernie Madoff .

Markopolos finally gained recognition as the lone whistleblower when Madoff's scheme collapsed. He details his saga in his 2010 book, No One Would Listen: A True Financial Thriller . Markopolos continues his fraud-seeking craft to the benefit of investors at large. Madoff was sentenced to 150 years in prison, and passed away behind bars in April of 2021, at the age of 82.

American Institute of CPAs." Certified in Financial Forensics (CFF) Credential Overview ." Accessed April 15, 2021.

AICPA. " CFF Eligibility Requirements ." Accessed April 15, 2021.

U.S. Securities and Exchange Commission. " James Chanos, President, Kynikos Associates ." Accessed April 15, 2021.

U.S. Government Publishing Office. " Senate Hearing 111-368. Oversight of the Securities and Exchange Commission’s Failure to Identify the Bernard L. Madoff Ponzi Scheme and How to Improve SEC Performance ." Accessed April 15, 2021.

CNBC. " The Madoff letters: Newly revealed correspondence shows the deceased con man’s efforts to shape his legacy ." Accessed April 15, 2021.

meaning of forensic analysis

  • Terms of Service
  • Editorial Policy
  • Privacy Policy
  • Your Privacy Choices

IMAGES

  1. What is forensic? Definition and examples

    meaning of forensic analysis

  2. Forensic Evidence: Types, Definition & Cases

    meaning of forensic analysis

  3. How forensic analysis helps hedge funds

    meaning of forensic analysis

  4. How To Perform Forensic Analysis

    meaning of forensic analysis

  5. All About Forensic & Investigative Sciences: Blood Spatter Analysis

    meaning of forensic analysis

  6. Forensic sample collection and analysis

    meaning of forensic analysis

COMMENTS

  1. What is Forensic Analysis and Why is it Important for the Security of

    Forensic analysis definition can be described as a detailed process of detecting, investigating, and documenting the reason, course, and consequences of a security incident or violation against state and organization laws. Forensic analysis is often used for providing evidence in court hearings, especially in criminal investigations.

  2. Forensic Definition & Meaning

    : relating to or dealing with the application of scientific knowledge to legal problems forensic medicine forensic science forensic pathologist forensic experts forensically fə-ˈren (t)-si-k (ə-)lē -ˈren-zi- adverb forensic 2 of 2 noun 1 : an argumentative exercise 2

  3. Forensic science

    Forensic science, also known as criminalistics, is the application of science principles and methods to support legal decision-making in matters of criminal and civil law.. During criminal investigation in particular, it is governed by the legal standards of admissible evidence and criminal procedure.It is a broad field utilizing numerous practices such as the analysis of DNA, fingerprints ...

  4. FORENSIC ANALYSIS definition and meaning

    (fərensɪk ) adjective [ADJECTIVE noun] Forensic is used to describe the work of scientists who examine evidence in order to help the police solve crimes. [...] See full entry for 'forensic' Collins COBUILD Advanced Learner's Dictionary. Copyright © HarperCollins Publishers Definition of 'analysis' analysis (ənælɪsɪs ) (ənælɪsiːz ) variable noun

  5. Forensic science

    forensic science, the application of the methods of the natural and physical sciences to matters of criminal and civil law. Forensic science can be involved not only in investigation and prosecution of crimes such as rape, murder, and drug trafficking but also in matters in which a crime has not been committed but in which someone is charged ...

  6. Evidence Analysis and Processing

    NIJ funds research and development to improve how law enforcement gathers and uses evidence. It supports the enhancement and creation of tools and techniques to identify, collect, analyze, interpret and preserve evidence. On this page, find links to articles, awards, events, publications, and multimedia related to evidence analysis and processing.

  7. What is Forensic Science?

    A relevant, modern definition of forensic is: relating to, used in, or suitable to a court of law. Any science used for the purposes of the law is a forensic science. The forensic sciences are used around the world to resolve civil disputes, to justly enforce criminal laws and government regulations, and to protect public health.

  8. Dictionary of Forensic Science

    Forensic scientists apply scientific analysis in a legal context and play a vital role in solving crimes. Sometimes the collection of forensic evidence is the only way to establish or exclude an association between suspect and victim or crime scene, or to establish a likely order of events. Profiting from recent scientific developments and the ...

  9. Forensic Science

    Forensic science is the use of scientific methods or expertise to investigate crimes or examine evidence that might be presented in a court of law. Forensic science comprises a diverse array of disciplines, from fingerprint and DNA analysis to anthropology and wildlife forensics.

  10. forensic

    Forensic means used in or suitable to courts of justice. The term comes from the Latin forensis, meaning "public" and forum, meaning "court." Forensic may also refer to something of, relating to, or involving the scientific methods used for investigating crimes like DNA analysis, fingerprint analysis, or ballistics. This form of forensics is also sometimes termed forensic science.

  11. Understanding a Digital Forensics Report

    Digital evidence refers to any type of evidence that is found on a computer, audio file, video recording, or digital image. Importantly, this includes data that may be hidden, erased, or otherwise altered, and requires forensic analysis in order to determine its content. This is a rather expansive definition, but it is the correct definition ...

  12. Forensic Analysis

    Forensic Analysis. Forensic Analysis is a branch of science used to help determine the causes of crimes and other legal proceedings. It uses various scientific methods and techniques to help investigate and analyze physical evidence, such as fingerprints, DNA, and blood samples. Forensic Analysis is an important tool for law enforcement to ...

  13. Forensic analysis legal definition of Forensic analysis

    The application of scientific knowledge and methodology to legal problems and criminal investigations. Sometimes called simply forensics, forensic science encompasses many different fields of science, including anthropology, biology, chemistry, engineering, genetics, medicine, pathology, phonetics, psychiatry, and toxicology.

  14. Forensic DNA

    Home Topics Forensic Sciences Forensic DNA Podcast Episode: What's Possible with Rapid DNA Technology? Forensic DNA analysis has played a crucial role in the investigation and resolution of thousands of crimes since the late 1980s.

  15. FORENSIC ANALYSIS definition in American English

    (fərensɪk ) adjective [ADJECTIVE noun] Forensic is used to describe the work of scientists who examine evidence in order to help the police solve crimes. [...] See full entry for 'forensic' Collins COBUILD Advanced Learner's Dictionary. Copyright © HarperCollins Publishers Definition of 'analysis' analysis (ənælɪsɪs ) (ənælɪsiːz ) variable noun

  16. PDF Forensic DNA analysis

    Forensic DNA analysis focuses on examining specific sections of DNA that are known to be particularly variable between individuals in order to create a DNA profile. The part of the DNA that is examined is called a locus (plural loci), which is a unique site along the DNA of a chromosome characterised by a specific sequence of bases. Currently, an

  17. Forensic Terminology

    The following terms are frequently used to discuss forensic analysis. The definitions below explain the term as it is used in the context of forensic analysis. Absorbance - the measurement of how much light is absorbed by a substance. The inverse of transmittance. Accessioning - the process of receiving, sorting, and labeling samples. The ...

  18. Forensic data analysis

    v t e Forensic data analysis ( FDA) is a branch of digital forensics. It examines structured data with regard to incidents of financial crime. The aim is to discover and analyse patterns of fraudulent activities. Data from application systems or from their underlying databases is referred to as structured data.

  19. National Center on Forensics

    The National Center on Forensics Provides forensic science and legal training to prosecutors, judges, and law enforcement. This includes live and on-demand, recorded training. Review the list of courses below, all of which are free and open to all.

  20. What do forensic analysts consider relevant to their decision making?

    Indeed, even DNA analysis, believed by many to be relatively immune to human biases, has been shown to be vulnerable to irrelevant contextual information [4]. The fact that forensic science analyses rely on human perception and judgment makes them vulnerable to contextual information that influences cognitive processes (i.e., contextual effects).

  21. Financial Forensics: Meaning, Certification, Examples

    Forensic accountants analyze the financial statements of companies and individuals to look for tax fraud, money laundering, insider trading, scams, market manipulation, and other financial...

  22. What Is a Forensic Analyst and How to Become One

    What Is a Forensic Analyst? A forensic analyst supports law enforcement agencies at every level of government by processing and analyzing evidence of crimes. As a forensic analyst, you specialize in a particular area of the field, such as crime scene investigation, blood spatter analysis, DNA analysis, and computer analysis.

  23. Forensic Toxicology

    Forensic toxicology is the analysis of biological samples for the presence of toxins, including drugs. The toxicology report can provide key information as to the type of substances present in an individual and if the amount of those substances is consistent with a therapeutic dosage or is above a harmful level. These results can be used to make inferences when determining a substance's ...

  24. What Is a Digital Forensic Analyst?

    Digital forensic analysts work on cybercrime investigations and are often hired in the aftermath of a hack, data breach, or theft of a digital storage device. The job of a digital forensic analyst is multifaceted and encompasses a variety of responsibilities, including: Recovering breached, modified, or destroyed data.