In digital forensics, what is the term for the record documenting the management of evidence?

The term for the record documenting the management of evidence in digital forensics is known as the chain of custody. The chain of custody refers to the process of maintaining and documenting the handling of evidence, including how it was collected, who has handled it, and how it has been stored. This is crucial for preserving the integrity of the evidence, ensuring that it can be reliably used in legal proceedings.

Maintaining a proper chain of custody helps to prevent any tampering or contamination of evidence, which could undermine its admissibility in court. It provides a clear and verifiable history that can be traced back to the original sources, making it a key aspect of forensic investigations. This meticulous documentation assures all parties involved that the evidence remains intact and credible throughout the legal processes.

The other terms listed, while related to the field, do not specifically refer to the documentation of evidence management in the same way. An evidence log is a record but not as comprehensive as the chain of custody. An audit trail tracks actions taken in a system, and an incident report describes an occurrence or event, but neither of these encompasses the complete documentation of evidence handling like the chain of custody does.