Computer Forensic
Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law.
Overview
Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it.
Why we  need Computer Forensic
1) The ability to reduce or even eliminate sampling risk – This is the biggest advantage of forensic accountants over the external auditors.
2) The comparison of relevant types of data from different systems or sources to show a more complete picture .
3) The ability to easily trend relevant data over periods of time, fluctuations in trending lines can be analyzed further for false positives and potential risk factors .
4) The quick identification and extraction of certain risk criteria from the entire data population for further analysis .
5) The testing for effectiveness of the control environment and policies in place by identifying attributes that violate rules .
6) The identifying trends of which company personnel, consultants and forensic accountants were unaware.
About Apporach
Securing the devices.
Check the data and files.
Recover lost information.
Reveal the important contents of all the programs and hidden files.
Access and decrypt protected and hidden files.
Identify the important areas.
Document each and every step of the procedure.
Be prepared to present the documents to testify in court.