1.0 The ISFCE will maintain the board and committee structure specified in this policy to oversee and facilitate the CCE certification process and other ISFCE activities.

2.0 The ISFCE board and committee members will actively participate and abide by the following structure and carry out the responsibilities listed according to this policy. In the case of a board member or committee member failing to do so, the ISFCE Board members may, by 2/3 vote, terminate the service of such board or committee member and replace him or her through the appointment or nomination process outlined later in this policy.

3.0 All ISFCE Board and Committee members will conduct themselves according to the ISFCE Code of Ethics and Professional Responsibility at all times.

4.0 Each board or committee will have an acting chairperson, who will facilitate any action taken by the committees and interact with the Director of the ISFCE.

5.0 The Certification Board will not include any individual who has carried out the evaluation of a certification candidate.

6.0 The ISFCE will strive to maintain board and committee members that are professionals from the digital forensic or related fields and include members from the academic community to give confidence to interested parties in its competence, impartiality and integrity.

7.0 ISFCE Director

7.1 As a direct liaison to the ISFCE Certification Board and ISFCE Committees and will hold a seat on the ISFCE Certification Board.

7.2 The ISFCE Director is responsible for:

7.2.1 Overseeing the management system and administration of the ISFCE in accordance with ISFCE policy.

7.2.2 Retaining all certification related records indefinitely.

7.2.3 Maintaining a record of all substantive changes implemented by the Certification Board used to certify candidates.

7.2.4 Ensuring all certification records are backed up and secured according to ISFCE policy.

7.2.5 Ensuring any subcontractor that is associated with the certification process, other than executing the certification decision, is managed under a current contract outlining responsibilities, expectations, compensation and performs according to specified responsibilities.

8.0 ISFCE Certification Board

8.1 Board Member Terms and Nomination

8.1.1 Existing board members originally appointed by ISFCE management will continue to serve on the Certification Board and will facilitate initial implementation of the nomination process outlined in this policy.

8.1.2 The ISFCE Certification Board will maintain between 7 and 9 Certification Board members at all times.

8.1.3 At least two of these members will be current ISFCE, Certified Computer Examiner (CCE)® certified individuals nominated by the existing CCE body and approved by at least a 2/3 vote of the existing board members.

8.1.4 The remaining board members will be digital forensics (or related) professionals (active or retired) or members of the academic community related to digital forensics and nominated by existing board members and approved by at least a 2/3 vote of the existing board members. These members may or may not be CCE certified.

8.1.5 Existing board members may not nominate themselves, but may be nominated by another existing board member for an additional term. There is no maximum number of terms for a board member, but if their nomination is not approved by the required vote, their service will end.

8.1.6 All board members will serve a five year term after nomination and approval. The five year term for original board members appointed by ISFCE management will commence on September 1, 2009. All other board member terms will commence upon nomination approval by the existing board members.

8.1.7 A maximum of two board member assignments nominated by and pulled from the current Certified Computer Examiner (CCE)® membership will be called for and approved by the existing Certification Board in September 2009 and each following year as necessary to maintain the board membership numbers stated in this policy.

8.1.8 A maximum of two board member assignments nominated by the existing board members will be approved and added in 2009 and each following year as necessary to maintain the board membership numbers stated in this policy.

8.1.9 Additional nominations will occur in September of each consecutive year and will continue on an annual basis as necessary to maintain board membership as outlined in this policy.

8.1.10 Board members may choose to retire at any time during their term and may or may not be immediately replaced.

8.1.11 Board members may be removed from the board at any time if it is brought to the attention of the board by a board member or other individual that they are not upholding the ISFCE Code of Ethics and Professional Responsibility or for lack of fulfilling responsibilities or misconduct. The board must vote by at least a 2/3 margin to agree on removal of an existing board member.

8.2 Board Member Responsibilities/Requirements

8.2.1 The primary responsibilities of the board include: The review of ISFCE certification and recertification applications if not automatically approved based upon ATC training completion The approval and maintenance of certification test requirements The approve and maintenance of evaluation standards The review and approval of ISFCE policy by a 2/3 vote The approval of certification candidates by a 2/3 vote

8.2.2 The board will report all certification related decisions to the ISFCE staff in a timely manner.

8.2.3 The board will under no circumstances outsource any certification decision.

8.2.4 The criteria used to evaluate candidates for certification shall be only those published by the certification body and as outlined in the ISFCE CCE Exam Process Policy 2.0.

8.2.5 The criteria must be periodically updated consistent with changes in the discipline. Record of these changes must be maintained by the ISFCE Director.

8.2.6 The board will also act as an advisement source to the ISFCE Director on subjects affecting the operation and objectives of the ISFCE as needed and determined by the ISFCE Director.

8.2.7 Board members are responsible for removing themselves from any conflict of interest regarding CCE applicants they review for certification.

8.2.8 The board will elect a chairperson in September of each year. The chairperson will be responsible for facilitating board action when necessary and will hold the deciding vote on any issues in which a board vote is inconclusive.

8.2.9 The ISFCE Director will, as necessary, report to the board chairperson all issues regarding certification related operations.

8.2.10 The Board will approve all mechanisms to evaluate the certification candidates and will work with the ISFCE Director to ensure these mechanisms are in place.

8.3 Internal Review

8.3.1 An internal review of the ISFCE management system and record retention will be performed by the Certification Board chairperson or designated board member at least annually.

8.3.2 The audits will be performed with an internal review checklist that includes the verification of items stated in the current versions of ISFCE policies.

8.3.3 The ISFCE Director will maintain and retain the internal review checklist.

8.3.4 All review documentation records will be maintained indefinitely by the ISFCE Director.

8.3.5 The ISFCE Director will be responsible for creating and implementing any corrective action necessary as a result of the review.

8.3.6 The Certification Board chairperson (or designees) will conduct a follow up review to ensure corrective action has been implemented if necessary as a result of the annual review.

9.0 ISFCE Committees

9.1 The ISFCE will maintain specialized committees to support ISFCE management and the ISFCE Certification Board. ISFCE specialized committees will include:

9.1.1 ISFCE Ethical Standards Committee

9.1.2 ISFCE Appeal Committee

9.1.3 ISFCE Audit Committee

9.2 Each committee will have between 3 and 5 members at any given time.

9.3 All committee members will have a term of 5 years with the exception of the Development Committee, which will have a member term of 3 years.

9.4 New committees may be formed by recommendation of the ISFCE Director or the Certification Board and approval by 2/3 vote of the Certification Board. Existing committees may be dissolved in the same manner.

9.5 Initial committee members, appointed by ISFCE management, will continue to serve until the nominations process outlined in this policy is implemented on September 1, 2009.

9.6 All committee members will be nominated by the ISFCE Director, the ISFCE membership and/or the Certification Board for the term described above.

9.7 Committee member nominations will begin September 2009 with the addition of one committee member and continue on an annual basis as necessary to maintain the required number of committee members per this policy. All original committee member terms will reset on September 1, 2009.

9.8 Committee members may serve on the Certification Board in addition to committee service, but may not serve on more than one committee at a time.

9.9 Committee members may serve no more than two consecutive terms on a single committee. Individuals may return to service on a committee after term limits once absent for at least one full term.

9.10 Committee members are responsible for removing themselves from any conflict of interest regarding certified individuals or certification candidates.

9.11 Each committee is responsible for electing a committee chairperson in September of each year. The chairperson will be responsible for facilitating committee action and communicating any such action to the ISFCE Director and Certification Board. The chairperson will hold the deciding vote on any issues in which a committee vote is inconclusive.

10.0 ISFCE Ethical Standards Committee

10.1 The ISFCE Ethical Standards Committee is responsible for:

10.1.1 Reviewing candidate eligibility requests concerning criminal records.

10.1.2 Reviewing member or other complaints and/or notifications regarding ISFCE member conduct unbecoming of the ISFCE or not in compliance with the ISFCE Code of Ethics and Professional Responsibility.

10.1.3 Reviewing any complaints against applicants such as cheating, collaboration, group studying, etc during the CCE certification examination.

10.1.4 Taking action on certification suspension, revocation or other consequence decisions based on the above mentioned complaints.

10.1.5 Presenting recommended actions to the ISFCE Certification Board and ISFCE Director for execution.

11.0 ISFCE Appeal Committee

11.1 The ISFCE Candidate Appeal Committee is responsible for:

11.1.1 Reviewing any certification scoring appeal made by a certification candidate and independently ruling on the accuracy of that score and reporting the findings to ISFCE Certification Board.

12.0 ISFCE Audit Committee

12.1 The ISFCE Audit Committee is responsible for:

12.1.1 Performing periodic audits of CCE scoring.