SFIA Mapping Form Generator

Category: Delivery and operation

Subcategory: Security services

Cybercrime investigation - CRIM

Investigates cybercrimes, collects evidence, determines incident impacts and collaborates with legal teams to protect digital assets.

Levels:

Level 2:
Description: Assists in cybercrime investigations under routine supervision. Supports the collection of evidence related to cybercrime investigations. Participates in monitoring suspicious activities. Helps maintain evidence integrity and assists in preliminary interviews. Follows established protocols and guidelines.

Level 3:
Description: Conducts cybercrime investigations using standard procedures. Collects and preserves various forms of evidence in cybercrime cases. Assesses credibility and checks for compliance with relevant investigative standards. Analyses basic cyber threats and incidents, and prepares investigative reports. Identifies incidents that may have legal implications. Conducts interviews and assists in interrogations.

Level 4:
Description: Oversees mid-level investigations, coordinating evidence collection and forensic analyses. Assesses target vulnerabilities and operational impacts of cyber incidents. Provides comprehensive reports and expert analysis for stakeholders. Conducts interviews and interrogations, identifying potential legal implications and collaborating with legal professionals.

Level 5:
Description: Manages complex cybercrime investigations, overseeing all stages from detection to resolution. Evaluates incidents involving advanced threats or significant breaches. Develops and implements procedures for evidence handling and documentation. Collaborates with legal teams to ensure evidence supports potential legal proceedings. Leads the development of response strategies, assessing vulnerabilities and operational capabilities. Oversees the implementation of tools and automation to enhance investigative processes.

Level 6:
Description: Defines the organisational strategy for cybercrime investigations. Establishes policies and standards for handling various forms of evidence in cybercrime cases, including the adoption and integration of tools and automation to improve efficiency and accuracy. Oversees high-risk or sensitive investigations, managing cross-disciplinary teams. Conducts high-level interviews and interrogations, providing strategic insights on cybersecurity threats and vulnerabilities. Engages with external stakeholders, including regulatory bodies and legal entities, to ensure compliance with legal and ethical standards.