All copy and transmission rights reserved by the IICFIP USA, Incorporation

MODULE NO. 4
This module covers Document Examination-
keeping the chain of custody, External
Confirmations, Fraud Risk Assessment.

Keeping Chain of Custody

This can safely be defined as a record of the movement and location of physical evidence from

the time it is obtained until the time it is presented in court of law.

Judges in bench trials and jurors in jury trials are obligated to decide cases on the evidence that is

presented to them in court the of law. The judges or jurors do not conduct their own

investigations into the underlying facts of a given case. Most states and federal courts rules

prohibit judges and jurors from being swayed away, meaning, all confirmations evidence that is

not properly admitted into the record pursuant to the rule of evidence/ confirmations in giving

their decisions must not be accepted.

Likewise, those involved in the civil and criminal litigation depend on judges and the jury to

independently weigh the confirmation, and only the confirmation, which is correctly admitted

into the record(s). Each day, all across the U.S, litigants stake their livelihoods, bank accounts,

and freedom on the premise that the outcome to their judicial proceedings will be one that is

reached justly and fairly, according to the confirmation.

Court-rendered judgments and jury verdicts that are based on contaminated, undependable, or

changed confirmations would undermine the integrity of the entire legal system if such outcomes

1
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

became commonplace. One way in which the law tries to ensure the integrity of evidence is by

requiring proof of the chain of custody by the party who is seeking to introduce a particular piece

of evidence.

Proof of a chain of custody is required when the evidence that is sought to be introduced at a trial

is not unique or where the relevance of the evidence depends on its analysis after an attack. A

proper chain of custody requires three types of indications:

1. Testimony that a piece of evidence is what it purports to be

2. Testimony of continuous possession by each individual who has had possession of the

evidence from the time it was seized until the time it is presented in court.

3. Testimony by each person who has had possession of that particular piece of evidence that it

remained in substantially the same condition from the moment one person took possession

until the moment that person released the evidence into the custody of another until

presentation in a court of law.

Proving a chain of custody is essential to "lay a foundation" for the evidence, simply by showing

the absence of alterations. Particularly, base testimony for tangible evidence requires that

exhibits be identified as being in substantially the same condition as they were at the time the

evidence was detained, and that the exhibit has remained in that condition through an unbroken

chain of custody. Suppose that in a prosecution for possession of illegal drugs, forensic

investigator A recovers drugs from the defendant then gives the next forensic investigator B the

drugs; B then gives the drugs to law enforcer scientist C, who does the analysis of the drugs; and

C gives the drugs to police detective D who brings the drugs to court. The testimony of A, B, C,

and D constitute a "chain of custody" for the drugs, and the prosecution would need to offer

2
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

testimony by each person in the chain to establish both the condition and identification of the

evidence, unless the defendant stipulated as to the chain of custody in order to save time.

A chain of custody need not be demonstrated for every piece of tangible evidence that is

accepted into the trial court's record(s). In fact, the physical evidence that is readily identifiable

by the witness might not need to be supported by a chain-of-custody proof. Take for instance, no

chain-of-custody foundation is needed for items that are imprinted with a serial number or

inscribed with initials by an officer who collected the confirmations. Likewise, items which are

inherently distinctive or memorable might be sufficiently unique and identifiable that they

establish the integrity of the facts.

Whether the requisite foundation has been laid to establish a chain of custody for an exhibit, is a

matter of discretion on the part of the trial judge/ jury. Chances of misidentification and

adulteration must be gotten rid off, not completely, but as a matter of reasonable prospect.

Wherever there is sufficient testimony that the evidence is what it purports to be, and that

testimony is offered by each responsible person in the chain of custody, variations as to accuracy

or reliability of testimony regarding the chain of custody go to the weight of the evidence and not

to its acceptability, which means that the evidence would be admitted into the record for the

judge or jury to evaluate in light of any conflicting testimony that the chain of custody somehow

had been altered. Although the party who offers the evidence has the burden of demonstrating

the chain of custody, the party against whom the evidence is offered must timely object to the

evidence when it is first introduced at examination, or the party will waive any objections as to

its integrity based on a compromised chain of custody.

A Sample of the chain of custody is in Appendix 1.

3
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

Securing the chain of custody in a digital forensics investigation.

Impartiality of an investigation is becoming a new standard in digital forensics, one that service

providers are well-suited to deliver. Outsourcing almost guarantees that any investigation is

impartial. It also saves organizations money since they don't have to keep a digital forensic

investigator on the payroll. Service providers who offer digital forensic services can ease

customer's minds by remaining impartial and taking the necessary steps to ensure that collected

evidence is not tampered with and can be relied upon when called upon.

One element often overlooked in the rush to obtain evidence during a forensic investigation is

control. To prove impartiality you must be able to answer the five W's and H questions: who,

what, why, when, where and how.

Who controlled the evidence?

What was used to collect it?

Why was it done in that manner?

When was each piece of evidence found?

Where was the evidence found? How was it documented?

Ultimately, if the chain of custody is not maintained, all evidence can be challenged and thrown

out of court. This can be particularly devastating when valuable time and resources have been

used to collect the evidence in the first place, not to mention the fact that a failed investigation

erodes the customers confidence. How then should you ensure that forensic evidence is properly

controlled to maintain the chain of custody? There are forms and software programs to assist in

documenting the chain of custody, but here are top tips that you won't find in reference guides.

4
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

Label everything

Cables, Wireless access points, anything and everything that is found at the site should be treated

as a possible exhibit and labeled accordingly. It's easy to forget what goes where when you get

into a tangle of cables and equipments in the server room. If you have to tear down the site and

reassemble it in a lab, the labels make sure you get everything right. This is very applicable to

digital evidence collection and investigations.

Witness everything

I have found it very useful, chiefly when an examination is facing tough scrutiny, to have a

witness for the whole thing. Should your labels, or printed photos and recovered data be all

physically signed by another individual, it provides an additional level of credibility to the

assessment. Furthermore, heaven prohibit, if you are incapacitated and not able to provide

testimony when needed, the witness may be used to back up your investigation.

A unique ID for everything

Last but not least in the investigation is controlling the evidence by maintaining an indisputable

chain of custody. The best method is to give everything a unique ID with accurate and complete

descriptions. Include in your descriptions any unrecoverable marks on equipment such as deep

scratches and dents. Address the five W's and an H for all evidence, seal it with tamper-proof

seals, sign and witness the seals. Lock it up in an indisputably secure location and log every time

the evidence is accessed. If you have to turn evidence over to legal authorities, they are not

above these rules, so have them sign for everything they take.

5
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

Digital forensics is an exciting new industry that is bound to see new methods and challenges as

techniques and technology continue to change. To maintain a solid reputation in the field, build

solid skills with existing software tools and ensure your methodology is beyond reproach.

Rules for using documents as evidence

Documentary evidence gathering must be done according to law and generally accepted

investigative practice.

Information that is held by other people must be obtained by court orders.

All evidence must be well preserved so as to be admissible in a court of law.

Contaminated evidence will not be admissible or it may impede the extraction of further

evidence, e.g. finger prints analysis.

6
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

External Confirmations
Introduction

External confirmations, I am writing about here, is not exactly the same as what is outlined in
the ISA standard. They may be some similarities but the mindset and some procedures are totally
different.

The mindset of the certified forensic investigator is to independently collect evidence in support
or against what he has collected from the transactional and documentary analysis. The
investigator plans to collect the evidence from external parties without informing the client about
his exact intentions.

Evidence provided by external parties is more reliable than the information supplied by the
clients staff.

Sources of external evidence

The following are the sources of external evidence for the purposes of forensic investigation:
1. Banks;
2. Suppliers;
3. Customers; and
4. Former staff.

The purpose of the investigators use of external confirmations is to obtaining investigation

evidence that is more reliable.

External confirmation can be defined as the process of obtaining and evaluating investigation

evidence through an illustration of an existing condition or information directly from a third

party in response to a call for information concerning a particular item touching assertions in the

financial statements of an organization. When deciding the extent of use of external

7
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

confirmations, the investigator should consider the features of the environment in which the

entity being investigated functions and the practice of potential respondents in dealing with

requests for direct confirmation.

Based on my own findings, investigation evidence availed by the original documents may be

more reliable than investigation evidence availed by photocopies or facsimiles. Accordingly,

investigation evidence in the form of original written responses to confirmation requests received

directly by the investigator from third parties unrelated to the entity being investigated,

considered cumulatively with investigation evidence from other investigation dealings, can assist

in reducing the risk of material misrepresentation for the related assertions to an acceptably low

level.

Although its very useful for a successful result, an investigator must establish whether the

application of external confirmation is essential to get hold of sufficient and suitable

investigations evidence at the assertion level. When doing this determination, investigators must

consider the already assessed risk of material misstatement at the assertion level and how the

investigation evidence from other planned investigation procedures will trim down the risk of

material misstatement at the assertion level to an satisfactory level.

Design of the External Confirmation Request

The investigator should tailor external confirmation requests to the specific investigation

objective. When designing the request, the investigator considers the assertions being addressed

and the factors that are likely to affect the reliability of the confirmations. Determinates like the

form of the external confirmation request, previous familiarity on the investigation or similar

activities, nature of the information being investigated, alongside the intended respondent, have

an effect on the design of the requests since these factors have a direct consequence on the

8
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

consistency of the investigation evidence got through external confirmation procedures/

processes.

Management Requests

When the investigator needs to ascertain particular certain balances, but management requests

the investigator not to carry out as he/ she sees necessary, the investigator should consider

whether there are valid grounds for such a request and obtain investigation evidence to support

the validity of managements requests. Should the investigator concur to managements request

not to seek external confirmation regarding a particular concern, then the investigator must apply

alternative investigation procedures to get the sufficient appropriate investigation evidence

regarding that particular matter.

Should the investigator fail to accept the validity of managements request and is prevented from

carrying out the investigation, then there has been a limitation on the scope of the investigators

work and the investigator should consider the possible impact on his or her report findings.

The External Confirmation Process

When performing confirmation procedures/ processes, investigators should keep control over the

process of selecting those to whom a request will be referred, sending and preparing the

confirmation requests, and the responses to those requests. In no circumstance should the control

of communications between the intended recipients and the investigator be ignored since this

may minimize the possibility that the results of the confirmation process will be unbiased due to

the interception and alteration of confirmation requests. The firm in question should see to it that

it is the investigator who sends out the confirmation requests, alongside ensuring that the

9
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

requests are properly handled, and that it is requested that all replies are sent directly to the

investigator.

No Response to a Positive Confirmation Request

In cases where no response is received, he /she should contact the recipient of the request to

bring out a response. However, in cases where even that are in vain, the investigator uses other

investigation measures. The nature of the substitute investigation procedures depend on the

account and assertion in query. In the assessment of accounts receivable, optional investigation

procedures might include but not limited to examination of subsequent cash proceeds,

assessment of shipping documentation or other client documentation to offer investigation

evidence to help in assertion. While, in the examination of accounts payable, other investigation

procedures might include but not limited to examination of succeeding cash disbursements or

correspondence from third parties to give investigation evidence of the existence assertion,

assessment of other records, like goods received notes, in order to give investigation evidence of

the completeness assertion.

Reliability of Responses Received

After receiving a response, the investigator considers whether there is any indication that

external confirmations received may not be reliable in anyway. He/ she consider the responses

authenticity and perform investigation procedures to dispel any concern of doubt. He / she may

decide to verify its source and contents of a response in a telephone call to the purported sender.

Furthermore, the investigator requests the purported sender to mail the original confirmation

directly to the investigators physical and email address. Should the information be in the form of

10
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

oral confirmations the investigator may request the relevant parties to submit written

confirmation of the specific information straight to the investigator.

Advantages of External Confirmations

Carrying out external confirmation tests can provide very good evidence of the

offense.

Omitted/understated liabilities can be revealed.

Omitted/overstated assets like bank balances, accounts receivables can be uncovered.

Tracing misappropriated funds to the suspects accounts.

According to ISA 505, External Confirmations should be read in conjunction with ISA 200,

Overall Objectives of the Independent Investigator and the Conduct of an Investigation in

Accordance with International Standards on Investigating. Nonetheless, the external

confirmations must not however be done according to tradition but by using proactive methods

like undercover inquiries to all with potential to provide the clues necessary for discovery.

The investigator should determine whether the use of external confirmations is necessary to

obtain sufficient appropriate investigation evidence at the assertion level. It indicates that, while

recognizing exceptions may exist, the following generalization about the reliability of

investigation evidence may be useful:

Investigation evidence is more reliable when it is obtained from independent sources

outside the entity.

11
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

Investigation evidence obtained directly by the investigator is more reliable than

investigation evidence obtained indirectly or by inference.

Investigation evidence is more reliable when it exists in documentary form.

Investigation evidence provided by original documents is more reliable than investigation

evidence provided by photocopies or facsimiles

External confirmation is the process of obtaining and evaluating investigation evidence through a

representation of information or an existing condition directly from a third party in response to a

request for information about a particular item affecting assertions in the financial statements or

related disclosures.

External confirmations are frequently used in relation to account balances and their components,

but need not be restricted to these items. The following are examples of situations where external

confirmations may be used include the following:

Bank balances and other information from bankers.

Accounts receivable balances.

Stocks held by third parties at bonded warehouses for processing or on consignment.

Property title deeds held by lawyers or financiers for safe custody or as security.

Investments purchased from stockbrokers but not delivered at the balance sheet date.

Loans from lenders.

Accounts payable balances.

12
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

Assertions Addressed by External Confirmations

External confirmation of an account receivable provides reliable and relevant investigation

evidence regarding the existence of the account as at a certain date. Confirmation also provides

investigation evidence regarding the operation of cut-off procedures. However, such

confirmation does not ordinarily provide all the necessary investigation evidence relating to the

valuation assertion, since it is not practicable to ask the debtor to confirm detailed information

relating to its ability to pay the account.

Similarly, in the case of goods held on consignment, external confirmation is likely to provide

reliable and relevant investigation evidence to support the existence and the rights and

obligations assertions, but might not provide investigation evidence that supports the valuation

assertion.

Design of the External Confirmation Request

The investigator should tailor external confirmation requests to the specific investigation

objective. When designing the request, the investigator considers the assertions being addressed

and the factors that are likely to affect the reliability of the confirmations.

Factors such as the form of the external confirmation request, prior experience on the

investigation or similar engagements, the nature of the information being confirmed, and the

intended respondent, affect the design of the requests because these factors have a direct effect

on the reliability of the investigation evidence obtained through external confirmation

procedures.

13
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

Use of Positive and Negative Confirmations

A positive external confirmation request asks the respondent to reply to the investigator in all

cases either by indicating the respondents agreement with the given information, or by asking

the respondent to fill in information

A negative external confirmation request asks the respondent to reply only in the event of

disagreement with the information provided in the request.

Management Requests

When the investigator seeks to confirm certain balances or other information, and management

requests the investigator not to do so, the investigator should consider whether there are valid

grounds for such a request, and obtain investigation evidence to support the validity of

managements requests. If the investigator agrees to managements request not to seek external

confirmation regarding a particular matter, the investigator should apply alternative investigation

procedures to obtain sufficient appropriate investigation evidence regarding that matter.

If the investigator does not accept the validity of managements request and is prevented from

carrying out the confirmations, there has been a limitation on the scope of the investigators work

and the investigator should consider the possible impact on the investigators report.

Characteristics of Respondents

The reliability of an investigation evidence provided by a confirmation is affected by the

respondents competence, independence, authority to respond, knowledge of the matter being

confirmed, and objectivity.

14
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

The External Confirmation Process

When performing confirmation procedures, the investigator should maintain control over the

process of selecting those to whom a request will be sent, the preparation and sending of

confirmation requests, and the responses to those requests. Control is maintained over

communication between the intended recipients and the investigator to minimize the possibility

that the results of the confirmation process will be biased because of the interception and

alteration of confirmation requests or responses.

No Response to a Positive Confirmation Request

The investigator should perform alternative investigation procedures where no response is

received to a positive external confirmation request. The alternative investigation procedures

should be such as to provide investigation evidence about the assertions that the confirmation

request was intended to provide.

Causes and Frequency of Exceptions

When the investigator forms a conclusion that the confirmation process and alternative

investigation procedures have not provided sufficient appropriate investigation evidence

regarding an assertion, the investigator should perform additional investigation procedures to

obtain sufficient appropriate investigation evidence. In forming the conclusion, the investigator

considers the:

a. Reliability of the confirmations and alternative investigation procedures;

15
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

b. Nature of any exceptions, including the implications, both quantitative and qualitative of

those exceptions; and

c. Investigation evidence provided by other investigation procedures.

Evaluating the Results of the Confirmation Process

The investigator should evaluate whether the results of the external confirmation process

together with the results from any other investigation procedures performed, provide sufficient

appropriate investigation evidence regarding the assertion being investigated.

External Confirmations Prior to the Year-end

When the investigator uses confirmation as at a date prior to the balance sheet to obtain

investigation evidence to support an assertion, the investigator obtains sufficient appropriate

investigation evidence that transactions relevant to the assertion in the intervening period have

not been materially misstated. Depending on the assessed risk of material misstatement, the

investigation or may decide to confirm balances at a date other than the period end, for example,

when the investigation is to be completed within a short time after the balance sheet date. As

with all types of pre-year-end work, the investigator considers the need to obtain further

investigation evidence relating to the remainder of the period. ISA 330 provides additional

guidance when investigation procedures are performed at an interim date.

Background on Investigation Evidence

The reliability of investigation evidence is evaluated based on how the support was obtained and

who it was obtained from. The most reliable form of investigation evidence comes when

independent sources provide tangible support directly to the investigators, whether in the form of

paper copies, electronic, or other mediums. In turn, support which is provided verbally from the

16
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

client is not considered as valuable to the investigator, although it may still be considered

investigation evidence.

1. One form of investigation evidence which investigators consistently utilize as

confirmation with independent entities. This process is typically done for

investigation areas which include Cash with banks;

2. Accounts receivable balances;

3. Accounts payable balances; and

4. Long term loans or liabilities.

17
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

Fraud Risk Assessment

Almost all agencies/ firms are subject to fraud risks, and need to complete a fraud risk

assessment for their agency at least every two years. An exhaustive fraud assessment needs to be

performed by division and/or function. Functions and services that need to be included in the

assessment are Finance and Accounting, Human Resources Management (payroll), Purchasing

and Contracting, and Information Technology. As a part of the assessment, agencies need to look

at control environment and information technology as both have a significant effect on fraud risk

for most functions.

A fraud risk assessment should be performed periodically to identify potential schemes and

events that need to be eradicated. It provides guidance for conducting a fraud risk assessment;

however, agencies will need to make modifications to meet their individual needs and

complexities.

An effective fraud risk management assessment should identify where fraud may occur and who

the perpetrators are. Thus, subdue activities should always consider both the fraud scheme and

the individuals within and outside the organization who could be the perpetrators of each

scheme. If the scheme is collusive, preventive controls should be augmented by detective

controls, since conspiracy interferes with the controls effectiveness of segregation of duties.

Fraud, by definition, entails intentional misconduct, intended to dodge a detection. For instance,

the fraud assessment should foresee the behavior of a potential perpetrator. Ideally, it is vital to

design fraud detection procedures that a perpetrator may not anticipate; it needs a cynical attitude

and entails asking questions such as:

18
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

How can a fraud executor abuse weakness in the system of controls?

How can a perpetrator circumvent controls in an organization?

What can a perpetrator do to hide the fraud?

With this in mind, a fraud risk assessment generally includes three key elements:

Identify inherent fraud risks.

Evaluate the probability and consequence of intrinsic fraud risk.

Respond to reasonably likely and significant inherent and residual fraud risks.

How to Follow Risk Assessment Procedures in fraud Audit

When performing an audit, you use risk assessment procedures to assess the risk that material

misstatement actually took place. It is the most important step since the whole point of a

financial statement audit is finding out if the financial statements are materially correct.

A clients contribution to audit risk; the risk of a material misstatement existing in the

financial records due to errors and fraud influences your firms plans regarding what audit

evidence is necessary and which personnel will be assigned to the task. The higher the risk the

more the need for more involved audit risk procedures.

How exactly do you perform a risk assessment audit? You may follow various risk assessment

procedures, such as recognizing the nature of the company, its management alongside

performing analytical procedures. Upon running through all applicable risk-assessment

procedures, one must use the results in figuring out how high the chance is that your client has

material financial-statement mistakes/ mischiefs. Nonetheless, not every mistake is important.

19
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

Recognizing the nature of the company: There should be some crucial questions to ask

the client during your risk assessment procedures.

Examining the quality of company management: Inept management thats

lackadaisical about following or enforcing company policies and procedures encourage

that lax attitude throughout the organization.

Asking employees for information: When asking for information, as an auditor or

investigator, must talk to many different employees in the organization besides

management.

Analyzing processes and paperwork: That is, use the analytical procedures test to see if

plausible and expected relationships exist in both financial and nonfinancial data.

Observing the client at work: One common type of observation is to watch the staff

take a count of physical inventory.

Fraud Risk Assessment is also referred to as Proactive Fraud Audit. It is a deliberate and well

planned search of loopholes and fraud without prior warning of any wrong doing.

20
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

Progress Test: 10 multiple choice questions

1. Evidence is anything aimed at proving a fact.

A. True

B. False

2. What is the name given to scientific data when used in a courtroom setting to establish
the connection of a person to a crime?
A. Evidence

B. Testimony

C. Hearsay

D. Witness

3. The Primary Purpose of Forensic evidence in a criminal trial is to:

A. Figure out what happened

B. To physically link the defendant to the crime scene, thereby providing inferential

evidence of his/ her commission or association with the crime.

C. March the evidence to the suspect or victim.

D. To support the suspect

4. Facts or opinions generated or supported by the use of one or more of the forensic
sciences is called:

A. Evidence

B. Forensic evidence

C. Application of forensic science

D. Generation

21
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

5. The following are risk assessment procedures. Which one is not?

A. Recognizing the nature of the company

B. Examining the quality of company management:

C. Asking employees for information.

D. Inciting the employees of the company

6. When performing an audit, you use risk assessment procedures to assess the risk that
material misstatement actually took place.
A. True

B. False

7. When performing confirmation procedures, the investigator should maintain control over the
process of selecting those to whom a request will be sent.
A. Yes

B. No
8. A negative external confirmation request asks the respondent to reply only in the event of
disagreement with the information provided in the request.
A. Yes

B. No
9. External Confirmation also provides investigation evidence regarding the operation of cut-
off procedures.
A. Yes

B. No
10. Investigation evidence availed by the original documents may be more reliable than
investigation evidence availed by photocopies or facsimiles.
A. Yes

B. No

22
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

Appendix 1

EVIDENCE CHAIN OF CUSTODY TRACKING FORM

Property Record Number:
________________________

Anywhere Police Department

EVIDENCE CHAIN OF CUSTODY TRACKING FORM
Case Number: ________________________ Offense: ______________________________
Submitting Officer: (Name/ID#) _______________________________________________
Victim: ______________________________________________________________________
Suspect: _____________________________________________________________________
Date/Time Seized: __________________Location of Seizure: ______________________
Description of Evidence
Item # Quantity Description of Item(Model, Serial #, Condition, Marks, Scratches)

Chain of Custody
Item # Date/Time Released by Received by Comments/Location
(Signature & ID#) (Signature & ID#)

APD_Form_#PE003_v.1 (12/2012) Page 1 of 2 pages (See

back)

23
 All copy and transmission rights reserved by the IICFIP USA, Incorporation

EVIDENCE CHAIN-OF-CUSTODY TRACKING FORM (Continued)

Chain of Custody
Item # Date/Time Released by Received by Comments/Location
(Signature & ID#) (Signature & ID#)

Final Disposal Authority

Authorization for Disposal
Item(s) #: __________ on this document pertaining to (suspect): ____________________________________________
is(are) no longer needed as evidence and is/are authorized for disposal by (check appropriate disposal method)
Return to Owner Auction/Destroy/Divert
Name & ID# of Authorizing Officer: ____________________________ Signature: ______________________Date: _______________

Witness to Destruction of Evidence

Item(s) #: __________ on this document were destroyed by Evidence Custodian ___________________________ID#:______
in my presence on (date) __________________________.
Name & ID# of Witness to destruction: ________________________ Signature: ______________________Date: _______________

Release to Lawful Owner

Item(s) #: __________ on this document was/were released by Evidence Custodian ________________________ID#:_________ to
Name _____________________________________________________________________________
Address: ________________________________________________ City: ____________________State: _______ Zip Code: __________
Telephone Number: (_____) ___________________________________
Under penalty of law, I certify that I am the lawful owner of the above item(s).

Signature: _______________________________________________________ Date: __________________________

Copy of Government-issued photo identification is attached. Yes No

This Evidence Chain-of-Custody form is to be retained as a permanent record by the Anywhere Police Department.

Form 1: EVIDENCE CHAIN OF CUSTODY TRACKING FORM

APD_Form_#PE003_v.1 (12/2012) Page 2 of 2 pages (See

front)

24