Home > Resources > Legal Tools
computer forensic investigation
Sample Interrogatories for Electronic Discovery

The following questions should serve as a guideline in ascertaining relevant insight into electronic information that may hold relevance to a legal matter and facilitate a valuable understanding of the Plaintiff's or Defendant's technology infrastructure, yielding sources of electronic evidence critical to your litigation.

Topic 1: Information Technology (IT) & Information System (IS) Personnel
  1. List all IT and IS personnel and technical staff that is or has been responsible for managing and maintaining the technology infrastructure of [Plaintiff / Defendant] for the period _____ to _____, including, but not limited to desktop computers, servers, personal digital assistants (PDAs), portable computers, laptop computers, and other electronic devices. Include contact information such as full name, job position, job description, and list of duties.
  2. List employees formally or loosely assigned to subgroups within the IT and IS departments, such as network engineering, software development, emergency response, quality assurance, troubleshooting, etc.

Topic 2: Network Architecture

  1. Describe any and all groups of connected computer systems that permit users to share information and transfer data, including, but not limited to local area networks (LANs), wide area networks (WANs), client-server networks, virtual private networks (VPNs), and storage area networks (SANs).
  2. List any and all components and network resources that establish and maintain the network environment, including, but not limited to, routers, switches, hubs, bridges, firewalls, proxies, etc.
  3. Describe any and all third-party connectivity between the computer systems and network environment of [Plaintiff / Defendant], including the type of information that is shared, manner in which information is transferred, and contact lists of internal and external individuals who have authorization to transfer information into or out of [Plaintiff / Defendant] network environment.

Topic 3: Computer Hardware

  1. Identify each computer system that is or has been used by employees for the period _____ to _____, including, but not limited to, desktop computers, servers, personal digital assistants (PDAs), portable computers, laptop computers, and other electronic devices. Include descriptions of equipment and any peripheral technology attached to the computer system.
  2. Describe the Internet and intranet connectivity of each computer system, including, but not limited to, client-server communications and client-client communications facilitated through modem, network, or direct connection.
  3. List all hardware or software modifications made to computer systems in use during the period _____ to _____, including, but not limited to, dates of modifications, software and hardware titles, version numbers, contact information of IT or IS personnel performing the modification, and location of data backups taken prior to modification.
  4. Identify any and all specific computer systems that have been used to create, modify, or store electronic information relevant to this legal matter.

Topic 4: Computer Software

  1. List all operating systems installed on all computer systems in use by [Plaintiff / Defendant], including, but not limited to, Microsoft Windows, Linux, Unix, DOS, etc.
  2. List the title and version number of any and all software installed or executed on the computer systems used by [Plaintiff / Defendant] during the period ____ to _____.

Topic 5: Electronic Mail Communication

  1. Describe all server- and workstation-based software in use or used to facilitate the transmission of email during the period ____ to _____.
  2. Identify all hardware in use or used to facilitate the transmission or storage of email during the period ____ to _____.
  3. List all email accounts in use during the period ____ to _____.
  4. Describe the policies, procedures, and technology employed to backup and archive email messages during the period ____ to _____.
  5. Describe any email-based encryption algorithms in place.
  6. List all emails, senders, and recipients of email currently known to be relevant to this legal matter.

Topic 6: Data Backups, Archives, and Removable Media

  1. Describe the policies and procedures governing the use of removable media, such as CD-ROMs, zip disks, floppy disks, tape drives, removable hard drives, etc., associated with [Plaintiffs / Defendants] computer systems or network.
  2. Describe the policies and procedures for performing data backups on all computer systems as well as the hardware and software employed during the period ____ to _____.
  3. List any and all removable media utilized to store data during the period ____ to _____.
  4. List all IT and IS personnel responsible for conducting data backups and the arching of electronic information during the period ____ to _____.
  5. Identify all removable media that is known to contain information relevant to this legal matter.

Topic 7: Telephone System

  1. Describe the elements of your telephone and voice messaging system, including all hardware, software, and third-party service providers.
  2. Identify any and all voice messaging records for [Name] during the period ____ to _____, including, but not limited to, caller message recordings, voice recordings, computer voice mail files, outgoing voice recordings, unified messaging files, etc.
  3. Identify any and all telephone use records for [Name] during the period ____ to _____, including logs of outgoing and incoming calls.

Topic 8: Miscellaneous Sources for Electronic Evidence

  1. Describe any and all network, server, and workstation based log files that were generated during the period ____ to _____.
  2. Describe the policies and procedures governing employee use of Internet newsgroups, chat rooms, or instant messaging on [Plaintiffs / Defendants] computer systems.
  3. List any and all portable electronic devices owned and operated by [Name] but used in the performance of his/her employment with [Plaintiffs / Defendants].

Topic 9: Destruction of Information

  1. Describe the policies and procedures pertaining to data retention and list all information scheduled for deletion during the period ____ to _____.
  2. Describe all hardware or software utilized to facilitate the deletion of data subject to data retention policies and procedures.
  3. List any and all servers, workstations, or electronic devices that has had its hard drive reformatted or replaced during the period ____ to _____.
  4. Identify any and all information deleted, physically destroyed, corrupted, damaged, lost, or overwritten, either pursuant to the data retainer policies and procedures or not, that was relevant to this legal matter.
  5. Identify any and all information deleted, physically destroyed, corrupted, damaged, lost, or overwritten, either pursuant to the data retainer policies and procedures or not, that took place since the initiation of this legal matter.
 

About Us  |  Services  |  Resources  |  Headlines  |  Partners

Contact Us  |  Site Map  |  Legal Notices