In simple terms, computer or digital forensic evidence analysis is the scientific collection of data that is either retrieved or retained by a computer storage device that can be used against a criminal in court. For information to be used in court, it must be collected before presentation; therefore, a number of recommendations are proposed to ensure that the information collected maintains the desired integrity. Information collected digitally from computers or media storage applications has protocols that must be followed during the process. The order of digital information collection primarily determines the lifespan of the collected information (Eoghan, 2004, p. 74). It is necessary to change the information collection procedures because there are changes in the IT field. In this regard, all information collected is sometimes determined by the type of tools and instruments provided by the providers. Investigative agencies should take care to ensure that they engage the services of competent suppliers who are up to date with current technology and provide their instruments at an attractive price (Eoghan, 2004, p. 74). Vendors and collection agencies need to understand that current technology has removable storage. devices where information can be stored and cannot be retrieved from hard drives (Eoghan & Gerasimos, 2008, p. 93). There is also malware that can be stored in RAM and cannot be traced to hard drives, which means that information gathering instruments and strategies must be designed in such a way that they surpass the tricks of storage and of data theft (Eoghan & Gerasimos, 2008, p. 93). From experience, when manipulating computers, it is possible to decipher the trick generated using the middle of a sheet of paper...... any reasonable doubt as to the responsibility of the accused for the crime of which he is accused . One of the oversights that can occur when collecting digital evidence is that digital storage devices are intact and cannot lose the collected data; To overcome this oversight, it is important to have a backup of all information collected about a crime. ReferencesCarrier, BD (2006). Risks of Live Digital Forensics. Communications of the ACM, 49(2), 56-61.Eoghan, C. (2004). Digital Evidence and Computer Crime, 2nd ed. London, UK: Elsevier. Eoghan, C. and Gerasimos, S. (2008). The impact of full disk encryption on digital forensics. Operating Systems Review, 42(3), 93-98. Henry, P. (September 12, 2009). Best practices for collecting digital evidence. Retrieved from http://computer-forensics.sans.org/blog/2009/09/12/best-practices-in-digital-evidence-collection/