有鑑於我國的現行法規制度下，數位(資安)鑑識尚未明確專章立法(雖然資通安全管理法於 107 年 05 月 11 日立法院三讀通過，並於今(108)年 1 月 1 日施行)，偵查機關對於數位(資安)鑑識之規範、標準、程序及方法論亦無從遵循，藉由蒐集國內外數位(資安)證據、數位(資安)鑑識機制(如 DEFSOP, Forensics Computing 4P’s Model)、國際標準作業程序等文獻，並參考 ISO/IEC27037:2012、ISO/IEC27041:2015、ISO/IEC 27042:2015 及ISO/IEC 27043:2015 等國際標準程序之管理要項及指引，整合數位鑑識作業程序進行研究及探討對應，且以國內學者林宜隆教授所提出數位證據鑑識標準程序(DEFSOP)四個階段（原理概念階段、準備階段、操作階段、報告階段）為基礎，建立一套完整行動鑑識標準作業程序（DEFSOP for Mobile Forensics，DEFSOP-MF），透過刑事警察局局破獲之實際案例加以驗證，輔以標準作業程序來驗證、還原整個資安(犯罪)事件，希冀讓偵查及資安人員從整個案件之偵查流程(What to do)、偵查作為(How to do )，來瞭解鑑識的重點及方向(Why to do )，提供資安(犯罪)事件處置的原則與準則證明不僅強化數位(資安)證據蒐集和舉證，並確保資安落實，提升數位(資安)證據在法庭上之有效性(含證據能力及證明力)及公信力之目標外，更可在未來針對資安事件(如 ISIM:ISO27035:2016 及資通安全管理法之六大相關子法)做有效之預防機制及應變處置。

In view of our country's current legal system, the digital forensics (cyber) is not clear the special chapter legislation, the investigative agency are not in compliance with the norms, standards and procedures for the identification of digital (cyber), by collecting the literatures of the domestic and foreign digital (cyber) evidence, the digital (cyber) mechanism, the International standard operating procedure, and the ISO/IEC 27037:2012, ISO/IEC 27041:2015, ISO/IEC 27042:2015 and 27043:2015, the management of international standard procedures and guidelines, integrated digital forensics procedures to study the corresponding, based on the four stages (principle concept stage, preparation stage, operation stage, reporting stage) of the Digital Evidence Forensics Standard Operating Procedure (DEFSOP) presented by the domestic scholar Professor I-Long Lin, a complete set of Mobile Forensics standard operating procedures (DEFSOP for Mobile Forensics, DEFSOP- MF) is developed, Expect to the investigators and cyber personnel can understand the focus and direction of forensics (why to do) from the investigation process (what to do) and the investigation action (how to do) of the whole case, not only to strengthen the digital (cyber) evidence and proof, and to ensure the implementation of the security, enhance the digital (cyber) evidence in the court of evidence, proof and credibility of the target, but also in the future for the incidents to do an effective preventive mechanism and contingency disposal.