Chain of custody is the process of tracking the handing and movement of all evidence or items. This process is done from the time they are collected until they are presented in court or reach their intended final destinations. Chain of custody ensures that evidence has been properly managed and documented to maintain its integrity and reliability.

When evidence it should be done in a very systematically method. If possible, have one person be responsible for doing this as it will be less prone to errors, no confusion or possibility of losing or missing pieces of evidence. 

If the job requires multiple people to collect evidence due to being a larger task a single person should take the lead. Also, the operating procedures should be agreed upon before starting.

This is the process in a forensic investigation that involves carefully collecting, documenting and preserving the evidence. When collecting the evidence you will want to document/photograph how each computer system is set (think cables/devices plugged in). Ensure that evidence tags are applied to each piece of hardware and are properly filled out. Place each item in an anti-static bag and then seal it.

The document to the right is a sample chain of custody form provided by NIST. I only converted it to a Google Doc.