Skip to content

PCI Exam Domains and Knowledge Statements


Task 1: A​​nalyze case for applicable ethical conflicts 
  1. ​Nature/types/categories of ethical issues related to cases (e.g., fiduciary, conflict of interest, attorney-client) 
  2. The role of laws, codes, regulations and organizational governance in conducting investigations
Task 2: Analyze and assess case elements, strategies, and risks 
  1. ​Case categories (e.g., computer, white collar, financial, criminal, workplace violence) 
  2. Qualitative and quantitative analytical methods and tools 
  3. Strategic/operational analysis 
  4. Criminal intelligence analysis NEW
  5. Risk identification a​nd impact NEW
  6. ASIS Workplace Violence standard NEW
Task 3: Determine investigative goals and develop strategy by reviewing procedural options 
  1. ​Case flow 
  2. Negotiation process 
  3. Investigative methods 
  4. Cost-benefit analysis
Task 4: Determine and manage investigative resources necessary to address case objectives 
  1. ​Quality assurance process 
  2. Chain of custody procedures 
  3. Resource requirements and allocation (e.g., personnel, equipment, time, budget) NEW
Task 5: Identify, evaluate, and implement investigative process improvements 
  1. ​Internal review (e.g., management, legal, human resources) NEW
  2. External review (e.g. regulatory bodies, accreditation agency) NEW
  3. Liaison resources NEW
  4. Root cause analysis and process improvement techniques NEW


Task 1: Conduct surveillance by physical, behavioral, and electronic means in order to obtain relevant information 
  1. ​Types and methods of surveillance 
  2. Surveillance equipment  
  3. Pre-surveillance routines 
  4. Procedures for documenting surveillance activities
Task 2: Conduct interviews of individuals to obtain relevant information  
  1. ​Interview techniques 
  2. Indicators of deception (e.g., non-verbal communication) 
  3. Subject statement documentation
Task 3: Collect and preserve potential evidentiary material for assessment and analysis 
  1. ​Forensic opportunities and resources 
  2. Requirements of chain of custody 
  3. Methods/procedures for seizure of various types of evidence 
  4. Methods/procedures for preserving various types of evidence 
  5. Concepts and principles of digital forensics NEW
  6. Retrieval, storage, and documentation of digital information NEW
  7. Concepts and principles of computer operations and digital media NEW
Task 4: Conduct research by physical and electronic means to obtain relevant information 
  1. ​Methods of research using physical resources 
  2. ​Methods of research using information technology NEW
  3. Methods of analysis of research results 
  4. Research documentation NEW
  5. Information sources (e.g., government, proprietary, open) NEW
  6. Digital media capabilities NEW
Task 5: Collaborate with and obtain information from other agencies and organizations possessing relevant information NEW
  1. ​External information sources 
  2. Liaison techniques 
  3. Techniques for integrating and synthesizing external information 
Task 6: Use special investigative techniques to obtain relevant information 
  1. ​Concepts and principles of polygraph examinations 
  2. Concepts, principles and methods of video/audio recordings 
  3. Concepts, principles and methods of forensic analysis (e.g., writing, documents, fingerprints, DNA, biometrics, chemicals, fluids, etc.) 
  4. Concepts, principles and methods of undercover investigations 
  5. Concepts, principles, and methods of threat assessment 
  6. Use of confidential sources 
  7. Concepts, principles, and methods of applying IT hardware and software tools NEW

DOMAIN THREE: CASE PRESENTATION (15% of examination)  

Task 1: Prepare report to substantiate​ investigative findings 
  1. ​Critical elements and format of an investigative report 
  2. Investigative terminology 
  3. Logical sequencing of information
Task 2: Prepare and present testimony 
  1. ​Types of testimony 
  2. Preparation for testimony