The specification of standardised processes with information related to the custody of digital evidence related to CBRNE events is a crucial issue today. The integrity of the evidence must be maintained, from its initial discovery to the subsequent submission to the court. This means it is essential to follow standardised procedures to ensure data quality while preserving the chain of custody. Each link (or step) in the chain (or process) is essential to ensure the legitimacy, integrity, and inspection of the collected CBRNE samples. The paper stipulates that each piece of evidence should be considered from the perspective of source, creator, time, location, and reason to guide the digital evidence review process. This means that as long as one of the intervenient actors keeps the digital evidence, a digital chain of custody (dCoC) will be established. The guidelines provided for the dCoC workflow are designed to establish basic practices that participants in forensic operations should follow as part of standard operating procedures for effective and reliable audits of custody transfers.