As ISO/IEC 27037 addresses the digital evidence management process, but all these processes concern the traditional digital environment. But as with the development of the cloud the scenario has changed a lot. Cloud computing presents investigators with new challenges. These challenges may include various issues such as virtualization of servers in multiple locations, dependency on CSP for accessing logs etc. Thus in the document "Mapping the Forensic Standard ISO/IEC 27037 to Cloud Computing" which was provided by the incident management and forensics working group of the Cloud Security Alliance, an organization dedicated to the development and improvement of the cloud. This paper has attempted to address the issues of how to manage evidence in the cloud environment. They also tried to explain how ISO/IEC 27037 can be used effectively in a cloud environment. Using this document I have tried to explain how to mitigate the impact the cloud is having on computer forensics. So, with reference to that document, I tried to explain the identification, collection, acquisition and preservation of evidence from the cloud environment. There are four stages, as mentioned in ISO 27037, for the purposes of collecting and analyzing evidence: identification, collection, acquisition and preservation. So here we will address all these methods in the cloud computing environment [21].5.1.1 IdentificationIdentification of objects that can be used as potential evidence is the initial stage of the investigation. In a standard environment it is very simple to identify any device or object that can be used as evidence. But in case of cloud this is not so simple. So, with reference to this document, a solution to this problem has been suggested. The documents or devices that can be identified as potential evidence vary depending on the service levels as the cloud provides three types of services SaaS, PaaS and IaaS. So for each of these service levels the identification of evidence and sources that can be used as evidence will be different. In software as a service (SaaS), the following level can be identified as evidence• Application logs • Session logs • IP addresses • Activity logs All of these mentioned above can be used as potential evidence for investigative purposes. Since application logs will store information about what activity was performed by these applications, who used that application, etc. Session logs will store information regarding the time of sessions when the session was created and ended. The user's IP address can be used as evidence as it will tell us who the user was and from what location the service was used.