ISO 15489-1:2001
(Main)Information and documentation — Records management — Part 1: General
Information and documentation — Records management — Part 1: General
Information et documentation — «Records management» — Partie 1: Principes directeurs
La présente partie de l'ISO 15489 constitue un guide pour l'organisation et la gestion des documents d'archives) des organismes, publics ou privés, pour le compte de clients internes ou externes. Tous les éléments constitutifs de la présente partie de l'ISO 15489 visent à ce que les documents soient créés, archivés et organisés d'une manière pertinente. Les procédures propres à assurer l'organisation et la gestion des documents selon les principes et les éléments constitutifs de la présente partie de l'ISO 15489 sont présentées dans l'ISO/TR 15489-2 (Guide pratique). La présente partie de l'ISO 15489 - vise l'organisation et la gestion des documents, quels que soient leur forme ou leur support, produits ou reçus par tout organisme, public ou privé, dans l'exercice de ses activités, ou par toute personne physique ayant la responsabilité de produire ou de conserver des documents d'archives, - constitue un guide pour définir les responsabilités des organismes vis à vis de leurs documents d'archives et les politiques, procédures, systèmes et méthodes afférents, - constitue un guide pour le «Records management» en tant que soutien d'une démarche qualité, en accord avec l'ISO 9001 et l'ISO 14001, - constitue un guide pour la conception et la mise en ceuvre d'un système d'archivage, - mais n'inclut pas l'organisation et la gestion des archives historiques au sein des institutions d'archives. La présente partie de l'ISO 15489 est destinée - aux dirigeants des organismes, - aux professionnels du document d'archives et des technologies de l'information, - à l'ensemble du personnel des organismes, - ainsi qu'à toute personne physique ayant la responsabilité de créer et archiver des documents.
Informatika in dokumentacija – Upravljanje zapisov – 1. del: Splošno
General Information
Relations
Buy Standard
Standards Content (Sample)
INTERNATIONAL ISO
STANDARD 15489-1
First edition
2001-09-15
Information and documentation — Records
management —
Part 1:
General
Information et documentation — «Records management»
Partie 1: Principes directeurs
Reference number
ISO 15489-1:2001(E)
©
ISO 2001
---------------------- Page: 1 ----------------------
ISO 15489-1:2001(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not
be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this
file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat accepts no liability in this
area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters
were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event
that a problem relating to it is found, please inform the Central Secretariat at the address given below.
© ISO 2001
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic
or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISO's member body
in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.ch
Web www.iso.ch
Printed in Switzerland
ii © ISO 2001 – All rights reserved
---------------------- Page: 2 ----------------------
ISO 15489-1:2001(E)
Contents Page
Foreword.v
Introduction.vi
1 Scope.1
2 Normative references.1
3 Terms and definitions .2
4 Benefits of records management.4
5 Regulatory environment.4
6 Policy and responsibilities .5
6.1 General.5
6.2 Policy.5
6.3 Responsibilities.5
7 Records management requirements .6
7.1 Principles of records management programmes.6
7.2 Characteristics of a record .7
7.2.1 General.7
7.2.2 Authenticity.7
7.2.3 Reliability.7
7.2.4 Integrity.7
7.2.5 Useability.7
8 Design and implementation of a records system .8
8.1 General.8
8.2 Records systems characteristics.8
8.2.1 Introduction.8
8.2.2 Reliability.8
8.2.3 Integrity.9
8.2.4 Compliance.9
8.2.5 Comprehensiveness.9
8.2.6 Systematic.9
8.3 Designing and implementing records systems.9
8.3.1 General.9
8.3.2 Documenting records transactions .9
8.3.3 Physical storage medium and protection .9
8.3.4 Distributed management.10
8.3.5 Conversion and migration .10
8.3.6 Access, retrieval and use .10
8.3.7 Retention and disposition.10
8.4 Design and implementation methodology.10
8.5 Discontinuing records systems .11
9 Records management processes and controls .11
9.1 Determining documents to be captured into a records system .11
9.2 Determining how long to retain records .11
9.3 Records capture.12
9.4 Registration.13
9.5 Classification.13
9.5.1 Classification of business activities.13
9.5.2 Classification systems.14
© ISO 2001 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO 15489-1:2001(E)
9.5.3 Vocabulary controls.14
9.5.4 Indexing.14
9.5.5 Allocation of numbers and codes.14
9.6 Storage and handling.14
9.7 Access.14
9.8 Tracking.15
9.8.1 General.15
9.8.2 Action tracking.15
9.8.3 Location tracking.15
9.9 Implementing disposition.16
9.10 Documenting records management processes .16
10 Monitoring and auditing.17
11 Training.17
Index.18
iv © ISO 2001 – All rights reserved
---------------------- Page: 4 ----------------------
ISO 15489-1:2001(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO
member bodies). The work of preparing International Standards is normally carried out through ISO technical
committees. Each member body interested in a subject for which a technical committee has been established has
the right to be represented on that committee. International organizations, governmental and non-governmental, in
liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical
Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 3.
The main task of technical committees is to prepare International Standards. Draft International Standards adopted
by the technical committees are circulated to the member bodies for voting. Publication as an International
Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this part of ISO 15489 may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 15489-1 was prepared by Technical Committee ISO/TC 46, Information and documentation, Subcommittee
SC 11, Archives/records management.
ISO 15489 consists of the following parts, under the general title Information and documentation — Records
management:
Part 1: General
Part 2: Guidelines [Technical Report]
© ISO 2001 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO 15489-1:2001(E)
Introduction
The standardization of records management policies and procedures ensures that appropriate attention and
protection is given to all records, and that the evidence and information they contain can be retrieved more
efficiently and effectively, using standard practices and procedures.
This part of ISO 15489 was developed in response to consensus among participating ISO member countries to
standardize international best practice in records management using the Australian Standards AS 4390, Records
management as its starting point.
This International Standard is accompanied by a Technical Report (ISO/TR 15489-2) that is recommended for use
with it. ISO/TR 15489-2 provides further explanation and implementation options for achieving the outcomes of this
International Standard. It also includes a bibliography.
vi © ISO 2001 – All rights reserved
---------------------- Page: 6 ----------------------
INTERNATIONAL STANDARD ISO 15489-1:2001(E)
Information and documentation — Records management —
Part 1:
General
1 Scope
1)
This part of ISO 15489 provides guidance on managing records of originating organizations, public or private, for
internal and external clients.
All the elements outlined in this part of ISO 15489 are recommended to ensure that adequate records are created,
captured and managed. Procedures that help to ensure the management of records according to the principles and
elements outlined in this part of ISO 15489 are provided in ISO/TR 15489-2 (Guidelines).
This part of ISO 15489
applies to the management of records, in all formats or media, created or received by any public or private
organization in the conduct of its activities, or any individual with a duty to create and maintain records,
provides guidance on determining the responsibilities of organizations for records and records policies,
procedures, systems and processes,
provides guidance on records management in support of a quality process framework to comply with ISO 9001
and ISO 14001,
provides guidance on the design and implementation of a records system, but
does not include the management of archival records within archival institutions.
This part of ISO 15489 is intended for use by
managers of organizations,
records, information and technology management professionals,
all other personnel in organizations, and
other individuals with a duty to create and maintain records.
2 Normative references
The following normative documents contain provisions which, through reference in this text, constitute provisions of
this part of ISO 15489. For dated references, subsequent amendments to, or revisions of, any of these publications
do not apply. However, parties to agreements based on this part of ISO 15489 are encouraged to investigate the
1) In some countries, the management of records also applies to archives management. Archives management is not covered
in this part of ISO 15489.
© ISO 2001 – All rights reserved 1
---------------------- Page: 7 ----------------------
ISO 15489-1:2001(E)
possibility of applying the most recent editions of the normative documents indicated below. For undated
references, the latest edition of the normative document referred to applies. Members of ISO and IEC maintain
registers of currently valid International Standards.
2)
ISO 5127:— , Information and documentation — Vocabulary
ISO 9001, Quality management systems — Requirements
ISO 14001, Environmental management systems — Specification with guidance for use
3 Terms and definitions
For the purposes of this part of ISO 15489, the following terms and definitions apply. For terms not included here,
see ISO 5127.
3.1
access
right, opportunity, means of finding, using, or retrieving information
3.2
accountability
principle that individuals, organizations, and the community are responsible for their actions and may be required to
explain them to others
3.3
action tracking
process in which time limits for actions are monitored and imposed upon those conducting the business
3.4
archival authority
archival agency
archival institution
archival programme
agency or programme responsible for selecting, acquiring and preserving archives, making them available, and
approving destruction of other records
3.5
classification
systematic identification and arrangement of business activities and/or records into categories according to logically
structured conventions, methods, and procedural rules represented in a classification system
3.6
classification system
SEE classification (3.5)
3.7
conversion
process of changing records from one medium to another or from one format to another
SEE migration (3.13)
3.8
destruction
process of eliminating or deleting records, beyond any possible reconstruction
2) To be published. (Revision of all previous parts of ISO 5127)
2 © ISO 2001 – All rights reserved
---------------------- Page: 8 ----------------------
ISO 15489-1:2001(E)
3.9
disposition
range of processes associated with implementing records retention, destruction or transfer decisions which are
documented in disposition authorities or other instruments
3.10
document, noun
recorded information or object which can be treated as a unit
3.11
indexing
process of establishing access points to facilitate retrieval of records and/or information
3.12
metadata
data describing context, content and structure of records and their management through time
3.13
migration
act of moving records from one system to another, while maintaining the records' authenticity, integrity, reliability
and useability
SEE conversion (3.7)
3.14
preservation
processes and operations involved in ensuring the technical and intellectual survival of authentic records through
time
3.15
records
information created, received, and maintained as evidence and information by an organization or person, in
pursuance of legal obligations or in the transaction of business
3.16
records management
field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use
and disposition of records, including processes for capturing and maintaining evidence of and information about
business activities and transactions in the form of records
3.17
records system
information system which captures, manages and provides access to records through time
3.18
registration
act of giving a record a unique identifier on its entry into a system
3.19
tracking
creating, capturing and maintaining information about the movement and use of records
3.20
transfer
〈custody〉 change of custody, ownership and/or responsibility for records
3.21
transfer
〈movement〉 moving records from one location to another
© ISO 2001 – All rights reserved 3
---------------------- Page: 9 ----------------------
ISO 15489-1:2001(E)
4 Benefits of records management
Records management governs the practice both of records managers and of any person who creates or uses
records in the course of their business activities. Records management in an organization includes
a) setting policies and standards,
b) assigning responsibilities and authorities,
c) establishing and promulgating procedures and guidelines,
d) providing a range of services relating to the management and use of records,
e) designing, implementing and administering specialized systems for managing records, and
f) integrating records management into business systems and processes.
Records contain information that is a valuable resource and an important business asset. A systematic approach to
the management of records is essential for organizations and society to protect and preserve records as evidence
of actions. A records management system results in a source of information about business activities that can
support subsequent activities and business decisions, as well as ensuring accountability to present and future
stakeholders. Records enable organizations to
conduct business in an orderly, efficient and accountable manner,
deliver services in a consistent and equitable manner,
support and document policy formation and managerial decision making,
provide consistency, continuity and productivity in management and administration,
facilitate the effective performance of activities throughout an organization,
provide continuity in the event of a disaster,
meet legislative and regulatory requirements including archival, audit and oversight activities,
provide protection and support in litigation including the management of risks associated with the existence of,
or lack of, evidence of organizational activity,
protect the interests of the organization and the rights of employees, clients and present and future
stakeholders,
support and document current and future research and development activities, developments and
achievements, as well as historical research,
provide evidence of business, personal and cultural activity,
establish business, personal and cultural identity, and
maintain corporate, personal or collective memory.
5 Regulatory environment
All organizations need to identify the regulatory environment that affects their activities and requirements to
document their activities. The policies and procedures of organizations should reflect the application of the
regulatory environment to their business processes. An organization should provide adequate evidence of its
compliance with the regulatory environment in the records of its activities.
4 © ISO 2001 – All rights reserved
---------------------- Page: 10 ----------------------
ISO 15489-1:2001(E)
The regulatory environment consists of
a) statute and case laws, and regulations governing the sector-specific and general business environment,
including laws and regulations relating specifically to records, archives, access, privacy, evidence, electronic
commerce, data protection and information,
b) mandatory standards of practice,
c) voluntary codes of best practice,
d) voluntary codes of conduct and ethics, and
e) identifiable expectations of the community about what is acceptable behaviour for the specific sector or
organization.
The nature of the organization and the sector to which it belongs will determine which of these regulatory elements
(individually or in combination) are most applicable to that organization's records management requirements.
6 Policy and responsibilities
6.1 General
An organization seeking to conform to this part of ISO 15489 should establish, document, maintain and promulgate
policies, procedures and practices for records management to ensure that its business need for evidence,
accountability and information about its activities is met.
6.2 Policy
Organizations should define and document a policy for records management. The objective of the policy should be
the creation and management of authentic, reliable and useable records, capable of supporting business functions
and activities for as long as they are required. Organizations should ensure that the policy is communicated and
implemented at all levels in the organization.
The policy should be adopted and endorsed at the highest decision-making level and promulgated throughout the
organization. Responsibility for compliance should be assigned.
The policy should be derived from an analysis of business activities. It should define the areas where legislation,
regulations, other standards and best practices have the greatest application in the creation of records connected
to business activities. In doing so, organizations should take into account their organizational environment and
economic considerations. Policies should be regularly reviewed to ensure that they reflect current business needs.
6.3 Responsibilities
Records management responsibilities and authorities should be defined and assigned, and promulgated
throughout the organization so that, where a specific need to create and capture records is identified, it should be
clear who is responsible for taking the necessary action. These responsibilities should be assigned to all
employees of the organization, including records managers, allied information professionals, executives, business
unit managers, systems administrators and others who create records as part of their work, and should be reflected
in job descriptions and similar statements. Specific leadership responsibility and accountability for records
management should be assigned to a person with appropriate authority within the organization. Designations of the
responsible individuals may be assigned by law.
Such responsibilities should include statements such as the following.
a) Records management professionals are responsible for all aspects of records management, including the
design, implementation and maintenance of records systems and their operations, and for training users on
records management and records systems operations as they affect individual practices.
© ISO 2001 – All rights reserved 5
---------------------- Page: 11 ----------------------
ISO 15489-1:2001(E)
b) Executives are responsible for supporting the application of records management policies throughout the
organization.
c) Systems administrators are responsible for ensuring that all documentation is accurate, available and legible to
personnel when required.
d) All employees are responsible and accountable for keeping accurate and complete records of their activities.
Archival authorities may be involved in the process of planning and implementing records management policies
and procedures.
7 Records management requirements
7.1 Principles of records management programmes
3)
Records are created, received and used in the conduct of business activities . To support the continuing conduct
of business, comply with the regulatory environment, and provide necessary accountability, organizations should
create and maintain authentic, reliable and useable records, and protect the integrity of those records for as long as
required. To do this, organizations should institute and carry out a comprehensive records management
programme which includes
a) determining what records should be created in each business process, and what information needs to be
included in the records,
b) deciding in what form and structure records should be created and captured, and the technologies to be used,
c) determining what metadata should be created with the record and through records processes and how that
metadata will be persistently linked and managed,
d) determining requirements for retrieving, using and transmitting records between business processes and other
users and how long they need to be kept to satisfy those requirements,
e) deciding how to organize records so as to support requirements for use,
f) assessing the risks that would be entailed by failure to have authoritative records of activity,
g) preserving records and making them accessible over time, in order to meet business requirements and
community expectations,
h) complying with legal and regulatory requirements, applicable standards and organizational policy,
i) ensuring that records are maintained in a safe and secure environment,
j) ensuring that records are retained only for as long as needed or required, and
k) identifying and evaluating opportunities for improving the effectiveness, efficiency or quality of its processes,
decisions, and actions that could result from better records creation or management.
Rules for creating and capturing records and metadata about records should be incorporated into the procedures
governing all business processes for which there is a requirement for evidence of activity.
Business continuity planning and contingency measures should ensure that records that are vital to the continued
functioning of the organization are identified as part of risk analysis, protected and recoverable when needed.
3) In this part of ISO 15489, business activity is used as a broad term, not restricted to commercial activity, but including public
administration, non-profit and other activities.
6 © ISO 2001 – All rights reserved
---------------------- Page: 12 ----------------------
ISO 15489-1:2001(E)
7.2 Characteristics of a record
7
...
SLOVENSKI STANDARD
SIST ISO 15489-1:2005
01-november-2005
Informatika in dokumentacija – Upravljanje zapisov – 1. del: Splošno
Information and documentation -- Records management -- Part 1: General
Information et documentation -- Records management -- Partie 1: Principes directeurs
Ta slovenski standard je istoveten z: ISO 15489-1:2001
ICS:
01.140.20 Informacijske vede Information sciences
SIST ISO 15489-1:2005 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
SIST ISO 15489-1:2005
---------------------- Page: 2 ----------------------
SIST ISO 15489-1:2005
INTERNATIONAL ISO
STANDARD 15489-1
First edition
2001-09-15
Information and documentation — Records
management —
Part 1:
General
Information et documentation — «Records management»
Partie 1: Principes directeurs
Reference number
ISO 15489-1:2001(E)
©
ISO 2001
---------------------- Page: 3 ----------------------
SIST ISO 15489-1:2005
ISO 15489-1:2001(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not
be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this
file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat accepts no liability in this
area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters
were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event
that a problem relating to it is found, please inform the Central Secretariat at the address given below.
© ISO 2001
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic
or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISO's member body
in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.ch
Web www.iso.ch
Printed in Switzerland
ii © ISO 2001 – All rights reserved
---------------------- Page: 4 ----------------------
SIST ISO 15489-1:2005
ISO 15489-1:2001(E)
Contents Page
Foreword.v
Introduction.vi
1 Scope.1
2 Normative references.1
3 Terms and definitions .2
4 Benefits of records management.4
5 Regulatory environment.4
6 Policy and responsibilities .5
6.1 General.5
6.2 Policy.5
6.3 Responsibilities.5
7 Records management requirements .6
7.1 Principles of records management programmes.6
7.2 Characteristics of a record .7
7.2.1 General.7
7.2.2 Authenticity.7
7.2.3 Reliability.7
7.2.4 Integrity.7
7.2.5 Useability.7
8 Design and implementation of a records system .8
8.1 General.8
8.2 Records systems characteristics.8
8.2.1 Introduction.8
8.2.2 Reliability.8
8.2.3 Integrity.9
8.2.4 Compliance.9
8.2.5 Comprehensiveness.9
8.2.6 Systematic.9
8.3 Designing and implementing records systems.9
8.3.1 General.9
8.3.2 Documenting records transactions .9
8.3.3 Physical storage medium and protection .9
8.3.4 Distributed management.10
8.3.5 Conversion and migration .10
8.3.6 Access, retrieval and use .10
8.3.7 Retention and disposition.10
8.4 Design and implementation methodology.10
8.5 Discontinuing records systems .11
9 Records management processes and controls .11
9.1 Determining documents to be captured into a records system .11
9.2 Determining how long to retain records .11
9.3 Records capture.12
9.4 Registration.13
9.5 Classification.13
9.5.1 Classification of business activities.13
9.5.2 Classification systems.14
© ISO 2001 – All rights reserved iii
---------------------- Page: 5 ----------------------
SIST ISO 15489-1:2005
ISO 15489-1:2001(E)
9.5.3 Vocabulary controls.14
9.5.4 Indexing.14
9.5.5 Allocation of numbers and codes.14
9.6 Storage and handling.14
9.7 Access.14
9.8 Tracking.15
9.8.1 General.15
9.8.2 Action tracking.15
9.8.3 Location tracking.15
9.9 Implementing disposition.16
9.10 Documenting records management processes .16
10 Monitoring and auditing.17
11 Training.17
Index.18
iv © ISO 2001 – All rights reserved
---------------------- Page: 6 ----------------------
SIST ISO 15489-1:2005
ISO 15489-1:2001(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO
member bodies). The work of preparing International Standards is normally carried out through ISO technical
committees. Each member body interested in a subject for which a technical committee has been established has
the right to be represented on that committee. International organizations, governmental and non-governmental, in
liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical
Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 3.
The main task of technical committees is to prepare International Standards. Draft International Standards adopted
by the technical committees are circulated to the member bodies for voting. Publication as an International
Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this part of ISO 15489 may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 15489-1 was prepared by Technical Committee ISO/TC 46, Information and documentation, Subcommittee
SC 11, Archives/records management.
ISO 15489 consists of the following parts, under the general title Information and documentation — Records
management:
Part 1: General
Part 2: Guidelines [Technical Report]
© ISO 2001 – All rights reserved v
---------------------- Page: 7 ----------------------
SIST ISO 15489-1:2005
ISO 15489-1:2001(E)
Introduction
The standardization of records management policies and procedures ensures that appropriate attention and
protection is given to all records, and that the evidence and information they contain can be retrieved more
efficiently and effectively, using standard practices and procedures.
This part of ISO 15489 was developed in response to consensus among participating ISO member countries to
standardize international best practice in records management using the Australian Standards AS 4390, Records
management as its starting point.
This International Standard is accompanied by a Technical Report (ISO/TR 15489-2) that is recommended for use
with it. ISO/TR 15489-2 provides further explanation and implementation options for achieving the outcomes of this
International Standard. It also includes a bibliography.
vi © ISO 2001 – All rights reserved
---------------------- Page: 8 ----------------------
SIST ISO 15489-1:2005
INTERNATIONAL STANDARD ISO 15489-1:2001(E)
Information and documentation — Records management —
Part 1:
General
1 Scope
1)
This part of ISO 15489 provides guidance on managing records of originating organizations, public or private, for
internal and external clients.
All the elements outlined in this part of ISO 15489 are recommended to ensure that adequate records are created,
captured and managed. Procedures that help to ensure the management of records according to the principles and
elements outlined in this part of ISO 15489 are provided in ISO/TR 15489-2 (Guidelines).
This part of ISO 15489
applies to the management of records, in all formats or media, created or received by any public or private
organization in the conduct of its activities, or any individual with a duty to create and maintain records,
provides guidance on determining the responsibilities of organizations for records and records policies,
procedures, systems and processes,
provides guidance on records management in support of a quality process framework to comply with ISO 9001
and ISO 14001,
provides guidance on the design and implementation of a records system, but
does not include the management of archival records within archival institutions.
This part of ISO 15489 is intended for use by
managers of organizations,
records, information and technology management professionals,
all other personnel in organizations, and
other individuals with a duty to create and maintain records.
2 Normative references
The following normative documents contain provisions which, through reference in this text, constitute provisions of
this part of ISO 15489. For dated references, subsequent amendments to, or revisions of, any of these publications
do not apply. However, parties to agreements based on this part of ISO 15489 are encouraged to investigate the
1) In some countries, the management of records also applies to archives management. Archives management is not covered
in this part of ISO 15489.
© ISO 2001 – All rights reserved 1
---------------------- Page: 9 ----------------------
SIST ISO 15489-1:2005
ISO 15489-1:2001(E)
possibility of applying the most recent editions of the normative documents indicated below. For undated
references, the latest edition of the normative document referred to applies. Members of ISO and IEC maintain
registers of currently valid International Standards.
2)
ISO 5127:— , Information and documentation — Vocabulary
ISO 9001, Quality management systems — Requirements
ISO 14001, Environmental management systems — Specification with guidance for use
3 Terms and definitions
For the purposes of this part of ISO 15489, the following terms and definitions apply. For terms not included here,
see ISO 5127.
3.1
access
right, opportunity, means of finding, using, or retrieving information
3.2
accountability
principle that individuals, organizations, and the community are responsible for their actions and may be required to
explain them to others
3.3
action tracking
process in which time limits for actions are monitored and imposed upon those conducting the business
3.4
archival authority
archival agency
archival institution
archival programme
agency or programme responsible for selecting, acquiring and preserving archives, making them available, and
approving destruction of other records
3.5
classification
systematic identification and arrangement of business activities and/or records into categories according to logically
structured conventions, methods, and procedural rules represented in a classification system
3.6
classification system
SEE classification (3.5)
3.7
conversion
process of changing records from one medium to another or from one format to another
SEE migration (3.13)
3.8
destruction
process of eliminating or deleting records, beyond any possible reconstruction
2) To be published. (Revision of all previous parts of ISO 5127)
2 © ISO 2001 – All rights reserved
---------------------- Page: 10 ----------------------
SIST ISO 15489-1:2005
ISO 15489-1:2001(E)
3.9
disposition
range of processes associated with implementing records retention, destruction or transfer decisions which are
documented in disposition authorities or other instruments
3.10
document, noun
recorded information or object which can be treated as a unit
3.11
indexing
process of establishing access points to facilitate retrieval of records and/or information
3.12
metadata
data describing context, content and structure of records and their management through time
3.13
migration
act of moving records from one system to another, while maintaining the records' authenticity, integrity, reliability
and useability
SEE conversion (3.7)
3.14
preservation
processes and operations involved in ensuring the technical and intellectual survival of authentic records through
time
3.15
records
information created, received, and maintained as evidence and information by an organization or person, in
pursuance of legal obligations or in the transaction of business
3.16
records management
field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use
and disposition of records, including processes for capturing and maintaining evidence of and information about
business activities and transactions in the form of records
3.17
records system
information system which captures, manages and provides access to records through time
3.18
registration
act of giving a record a unique identifier on its entry into a system
3.19
tracking
creating, capturing and maintaining information about the movement and use of records
3.20
transfer
〈custody〉 change of custody, ownership and/or responsibility for records
3.21
transfer
〈movement〉 moving records from one location to another
© ISO 2001 – All rights reserved 3
---------------------- Page: 11 ----------------------
SIST ISO 15489-1:2005
ISO 15489-1:2001(E)
4 Benefits of records management
Records management governs the practice both of records managers and of any person who creates or uses
records in the course of their business activities. Records management in an organization includes
a) setting policies and standards,
b) assigning responsibilities and authorities,
c) establishing and promulgating procedures and guidelines,
d) providing a range of services relating to the management and use of records,
e) designing, implementing and administering specialized systems for managing records, and
f) integrating records management into business systems and processes.
Records contain information that is a valuable resource and an important business asset. A systematic approach to
the management of records is essential for organizations and society to protect and preserve records as evidence
of actions. A records management system results in a source of information about business activities that can
support subsequent activities and business decisions, as well as ensuring accountability to present and future
stakeholders. Records enable organizations to
conduct business in an orderly, efficient and accountable manner,
deliver services in a consistent and equitable manner,
support and document policy formation and managerial decision making,
provide consistency, continuity and productivity in management and administration,
facilitate the effective performance of activities throughout an organization,
provide continuity in the event of a disaster,
meet legislative and regulatory requirements including archival, audit and oversight activities,
provide protection and support in litigation including the management of risks associated with the existence of,
or lack of, evidence of organizational activity,
protect the interests of the organization and the rights of employees, clients and present and future
stakeholders,
support and document current and future research and development activities, developments and
achievements, as well as historical research,
provide evidence of business, personal and cultural activity,
establish business, personal and cultural identity, and
maintain corporate, personal or collective memory.
5 Regulatory environment
All organizations need to identify the regulatory environment that affects their activities and requirements to
document their activities. The policies and procedures of organizations should reflect the application of the
regulatory environment to their business processes. An organization should provide adequate evidence of its
compliance with the regulatory environment in the records of its activities.
4 © ISO 2001 – All rights reserved
---------------------- Page: 12 ----------------------
SIST ISO 15489-1:2005
ISO 15489-1:2001(E)
The regulatory environment consists of
a) statute and case laws, and regulations governing the sector-specific and general business environment,
including laws and regulations relating specifically to records, archives, access, privacy, evidence, electronic
commerce, data protection and information,
b) mandatory standards of practice,
c) voluntary codes of best practice,
d) voluntary codes of conduct and ethics, and
e) identifiable expectations of the community about what is acceptable behaviour for the specific sector or
organization.
The nature of the organization and the sector to which it belongs will determine which of these regulatory elements
(individually or in combination) are most applicable to that organization's records management requirements.
6 Policy and responsibilities
6.1 General
An organization seeking to conform to this part of ISO 15489 should establish, document, maintain and promulgate
policies, procedures and practices for records management to ensure that its business need for evidence,
accountability and information about its activities is met.
6.2 Policy
Organizations should define and document a policy for records management. The objective of the policy should be
the creation and management of authentic, reliable and useable records, capable of supporting business functions
and activities for as long as they are required. Organizations should ensure that the policy is communicated and
implemented at all levels in the organization.
The policy should be adopted and endorsed at the highest decision-making level and promulgated throughout the
organization. Responsibility for compliance should be assigned.
The policy should be derived from an analysis of business activities. It should define the areas where legislation,
regulations, other standards and best practices have the greatest application in the creation of records connected
to business activities. In doing so, organizations should take into account their organizational environment and
economic considerations. Policies should be regularly reviewed to ensure that they reflect current business needs.
6.3 Responsibilities
Records management responsibilities and authorities should be defined and assigned, and promulgated
throughout the organization so that, where a specific need to create and capture records is identified, it should be
clear who is responsible for taking the necessary action. These responsibilities should be assigned to all
employees of the organization, including records managers, allied information professionals, executives, business
unit managers, systems administrators and others who create records as part of their work, and should be reflected
in job descriptions and similar statements. Specific leadership responsibility and accountability for records
management should be assigned to a person with appropriate authority within the organization. Designations of the
responsible individuals may be assigned by law.
Such responsibilities should include statements such as the following.
a) Records management professionals are responsible for all aspects of records management, including the
design, implementation and maintenance of records systems and their operations, and for training users on
records management and records systems operations as they affect individual practices.
© ISO 2001 – All rights reserved 5
---------------------- Page: 13 ----------------------
SIST ISO 15489-1:2005
ISO 15489-1:2001(E)
b) Executives are responsible for supporting the application of records management policies throughout the
organization.
c) Systems administrators are responsible for ensuring that all documentation is accurate, available and legible to
personnel when required.
d) All employees are responsible and accountable for keeping accurate and complete records of their activities.
Archival authorities may be involved in the process of planning and implementing records management policies
and procedures.
7 Records management requirements
7.1 Principles of records management programmes
3)
Records are created, received and used in the conduct of business activities . To support the continuing conduct
of business, comply with the regulatory environment, and provide necessary accountability, organizations should
create and maintain authentic, reliable and useable records, and protect the integrity of those records for as long as
required. To do this, organizations should institute and carry out a comprehensive records management
programme which includes
a) determining what records should be created in each business process, and what information needs to be
included in the records,
b) deciding in what form and structure records should be created and captured, and the technologies to be used,
c) determining what metadata should be created with the record and through records processes and how that
metadata will be persistently linked and managed,
d) determining requirements for retrieving, using and transmitting records between business processes and other
users and how long they need to be kept to satisfy those requirements,
e) deciding how to organize records so as to support requirements for use,
f) assessing the risks that would be entailed by failure to have authoritative records of activity,
g) preserving records and making them accessible over time, in order to meet business requirements and
community expectations,
h) complying with legal and regulatory requirements, applicable standards and organizational policy,
i) ensuring that records are maintained in a safe and secure environment,
j) ensuring that records are retained only for as long as needed or required, and
k) identifying and evaluating opportunities for improving the effec
...
INTERNATIONAL ISO
STANDARD 15489-1
First edition
2001-09-15
Information and documentation — Records
management —
Part 1:
General
Information et documentation — «Records management»
Partie 1: Principes directeurs
Reference number
ISO 15489-1:2001(E)
©
ISO 2001
---------------------- Page: 1 ----------------------
ISO 15489-1:2001(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not
be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this
file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat accepts no liability in this
area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters
were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event
that a problem relating to it is found, please inform the Central Secretariat at the address given below.
© ISO 2001
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic
or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISO's member body
in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.ch
Web www.iso.ch
Printed in Switzerland
ii © ISO 2001 – All rights reserved
---------------------- Page: 2 ----------------------
ISO 15489-1:2001(E)
Contents Page
Foreword.v
Introduction.vi
1 Scope.1
2 Normative references.1
3 Terms and definitions .2
4 Benefits of records management.4
5 Regulatory environment.4
6 Policy and responsibilities .5
6.1 General.5
6.2 Policy.5
6.3 Responsibilities.5
7 Records management requirements .6
7.1 Principles of records management programmes.6
7.2 Characteristics of a record .7
7.2.1 General.7
7.2.2 Authenticity.7
7.2.3 Reliability.7
7.2.4 Integrity.7
7.2.5 Useability.7
8 Design and implementation of a records system .8
8.1 General.8
8.2 Records systems characteristics.8
8.2.1 Introduction.8
8.2.2 Reliability.8
8.2.3 Integrity.9
8.2.4 Compliance.9
8.2.5 Comprehensiveness.9
8.2.6 Systematic.9
8.3 Designing and implementing records systems.9
8.3.1 General.9
8.3.2 Documenting records transactions .9
8.3.3 Physical storage medium and protection .9
8.3.4 Distributed management.10
8.3.5 Conversion and migration .10
8.3.6 Access, retrieval and use .10
8.3.7 Retention and disposition.10
8.4 Design and implementation methodology.10
8.5 Discontinuing records systems .11
9 Records management processes and controls .11
9.1 Determining documents to be captured into a records system .11
9.2 Determining how long to retain records .11
9.3 Records capture.12
9.4 Registration.13
9.5 Classification.13
9.5.1 Classification of business activities.13
9.5.2 Classification systems.14
© ISO 2001 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO 15489-1:2001(E)
9.5.3 Vocabulary controls.14
9.5.4 Indexing.14
9.5.5 Allocation of numbers and codes.14
9.6 Storage and handling.14
9.7 Access.14
9.8 Tracking.15
9.8.1 General.15
9.8.2 Action tracking.15
9.8.3 Location tracking.15
9.9 Implementing disposition.16
9.10 Documenting records management processes .16
10 Monitoring and auditing.17
11 Training.17
Index.18
iv © ISO 2001 – All rights reserved
---------------------- Page: 4 ----------------------
ISO 15489-1:2001(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO
member bodies). The work of preparing International Standards is normally carried out through ISO technical
committees. Each member body interested in a subject for which a technical committee has been established has
the right to be represented on that committee. International organizations, governmental and non-governmental, in
liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical
Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 3.
The main task of technical committees is to prepare International Standards. Draft International Standards adopted
by the technical committees are circulated to the member bodies for voting. Publication as an International
Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this part of ISO 15489 may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 15489-1 was prepared by Technical Committee ISO/TC 46, Information and documentation, Subcommittee
SC 11, Archives/records management.
ISO 15489 consists of the following parts, under the general title Information and documentation — Records
management:
Part 1: General
Part 2: Guidelines [Technical Report]
© ISO 2001 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO 15489-1:2001(E)
Introduction
The standardization of records management policies and procedures ensures that appropriate attention and
protection is given to all records, and that the evidence and information they contain can be retrieved more
efficiently and effectively, using standard practices and procedures.
This part of ISO 15489 was developed in response to consensus among participating ISO member countries to
standardize international best practice in records management using the Australian Standards AS 4390, Records
management as its starting point.
This International Standard is accompanied by a Technical Report (ISO/TR 15489-2) that is recommended for use
with it. ISO/TR 15489-2 provides further explanation and implementation options for achieving the outcomes of this
International Standard. It also includes a bibliography.
vi © ISO 2001 – All rights reserved
---------------------- Page: 6 ----------------------
INTERNATIONAL STANDARD ISO 15489-1:2001(E)
Information and documentation — Records management —
Part 1:
General
1 Scope
1)
This part of ISO 15489 provides guidance on managing records of originating organizations, public or private, for
internal and external clients.
All the elements outlined in this part of ISO 15489 are recommended to ensure that adequate records are created,
captured and managed. Procedures that help to ensure the management of records according to the principles and
elements outlined in this part of ISO 15489 are provided in ISO/TR 15489-2 (Guidelines).
This part of ISO 15489
applies to the management of records, in all formats or media, created or received by any public or private
organization in the conduct of its activities, or any individual with a duty to create and maintain records,
provides guidance on determining the responsibilities of organizations for records and records policies,
procedures, systems and processes,
provides guidance on records management in support of a quality process framework to comply with ISO 9001
and ISO 14001,
provides guidance on the design and implementation of a records system, but
does not include the management of archival records within archival institutions.
This part of ISO 15489 is intended for use by
managers of organizations,
records, information and technology management professionals,
all other personnel in organizations, and
other individuals with a duty to create and maintain records.
2 Normative references
The following normative documents contain provisions which, through reference in this text, constitute provisions of
this part of ISO 15489. For dated references, subsequent amendments to, or revisions of, any of these publications
do not apply. However, parties to agreements based on this part of ISO 15489 are encouraged to investigate the
1) In some countries, the management of records also applies to archives management. Archives management is not covered
in this part of ISO 15489.
© ISO 2001 – All rights reserved 1
---------------------- Page: 7 ----------------------
ISO 15489-1:2001(E)
possibility of applying the most recent editions of the normative documents indicated below. For undated
references, the latest edition of the normative document referred to applies. Members of ISO and IEC maintain
registers of currently valid International Standards.
2)
ISO 5127:— , Information and documentation — Vocabulary
ISO 9001, Quality management systems — Requirements
ISO 14001, Environmental management systems — Specification with guidance for use
3 Terms and definitions
For the purposes of this part of ISO 15489, the following terms and definitions apply. For terms not included here,
see ISO 5127.
3.1
access
right, opportunity, means of finding, using, or retrieving information
3.2
accountability
principle that individuals, organizations, and the community are responsible for their actions and may be required to
explain them to others
3.3
action tracking
process in which time limits for actions are monitored and imposed upon those conducting the business
3.4
archival authority
archival agency
archival institution
archival programme
agency or programme responsible for selecting, acquiring and preserving archives, making them available, and
approving destruction of other records
3.5
classification
systematic identification and arrangement of business activities and/or records into categories according to logically
structured conventions, methods, and procedural rules represented in a classification system
3.6
classification system
SEE classification (3.5)
3.7
conversion
process of changing records from one medium to another or from one format to another
SEE migration (3.13)
3.8
destruction
process of eliminating or deleting records, beyond any possible reconstruction
2) To be published. (Revision of all previous parts of ISO 5127)
2 © ISO 2001 – All rights reserved
---------------------- Page: 8 ----------------------
ISO 15489-1:2001(E)
3.9
disposition
range of processes associated with implementing records retention, destruction or transfer decisions which are
documented in disposition authorities or other instruments
3.10
document, noun
recorded information or object which can be treated as a unit
3.11
indexing
process of establishing access points to facilitate retrieval of records and/or information
3.12
metadata
data describing context, content and structure of records and their management through time
3.13
migration
act of moving records from one system to another, while maintaining the records' authenticity, integrity, reliability
and useability
SEE conversion (3.7)
3.14
preservation
processes and operations involved in ensuring the technical and intellectual survival of authentic records through
time
3.15
records
information created, received, and maintained as evidence and information by an organization or person, in
pursuance of legal obligations or in the transaction of business
3.16
records management
field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use
and disposition of records, including processes for capturing and maintaining evidence of and information about
business activities and transactions in the form of records
3.17
records system
information system which captures, manages and provides access to records through time
3.18
registration
act of giving a record a unique identifier on its entry into a system
3.19
tracking
creating, capturing and maintaining information about the movement and use of records
3.20
transfer
〈custody〉 change of custody, ownership and/or responsibility for records
3.21
transfer
〈movement〉 moving records from one location to another
© ISO 2001 – All rights reserved 3
---------------------- Page: 9 ----------------------
ISO 15489-1:2001(E)
4 Benefits of records management
Records management governs the practice both of records managers and of any person who creates or uses
records in the course of their business activities. Records management in an organization includes
a) setting policies and standards,
b) assigning responsibilities and authorities,
c) establishing and promulgating procedures and guidelines,
d) providing a range of services relating to the management and use of records,
e) designing, implementing and administering specialized systems for managing records, and
f) integrating records management into business systems and processes.
Records contain information that is a valuable resource and an important business asset. A systematic approach to
the management of records is essential for organizations and society to protect and preserve records as evidence
of actions. A records management system results in a source of information about business activities that can
support subsequent activities and business decisions, as well as ensuring accountability to present and future
stakeholders. Records enable organizations to
conduct business in an orderly, efficient and accountable manner,
deliver services in a consistent and equitable manner,
support and document policy formation and managerial decision making,
provide consistency, continuity and productivity in management and administration,
facilitate the effective performance of activities throughout an organization,
provide continuity in the event of a disaster,
meet legislative and regulatory requirements including archival, audit and oversight activities,
provide protection and support in litigation including the management of risks associated with the existence of,
or lack of, evidence of organizational activity,
protect the interests of the organization and the rights of employees, clients and present and future
stakeholders,
support and document current and future research and development activities, developments and
achievements, as well as historical research,
provide evidence of business, personal and cultural activity,
establish business, personal and cultural identity, and
maintain corporate, personal or collective memory.
5 Regulatory environment
All organizations need to identify the regulatory environment that affects their activities and requirements to
document their activities. The policies and procedures of organizations should reflect the application of the
regulatory environment to their business processes. An organization should provide adequate evidence of its
compliance with the regulatory environment in the records of its activities.
4 © ISO 2001 – All rights reserved
---------------------- Page: 10 ----------------------
ISO 15489-1:2001(E)
The regulatory environment consists of
a) statute and case laws, and regulations governing the sector-specific and general business environment,
including laws and regulations relating specifically to records, archives, access, privacy, evidence, electronic
commerce, data protection and information,
b) mandatory standards of practice,
c) voluntary codes of best practice,
d) voluntary codes of conduct and ethics, and
e) identifiable expectations of the community about what is acceptable behaviour for the specific sector or
organization.
The nature of the organization and the sector to which it belongs will determine which of these regulatory elements
(individually or in combination) are most applicable to that organization's records management requirements.
6 Policy and responsibilities
6.1 General
An organization seeking to conform to this part of ISO 15489 should establish, document, maintain and promulgate
policies, procedures and practices for records management to ensure that its business need for evidence,
accountability and information about its activities is met.
6.2 Policy
Organizations should define and document a policy for records management. The objective of the policy should be
the creation and management of authentic, reliable and useable records, capable of supporting business functions
and activities for as long as they are required. Organizations should ensure that the policy is communicated and
implemented at all levels in the organization.
The policy should be adopted and endorsed at the highest decision-making level and promulgated throughout the
organization. Responsibility for compliance should be assigned.
The policy should be derived from an analysis of business activities. It should define the areas where legislation,
regulations, other standards and best practices have the greatest application in the creation of records connected
to business activities. In doing so, organizations should take into account their organizational environment and
economic considerations. Policies should be regularly reviewed to ensure that they reflect current business needs.
6.3 Responsibilities
Records management responsibilities and authorities should be defined and assigned, and promulgated
throughout the organization so that, where a specific need to create and capture records is identified, it should be
clear who is responsible for taking the necessary action. These responsibilities should be assigned to all
employees of the organization, including records managers, allied information professionals, executives, business
unit managers, systems administrators and others who create records as part of their work, and should be reflected
in job descriptions and similar statements. Specific leadership responsibility and accountability for records
management should be assigned to a person with appropriate authority within the organization. Designations of the
responsible individuals may be assigned by law.
Such responsibilities should include statements such as the following.
a) Records management professionals are responsible for all aspects of records management, including the
design, implementation and maintenance of records systems and their operations, and for training users on
records management and records systems operations as they affect individual practices.
© ISO 2001 – All rights reserved 5
---------------------- Page: 11 ----------------------
ISO 15489-1:2001(E)
b) Executives are responsible for supporting the application of records management policies throughout the
organization.
c) Systems administrators are responsible for ensuring that all documentation is accurate, available and legible to
personnel when required.
d) All employees are responsible and accountable for keeping accurate and complete records of their activities.
Archival authorities may be involved in the process of planning and implementing records management policies
and procedures.
7 Records management requirements
7.1 Principles of records management programmes
3)
Records are created, received and used in the conduct of business activities . To support the continuing conduct
of business, comply with the regulatory environment, and provide necessary accountability, organizations should
create and maintain authentic, reliable and useable records, and protect the integrity of those records for as long as
required. To do this, organizations should institute and carry out a comprehensive records management
programme which includes
a) determining what records should be created in each business process, and what information needs to be
included in the records,
b) deciding in what form and structure records should be created and captured, and the technologies to be used,
c) determining what metadata should be created with the record and through records processes and how that
metadata will be persistently linked and managed,
d) determining requirements for retrieving, using and transmitting records between business processes and other
users and how long they need to be kept to satisfy those requirements,
e) deciding how to organize records so as to support requirements for use,
f) assessing the risks that would be entailed by failure to have authoritative records of activity,
g) preserving records and making them accessible over time, in order to meet business requirements and
community expectations,
h) complying with legal and regulatory requirements, applicable standards and organizational policy,
i) ensuring that records are maintained in a safe and secure environment,
j) ensuring that records are retained only for as long as needed or required, and
k) identifying and evaluating opportunities for improving the effectiveness, efficiency or quality of its processes,
decisions, and actions that could result from better records creation or management.
Rules for creating and capturing records and metadata about records should be incorporated into the procedures
governing all business processes for which there is a requirement for evidence of activity.
Business continuity planning and contingency measures should ensure that records that are vital to the continued
functioning of the organization are identified as part of risk analysis, protected and recoverable when needed.
3) In this part of ISO 15489, business activity is used as a broad term, not restricted to commercial activity, but including public
administration, non-profit and other activities.
6 © ISO 2001 – All rights reserved
---------------------- Page: 12 ----------------------
ISO 15489-1:2001(E)
7.2 Charac
...
NORME ISO
INTERNATIONALE 15489-1
Première édition
2001-09-15
Information et documentation — «Records
management» —
Partie 1:
Principes directeurs
Information and documentation — Records management —
Part 1: General
Numéro de référence
ISO 15489-1:2001(F)
©
ISO 2001
---------------------- Page: 1 ----------------------
ISO 15489-1:2001(F)
PDF – Exonération de responsabilité
Le présent fichier PDF peut contenir des polices de caractères intégrées. Conformément aux conditions de licence d'Adobe, ce fichier peut
être imprimé ou visualisé, mais ne doit pas être modifié à moins que l'ordinateur employé à cet effet ne bénéficie d'une licence autorisant
l'utilisation de ces polices et que celles-ci y soient installées. Lors du téléchargement de ce fichier, les parties concernées acceptent de fait la
responsabilité de ne pas enfreindre les conditions de licence d'Adobe. Le Secrétariat central de l'ISO décline toute responsabilité en la
matière.
Adobe est une marque déposée d'Adobe Systems Incorporated.
Les détails relatifs aux produits logiciels utilisés pour la création du présent fichier PDF sont disponibles dans la rubrique General Info du
fichier; les paramètres de création PDF ont été optimisés pour l'impression. Toutes les mesures ont été prises pour garantir l'exploitation de
ce fichier par les comités membres de l'ISO. Dans le cas peu probable où surviendrait un problème d'utilisation, veuillez en informer le
Secrétariat central à l'adresse donnée ci-dessous.
© ISO 2001
Droits de reproduction réservés. Sauf prescription différente, aucune partie de cette publication ne peut être reproduite ni utilisée sous quelque
forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie et les microfilms, sans l'accord écrit de l'ISO à
l'adresse ci-après ou du comité membre de l'ISO dans le pays du demandeur.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax. + 41 22 749 09 47
E-mail copyright@iso.ch
Web www.iso.ch
Imprimé en Suisse
ii © ISO 2001 – Tous droits réservés
---------------------- Page: 2 ----------------------
ISO 15489-1:2001(F)
Sommaire Page
Avant-propos .v
Introduction.vi
1 Domaine d'application.1
2 Références normatives.2
3 Termes et définitions.2
4 Avantages du «Records management» .4
5 Environnement réglementaire.5
6 Politique et responsabilités.5
6.1 Généralités.5
6.2 Politique.5
6.3 Responsabilités.6
7 Exigences du «Records management».6
7.1 Principes généraux d'un programme de «Records management» .6
7.2 Caractéristiques d'un document d'archives .7
7.2.1 Généralités.7
7.2.2 Authenticité.7
7.2.3 Fiabilité.8
7.2.4 Intégrité.8
7.2.5 Exploitabilité.8
8 Conception et mise en œuvre d'un système d'archivage .8
8.1 Généralités.8
8.2 Caractéristiques du système d'archivage.9
8.2.1 Introduction.9
8.2.2 Fiabilité.9
8.2.3 Intégrité.9
8.2.4 Conformité.9
8.2.5 Étendue.9
8.2.6 Caractère systématique.9
8.3 Étapes de conception et de mise en œuvre du système d'archivage.10
8.3.1 Généralités.10
8.3.2 Enregistrement des opérations sur les documents.10
8.3.3 Support de stockage et protection .10
8.3.4 Gestion partagée.10
8.3.5 Conversion et migration .10
8.3.6 Accès, repérage et exploitation .10
8.3.7 Conservation et sort final .10
8.4 Méthodologie de conception et de mise en œuvre.11
8.5 Interruption du système d'archivage.11
9 Procédures du «Records management» et contrôles .12
9.1 Sélection des documents à intégrer dans un système d'archivage .12
9.2 Définition des durées de conservation .12
9.3 Intégration des documents.13
9.4 Enregistrement.14
9.5 Classement.14
9.5.1 Classement des activités.14
9.5.2 Système de classement.14
9.5.3 Vocabulaires contrôlés.14
9.5.4 Indexation.14
© ISO 2001 – Tous droits réservés iii
---------------------- Page: 3 ----------------------
ISO 15489-1:2001(F)
9.5.5 Attribution de numéros et de cotes .15
9.6 Stockage et manutention .15
9.7 Accès.15
9.8 Traçabilité.16
9.8.1 Généralités.16
9.8.2 Suivi des opérations.16
9.8.3 Suivi de la localisation .16
9.9 Application du sort final.16
9.10 Rédaction d'une charte d'archivage .17
10 Contrôle et audit .18
11 Formation.18
Index.19
iv © ISO 2001 – Tous droits réservés
---------------------- Page: 4 ----------------------
ISO 15489-1:2001(F)
Avant-propos
L'ISO (Organisation internationale de normalisation) est une fédération mondiale d'organismes nationaux de
normalisation (comités membres de l'ISO). L'élaboration des Normes internationales est en général confiée aux
comités techniques de l'ISO. Chaque comité membre intéressé par une étude a le droit de faire partie du comité
technique créé à cet effet. Les organisations internationales, gouvernementales et non gouvernementales, en
liaison avec l'ISO participent également aux travaux. L'ISO collabore étroitement avec la Commission
électrotechnique internationale (CEI) en ce qui concerne la normalisation électrotechnique.
Les Normes internationales sont rédigées conformément aux règles données dans les Directives ISO/CEI,
Partie 3.
La tâche principale des comités techniques est d'élaborer les Normes internationales. Les projets de Normes
internationales adoptés par les comités techniques sont soumis aux comités membres pour vote. Leur publication
comme Normes internationales requiert l'approbation de 75 % au moins des comités membres votants.
L'attention est appelée sur le fait que certains des éléments de la présente partie de l'ISO 15489 peuvent faire
l'objet de droits de propriété intellectuelle ou de droits analogues. L'ISO ne saurait être tenue pour responsable de
ne pas avoir identifié de tels droits de propriété et averti de leur existence.
L'ISO 15489-1 a été élaborée par le comité technique ISO/TC 46, Information et documentation, sous-comité
SC 11, Gestion des archives courantes et intermédiaires.
L'ISO 15489 comprend les parties suivantes, présentées sous le titre général Information et documentation —
«Records management»:
Partie 1: Principes directeurs
Partie 2: Guide pratique [Rapport technique]
© ISO 2001 – Tous droits réservés v
---------------------- Page: 5 ----------------------
ISO 15489-1:2001(F)
Introduction
La normalisation des politiques et des procédures du «Records management» garantit que tous les documents
d'archives bénéficient de l'attention et de la protection appropriées, et que leurs valeurs de preuve et d'information
sont susceptibles d'être mises en évidence plus efficacement et plus facilement, en ayant recours à des pratiques
et procédures normalisées.
La présente partie de l'ISO 15489 a été élaborée en réponse au consensus entre les pays membres de l'ISO pour
la normalisation des bonnes pratiques internationales en matière d'organisation et de gestion des documents
d'archives, en utilisant la norme australienne AS 4390, Records management, comme point de départ.
La présente partie de l'ISO 15489 est accompagnée d'un Rapport technique (ISO/TR 15489-2), qu'il est
recommandé d'utiliser avec elle. L'ISO/TR 15489-2 fournit de plus amples explications et des suggestions pour la
réalisation des préconisations de la norme. Il comporte également une bibliographie.
vi © ISO 2001 – Tous droits réservés
---------------------- Page: 6 ----------------------
NORME INTERNATIONALE ISO 15489-1:2001(F)
Information et documentation — «Records management» —
Partie 1:
Principes directeurs
1 Domaine d'application
1)
La présente partie de l'ISO 15489 constitue un guide pour l'organisation et la gestion des documents d'archives
des organismes, publics ou privés, pour le compte de clients internes ou externes.
Tous les éléments constitutifs de la présente partie de l'ISO 15489 visent à ce que les documents soient créés,
archivés et organisés d'une manière pertinente. Les procédures propres à assurer l'organisation et la gestion des
documents selon les principes et les éléments constitutifs de la présente partie de l'ISO 15489 sont présentées
dans l'ISO/TR 15489-2 (Guide pratique).
La présente partie de l'ISO 15489
vise l'organisation et la gestion des documents, quels que soient leur forme ou leur support, produits ou reçus
par tout organisme, public ou privé, dans l'exercice de ses activités, ou par toute personne physique ayant la
responsabilité de produire ou de conserver des documents d'archives,
constitue un guide pour définir les responsabilités des organismes vis à vis de leurs documents d'archives et
les politiques, procédures, systèmes et méthodes afférents,
constitue un guide pour le «Records management» en tant que soutien d'une démarche qualité, en accord
avec l'ISO 9001 et l'ISO 14001,
constitue un guide pour la conception et la mise en œuvre d'un système d'archivage,
mais n'inclut pas l'organisation et la gestion des archives historiques au sein des institutions d'archives.
La présente partie de l'ISO 15489 est destinée
aux dirigeants des organismes,
aux professionnels du document d'archives et des technologies de l'information,
à l'ensemble du personnel des organismes,
ainsi qu'à toute personne physique ayant la responsabilité de créer et archiver des documents.
1) Dans certains pays, l'organisation et la gestion des documents d'archives s'applique aussi aux archives historiques. Les
archives historiques ne sont pas couvertes par la présente partie de l'ISO 15489.
Le terme anglais «records» désigne les documents considérés dans leur dimension de preuve (et d'utilité dans le cadre de la
conduite des activités de l'organisme émetteur), par opposition à «documents» (qui ne prend en compte que leur contenu
informatif) et à «archives» (qui vise la portée historique). N'ayant pas en français d'équivalent strict, «records» est traduit ici par
«documents d'archives» sauf lorsque le terme «documents» est suffisamment explicite dans le contexte, voire par «archives»
lorsque le sens l'impose.
© ISO 2001 – Tous droits réservés 1
---------------------- Page: 7 ----------------------
ISO 15489-1:2001(F)
2 Références normatives
Les documents normatifs suivants contiennent des dispositions qui, par suite de la référence qui y est faite,
constituent des dispositions valables pour la présente partie de l'ISO 15489. Pour les références datées, les
amendements ultérieurs ou les révisions de ces publications ne s'appliquent pas. Toutefois, les parties prenantes
aux accords fondés sur la présente partie de l'ISO 15489 sont invitées à rechercher la possibilité d'appliquer les
éditions les plus récentes des documents normatifs indiqués ci-après. Pour les références non datées, la dernière
édition du document normatif en référence s'applique. Les membres de l'ISO et de la CEI possèdent le registre des
Normes internationales en vigueur.
2)
ISO 5127:— , Information et documentation — Vocabulaire
ISO 9001, Systèmes de management de la qualité — Exigences
ISO 14001, Systèmes de management environnemental — Spécification et lignes directrices pour son utilisation
3 Termes et définitions
Pour les besoins de la présente partie de l'ISO 15489, les termes et définitions donnés dans l'ISO 5127 ainsi que
les suivants s'appliquent.
NOTE La présente partie de l'ISO 15489 comporte un index alphabétique des termes clés utilisés.
3.1
accès
droit, modalités et moyens de rechercher, d'exploiter ou de retrouver l'information
3.2
responsabilité
principe selon lequel les personnes physiques et morales, ainsi que la collectivité, sont responsables de leurs
actions et peuvent être tenues d'en rendre compte
3.3
suivi des opérations
action de fixer et d'imposer des étapes et des échéances dans le traitement des affaires
3.4
autorité archivistique
institution ou service d'archives en charge de la sélection, de la collecte et de la conservation des archives, de leur
mise à disposition et de l'approbation des éliminations des archives non historiques
3.5
classement
identification systématique et classement des activités et/ou des documents d'archives en catégories suivant
l'organisation logique d'un système de classification et en accord avec ses principes, ses méthodes et ses règles
3.6
système de classement
VOIR classement (3.5)
2) À publier. (Révision de toutes les parties de l'ISO 5127)
2 © ISO 2001 – Tous droits réservés
---------------------- Page: 8 ----------------------
ISO 15489-1:2001(F)
3.7
conversion
action de transférer des documents d'un support à un autre, ou d'un format à un autre
VOIR migration (3.13)
3.8
destruction
action d'éliminer ou de supprimer des documents, de façon irréversible
3.9
sort final
destination diversifiée des documents correspondant à la mise en œuvre des décisions de conservation, de
destruction ou de transfert des documents, telles qu'elles sont explicitées dans la charte d'archivage ou tout autre
outil de référence
3.10
document
tout écrit ou enregistrement considéré comme une unité
3.11
indexation
action de définir des points d'accès pour faciliter le repérage des documents et/ou des informations
3.12
métadonnées
données décrivant le contexte, le contenu et la structure des documents ainsi que leur gestion dans le temps
3.13
migration
action de transférer des documents d'un système à un autre en préservant leur authenticité, leur intégrité, leur
fiabilité et leur exploitabilité
VOIR conversion (3.7)
3.14
conservation
actions et tâches concourant à la pérennité technique et intellectuelle des documents authentiques
3.15
documents d'archives
documents
documents créés, reçus et préservés à titre de preuve et d'information par une personne physique ou morale dans
l'exercice de ses obligations légales ou la conduite de son activité
3.16
«Records management»
champ de l'organisation et de la gestion en charge d'un contrôle efficace et systématique de la création, de la
réception, de la conservation, de l'utilisation et du sort final des documents, y compris des méthodes de fixation et
de préservation de la preuve et de l'information liées à la forme des documents
3.17
système d'archivage
système d'information qui intègre les documents, les organise, les gère et les rend accessibles à terme
3.18
enregistrement
action de donner un identifiant unique à un document au moment de son archivage
© ISO 2001 – Tous droits réservés 3
---------------------- Page: 9 ----------------------
ISO 15489-1:2001(F)
3.19
traçabilité
fait de créer, d'enregistrer et de préserver les données relatives aux mouvements et à l'utilisation des documents
3.20
versement
action de transférer la conservation physique, la propriété ou la responsabilité de documents
3.21
transfert
action de changer la localisation des documents
4 Avantages du «Records management»
Le «Records management» gouverne les pratiques aussi bien des «records managers» que de toute personne qui
produit ou exploite des documents dans l'exercice de ses activités. Dans un organisme, le «Records management»
comporte
a) la mise en place de politiques et de normes,
b) la répartition des responsabilités et des compétences,
c) l'élaboration, la validation et la diffusion des procédures et des manuels correspondants,
d) l'offre d'une gamme de services d'organisation, de gestion et d'utilisation des documents,
e) la conception, la mise en œuvre et la maintenance de systèmes spécifiques pour l'organisation et la gestion
des documents d'archives,
f) l'intégration du «Records management» dans les systèmes d'organisation et les méthodes de travail.
Les documents d'archives contiennent des informations qui constituent une ressource non négligeable et un atout
important dans la conduite des affaires. Une démarche systématique d'organisation et de gestion des documents
d'archives est indispensable aux organismes, ainsi qu'à la société, pour protéger et conserver la preuve tangible de
leurs activités. Un système de «Records management» représente une source d'information sur les activités de
l'organisme et, de ce fait, une aide à la décision et à l'action, ainsi qu'un outil pour rendre des comptes à toute
partie intéressée présente ou future. Les documents d'archives permettent
de conduire des affaires d'une manière ordonnée, efficace et responsable,
de proposer une offre cohérente et équitable de services,
d'apporter un soutien à la politique de formation et une aide à la décision,
de donner de la cohérence, de la continuité et de la productivité aux tâches d'organisation et de gestion,
de faciliter les performances réelles des activités au sein d'un organisme,
d'assurer la continuité des affaires en cas de sinistre,
de répondre aux exigences légales et réglementaires, y compris en matière d'archives, d'audit et de contrôle,
de fournir une protection et un soutien en cas de litige, ceci incluant la gestion des risques du fait de
l'existence ou de la non-disponibilité d'une preuve,
de protéger les intérêts de l'organisme et les droits de ses employés, de ses clients ainsi que des utilisateurs
présents et futurs de ces documents,
de soutenir et de documenter les activités de recherche et de développement présentes et futures, les
réalisations et les résultats, aussi bien que la recherche historique,
4 © ISO 2001 – Tous droits réservés
---------------------- Page: 10 ----------------------
ISO 15489-1:2001(F)
de fournir la preuve des activités professionnelles, personnelles et culturelles,
d'établir une identité professionnelle, personnelle et culturelle,
de préserver une mémoire d'entreprise, personnelle ou collective.
5 Environnement réglementaire
Tous les organismes ont besoin d'identifier l'environnement réglementaire qui concerne leurs activités et le
minimum nécessaire pour documenter ces activités. Il est recommandé que les politiques et procédures des
organismes traduisent la prise en compte de l'environnement réglementaire dans les méthodes de travail. Il
convient qu'un organisme puisse apporter la preuve, dans les documents qu'il produit, que ses activités sont bien
conformes à l'environnement réglementaire.
L'environnement réglementaire est défini par
a) la législation et la jurisprudence ainsi que la réglementation propres à l'activité en général et au secteur
d'activité concerné, y compris les lois et règlements relatifs aux documents d'archives, à l'accès à l'information,
au respect de la vie privée, à la notion de preuve, au commerce électronique et à la protection des données,
b) les normes ayant un caractère d'obligation légale,
c) les codes de bonnes pratiques adoptés volontairement,
d) les codes de conduite ou d'éthique adoptés volontairement,
e) les attentes identifiées de la société en matière de comportement des organismes dans le secteur d'activité
concerné.
La nature de l'organisme et son secteur d'activité détermineront lesquels de ces éléments réglementaires
(individuellement ou combinés) s'appliquent le mieux aux exigences du «Records management» dans cet
organisme.
6 Politique et responsabilités
6.1 Généralités
Il convient qu'un organisme qui cherche à se conformer à la présente partie de l'ISO 15489 élabore, documente,
conserve et diffuse des politiques, procédures et pratiques de «Records management» qui garantissent la
satisfaction de ses besoins en matière de preuve, de responsabilité et d'information dans la gestion de ses
activités.
6.2 Politique
Il est recommandé que les organismes définissent et documentent une politique en matière de «Records
management». Il convient que cette politique vise à la production et à l'organisation de documents authentiques,
fiables et exploitables, propres à conforter l'activité aussi longtemps que nécessaire. Il est recommandé que les
organismes s'assurent que cette politique est connue et mise en œuvre à tous les niveaux.
Il convient que cette politique soit adoptée et appuyée au plus haut niveau de décision et diffusée pour action dans
tout l'organisme. Il convient de désigner un responsable de la bonne exécution de cette diffusion.
Il est recommandé que cette politique soit issue d'une analyse des activités de l'organisme. Il convient de
déterminer là où la législation, la réglementation, les autres normes et bonnes pratiques s'appliquent avec le plus
de pertinence à la création de documents correspondant aux activités de l'organisme. Pour ce faire, il est
recommandé que les organismes prennent en compte leur environnement organisationnel et économique. Il
convient de soumettre à des révisions régulières ces politiques, afin qu'elles reflètent bien les besoins courants de
la gestion des affaires.
© ISO 2001 – Tous droits réservés 5
---------------------- Page: 11 ----------------------
ISO 15489-1:2001(F)
6.3 Responsabilités
Il est recommandé que les responsabilités et les compétences en matière de «Records management» soient
définies et attribuées, et que tout l'organisme en soit informé, de sorte que, là où un besoin spécifique de créer et
d'archiver un document est identifié, la personne responsable de cette action soit, elle aussi, clairement identifiée.
Il est recommandé que ce type de responsabilité soit attribué à tout le personnel: «records managers» et
professionnels de l'information, décideurs, cadres, administrateurs systèmes et autres collaborateurs dont l'activité
produit des documents, ces données figurant dans les descriptions de poste et autres types de documents
similaires. Il est recommandé que la responsabilité globale du «Records management» soit attribuée à une
personne qui, au sein de l'organisme, dispose de l'autorité nécessaire. Il est admis que la nomination de
responsables peut être une obligation légale.
Il est recommandé de définir ces responsabilités par des formulations telles que les suivantes.
a) Les professionnels du «Records management» sont responsables de tous les aspects du «Records
management»: conception, mise en œuvre et maintenance du système d'archivage et de ses procédures;
formation des utilisateurs au «Records management» et aux procédures d'archivage, dans la mesure où
celles-ci modifient les pratiques individuelles.
b) Les décideurs sont tenus de soutenir l'application des principes de «Records management» dans tout
l'organisme.
c) Les adminis
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.