Information and documentation — Processes and functional requirements for software for managing records — Part 1: Functional requirements and associated guidance for any applications that manage digital records

This document provides model, high-level functional requirements and associated guidance for software applications that are intended to manage digital records (including digital copies of analogue source records), either as the main purpose of the application or as a part of an application that is primarily intended to enable other business functions and processes. It does not include: — functional requirements for applications that manage analogue records; — generic design requirements such as reporting, application administration and performance; — requirements for the long-term preservation of digital records in a dedicated preservation environment; NOTE The model requirements are intended to encourage the deployment of applications that do not hinder long-term preservation of records. As such, some of the requirements support long-term digital preservation outcomes. — implementation guidance for applications that manages analogue and/or digital records. Such guidance can be found in ISO/TS 16175-2:—[1]. [1] Under development. Stage at the time of publication: ISO/DTS 16175-2:2020.

Information et documentation — Processus et exigences fonctionnelles applicables aux logiciels de gestion des documents d'activité — Partie 1: Exigences fonctionnelles et recommandations associées pour toute application de gestion de documents d’activité numériques

Le présent document fournit des exigences fonctionnelles modélisées d'ordre général ainsi que des recommandations concernant des applications logicielles conçues pour gérer des documents d'activité numériques (y compris des copies numériques de documents sources analogiques), soit pour des applications remplissant essentiellement cette fonction, soit pour des applications conçues pour soutenir d'autres fonctions et processus métier et qui intègrent cette fonctionnalité. Il ne couvre pas: — les exigences fonctionnelles des applications de gestion de documents analogiques; — les exigences de conception génériques, telles que la génération de rapports, l'administration des applications et les performances; — les exigences relatives à la conservation à long terme des documents d'activité numériques dans un environnement de conservation dédié; NOTE Les exigences du modèle visent à encourager le déploiement d'applications qui ne font en aucun cas obstacle à une conservation à long terme des documents. À cet effet, certaines exigences produisent des résultats qui viennent à l'appui d'une conservation numérique à long terme; — des recommandations de mise en œuvre d'applications qui gèrent des enregistrements analogiques et/ou numériques. Ces conseils peuvent être trouvés dans l'ISO/TS 16175-2:— [1]. [1] En cours d'elaboration. (Stade au moment de la publication ISO/DTR 16175-2:2020).

Informatika in dokumentacija - Procesi in funkcionalne zahteve za načrtovanje programske opreme za upravljanje zapisov - 1. del: Funkcionalne zahteve in navodilo za aplikacije, ki upravljajo digitalne zapise

General Information

Status
Published
Publication Date
02-Jul-2020
Current Stage
6060 - International Standard published
Start Date
03-Jul-2020
Due Date
20-Jul-2020
Completion Date
03-Jul-2020

Relations

Buy Standard

Standard
ISO 16175-1:2021 - BARVE
English language
44 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Standard
ISO 16175-1:2020 - Information and documentation -- Processes and functional requirements for software for managing records
English language
37 pages
sale 15% off
Preview
sale 15% off
Preview
Standard
ISO 16175-1:2020 - Information et documentation -- Processus et exigences fonctionnelles applicables aux logiciels de gestion des documents d'activité
French language
40 pages
sale 15% off
Preview
sale 15% off
Preview
Draft
ISO/DIS 16175-1:2019 - BARVE
English language
40 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST ISO 16175-1:2021
01-februar-2021
Nadomešča:
SIST ISO 16175-1:2013
Informatika in dokumentacija - Procesi in funkcionalne zahteve za načrtovanje
programske opreme za upravljanje zapisov - 1. del: Funkcionalne zahteve in
navodilo za aplikacije, ki upravljajo digitalne zapise
Information and documentation - Processes and functional requirements for software for
managing records - Part 1: Functional requirements and associated guidance for any
applications that manage digital records
Information et documentation -- Principes et exigences fonctionnelles pour les
enregistrements dans les environnements électroniques de bureau -- Partie 1: Aperçu et
déclaration de principes
Ta slovenski standard je istoveten z: ISO 16175-1:2020
ICS:
01.140.20 Informacijske vede Information sciences
35.080 Programska oprema Software
SIST ISO 16175-1:2021 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST ISO 16175-1:2021

---------------------- Page: 2 ----------------------
SIST ISO 16175-1:2021
INTERNATIONAL ISO
STANDARD 16175-1
Second edition
2020-07
Information and documentation —
Processes and functional
requirements for software for
managing records —
Part 1:
Functional requirements and
associated guidance for any
applications that manage digital
records
Information et documentation — Processus et exigences
fonctionnelles applicables aux logiciels de gestion des documents
d'activité —
Partie 1: Exigences fonctionnelles et recommandations associées pour
toute application de gestion de documents d’activité numériques
Reference number
ISO 16175-1:2020(E)
©
ISO 2020

---------------------- Page: 3 ----------------------
SIST ISO 16175-1:2021
ISO 16175-1:2020(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2020
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2020 – All rights reserved

---------------------- Page: 4 ----------------------
SIST ISO 16175-1:2021
ISO 16175-1:2020(E)

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Key outcome areas and configuration options . 2
4.1 Key outcome areas . 2
4.2 Key outcome areas in detail . 2
4.2.1 Records capture and classification . 2
4.2.2 Records retention and disposition . 3
4.2.3 Records integrity and maintenance . 3
4.2.4 Records discovery, use and sharing . 3
4.3 Possible configuration options for managing records created in business applications . 3
5 High-level requirements for software managing digital records .4
5.1 General . 4
5.2 Assumptions . 5
5.3 General overview of requirements . 5
6 Model functional requirements for applications that manage digital records .6
6.1 Requirements groupings . 6
6.2 Obligation levels and extensibility of requirements . 7
6.3 Requirements in detail . 7
7 Understanding the model functional requirements .12
7.1 General .12
7.2 Addressing records requirements in business applications .13
7.2.1 General.13
7.2.2 Importance of records metadata .14
7.2.3 Archiving .14
7.3 Records characteristics that should be enabled by business applications .14
7.3.1 General.14
7.3.2 Authenticity .15
7.3.3 Reliability .15
7.3.4 Integrity .15
7.3.5 Usability .15
7.4 Characteristics of business applications that manage records .15
7.4.1 General.15
7.4.2 Secure .15
7.4.3 Compliant .15
7.4.4 Comprehensive .15
7.4.5 Systematic .15
7.5 Records entities and relationships .16
7.5.1 Entity relationship models .16
7.5.2 Business classification scheme .16
7.5.3 Aggregations of digital records .17
7.5.4 Digital records .17
7.5.5 Extracts .17
7.5.6 Components .18
8 Using the model functional requirements .18
8.1 General .18
8.2 Determining needs for evidence of events, transactions and decisions in business
applications (identifying the needs for records) .18
8.2.1 General.18
© ISO 2020 – All rights reserved iii

---------------------- Page: 5 ----------------------
SIST ISO 16175-1:2021
ISO 16175-1:2020(E)

8.2.2 Step 1: Identifying requirements for evidence of the business using
functional analysis .19
8.2.3 Step 2: Analysing the work process .20
8.2.4 Step 3: Identify the information that records the required evidence .20
8.2.5 Step 4: Identify linkages and dependencies .23
8.2.6 Step 5: Reflect requirements for evidence of business in functional
requirements for software and determine implementation options .24
8.3 Functional requirements conformity assessment .24
8.3.1 General.24
8.3.2 Undertaking the conformity assessment process .24
8.4 Risk assessment .25
8.5 Determining functional requirements for managing records in an application
design specification .26
8.5.1 General.26
8.5.2 Step 1 — Assess the functional requirements . .26
8.5.3 Step 2 — Check appropriateness of the requirements .27
8.5.4 Step 3 — Check appropriateness of the obligation levels .27
8.5.5 Step 4 — Identify gaps in the functional requirements .27
8.6 Assessing options for deploying functionality in one or more software applications .27
Annex A (informative) Example template for functional requirements.32
Annex B (informative) Mapping of records principles to model functional requirements .36
Bibliography .37
iv © ISO 2020 – All rights reserved

---------------------- Page: 6 ----------------------
SIST ISO 16175-1:2021
ISO 16175-1:2020(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www .iso .org/ iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 46, Information and documentation
Subcommittee SC 11, Archives/records management.
This second edition cancels and replaces the first edition (ISO 16175-1:2010), which has been technically
revised. The main changes compared to the previous edition are as follows.
— The distinction between dedicated records management applications and business applications has
been dispensed with. As a result, a single set of functional requirements and associated guidance is
provided in a single document that addresses both kinds of software applications.
— The number of functional requirements has been greatly reduced and simplified in order to help
users focus on the most important areas of software functionality.
— Text has been updated, clarified and simplified, with the use of records jargon eliminated where
possible and explained when necessary in acknowledgement of the primary audience for the
standard being IT professionals. More diagrams have been added.
A list of all parts in the ISO 16175 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO 2020 – All rights reserved v

---------------------- Page: 7 ----------------------
SIST ISO 16175-1:2021
ISO 16175-1:2020(E)

Introduction
0.1  Case for management of records
Good management of records and information is fundamental to a well-functioning organization. It
supports business functions and processes and provides a basis for efficient service delivery. It also
provides the mechanism for organizations to retain evidence of their decisions and actions for future
reference and to support business continuity. Good records practice is simply good business practice.
Managing records facilitates:
a) efficiency, by making information readily available when needed for decision-making and
operational purposes and to support information reuse and innovation;
b) sound use of financial resources, by allowing timely disposition of non-current records;
c) accountability, by enabling the creation of complete and authoritative records of business functions
and processes;
d) compliance, by demonstrating that legal requirements have been met; and
e) risk mitigation, by managing the risks associated with unlawful loss or destruction of records and
with over-retention of records, and risks resulting from inappropriate or unauthorized access to
records.
In most organizations today, business is transacted and enabled by a variety of software applications.
If organizations are to capture and manage reliable records of their business functions and processes,
it is vital that their line-of-business applications incorporate good records functionality as part of their
design. Making, keeping and disposing of records should be an organic and natural part of business
processes.
0.2  Purpose of this document
This document provides model, high-level functional requirements, with associated explanatory
information and usage guidance, for any software applications that are intended to manage digital
1)
records. ISO/TS 16175-2:— provides guidance on how to select/design, implement and maintain
software for managing records within organizations.
For the purpose of presenting model functional requirements, this document makes no distinction
between software applications that are used for any business purpose and those applications
specifically intended and designed to manage records. Examples of the former include Enterprise
Content Management Systems and applications which create records as one part of their functionality
such as Contracts Management Systems, Case Management Systems or transactional systems. The
term used throughout is therefore “Business application”, which is intended to encapsulate the totality
of applications that manage records as part of their usual functioning. It is assumed that almost all
business applications will generate data that is needed to serve as evidence of business functions
and processes for future reference and as such will, among other things, need to create, store and
manage records. The purpose of this document is to assist the developers and implementers of those
applications to identify and deploy functional requirements that helps ensure that the data generated
and held in such applications can serve as adequate records of business functions and processes.
In addition to providing model high-level functional records requirements in business applications, this
document provides guidance on identifying and addressing the needs for records. It aims to:
a) help organizations understand requirements for managing digital records as they relate to
software applications used by organizations;
b) assist IT and business specialists to include records considerations in applications design and/or
procurement; and
1) Under development. Stage at the time of publication: ISO/DTS 16175-2:2020.
vi © ISO 2020 – All rights reserved

---------------------- Page: 8 ----------------------
SIST ISO 16175-1:2021
ISO 16175-1:2020(E)

c) assess the capabilities of existing business applications to manage records, including helping to
identify gaps or areas of risk in the current functionality of those applications.
This document is part of a suite of records system implementation guidance that supports the core
international records management standard, ISO 15489-1, where utility and characteristics of records
systems are explained.
0.3  Audience
The primary audience for this document are professionals responsible for designing, developing,
procuring, reviewing and/or implementing software applications, such as business analysts,
applications developers, solution architects and IT procurement decision-makers. The audience also
includes records professionals who are involved in advising or assisting in such processes.
Role Purpose
Solution architects/ Ensure IT applications infrastructure supports the records requirements.
designers
Records professionals Advising and assisting the business in defining records requirements.
IT procurement deci- Ensure procurement processes meet these requirements.
sion-makers
Applications developers Build applications and support information systems testers during functional
specification development and test phase. Includes software vendors and devel-
opers who wish to incorporate records functionality within their products, both
commercial or open source.
Business analysts Develop technical specifications; initiate/collate feedback and walkthrough. Submit
specification for sign-off and pass over to developer. Update any changes to specifi-
cation after sign-off (e.g. changes that are agreed during test phase), if required.
Applications testers Develop test plans, test conditions/cases and execute tests. Analyse test results,
log any failures and retest once immutability has been applied and built to test
environment.
Business owners For solution-specific requirements. Review and confirm application requirements
that meet business objectives. Provide the business rules/processes/requirements to
the business analyst during the software specification development and test phases.
Given the target audience for this document, the use of terminology that is specific to records
professionals has been minimised as far as possible. Where the use of such terminology is unavoidable,
it is explained and/or defined (in Clause 3).
© ISO 2020 – All rights reserved vii

---------------------- Page: 9 ----------------------
SIST ISO 16175-1:2021

---------------------- Page: 10 ----------------------
SIST ISO 16175-1:2021
INTERNATIONAL STANDARD ISO 16175-1:2020(E)
Information and documentation — Processes and
functional requirements for software for managing
records —
Part 1:
Functional requirements and associated guidance for any
applications that manage digital records
1 Scope
This document provides model, high-level functional requirements and associated guidance for
software applications that are intended to manage digital records (including digital copies of analogue
source records), either as the main purpose of the application or as a part of an application that is
primarily intended to enable other business functions and processes.
It does not include:
— functional requirements for applications that manage analogue records;
— generic design requirements such as reporting, application administration and performance;
— requirements for the long-term preservation of digital records in a dedicated preservation
environment;
NOTE The model requirements are intended to encourage the deployment of applications that do not
hinder long-term preservation of records. As such, some of the requirements support long-term digital
preservation outcomes.
— implementation guidance for applications that manages analogue and/or digital records. Such
2)
guidance can be found in ISO/TS 16175-2:— .
2 Normative references
The following document is referred to in the text in such a way that some or all of its content constitutes
requirements of this document. For undated references, the latest edition of the referenced document
(including any amendments) applies.
ISO 30300, Information and documentation — Records management — Core concepts and vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 30300 apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org
2) Under development. Stage at the time of publication: ISO/DTS 16175-2:2020.
© ISO 2020 – All rights reserved 1

---------------------- Page: 11 ----------------------
SIST ISO 16175-1:2021
ISO 16175-1:2020(E)

4 Key outcome areas and configuration options
4.1 Key outcome areas
The functional requirements in this document focus on the outcomes required to ensure records are
managed appropriately. How to achieve the outcomes will depend on the type of application being used.
See Figure 1.
Figure 1 — Key outcome areas
4.2 Key outcome areas in detail
4.2.1 Records capture and classification
Software applications that enable business activities or transactions should be able to capture and/or
import/ingest evidence of those activities. This involves identifying sets of digital information to serve
as records. Records shall be linked to their business context using metadata.
2 © ISO 2020 – All rights reserved

---------------------- Page: 12 ----------------------
SIST ISO 16175-1:2021
ISO 16175-1:2020(E)

4.2.2 Records retention and disposition
Records shall be kept and remain accessible to authorized agents for as long as required for legislative,
community and business needs. In conformance with authorized disposition authorities, records
should be retained and disposed of in a managed, systematic and auditable way.
4.2.3 Records integrity and maintenance
Business applications should be able to register any interactions with or changes to the records.
Metadata recording these interactions and changes should include the name of the responsible agent, a
timestamp and details of any changes. The metadata should be persistently linked to the records for as
long as they exist.
4.2.4 Records discovery, use and sharing
Business applications should enable searching, retrieval, rendering, use, sharing and redaction of
records for authorized agents. They should also support interoperability across platforms and domains
and over time.
NOTE See 7.5.5 for a discussion on redaction of records.
4.3 Possible configuration options for managing records created in business
applications
It is not necessary for all the functional requirements presented in this document to be met by a single
software application. It may be more cost effective for the requirements to be satisfied by multiple
software applications that collectively work together within an organization, or across multiple
organizations, to enable the conduct of business. Guidance on these issues can be found in Figure 2 and
in 7.5. In addition, some requirements could be satisfied outside applications through processes and
procedures.
Before using the functional requirements, organizations should consider how to meet these
requirements: through internal mechanisms within a business application itself, or by interacting
with external software applications that are capable of providing the necessary records management
functionality.
The mandatory functional requirements in this document outline the core records processes that shall
be addressed. Options to implement these requirements may include:
a) designing the business application to internally perform the records p
...

INTERNATIONAL ISO
STANDARD 16175-1
Second edition
2020-07
Information and documentation —
Processes and functional
requirements for software for
managing records —
Part 1:
Functional requirements and
associated guidance for any
applications that manage digital
records
Information et documentation — Processus et exigences
fonctionnelles applicables aux logiciels de gestion des documents
d'activité —
Partie 1: Exigences fonctionnelles et recommandations associées pour
toute application de gestion de documents d’activité numériques
Reference number
ISO 16175-1:2020(E)
©
ISO 2020

---------------------- Page: 1 ----------------------
ISO 16175-1:2020(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2020
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2020 – All rights reserved

---------------------- Page: 2 ----------------------
ISO 16175-1:2020(E)

Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Key outcome areas and configuration options . 2
4.1 Key outcome areas . 2
4.2 Key outcome areas in detail . 2
4.2.1 Records capture and classification . 2
4.2.2 Records retention and disposition . 3
4.2.3 Records integrity and maintenance . 3
4.2.4 Records discovery, use and sharing . 3
4.3 Possible configuration options for managing records created in business applications . 3
5 High-level requirements for software managing digital records .4
5.1 General . 4
5.2 Assumptions . 5
5.3 General overview of requirements . 5
6 Model functional requirements for applications that manage digital records .6
6.1 Requirements groupings . 6
6.2 Obligation levels and extensibility of requirements . 7
6.3 Requirements in detail . 7
7 Understanding the model functional requirements .12
7.1 General .12
7.2 Addressing records requirements in business applications .13
7.2.1 General.13
7.2.2 Importance of records metadata .14
7.2.3 Archiving .14
7.3 Records characteristics that should be enabled by business applications .14
7.3.1 General.14
7.3.2 Authenticity .15
7.3.3 Reliability .15
7.3.4 Integrity .15
7.3.5 Usability .15
7.4 Characteristics of business applications that manage records .15
7.4.1 General.15
7.4.2 Secure .15
7.4.3 Compliant .15
7.4.4 Comprehensive .15
7.4.5 Systematic .15
7.5 Records entities and relationships .16
7.5.1 Entity relationship models .16
7.5.2 Business classification scheme .16
7.5.3 Aggregations of digital records .17
7.5.4 Digital records .17
7.5.5 Extracts .17
7.5.6 Components .18
8 Using the model functional requirements .18
8.1 General .18
8.2 Determining needs for evidence of events, transactions and decisions in business
applications (identifying the needs for records) .18
8.2.1 General.18
© ISO 2020 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO 16175-1:2020(E)

8.2.2 Step 1: Identifying requirements for evidence of the business using
functional analysis .19
8.2.3 Step 2: Analysing the work process .20
8.2.4 Step 3: Identify the information that records the required evidence .20
8.2.5 Step 4: Identify linkages and dependencies .23
8.2.6 Step 5: Reflect requirements for evidence of business in functional
requirements for software and determine implementation options .24
8.3 Functional requirements conformity assessment .24
8.3.1 General.24
8.3.2 Undertaking the conformity assessment process .24
8.4 Risk assessment .25
8.5 Determining functional requirements for managing records in an application
design specification .26
8.5.1 General.26
8.5.2 Step 1 — Assess the functional requirements . .26
8.5.3 Step 2 — Check appropriateness of the requirements .27
8.5.4 Step 3 — Check appropriateness of the obligation levels .27
8.5.5 Step 4 — Identify gaps in the functional requirements .27
8.6 Assessing options for deploying functionality in one or more software applications .27
Annex A (informative) Example template for functional requirements.32
Annex B (informative) Mapping of records principles to model functional requirements .36
Bibliography .37
iv © ISO 2020 – All rights reserved

---------------------- Page: 4 ----------------------
ISO 16175-1:2020(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www .iso .org/ iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 46, Information and documentation
Subcommittee SC 11, Archives/records management.
This second edition cancels and replaces the first edition (ISO 16175-1:2010), which has been technically
revised. The main changes compared to the previous edition are as follows.
— The distinction between dedicated records management applications and business applications has
been dispensed with. As a result, a single set of functional requirements and associated guidance is
provided in a single document that addresses both kinds of software applications.
— The number of functional requirements has been greatly reduced and simplified in order to help
users focus on the most important areas of software functionality.
— Text has been updated, clarified and simplified, with the use of records jargon eliminated where
possible and explained when necessary in acknowledgement of the primary audience for the
standard being IT professionals. More diagrams have been added.
A list of all parts in the ISO 16175 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO 2020 – All rights reserved v

---------------------- Page: 5 ----------------------
ISO 16175-1:2020(E)

Introduction
0.1  Case for management of records
Good management of records and information is fundamental to a well-functioning organization. It
supports business functions and processes and provides a basis for efficient service delivery. It also
provides the mechanism for organizations to retain evidence of their decisions and actions for future
reference and to support business continuity. Good records practice is simply good business practice.
Managing records facilitates:
a) efficiency, by making information readily available when needed for decision-making and
operational purposes and to support information reuse and innovation;
b) sound use of financial resources, by allowing timely disposition of non-current records;
c) accountability, by enabling the creation of complete and authoritative records of business functions
and processes;
d) compliance, by demonstrating that legal requirements have been met; and
e) risk mitigation, by managing the risks associated with unlawful loss or destruction of records and
with over-retention of records, and risks resulting from inappropriate or unauthorized access to
records.
In most organizations today, business is transacted and enabled by a variety of software applications.
If organizations are to capture and manage reliable records of their business functions and processes,
it is vital that their line-of-business applications incorporate good records functionality as part of their
design. Making, keeping and disposing of records should be an organic and natural part of business
processes.
0.2  Purpose of this document
This document provides model, high-level functional requirements, with associated explanatory
information and usage guidance, for any software applications that are intended to manage digital
1)
records. ISO/TS 16175-2:— provides guidance on how to select/design, implement and maintain
software for managing records within organizations.
For the purpose of presenting model functional requirements, this document makes no distinction
between software applications that are used for any business purpose and those applications
specifically intended and designed to manage records. Examples of the former include Enterprise
Content Management Systems and applications which create records as one part of their functionality
such as Contracts Management Systems, Case Management Systems or transactional systems. The
term used throughout is therefore “Business application”, which is intended to encapsulate the totality
of applications that manage records as part of their usual functioning. It is assumed that almost all
business applications will generate data that is needed to serve as evidence of business functions
and processes for future reference and as such will, among other things, need to create, store and
manage records. The purpose of this document is to assist the developers and implementers of those
applications to identify and deploy functional requirements that helps ensure that the data generated
and held in such applications can serve as adequate records of business functions and processes.
In addition to providing model high-level functional records requirements in business applications, this
document provides guidance on identifying and addressing the needs for records. It aims to:
a) help organizations understand requirements for managing digital records as they relate to
software applications used by organizations;
b) assist IT and business specialists to include records considerations in applications design and/or
procurement; and
1) Under development. Stage at the time of publication: ISO/DTS 16175-2:2020.
vi © ISO 2020 – All rights reserved

---------------------- Page: 6 ----------------------
ISO 16175-1:2020(E)

c) assess the capabilities of existing business applications to manage records, including helping to
identify gaps or areas of risk in the current functionality of those applications.
This document is part of a suite of records system implementation guidance that supports the core
international records management standard, ISO 15489-1, where utility and characteristics of records
systems are explained.
0.3  Audience
The primary audience for this document are professionals responsible for designing, developing,
procuring, reviewing and/or implementing software applications, such as business analysts,
applications developers, solution architects and IT procurement decision-makers. The audience also
includes records professionals who are involved in advising or assisting in such processes.
Role Purpose
Solution architects/ Ensure IT applications infrastructure supports the records requirements.
designers
Records professionals Advising and assisting the business in defining records requirements.
IT procurement deci- Ensure procurement processes meet these requirements.
sion-makers
Applications developers Build applications and support information systems testers during functional
specification development and test phase. Includes software vendors and devel-
opers who wish to incorporate records functionality within their products, both
commercial or open source.
Business analysts Develop technical specifications; initiate/collate feedback and walkthrough. Submit
specification for sign-off and pass over to developer. Update any changes to specifi-
cation after sign-off (e.g. changes that are agreed during test phase), if required.
Applications testers Develop test plans, test conditions/cases and execute tests. Analyse test results,
log any failures and retest once immutability has been applied and built to test
environment.
Business owners For solution-specific requirements. Review and confirm application requirements
that meet business objectives. Provide the business rules/processes/requirements to
the business analyst during the software specification development and test phases.
Given the target audience for this document, the use of terminology that is specific to records
professionals has been minimised as far as possible. Where the use of such terminology is unavoidable,
it is explained and/or defined (in Clause 3).
© ISO 2020 – All rights reserved vii

---------------------- Page: 7 ----------------------
INTERNATIONAL STANDARD ISO 16175-1:2020(E)
Information and documentation — Processes and
functional requirements for software for managing
records —
Part 1:
Functional requirements and associated guidance for any
applications that manage digital records
1 Scope
This document provides model, high-level functional requirements and associated guidance for
software applications that are intended to manage digital records (including digital copies of analogue
source records), either as the main purpose of the application or as a part of an application that is
primarily intended to enable other business functions and processes.
It does not include:
— functional requirements for applications that manage analogue records;
— generic design requirements such as reporting, application administration and performance;
— requirements for the long-term preservation of digital records in a dedicated preservation
environment;
NOTE The model requirements are intended to encourage the deployment of applications that do not
hinder long-term preservation of records. As such, some of the requirements support long-term digital
preservation outcomes.
— implementation guidance for applications that manages analogue and/or digital records. Such
2)
guidance can be found in ISO/TS 16175-2:— .
2 Normative references
The following document is referred to in the text in such a way that some or all of its content constitutes
requirements of this document. For undated references, the latest edition of the referenced document
(including any amendments) applies.
ISO 30300, Information and documentation — Records management — Core concepts and vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 30300 apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org
2) Under development. Stage at the time of publication: ISO/DTS 16175-2:2020.
© ISO 2020 – All rights reserved 1

---------------------- Page: 8 ----------------------
ISO 16175-1:2020(E)

4 Key outcome areas and configuration options
4.1 Key outcome areas
The functional requirements in this document focus on the outcomes required to ensure records are
managed appropriately. How to achieve the outcomes will depend on the type of application being used.
See Figure 1.
Figure 1 — Key outcome areas
4.2 Key outcome areas in detail
4.2.1 Records capture and classification
Software applications that enable business activities or transactions should be able to capture and/or
import/ingest evidence of those activities. This involves identifying sets of digital information to serve
as records. Records shall be linked to their business context using metadata.
2 © ISO 2020 – All rights reserved

---------------------- Page: 9 ----------------------
ISO 16175-1:2020(E)

4.2.2 Records retention and disposition
Records shall be kept and remain accessible to authorized agents for as long as required for legislative,
community and business needs. In conformance with authorized disposition authorities, records
should be retained and disposed of in a managed, systematic and auditable way.
4.2.3 Records integrity and maintenance
Business applications should be able to register any interactions with or changes to the records.
Metadata recording these interactions and changes should include the name of the responsible agent, a
timestamp and details of any changes. The metadata should be persistently linked to the records for as
long as they exist.
4.2.4 Records discovery, use and sharing
Business applications should enable searching, retrieval, rendering, use, sharing and redaction of
records for authorized agents. They should also support interoperability across platforms and domains
and over time.
NOTE See 7.5.5 for a discussion on redaction of records.
4.3 Possible configuration options for managing records created in business
applications
It is not necessary for all the functional requirements presented in this document to be met by a single
software application. It may be more cost effective for the requirements to be satisfied by multiple
software applications that collectively work together within an organization, or across multiple
organizations, to enable the conduct of business. Guidance on these issues can be found in Figure 2 and
in 7.5. In addition, some requirements could be satisfied outside applications through processes and
procedures.
Before using the functional requirements, organizations should consider how to meet these
requirements: through internal mechanisms within a business application itself, or by interacting
with external software applications that are capable of providing the necessary records management
functionality.
The mandatory functional requirements in this document outline the core records processes that shall
be addressed. Options to implement these requirements may include:
a) designing the business application to internally perform the records processes, or to do so in
combination with associated work processes;
b) integrating with a dedicated records management application, such as an electronic records
management system (ERMS); or
c) designing export functionality into the business application to directly export records and their
associated metadata to an identified records management application.
© ISO 2020 – All rights reserved 3

---------------------- Page: 10 ----------------------
ISO 16175-1:2020(E)

Figure 2 — Possible configuration options for managing records created in business
applications
For more detail, see 8.6.
5 High-level requirements for software managing digital records
5.1 General
Organizations make decisions on what type of software for managing records should support
particular business processes, business units or the organization as a whole and consider the risks
that are linked to business processes when making such decisions. The scope of software for managing
records will be affected by the social and regulatory framework within which an organization operates,
by the organizational readiness or maturity around records reflected in its policies and allocation of
responsibilities, and by the technologies that are appropriate for organizational use.
Organizations that already rely on digital records to conduct and document business, or that are
interested in eliminating paper records from their operations,
...

NORME ISO
INTERNATIONALE 16175-1
Deuxième édition
2020-07
Information et documentation —
Processus et exigences fonctionnelles
applicables aux logiciels de gestion
des documents d'activité —
Partie 1:
Exigences fonctionnelles et
recommandations associées pour
toute application de gestion de
documents d’activité numériques
Information and documentation — Processes and functional
requirements for software for managing records —
Part 1: Functional requirements and associated guidance for any
applications that manage digital records
Numéro de référence
ISO 16175-1:2020(F)
©
ISO 2020

---------------------- Page: 1 ----------------------
ISO 16175-1:2020(F)

DOCUMENT PROTÉGÉ PAR COPYRIGHT
© ISO 2020
Tous droits réservés. Sauf prescription différente ou nécessité dans le contexte de sa mise en œuvre, aucune partie de cette
publication ne peut être reproduite ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique,
y compris la photocopie, ou la diffusion sur l’internet ou sur un intranet, sans autorisation écrite préalable. Une autorisation peut
être demandée à l’ISO à l’adresse ci-après ou au comité membre de l’ISO dans le pays du demandeur.
ISO copyright office
Case postale 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Genève
Tél.: +41 22 749 01 11
E-mail: copyright@iso.org
Web: www.iso.org
Publié en Suisse
ii © ISO 2020 – Tous droits réservés

---------------------- Page: 2 ----------------------
ISO 16175-1:2020(F)

Sommaire Page
Avant-propos .v
Introduction .vi
1 Domaine d'application . 1
2 Références normatives . 1
3 Termes et définitions . 1
4 Principaux domaines de résultat et options de configuration . 2
4.1 Principaux domaines de résultat. 2
4.2 Principaux domaines de résultat en détail . 3
4.2.1 Capture et classement des documents d'activité . 3
4.2.2 Conservation et sort final des documents. 3
4.2.3 Intégrité et tenue à jour des documents d'activité . 3
4.2.4 Recherche, utilisation et partage des documents d'activité . 3
4.3 Options de configuration possibles pour gérer des documents d'activité créés dans
des applications métier . 3
5 Exigences générales applicables aux logiciels gérant des documents d'activité
numériques . 4
5.1 Généralités . 4
5.2 Hypothèses . 5
5.3 Présentation générale des exigences . 5
6 Exigences fonctionnelles modélisées pour les applications gérant des documents
d'activité numériques . 7
6.1 Regroupement des exigences . 7
6.2 Niveaux d'obligation et extensibilité des exigences . 8
6.3 Présentation des exigences en détail . 8
7 Compréhension des exigences fonctionnelles modélisées .14
7.1 Généralités .14
7.2 Réponse aux besoins relatifs aux documents d'activité dans les applications métier .14
7.2.1 Généralités .14
7.2.2 Importance des métadonnées de documents d'activité .16
7.2.3 Archivage .16
7.3 Caractéristiques de documents qu'il convient d'intégrer dans les applications métier.16
7.3.1 Généralités .16
7.3.2 Authenticité .16
7.3.3 Fiabilité .16
7.3.4 Intégrité .16
7.3.5 Aptitude à l'utilisation.17
7.4 Caractéristiques des applications métier qui gèrent des documents d'activité .17
7.4.1 Généralités .17
7.4.2 Sécurité .17
7.4.3 Conformité.17
7.4.4 Exhaustivité .17
7.4.5 Caractère systématique .17
7.5 Entités et relations en matière de gestion des documents d'activité.17
7.5.1 Modèles de relation entre entités . .17
7.5.2 Plan de classement fonctionnel.18
7.5.3 Regroupements de documents d'activité numériques .19
7.5.4 Documents d'activité numériques .19
7.5.5 Extraits .19
7.5.6 Composantes .20
8 Utilisation des exigences fonctionnelles modélisées .20
8.1 Généralités .20
© ISO 2020 – Tous droits réservés iii

---------------------- Page: 3 ----------------------
ISO 16175-1:2020(F)

8.2 Détermination des besoins d'éléments de preuve pour les événements,
les transactions et les décisions dans les applications métier (identification
des besoins de documents d'activité) .20
8.2.1 Généralités .20
8.2.2 Étape 1: identifier les exigences relatives à la justification probante de
l'activité à l'aide d'une analyse fonctionnelle .21
8.2.3 Étape 2: analyser le processus de travail .22
8.2.4 Étape 3: identifier les informations qui consignent l'élément de preuve
demandé . .22
8.2.5 Étape 4: identifier les liaisons et les dépendances .25
8.2.6 Étape 5: refléter les exigences de preuve de l'activité dans les exigences
fonctionnelles applicables aux logiciels et déterminer les options de mise
en œuvre .26
8.3 Évaluation de la conformité aux exigences fonctionnelles .26
8.3.1 Généralités .26
8.3.2 Conduite du processus d'évaluation de la conformité .26
8.4 Évaluation des risques.28
8.5 Détermination des exigences fonctionnelles applicables pour gérer des documents
d'activité dans une spécification de conception d'application .29
8.5.1 Généralités .29
8.5.2 Étape 1 — Évaluer les exigences fonctionnelles .29
8.5.3 Étape 2 — Vérifier le caractère adéquat des exigences .29
8.5.4 Étape 3 — Vérifier le caractère adéquat des niveaux d'obligation .29
8.5.5 Étape 4 — Identifier les écarts au niveau des exigences fonctionnelles .30
8.6 Évaluation des options de déploiement de fonctionnalités dans une ou plusieurs
applications logicielles .30
Annexe A (informative) Exemple de modèle d'exigences fonctionnelles .35
Annexe B (informative) Mise en correspondance des principes documentaires avec
les exigences fonctionnelles modélisées .39
Bibliographie .40
iv © ISO 2020 – Tous droits réservés

---------------------- Page: 4 ----------------------
ISO 16175-1:2020(F)

Avant-propos
L'ISO (Organisation internationale de normalisation) est une fédération mondiale d'organismes
nationaux de normalisation (comités membres de l'ISO). L'élaboration des Normes internationales est
en général confiée aux comités techniques de l'ISO. Chaque comité membre intéressé par une étude
a le droit de faire partie du comité technique créé à cet effet. Les organisations internationales,
gouvernementales et non gouvernementales, en liaison avec l'ISO participent également aux travaux.
L'ISO collabore étroitement avec la Commission électrotechnique internationale (IEC) en ce qui
concerne la normalisation électrotechnique.
Les procédures utilisées pour élaborer le présent document et celles destinées à sa mise à jour sont
décrites dans les Directives ISO/IEC, Partie 1. Il convient, en particulier de prendre note des différents
critères d'approbation requis pour les différents types de documents ISO. Le présent document a été
rédigé conformément aux règles de rédaction données dans les Directives ISO/IEC, Partie 2 (voir www
.iso .org/ directives).
L'attention est attirée sur le fait que certains des éléments du présent document peuvent faire l'objet de
droits de propriété intellectuelle ou de droits analogues. L'ISO ne saurait être tenue pour responsable
de ne pas avoir identifié de tels droits de propriété et averti de leur existence. Les détails concernant
les références aux droits de propriété intellectuelle ou autres droits analogues identifiés lors de
l'élaboration du document sont indiqués dans l'Introduction et/ou dans la liste des déclarations de
brevets reçues par l'ISO (voir www .iso .org/ brevets).
Les appellations commerciales éventuellement mentionnées dans le présent document sont données
pour information, par souci de commodité à l'intention des utilisateurs et ne sauraient constituer un
engagement.
Pour une explication de la nature volontaire des normes, la signification des termes et expressions
spécifiques de l'ISO liés à l'évaluation de la conformité, ou pour toute information au sujet de l'adhésion
de l'ISO aux principes de l’Organisation mondiale du commerce (OMC) concernant les obstacles
techniques au commerce (OTC), voir www .iso .org/ avant -propos.
Le présent document a été élaboré par le comité technique ISO/TC 46, Information et documentation,
sous-comité SC 11, Archives/Gestion des documents d'activité.
Cette deuxième édition annule et remplace la première édition (ISO 16175-1:2010), qui a fait l'objet d'une
révision technique. Les principales modifications par rapport à l'édition précédente sont les suivantes:
— la distinction entre applications dédiées à la gestion des documents d'activité et applications métier
a été supprimée. Par conséquent, l'ensemble des exigences fonctionnelles et des recommandations
associées sont regroupées dans un même document qui couvre les deux types d'applications
logicielles;
— le nombre d'exigences fonctionnelles a été considérablement réduit et simplifié afin de permettre
aux utilisateurs de se concentrer sur les aspects les plus importants des fonctionnalités logicielles;
— le texte a été mis à jour, clarifié et simplifié, et l'utilisation du jargon propre aux documents d'activité
a été supprimée autant que possible et explicitée, étant entendu que la présente norme s'adresse
principalement à des professionnels des technologies de l'information. Des schémas supplémentaires
ont été ajoutés.
Une liste de toutes les parties de la série ISO 16175 se trouve sur le site web de l'ISO.
Il convient que l'utilisateur adresse tout retour d'information ou toute question concernant le présent
document à l'organisme national de normalisation de son pays. Une liste exhaustive desdits organismes
se trouve à l'adresse www .iso .org/ fr/ members .html.
© ISO 2020 – Tous droits réservés v

---------------------- Page: 5 ----------------------
ISO 16175-1:2020(F)

Introduction
0.1 Justification d'une gestion des documents d'activité
Une bonne gestion des documents d'activité et de l'information est essentielle au bon fonctionnement d'un
organisme. Elle soutient les fonctions et processus métier et établit la base d'une fourniture de services
efficace. Elle fournit également un mécanisme permettant aux organismes de conserver la preuve de
leurs décisions et de leurs actions afin de s'y référer ultérieurement, et de soutenir la continuité de leurs
activités. Une bonne pratique documentaire relève simplement d'une bonne pratique métier.
La gestion des documents d'activité facilite:
a) l'efficacité, en favorisant une mise à disposition rapide des informations lorsqu'elles sont
nécessaires à la prise de décision et à des fins opérationnelles, en vue de permettre une réutilisation
des informations et d'encourager l'innovation;
b) une utilisation appropriée des ressources financières, en permettant l'élimination des documents
d'activité obsolètes au moment opportun;
c) le sens des responsabilités, en permettant la création de documents d'activité complets et faisant
autorité en ce qui concerne les fonctions et processus métier;
d) la mise en conformité, en apportant la preuve que les exigences légales ont été respectées; et
e) la réduction des risques, en gérant les risques associés à une perte ou une destruction illicite des
documents d'activité, et avec une rétention excessive des dossiers, et les risques résultant qu'à un
accès inapproprié ou non autorisé à des documents d'activité.
Dans la plupart des organismes aujourd'hui, les transactions entre activités impliquent le recours à
une grande diversité d'applications logicielles. Pour que les organismes soient en mesure de compiler
et gérer des documents fiables retraçant leurs fonctions et processus métier, il est essentiel que leurs
applications métier intègrent, par conception, de solides fonctionnalités de gestion documentaire.
Il convient que la création, la conservation et d'établissement du sort final des documents d'activité
fassent partie intégrante des processus métier.
0.2  Objet du présent document
Le présent document établit des exigences fonctionnelles modélisées d'ordre général, accompagnées
des informations explicatives et des recommandations d'usage associées, concernant toute application
1)
logicielle conçue pour la gestion de documents d'activité numériques. L'ISO/TS 16175-2:— fournit des
recommandations concernant le choix/la conception, la mise en œuvre et la maintenance des logiciels
gérant des documents d'activité au sein des organismes.
Afin de présenter les exigences fonctionnelles modélisées, le présent document n'établit aucune
distinction entre les applications logicielles utilisées pour répondre à tout objectif organisationnel
et les applications qui sont spécifiquement destinées et conçues pour gérer des documents d'activité.
Les premières englobent, par exemple, les systèmes et applications de gestion de contenu d'entreprise
qui, entre autres fonctionnalités, permettent la création de documents d'activité, tels que les systèmes
de gestion de contrats, les systèmes de gestion de dossiers ou les systèmes transactionnels. Le terme
«application métier» est donc ici employé, afin de couvrir la totalité des applications qui gèrent des
documents d'activité dans le cadre de leur fonctionnement usuel. L'hypothèse retenue est que toutes
les applications métier génèreront des données servant à tracer des fonctions et processus métier à des
fins de référence ultérieure et qui, entre autres, devront créer, stocker et gérer des documents d'activité.
Le présent document vise à aider les personnes qui développent et mettent en œuvre ces applications
à identifier et déployer les exigences fonctionnelles qui contribuent à faire en sorte que les données
gérées et contenues dans de telles applications puissent servir de documents d'activité adéquats en lien
avec les fonctions et processus métier.
1) En cours d'elaboration. (Stade au moment de la publication ISO/DTR 16175-2:2020).
vi © ISO 2020 – Tous droits réservés

---------------------- Page: 6 ----------------------
ISO 16175-1:2020(F)

En plus de décrire des exigences fonctionnelles modélisées d'ordre général pour les documents d'activité
dans les applications métier, le présent document fournit des recommandations sur l'identification et la
réponse aux besoins de documents d'activité. Il vise à:
a) aider les organismes à comprendre les exigences applicables pour gérer des documents d'activité
numériques en lien avec les applications logicielles utilisées par les organismes;
b) aider les spécialistes informatiques et métier à intégrer des aspects en lien avec les documents
d'activité dans la conception et/ou l'approvisionnement d'applications; et
c) évaluer les aptitudes des applications métier existantes à gérer des documents d'activité, y compris
en facilitant l'identification des écarts ou des domaines de risque dans les fonctionnalités actuelles
desdites applications.
Le présent document fait partie d'un ensemble de recommandations de mise en œuvre d'un système
documentaire, qui vient en appui à l'ISO 15489-1, Norme internationale essentielle en matière de gestion
des documents d'activité, qui explicite l'utilité et les caractéristiques des systèmes documentaires.
0.3  Public
Le présent document s'adresse essentiellement aux professionnels responsables de la conception, du
développement, de l'approvisionnement, de l'étude et/ou de la mise en œuvre d'applications logicielles,
tels que des analystes métier, des développeurs d'applications, des architectes de solutions et des
décideurs responsables des achats de technologies de l'information. Le public inclut également les
professionnels des documents d'activité chargés de dispenser des conseils ou d'apporter une assistance
dans le cadre de ces processus.
Rôle Objectif
Architectes/concepteurs S'assurer que l'infrastructure d'applications informatiques satisfait aux exigences
de solutions en matière de documents d'activité.
Professionnels des Conseiller et accompagner l'entreprise dans la définition des exigences en matière
documents d'activité de documents d'activité.
Décideurs responsables S'assurer que les processus d'approvisionnement satisfont à ces exigences.
des achats de technologies
de l'information
Développeurs Développer des applications et assister les testeurs de systèmes d'information
d'applications au cours des phases d'élaboration de spécifications fonctionnelles et de test. Inclut
les fournisseurs et développeurs de logiciels qui souhaitent intégrer des fonction-
nalités documentaires dans leurs produits, aussi bien commerciaux que libres
(«open source»).
Analystes métier Élaborer des spécifications techniques; initier/recueillir des commentaires et
organiser des visites. Soumettre la spécification à approbation et la transmettre au
développeur. Introduire toute modification éventuelle dans la spécification après
approbation (par exemple, modifications convenues au cours de la phase de test),
si nécessaire.
Testeurs d'applications Élaborer des plans de test, des conditions/cas de test et exécuter les tests. Analyser
les résultats des tests, consigner tout échec éventuel et effectuer de nouveau des
tests une fois l'immuabilité appliquée et intégrée à l'environnement de test.
Propriétaires de processus Pour les exigences spécifiques à une solution. Vérifier et confirmer les exigences de
métier l'application qui satisfont aux objectifs métier. Communiquer les règles/processus/
exigences métier à l'analyste métier pendant les phases d'élaboration des spécifi-
cations et de test du logiciel.
Étant donné le public auquel s'adresse le présent document, l'utilisation de la terminologie
spécifiquement utilisée par les professionnels de la gestion documentaire a été réduite autant que
possible. Lorsque l'utilisation d'une telle terminologie est inévitable, elle est expliquée et/ou définie
(dans l'Article 3).
© ISO 2020 – Tous droits réservés vii

---------------------- Page: 7 ----------------------
NORME INTERNATIONALE ISO 16175-1:2020(F)
Information et documentation — Processus et exigences
fonctionnelles applicables aux logiciels de gestion des
documents d'activité —
Partie 1:
Exigences fonctionnelles et recommandations associées
pour toute application de gestion de documents d’activité
numériques
1 Domaine d'application
Le présent document fournit des exigences fonctionnelles modélisées d'ordre général ainsi que des
recommandations concernant des applications logicielles conçues pour gérer des documents d'activité
numériques (y compris des copies numériques de documents sources analogiques), soit pour des
applications remplissant essentiellement cette fonction, soit pour des applications conçues pour
soutenir d'autres fonctions et processus métier et qui intègrent cette fonctionnalité.
Il ne couvre pas:
— les exigences fonctionnelles des applications de gestion de documents analogiques;
— les exigences de conception génériques, telles que la génération de rapports, l'administration des
applications et les performances;
— les exigences relatives à la conservation à long terme des documents d'activité numériques dans un
environnement de conservation dédié;
NOTE Les exigences du modèle visent à encourager le déploiement d'applications qui ne font en aucun
cas obstacle à une conservation à long terme des documents. À cet effet, certaines exigences produisent des
résultats qui viennent à l'appui d'une conservation numérique à long terme;
— des recommandations de mise en œuvre d'applications qui gèrent des enregistrements analogiques
2)
et/ou numériques. Ces conseils peuvent être trouvés dans l'ISO/TS 16175-2:— .
2 Références normatives
Les documents suivants cités dans le texte constituent, pour tout ou partie de leur contenu, des
exigences du présent document. Pour les références non datées, la dernière édition du document de
référence s'applique (y compris les éventuels amendements).
ISO 30300, Information et documentation — Systèmes de gestion des documents d'activité — Principes
essentiels et vocabulaire
3 Termes et définitions
Pour les besoins du présent document, les termes et définitions donnés dans l'ISO 30300 s'appliquent.
2) En cours d'elaboration. (Stade au moment de la publication ISO/DTR 16175-2:2020).
© ISO 2020 – Tous droits réservés 1

---------------------- Page: 8 ----------------------
ISO 16175-1:2020(F)

L'ISO et l'IEC tiennent à jour des bases de données terminologiques destinées à être utilisées en
normalisation, consultables aux adresses suivantes:
— ISO Online browsing platform: disponible à l'adresse https:// www .iso .org/ obp
— IEC Electropedia: disponible à l'adresse http:// www .electropedia .org
4 Principaux domaines de résultat et options de configuration
4.1 Principaux domaines de résultat
Les exigences fonctionnelles du présent document se concentrent sur les résultats attendus pour
garantir une gestion adéquate des documents d'activité. La manière dont ces résultats sont obtenus
dépend du type d'application utilisé. Voir Figure 1.
Figure 1 — Principaux domaines de résultat
2 © ISO 2020 – Tous droits réservés

---------------------- Page: 9 ----------------------
ISO 16175-1:2020(F)

4.2 Principaux domaines de résultat en détail
4.2.1 Capture et classement des documents d'activité
Il convient que les applications logicielles utilisées à l'appui d'activités opérationnelles ou de
transactions soient capables de capturer et/ou importer/ingérer des preuves de ces activités. Cela
sup
...

SLOVENSKI STANDARD
oSIST ISO/DIS 16175-1:2019
01-oktober-2019
Informatika in dokumentacija - Procesi in funkcionalne zahteve za načrtovanje
programske opreme za upravljanje zapisov - 1. del: Funkcionalne zahteve in
navodilo za aplikacije, ki upravljajo digitalne zapise
Information and documentation - Processes and functional requirements for software for
managing records - Part 1: Functional requirements and associated guidance for any
applications that manage digital records
Information et documentation -- Principes et exigences fonctionnelles pour les
enregistrements dans les environnements électroniques de bureau -- Partie 1: Aperçu et
déclaration de principes
Ta slovenski standard je istoveten z: ISO/DIS 16175-1:2019
ICS:
01.140.20 Informacijske vede Information sciences
35.080 Programska oprema Software
oSIST ISO/DIS 16175-1:2019 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST ISO/DIS 16175-1:2019

---------------------- Page: 2 ----------------------
oSIST ISO/DIS 16175-1:2019
DRAFT INTERNATIONAL STANDARD
ISO/DIS 16175-1
ISO/TC 46/SC 11 Secretariat: SA
Voting begins on: Voting terminates on:
2019-01-21 2019-04-15
Information and documentation — Processes and
functional requirements for software for managing
records —
Part 1:
Functional requirements and associated guidance for any
applications that manage digital records
Information et documentation — Principes et exigences fonctionnelles pour les enregistrements dans les
environnements électroniques de bureau —
Partie 1: Aperçu et déclaration de principes
ICS: 01.140.20
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
This document is circulated as received from the committee secretariat.
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/DIS 16175-1:2019(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
©
PROVIDE SUPPORTING DOCUMENTATION. ISO 2019

---------------------- Page: 3 ----------------------
oSIST ISO/DIS 16175-1:2019
ISO/DIS 16175-1:2019(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2019
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2019 – All rights reserved

---------------------- Page: 4 ----------------------
oSIST ISO/DIS 16175-1:2019
ISO/DIS 16175-1:2019(E)

Contents Page
Foreword .v
Introduction .vi
1 Scope (mandatory) . 1
2 Normative references (mandatory) . 1
3 Terms and definitions (mandatory) . 2
4 Key outcome areas and configuration options . 2
4.1 Key outcome areas . 2
4.2 Key outcome areas in detail . 3
4.2.1 Records capture and classification . 3
4.2.2 Records retention and disposition . 3
4.2.3 Records integrity and maintenance . 3
4.2.4 Records discovery, use and sharing . 3
4.3 Possible configuration options for managing records created in business applications . 3
5 Model high-level functional requirements for applications that manage digital records .4
5.1 Requirements groupings . 4
5.2 Obligation levels. 5
5.3 Requirements in detail . 5
6 Understanding the model functional requirements . 9
6.1 General . 9
6.2 Addressing records requirements in business applications .10
6.2.1 The importance of records metadata .11
6.2.2 The meaning of ‘archiving’ .11
6.3 Records characteristics that should be enabled by business applications .11
6.3.1 Authenticity .11
6.3.2 Reliability .12
6.3.3 Integrity .12
6.3.4 Useability .12
6.4 Characteristics of business applications that manage records .12
6.4.1 Secure .12
6.4.2 Compliant .12
6.4.3 Comprehensive .12
6.4.4 Systematic .12
6.5 Records entities and relationships .12
6.5.1 Entity relationship models .12
6.5.2 Business classification scheme .13
6.5.3 Aggregations of digital records .13
6.5.4 Digital records .14
6.5.5 Extracts .14
6.5.6 Components .14
7 Using the model functional requirements .15
7.1 General .15
7.2 Determining needs for evidence of events, transactions and decisions in business
applications (identifying the needs for records) .15
7.2.1 Identify requirements for evidence of the business .16
7.2.2 Analyse the work process .16
7.2.3 Identify the content and its associated management information that
record the required evidence .16
7.2.4 Identify linkages and dependencies .19
7.3 Reviewing, assessing and auditing existing business applications .20
7.3.1 Undertaking the review process .20
7.4 Risk assessment .21
© ISO 2019 – All rights reserved iii

---------------------- Page: 5 ----------------------
oSIST ISO/DIS 16175-1:2019
ISO/DIS 16175-1:2019(E)

7.5 Determining functional requirements for managing records in an application
design specification .22
7.6 Assessing options f or deploying functionality in one or more software applications .23
Annex A (informative) Example template for functional requirements.27
Annex B (informative) Mapping of records principles to model functional requirements .31
Bibliography .32
iv © ISO 2019 – All rights reserved

---------------------- Page: 6 ----------------------
oSIST ISO/DIS 16175-1:2019
ISO/DIS 16175-1:2019(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: www .iso .org/iso/foreword .html.
This document was prepared by Technical Committee [or Project Committee] ISO/TC 46 Information and
documentation Subcommittee SC 11, Archives/records management.
This second edition cancels and replaces the first edition (ISO 16175-2:2011 and ISO 16175-3:2010),
which has been technically revised.
A list of all parts in the ISO ##### series can be found on the ISO website.
© ISO 2019 – All rights reserved v

---------------------- Page: 7 ----------------------
oSIST ISO/DIS 16175-1:2019
ISO/DIS 16175-1:2019(E)

Introduction
1.1 The case for management of records
Good management of records and information is fundamental to a well-functioning organization.
It supports business activity and provides a basis for efficient service delivery. It also provides the
mechanism for organizations to retain evidence of their decisions and actions for future reference and
to support business continuity. Good records practice is simply good business practice.
Managing records facilitates:
a) efficiency, by making information readily available when needed for decision-making and
operational purposes and to support information reuse and innovation;
b) sound use of financial resources, by allowing timely disposition of non-current records;
c) accountability, by enabling the creation of complete and authoritative records of activities;
d) compliance, by demonstrating that legal requirements have been met; and
e) risk mitigation, by managing the risks associated with unlawful loss or destruction of records, and
from inappropriate or unauthorised access to records.
Today in most organizations business is transacted and enabled by a variety of software applications. If
organizations are to capture and manage reliable records of their business activities it is vital that their
line-of-business applications incorporate good records functionality as part of their design. Making and
keeping records should be an organic and natural part of business processes.
1.2 Purpose of this document
This document provides model, high-level functional requirements, with associated explanatory
information and usage guidance, for any software applications that are intended to manage digital
records. Part 2 (the companion document to this Part) provides process guidance on how to select/
design, implement and maintain software for managing records within organizations.
For the purpose of presenting model functional requirements, this document makes no distinction
between software applications that are used for any business purpose and those applications
specifically intended and designed to manage records. Examples of the former include Enterprise
Content Management Systems and applications which create records as one part of their functionality
such as Contracts Management Systems, Case Management Systems or transactional systems. The
term used throughout is therefore “Business application”, which is intended to encapsulate the totality
of applications that manage records as part of their usual functioning. It is assumed that almost all
business applications will generate data that will need to serve as evidence of business activity for
future reference and as such will, inter alia, need to create, store and manage records. The purpose of
this document is to assist the developers and implementers of those applications to identify and deploy
functional requirements that will help ensure that the data generated and held in such applications can
serve as adequate records of business activity.
Many business applications generate and store data that may be subject to constant updating (dynamic),
able to be transformed (manipulable) and only contain current data (non-redundant). While business
requirements for dynamic, manipulable and non-redundant data may be entirely legitimate, if records
are to serve as reliable evidence of business activity they need to be fixed and inviolable. That is,
systems and processes need to be able to guarantee the reliability and authenticity of the records as
evidence of past business activity.
Organizations deploy software applications to automate business activities and transactions. The
digital information generated by an application may serve as the only evidence or record of the process
or transaction, despite the application not being designed specifically for the purpose of managing
records. Without evidence of these activities, organizations are exposed to risk and may be unable
to meet legislative, accountability, business and community expectations. Because of the dynamic
vi © ISO 2019 – All rights reserved

---------------------- Page: 8 ----------------------
oSIST ISO/DIS 16175-1:2019
ISO/DIS 16175-1:2019(E)

and manipulable nature of the data in business applications, the capture of records and the ongoing
management of their fixity, authenticity, reliability, integrity and useability can be challenging.
The functional requirements presented in this document do not necessarily all need to be met by a
single software application. It may be more cost effective for the requirements to be satisfied by
multiple software applications that collectively work together within an organization, or across
multiple organizations, to enable the conduct of business. Guidance on these issues can be found in
Clause 8.5. In addition, some requirements could be satisfied outside applications through processes
and procedures.
In addition to providing model high-level functional requirements for records in business applications,
this document provides guidance on identifying and addressing the needs for records. It aims to:
— help organizations understand requirements for managing digital records as they relate to software
applications used by organizations;
— assist IT and business specialists to include records considerations in applications design and/or
procurement; and
— assess the capabilities of existing business applications to manage records, including helping to
identify gaps or areas of risk in the current functionality of those applications.
This document is part of a suite of records system implementation guidance that supports the core
international records management standard, ISO 15489-1:2016. The utility and characteristics of
records systems are explained in that standard.
1.3 Audience
The primary audience for this document is professionals responsible for designing, developing,
procuring, reviewing and/or implementing software applications, such as business analysts,
applications developers, solution architects and IT procurement decision-makers. The audience also
includes records professionals who are involved in advising or assisting in such processes.
Role Purpose
Solution architects/ Ensure IT applications infrastructure supports the RM requirements.
designers
IT Procurement deci- Ensure procurement process meets these requirements
sion-makers
Developers Build application and support system tester during functional specification de-
velopment and test phase. Includes software vendors and developers who wish
to incorporate records functionality within their products, both commercial or
open source
Business Analysts Develop technical specifications; initiate/collate feedback and walkthrough.
Submit specification for sign-off and pass over to developer. Update any changes
to specification after sign-off (e.g. changes that are agreed during test phase),
if required.
Application testers Develop test plans, test conditions/cases and execute tests. Analyse test results,
log any failures and retest once fix has been applied and built to test environment.
Business owners For solution-specific requirements. Review and confirm application requirements
meet business objectives. Provide the business rules/processes/requirements to
the business analyst during the software specification development and test phases.
Records management Advising and assisting the business in the processes of defining RM requirements
professionals
Given the target audience for this document, the use of terminology that is specific to records
professionals has been minimised as far as possible. Where the use of such terminology is unavoidable
it is explained and/or defined (in clause 4 below).
© ISO 2019 – All rights reserved vii

---------------------- Page: 9 ----------------------
oSIST ISO/DIS 16175-1:2019
ISO/DIS 16175-1:2019(E)

1.4 Structure of this document
Sections 1-4 (Introduction; Scope; Normative References; Terms and Definitions) are standard ISO
sections. Key concepts and requirements are set out in Sections 5 and 6, while Sections 7 and 8 provide
more context and information on how the requirements might be used. Annex A provides a template for
developing requirements for use in an implementation context in an organization.
viii © ISO 2019 – All rights reserved

---------------------- Page: 10 ----------------------
oSIST ISO/DIS 16175-1:2019
DRAFT INTERNATIONAL STANDARD ISO/DIS 16175-1:2019(E)
Information and documentation — Processes and
functional requirements for software for managing
records —
Part 1:
Functional requirements and associated guidance for any
applications that manage digital records
1 Scope (mandatory)
This document provides model, high-level functional requirements and associated guidance for
software applications that are intended to manage digital records (including digital copies of analogue
source records), either as the main purpose of the application or as a part of an application that is
primarily intended to enable other business activities.
It does not include:
— functional requirements for applications that manage analogue records
— generic design requirements such as reporting, application administration and performance
— requirements for the long-term preservation of digital records in a dedicated preservation
environment. It should be noted, however, that the model requirements are intended to encourage
the deployment of applications that do not hinder long-term preservation of records. As such, some
of the requirements support long-term digital preservation outcomes.
— implementation guidance for applications that will capture and/or manage records. Such guidance
can be found in Part 2 of ISO 16175.
Assumption:
The requirements in this standard assume that the organization has undertaken or will undertake
precursor business analysis as outlined in Section 8.1 Determining needs for evidence of events,
transactions and decisions in business applications. Not all information contained in a business application
will necessarily be required to be recorded as evidence. Before reviewing, designing, building or
purchasing business applications, it is necessary to determine the organization’s needs for records in
order to develop and deploy appropriate strategies.
2 Normative references (mandatory)
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 15489-1:2016, Information and documentation — Records management — Part 1: Concepts and
principles
ISO/TR 21946:2019, Information and documentation — Records management – Appraisal for records
ISO 23081-1:2017, Information and documentation — Records management processes — Metadata for
records — Part 1: Principles
© ISO 2019 – All rights reserved 1

---------------------- Page: 11 ----------------------
oSIST ISO/DIS 16175-1:2019
ISO/DIS 16175-1:2019(E)

ISO 23081-2:2009, Information and documentation — Managing metadata for records — Part 2:
Conceptual and implementation issues
ISO 30300, Information and documentation — Management systems for records — Fundamentals and
vocabulary[Note: this publication is in the process of being revised and updated]
3 Terms and definitions (mandatory)
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform : available at http: //www .iso .org/obp
— IEC Electropedia : available at http: //www .electropedia .org
4 Key outcome areas and configuration options
4.1 Key outcome areas
The functional requirements in this standard focus on the outcomes required to ensure records are
managed appropriately. How to achieve the outcomes will depend on the type of application being used.
Figure 1 — Key outcome areas
2 © ISO 2019 – All rights reserved

---------------------- Page: 12 ----------------------
oSIST ISO/DIS 16175-1:2019
ISO/DIS 16175-1:2019(E)

4.2 Key outcome areas in detail
4.2.1 Records capture and classification
Software applications that enable business activities or transactions should be able to capture and/or
import/ingest evidence of those activities. This involves identifying sets of digital information to serve
as records. Records have to be linked to their business context using metadata.
4.2.2 Records retention and disposition
Records shall be kept and remain accessible to authorized users for as long as required for legislative,
community and business needs. In conformance with authorized disposition authorities, records
should be retained and disposed of in a managed, systematic and auditable way.
4.2.3 Records integrity and maintenance
Business applications should be able to register any interactions with or changes to the records. This
includes the responsible agent, a timestamp and details on the changes. The registered events should
be persistently linked to the records for as long as these exist.
4.2.4 Records discovery, use and sharing
Business applications should enable searching, retrieval, rendering, use, sharing and redaction of
records for authorized users. They should also support interoperability across platforms and domains
and over time.
4.3 Possible configuration options for managing records created in business
applications
Before using the functional requirements, organizations should consider the extent to which
functionality for records will be provided through internal mechanisms within a business application
itself, or whether the requirements will be met by interacting with external software applications that
are capable of providing the necessary records management functionality.
The mandatory functional requirements in this document outline the core records processes that shall
be addressed. Options to implement these requirements may include:
1. designing the business application to internally perform the records management functions;
2. integrating with a dedicated records management application, such as an electronic records
management system (ERMS); or
3. designing export functionality i
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.