Information and documentation -- Information Governance -- Concept and principles

Information et documentation -- Gouvernance de l’information -- Concept et principes

Informatika in dokumentacija - Upravljanje informacij - Koncept in načela

General Information

Status
Published
Current Stage
4099 - Full report circulated: DIS approved for registration as FDIS
Start Date
17-Aug-2021

Buy Standard

Draft
ISO/DIS 24143:2021 - BARVE na PDF-str 16
English language
16 pages
sale 10% off
Preview
sale 10% off
Preview

e-Library read for
1 day

Standards Content (sample)

SLOVENSKI STANDARD
oSIST ISO/DIS 24143:2021
01-oktober-2021
Informatika in dokumentacija - Upravljanje informacij - Koncept in načela

Information and documentation -- Information Governance -- Concept and principles

Information et documentation -- Gouvernance de l’information -- Concept et principes

Ta slovenski standard je istoveten z: ISO/DIS 24143
ICS:
01.140.20 Informacijske vede Information sciences
oSIST ISO/DIS 24143:2021 en,fr

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST ISO/DIS 24143:2021
---------------------- Page: 2 ----------------------
oSIST ISO/DIS 24143:2021
DRAFT INTERNATIONAL STANDARD
ISO/DIS 24143
ISO/TC 46 Secretariat: AFNOR
Voting begins on: Voting terminates on:
2021-05-11 2021-08-03
Information and documentation — Information
Governance — Concept and principles

Information et documentation — Gouvernance de l’information — Concept et principes

ICS: 01.140.20
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
This document is circulated as received from the committee secretariat.
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/DIS 24143:2021(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION. ISO 2021
---------------------- Page: 3 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2021

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved
---------------------- Page: 4 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
Contents Page

Foreword ........................................................................................................................................................................................................................................iv

Introduction ..................................................................................................................................................................................................................................v

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

3.1 Terms relating to the concept of information .............................................................................................................. 1

3.2 Terms relating to the concept of information governance ................................................................................ 2

4 The Benefits of Information Governance .................................................................................................................................... 2

4.1 Strategic benefits ................................................................................................................................................................................... 2

4.2 Operational benefits ........................................................................................................................................................................... 3

5 Principles of Information Governance .......................................................................................................................................... 3

5.1 Recognise Information as a corporate, strategic asset ......................................................................................... 3

5.2 Build Information Governance in a collaborative way ......................................................................................... 4

5.3 Design Information Governance as a key element of corporate strategy ............................................ 4

5.4 Integrate Information Governance into the organisation’s governance frameworks ............... 4

5.5 Secure senior management’s leadership and commitment ............................................................................. 4

5.6 Ensure Information Governance supports legal compliance and any mandatory

requirements ............................................................................................................................................................................................ 5

5.7 Align Information Governance to business objectives ......................................................................................... 5

5.8 Ensure Information Governance supports information security and privacy ................................. 5

5.9 Ensure Information Governance supports information quality and integrity ................................. 5

5.10 Foster a collaboration and knowledge sharing culture ....................................................................................... 5

5.11 Adopt a risk-based approach ...................................................................................................................................................... 6

5.12 Enhance organisation’s performance .................................................................................................................................. 6

5.13 Govern Information throughout its information lifecycle ................................................................................. 6

5.14 Support corporate culture............................................................................................................................................................. 6

5.15 Support sustainability ...................................................................................................................................................................... 6

Annex A Concept Diagrams .......................................................................................................................................................................................... 7

Bibliography ................................................................................................................................................................................................................................ 9

© ISO 2021 – All rights reserved iii
---------------------- Page: 5 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
Foreword

ISO (the International Organisation for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is typically carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organisations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/ patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organisation (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/

iso/ foreword .html.

This document was prepared by Technical Committee ISO/TC 46 Information and Documentation,

Working Group 13 Information Governance.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
iv © ISO 2021 – All rights reserved
---------------------- Page: 6 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
Introduction

Information is a critical asset that is indispensable to support business processes and therefore, a

foundation for the success of any business activities. Due to numerous existing and emerging forms

and uses of information and information-related risks, organisations often struggle with implementing

consistent and comprehensive systems to store, retrieve, share and analyse information. Organisations.

The current global digital transformation and the general evolution of society increasingly demand

greater transparency, accountability, data protection, security, interoperability and information sharing

within and between organisations. This trend requires a solid strategy for information governance that

supports the business process at a strategic level. There is a need for a more strategic vision, known as

"Information Governance” that should play a key role in supporting digital transformation initiatives.

Many governmental and non-governmental organisations worldwide already perceive the necessity

and understand the benefits of coordinating at a strategic level the efforts of multiple information-,

data- and knowledge-related disciplines.

This International Standard defines concepts and principles for information governance.

This International Standard provides guiding principles for members of governing bodies of

organisations (which can comprise owners, directors, partners, executive managers, or similar) on

the effective, efficient, compliant, secure, transparent and accountable creation, use, maintenance,

preservation and disposition of information within their organisations.

Information Governance is an integral part of the overall governance of the organisation. It identifies

common high-level principles and provides a framework enabling effective and efficient cooperation of

all the information-related professionals, in support of the mission of an organisation and achievement

of its strategic goals. Areas for collaboration include but are not limited to:
• Data Management
• Information Management
• Records Management
• Knowledge Management
• Regulatory Compliance
• Digital Preservation
• Information Security
• Enterprise Architecture
• Data Protection
• Open data
• Big data
• Business processes
• Quality management.

Information Governance requires coherence and integration with relevant Management system

Standards, such as ISO 9000, ISO 27000 and ISO 30300 series.

Information Governance is a strategic framework for managing information assets across an entire

organisation to support its business outcomes and obtain assurance that the risks to its information,

and thereby the operational capabilities and integrity of the organisation, are adequately identified

and managed. Information governance includes but is not limited to policies, processes, procedures,

© ISO 2021 – All rights reserved v
---------------------- Page: 7 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)

roles and controls put in place to meet regulatory, legal, risk and operational requirements. Information

governance provides an overarching high-level framework that:

• aligns all information-related activities with the mission and goals of an organisation, and its

business, legal and societal obligations,

• ensures a comprehensive and systematic approach to information by integrating records and

information management, information security and privacy, compliance, business continuity,

disaster recovery, e-discovery and other aspects relevant to directing and controlling information,

• supports cooperation between professionals, and

• creates a high-level basis for managing information whatever its form, type and format, informs

education, professional development of the workforce and awareness about information-related

obligations, risks and possibilities.
vi © ISO 2021 – All rights reserved
---------------------- Page: 8 ----------------------
oSIST ISO/DIS 24143:2021
DRAFT INTERNATIONAL STANDARD ISO/DIS 24143:2021(E)
Information and documentation — Information
Governance — Concept and principles
1 Scope

This part of ISO 24143 establishes concepts and principles for information governance.

This International Standard applies to the governance of the organisation's past, current and future

information assets.

This International Standard applies to organisations of all sizes in all sectors, including public and

private companies, government entities, and not-for-profit organisations.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

3 Terms and definitions
3.1 Terms relating to the concept of information
3.1.1
authenticity
property of information (3.1.3) that can be proven to be what it purports to be

Note 1 to entry: Authenticity implies that information has been created or sent by the agent purported to have

created or sent it, and to have been created or sent when purported.

[SOURCE: ISO 30300:2020, 3.2.2, modified, “information” is taken place of “records”]

3.1.2
data
set of characters or symbols to which meaning is or could be assigned
[SOURCE: ISO 30300: 2020, 3.2.4]
3.1.3
information
data (3.1.2) in context with a particular meaning
[SOURCE: ISO 30300:2020, 3.2.7]
3.1.4
information asset
knowledge or data (3.1.2) that has value to the relevant stakeholder
[SOURCE: ISO/TS 17573-2:2020, 3.95]
3.1.5
integrity
property of information that is complete and unaltered

[SOURCE: ISO 30300:2020, 3.2.8, modified-“information” is taken place of “records”]

© ISO 2021 – All rights reserved 1
---------------------- Page: 9 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
3.2 Terms relating to the concept of information governance
3.2.1
compliance

characteristic of conformance to rules, such as those defined by a law, a regulation, a standard, or a policy

[SOURCE: ISO/IEC 20924:2018, 3.1.10]
3.2.2
digital continuity

ability to use digital information (3.1.3) in the way that is needed, for whenever and wherever is needed

3.2.3
disposition

range of processes associated with implementing retention, destruction or transfer decisions about

information (3.1.3)

[SOURCE: ISO 30300:2020, 3.4.8, modified -“information” is taken place of “records”]

3.2.4
framework

particular set of beliefs and ideas referred to in order to describe a scenario or solve a problem

[SOURCE: ISO 15638-6:2014, 4.30]
3.2.5
governance

principles, policies and framework by which an organisation is directed and controlled

[SOURCE: ISO 21505:2017, 3.1]
3.2.6
information governance

strategic framework for governing information assets (3.1.4) across an entire organisation in order

to enhance coordinated support its business outcomes and obtain assurance that the risks to its

information (3.1.3), and thereby the operation capabilities and integrity (3.1.5) of the organisation, are

effectively identified and managed

Note 1 to entry: Information governance includes (but is not limited to) policies, processes, procedures, roles and

controls put in place to meet regulatory, legal, risk and operational requirements.

Note 2 to entry: Data is part of the information asset.
4 The Benefits of Information Governance

Information Governance is a strategic, multi-disciplinary framework that forms the foundation for

collaboration between all related professions. It considers information as a valuable corporate asset.

When information governance has been achieved via a collaborative effort with respect for cross-

discipline approaches, it has the potential to deliver the following benefits:
4.1 Strategic benefits
Information governance:

1. Provides an overarching high-level governance framework that supports an organisation’s mission

and resu
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.