ISO/DIS 24143
(Main)Information and documentation -- Information Governance -- Concept and principles
Information and documentation -- Information Governance -- Concept and principles
Information et documentation -- Gouvernance de l’information -- Concept et principes
Informatika in dokumentacija - Upravljanje informacij - Koncept in načela
General Information
Standards Content (sample)
SLOVENSKI STANDARD
oSIST ISO/DIS 24143:2021
01-oktober-2021
Informatika in dokumentacija - Upravljanje informacij - Koncept in načela
Information and documentation -- Information Governance -- Concept and principles
Information et documentation -- Gouvernance de l’information -- Concept et principes
Ta slovenski standard je istoveten z: ISO/DIS 24143ICS:
01.140.20 Informacijske vede Information sciences
oSIST ISO/DIS 24143:2021 en,fr
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------oSIST ISO/DIS 24143:2021
---------------------- Page: 2 ----------------------
oSIST ISO/DIS 24143:2021
DRAFT INTERNATIONAL STANDARD
ISO/DIS 24143
ISO/TC 46 Secretariat: AFNOR
Voting begins on: Voting terminates on:
2021-05-11 2021-08-03
Information and documentation — Information
Governance — Concept and principles
Information et documentation — Gouvernance de l’information — Concept et principes
ICS: 01.140.20THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
This document is circulated as received from the committee secretariat.
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/DIS 24143:2021(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
PROVIDE SUPPORTING DOCUMENTATION. ISO 2021
---------------------- Page: 3 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved
---------------------- Page: 4 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
Contents Page
Foreword ........................................................................................................................................................................................................................................iv
Introduction ..................................................................................................................................................................................................................................v
1 Scope ................................................................................................................................................................................................................................. 1
2 Normative references ...................................................................................................................................................................................... 1
3 Terms and definitions ..................................................................................................................................................................................... 1
3.1 Terms relating to the concept of information .............................................................................................................. 1
3.2 Terms relating to the concept of information governance ................................................................................ 2
4 The Benefits of Information Governance .................................................................................................................................... 2
4.1 Strategic benefits ................................................................................................................................................................................... 2
4.2 Operational benefits ........................................................................................................................................................................... 3
5 Principles of Information Governance .......................................................................................................................................... 3
5.1 Recognise Information as a corporate, strategic asset ......................................................................................... 3
5.2 Build Information Governance in a collaborative way ......................................................................................... 4
5.3 Design Information Governance as a key element of corporate strategy ............................................ 4
5.4 Integrate Information Governance into the organisation’s governance frameworks ............... 4
5.5 Secure senior management’s leadership and commitment ............................................................................. 4
5.6 Ensure Information Governance supports legal compliance and any mandatoryrequirements ............................................................................................................................................................................................ 5
5.7 Align Information Governance to business objectives ......................................................................................... 5
5.8 Ensure Information Governance supports information security and privacy ................................. 5
5.9 Ensure Information Governance supports information quality and integrity ................................. 5
5.10 Foster a collaboration and knowledge sharing culture ....................................................................................... 5
5.11 Adopt a risk-based approach ...................................................................................................................................................... 6
5.12 Enhance organisation’s performance .................................................................................................................................. 6
5.13 Govern Information throughout its information lifecycle ................................................................................. 6
5.14 Support corporate culture............................................................................................................................................................. 6
5.15 Support sustainability ...................................................................................................................................................................... 6
Annex A Concept Diagrams .......................................................................................................................................................................................... 7
Bibliography ................................................................................................................................................................................................................................ 9
© ISO 2021 – All rights reserved iii---------------------- Page: 5 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
Foreword
ISO (the International Organisation for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is typically carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organisations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organisation (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/
iso/ foreword .html.This document was prepared by Technical Committee ISO/TC 46 Information and Documentation,
Working Group 13 Information Governance.Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.iv © ISO 2021 – All rights reserved
---------------------- Page: 6 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
Introduction
Information is a critical asset that is indispensable to support business processes and therefore, a
foundation for the success of any business activities. Due to numerous existing and emerging forms
and uses of information and information-related risks, organisations often struggle with implementing
consistent and comprehensive systems to store, retrieve, share and analyse information. Organisations.
The current global digital transformation and the general evolution of society increasingly demand
greater transparency, accountability, data protection, security, interoperability and information sharing
within and between organisations. This trend requires a solid strategy for information governance that
supports the business process at a strategic level. There is a need for a more strategic vision, known as
"Information Governance” that should play a key role in supporting digital transformation initiatives.
Many governmental and non-governmental organisations worldwide already perceive the necessity
and understand the benefits of coordinating at a strategic level the efforts of multiple information-,
data- and knowledge-related disciplines.This International Standard defines concepts and principles for information governance.
This International Standard provides guiding principles for members of governing bodies of
organisations (which can comprise owners, directors, partners, executive managers, or similar) on
the effective, efficient, compliant, secure, transparent and accountable creation, use, maintenance,
preservation and disposition of information within their organisations.Information Governance is an integral part of the overall governance of the organisation. It identifies
common high-level principles and provides a framework enabling effective and efficient cooperation of
all the information-related professionals, in support of the mission of an organisation and achievement
of its strategic goals. Areas for collaboration include but are not limited to:• Data Management
• Information Management
• Records Management
• Knowledge Management
• Regulatory Compliance
• Digital Preservation
• Information Security
• Enterprise Architecture
• Data Protection
• Open data
• Big data
• Business processes
• Quality management.
Information Governance requires coherence and integration with relevant Management system
Standards, such as ISO 9000, ISO 27000 and ISO 30300 series.Information Governance is a strategic framework for managing information assets across an entire
organisation to support its business outcomes and obtain assurance that the risks to its information,
and thereby the operational capabilities and integrity of the organisation, are adequately identified
and managed. Information governance includes but is not limited to policies, processes, procedures,
© ISO 2021 – All rights reserved v---------------------- Page: 7 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
roles and controls put in place to meet regulatory, legal, risk and operational requirements. Information
governance provides an overarching high-level framework that:• aligns all information-related activities with the mission and goals of an organisation, and its
business, legal and societal obligations,• ensures a comprehensive and systematic approach to information by integrating records and
information management, information security and privacy, compliance, business continuity,
disaster recovery, e-discovery and other aspects relevant to directing and controlling information,
• supports cooperation between professionals, and• creates a high-level basis for managing information whatever its form, type and format, informs
education, professional development of the workforce and awareness about information-related
obligations, risks and possibilities.vi © ISO 2021 – All rights reserved
---------------------- Page: 8 ----------------------
oSIST ISO/DIS 24143:2021
DRAFT INTERNATIONAL STANDARD ISO/DIS 24143:2021(E)
Information and documentation — Information
Governance — Concept and principles
1 Scope
This part of ISO 24143 establishes concepts and principles for information governance.
This International Standard applies to the governance of the organisation's past, current and future
information assets.This International Standard applies to organisations of all sizes in all sectors, including public and
private companies, government entities, and not-for-profit organisations.2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
3 Terms and definitions3.1 Terms relating to the concept of information
3.1.1
authenticity
property of information (3.1.3) that can be proven to be what it purports to be
Note 1 to entry: Authenticity implies that information has been created or sent by the agent purported to have
created or sent it, and to have been created or sent when purported.[SOURCE: ISO 30300:2020, 3.2.2, modified, “information” is taken place of “records”]
3.1.2data
set of characters or symbols to which meaning is or could be assigned
[SOURCE: ISO 30300: 2020, 3.2.4]
3.1.3
information
data (3.1.2) in context with a particular meaning
[SOURCE: ISO 30300:2020, 3.2.7]
3.1.4
information asset
knowledge or data (3.1.2) that has value to the relevant stakeholder
[SOURCE: ISO/TS 17573-2:2020, 3.95]
3.1.5
integrity
property of information that is complete and unaltered
[SOURCE: ISO 30300:2020, 3.2.8, modified-“information” is taken place of “records”]
© ISO 2021 – All rights reserved 1---------------------- Page: 9 ----------------------
oSIST ISO/DIS 24143:2021
ISO/DIS 24143:2021(E)
3.2 Terms relating to the concept of information governance
3.2.1
compliance
characteristic of conformance to rules, such as those defined by a law, a regulation, a standard, or a policy
[SOURCE: ISO/IEC 20924:2018, 3.1.10]3.2.2
digital continuity
ability to use digital information (3.1.3) in the way that is needed, for whenever and wherever is needed
3.2.3disposition
range of processes associated with implementing retention, destruction or transfer decisions about
information (3.1.3)[SOURCE: ISO 30300:2020, 3.4.8, modified -“information” is taken place of “records”]
3.2.4framework
particular set of beliefs and ideas referred to in order to describe a scenario or solve a problem
[SOURCE: ISO 15638-6:2014, 4.30]3.2.5
governance
principles, policies and framework by which an organisation is directed and controlled
[SOURCE: ISO 21505:2017, 3.1]3.2.6
information governance
strategic framework for governing information assets (3.1.4) across an entire organisation in order
to enhance coordinated support its business outcomes and obtain assurance that the risks to its
information (3.1.3), and thereby the operation capabilities and integrity (3.1.5) of the organisation, are
effectively identified and managedNote 1 to entry: Information governance includes (but is not limited to) policies, processes, procedures, roles and
controls put in place to meet regulatory, legal, risk and operational requirements.
Note 2 to entry: Data is part of the information asset.4 The Benefits of Information Governance
Information Governance is a strategic, multi-disciplinary framework that forms the foundation for
collaboration between all related professions. It considers information as a valuable corporate asset.
When information governance has been achieved via a collaborative effort with respect for cross-
discipline approaches, it has the potential to deliver the following benefits:4.1 Strategic benefits
Information governance:
1. Provides an overarching high-level governance framework that supports an organisation’s mission
and resu...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.