Document management -- Assessing ECM/EDRM implementations -- Trustworthiness

ISO 18829:2017 identifies activities and operations that an organization needs to perform, or have performed, to evaluate whether the electronically stored information (ESI) is or was maintained in a reliable and trustworthy environment(s). These environments utilize content or records management technologies commonly referred to as either enterprise content management (ECM) or electronic document and records management (EDRM) enforcing organizational records management policies and schedules. ISO/TR 15801 and ISO 15489 (all parts) established the standards and best practices associated with implementing trustworthy records/document management environments. However, a standard is necessary to define the methodology used to evaluate these types of records/document management environments regardless of what technologies are currently employed by the organization. ISO 18829:2017 establishes the assessment methodology to be followed to identify the level of organizational compliance with these standards as related to trustworthiness and reliability of information stored in these environments. ISO 18829:2017 is applicable to existing or planned ECM systems. Establishing the existence of a trustworthy system is an important step in documenting the reliability of ESI maintained within that system or environment. ISO 18829:2017 is designed for use by organizations evaluating the trustworthiness of existing record/document management environments. ISO 18829:2017 identifies all of the mandatory activities and areas that need to be examined by a resource, or resources, with a thorough technical and operational knowledge of the specific technologies and methodologies being examined, along with understanding record management processes and activities.

Gestion de documents -- Évaluation de la mise en oeuvre des ECM/EDRM -- Fiabilité

General Information

Status
Published
Publication Date
31-May-2017
Current Stage
6060 - International Standard published
Start Date
21-Apr-2017
Completion Date
01-Jun-2017
Ref Project

Buy Standard

Standard
ISO 18829:2017 - Document management -- Assessing ECM/EDRM implementations -- Trustworthiness
English language
12 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (sample)

INTERNATIONAL ISO
STANDARD 18829
First edition
2017-06
Document management — Assessing
ECM/EDRM implementations —
Trustworthiness
Gestion de documents — Évaluation de la mise en oeuvre des ECM/
EDRM — Fiabilité
Reference number
ISO 18829:2017(E)
ISO 2017
---------------------- Page: 1 ----------------------
ISO 18829:2017(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2017, Published in Switzerland

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form

or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior

written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of

the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved
---------------------- Page: 2 ----------------------
ISO 18829:2017(E)
Contents Page

Foreword ........................................................................................................................................................................................................................................iv

Introduction ..................................................................................................................................................................................................................................v

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Trustworthy ECM system assessment ............................................................................................................................................ 2

4.1 General ........................................................................................................................................................................................................... 2

4.1.1 Assessment output ......................................................................................................................................................... 2

4.1.2 Process review ................................................................................................................................................................... 3

4.1.3 Fulfilling legal, government and regulatory requirements ......................................................... 4

4.2 Assessment activities ........................................................................................................................................................................ 4

4.2.1 Review of existing business practice and other organizational documentation ...... 4

4.2.2 Evaluating information ingested into the system ................................................................................ 4

4.2.3 Readability ............................................................................................................................................................................ 5

4.3 Evaluating information retention, preservation and destruction ............................................................... 6

4.3.1 Application interoperability .................................................................................................................................. 6

4.3.2 Data migration between electronic storage media ............................................................................ 6

4.3.3 Data format conversion ........................................................................................................................................... ... 6

4.3.4 Media monitoring program .................................................................................................................................... 6

4.3.5 Data expunging/deletion .......................................................................................................................................... 6

4.4 System security ....................................................................................................................................................................................... 6

4.4.1 Security-related information to be collected/reviewed ................................................................ 6

4.4.2 Securing the information to prevent unauthorized modification or

deletion of ESI .................................................................................................................................................................... 7

4.5 Evaluating information access ................................................................................................................................................... 7

4.5.1 General...................................................................................................................................................................................... 7

4.5.2 Managing authorized modification .................................................................................................................. 8

4.6 Evaluating history and audit trail information............................................................................................................ 8

4.6.1 General...................................................................................................................................................................................... 8

4.6.2 Retrieval of previous document version required to be maintained .................................. 8

4.6.3 Management of notes and annotations as part of a business record ................................. 9

4.6.4 Management of ESI containing macros and/or external links ................................................. 9

4.7 Evaluating technical and data storage environments ........................................................................................10

4.7.1 Information security models ..............................................................................................................................10

4.7.2 Storage technologies assessment ...................................................................................................................10

4.7.3 Technology standards being followed by organization ...............................................................10

4.7.4 Primary and secondary storage .......................................................................................................................10

Bibliography .............................................................................................................................................................................................................................12

© ISO 2017 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO 18829:2017(E)
Foreword

ISO (the International Organization for Standardization) is a worldwide federation of national standards

bodies (ISO member bodies). The work of preparing International Standards is normally carried out

through ISO technical committees. Each member body interested in a subject for which a technical

committee has been established has the right to be represented on that committee. International

organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.

ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of

electrotechnical standardization.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the

different types of ISO documents should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject of

patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of

any patent rights identified during the development of the document will be in the Introduction and/or

on the ISO list of patent declarations received (see www .iso .org/ patents).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO’s adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following

URL: w w w . i s o .org/ iso/ foreword .html.

This document was prepared by Technical Committee ISO/TC 171, Document management applications,

Subcommittee SC 1, Quality, preservation and integrity of information.
iv © ISO 2017 – All rights reserved
---------------------- Page: 4 ----------------------
ISO 18829:2017(E)
Introduction

This document provides a methodology for organizations seeking to assess whether their ECM

environment complies with key concepts of trustworthiness and information reliability as identified in

ISO/TR 15801 and ISO/TR 22957.

Many organizations are now required to ensure their business-related electronically stored information

(ESI) is securely created, stored and eventually destroyed in order to establish the authenticity and

accuracy of the ESI and the security and trustworthiness of the organization.

This document identifies activities and operations an organization needs to follow in order to

— ensure that any electronically stored information (ESI) is created and maintained in a reliable and

trustworthy manner through the entire ESI lifecycle, and

— evaluate existing enterprise content management (ECM) systems or electronic document and

records management (EDRM) systems for compliance with applicable ISO standards.

ISO 15489, ISO/TR 15801 and ISO/TR 22957 provide organizations with guidance for the design of

their enterprise content management (ECM) systems; however, organizations may also be required to

provide auditable proof that these systems provide a secure environment for ESI that meets any legal,

technical and policy obligations of the organization and comply with applicable ISO standards.

Any trustworthy ECM/EDRM solution needs to be capable of being audited, with reproducible results.

There also needs to be a method of independently verifying the claims of the software and hardware

vendors that the information is safe and secure and being stored in a trustworthy fashion. Organizations

will need to ensure that their supporting documentation reflects these requirements.

Although standardized ECM solutions are likely to be auditable and can be easily verified, non-

standardized or proprietary storage solutions may not provide a full audit trail and claims for the

security of the ECM/EDRM solution made by vendors are difficult to independently verify. Regardless

of whether the storage technology is standardized or proprietary, the organization faces the same need

to be able to verify that the ECM/EDRM solution complies with all applicable requirements.

© ISO 2017 – All rights reserved v
---------------------- Page: 5 ----------------------
INTERNATIONAL STANDARD ISO 18829:2017(E)
Document management — Assessing ECM/EDRM
implementations — Trustworthiness
1 Scope

This document identifies activities and operations that an organization needs to perform, or have

performed, to evaluate whether the electronically stored information (ESI) is or was maintained in a

reliable and trustworthy environment(s). These environments utilize content or records management

technologies commonly referred to as either enterprise content management (ECM) or electronic

document and records management (EDRM) enforcing organizational records management policies

and schedules.

ISO/TR 15801 and ISO 15489 (all parts) established the standards and best practices associated with

implementing trustworthy records/document management environments. However, a standard is

necessary to define the methodology used to evaluate these types of records/document management

environments regardless of what technologies are currently employed by the organization. This

document establishes the assessment methodology to be followed to identify the level of organizational

compliance with these standards as related to trustworthiness and reliability of information stored in

these environments.

This document is applicable to existing or planned ECM systems. Establishing the existence of a

trustworthy system is an important step in documenting the reliability of ESI maintained within

that system or environment. This document is designed for use by organizations evaluating the

trustworthiness of existing record/document management environments. This document identifies all

of the mandatory activities and areas that need to be examined by a resource, or resources, with a

thorough technical and operational knowledge of the specific technologies and methodologies being

examined, along with understanding record management processes and activities.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO 12651-1, Electronic document management — Vocabulary — Part 1: Electronic document imaging

ISO 15489-1, Information and documentation — Records management — Part 1: Concepts and principles

3 Terms and definitions

For the purposes of this document, the following terms and definitions given in ISO 12651-1, ISO 15489-1

and the following apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— IEC Electropedia: available at http:// www .electropedia .org/
— ISO Online browsing platform: available at http:// www .iso .org/ obp
3.1
authentic record
record that can be proven
a) to be what it purports to be,
© ISO 2017 – All rights reserved 1
---------------------- Page: 6 ----------------------
ISO 18829:2017(E)

b) to have been created or sent by the person purported to have created or sent it, and

c) to have been created or sent at the time purported
3.2
business practice documentation
BPD

detailed business process document identifying how information is received, stored and managed along

with the processes, policies and procedures followed by the organization

Note 1 to entry: The BPD contains sufficient information allowing the organization to authenticate or certify

that electronically stored information contained within the electronic document/record management system is

accurate, reliable and trustworthy.

Note 2 to entry: In some areas, this document is referred to as a master procedure manual.

3.3
electronically stored information
ESI

information created, used and stored in digital form, and requiring a computer or other device for access

Note 1 to entry: For the purposes of this document, ESI includes documents and records created and/or managed

by the organization in the course of business. Electronic data contained within relational databases or specialized

application data sets are not considered to be part of the ESI examined when executing this assessment.

3.4
readability

ability of the system to accurately reproduce the stored information in a consistent fashion over a

period of time without modification to the original content in any way that materially changes what

was originally stored
3.5
reliable

trusted as a full and accurate representation of the transactions, activities or attested facts and can be

depended upon in the course of subsequent transactions or activities
3.6
trustworthy

stored electronically in an accurate, reliable and usable/readable manner, ensuring integrity over time

Note 1 to entry: See ISO/TR 15801.
4 Trustworthy ECM system assessment
4.1 General
4.1.1 Assessment output

Trustworthy ECM systems shall ensure that information being managed can be reproduced in a reliable

fashion and prevent unauthorized modifications or changes to the content or associated metadata.

This includes any ESI generated from various office applications that utilize external sources to

“complete” the document/record then created and/or printed/saved as determined appropriate by the

organization.

The output of this standardized assessment shall include a detailed report including sufficient

information allowing the organization to determine how to best address any areas identified as not

being in full compliance. The report should also include, with detailed technology (if appropriate),

recommendations and records/document management related policies and procedures required to

come into full compliance.
2 © ISO 2017 – All rights reserved
---------------------- Page: 7 ----------------------
ISO 18829:2017(E)

A key element of this assessment standard is to provide detailed information to the organization

related to the overall trustworthiness of their ECM environment along with recommendations on

how to address those areas evaluated not to be in compliance with the associated ECM and records

management related standards.

Upon conclusion of any ISO 18829-compliant assessment, the assessment team shall prepare a detailed

report containing, at a minimum, the following:

— a business needs and/or business case. This section shall include a description of the records

assessment process followed, a summary of findings for physical records and electronic records

and business-related issues identified throughout the assessment;

— an analysis section that provides detailed information associated with a clear set of objective

records and information management principles to achieve a measurable, consistent records

information structure, fully insulated from individual and organizational bias. Previously referred

to as GARP (“Generally Accepted Recordkeeping Principles”), it is now referred to within the records

management industry as the “Principles” that define very specific levels of maturity of the records

management program;

— a technology gap analysis section providing a description of all relevant ECM, records management

and other document/record related storage or creation technologies currently in use by the

organization;

— a section of technical and records related recommendations. This section shall include

recommendations associated with changing the existing state of records management to establish

a trustworthy ECM environment.
4.1.2 Process review

Any trustworthy ECM system assessment shall begin with a review of the processes and procedures

associated with the entire environment in which ESI is managed. This includes reviewing not only the

actual processes and procedures but also the business practices documentation (BPD). An evaluation

shall be made regarding: how records, documents or information are ingested (i.e. how hardcopy is

converted into electronic format, existing ESI is received and processed, etc.); how the system manages,

audits and secures the electronic information; and how the system (including hardware) ensures that

the storage of the information is secured, preventing unauthorized alteration, modification and/or

deletion.

If the BPD is available, then the existing processes and procedures shall be verified against the

documentation to determine compliance and/or areas in need of improvement including reviewing how

— all ECM procedures will be followed,
— information is or has been imported/scanned, indexed and verified,
— the system is and has been secured from unauthorized access,

— documents are and have been secured from unauthorized modification or alternation,

— authorized modification of document(s) has/have been and is/are managed, including audit trail

information and the ability to retrieve any previous document version required to be maintained,

— notes and annotations (if any) have been and stored and managed, if they are a part of the business

record, and

— the system establishes controls over all stored electronic information adhering to the published

records retention schedule.

If a hosted solution or off-site components not within the direct custodial care of the organization are

being utilized, the assessment team shall include reviewing the level of compliance with ISO 17068

Trusted Third Party Repositories. ISO 17068 provides detailed information and recommendations

© ISO 2017 – All rights reserved 3
---------------------- Page: 8 ----------------------
ISO 18829:2017(E)

associated with offsite vendor requirements, procedures and agreements that should be considered

before storing content in an external environment that is not under the full control of the organization.

If the BPD is lacking or non-existent, the assessment can be followed by creating the documentation.

The BPD is a required component of any trustworthy environment. While the creation of this document

after the environment was placed into “production” may leave information contained in the system

vulnerable to claims that it is not trustworthy, subsequently added information shall have a clearly

documented process.
4.1.3 Fulfilling legal, government and regulatory requirements

Organizations that are subject to legal, government and regulatory requests for ESI may be required

to verify the integrity and authenticity of the ESI under oath. Maintaining clearly defined policies

and procedures and business practice documentation, as well as providing authenticated audit trails

detailing how the ESI was collected and assembled, will be critical to establishing the authenticity of

the ESI.
4.2 Assessment activities

4.2.1 Review of existing business practice and other organizational documentation

The assessment team shall examine the business practices document (BPD) previously developed to

coherently explaining the interrelationship of the various organizational policies and procedures that

impact the storage of electronic information.

Each of the areas covered by policies and procedures identified in the BPD shall be reviewed by the

assessment team to determine whether the policies and procedures, together with the hardware, media

and records/document management software has been implemented following design considerations

identified in ISO/TR 22957, ISO/TR 15801 and ISO 15489. If the BPD does not exist, or is found to be

lacking, the assessment team shall evaluate aspects of the ECM system, focusing on the policies and

procedures related to how information is captured, managed and secured.

Furthermore, the assessment team shall review how the policies and procedures have been disseminated

throughout the organization, including any training programs and ascertain the familiarity with them

by the individuals charged with implementing or enforcing those policies.

Specifically, even if no BPD exists, the assessment team shall evaluate all the policies and procedures

established under the principles identified in ISO/TR 15801 and ISO/TR 22957 regarding a trustworthy

ECM system. Though the terms in these documents may differ slightly, the concept between key

activities is consistent.

While the naming convention or existence of a particular policy or procedure is dependent upon the

specific business operation, an assessment team could be expected to obtain and review policies and

procedures in 4.2.2.
4.2.2 Evaluating information ingested into the system
4.2.2.1 General

The assessment team shall review in detail the processes associated with importing born digital

data and information converted from hardcopy formats. The import, migration and/or conversion

process(es) used to create ESI shall be reviewed in detail to ensure all information (as described in

the BPD, if one exists, otherwise, the BPD needs to be developed; see 4.1.1) imported/converted and

“indexed” is searchable and retrievable by all end-users upon request.

The assessment team shall prepare test scenarios from which the total number of pages and documents

imported and/or converted can be compared and validated against the volume of information in

original formats and structures.
4 © ISO 2017 – All rights reserved
---------------------- Page: 9 ----------------------
ISO 18829:2017(E)
4.2.2.2 Data conversion from hardcopy format into electronic format

The assessment team shall evaluate how documents were prepared for conversion and how the

organization ensured that all documents, notes, etc. were converted from hardcopy format to ESI as

described in the BPD. The assessment shall include examining whether users follow the processes and

procedures, or which processes and procedures are not in conformance with international standards

and best practices.
4.2.2.3 Born digital capture

This subclause deals with the capture of born digital data and storage in the ECM environment/solution

being assessed. The assessment team shall evaluate the process used to capture data from external

storage media to determine the following:

— the process utilized ensures all data anticipated to be stored in the trustworthy ECM solution was

actually captured, indexed and stored as described in the policies and procedures;

— the process used to identify data duplication and/or replication between users who may have

multiple copies of the same document;

— the process used for any existing content conversion from “out of date” or “proprietary” formats

and how the user/migration team ensured all relevant data was converted without loss of fidelity

or readability while ensuring all “material” information was converted as described in the BPD.

For data that required conversion, if some information was lost due to inability of conversion tool to

convert as described in the BPD, the assessment team shall review whether the user/migration team

also stored the original data in original format for historical purposes.

The assessment team shall identify and validate processes used during electronic information ingestion

that required conversion from other formats in which the information was originally received.

4.2.3 Readability

Trustworthy ECM systems support the concept of ESI readability. Readability is the ability of the

system to accurately reproduce the stored information in a consistent fashion over a period of time

without unintended modification(s) to the original content in any way that materially changes what

was originally stored.

The assessment team shall prepare test scenarios using a process of verifying readability of samples of

the imported and/or converted information with standardized image/data “viewers”. Proprietary or

specialized “viewing” software shall not be used to verify readability of ESI, unless the proprietary or

specialized “viewing” software is the only available software to access the ESI being evaluated. If this

is the case, the evaluation team shall assess the “viewing” software from the perspective of availability

into the future wherever possible. These test scenarios shall be executed by the system and the output

examined by the assessment team for a “sampling of ESI” to

— determine whether there have been unintentional modifications to the ESI being managed by

the system,

— enable the assessment team to evaluate whether the content between original document/record

and the electronic version has changed,

— identify whether any specialized tools are required to extract/display the information that perform

any interpolation or extrapolation of the data, and/or

— identify whether the ESI formats/structures are standardized and which standards are being

followed.
© ISO 2017 – All rights reserved 5
---------------------- Page: 10 ----------------------
ISO 18829:2017(E)
4.3 Evaluating information retention, preservation and destruction
4.3.1 Application interoperability

Evaluate whether metadata used within the ECM system is duplicated between ECM systems, can be

changed or modified changing accessibility to the ESI or preventing future accessibility and/or can

produce different results depending on which system is used to search, store and/or retrieve ESI.

4.3.2 Data migration between electronic storage media

Evaluate how information was migrated into the ECM solution including procedures to ensure ESI and

related metadata remained intact including file formats, compression, metadata, etc. Evaluate what

type and level of auditing was implemented during the migration and how the organization determined

that all anticipated ESI was migrated as described in the BPD.
4.3.3 Data format conversion

Evaluate the process utilized to convert the ESI from the original format to the desired format. Evaluate

the methodology used to ensure no loss of information along with process documentation on the

procedures followed to perform the conversion(s).
4.3.4 Media monitoring program
Evaluate the storage technology used fo
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.