iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/TR 15801:2017

(Main)

Document management — Electronically stored information — Recommendations for trustworthiness and reliability

Document management — Electronically stored information — Recommendations for trustworthiness and reliability

ISO/TR 15801:2017 describes the implementation and operation of information management systems that store and make available for use electronically stored information (ESI) in a trustworthy and reliable manner. Such ESI can be of any type, including "page based" information, information in databases and audio/video information. ISO/TR 15801:2017 is for use by any organization that uses systems to store trustworthy ESI over time. Such systems incorporate policies, procedures, technology and audit requirements that ensure that trustworthiness of the ESI is maintained. ISO/TR 15801:2017 does not cover processes used to evaluate whether ESI can be considered to be trustworthy prior to it being stored or imported into the system. However, it can be used to demonstrate that, once the electronic information is stored, output from the system will be a true and accurate reproduction of the ESI created and/or imported.

Gestion de document — Information stockée électroniquement — Recommandations pour contribuer à l'intégrité et à la fiabilité des informations stockées

General Information

Status
Published
Publication Date
16-May-2017
ICS
37.080 - Document imaging applications
Technical Committee
ISO/TC 171/SC 1 - Quality, preservation and integrity of information
Drafting Committee
ISO/TC 171/SC 1/WG 9 - Document management - Information stored electronically
Current Stage
9092 - International Standard to be revised
Completion Date
10-Aug-2023
Ref Project

Relations

Revises
ISO/TR 15801:2009 - Document management — Information stored electronically — Recommendations for trustworthiness and reliability
Effective Date
28-Jun-2014

Buy Standard

ISO/TR 15801:2017 - Document management -- Electronically stored information -- Recommendations for trustworthiness and reliabilityISO/TR 15801:2017 - Document management -- Electronically stored information -- Recommendations for trustworthiness and reliability
PreviousNext
Technical report
ISO/TR 15801:2017 - Document management -- Electronically stored information -- Recommendations for trustworthiness and reliability
English language
44 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

TECHNICAL ISO/TR
REPORT 15801
Third edition
2017-05
Document management —
Electronically stored information —
Recommendations for trustworthiness
and reliability
Gestion de document — Information stockée électroniquement —
Recommandations pour contribuer à l’intégrité et à la fiabilité des
informations stockées
Reference number
ISO/TR 15801:2017(E)
©
ISO 2017

---------------------- Page: 1 ----------------------
ISO/TR 15801:2017(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2017, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2017 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/TR 15801:2017(E)

Contents Page
Foreword .vi
Introduction .vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Information management policy . 2
4.1 General . 2
4.2 Information management policy document . 2
4.2.1 Contents . . 2
4.2.2 ESI covered . 3
4.2.3 ESI roles and responsibilities . 3
4.2.4 ESI security classification . 3
4.2.5 Storage media . 4
4.2.6 Data file formats and compression . 4
4.2.7 Outsourcing . 4
4.2.8 Standards related to information management . 4
4.2.9 Retention and disposal schedules . 5
4.2.10 Information management responsibilities . . 5
4.2.11 Compliance with policy . 5
5 Duty of care . 5
5.1 General . 5
5.1.1 Trusted system . 5
5.1.2 Controls . 5
5.1.3 Segregation of roles . 6
5.2 Information security management . 6
5.2.1 Information security policy . 6
5.2.2 Risk assessment . . 7
5.2.3 Information security framework . 8
5.3 Business continuity planning . 8
5.4 Consultations . 8
6 Procedures and processes . 9
6.1 General . 9
6.2 Procedures manual . 9
6.2.1 Documentation . 9
6.2.2 Content . 9
6.2.3 Compliance with procedures .10
6.2.4 Updating and reviews .10
6.3 ESI capture .10
6.3.1 General.10
6.3.2 Creation and importing .11
6.3.3 Information loss .11
6.3.4 Metadata .12
6.4 Document image capture .12
6.4.1 General.12
6.4.2 Preparation of paper documents .12
6.4.3 Document batching .13
6.4.4 Photocopying .13
6.4.5 Scanning processes .14
6.4.6 Quality control .15
6.4.7 Rescanning .17
6.4.8 Image processing .17
6.5 Data capture .17
© ISO 2017 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/TR 15801:2017(E)

6.5.1 Data creation .17
6.5.2 Conversion and migration .18
6.6 Database considerations .18
6.6.1 General.18
6.6.2 Database systems .18
6.6.3 Database schemas .20
6.6.4 Master data management .20
6.6.5 Transactional vs. updating .21
6.7 Indexing .21
6.7.1 General.21
6.7.2 Manual indexing .21
6.7.3 Automatic indexing .21
6.7.4 Index storage .21
6.7.5 Index amendments .22
6.7.6 Index accuracy .22
6.8 Authenticated output procedures .22
6.9 ESI transmission .23
6.9.1 Intra-system ESI transfer .23
6.9.2 External transmission of files .23
6.10 Information retention .24
6.11 Information preservation .25
6.12 Information destruction .25
6.13 Backup and system recovery .25
6.14 System maintenance .26
6.14.1 General.26
6.14.2 Scanning systems .26
6.15 Security and protection .27
6.15.1 Security procedures .27
6.15.2 Encryption keys .27
6.16 Use of contracted services . .28
6.16.1 General.28
6.16.2 Procedural considerations .28
6.16.3 Transportation of paper documents .29
6.16.4 Use of trusted third party .29
6.17 Workflow .29
6.18 Date and time stamps .30
6.19 Version control .30
6.19.1 Information.30
6.19.2 Documentation .30
6.19.3 Procedures and processes .31
6.20 Maintenance of documentation .31
7 Enabling technologies .31
7.1 General .31
7.2 System description manual .32
7.3 Storage media and sub-system considerations .32
7.4 Access levels .33
7.5 System integrity checks .33
7.5.1 General.33
7.5.2 Digital and electronic signatures (including biometric signatures) .34
7.6 Image processing .34
7.7 Compression techniques .35
7.8 Form overlays and form removal .36
7.9 Environmental considerations .36
7.10 Migration .36
7.11 Information deletion and/or expungement .37
8 Audit trails .37
8.1 General .37
iv © ISO 2017 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/TR 15801:2017(E)

8.1.1 Audit trail data .37
8.1.2 Creation .38
8.1.3 Date and time .38
8.1.4 Storage .38
8.1.5 Access .39
8.1.6 Security and protection .39
8.2 System.39
8.2.1 General.39
8.2.2 Audit trail information .40
8.2.3 Migration and conversion .40
8.3 ESI .40
8.3.1 General.40
8.3.2 ESI capture .40
8.3.3 Batch information .41
8.3.4 Indexing .42
8.3.5 Change control .42
8.3.6 Digital signatures . .42
8.3.7 Destruction of information .43
8.3.8 Workflow .43
Bibliography .44
© ISO 2017 – All rights reserved v

---------------------- Page: 5 ----------------------
ISO/TR 15801:2017(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO’s adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see the following
URL: w w w . i s o .org/ iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 171, Document management applications,
Subcommittee SC 1, Quality, preservation and integrity of information.
This third edition cancels and replaces the second edition (ISO/TR 15801:2009), which has been
technically revised.
vi © ISO 2017 – All rights reserved

---------------------- Page: 6 ----------------------
ISO/TR 15801:2017(E)

Introduction
This document defines recommended practices for electronic storage of business or other information
in an electronic form. As such, complying with its recommendations is of value to organizations even
when the trustworthiness of the stored information is not being challenged, especially in jurisdictions
with e-discovery legislation.
Information originates from many sources. This document covers information in any form, from the
traditional scanned images, word processed documents and spreadsheets to the more “modern” forms
which include e-mail, web content, instant messages, CAD drawing files, blogs, wikis, etc. Also included
is information stored in databases and other data storage systems. Recommendations in this document
can be useful in systems that use local and/or cloud storage.
Users of this document should be aware that the implementation of these recommendations does
not automatically ensure acceptability of the evidence contained within the information. Where
electronically stored information (ESI) might be required in court or other adversarial situation,
implementers of this document are advised to seek legal advice to ascertain the precise situation within
their relevant legal environment.
This document describes means by which it can be demonstrated, at any time, that the information
created or existing within an information management system has not changed since it was created
within the system or imported into it.
Regardless of the original format, it will be possible to demonstrate that information stored in a
trustworthy information management system can be reliably reproduced in a consistent manner and
accurately reflects what was originally stored without any material modification.
Alternative versions of the information in a document might legitimately develop, e.g. revision of a
contract. In these cases, the new versions are treated as new documents. The same principle can be
applied when a sig
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO 4669-1:2023(Main)
Document management — Information classification, marking and handling — Part 1: Requirements

This document specifies requirements for information classification, marking and handling (ICMH). This document also defines how such information can be accessed by users, both inside and outside the organization, who own the information. This document is applicable to, but not limited to, the following: a) organizations of any size that create, store, share or otherwise process information; b) individuals who create, store, share or otherwise process information; c) individuals with responsibilities for document management, information governance and management, information security, data protection, privacy and/or compliance; and d) organizations that create, provide or support tools that enable a) to c). This document addresses information that can be understood by humans and is capable of being shared. Throughout this document such information is referred to as an “information asset” regardless of its media or format. NOTE Information assets can include structured information, unstructured information, text, pictures and audio/video recordings, i.e. anything that contains information, including information that is derived from databases and turned into a tangible asset.

  • Standard
    31 pages
    English language
    sale 15% off
  • Draft
    37 pages
    English language
    sale 15% off
ISO
ISO 19475:2021(Main)
Document management — Minimum requirements for the storage of documents

This document specifies the minimum requirements necessary to maintain the authenticity, integrity and readability of documents managed by an electronic document management system. Clarifying the methods and procedures for appropriately handling electronic documents promotes the usability of the documents, in both a legal and business context. This document expresses a general business process as a document handling process. The document handling processes include receiving, processing and delivering the documents as follows: — approving the receipt of a document in a manner that is appropriate for a work process; — storing the formal document in the work process environment; — delivery of the document to another organization. This document establishes the controls for execution of the work processes while maintaining the authenticity and integrity of the document received. This document establishes the policies for the storage of documents used as part of the work process. It also details the controls for performing the receipt and conversion process appropriately.

  • Standard
    15 pages
    English language
    sale 15% off
  • Draft
    15 pages
    English language
    sale 15% off
ISO
ISO 14641:2018(Main)
Electronic document management — Design and operation of an information system for the preservation of electronic documents — Specifications

This document specifies a set of technical specifications and organizational policies to be implemented for the capture, storage and access of electronic documents. This ensures legibility, integrity and traceability of the documents for the duration of their preservation. This document is applicable to electronic documents resulting from: - the scanning of original paper or microform documents; - the conversion of analogue audio or video content; - the "native" creation by an information system application; - other sources that create digital content such as two- or three- dimensional maps, drawings or designs, digital audio/video and digital medical images. This document is not applicable to information systems in which users have the ability to substitute or alter documents after capture. This document is intended for the following users. a) Organizations implementing information systems in which: electronic documents created from scan captures are kept in an environment that ensures fidelity with regard to the original and long-term preservation; digitally born documents are kept in an environment that ensures the content integrity of the information and document legibility; traceability is ensured for all operations relating to the electronic documents. b) Organizations providing information technology services and software publishers seeking to develop information systems that ensure the fidelity and integrity of electronic documents. c) Organizations providing third-party document archiving services.

  • Standard
    40 pages
    English language
    sale 15% off
  • Standard
    40 pages
    English language
    sale 15% off
ISO
ISO 11506:2017(Main)
Document management applications — Archiving of electronic data — Computer output microform (COM)/Computer output laser disc (COLD)

ISO 11506:2017 specifies techniques for archiving electronic data to ensure their long-term integrity, accessibility, usability, readability and reliability, in order to protect the evidential value of the data. In ISO 11506:2017, long term is considered to be a period of time lasting more than a century (see ISO 18911). Black-and-white microforms processed with liquid chemicals are used in ISO 11506:2017 because the result is always an irreversible record and because of the proven quality of microforms as a long-term preservation media. ISO 11506:2017 also specifies procedures for the parallel recording, by a single production unit, of COM and COLD output from the same data. It applies to many different types of electronic data, such as text and two-dimensional graphic data which can be represented as a black-and-white image. It is not applicable to the following: - animated images or sounds; - three-dimensional images; - images in shades of grey or in colour; - X-ray images. Neither is ISO 11506:2017 applicable to microforms created from dry thermal processes, since they offer insufficient guarantees in terms of irreversibility and longevity.

  • Standard
    33 pages
    English language
    sale 15% off
ISO
ISO/TR 18159:2015(Main)
Document management — Environmental and work place safety regulations affecting microfilm processors

ISO/TR 18159:2015 provides information about environmental laws and regulations that can affect microfilm processing laboratories. These laws and regulations control the following microfilm processing activities: - storage and disposal of effluents; - storage and disposal of hazardous waste, employee safety training; - notification of the public regarding hazardous waste incidents. NOTE This Technical Report includes in an Annex, for information purposes, a discussion of The United States Environmental Protection Agency (EPA) Guidance Manual on the Development and Implementation of Local Discharge Limitations Under Pretreatment Programme and that guidance manual's relationship with state and local requirements in the United States. Also included in this Technical Report are examples of typical discharge limitations.

  • Technical report
    50 pages
    English language
    sale 15% off
ISO
ISO 12651-2:2014(Main)
Electronic document management — Vocabulary — Part 2: Workflow management

ISO 12651-2:2014 defines terms and concepts relevant to electronic document workflow management. It is intended to facilitate communication in the field of electronic document management and translation of the terms and concepts it contains into other languages. It identifies the terminology used to describe the concepts and general structure of a workflow management system for electronic images and other electronic documents, its major functional components, and their interfaces. It also provides a list of synonyms variously used within the industry as alternative terms to the preferred terminology

  • Standard
    12 pages
    English language
    sale 15% off
  • Standard
    9 pages
    English language
    sale 15% off
  • Standard
    9 pages
    French language
    sale 15% off
ISO
ISO/TR 17797:2014(Main)
Electronic archiving — Selection of digital storage media for long term preservation

ISO/TR 17797:2014 gives guidelines on a selection of the most appropriate storage media for use in long-term electronic storage solutions. It includes a discussion on magnetic, optical, and electronic storage.

  • Technical report
    26 pages
    English language
    sale 15% off
  • Technical report
    26 pages
    English language
    sale 15% off
ISO
ISO/TR 18160:2014(Main)
Document management — Digital preservation — Analog recording to silver-gelatin microform

ISO/TR 18160:2014 recommends test methods for evaluating the consistency of the digital images recorded onto black and white silver microfilm using input from both digitally born documents as well as digital documents created from document scanners. Quality control procedures to be used for optimizing and maintaining output quality onto film over time are described. ISO/TR 18160:2014 stresses the use of both commercial and ISO approved standard test targets. The test methods are based on the visual examination of the output of office document scanners and digitally born test targets on film image recorders. It is applicable to assessing the output quality of document scanners used in the office and film image recorders used to record the resultant scanned images to microfilm. Microforms can be any common formats including 16 mm, 35 mm, and 105 mm roll microfilm, as well as microfiche depending on the film image recorder capability.

  • Technical report
    9 pages
    English language
    sale 15% off
ISO
ISO 12653-3:2014(Main)
Electronic imaging — Test target for scanning of office documents — Part 3: Test target for use in lower resolution applications

ISO 12653-3:2014 specifies a test target for assessing the consistency of the output quality over time from lower resolution reflection scanning systems. It is applicable to assessing the output quality of black-and-white and colour scanners used for black-and-white or colour office documents, with or without half tone.

  • Standard
    20 pages
    English language
    sale 15% off
ISO
ISO 12651-1:2012(Main)
Electronic document management — Vocabulary — Part 1: Electronic document imaging

ISO 12651-1:2012 defines terms and concepts relevant to electronic document management. It is intended to facilitate communication in the field of electronic document management and translation of the terms it contains into other languages. The term "electronic document management" used throughout ISO 12651-1:2012 is intended as an all-encompassing term referring to inputting technologies, management technologies and storage technologies.

  • Standard
    18 pages
    English language
    sale 15% off
  • Standard
    18 pages
    English language
    sale 15% off