Relaterade standarder och tekniska rapporter: Processer för verksamhetsinformation

Dessa standarder vänder sig främst till dem som har operativt ansvar för informationsförvaltningen.
Det är vår ambition att efterhand bygga ut denna sida med ajourhållen formation om standarder som hanteras av SiS/TK 546 och pågående standardiseringsarbete.

Grunder för hantering

SS-ISO 15489-1: Dokumentation – Hantering av verksamhetsinformation – Del 1: Grunder och principer

I denna del av ISO 15489 definieras grunder och principer från vilka metoder för att skapa, registrera och hantera verksamhetsinformation utvecklas. Denna del av ISO 15489 beskriver grunder och principer som relaterar till följande:
1. a) verksamhetsinformation, metadata för verksamhetsinformation och system för hantering av verksamhetsinformation,
2. b) riktlinjer, tilldelat ansvar, övervakning och utbildning för att stödja effektiv hantering av verksamhetsinformation,
3. c) återkommande analys av verksamhetens sammanhang och identifiering av krav på verksamhetsinformation,
4. d) styrning av verksamhetsinformation,
5. e) processer för att skapa, registrera och hantera verksamhetsinformation.

Denna del av ISO 15489 gäller skapandet, omhändertagandet och hanteringen av verksamhetsinformation oavsett struktur eller form, i alla typer av verksamheter och tekniska miljöer, över tid.

2.3.1.2 SS-ISO 23081- 1: Information och dokumentation – Metadata för verksamhetsinformation-Del 1: Principer
Detta dokument behandlar de principer som underbygger och styr metadata för hantering av verksamhetsinformation. Dessa principer är tillämpliga på:
– verksamhetsinformation och deras metadata;
– alla processer som påverkar dem;
– system där de finns;
– organisationer som har ansvaret för deras hantering.

SS-ISO 23081-2: Information och dokumentation – Metadata för verksamhetsinformation del 2: Frågeställningar kring begrepp och införande.

ISO 23081-serien beskriver metadata för verksamhetsinformation. Denna del av ISO 23081 fokuserar på ramverket för definition av metadataelement för hantering av verksamhetsinformation och anger ett generiskt uttryck för metadataelement, antingen dessa är fysiska, analoga eller digitala, i överensstämmelse med principerna i ISO 23081-1.
Den ger en utökad logisk grund för metadata för hantering av verksamhetsinformation inom organisationer, konceptuella modeller för metadata samt elementuppsättning av generiska metadatatyper på hög nivå, lämpliga för alla miljöer som exempelvis innefattar aktuella dokument eller hantering av implementeringar av verksamhets- eller arkivsystem. Den definierar generiska metadatatyper för både entiteter av verksamhetsinformation och andra entiteter som behöver hanteras för att dokumentera och förstå verksamhetsinformationens kontext. Denna del av ISO 23081 identifierar också, för nyckelentiteter, ett minsta antal fasta aggregeringsnivåer som krävs för interoperabilitet. De modeller och generiska metadatatyper som beskrivs i denna del av ISO 23081 är främst fokuserade på entiteten “verksamhetsinformation”. Den är dock även relevant för andra entiteter.

SS-ISO 23081 – 3: Information och dokumentation – Dokumenthantering (Records management) – Metadata för verksamhetsinformation del 3: Metod för egenbedömning  

This Technical Report provides guidance on conducting a self-assessment on records metadata in relation to the creation, capture and control of records.

The self-assessment helps to:
a) identify the current state of metadata capture and management in or across organizations;
b) identify priorities of what to work on and when;
c) identify key requirements from ISO 23081-1:2006 and ISO 23081-2:2009;
d) evaluate progress in the development of a metadata framework for the implementation of specific systems and projects;
e) evaluate system and project readiness (move to the next phase in a system or project) when including records metadata functionality in a system. A records metadata readiness evaluation is provided for key steps from project inception through to the implementation/maintenance phase.

Analysmetoder

SIS-ISO/TR 26122: Information och dokumentation – Analys av verksamhetsprocesser för hantering av verksamhetsinformation.

Denna tekniska rapport ger stöd för processanalyser utifrån perspektivet att skapa, värdera, samla in och styra verksamhetsinformation. Den identifierar två typer av analyser, nämligen
a) funktionsanalys (där funktioner bryts ned till processer), och
b) sekvensanalys (där transaktionsflöden undersöks)

Varje analys innebär en lämplig preliminär granskning av sammanhang (d.v.s. uppdrag och normerande omgivning). Beroende på uppgiftens natur, projektets omfattning och syftet med analysen, kan analysens ingående delar genomföras i olika kombinationer och i annan ordning än den som beskrivs här. Vägledning i form av listor över frågor eller ämnen som bör övervägas under analysens delmoment ingår också. Denna tekniska rapport beskriver en praktisk tillämpning av den teori som beskrivs i SS-ISO 15489. Som sådan är den oberoende av teknik (d.v.s. kan tillämpas oberoende av teknisk miljö), även om den kan an-vändas för att bedöma lämpligheten hos de tekniska verktyg som stödjer en organisations processer. Denna tekniska rapport fokuserar på befintliga processer, snarare än att underlätta arbetsflöden (d.v.s. automatisering av verksamhetsprocesser helt eller delvis, under vilka dokument, information eller uppgifter förs från en deltagare till en annan för åtgärd, i enlighet med en uppsättning regler för rutiner, som visas i hänvisning[1] i litteraturförteckningen).

SIS-ISO/TR 18128: Riskanalys för processer och system som hanterar verksamhetsinformation.

The document:
a) provides methods for identifying and documenting risks related to records, records processes, controls and systems (records risks);
b) provides techniques for analysing records risks;
c) provides guidelines for conducting an evaluation of records risks.

This document intends to assist organizations in assessing records risks so they can ensure records continue to meet identified business needs as long as required.

This document can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure.

This document does not directly address the mitigation of risks, as methods for these vary from organization to organization.

It can be used by records professionals or people who have responsibi…

SIS-ISO/TR 21946: Information och dokumentation – Värdering för hantering av verksamhetsinformation

This document provides guidance on how to carry out appraisal for managing records. It describes some of the products and outcomes that can be delivered using the results of appraisal. As such, this document describes a practical application of the concept of appraisal outlined in ISO 15489-1.
This document:
a) lists some of the main purposes for appraisal;
b) describes the importance of establishing scope for appraisal;
c) explains how to analyse business functions and develop an understanding of their context;
d) explains how to identify records requirements;
e) describes the relationships between records requirements, business functions and work processes;
f) explains how to use risk assessment for making decisions related to records;
g) lists options for documenting the results of appraisal;
h) describes possible uses for the results of appraisal; and
i) explains the importance of monitoring and review of the execution of appraisal decisions.
This document can be used by all organizations regardless of size, nature of their business activities, or the complexity of their functions and structure

2.3.2.4 ISO 18128: 2024 Records Risks – Risk assessment for Records Management
The document:
• provides methods for identifying and documenting risks related to records, records processes, controls and systems (records risks);
• provides techniques for analysing records risks;
• provides guidelines for conducting an evaluation of records risks.

This document intends to assist organizations in assessing records risks so they can ensure records continue to meet identified business needs as long as required.

This document can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure.

This document does not directly address the mitigation of risks, as methods for these vary from organization to organization.

It can be used by records professionals or people who have responsibility for records and records processes, controls and/or systems in their organizations, and by auditors or managers who have responsibility for risk management programs in their organizations

System för verksamhetsinformation

SS-ISO 16175-1: Information och dokumentation – Processer och funktionella krav på programvara för hantering av verksamhetsinformation – Del 1: Funktionella krav och tillhörande vägledning för applikationer som hanterar digital verksamhetsinformation. 

This document provides model, high-level functional requirements and associated guidance for software applications that are intended to manage digital records (including digital copies of analogue source records), either as the main purpose of the application or as a part of an application that is primarily intended to enable other business functions and processes.
It does not include:

— functional requirements for applications that manage analogue records;
— generic design requirements such as reporting, application administration and performance;
— requirements for the long-term preservation of digital records in a dedicated preservation environment;

NOTE The model requirements are intended to encourage the deployment of applications that do not hinder long-term preservation of records. As such, some of the requirements support long-term digital preservation outcomes.

— implementation guidance for applications that manages analogue and/or digital records. Such guidance can be found in ISO/TS 16175-2:—[1].

SIS-ISO/TS 16175-2: Information och dokumentation – Processer och funktionella krav på programvara för hantering av verksamhetsinformation – Del 2: Vägledning för att välja, designa, införa och upprätthålla programvara för hantering av verksamhetsinformation. 

This document provides guidance for decision making and processes associated with the selection, design, implementation and maintenance of software for managing records, according to the principles specified in ISO 15489-1.

This document is applicable to any kind of records system supported by software, including paper records managed by software, but is particularly focused on software for managing digital records.

This document provides guidance to records professionals charged with, or supporting the selection, design, implementation and maintenance of systems for managing records using a variety of software. It can also provide assistance to information technology professionals such as solution architects/designers, IT procurement decision makers, business analysts, business owners and software developers and testers seeking to understand records requirements.


Specifika processer och möjliggörare

SIS-ISO/TR 13028: Information och dokumentation -Riktlinjer för digitalisering av verksamhetsinformation.

This Technical Report:
– establishes guidelines for creating and maintaining records in digital format
    only, where the original paper, or other non-digital source record, has been
    copied by digitizing;
– establishes best practice guidelines for digitization to ensure the trustworthiness
    and reliability of records and enable consideration of disposal of the non-digital        source records;
– establishes best practice guidelines for the trustworthiness of the digitized records
    which may impact on the legal admissibility and evidential weight of such
    records;
– establishes best practice guidelines for the accessibility of digitized records for as
    long as they are required;
– specifies strategies to assist in creating digitized records fit for long-term retention;
– establishes best practice guidelines for the management of non-digital source records following digitization.

This Technical Report is applicable for use in the design and conduct of responsible digitization by all organizations undertaking digitization, either business process digitization or back capture digitization projects for records management purposes, as outlined in ISO 15489-1:2001 and ISO/TR 15801:2009. This Technical Report is not applicable to:

a) capture and management of born-digital records;
b) technical specifications for the digital capture of records;
c) procedures for making decisions about records’ eventual disposition;
d) technical specifications for the long-term preservation of digital records;
e) digitization of existing archival holdings for preservation purposes.

SS-ISO 13008: Information och dokumentation – Arbetssätt för konvertering och migrering av digital verksamhetsinformation.

This International Standard specifes the planning issues, requirements and procedures for the conversion and/or migration of digital records (which includes digital objects plus metadata) in order to preserve the authenticity, reliability, integrity and usability of such records as evidence of business transactions. These digital records can be active or residing in a repository. These procedures do not comprehensively cover:- backup systems;— preservation of digital records;— functionality of trusted digital repositories;— the process of converting analogue formats to digital formats and vice versa.

SIS-ISO/TR 21965: Information och dokumentation – Hantering av verksamhetsinformation i verksamhetsarkitektur

The document creates a common language that embeds records management concerns and requirements into enterprise architecture with the twin goals of building consensus
— among records managers, enterprise architects and solution architects, and
— across the domains of records management, enterprise architecture and solution
    architecture.
NOTE This common understanding of Records Management enables Enterprise Architects to understand the motivations, concerns and goals of Records Managers, recognize them as influential key business stakeholders during organizational transformation, and use this understanding to influence systems planning and design. As a result, Records Management becomes an organizational capability at governance, strategic and operational levels.
This document provides a records management viewpoint, with architecture principles and corresponding architectural views of records. It explains records management for enterprise architects and other related professionals, so that they can achieve the competency needed to support collaborative initiatives.
This document provides support to enterprise architects in areas including:
— understanding and identifying records management principles, goals and
     requirements significant for the architectural representation,
— facilitating consultations with records managers during the project lifecycle,
— identifying opportunities to reuse existing records management analyses and
    tools.
This document provides scenarios and models for solution architects and those who have responsibility for infrastructure overview.
This document also provides a common language to records managers for collaboration with enterprise architects to position records management requirements in the architecture development process.

2.3.4.4 SIS-ISO TS 7538:2024: Funktionskrav för avhändande av verksamhetsinformation
This document identifies the purpose and benefits of disposition and provides organizations with guidance about how to manage disposition-related processes. In particular, it:
– specifies responsibilities for records disposition processes;
– provides guidance on the key areas against which records disposition processes
   can be assessed;
– provides requirements and guidance for those implementing disposition
    processes; and
– Provides guidance on how to integrate records disposition processes into an
    organization´s operations

2.3.4.6 ISO TR 8344 Issues and considerations for managing records in structured data environments
This document identifies issues and considerations for managing records in structured data environments.
2.3.4.7 ISO TR 22428-1:2020 Records management in the cloud: Issues and concerns
This document presents a model for cloud records management and outlines the risks and issues that are considered by records managers before adopting cloud services for records management. The model for cloud records management includes a stakeholder model, processes, metadata, architecture, and use cases. Risks and issues are classified into those originating from cloud services internally and those originating from cloud services externally. Internal risks are associated with cloud services, systems and stakeholders. External risks and issues can occur in the social and legal context in which cloud services operate.
The target audience of this document includes:
— records, information, knowledge, and governance professionals;
— cloud service architects;
— archivists using cloud services for managing records;
— developers of cloud-deployed records management software;
— ICT staff; and
— providers of cloud-based records management services.

2.3.4.8 ISO 17068 Trusted third party repository for digital records

ISO 17068:2017 specifies requirements for a trusted third party repository (TTPR) to support the authorized custody service in order to safeguard provable integrity and authenticity of clients’ digital records and serve as a source of reliable evidence.

ISO 17068:2017 is applicable to retention or repository services for digital records as a source of evidence during the retention periods of legal obligation in both the private and the public sectors.

ISO 17068:2017 has the limitation that the authorized custody of the stored records is between only the TTPR and the client.
2.3.4.9 ISO TR 24332 Blockchain and Distributed Ledger Technology in relation to authoritative records, records systems and records management
This document analyses challenges, considerations, and potential benefits of blockchain and distributed ledger technology (DLT) in relation to records management standards and related standards for systems that:

— create records that are required to be authoritative records;
— can be used as records systems; or
— can be used for records management, including records controls.

The target audience of this document includes records managers and allied professionals, IT professionals and application developers, legal and compliance professionals, researchers, educators and other interested parties.

Certifiering

2.3.5.1 SS-ISO/IEC TS 17021-14 Krav på organ som tillhandahåller revision och certifiering av ledningssystem – Del 14: Kompetenskrav för revision och certifiering av ledningssystem för verksamhetsinformation

This document specifies the competence requirements for personnel involved in the audit and certification process for management systems for records (MSR). It complements the existing requirements of ISO/IEC 17021-1.
NOTE This document is applicable for auditing and certification of MSR based on ISO 30301. It can also be used for other MSR applications.

Relaterade standarder och tekniska rapporter: Processer för verksamhetsinformation

Dessa standarder vänder sig främst till dem som har operativt ansvar för informationsförvaltningen.
Det är vår ambition att efterhand bygga ut denna sida med ajourhållen formation om standarder som hanteras av SiS/TK 546 och pågående standardiseringsarbete.

Grunder för hantering

SS-ISO 15489-1: Dokumentation – Hantering av verksamhetsinformation – Del 1: Grunder och principer

I denna del av ISO 15489 definieras grunder och principer från vilka metoder för att skapa, registrera och hantera verksamhetsinformation utvecklas. Denna del av ISO 15489 beskriver grunder och principer som relaterar till följande:
1. a) verksamhetsinformation, metadata för verksamhetsinformation och system för hantering av verksamhetsinformation,
2. b) riktlinjer, tilldelat ansvar, övervakning och utbildning för att stödja effektiv hantering av verksamhetsinformation,
3. c) återkommande analys av verksamhetens sammanhang och identifiering av krav på verksamhetsinformation,
4. d) styrning av verksamhetsinformation,
5. e) processer för att skapa, registrera och hantera verksamhetsinformation.

Denna del av ISO 15489 gäller skapandet, omhändertagandet och hanteringen av verksamhetsinformation oavsett struktur eller form, i alla typer av verksamheter och tekniska miljöer, över tid.

2.3.1.2 SS-ISO 23081- 1: Information och dokumentation – Metadata för verksamhetsinformation-Del 1: Principer
Detta dokument behandlar de principer som underbygger och styr metadata för hantering av verksamhetsinformation. Dessa principer är tillämpliga på:
– verksamhetsinformation och deras metadata;
– alla processer som påverkar dem;
– system där de finns;
– organisationer som har ansvaret för deras hantering.

SS-ISO 23081-2: Information och dokumentation – Metadata för verksamhetsinformation del 2: Frågeställningar kring begrepp och införande.

ISO 23081-serien beskriver metadata för verksamhetsinformation. Denna del av ISO 23081 fokuserar på ramverket för definition av metadataelement för hantering av verksamhetsinformation och anger ett generiskt uttryck för metadataelement, antingen dessa är fysiska, analoga eller digitala, i överensstämmelse med principerna i ISO 23081-1.
Den ger en utökad logisk grund för metadata för hantering av verksamhetsinformation inom organisationer, konceptuella modeller för metadata samt elementuppsättning av generiska metadatatyper på hög nivå, lämpliga för alla miljöer som exempelvis innefattar aktuella dokument eller hantering av implementeringar av verksamhets- eller arkivsystem. Den definierar generiska metadatatyper för både entiteter av verksamhetsinformation och andra entiteter som behöver hanteras för att dokumentera och förstå verksamhetsinformationens kontext. Denna del av ISO 23081 identifierar också, för nyckelentiteter, ett minsta antal fasta aggregeringsnivåer som krävs för interoperabilitet. De modeller och generiska metadatatyper som beskrivs i denna del av ISO 23081 är främst fokuserade på entiteten “verksamhetsinformation”. Den är dock även relevant för andra entiteter.

SS-ISO 23081 – 3: Information och dokumentation – Dokumenthantering (Records management) – Metadata för verksamhetsinformation del 3: Metod för egenbedömning  

This Technical Report provides guidance on conducting a self-assessment on records metadata in relation to the creation, capture and control of records.

The self-assessment helps to:
a) identify the current state of metadata capture and management in or across organizations;
b) identify priorities of what to work on and when;
c) identify key requirements from ISO 23081-1:2006 and ISO 23081-2:2009;
d) evaluate progress in the development of a metadata framework for the implementation of specific systems and projects;
e) evaluate system and project readiness (move to the next phase in a system or project) when including records metadata functionality in a system. A records metadata readiness evaluation is provided for key steps from project inception through to the implementation/maintenance phase.

Analysmetoder

SIS-ISO/TR 26122: Information och dokumentation – Analys av verksamhetsprocesser för hantering av verksamhetsinformation.

Denna tekniska rapport ger stöd för processanalyser utifrån perspektivet att skapa, värdera, samla in och styra verksamhetsinformation. Den identifierar två typer av analyser, nämligen
a) funktionsanalys (där funktioner bryts ned till processer), och
b) sekvensanalys (där transaktionsflöden undersöks)

Varje analys innebär en lämplig preliminär granskning av sammanhang (d.v.s. uppdrag och normerande omgivning). Beroende på uppgiftens natur, projektets omfattning och syftet med analysen, kan analysens ingående delar genomföras i olika kombinationer och i annan ordning än den som beskrivs här. Vägledning i form av listor över frågor eller ämnen som bör övervägas under analysens delmoment ingår också. Denna tekniska rapport beskriver en praktisk tillämpning av den teori som beskrivs i SS-ISO 15489. Som sådan är den oberoende av teknik (d.v.s. kan tillämpas oberoende av teknisk miljö), även om den kan an-vändas för att bedöma lämpligheten hos de tekniska verktyg som stödjer en organisations processer. Denna tekniska rapport fokuserar på befintliga processer, snarare än att underlätta arbetsflöden (d.v.s. automatisering av verksamhetsprocesser helt eller delvis, under vilka dokument, information eller uppgifter förs från en deltagare till en annan för åtgärd, i enlighet med en uppsättning regler för rutiner, som visas i hänvisning[1] i litteraturförteckningen).

SIS-ISO/TR 18128: Riskanalys för processer och system som hanterar verksamhetsinformation.

The document:
a) provides methods for identifying and documenting risks related to records, records processes, controls and systems (records risks);
b) provides techniques for analysing records risks;
c) provides guidelines for conducting an evaluation of records risks.

This document intends to assist organizations in assessing records risks so they can ensure records continue to meet identified business needs as long as required.

This document can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure.

This document does not directly address the mitigation of risks, as methods for these vary from organization to organization.

It can be used by records professionals or people who have responsibi…

SIS-ISO/TR 21946: Information och dokumentation – Värdering för hantering av verksamhetsinformation

This document provides guidance on how to carry out appraisal for managing records. It describes some of the products and outcomes that can be delivered using the results of appraisal. As such, this document describes a practical application of the concept of appraisal outlined in ISO 15489-1.
This document:
a) lists some of the main purposes for appraisal;
b) describes the importance of establishing scope for appraisal;
c) explains how to analyse business functions and develop an understanding of their context;
d) explains how to identify records requirements;
e) describes the relationships between records requirements, business functions and work processes;
f) explains how to use risk assessment for making decisions related to records;
g) lists options for documenting the results of appraisal;
h) describes possible uses for the results of appraisal; and
i) explains the importance of monitoring and review of the execution of appraisal decisions.
This document can be used by all organizations regardless of size, nature of their business activities, or the complexity of their functions and structure

2.3.2.4 ISO 18128: 2024 Records Risks – Risk assessment for Records Management
The document:
• provides methods for identifying and documenting risks related to records, records processes, controls and systems (records risks);
• provides techniques for analysing records risks;
• provides guidelines for conducting an evaluation of records risks.

This document intends to assist organizations in assessing records risks so they can ensure records continue to meet identified business needs as long as required.

This document can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure.

This document does not directly address the mitigation of risks, as methods for these vary from organization to organization.

It can be used by records professionals or people who have responsibility for records and records processes, controls and/or systems in their organizations, and by auditors or managers who have responsibility for risk management programs in their organizations

System för verksamhetsinformation

SS-ISO 16175-1: Information och dokumentation – Processer och funktionella krav på programvara för hantering av verksamhetsinformation – Del 1: Funktionella krav och tillhörande vägledning för applikationer som hanterar digital verksamhetsinformation. 

This document provides model, high-level functional requirements and associated guidance for software applications that are intended to manage digital records (including digital copies of analogue source records), either as the main purpose of the application or as a part of an application that is primarily intended to enable other business functions and processes.
It does not include:

— functional requirements for applications that manage analogue records;
— generic design requirements such as reporting, application administration and performance;
— requirements for the long-term preservation of digital records in a dedicated preservation environment;

NOTE The model requirements are intended to encourage the deployment of applications that do not hinder long-term preservation of records. As such, some of the requirements support long-term digital preservation outcomes.

— implementation guidance for applications that manages analogue and/or digital records. Such guidance can be found in ISO/TS 16175-2:—[1].

SIS-ISO/TS 16175-2: Information och dokumentation – Processer och funktionella krav på programvara för hantering av verksamhetsinformation – Del 2: Vägledning för att välja, designa, införa och upprätthålla programvara för hantering av verksamhetsinformation. 

This document provides guidance for decision making and processes associated with the selection, design, implementation and maintenance of software for managing records, according to the principles specified in ISO 15489-1.

This document is applicable to any kind of records system supported by software, including paper records managed by software, but is particularly focused on software for managing digital records.

This document provides guidance to records professionals charged with, or supporting the selection, design, implementation and maintenance of systems for managing records using a variety of software. It can also provide assistance to information technology professionals such as solution architects/designers, IT procurement decision makers, business analysts, business owners and software developers and testers seeking to understand records requirements.


Specifika processer och möjliggörare

SIS-ISO/TR 13028: Information och dokumentation -Riktlinjer för digitalisering av verksamhetsinformation.

This Technical Report:
– establishes guidelines for creating and maintaining records in digital format
    only, where the original paper, or other non-digital source record, has been
    copied by digitizing;
– establishes best practice guidelines for digitization to ensure the trustworthiness
    and reliability of records and enable consideration of disposal of the non-digital        source records;
– establishes best practice guidelines for the trustworthiness of the digitized records
    which may impact on the legal admissibility and evidential weight of such
    records;
– establishes best practice guidelines for the accessibility of digitized records for as
    long as they are required;
– specifies strategies to assist in creating digitized records fit for long-term retention;
– establishes best practice guidelines for the management of non-digital source records following digitization.

This Technical Report is applicable for use in the design and conduct of responsible digitization by all organizations undertaking digitization, either business process digitization or back capture digitization projects for records management purposes, as outlined in ISO 15489-1:2001 and ISO/TR 15801:2009. This Technical Report is not applicable to:

a) capture and management of born-digital records;
b) technical specifications for the digital capture of records;
c) procedures for making decisions about records’ eventual disposition;
d) technical specifications for the long-term preservation of digital records;
e) digitization of existing archival holdings for preservation purposes.

SS-ISO 13008: Information och dokumentation – Arbetssätt för konvertering och migrering av digital verksamhetsinformation.

This International Standard specifes the planning issues, requirements and procedures for the conversion and/or migration of digital records (which includes digital objects plus metadata) in order to preserve the authenticity, reliability, integrity and usability of such records as evidence of business transactions. These digital records can be active or residing in a repository. These procedures do not comprehensively cover:- backup systems;— preservation of digital records;— functionality of trusted digital repositories;— the process of converting analogue formats to digital formats and vice versa.

SIS-ISO/TR 21965: Information och dokumentation – Hantering av verksamhetsinformation i verksamhetsarkitektur

The document creates a common language that embeds records management concerns and requirements into enterprise architecture with the twin goals of building consensus
— among records managers, enterprise architects and solution architects, and
— across the domains of records management, enterprise architecture and solution
    architecture.
NOTE This common understanding of Records Management enables Enterprise Architects to understand the motivations, concerns and goals of Records Managers, recognize them as influential key business stakeholders during organizational transformation, and use this understanding to influence systems planning and design. As a result, Records Management becomes an organizational capability at governance, strategic and operational levels.
This document provides a records management viewpoint, with architecture principles and corresponding architectural views of records. It explains records management for enterprise architects and other related professionals, so that they can achieve the competency needed to support collaborative initiatives.
This document provides support to enterprise architects in areas including:
— understanding and identifying records management principles, goals and
     requirements significant for the architectural representation,
— facilitating consultations with records managers during the project lifecycle,
— identifying opportunities to reuse existing records management analyses and
    tools.
This document provides scenarios and models for solution architects and those who have responsibility for infrastructure overview.
This document also provides a common language to records managers for collaboration with enterprise architects to position records management requirements in the architecture development process.

2.3.4.4 SIS-ISO TS 7538:2024: Funktionskrav för avhändande av verksamhetsinformation
This document identifies the purpose and benefits of disposition and provides organizations with guidance about how to manage disposition-related processes. In particular, it:
– specifies responsibilities for records disposition processes;
– provides guidance on the key areas against which records disposition processes
   can be assessed;
– provides requirements and guidance for those implementing disposition
    processes; and
– Provides guidance on how to integrate records disposition processes into an
    organization´s operations

2.3.4.6 ISO TR 8344 Issues and considerations for managing records in structured data environments
This document identifies issues and considerations for managing records in structured data environments.
2.3.4.7 ISO TR 22428-1:2020 Records management in the cloud: Issues and concerns
This document presents a model for cloud records management and outlines the risks and issues that are considered by records managers before adopting cloud services for records management. The model for cloud records management includes a stakeholder model, processes, metadata, architecture, and use cases. Risks and issues are classified into those originating from cloud services internally and those originating from cloud services externally. Internal risks are associated with cloud services, systems and stakeholders. External risks and issues can occur in the social and legal context in which cloud services operate.
The target audience of this document includes:
— records, information, knowledge, and governance professionals;
— cloud service architects;
— archivists using cloud services for managing records;
— developers of cloud-deployed records management software;
— ICT staff; and
— providers of cloud-based records management services.

2.3.4.8 ISO 17068 Trusted third party repository for digital records

ISO 17068:2017 specifies requirements for a trusted third party repository (TTPR) to support the authorized custody service in order to safeguard provable integrity and authenticity of clients’ digital records and serve as a source of reliable evidence.

ISO 17068:2017 is applicable to retention or repository services for digital records as a source of evidence during the retention periods of legal obligation in both the private and the public sectors.

ISO 17068:2017 has the limitation that the authorized custody of the stored records is between only the TTPR and the client.
2.3.4.9 ISO TR 24332 Blockchain and Distributed Ledger Technology in relation to authoritative records, records systems and records management
This document analyses challenges, considerations, and potential benefits of blockchain and distributed ledger technology (DLT) in relation to records management standards and related standards for systems that:

— create records that are required to be authoritative records;
— can be used as records systems; or
— can be used for records management, including records controls.

The target audience of this document includes records managers and allied professionals, IT professionals and application developers, legal and compliance professionals, researchers, educators and other interested parties.

Certifiering

2.3.5.1 SS-ISO/IEC TS 17021-14 Krav på organ som tillhandahåller revision och certifiering av ledningssystem – Del 14: Kompetenskrav för revision och certifiering av ledningssystem för verksamhetsinformation

This document specifies the competence requirements for personnel involved in the audit and certification process for management systems for records (MSR). It complements the existing requirements of ISO/IEC 17021-1.
NOTE This document is applicable for auditing and certification of MSR based on ISO 30301. It can also be used for other MSR applications.