Bisher spielte das Thema Records Management in Deutschland kaum eine Rolle (PROJECT CONSULT stellte vor zwei Jahren auch ihre eigene Records Management Konferenz wieder ein – Handouts der bisherigen Konferenzen http://bit.ly/2powrwf). In Deutschland sprach man immer nur von Dokumentenmanagement, Schriftgutverwaltung, Aktenverwaltung und elektronischen Akten. Da aber auch deutsche Anbieter vermehrt im Ausland tätig werden, wo Records Management ein Muss ist, wird immer mehr Records-Management-Funktionalität in die Produkte integriert. Neben den Standards ISO 15489 und der ISO 3030x spielt hier die ISO 16175-2:2011 als praxisnaher Kriterienkatalog eine wichtige Rolle. Die ISO 16175 “Information and documentation — Principles and functional requirements for records in electronic office environments — Part 2: Guidelines and functional requirements for digital records management systems” kann hier bezogen werden: http://bit.ly/ISO16175.
Die ISO 16175-2 „Information und Dokumentation – Grundsätze und funktionale Anforderungen an Schriftgut im elektronischen Geschäftsgang“ basiert auf den Records-Management-Konzepten des International Council on Archives (ICA). Sie bezieht sich auf Software, die primär oder ausschließlich dem Records Management dient. Die ISO 16175 listet knapp 300 Kriterien auf, die für das elektronische Records Management wichtig sind. Leider ist die ISO 16175 nicht mit der aktuelleren und wichtigeren ISO 15489 harmonisiert – weder begrifflich noch strategisch. Der ISO 16175 merkt man auch die Herkunft aus einem Gremium der “Langzeitarchivierer” an.
Als erstes deutsches Unternehmen wurde nun SER mit DOXIS4 nach der ISO 16175 zertifiziert. SER expandiert international und braucht daher auch Records-Management-Lösungen. SER wurde zuletzt auch als einziger deutscher Anbieter in den Marktstudien von Forrester und Gartner gelistet. Aus unserer Sicht ist dieser Vorstoss von SER in Richtung Records Management sehr sinnvoll und lobenswert!
Auszug aus der ISO 16175
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 16175-2 was prepared by the International Council on Archives (as International Council on Archives and the Australasian Digital Recordkeeping Initiative Principles and functional requirements for records in electronic office environments — Module 2: Guidelines and functional requirements for digital records management systems) and was adopted, under a special “fast-track procedure”, by Technical Committee ISO/TC 46, Information and documentation, Subcommittee SC 11, Archives/records management, in parallel with its approval by the ISO member bodies.
ISO 16175 consists of the following parts, under the general title Information and documentation — Principles and functional requirements for records in electronic office environments:
— Part 1: Overview and statement of principles
— Part 2: Guidelines and functional requirements for digital records management systems
— Part 3: Guidelines and functional requirements for records in business systems
Effective management of records and information is fundamental to a well-functioning organisation as it supports business activity and provides a basis for efficient service delivery. It also provides the mechanism whereby organisations can account for their decisions and actions and retain corporate memory. Moreover, good records management is simply good business practice.
Digital records management systems facilitate:
a) efficiency, by making information readily available when needed for decision-making and operational activities;
b) sound use of financial resources, by allowing timely disposition of non-current records;
c) accountability, by enabling the creation of a complete and authoritative record of activities;
d) compliance, by demonstrating that legal requirements have been met; and
e) risk mitigation, by managing the risks associated with illegal loss or destruction of records, and from inappropriate or unauthorised access to records.
A fundamental underlying principle for this document, Principles and functional requirements for records in electronic office environments — Part 2: Guidelines and functional requirements for digital records management systems. (hereafter the term ‘part’ is used) is the distinction between business systems (or business information systems) and digital (or electronic) records management systems. Business systems contain data that is commonly subject to constant updates (dynamic), able to be transformed (manipulable) and contain data in current business use (non-redundant). By contrast, digital records management systems contain data that is not dynamically linked to business activity (fixed), unable to be altered (inviolable), and may be noncurrent (redundant). Therefore business systems are beyond the scope of this part (see ISO 1617-3: 2010, Information and documentation — Principles and functional requirements for records in electronic office environments — Part 3: Guidelines and functional requirements for records in business systems.).
The records within a digital records management system are, however, still dynamic in the sense that they can be (re)used in new business activity/contexts, so new metadata will be added through the ongoing use of the record content. Digital records management systems provide the technological component of a framework for the systematic and structured management of records; they link digital and non-digital records to business activities, retain records of past actions, and fix the content and structure of records over time.
The primary audience for this document is staff responsible for designing, reviewing and/or implementing digital records management systems in organisations — whether those systems are commercial off-the-shelf digital records management software applications, or custom-built applications.
This part primarily addresses the requirements of organisational records/information managers or system procurement project leaders, but will be relevant for jurisdictional standard-setters and the wider records management community.
Another key audience is software vendors and developers who market and/or develop digital records management system products. This part is intended to inform their decision-making when designing records management functionality within digital records management products.
The scope of this part is limited to products that are often termed ‘electronic records management systems’ or ‘enterprise content management systems’. This part will use the term digital records management systems for those software applications whose primary function is records management. It does not seek to set requirements for records still in use and held within business systems. Digital objects created by email, word processing, spreadsheet and imaging applications (such as text documents, and still or moving images), where they are identified to be of business value, should be managed within digital records management systems which meet the functional requirements set out in this part.
Records managed by a digital records management system may be stored on a variety of different media formats, and may be managed in hybrid record aggregations that include both digital and non-digital elements.
This part does not attempt to include requirements that are not specific to, or necessary for, records management, for example, general system management and design requirements. Nor does it include requirements common to all software applications, such as performance, scalability and usability. Given the target audience of this document, it also assumes a level of knowledge about developing design specifications, procurement and evaluation processes, and therefore these issues are not covered in this part. Although not included in this part’s requirements, the importance of non-records management functional requirements for records management systems is recognised through their inclusion in the high-level model outlined in Section 4.2: Overview of functional requirements.
Specifications for the long-term preservation of digital records are also beyond the scope of this part; this issue should be addressed separately within a dedicated framework for digital preservation or ‘digital archiving’ at a strategic level. These digital preservation considerations transcend the life of systems and are system independent; they should be assessed in a specific migration and conversion plan at the tactical level. However, recognition of the need to maintain records for as long as they are required shall be addressed, and potential format obsolescence issues should also be considered when applying the functional requirements.
This part articulates a set of functional requirements for digital records management systems. These requirements apply to records irrespective of the media in which they were created and/or stored. The requirements are intended to:
a) set out the processes and requirements for identifying and managing records in digital records management systems;
b) set out the records management functionality to be included in a design specification when building, upgrading or purchasing digital records management systems software;
c) inform records management functional requirements in the selection of commercially available digital records management systems; and
d) review the records management functionality of, or assess the compliance of, an existing digital records management system.
2 RELATED STANDARDS
The following documents are referenced for the application of this document.
- ISO 15489-1:2001, Information and documentation — Records management — Part 1: General
- ISO/TR 15801:2009, Document management — Information stored electronically — Part 2: Recommendations for trustworthiness and reliability
- ISO 16175-1:2010, Information and documentation — Principles and functional requirements for records in electronic office environments — Part 1: Overview and statement of principles.
- ISO 1617-3:2010, Information and documentation — Principles and functional requirements for records in electronic office environments — Part 3: Guidelines and functional requirements for records in business systems.
- ISO 23081-1:2006, Information and documentation — Records management processes — Metadata for records — Part 1: Principles
- ISO 23081-2:2009, Information and documentation — Managing metadata for records — Part 2: Conceptual and implementation issues.
- ISO 2788:1986, Documentation — Guidelines for the establishment and development of monolingual thesauri.
- ISO 5964:1985, Documentation — Guidelines for the establishment and development of multilingual thesauri.
- International Council on Archives, Principles and Functional Requirements for Records in Electronic Office Environments, Part 1 — Overview and Statement of Principles, 2008.
- International Council on Archives, Principles and Functional requirements for Records in Electronic Office Environments, Part 3 — Guidelines and Functional Requirements for Records in Business information systems, 2008.
3 TERMS AND DEFINITIONS
Activity (business activity): The second level of a business classification scheme.
Aggregation: Any accumulation of record entities at a level above record object.
Business classification scheme BCS: The conceptual, hierarchical, representation of the functions and activities performed by an organisation.
Business activity: An umbrella term covering all the functions, processes, activities and transactions of an organisation and its employees. Includes public administration as well as commercial business.
Business information system: An automated system that creates or manages data about an organisation’s activities.
Classification: The systematic identification and arrangement of business activities and/or records into categories according to logically structured conventions, methods and procedural rules represented in a classification system.
Component: A set of constituent parts that comprises a digital record.
Compound record: A record that comprises multiple digital objects.
Destruction: The process of eliminating or deleting records, beyond any possible reconstruction.
Digital file: A set of related digital records held in a tightly bound relationship within the business system and managed as a single object.
Digital object: An object that can be represented by a computer, such as a file type generated by a particular system or software application.
Digital records management system: An automated system whose primary function is to manage the creation, use, maintenance and disposition of digitally created records for the purposes of providing evidence of business activities.
Disposition: A range of processes associated with implementing retention, destruction or transfer decisions which are documented in disposition or other instruments.
Function: The highest level of a business classification scheme.
Hybrid file: A set of related digital files and physical files managed as a single entity.
Hybrid record: A record consisting of digital and non-digital components.
Marker: A metadata profile of a record physically held outside of a digital system.
Metadata: Structured or semi-structured information, which enables the creation, management and use of records through time and within and across domains.
Record: Information in any format created, received and maintained as evidence and information by an organisation or person, in pursuance of legal obligations or in the transaction of business.
Record category: A subdivision of the records classification scheme, which may be further subdivided into one or more lower-level record categories.
Records management: The field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use and disposition of records, including processes for capturing and maintaining evidence of, and information about, business activities and transactions in the form of records.
Records management metadata: Data that identifies authenticates and contextualises records and the people, processes and systems that create, manage, maintain and use them, and the policies that govern them.
Records management system: A framework to capture, maintain and provide access to evidence over time, as required by the jurisdiction in which it is implemented and in accordance with common business practices.
Redaction: The process of masking or deleting information in a record.
System administrator: A user role with designated responsibility for configuring, monitoring and managing the business system and its use.
Thesaurus: A records classification tool comprising an alphabetical presentation of a controlled list of terms linked together by semantic, hierarchical, associative or equivalence relationships.
Taxonomy: The classification of entities in an ordered system that indicates natural relationships.
Tracking: Creating, capturing and maintaining information about the movement and use of records.
Transaction: The smallest unit of business activity. Uses of records are themselves transactions.
Transfer: A disposition process consisting of an export of digital records and associated metadata to another system, application organisation or agent,
Volume: A sub-division of a digital or non-digital aggregation.