ISO TR 15801:2017 pdf free
ISO TR 15801:2017 pdf free.Document management – Electronically stored information
Information is one of the most important assets that any organization has at its disposal. Everything an organization does involve using information in some way. The quantity of information can be vast and there are many different ways of representing and storing it. The value of information used and the manner in which it is applied and moved within and between organizations can determine the success or failure of those organizations.
Information, like any other asset, needs to be classified, structured, validated, valued, secured,monitored, measured and managed efficiently and effectively.
This clause describes documentation that states the organization’s policy for the management of ESI.Additionally, this clause provides guidance to organizations with respect to the level of documentation required to enable an organization to clearly establish how the ESI contained in a trusted system is reliable, accurate and trustworthy. Availability of this documentation can also be used to demonstrate that ESI management is part of normal business procedures.
Where an information management system manages ESI that might be used as evidence in any legal or business process, the appropriate legal advisors should be consulted (see 5.4) to ensure that compliance with relevant legal or regulatory requirements is demonstrable. As legal and regulatory requirements vary from country to country (and sometimes within a country), legal advice should cover all relevant jurisdictions.
In order to define the organization’s information management policy, information should be grouped into types, the policy for all information within a type being consistent. For example, information types can be specified either by reference to application (e.g. financial projections, invoices, customer address list), by association with a specific business process (e.g. applications, complaints, renewals) or by reference to generic groups (e.g. accounting data, customer documents, manufacturing documents).
During the drafting of the policy document, specific information might need to be regrouped to ensure consistency of policy within an information type. .
The policy document should list all types of information that are to be stored in compliance with the policy. The policy document should include, as an information type, all information produced, received and stored in compliance with the policy.ISO TR 15801 pdf download.ISO TR 15801 pdf download.