National standard for ensuring the reliability and reliability of information stored in electronic form
The final version of the draft national standard on ensuring the reliability and reliability of information stored in electronic form has appeared.
We (company EOS and PC 6) have long struggled to create a standard for storing electronic documents, and now it is actually ready. It remains only to accept. Below - about what specifically done.
It is better to learn from the mistakes of others, so we did not reinvent the wheel, but took as a basis the translation of the technical report of the International Organization for Standardization ISO / TR 15801: 2009 Document management - Recommendations for trustworthiness and reliability. Ideas were being hatched and “fitted” to the Russian reality for quite a long time - work began last year. Now the text of the final draft of the national standard has been submitted for approval to the Federal Agency for Technical Regulation and Metrology.
')
What was it for? The prospects for the use of legally relevant electronic documents are now being spoken about constantly, but the issues of storing such documents and, most importantly, the preservation of this very legal significance are still open. In addition, it was necessary to solve problems with the submission of our, Russian, electronic documents to foreign “instances”. It is far from a fact that the document that we consider to be legally significant will be recognized as such in Europe or the USA (this, by the way, also influenced the choice of the international basis for the creation of a draft standard).
What is important. The proposed standards can ideally be applied to all electronic documents: from traditional scanned images, spreadsheets and documents prepared in text editors to e-mail, web content, instant messages, drawings prepared in CAD, blogs, wikis, etc.
The draft standard describes how and what to prescribe in the policy governing the movement and storage of electronic documents. In particular, we are talking about the need to prescribe the features of storage and the ratio of various types of information and its carriers, acceptable compression formats. In addition, it is said about the need to include in the quality management systems used documentation on the procedures for storing electronic documents.
As for one of the most important issues - the storage period, they should be established for each type of documents - after the relevant consultations that ensure proper solution of legal issues and compliance with legislative and regulatory requirements. In this case, there should be indications both for periodic review of storage periods and for the destruction of information.
Also, the draft standard touches upon issues of security policy, risk assessment, and planning measures to ensure business continuity - in general, everything is described as closely as possible, one way or another, concerning the storage of electronic documents. There are more than 50 pages. Fully and in detail the document can be found here https://www.eos.ru/upload/pk6/files/ProektGOST_ISO_TR_15801-2009.pdf
As a result of compliance with the proposed regulations, each organization or company will be able to show that the content of a specific electronic object - whether a document or a letter - has not changed since its creation in this system or from the moment it was imported into it. In addition, no matter what the original format of the information was, it will be possible to prove that the information stored in a reliable system is reliably and stably reproduced and that it accurately and without any significant changes reflects what was originally saved. Without the adoption of such a standard, unfortunately, the transition to a completely paperless workflow is virtually impossible - no one wants to be in a situation where all the stored documents will be invalid. So we will wait for the approval of the standard.
We (company EOS and PC 6) have long struggled to create a standard for storing electronic documents, and now it is actually ready. It remains only to accept. Below - about what specifically done.
It is better to learn from the mistakes of others, so we did not reinvent the wheel, but took as a basis the translation of the technical report of the International Organization for Standardization ISO / TR 15801: 2009 Document management - Recommendations for trustworthiness and reliability. Ideas were being hatched and “fitted” to the Russian reality for quite a long time - work began last year. Now the text of the final draft of the national standard has been submitted for approval to the Federal Agency for Technical Regulation and Metrology.
')
What was it for? The prospects for the use of legally relevant electronic documents are now being spoken about constantly, but the issues of storing such documents and, most importantly, the preservation of this very legal significance are still open. In addition, it was necessary to solve problems with the submission of our, Russian, electronic documents to foreign “instances”. It is far from a fact that the document that we consider to be legally significant will be recognized as such in Europe or the USA (this, by the way, also influenced the choice of the international basis for the creation of a draft standard).
What is important. The proposed standards can ideally be applied to all electronic documents: from traditional scanned images, spreadsheets and documents prepared in text editors to e-mail, web content, instant messages, drawings prepared in CAD, blogs, wikis, etc.
The draft standard describes how and what to prescribe in the policy governing the movement and storage of electronic documents. In particular, we are talking about the need to prescribe the features of storage and the ratio of various types of information and its carriers, acceptable compression formats. In addition, it is said about the need to include in the quality management systems used documentation on the procedures for storing electronic documents.
As for one of the most important issues - the storage period, they should be established for each type of documents - after the relevant consultations that ensure proper solution of legal issues and compliance with legislative and regulatory requirements. In this case, there should be indications both for periodic review of storage periods and for the destruction of information.
Also, the draft standard touches upon issues of security policy, risk assessment, and planning measures to ensure business continuity - in general, everything is described as closely as possible, one way or another, concerning the storage of electronic documents. There are more than 50 pages. Fully and in detail the document can be found here https://www.eos.ru/upload/pk6/files/ProektGOST_ISO_TR_15801-2009.pdf
As a result of compliance with the proposed regulations, each organization or company will be able to show that the content of a specific electronic object - whether a document or a letter - has not changed since its creation in this system or from the moment it was imported into it. In addition, no matter what the original format of the information was, it will be possible to prove that the information stored in a reliable system is reliably and stably reproduced and that it accurately and without any significant changes reflects what was originally saved. Without the adoption of such a standard, unfortunately, the transition to a completely paperless workflow is virtually impossible - no one wants to be in a situation where all the stored documents will be invalid. So we will wait for the approval of the standard.
Source: https://habr.com/ru/post/129356/
All Articles