BS ISO 30300-2011 Information and documentation Management systems for records Fundamentals and vocabulary《情报管理 记录的管理系统 基础和词汇》.pdf

1、raising standards worldwideNO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBSI Standards PublicationBS ISO 30300:2011Information anddocumentation Management systems forrecords Fundamentals andvocabularyBS ISO 30300:2011 BRITISH STANDARDNational forewordThis British Standard is

2、the UK implementation of ISO 30300:2011.The UK participation in its preparation was entrusted to TechnicalCommittee IDT/2/17, Archives/records management.A list of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport to include all

3、the necessaryprovisions of a contract. Users are responsible for its correctapplication. BSI 2011ISBN 978 0 580 68205 6ICS 01.040.01; 01.140.20Compliance with a British Standard cannot confer immunity fromlegal obligations.This British Standard was published under the authority of theStandards Polic

4、y and Strategy Committee on 30 November 2011.Amendments issued since publicationDate Text affectedBS ISO 30300:2011Information and documentation Management systems for records Fundamentals and vocabularyInformation et documentation Systmes de gestion des documents dactivit Principes essentiels et vo

5、cabulaire ISO 2011Reference numberISO 30300:2011(E)First edition2011-11-15ISO30300INTERNATIONAL STANDARDBS ISO 30300:2011ISO 30300:2011(E)COPYRIGHT PROTECTED DOCUMENT ISO 2011All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by

6、any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCase postale 56 CH-1211 Geneva 20Tel. + 41 22 749 01 11Fax + 41 22 749 09 47E-mail cop

7、yrightiso.orgWeb www.iso.orgPublished in Switzerlandii ISO 2011 All rights reservedBS ISO 30300:2011ISO 30300:2011(E) ISO 2011 All rights reserved iiiContents PageForeword ivIntroduction v1 Scope 12 Fundamentals of a MSR .12.1 Relationship between the MSR and the management system 12.2 Context of th

8、e organization 12.3 Need for a MSR 22.4 Principles of a MSR .42.5 Process approach to a MSR .52.6 Role of top management .62.7 Relationships with other management systems .73 Terms and definitions .83.1 Terms relating to records 83.2 Terms relating to management 93.3 Terms relating to records manage

9、ment processes .93.4 Terms relating to MSR 11Annex A (informative) Methodology used in the development of the vocabulary 12Bibliography .16Alphabetical Index 17BS ISO 30300:2011ForewordISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (IS

10、O member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, gove

11、rnmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.International Standards are drafted in accordance with the rules given in the ISO/IEC D

12、irectives, Part 2.The main task of technical committees is to prepare International Standards. Draft International Standards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member b

13、odies casting a vote.Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights.ISO 30300 was prepared by Technical Committee ISO/TC 46, Information and document

14、ation, Subcommittee SC 11, Archives/records management.ISO 30300 is part of a series of International Standards under the general title Information and documentation Management systems for records: ISO 30300, Information and documentation Management systems for records Fundamentals and vocabulary IS

15、O 30301, Information and documentation Management systems for records RequirementsISO 30300 specifies the terminology for the Management systems for records (MSR) series of standards, and the objectives and benefits of a MSR; ISO 30301 specifies requirements for a MSR where an organization needs to

16、demonstrate its ability to create and control records from its business activities for as long as they are required.ISO 30300:2011(E)iv ISO 2011 All rights reservedBS ISO 30300:2011IntroductionOrganizational success largely depends upon implementing and maintaining a management system that is design

17、ed to continually improve performance while addressing the needs of all stakeholders. Management systems offer methodologies to make decisions and manage resources to achieve the organizations goals.Creation and management of records are integral to any organizations activities, processes and system

18、s. Records enable business efficiency, accountability, risk management and business continuity. They also enable organizations to capitalize on the value of their information resources as business, commercial and knowledge assets, and to contribute to the preservation of collective memory, in respon

19、se to the challenges of the global and digital environment.Management System Standards (MSS) provide tools for top management to implement a systematic and verifiable approach to organizational control in an environment that encourages good business practices.The standards on management systems for

20、records prepared by ISO/TC 46/SC 11 are designed to assist organizations of all types and sizes, or groups of organizations with shared business activities, to implement, operate and improve an effective management system for records (hereafter referred to as a MSR). The MSR directs and controls an

21、organization for the purposes of establishing a policy and objectives with regard to records and achieving those objectives. This is done through the use of:a) defined roles and responsibilities;b) systematic processes;c) measurement and evaluation;d) review and improvement.Implementation of a recor

22、ds policy and objectives soundly based on the organizations requirements will ensure that authoritative and reliable information about, and evidence of, business activities is created, managed and made accessible to those who need it for as long as required. Successful implementation of good records

23、 policy and objectives results in records and records systems adequate for all of an organizations purposes.Implementing a MSR in an organization also helps to ensure the transparency and traceability of decisions made by responsible management and the recognition of accountability.The standards on

24、MSR prepared by ISO/TC 46/SC 11 are developed within the MSS framework to be compatible and to share elements and methodology with other MSS. ISO 15489, and other International Standards and Technical Reports also developed by ISO/TC 46/SC 11, are the principal tools for designing, implementing, mon

25、itoring and improving records processes and controls, which operate under the governance of the MSR where organizations determine to deploy MSS methodology.NOTE ISO 15489 is the foundation standard which codifies best practice for records management operations.The structure of standards on MSR prepa

26、red by ISO/TC 46/SC 11, either published or under preparation, is shown in Figure 1.ISO 30300:2011(E) ISO 2011 All rights reserved vBS ISO 30300:2011Part 2 - GuidelinesISO 15489Records managementPart 1 -GeneralISO/TR 26122Work process analysis for recordsISO 13008Digital records conversion and migra

27、tion processISO/TR 13028Implement-ation guidelines for digitization of recordsRelated International Standardsand Technical ReportsImplementation of records processesPart 3 - Self assessment methodPart 2 - Conceptual and implementationissuesISO 23081Metadata for records. Part 1 - PrinciplesISO 30300M

28、anagement systems for records - Fundamentals and vocabularyRequirementsFundamentals b) determining the responsibilities, authorities and accountabilities of organizations for records and records policies, procedures, processes and systems;c) designing and implementing a MSR; andd) achieving quality

29、outcomes from the MSR through performance assessment and continuous improvement.These standards are intended to be used by:1) top management who make decisions regarding the establishment and implementation of management systems within their organization; 2) people responsible for implementation of

30、MSR, such as professionals in the areas of risk management, auditing, records, information technology and information security.ISO 30300:2011(E)vi ISO 2011 All rights reservedBS ISO 30300:2011INTERNATIONAL STANDARD ISO 30300:2011(E)Information and documentation Management systems for records Fundame

31、ntals and vocabulary1 ScopeThis International Standard defines terms and definitions applicable to the standards on MSR prepared by ISO/TC 46/SC 11. It also establishes the objectives for using a MSR, provides principles for a MSR, describes a process approach and specifies roles for top management.

32、 This International Standard is applicable to any type of organization that wishes to:a) establish, implement, maintain and improve a MSR to support its business;b) assure itself of conformity with its stated records policy; c) demonstrate conformity with this International Standard by1) undertaking

33、 a self-assessment and self-declaration, or2) seeking confirmation of its self-declaration by a party external to the organization, or3) seeking certification of its MSR by an external party.2 Fundamentals of a MSR2.1 Relationship between the MSR and the management systemAll organizations create and

34、 control records as an outcome of performing their activities in order to achieve organizational objectives.The MSR establishes the policy, objectives and directives framework for controlling the organizations records in records systems and ensures that those records systems meet the organizations r

35、equirements.Within the framework of the MSR, records processes and controls need to be designed, implemented and monitored to meet the records policy, objectives and directives. This includes determining how the records processes and controls are managed by records systems, and how the records relat

36、e to all management systems for assessment purposes as evidence of results.Management systems themselves, including the MSR, create records. Those records and the way they are managed in turn feed back into new organizational activities, such as the development of new products or services. The recor

37、ds can also be used to monitor the operation of the management systems and how well those systems and activities meet organizational requirements. In this way the MSR governs the records requirements of other management systems, as well as those of itself.2.2 Context of the organizationAn organizati

38、on or group of organizations can use all or any element of the standards on MSR prepared by ISO/TC 46/SC 11 according to its business context and requirements, which include:a) the size and complexity of the organization or organizations, or the processes requiring records controls;b) the level of b

39、usiness risk attached to having inadequate records controls;c) the drive for internal improvement to satisfy current or potential future stakeholder demand; d) specific stakeholder demands or expectations. ISO 2011 All rights reserved 1BS ISO 30300:2011The standards on MSR prepared by ISO/TC 46/SC 1

40、1 can be used:1) for one or more specific business processes within an organization;2) across a whole organization covering all business processes; 3) for a number of organizations with shared business processes, such as across a specific sector, trading partners or a collaborative partnership.When

41、implementing the standards on MSR prepared by ISO/TC 46/SC 11, an organization should consult the requirements and guidance of national legislation, regulations and standards which apply in the relevant jurisdiction.2.3 Need for a MSR2.3.1 PurposeAll organizations, regardless of their size or the na

42、ture of their business, generate information from their work processes. As one type of information resource, records are part of the intellectual capital, and therefore assets, of an organization.The purpose of implementing a MSR is the systematic management of information as records about business

43、activities. Such records support current business decisions and subsequent activities, and ensure accountability to present and future stakeholders.The objective of implementing a MSR is to create and control records in a systematic and verifiable manner in order to:a) conduct business and deliver s

44、ervices efficiently;b) meet legislative, regulatory and accountability requirements;c) optimize the decision-making, operational consistency and continuity of an organization;d) facilitate the effective operation of an organization in the event of a disaster;e) provide protection and support in liti

45、gation, including the management of risks associated with the existence of, or lack of, evidence of organizational activity;f) protect the interests of the organization and the rights of employees, clients and present and future stakeholders;g) support research and development activities;h) support

46、the promotional activities of the organization; i) maintain corporate or collective memory and support social responsibility.2.3.2 Reliable, authentic and useable records2.3.2.1 GeneralEach organization implementing a MSR sets its own records policy and objectives adapted to the context of the organ

47、ization. Implementation of a MSR ensures the creation and control of records which support the needs of the organization and society, for as long as the records are required.Successful achievement of the records objectives results in the creation and control of records which are reliable, authentic,

48、 have integrity and are useable, as described in 2.3.2.2 to 2.3.2.5.ISO 30300:2011(E)2 ISO 2011 All rights reservedBS ISO 30300:20112.3.2.2 ReliableA reliable record is one whose contents can be trusted as a full and accurate representation of the transactions, activities or facts to which they atte

49、st and which can be depended upon in the course of subsequent transactions or activities. Records should be created at the time of the transaction or incident to which they relate, or soon afterwards, by individuals who have direct knowledge of the facts or by instruments routinely used within the business to conduct the transaction.2.3.2.3 AuthenticAn authentic record is one that can be proven to be what it purports to be, to have been created or sent by the person purported to have created or sent it, and to have been cr