BS EN 15713-2009 Secure destruction of confidential material - Code of practice《保密材料的安全销毁 实施规程》.pdf

上传人:wealthynice100 文档编号:573380 上传时间:2018-12-13 格式:PDF 页数:12 大小:1.11MB
下载 相关 举报
BS EN 15713-2009 Secure destruction of confidential material - Code of practice《保密材料的安全销毁 实施规程》.pdf_第1页
第1页 / 共12页
BS EN 15713-2009 Secure destruction of confidential material - Code of practice《保密材料的安全销毁 实施规程》.pdf_第2页
第2页 / 共12页
BS EN 15713-2009 Secure destruction of confidential material - Code of practice《保密材料的安全销毁 实施规程》.pdf_第3页
第3页 / 共12页
BS EN 15713-2009 Secure destruction of confidential material - Code of practice《保密材料的安全销毁 实施规程》.pdf_第4页
第4页 / 共12页
BS EN 15713-2009 Secure destruction of confidential material - Code of practice《保密材料的安全销毁 实施规程》.pdf_第5页
第5页 / 共12页
点击查看更多>>
资源描述

1、BS EN 15713:2009ICS 13.310NO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBRITISH STANDARDSecure destruction ofconfidential material Code of practiceThis British Standardwas published under theauthority of the StandardsPolicy and StrategyCommittee on 30 June 2009 BSI 2009ISBN 9

2、78 0 580 55195 6Amendments/corrigenda issued since publicationDate CommentsBS EN 15713:2009National forewordThis British Standard is the UK implementation of EN 15713:2009. Itsupersedes BS 8470:2006 which is withdrawn.The UK participation in its preparation was entrusted to TechnicalCommittee GW/2/2

3、, Shredding of confidential material.A list of organizations represented on this committee can be obtained onrequest to its secretary.This publication does not purport to include all the necessary provisionsof a contract. Users are responsible for its correct application.Compliance with a British St

4、andard cannot confer immunityfrom legal obligations.BS EN 15713:2009EUROPEAN STANDARDNORME EUROPENNEEUROPISCHE NORMEN 15713April 2009ICS 13.310English VersionSecure destruction of confidential material - Code of practiceDestruction scurise de documents confidentiels - CodedusagesSichere Vernichtung

5、von vertraulichen Unterlagen -VerfahrensregelnThis European Standard was approved by CEN on 19 March 2009.CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this EuropeanStandard the status of a national standard without any alteration

6、. Up-to-date lists and bibliographical references concerning such nationalstandards may be obtained on application to the CEN Management Centre or to any CEN member.This European Standard exists in three official versions (English, French, German). A version in any other language made by translation

7、under the responsibility of a CEN member into its own language and notified to the CEN Management Centre has the same status as theofficial versions.CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland,France, Germany, Greece,

8、 Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal,Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom.EUROPEAN COMMITTEE FOR STANDARDIZATIONCOMIT EUROPEN DE NORMALISATIONEUROPISCHES KOMITEE FR NORMUNGManagement Centr

9、e: Avenue Marnix 17, B-1000 Brussels 2009 CEN All rights of exploitation in any form and by any means reservedworldwide for CEN national Members.Ref. No. EN 15713:2009: EBS EN 15713:2009EN 15713:2009 (E) 2 Contents Page Foreword . 3 1 Scope 4 2 Normative references . 4 3 Terms and definitions . 4 4

10、Company premises . 5 4.1 Facilities . 5 4.2 Security 5 5 Contracts and audit trail . 5 6 Sub-contracting . 5 7 Security screening of personnel . 5 8 Collection of confidential material 6 9 Retention of confidential material . 6 10 Conveyance of confidential material 6 10.1 Collection vehicles 6 10.2

11、 On-site destruction vehicles 6 11 Categories of confidential material . 7 12 End product disposal . 7 Annex A (informative) Material specific shred and disintegration sizes . 8 BS EN 15713:2009EN 15713:2009 (E) 3 Foreword This document (EN 15713:2009) has been prepared by Technical Committee CEN/TC

12、 263 “Secure storage of cash, valuables and data media”, the secretariat of which is held by BSI. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by October 2009, and conflicting national standards s

13、hall be withdrawn at the latest by October 2009. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights. According to the CEN/CENELEC Internal

14、 Regulations, the national standards organizations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta,

15、 Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and the United Kingdom. BS EN 15713:2009EN 15713:2009 (E) 4 1 Scope This European Standard gives recommendations for the management and control of confidential material destruction, to ensure that such ma

16、terial is disposed of securely and safely. The recommendations apply to a companys main business premises and any holding sites. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For

17、 undated references, the latest edition of the referenced document (including any amendments) applies. EN 50131-1, Alarm systems Intrusion and hold-up systems Part 1: System requirements 3 Terms and definitions For the purposes of this European Standard, the following terms and definitions apply. 3.

18、1 company organization providing contracted services for the management and control of confidential material destruction 3.2 client owner of confidential material who retains a company to provide destruction services in accordance with an agreed contract 3.3 holding site non-destruction site for the

19、 secure retention of confidential material prior to the transportation to the company premises 3.4 destruction reduction in size such that the material becomes, as far as is practicable, unreadable, illegible and unreconstructable NOTE Methods of destruction include shredding and disintegration. 3.5

20、 shred reduce, by mechanical means, to a regulated size NOTE See Annex A for material specific shred and disintegration sizes. 3.6 disintegrate reduce, by mechanical means, to a regulated size less than that achievable by means of shredding NOTE See Annex A for material specific shred and disintegra

21、tion sizes. 3.7 data processor any person (other than an employee of the data controller) who processes the data on behalf of the data controller BS EN 15713:2009EN 15713:2009 (E) 5 3.8 data controller person who (either alone or jointly or in common with other persons) determines the purpose for wh

22、ich and the manner in which any personal data are, or are to be, processed 4 Company premises 4.1 Facilities The company should have an administrative office and/or operational centre where records, professional and business documents, certificates, correspondence, files, etc., necessary for conduct

23、ing business transactions should be kept. The premises should be physically isolated from other business or activities on the same site. 4.2 Security An approved intruder alarm system conforming to EN 50131-1 and monitored by an alarm receiving centre should be installed in the premises. As a minimu

24、m the system should cover the processing, storage and office areas, or premises should be guarded. A CCTV system with recording facilities should be installed to monitor the unloading, storage and processing areas with the exception of holding sites. The recorded images should be retained for a mini

25、mum of 31 days unless otherwise agreed with the client. Authorized entry to operational areas by visitors should be subject to supervision by appropriately screened personnel. Unauthorized persons should be denied access to operational areas. 5 Contracts and audit trail A written contract covering a

26、ll transactions should exist between the client and the company. Where processing of personal data is carried out by a data processor on behalf of a data controller, the data controller should: a) choose a data processor providing sufficient guarantees in respect of the technical and organizational

27、security measures governing the processing to be carried out; and b) take reasonable steps to ensure compliance with those measures. 6 Sub-contracting Sub-contracted work should only be allocated to a company following the recommendations in this European Standard. In every case the client should be

28、 informed that a sub-contractor is being used to securely destroy confidential material. 7 Security screening of personnel All staff employed in the business of secure destruction of confidential material should be security-screened in accordance with the appropriate National standard. Prior to empl

29、oyment all employees should sign a Deed of Confidentiality. BS EN 15713:2009EN 15713:2009 (E) 6 8 Collection of confidential material Confidential material to be collected should be protected from unauthorized access from the point of collection to the completion of destruction. Where possible, conf

30、idential material collected should be stored in containers secured by an individually numbered seal or security lock. Collections should be made by uniformed and suitably trained staff carrying photographic identification. 9 Retention of confidential material The destruction of confidential material

31、 should take place within one working day from arrival at the destruction centre. 10 Conveyance of confidential material 10.1 Collection vehicles Vehicles should: a) be either box-bodied or have a secure demountable container; where a curtain-sided vehicle is used, confidential material should be tr

32、ansported within suitably sealed secure containers; b) be fitted with lockable and/or sealable doors; c) be able to communicate with the company by radio or telephone; d) be fitted with an electro-mechanical immobiliser or alarm system; e) be closed and locked and/or sealed during transit; f) be imm

33、obilised or alarmed when left unattended. 10.2 On-site destruction vehicles Unprocessed confidential material should not be removed from the clients site and vehicles should: a) be box-bodied; b) be fitted with lockable and/or sealable doors; c) be able to communicate with the company by radio or te

34、lephone; d) not be left unattended when unprocessed confidential material is onboard. BS EN 15713:2009EN 15713:2009 (E) 7 11 Categories of confidential material Confidential material should be categorized as shown in Table 1. The method of destruction should be agreed with the client and suitable fo

35、r the category of material in order to render it unreadable, illegible and unreconstructable. NOTE Guidance on the destruction of confidential material, as categorized in Table 1, by specific methods is given in Annex A. The maximum cutting widths given in Table A.1 may be applied to other methods o

36、f destruction. Table 1 Categories of confidential material Category Description A Paper, plans, documents and drawings B SIM cards and negatives C Video/Audio tapes, diskettes, cassettes and film D Computers including hard drives, embedded software, chip card readers, components and other hardware E

37、 ID cards, CDs and DVDs F Counterfeit goods, printing plates, microfiche, credit and store cards and other products G Corporate or branded clothing and uniforms H Medical X-rays and overhead projector slides NOTE Hazardous waste is not included in this table. Users are advised of the existence of le

38、gislation applicable to the destruction and/or disposal of hazardous waste. 12 End product disposal Where practicable, end products consisting of recyclable material, e.g. paper, metal or plastics, should be recycled. Where the end product cannot be recycled the environmental impact, cost and conven

39、ience of other methods of waste disposal, e.g. incineration, should be taken into account. NOTE Energy can be recovered from incineration for power generation. Landfill should be used only where no other method of disposal is practicable. BS EN 15713:2009EN 15713:2009 (E) 8 Annex A (informative) Mat

40、erial specific shred and disintegration sizes Where the agreed method of destruction is shredding or disintegration, Table A.1 gives the recommended method and maximum cutting width for the categories of confidential material given in Table 1. Table 1 Material specific shred and disintegration sizes

41、 Shred NoAverage surface area of material Maximum cutting width Method of destruction Material categories 9 Acceptable 8 Unsuitable for material mm2mm A BCD aE F bG bH1 5000 25 Shred 9 8 9 9 8 9 2 3600 60 Shred 9 8 9 9 89 3 2800 16 Shred 9 8 9 9 8 9 4 2000 12 Shred 9 8 9 9 8 9 5 800 6 Shred or disin

42、tegrate 9 8 n/a 9 9 n/a6 320 4 Shred or disintegrate 9 8 n/a 9 9 n/a7 30 2 Disintegrate n/a 9 n/a 9 9 n/a8 10 0.8 Disintegrate n/a 9 n/a 9 9 n/aaMaterials in category D should be destroyed so that information is unreadable and subject tosecure disposal. bClient and material specific. BS EN 15713:200

43、9This page has been intentionally left blank BS EN15713:2009BSI GroupHeadquarters 389Chiswick High Road,London, W4 4AL, UKTel +44 (0)20 8996 9001Fax +44 (0)20 8996 - British Standards InstitutionBSI is the independent national body responsible for preparing BritishStandards. It presents the UK view

44、 on standards in Europe and at theinternational level. It is incorporated by Royal Charter.RevisionsBritish Standards are updated by amendment or revision. Users of BritishStandards should make sure that they possess the latest amendments oreditions.It is the constant aim of BSI to improve the quali

45、ty of our products and services.We would be grateful if anyone finding an inaccuracy or ambiguity while usingthis British Standard would inform the Secretary of the technical committeeresponsible, the identity of which can be found on the inside front cover. Tel:+44 (0)20 8996 9000. Fax: +44 (0)20 8

46、996 7400.BSI offers members an individual updating service called PLUS which ensuresthat subscribers automatically receive the latest editions of standards.Buying standardsOrders for all BSI, international and foreign standards publications should beaddressed to Customer Services. Tel: +44 (0)20 899

47、6 9001. Fax: +44 (0)20 89967001 Email: You may also buy directly using a debit/creditcard from the BSI Shop on the Website http:/ response to orders for international standards, it is BSI policy to supply theBSI implementation of those that have been published as British Standards,unless otherwise

48、requested.Information on standardsBSI provides a wide range of information on national, European andinternational standards through its Library and its Technical Help to ExportersService. Various BSI electronic information services are also available whichgive details on all its products and services. Contact Information Centre. Tel:+44 (0)20 8996 7111 Fax: +44 (0)20 8996 7048 Email: Subscribing members of BSI are kept up to date with standards developmentsand receive substantial discounts on the purchase price of standards. For detailsof these and other benefits contact Mem

展开阅读全文
相关资源
  • BS ISO IEC 29150-2011 Information technology Security techniques Signcryption《信息技术 安全技术 签密》.pdfBS ISO IEC 29150-2011 Information technology Security techniques Signcryption《信息技术 安全技术 签密》.pdf
  • BS ISO IEC 15408-1-2009 Information technology - Security techniques - Evaluation criteria for IT Security - Introduction and general model《信息技术 安全技术 IT安全评价准则 一.pdfBS ISO IEC 15408-1-2009 Information technology - Security techniques - Evaluation criteria for IT Security - Introduction and general model《信息技术 安全技术 IT安全评价准则 一.pdf
  • BS ISO 7295-1988+A1-2014 Tyre valves for aircraft Interchangeability dimensions《飞机轮胎汽门嘴 互换性尺寸》.pdfBS ISO 7295-1988+A1-2014 Tyre valves for aircraft Interchangeability dimensions《飞机轮胎汽门嘴 互换性尺寸》.pdf
  • BS ISO 15118-1-2013 Road vehicles Vehicle to grid communication interface General information and use-case definition《道路车辆 车辆到电力通讯接口 通用信息和使用案例定义》.pdfBS ISO 15118-1-2013 Road vehicles Vehicle to grid communication interface General information and use-case definition《道路车辆 车辆到电力通讯接口 通用信息和使用案例定义》.pdf
  • BS ISO 13765-2-2004 Refractory mortars - Determination of consistency using the reciprocating flow table method《耐熔灰浆 使用往复流动表法测定一致性》.pdfBS ISO 13765-2-2004 Refractory mortars - Determination of consistency using the reciprocating flow table method《耐熔灰浆 使用往复流动表法测定一致性》.pdf
  • BS ISO 10998-2008+A1-2014 Agricultural tractors Requirements for steering《农业拖拉机 操纵要求》.pdfBS ISO 10998-2008+A1-2014 Agricultural tractors Requirements for steering《农业拖拉机 操纵要求》.pdf
  • BS Z 9-1998 Space data and information transfer systems - Advanced orbiting systems - Networks and data links - Architectural specification《空间数据和信息传输系统 高级轨道系统 网络和数据链接 结构规范》.pdfBS Z 9-1998 Space data and information transfer systems - Advanced orbiting systems - Networks and data links - Architectural specification《空间数据和信息传输系统 高级轨道系统 网络和数据链接 结构规范》.pdf
  • BS Z 7-1998 Space data and information transfer systems - ASCII encoded English《空间数据和信息传输系统 ASCII 编码英语》.pdfBS Z 7-1998 Space data and information transfer systems - ASCII encoded English《空间数据和信息传输系统 ASCII 编码英语》.pdf
  • BS Z 5-1997 Space data and information transfer systems - Standard formatted data units - Control authority procedures《航天数据和信息发送系统 标准格式数据单元 控制授权程序》.pdfBS Z 5-1997 Space data and information transfer systems - Standard formatted data units - Control authority procedures《航天数据和信息发送系统 标准格式数据单元 控制授权程序》.pdf
  • BS Z 4-1997 Space data and information transfer systems - Standard formatted data units - Structure and construction rules《航天数据和信息传输系统 标准格式数据单元 结构和构造规则》.pdfBS Z 4-1997 Space data and information transfer systems - Standard formatted data units - Structure and construction rules《航天数据和信息传输系统 标准格式数据单元 结构和构造规则》.pdf
  • 猜你喜欢
    相关搜索

    当前位置:首页 > 标准规范 > 国际标准 > BS

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1