[Asis-standards] a few more ISO votes coming up
Baden Hughes
baden.hughes at gmail.com
Mon Mar 26 07:44:35 EDT 2012
Mark
Re
> 2)ISO/DTR 18128, Information and documentation — Risk identification and
> assessment for records systems
>
> this is to be published as a technical report - not a standard
>
> comments needed by April 16th (for all you folks who need to do your taxes
> on April 15th)
I would vote for this to be published - however ...
A comment on section 5.3.1 - despite the clarifications as to the
types of internal risk, it does not appear to cover the significant
change of the businesses activties (eg introducing a new product or
service in a non traditional area that introduces new external or
internal factors re the requirements for management of records). this
is not the same as the uncertainty introduced through merger,
acquisition etc as itemised in the first subpoint in 5.3.1.
A comment on section 5.4.1 - I think it would be advisable to
strengthen the wording of the "reliability of systems suppliers" to
explicitly cover commercial and technical viability. This dovetails
into 5.4.2 as well; its about whether or not commercial systems
suppliers remain in the market offering records management systems.
A comment on section 5.5.3 - I think this should be expanded to
include maintenance of metadata transformation and cross walk schema
which is often performed externally and unfortunately often through a
non persistent agency.
A comment on 7.2 - ISO 31000 should also be referenced here.
Baden
More information about the Asis-standards
mailing list