Time to rejoice! A new version of the international standard for records management BS ISO15489-1:2016 has been released by the International Organization for Standardization and has been adopted as a British Standard a couple of months ago. A revision has been long awaited since the first version of this popular standard came out in 2001.
What’s new? What’s different?
Much of the standard remains unchanged and the British national foreword to the standard (which is publicly available from the preview) provides a good overview of what changed and what remained.
With a stronger focus on records systems and controls, the revised standard feels a tad more theoretical than the 2001 version. The previous standard provided much more of a practical read in terms of what these controls should be (registration, classification, tracking etc.) in the business context. This could be in appreciation that records management has come a long way since the inception of the standard and many professionals are now familiar with the more practical aspects of the concepts that surround the control and management of records.
Greater prominence is given to metadata as an important control mechanism for records. This is certainly in recognition of the digital nature of the majority of records created in modern businesses. No particular metadata schema is recommended but it should be authorised and relate to different entities (such as records, agents, business etc.).
Some of the terminology has changed and in particular the definition of ‘Appraisal’. Appraisal has been extended from a focus on assessing the value of records for continued business use or archival value to include an analysis of records’ business context, activity and risk. Appraisal now essentially comprises the requirements analysis for records in a business context and therefore represents initial steps in establishing a records management programme.
The biggest change is the omission in the new standard of any prescribed methodologies that could be used to establish such a records management programme – most notably the omission of DIRKS (Designing and Implementing Recordkeeping Systems) which for many years has served as a useful implementation tool for many a records manager. Instead the standard describes what record systems and controls should achieve without specifying a particular methodology to be used or a particular system (the good old EDRMS) to be adopted. This is a shift away from specialised methodologies and systems towards a more holistic approach to recordkeeping that incorporates information security, information compliance and risk management. It also reminds me of the modular approach to managing digital records that was proposed in MoReq2010 (Modular requirements for records systems) which – rather than focussing on one system – describes a set of core services for managing records that can be shared by many different systems in a business.
So in summary, the new version of the international standard for records management has succeeded in making the move into the digital environment and in showing an appreciation of more diverse business contexts and systems in which digital records need to be managed nowadays.
What difference will it make? What difference can we make?
When it came out in 2001, the first international standard for records management was well anticipated and received by the information management community. It provided them with a theoretical framework for recordkeeping and also – and maybe more importantly – a means to highlight the importance of managing records in their organisations. Arguably, the nature of organisations and how they use and manage records has changed over the years and this change has been acknowledged in the new version. Today, there is a greater diversification in both the business processes in which records are used and managed as well as in the role of the people who are tasked with managing them. ISO 15489-1:2016 can prove invaluable in bringing together all stakeholders in organisations that now need to be involved in the management of structured and unstructured information (and data!) in multiple business systems and applications by providing a theoretical framework for the management of records across business activities, contexts and processes.
The release of the new version of the standard then raises once more the question: What difference can we make? (with thanks to Heather Jack)
It is up to the information management community to promote the importance of recordkeeping in organisations for compliance, accountability, risk management and greater efficiency. This new version of the standard can help raise the profession’s profile and raise awareness of essential recordkeeping controls and processes to a wider range of information management professionals.
P.S. I have recently been appointed to the British Standards Institute (BSI) committee for records management as representative for the UK education sector and if you would like to know more about the committee’s work or would like to feed back to it, please do not hesitate to contact me.