Category: Data/Information Keywords: Records Management, Digitization, Imaging, Image capture, Scanning, Process
|
|
- Marlene Madeline Moody
- 6 years ago
- Views:
Transcription
1 IMT Standards IMT Standards Oversight Committee Government of Alberta Effective Date: Scheduled Review: Last Reviewed: Type: Process Standard number A Digitization Process Category: Data/Information Keywords: Records Management, Digitization, Imaging, Image capture, Scanning, Process Description of Standard This standard describes the processes that ministries should implement for all digitization projects and must implement when the goal of the digitization project is to create digital business records: Whose authenticity and reliability are demonstrable, That are legally admissible in place of the Source Records, That are in compliance with CGSB (Canadian General Standards Board) , Microfilm and Electronic Images as Documentary Evidence, and That are available to be produced at all times. Standard Specification Terms Bibliographic Information: Information regarding the content and context of a document. It is created by the organization (possibly obtained from the Source Record) and aids in the retrieval of an image. Source: CAN/CGSB Microfilm and Electronic Images as Documentary Evidence Biographic Information: Information regarding image capture that may include the date captured, the time, the operator identification, the capture device identification and location and details of modification, if any. Source: CAN/CGSB Microfilm and Electronic Images as Documentary Evidence Digitization: The use of a scanner or similar equipment to convert documents to digitally coded electronic images suitable for electronic storage. Source: ANSI/AIIM TR Glossary of Document Technologies Enterprise Content Management (ECM): The strategies, methods and tools used to capture, manage, store, preserve, and deliver content and documents related to organizational processes. ECM tools and strategies allow the management of an INFORMATION SENSITIVITY: Unrestricted Page 1 of 7
2 organization's unstructured information, wherever that information exists. Source: What is Enterprise Content Management (ECM)?, AIIM (retrieved February 2015) Indexing: Identification of specific attributes of a document to facilitate retrieval. Source: ANSI/AIIM TR Glossary of Document Technologies Master Record: Source Records or image-produced records that have been designated by GoA authority to stand in the place of Source Records for all purposes. For records in a digital environment, the Master Record is the first generation electronic document or image capable of being used to produce duplicates. Source: ISO :2012, Electronic Imaging - Vocabulary Metadata: Structured information about data. Metadata describes, defines, explains, locates, and otherwise makes it easier to retrieve and use an information resource or data asset. Essentially, Metadata is anything that might influence the way in which the data or information is used. Source: Understanding Metadata National Information Standards Organization (NISO) Press (2004) Quality Assurance (QA): Similar to Quality Control (QC), but with the program independent of the production organization (Source: ANSI/AIIM TR2-1998, Glossary of Document Technologies). In the case of GoA digitization projects, it refers to the process of reviewing images (the content) and associated data (Metadata, etc.). QA should be conducted by personnel not directly involved in the digitization or Indexing of documents and may be conducted by an independent third party. This level of quality review is above the normal QC deployed to ensure that procedures met requirements. Quality Control (QC): The review of the processes being used, to ensure that they are meeting the project s requirements. It is defined as procedures, plans or actions used to ensure processes conform to established requirements, comply with standards and maintain confidence in integrity and accuracy. Source: ANSI/AIIM TR2-1998, Glossary of Document Technologies Records Retention and Disposition Schedules: A legal authority that describes the records under the control of a government organization, specifies how long and where records must be kept as they progress through the phases of their life cycle, and what the records final disposition will be at the end of their life cycle. Source: Records and Information Management Branch (RIMB) Glossary Secure Storage: Storage repositories of quality assured digital records that satisfy all relevant control objectives. Source: CAN/CGSB , Microfilm and Electronic Images as Documentary Evidence Source Record: The record itself or any facsimile intended by the author of the record to have the same effect. Source: CAN/CGSB , Microfilm and Electronic Images as Documentary Evidence Transitional Storage: Storage repositories used to hold digital records and related data temporarily (Source: CAN/CGSB , Microfilm and Electronic Images as INFORMATION SENSITIVITY: Unrestricted Page 2 of 7
3 Documentary Evidence). This may be used while records are being processed or prior to the records being transferred from the capture facility to the final repository. Digitization Process The following provides a brief overview of the main steps within the digitization process. Details of each step of the digitization phases and other relevant considerations can be found in the supporting documents. The digitization phases include: 1. Business analysis 2. Digitization program establishment and authorization 3. Preparation of original documents 4. Image capture and re-capture 5. Indexing and Metadata 6. Quality assurance 7. Image storage Issues to consider throughout digitization: 8. Records management requirements 9. Quality Control 10. Logging 11. Technical considerations 1. Business analysis A thorough feasibility and business analysis must be completed and approved by the appropriate role identified under the ministry s imaging directive or policy prior to starting the digitization project. The analysis should be based on electronic records management best practices and include a risk assessment. Records Retention and Disposition Schedules may need to be updated or created to incorporate electronic business records and this should be done in alignment with the ministry digitization program and overall IMT strategy. 2. Digitization Program establishment and authorization The digitization program should be planned, authorized and documented before starting a digitization process. The digitization program must include a digitization procedures manual and may include the development of contract specifications if digitization will be outsourced. The digitization procedures manual includes details relating to how digitization will proceed and the justification for why the ministry has selected the options outlined in the procedures. 3. Preparation of original documents Document preparation is the process where original documents are examined and prepared for digitization. The procedures performed to prepare original documents for digitization or to INFORMATION SENSITIVITY: Unrestricted Page 3 of 7
4 correct any issues either to the original documents or the digitized versions must be documented within the digitization procedures manual. 4. Image capture and re-capture Image capture and re-capturing is the process of scanning or otherwise capturing an image of the original document for digitization. Re-capture (or re-scanning) is implemented only when image quality fails the Quality Control or Quality Assurance checks. If the digitized images require a recapture, then the re-captured images and associated Metadata must proceed through Quality Control and, where applicable, Quality Assurance again. 5. Indexing and Metadata Indexing and Metadata are used to describe business objects or resources and must be retained for at least as long as the records to which they relate. The digitization process includes four phases where Indexing must be applied. The phases are: Scanning Re-scanning Quality Assurance Data Transfer There are two types of Indexing information that are pertinent to these specifications: Biographical and Bibliographical. See Digitization Technical Requirements Standard (A000013) for further details regarding Indexing. Metadata may be used as a means of Indexing electronic records. 6. Quality Assurance Quality Assurance is the process of verifying images or determining whether digitization quality and associated Indexing within a digitization project meets expectations. Quality Assurance must be conducted by personnel not directly involved in the digitization or Indexing of documents and may be conducted by an independent third party if required. This level of quality review is above the normal Quality Control deployed as part of the digitization process (refer to the Quality Control section, below) and must be proven via audit logs, which include details such as: Quality Assurance operator, date, and whether the image passed or failed the test. A subset size of 5-10% of the total volume digitized is the required minimum Quality Assurance level, though the project s risk assessment may indicate a need for more. It is recommended that a statistical probability assessment be undertaken and documented, which will provide a procedure for calculating appropriate sampling based on either total annual imaging activity or total image project population. Acceptable margins of error and what constitutes an error must also be documented. 7. Image storage Once an image has met all required quality checks, it must be moved to Secure Storage immediately. INFORMATION SENSITIVITY: Unrestricted Page 4 of 7
5 Depending on the project requirements and legal or records management policies, some digitization processes may require a certification step where the digitized image is certified as being complete and correct before it can be deemed as final. Digitized images may be moved to Transitional Storage before being moved to the final storage location, but even temporary storage must be secure. 8. Records Management requirements Throughout the planning and implementation of a digitization project, records management requirements must be taken into consideration to ensure that they are being met for both the original source documents (Source Records) and the digitized documents. 9. Quality Control Quality Control must be considered and implemented throughout the digitization phases. The specific checks within the Quality Control phase must be documented within the digitization procedures manual to reduce the risk of insufficient image quality and inaccurate Index information. Digitization solutions deploying system generated Metadata are subject to validation during system design analysis and user acceptance testing. The process to ensure Quality Control of system generated Metadata must be documented in the digitization procedures manual. 10. Logging To ensure that there is the ability to review phases, track documents and processes, and provide an auditable trail, logging should be implemented throughout the digitization process. 11. Technical considerations Refer to the Digitization Technical Requirements Standard A for details and requirements. Where to Apply This Standard This applies to all Government of Alberta ministries, boards, agencies, and commissions. Authority and Exceptions Verify individual Ministry Acts to determine any specific exclusions This standard applies to all records, as described in the Description of Standard section Records excluded from the Electronic Transactions Act, S.A. 2011, c. E-5.5, section 7(1) and (2) may be digitized, but legal recognition of the digital version is not guaranteed, as per the Act. These records include: o Wills and codicils o Trusts created by wills or codicils o Enduring powers of attorney under the Powers of Attorney Act INFORMATION SENSITIVITY: Unrestricted Page 5 of 7
6 o Personal directives under the Personal Directives Act o Records that create or transfer interests in land, including interests in mines and minerals o Guarantees under the Guarantees Acknowledgment Act o o o Negotiable instruments Records that are prescribed, or that belong to a class that is prescribed, as records or a class of records to which the Act does not apply Documents of title, with some exceptions (refer to the Act for details) Supporting Documentation Digitization Technical Requirements Standard A Government of Alberta IMT Standards. Preparation of Record Schedules for the Disposition of Imaged Sourced Records Digitization Chain of Custody (RIM0001) Digitization Document Preparation (RIM0002) Digitization Program Required Documentation (RIM0003) Digitization Quality Assurance (RIM0004) Digitization Recommended Practice (RIM0005) Digitization Frequently Asked Questions (RIM0006) Digitization Indexing Field Descriptions (RIM0007) Digitization Program Business Analysis (RIM0008) Digitization Procedures Manual Guide References What is Enterprise Content Management (ECM)?, AIIM (retrieved February 2015) ANSI/AIIM TR2-1998, Glossary of Document Technologies CAN/CGSB , Microfilm and Electronic Images as Documentary Evidence CAN/CGSB , Electronic Records as Documentary Evidence ISO :2012, Electronic Imaging - Vocabulary ISO/TR 15801:2004, Electronic Digitization Information Stored Electronically Recommendations for Trustworthiness and Reliability Records and Information Management Branch (RIMB) Glossary WordNet 2.1, Princeton University (2005) Owner Service Alberta, Information Management Branch SA.InformationManagement@gov.ab.ca Contact IMT Standards at imt.standards@gov.ab.ca INFORMATION SENSITIVITY: Unrestricted Page 6 of 7
7 Additional Information Audience Source Sensitivity Government of Alberta Service Alberta, Information Management Branch Unrestricted Proposed Date Proposed By Service Alberta, Open Government Laurel Frank, Executive Director Information Management Branch (780) INFORMATION SENSITIVITY: Unrestricted Page 7 of 7
Indexing Field Descriptions Recommended Practice
Indexing Field Descriptions Recommended Practice Service Alberta Enterprise Information Management Developed: Last Updated: https://www.alberta.ca/enterprise-information-management.aspx Contents Indexing...
More informationData Exchange Standard Date, Time, and Date & Time
IMT Standards IMT Standards Oversight Committee Effective Date: 2014-12-31 Scheduled Review: 2020-02-15 Last Reviewed: 2019-02-15 Type: Technical 1 Standard number: A000042 Data Exchange Standard Date,
More informationChapter 9 Section 3. Digital Imaging (Scanned) And Electronic (Born-Digital) Records Process And Formats
Records Management (RM) Chapter 9 Section 3 Digital Imaging (Scanned) And Electronic (Born-Digital) Records Process And Formats Revision: 1.0 GENERAL 1.1 The success of a digitized document conversion
More informationRecords Management Metadata Standard
Records Management Metadata Standard Standard No: RIM203 2008 City Clerk s Office Records and Information Management Records and Information Management Standard Subject: Records Management Metadata Standard
More informationFSC STANDARD. Standard for Multi-site Certification of Chain of Custody Operations. FSC-STD (Version 1-0) EN
FOREST STEWARDSHIP COUNCIL INTERNATIONAL CENTER FSC STANDARD Standard for Multi-site Certification of Chain of Custody Operations FSC-STD-40-003 (Version 1-0) EN 2007 Forest Stewardship Council A.C. All
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationDIRECTIVE ON RECORDS AND INFORMATION MANAGEMENT (RIM) January 12, 2018
DIRECTIVE ON RECORDS AND INFORMATION MANAGEMENT (RIM) January 12, 2018 A. OVERRIDING OBJECTIVE 1.1 This Directive establishes the framework for information management of the Asian Infrastructure Investment
More informationStandard CIP Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-1 3. Purpose: Standard CIP-005 requires the identification and protection of the Electronic Security Perimeter(s)
More informationMinnesota State Colleges and Universities System Procedures Chapter 5 Administration
Minnesota State Colleges and Universities System Procedures Chapter 5 Administration 5.25.1 Use of Electronic Part 1. Purpose. This procedure establishes requirements for the consistent, secure implementation
More informationTransferring vital e-records to a trusted digital repository in Catalan public universities (the iarxiu platform)
Transferring vital e-records to a trusted digital repository in Catalan public universities (the iarxiu platform) Miquel Serra Fernàndez Archive and Registry Unit, University of Girona Girona, Spain (Catalonia)
More informationTimber Products Inspection, Inc.
Timber Products Inspection, Inc. Product Certification Public Document Timber Products Inspection, Inc. P.O. Box 919 Conyers, GA 30012 Phone: (770) 922-8000 Fax: (770) 922-1290 TP Product Certification
More informationTHE TRIAL MASTER FILE
THE TRIAL MASTER FILE CONFIDENCE IN PROVIDING TMF FOR REGULATORY INSPECTION OR LEGAL DISCOVERY EXECUTIVE SUMMARY FOR EXL PHARMA S 2ND EUROPEAN TRIAL MASTER FILE SUMMIT LONDON OCTOBER 22 23, 2013 CONTENTS
More informationSERVICE DESCRIPTION ISO Lex. Certifications
SERVICE DESCRIPTION Lex ISO/IEC 20000-1 INFORMATION TECHNOLOGY - SERVICE MANAGEMENT SYSTEM Companies of any size rely on effective IT service management. No matter where you re based or what you do, your
More informationGDPR Workflow White Paper
White Paper The European Union is implementing new legislation with the objective of protecting personal data of citizens within the EU and giving them more control over how their data is used. Hefty fines
More informationISO TC46/SC11 Archives/records management
ISO TC46/SC11 Archives/records management GUIDANCE FOR IMPLEMENTING DOCUMENTED INFORMATION CLAUSE USING PROCESSES AND CONTROLS OF ISO 30301:2011 Management system for records EXPLANATORY PAPER NOVEMBER
More informationIAF Information Document (draft)
International Accreditation Forum, Inc. IAF Information Document (draft) Information on the Transition of Management System Accreditation to ISO/IEC 17021:2010 from ISO/IEC 17021:2006 (IAF ID?:2010) The
More informationIMT Standards. Standard number A Server Blade. GoA IMT Standards
IMT Standards IMT Standards Oversight Committee Effective Date: 2014-01-17 Scheduled Review: 2015-01-17 Last Reviewed: 2014-01-06 Type: Technical Standard number A000006 Server Blade Category: Hardware
More informationAuditing in an Automated Environment: Appendix E: System Design, Development, and Maintenance
Accountability Modules Auditing in an Automated Environment: Agency Prepared By Initials Date Reviewed By Audit Program - System Design, Development, and Maintenance W/P Ref Page 1 of 1 Procedures Initials
More informationIT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive
IT Governance ISO/IEC 27001:2013 ISMS Implementation Service description Protect Comply Thrive 100% guaranteed ISO 27001 certification with the global experts With the IT Governance ISO 27001 Implementation
More informationNew York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines
New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities
More informationSECTION 10 CONTRACTING FOR PROFESSIONAL SERVICES CONSULTANT COMPETITIVE NEGOTIATION ACT (CCNA)
SECTION 10 CONTRACTING FOR PROFESSIONAL SERVICES CONSULTANT COMPETITIVE NEGOTIATION ACT (CCNA) 10.0 INTRODUCTION The purpose of this procedure is to provide guidance for hiring professional firms for architectural,
More informationStandard CIP Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-2 3. Purpose: Standard CIP-005-2 requires the identification and protection of the Electronic Security Perimeter(s)
More informationCertification Report
Certification Report Symantec Security Information Manager 4.8.1 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More informationCommon approaches to management. Presented at the annual conference of the Archives Association of British Columbia, Victoria, B.C.
Common approaches to email management Presented at the annual conference of the Archives Association of British Columbia, Victoria, B.C. Agenda 1 2 Introduction and Objectives Terms and Definitions 3 Typical
More informationOracle Data Cloud ( ODC ) Inbound Security Policies
Oracle Data Cloud ( ODC ) Inbound Security Policies Contents Contents... 1 Overview... 2 Oracle Data Cloud Security Policy... 2 Oracle Information Security Practices - General... 2 Security Standards...
More informationRecords Management and Retention
Records Management and Retention Category: Governance Number: Audience: University employees and Board members Last Revised: January 29, 2017 Owner: Secretary to the Board Approved by: Board of Governors
More informationInternal Audit Report. Electronic Bidding and Contract Letting TxDOT Office of Internal Audit
Internal Audit Report Electronic Bidding and Contract Letting TxDOT Office of Internal Audit Objective Review of process controls and service delivery of the TxDOT electronic bidding process. Opinion Based
More informationServer Security Procedure
Server Security Procedure Reference No. xx Revision No. 1 Relevant ISO Control No. 11.7.1 Issue Date: January 23, 2012 Revision Date: January 23, 2012 Approved by: Title: Ted Harvey Director, Technology
More informationNEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE
COMPLIANCE ADVISOR NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE A PUBLICATION BY THE EXCESS LINE ASSOCIATION OF NEW YORK One Exchange Plaza 55 Broadway 29th Floor New York, New York 10006-3728 Telephone:
More informationGatekeeper Public Key Infrastructure Framework. Information Security Registered Assessors Program Guide
Gatekeeper Public Key Infrastructure Framework Information Security Registered Assessors Program Guide V 2.1 December 2015 Digital Transformation Office Commonwealth of Australia 2015 This work is copyright.
More informationProcess for the Evaluation and Acceptance of Building Products in the USA
Process for the Evaluation and Acceptance of Building Products in the USA Rick Okawa, P.E. Deputy Vice President of Global Services and Business Development An Integrated Building System Product Certification
More informationISO Information and documentation Digital records conversion and migration process
INTERNATIONAL STANDARD ISO 13008 First edition 2012-06-15 Information and documentation Digital records conversion and migration process Information et documentation Processus de conversion et migration
More informationDATA STEWARDSHIP BODY OF KNOWLEDGE (DSBOK)
DATA STEWARDSHIP BODY OF KNOWLEDGE (DSBOK) Release 2.2 August 2013. This document was created in collaboration of the leading experts and educators in the field and members of the Certified Data Steward
More informationSparta Systems TrackWise Digital Solution
Systems TrackWise Digital Solution 21 CFR Part 11 and Annex 11 Assessment February 2018 Systems TrackWise Digital Solution Introduction The purpose of this document is to outline the roles and responsibilities
More informationPRINCIPLES AND FUNCTIONAL REQUIREMENTS
INTERNATIONAL COUNCIL ON ARCHIVES PRINCIPLES AND FUNCTIONAL REQUIREMENTS FOR RECORDS IN ELECTRONIC OFFICE ENVIRONMENTS RECORDKEEPING REQUIREMENTS FOR BUSINESS SYSTEMS THAT DO NOT MANAGE RECORDS OCTOBER
More informationChain of Preservation Model Diagrams and Definitions
International Research on Permanent Authentic Records in Electronic Systems (InterPARES) 2: Experiential, Interactive and Dynamic Records APPENDIX 14 Chain of Preservation Model Diagrams and Definitions
More informationThe Open Group Certification for People. Training Course Accreditation Requirements
The Open Group Certification for People Training Course Accreditation Requirements Version 1.1 February 2014 Copyright 2013-2014, The Open Group All rights reserved. No part of this publication may be
More informationPERFORM FOR HPE CONTENT MANAGER
PERFORM FOR HPE CONTENT MANAGER Expand HPE Content Manager to deliver operational excellence Extend the value of your investment in HPE information management technology by adding adaptive workflows to
More informationStandard CIP Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-1 3. Purpose: Standard CIP-007 requires Responsible Entities to define methods, processes, and procedures for securing
More informationCPD ACTIVITY GUIDELINES AND REQUIREMENTS
Introduction After obtaining the Internal Audit Technician (IAT) and / or Professional Internal Auditor (PIA)* designations, members must maintain their knowledge and skills and stay abreast of improvements
More informationRecords Management at MSU. Hillary Gatlin University Archives and Historical Collections January 27, 2017
Records Management at MSU Hillary Gatlin University Archives and Historical Collections January 27, 2017 Today s Agenda Introduction to University Archives Records Management at MSU Records Retention Schedules
More informationSparta Systems Stratas Solution
Systems Solution 21 CFR Part 11 and Annex 11 Assessment October 2017 Systems Solution Introduction The purpose of this document is to outline the roles and responsibilities for compliance with the FDA
More informationRequirements for Certification Bodies operating Certification against the PEFC International Chain of Custody Standard
PEFC INTERNATIONAL STANDARD Requirements for certification users PEFC ST 2003:2012 2012-07-16 Requirements for Certification Bodies operating Certification against the PEFC International Chain of Custody
More information<< Practice Test Demo - 2PassEasy >> Exam Questions CISM. Certified Information Security Manager. https://www.2passeasy.
Exam Questions CISM Certified Information Security Manager https://www.2passeasy.com/dumps/cism/ 1.Senior management commitment and support for information security can BEST be obtained through presentations
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationStandard CIP 005 2a Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-2a 3. Purpose: Standard CIP-005-2 requires the identification and protection of the Electronic Security Perimeter(s)
More informationIAF Informative Document. Information on the Transition of Management System Accreditation to ISO/IEC :2015 from ISO/IEC 17021:2011
IAF Informative Document Information on the Transition of Management System Accreditation to ISO/IEC 17021-1:2015 from ISO/IEC 17021:2011 Issue 1 (IAF ID 11:2015) Issue 1 Information on the Transition
More informationInformation Technology Branch Organization of Cyber Security Technical Standard
Information Technology Branch Organization of Cyber Security Technical Standard Information Management, Administrative Directive A1461 Cyber Security Technical Standard # 1 November 20, 2014 Approved:
More informationData Management Glossary
Data Management Glossary A Access path: The route through a system by which data is found, accessed and retrieved Agile methodology: An approach to software development which takes incremental, iterative
More informationt a Foresight Consulting, GPO Box 116, Canberra ACT 2601, AUSTRALIA e foresightconsulting.com.
e info@ Mr. James Kavanagh Chief Security Advisor Microsoft Australia Level 4, 6 National Circuit, Barton, ACT 2600 19 August 2015 Microsoft CRM Online IRAP Assessment Letter of Compliance Dear Mr. Kavanagh,
More informationBuilding an Assurance Foundation for 21 st Century Information Systems and Networks
Building an Assurance Foundation for 21 st Century Information Systems and Networks The Role of IT Security Standards, Metrics, and Assessment Programs Dr. Ron Ross National Information Assurance Partnership
More informationIT Attestation in the Cloud Era
IT Attestation in the Cloud Era The need for increased assurance over outsourced operations/ controls April 2013 Symeon Kalamatianos M.Sc., CISA, CISM Senior Manager, IT Risk Consulting Contents Introduction
More informationCERTIFICATION BODY (CB) APPROVAL REQUIREMENTS FOR THE IFFO RESPONSIBLE SUPPLY (IFFO RS) AUDITS AND CERTIFICATION
CERTIFICATION BODY (CB) APPROVAL REQUIREMENTS FOR THE IFFO RESPONSIBLE SUPPLY (IFFO RS) AUDITS AND CERTIFICATION Introduction The IFFO RS Certification Programme is a third party, independent and accredited
More informationRECORDS MANAGEMENT AND YOU
RECORDS MANAGEMENT AND YOU Carolyn Smith S.C. Archives & History Why Records Management Matters Citizens have a right to know. Records have historical importance. Good records makes your job easier. What
More informationRELATIONSHIP BETWEEN THE ISO SERIES OF STANDARDS AND OTHER PRODUCTS OF ISO/TC 46/SC 11: 1. Records processes and controls 2012
RELATIONSHIP BETWEEN THE ISO 30300 SERIES OF STANDARDS AND OTHER PRODUCTS OF ISO/TC 46/SC 11: Records processes and controls White paper written by ISO TC46/SC11- Archives/records management Date: March
More informationISO INTERNATIONAL STANDARD. Information and documentation Records management Part 1: General
Provläsningsexemplar / Preview INTERNATIONAL STANDARD ISO 15489-1 First edition 2001-09-15 Information and documentation Records management Part 1: General Information et documentation «Records management»
More informationISSUE N 1 MAJOR MODIFICATIONS. Version Changes Related Release No. PREVIOUS VERSIONS HISTORY. Version Date History Related Release No.
ISSUE N 1 MAJOR MODIFICATIONS Version Changes Related Release No. 01 First issue. 2.8.0 PREVIOUS VERSIONS HISTORY Version Date History Related Release No. N/A N/A N/A N/A APPROVAL TABLE Signatures below
More informationCOMMON CRITERIA CERTIFICATION REPORT
COMMON CRITERIA CERTIFICATION REPORT Dell EMC Elastic Cloud Storage v3.2 15 May 2018 383-4-439 V1.0 Government of Canada. This document is the property of the Government of Canada. It shall not be altered,
More informationGlobal Specification Protocol for Organisations Certifying to an ISO Standard related to Market, Opinion and Social Research.
CONTENTS i. INTRODUCTION 3 ii. OVERVIEW SPECIFICATION PROTOCOL DOCUMENT DEVELOPMENT PROCESS 4 1. SCOPE 5 2. DEFINITIONS 5 3. REFERENCES 6 4. MANAGEMENT STANDARDS FOR APPROVED CERTIFICATION BODIES 6 4.1
More informationCIVIL AVIATION REQUIREMENT SECTION 2 - AIRWORTHINESS SERIES E PART XII EFFECTIVE : FORTHWITH
GOVERNMENT OF INDIA OFFICE OF THE DIRECTOR GENERAL OF CIVIL AVIATION TECHNICAL CENTRE, OPP SAFDURJUNG AIRPORT, New Delhi CIVIL AVIATION REQUIREMENT SECTION 2 - AIRWORTHINESS SERIES E PART XII, 2017 EFFECTIVE
More informationTerms in the glossary are listed alphabetically. Words highlighted in bold are defined in the Glossary.
Glossary 2010 The Records Management glossary is a list of standard records terms used throughout CINA s guidance and training. These terms and definitions will help you to understand and get the most
More information01.0 Policy Responsibilities and Oversight
Number 1.0 Policy Owner Information Security and Technology Policy Policy Responsibility & Oversight Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 1. Policy Responsibilities
More informationCertification Report
Certification Report EAL 2+ Evaluation of Tactical Network-layer Gateway (2E2 IA): a GD Canada MESHnet G2 Gateway product Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationPTSPAS Product Assessment HAPAS Equivalent in accordance with MCHW SHW Volume 1 Clause and
1. Policy It is the policy of Pavement Testing Services Ltd (hereafter PTS) to operate its certification/ assessment services in a non-discriminatory manner. PTS shall not use procedures / processes to
More informationNational Wood Products, Inc. FSC Chain of Custody NWP CENTRAL OFFICE Standard Operating Procedure REVIEW DATE: August 17, 2013
National Wood Products, Inc. NWP CENTRAL OFFICE Standard Operating Procedure REVIEW DATE: August 17, 2013 ORIGINAL DOCUMENT DATE: August 11, 2008 Prepared By: Tanya Coy C:\Users\tcoy\Documents\FSC CERTIFICATION\NWP
More information2016 SC REGIONAL HOUSING AUTHORITY NO. 3 S EIV SECURITY POLICY
2016 SC REGIONAL HOUSING AUTHORITY NO. 3 S EIV SECURITY POLICY Purpose: The purpose of this policy is to provide instruction and information to staff, auditors, consultants, contractors and tenants on
More informationAchilles System Certification (ASC) from GE Digital
Achilles System Certification (ASC) from GE Digital Frequently Asked Questions GE Digital Achilles System Certification FAQ Sheet 1 Safeguard your devices and meet industry benchmarks for industrial cyber
More informationManagement: A Guide For Harvard Administrators
E-mail Management: A Guide For Harvard Administrators E-mail is information transmitted or exchanged between a sender and a recipient by way of a system of connected computers. Although e-mail is considered
More informationITSM20F_Umang. Number: ITSM20F Passing Score: 800 Time Limit: 120 min File Version: 4.0. Exin ITSM20F
ITSM20F_Umang Number: ITSM20F Passing Score: 800 Time Limit: 120 min File Version: 4.0 http://www.gratisexam.com/ Exin ITSM20F IT Service Management Foundation based on ISO/IEC 20000 (ITSM20F.EN) Version:
More informationValcambi SA BY THE AUTHORITY OF THE COUNCIL. IS CHAIN-OF-CUSTODY CERTIFIED BY THE Responsible Jewellery Council. Executive Director
CHAIN-OF-CUSTODY BY THE AUTHORITY OF THE COUNCIL IS CHAIN-OF-CUSTODY CERTIFIED BY THE Responsible Jewellery Council NUMBER: C0000 0065 CERTIFIED UNTIL: 04 JULY 2020 TYPES OF ELIGIBLE MATERIALS HANDLED:
More informationDocument Title Ingest Guide for University Electronic Records
Digital Collections and Archives, Manuscripts & Archives, Document Title Ingest Guide for University Electronic Records Document Number 3.1 Version Draft for Comment 3 rd version Date 09/30/05 NHPRC Grant
More informationDoes a SAS 70 Audit Leave you at Risk of a Security Exposure or Failure to Comply with FISMA?
Does a SAS 70 Audit Leave you at Risk of a Security Exposure or Failure to Comply with FISMA? A brief overview of security requirements for Federal government agencies applicable to contracted IT services,
More informationPEFC Certification System Netherlands - Certification Procedures
PCSN SCHEME DOCUMENT PCSN IV Issue 2 10-03-2017 PEFC Certification System Netherlands - Certification Procedures PEFC Netherlands Kokermolen 11 3994 DG Houten The Netherlands Tel: +31 30 693 0040 Fax:
More informationISO27001:2013 The New Standard Revised Edition
ECSC UNRESTRICTED ISO27001:2013 The New Standard Revised Edition +44 (0) 1274 736223 consulting@ecsc.co.uk www.ecsc.co.uk A Blue Paper from Page 1 of 14 Version 1_00 Date: 27 January 2014 For more information
More informationIntroduction To IS Auditing
Introduction To IS Auditing Instructor: Bryan McAtee, ASA, CISA Bryan McAtee & Associates - Brisbane, Australia * Course, Presenter and Delegate Introductions * Definition of Information Technology (IT)
More informationSouth African Forestry Assurance Scheme SAFAS 6:2018. Certification and Accreditation Procedures. Issue SAFAS Council SAFAS
South African Forestry Assurance Scheme SAFAS 6:2018 Issue 1 2018-05-22 SAFAS 346 Burger Street Pietermaritzburg South Africa Tel: +27 33 897 5000 1 Document name: Document number: SAFAS 6:2018 Approved
More informationRELIABILITY COMPLIANCE ENFORCEMENT IN ONTARIO
RELIABILITY COMPLIANCE ENFORCEMENT IN ONTARIO June 27, 2016 Training provided for Ontario market participants by the Market Assessment and Compliance Division of the IESO Module 1 A MACD training presentation
More informationIEC Quality Assessment System for Electronic Components (IECQ System)
IECQ 03-4 Edition 2.0 2012-09 IECQ PUBLICATION IEC Quality Assessment System for Electronic Components (IECQ System) Rules of Procedure Part 4: IECQ ECMP Scheme Avionics Assessment Program Requirements
More informationGETTING STARTED WITH THE SIG 2014: A RESPONDENT S GUIDE By Shared Assessments
GETTING STARTED WITH THE SIG 2014: A RESPONDENT S GUIDE By Shared Assessments GETTING STARTED WITH THE SIG 2014: A RESPONDENT S GUIDE TABLE OF CONTENTS About the SIG... 2 SIG Quick Start Guide For Responders...
More informationSupersedes Policy previously approved by TBM
Document Title: Email Policy Pages Document Type: Policy 6 No. Of Scope: Government of Newfoundland and Labrador (GNL) Trim # DOC15481/2009 Revision ( # ) 27 Treasury Board Approval ( # ) TBM2009-298 Supersedes
More informationRegulatory Circular RG Members and Member Firm Organizations. Division of Member and Regulatory Services. Date: October 28, 2009
Regulatory Circular RG09-122 To: From: Members and Member Firm Organizations Division of Member and Regulatory Services Date: October 28, 2009 RE: Supervision of Electronic Communications and Electronic
More informationUKAS Guidance for Bodies Offering Certification of Anti-Bribery Management Systems
CIS 14 Edition 1 September 2018 UKAS Guidance for Bodies Offering Certification of Anti-Bribery Management Systems CIS 14 Edition 1 Page 1 of 10 Contents 1. Introduction 3 2. UKAS Assessment Approach 3
More informationData Partnerships to Improve Health Frequently Asked Questions. Glossary...9
FAQ s Data Partnerships to Improve Health Frequently Asked Questions BENEFITS OF PARTICIPATING... 1 USING THE NETWORK.... 2 SECURING THE DATA AND NETWORK.... 3 PROTECTING PRIVACY.... 4 CREATING METADATA...
More informationPublic Safety Canada. Audit of the Business Continuity Planning Program
Public Safety Canada Audit of the Business Continuity Planning Program October 2016 Her Majesty the Queen in Right of Canada, 2016 Cat: PS4-208/2016E-PDF ISBN: 978-0-660-06766-7 This material may be freely
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationVirginia State University Policies Manual. Title: Change/Configuration Management Policy: 6810 A. Purpose
A. Purpose Virginia State University (VSU) management in an effort to preserve the integrity and stability of its systems and infrastructure has established a change management policy that will govern
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationUNCONTROLLED IF PRINTED
161Thorn Hill Road Warrendale, PA 15086-7527 1. Scope 2. Definitions PROGRAM DOCUMENT PD 1000 Issue Date: 19-Apr-2015 Revision Date: 26-May-2015 INDUSTRY MANAGED ACCREDITATION PROGRAM DOCUMENT Table of
More informationPREPARING FOR SOC CHANGES. AN ARMANINO WHITE PAPER By Liam Collins, Partner-In-Charge, SOC Audit Practice
PREPARING FOR SOC CHANGES AN ARMANINO WHITE PAPER By Liam Collins, Partner-In-Charge, SOC Audit Practice On May 1, 2017, SSAE 18 went into effect and superseded SSAE 16. The following information is here
More informationCloud Security Standards
Cloud Security Standards Classification: Standard Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January 2018 Next
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Network Mapping The Network Mapping helps visualize the network and understand relationships and connectivity between
More informationCertification Report
Certification Report Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of Canada, Communications Security Establishment,
More informationStreamlined FISMA Compliance For Hosted Information Systems
Streamlined FISMA Compliance For Hosted Information Systems Faster Certification and Accreditation at a Reduced Cost IT-CNP, INC. WWW.GOVDATAHOSTING.COM WHITEPAPER :: Executive Summary Federal, State and
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationThe Value of ANSI Accreditation. Top 10 Advantages. of accredited third-party conformity assessment
The Value of ANSI Accreditation Top 10 Advantages of accredited third-party conformity assessment The American National Standards Institute (ANSI) offers highly recognized accreditation programs globally
More informationTechnical Security Standard
Technical Security Standard Title: Minimum Controls TSS Version: 1.1 Effective Date July 2018 This Standard defines the minimum baseline security controls and Summary: processes required for a given Information
More informationCourse List & Pricing Crest Advisory Africa
Course List & Pricing 018 Crest Advisory Africa www.crestadvisoryafrica.com 1. Risk Management Courses 1 4 ERM Awareness Session (Excl. Printing at R100 per delegate) Introduction to Risk Management ISO
More informationADIENT VENDOR SECURITY STANDARD
Contents 1. Scope and General Considerations... 1 2. Definitions... 1 3. Governance... 2 3.1 Personnel... 2 3.2 Sub-Contractors... 2 3.3. Development of Applications... 2 4. Technical and Organizational
More informationSolution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites
Solution Pack Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Subject Governing Agreement DXC Services Requirements Agreement between DXC and Customer including DXC
More information