ISO 16175 Principles and Functional Requirements for Records in Electronic Office Environments
ISO 16175 provides internationally agreed principles and functional requirements for software used to create and manage digital information in office environments.
The standard is divided into three parts.
Part 1: AS/NZS ISO 16175.1:2012 Information and documentation - Principles and functional requirements for records in electronic office environments - Overview and statement of principles
Part 2: SA/SNZ TR ISO 16175.2:2012 Information and documentation - Principles and functional requirements for records in electronic office environments - Guidelines and functional requirements for digital records management systems
Part 3: SA/SNZ TR ISO 16175.3:2012 Information and documentation - Principles and functional requirements for records in electronic office environments - Guidelines and functional requirements for records in business systems
Why use ISO 16175?
The National Archives of Australia endorses the use of this standard by Australian Government agencies. Using the standard will help to maximise consistency for interoperability across agencies in software used to create and manage digital records. The standard will assist agencies to:
- review the records management functionality, or assess the compliance of an existing system
- identify records management functionality to include in a design specification when building, upgrading or acquiring new business systems.
The principles and functional requirements in the standard enable agencies to better manage their business information through:
- supporting business needs by enabling greater effectiveness and efficiency of operations
- ensuring greater accountability, transparency and enhanced service delivery
- increasing general awareness of automated records management capabilities
- providing a foundation for government agencies, the National Archives and the wider information management profession to engage with the software vendor community.
The Archives encourages software vendors to self-assess their products against the standard.
This can be done by direct assessment against the standard or by using the Business System Assessment Framework which is based on the foundations of ISO16175 part 3. The Framework provides a streamlined, risk based approach to the assessment of information management functionality in business systems.
Where to get the standard
ISO 16175 can be purchased from SAI Global.
ISO 16175 was adapted from Principles and Functional Requirements for Records in Electronic Office Environments (also known as ICA-Req) which was published jointly by the International Council on Archives (ICA) and the Australasian Digital Recordkeeping Initiative. The three modules of ICA-Req are provided here for reference purposes.
Module 1 Overview and Statement of Principles
What’s in the standard?
ISO 16175 provides a modular approach for assessing the information management functionality of software systems and consists of three parts:
- Part 1: contains an overview of the basic principles for managing records in digital environments.
- Part 2: outlines the requirements for information management functionality in digital record management systems, that is, systems whose primary function is to manage information as records; and
- Part 3: outlines the requirement for information management functionality in business systems
In applying the functional requirements, it is assumed that a basic records management framework is in place, as outlined in ISO 15489-1 Records management: concepts and principles. These include risk assessment, policies and records controls for the creation, capture and management of records as information assets.
ISO 16175: Part 2 – information management systems
ISO 16175 Part 2 should be read in conjunction with Part 1 of the standard, which contains an overview of the basic principles for managing records in a digital environment.
What is a digital records management system?
A digital records management system is a software application whose primary function is to manage information as records. In most agencies, these systems take the form of an electronic document and records management system (EDRMS) or an electronic records management system (ERMS). This also includes enterprise content management systems where the primary function is records management.
These systems are specifically designed to manage the capture, maintenance and disposal of records. They maintain the content, context, structure and links among records to enable their accessibility and support their value as evidence.
Not all digital records management systems are limited to the management of records in digital format. Some are specifically designed to provide for the management of physical records (such as paper-based files) or both physical and digital records.
Functional requirements for digital records management systems
ISO 16175 Part 2 sets out the requirements for digital records management systems. These requirements are:
- to create and capture the content, structure, context and format of records. This includes requirements for the identification, classification and aggregation of records.
- to maintain the authenticity and reliability of records. This includes requirements for access and security, retention and disposal, maintaining metadata, hybrid records management and support for migration and export.
- to search, retrieve and render records for access and display.
- to enable the administration of the records management system including the management of system parameters, and the capacity to back up and restore data, generate system reports and manage metadata.
ISO 16175: Part 3 – business systems
ISO 16175 Part 3 should be read in conjunction with Part 1 of the standard, which contains an overview of basic principles for managing records in a digital environment.
What is a business system?
A business system is an automated system that creates, manages or stores information about an organisation’s activities. Business systems differ from electronic document and records management systems (EDRMS) or electronic records management systems (ERMS) in that their primary function is to facilitate business transactions.
Examples of common business systems include line-of-business, case management, content management, human resource management and financial management systems.
Business systems typically store large volumes of information that are frequently updated. Not all information in a business system will need to be kept. For example, data may be duplicated or the data may have been drawn together and kept elsewhere.
The process of identifying 'records' entails identifying requirements for evidence of the business being conducted, and identifying the information in the business system needed to record this evidence. A record in a business system may consist of dispersed elements in a database that, when drawn together for a transaction, provide evidence of a business activity.
Functional requirements for information management in business systems
ISO 16175 Part 3 provides an overview of the high level functional requirements for records that may be incorporated into a business system. Functional requirements are broken down into four categories, each representing a different records management concept.
These requirements are:
- to create records in context: the functionality required to create and keep records that are valid, accurate and protected from both accidental and deliberate unauthorised change.
- to manage and maintain records: the functionality required to ensure records do not lose their evidential value during management processes including classification, retention, disposal, security and access.
- to support import, export and interoperability: functionality required to exchange, import or export records both within and between systems, without the loss of content or metadata.
- to retain and dispose of records as required: the functionality required in business systems to dispose of records in a managed, systematic and auditable way.
The functional requirements will be influenced by whether records are managed within the business system or are managed externally by export to or integration with a dedicated records management system. The requirements are generic and may need to be adapted to the agency's particular business needs.
The Business System Assessment Framework will assist with determining the appropriate functionality for your agency. This Framework is based on Part 3 of ISO 16175 which provides a streamlined, risk-based approach to the assessment of information management functionality in business systems.