ISO 13008:2012

INTERNATIONAL ISO
STANDARD 13008
First edition
2012-06-15
Information and documentation — Digital
records conversion and migration process
Information et documentation — Processus de conversion et migration
des documents d’activité numériques
Reference number
©
ISO 2012
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISO’s
member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2012 – All rights reserved

Contents Page
Foreword .iv
Introduction . v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Organizational and business framework . 4
4.1 General . 4
4.2 Conversion and migration drivers . 4
4.3 Planning for the conversion and migration process . 5
4.4 Establishing a conversion and migration program . 6
5 Recordkeeping requirements . 8
5.1 General . 8
5.2 Conversion and migration requirements . 8
5.3 Conversion/migration process metadata . 9
5.4 Recordkeeping process metadata implementation issues . 9
6 Conversion and migration planning .10
6.1 General .10
6.2 Business requirements .10
6.3 General administrative planning . 11
6.4 Technology planning requirements .12
7 Conversion and migration procedures .12
7.1 General .12
7.2 Procedures .13
7.3 Conversion/migration project planning .15
7.4 Testing .18
7.5 Conversion/migration .20
7.6 Validating .22
8 Monitoring .24
Bibliography .25
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies
(ISO member bodies). The work of preparing International Standards is normally carried out through ISO
technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International
Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International Standards
adopted by the technical committees are circulated to the member bodies for voting. Publication as an
International Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this International Standard may be the subject
of patent rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 13008 was prepared by Technical Committee ISO/TC 46, Information and documentation, Subcommittee
SC 11, Archives/records management.
iv © ISO 2012 – All rights reserved

Introduction
This International Standard provides guidance for the conversion of records from one format to another and
the migration of records from one hardware or software configuration to another. It contains applicable records
management requirements, the organizational and business framework for conducting the conversion and
migration process, technology planning issues, and monitoring/controls for the process. It also identifies
the steps, components and particular methodologies for each of these processes, covering such topics as
workflow, testing, version control and validation.
The development of this International Standard was derived from Reference [13].
With the rapid pace of technological change, many records in digital form will, at some point, need to be
converted from one format to another, or migrated from one system to another to ensure their continued
accessibility and processability.
This is not to suggest that conversion and migration are the only approaches to preserving digital records.
Other methods, such as emulation, do exist or are under development. Conversion and migration are, however,
two of the more prevalent methods of digital preservation at this time. While this International Standard does
not address digital preservation per se, the conversion and migration processes can have an impact on a digital
preservation strategy. How an organization chooses to set up the conversion and migration processes (which
format to employ, the level of control needed, and so on) largely influences its view of the record. At the time of
the development of this International Standard, no single preferred preservation method had been identified.
However, institutions recognize the benefit of standardized procedures; many test beds and task forces have
been established to explore and research conversion, migration, emulation and refreshment, among other
preservation procedures, to determine what should work best.
Conversion and migration represent separate approaches to preserving digital records. It is important to
implement them in a managed way to prevent any degradation or loss in the authenticity, reliability, integrity and
usability of the records, thus ensuring an “authoritative record” as described in ISO 15489-1:2001, 7.2.2 to 7.2.5.
This International Standard outlines the program components, planning issues, recordkeeping requirements and
procedures for performing the conversion and migration of digital records so as to preserve their authenticity,
reliability, integrity and usability so that they continue to act as evidence of business transactions.
From the outset, note that it is not necessary to adopt all of the procedures recommended in this International
Standard to ensure that records management requirements are met. The decision regarding which procedures
to adopt depends on such factors as the type of conversion or migration to be performed and the level of risk
the organization is willing to accept. In addition, organizations would be well advised to incorporate future
planning for further conversion and/or migration of records among requirements for managing enterprise
electronic recordkeeping systems.
Before starting a conversion or migration project, individuals designated as “key” to the process need to be
aware of records management requirements. The term “recordkeeping criteria/requirements” in records and
information management means an adherence to a set of principles that relate to record integrity, authenticity,
reliability and usability. Adherence to these principles ensures that record content, context and structure
are maintained and that a given record’s standing as evidence of business activity is not compromised. The
principles apply regardless of how long the record is retained.
This International Standard does not specifically address conversions and migrations as a routine, ongoing
business-as-usual work.
INTERNATIONAL STANDARD ISO 13008:2012(E)
Information and documentation — Digital records conversion
and migration process
1 Scope
This International Standard specifies the planning issues, requirements and procedures for the conversion
and/or migration of digital records (which includes digital objects plus metadata) in order to preserve the
authenticity, reliability, integrity and usability of such records as evidence of business transactions. These
digital records can be active or residing in a repository.
These procedures do not comprehensively cover:
— backup systems;
— preservation of digital records;
— functionality of trusted digital repositories;
— the process of converting analogue formats to digital formats and vice versa.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced document
(including any amendments) applies.
ISO 15489-1, Information and documentation — Records management — Part 1: General
ISO 23081-2, Information and documentation — Managing metadata for records — Part 2: Conceptual and
implementation issues
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 15489-1 and the following apply.
3.1
access
right, opportunity, means of finding, using, or retrieving information
[ISO 15489-1:2001, definition 3.1]
3.2
attribute
characteristic of an object or entity
NOTE Adapted from ISO/IEC 11179-3:2003.
3.3
authenticity
record that can be proven to be what it purports to be, to have been created or sent by the person purported to
have created or sent it, and to have been created or sent at the time purported
NOTE This term is further described in ISO 15489-1:2001, 7.2.2.
3.4
content
subject information of a document
[IEC 82045-1:2001, definition 3.2.2]
3.5
conversion
〈record〉 process of changing records from one format to another while maintaining the characteristics of the records
3.6
data cleansing
process of reviewing and correcting data to ensure data are in a standardized format
NOTE Correction may be carried out for incompleteness, incorrect formatting, obsolescence, duplication, etc. It is
often done prior to merging data sets or converting data from one system/database to another.
3.7
data object
discrete data, considered as a unit, representing an instance of a data structure that is known or assumed to
be known
[ISO/IEC 2382-17:1999, definition 17.01.11]
3.8
emulation
use of a data processing system to imitate another data processing system, so that the imitating system
accepts the same data, executes the same programs, and achieves the same results as the imitated system
NOTE Adapted from ISO/IEC 2382-1:1993.
3.9
encryption
(reversible) transformation of data by a cryptographic algorithm to produce ciphertext, i.e. to hide the information
content of the data
NOTE Adapted from ISO/IEC 18033-1:2005.
3.10
file format
encoding of a file type that can be rendered or interpreted in a consistent, expected and meaningful way through
the intervention of a particular piece of software or hardware which has been designed to handle that format
NOTE A file may (or may not) be a container containing zero or more files of various formats. File formats may
be defined by a specification, or by a reference software system. Many file formats exist in forms with minor variations
and many also in more than one version. Typing of file formats should be interpreted generously rather than strictly, but
sufficiently precisely to distinguish versions where such distinctions have significant interpretive consequences.
[PRONOM]
3.11
integrity
quality of being complete and unaltered
NOTE This term is further described in ISO 15489-1:2001, 7.2.4.
3.12
metadata
〈records〉 data describing context, content, and structure of records and their management through time
[ISO 15489-1:2001, definition 3.12]
2 © ISO 2012 – All rights reserved

3.13
migration
〈records〉 process of moving records, including their existing characteristics, from one hardware or software
configuration to another without changing the format
3.14
originating
initial manifestation of something
3.15
preservation
processes and operations involved in ensuring the technical and intellectual survival of authentic records
through time
[ISO 15489-1:2001, definition 3.14]
3.16
preservation metadata
metadata that supports the viability, renderability, understandability, authenticity and identity of digital objects
in a preservation context
[PREMIS Data Dictionary for Preservation Metadata, version 2.0, March 2008]
3.17
record
information created, received, and maintained as evidence and/or as an asset by an organization or person, in
pursuance of legal obligations or in the transaction of business, regardless of medium, form or format
NOTE Adapted from ISO 15489-1:2001.
3.18
refreshment
data migration where the media is replaced with equivalent media such that all storage hardware and software
functionality is unchanged
NOTE Adapted from ISO 14721:2003.
3.19
reliability
measure of the completeness and accuracy of the representation of transactions and activities, or of the facts
to which they attest
NOTE This term is further described in ISO 15489-1:2001, 7.2.3.
3.20
replication
digital migration where there is no change to the packaging information, the content information, and the
preservation description information
NOTE The bits used to represent these information objects are preserved in the transfer to the same or new
media instance.
NOTE Adapted from ISO 14721:2003.
3.21
usability
〈records〉 property of being able to be located, retrieved, presented and interpreted
NOTE This term is further described in ISO 15489-1:2001, 7.2.5.
3.22
validation
confirmation, through the provision of objective evidence, that the requirements for a specific intended use or
application have been fulfilled
NOTE Adapted from ISO 9000:2005.
4 Organizational and business framework
4.1 General
This clause addresses the drivers that often prompt the need for the conversion or migration of digital records,
the issues that organizations should consider when evaluating the need for conversion or migration of their
records, and the steps taken in developing a conversion and migration program. It discusses the decision making
and resource allocation associated with the conversion or migration within the organizational framework, as
well as the technical infrastructure that supports the conversion and migration processes and which shall be
used to ensure the records’ authenticity and integrity for as long as they are needed.
4.2 Conversion and migration drivers
4.2.1 General
A variety of drivers can compel an organization to convert or migrate its digital records. Some records
have longer retention requirements than a software application or storage medium can sustain, prompting
organizations to convert or migrate their records while supporting systems are still viable. Organizations
might also choose to convert or migrate records proactively on the basis of operational factors relating to
record volume, access, storage efficiency, business and technology cycles, or organizational change (such as
mergers and acquisitions). In extreme circumstances, organizations might be compelled to convert or migrate
records in response to regulatory or legal actions.
4.2.2 Conversion drivers
Conversion is defined as the process of changing records from one format to another. Some examples of
drivers that could require digital conversion include the following.
a) Format change: for example, records stored in a closed format are converted to an open file format, such
as a conversion of a Word file to PDF/A.
b) Format obsolescence: for example, records stored in an obsolete but still readable word processing format
are converted to a current word processing format.
4.2.3 Migration drivers
Migration is defined as the process of moving records from one hardware or software configuration to another
without changing the format. Some examples of drivers that could require digital migration include the following.
a) There may be a need to migrate records from one structure to another. For example, records existing in several
legacy databases might be restructured into a new consolidated database (e.g. from Oracle to SQL Server).
b) The platform in which the records were created is changing and the records need to be migrated to the new
platform. For example, records might need to be moved from a Microsoft Windows platform to a UNIX platform.
c) A migration is prudent from a business perspective (e.g. to introduce a new system with improved
functionality). For example, a migration of records might be needed to support a change from a physical
business presence to a web-based storefront or to move records from a shared drive to an electronic
document and records management system (EDRMS).
4 © ISO 2012 – All rights reserved

Organizations have an obligation to assess, document and manage their records in the normal course of
business. Ongoing accessibility and compliance of digital records with a dynamic regulatory and technical
environment demand rigorous, coordinated efforts and sustained funding.
Decisions related to conversion and migration shall be based on analysis of the importance of the organization’s
digital records and the impact of technology infrastructure and investments during the records’ existence, as
well as on knowledge about standards and best practices relating to conversion and migration of digital records.
4.3 Planning for the conversion and migration process
4.3.1 General
Records conversion and migration planning falls into the domain of the organization’s information governance
protocols and systems. As with more traditional asset (capital, facilities, human resources) management,
established policies and procedures regarding the acquisition, management and disposition of information
assets should be established, followed, documented and periodically audited for compliance and efficacy.
Business managers (and their respective IS/IT support officers) should know where and how their record
assets are being created, managed and stored, and should therefore be able to plan and justify the case for
conversion or migration.
In a given organization, conversion or migration might take place as a one-time project or regularly as an
ongoing activity in response to any of the above-mentioned situations. However, for effective preservation of
digital records, conversion or migration shall be performed as part of an ongoing, well-planned and structured
program. In all cases, it is preferable to plan, execute and validate the records conversion or migration process
proactively, with adequate time and resources and with the least disruption to stakeholders and their respective
business cycles and functions. During an unplanned event (natural or human-made), conversion or migration
may have to be undertaken under extreme and therefore less than ideal conditions, which make it more costly
and disruptive.
4.3.2 Risk management
Significant costs can be associated with the conversion and migration of digital records. As a result, an
organization shall decide whether to convert or migrate some, all, or no records, based upon its level of
acceptable risk. Records shall be analysed to determine their importance to the organization and the risk
associated with their potential loss or corruption. Part of the organization’s records management program
should be to conduct an evaluation of records for retention purposes and assess the risks associated with
them. Normally, the organization’s records retention policies document these decisions.
An organization’s records management practices are based on operational and other needs and perceptions
of risks. Operational needs (e.g. fulfilling regulatory requirements, product development, providing access or
documenting financial transactions) determine the strategies and levels of effort an organization undertakes
to ensure the trustworthiness of a record. Risk assessment and risk mitigation, along with other techniques,
are used to establish both management controls for and documentation requirements of activities. These
risk assessments can also be used to establish records management controls. Risk assessments shall be
conducted to establish appropriate levels of management controls prior to undertaking new initiatives.
From a records management perspective, two main risks are assessed when considering digital records:
1) challenges to the trustworthiness of the records (e.g. legal challenges) that can be expected over the
life of the records;
2) loss, including loss of access to or unauthorized destruction of records.
Consequences are measured by the degree of loss that the organization or its customers would suffer if
the trustworthiness of the records could not be verified or in the event of unauthorized loss or unauthorized
destruction of records.
4.3.3 When to convert or migrate
Conversion or migration of records shall be performed before the technology and media (e.g. magnetic disks
such as floppy disks, magnetic tape, and optical disks such as CDs and DVDs) upon which they depend
become obsolete. Depending on factors such as volume and access requirements, it may be desirable to
convert or migrate the records as soon as the target or end environment is known. If the perceived value of
and/or risk to the records are sufficiently low, organizations might choose to wait until some other driver (e.g.
software upgrade, system replacement, acquisition or merger) triggers the justification to convert or migrate.
4.3.4 Conversion and migration activities
In the digital environment, conversion and migration of an organization’s records will be a routine activity, and
therefore the organization should have a program, plans, and directives as necessary to ensure this activity is
conducted in accordance with standards and business practices. Document obligations and interdependencies
related to records preservation shall be acknowledged as early as possible in the analysis and requirements
definition phase of both business process planning and technology investment planning.
When deciding whether internal or external resources, or a combination, will execute the conversion and
migration activities (project-based), the following factors shall be taken into account.
— Skill sets: whether the organization has staff with the experience and knowledge to perform conversion
and migration activities.
— Availability of human and technical resources: whether staff members with the appropriate skill sets are
available during the project timeframe.
— Equipment: whether the organization has the right environment and tools to perform conversion and
migration activities.
— Cost and timeline: whether the organization has the resources (budget and time) to perform conversion
and migration activities.
— Capability to perform quality assurance/quality control: whether the organization has personnel with the
experience and knowledge to perform quality assurance and quality control activities.
— Data sharing/data stewardship/ownership: which person(s) or business unit(s) in the organization will lead
the conversion and migration activities.
— Validation: whether the organization has staff with the experience and knowledge needed to validate
conversion and migration activities.
— Business cycles: which person(s) or business unit(s) in the organization will decide when conversion and
migration activities shall occur.
4.4 Establishing a conversion and migration program
4.4.1 General
Organizations that maintain digital records for such periods that necessitate regular and ongoing conversion
or migration shall establish a conversion and migration program before carrying out major digital records
conversions or migrations.
This implies that the requirement to convert or migrate the digital components making up the organization’s
records is recognized, and a governance structure with direct or delegated executive authority is in place. The
corporate policies of the organization shall authorize the establishment of a conversion and migration program.
The conversion and migration program governance structure authorizes when and how conversions and
migrations occur and who is to carry them out. Normally, records professionals are responsible for authorizing
the conversion and migration process with assistance from IT, the owner(s) of the business and the legal staff.
The conversion and migration program governance structure also authorizes whatever audit process is to be
implemented and identifies who is responsible for performing it.
6 © ISO 2012 – All rights reserved

Setting out the authorization and business area(s) responsible is essential to establishing conversion and
migration as a normal and routine business activity for an organization.
To minimize risk in larger organizations, the conversion and migration program shall include authorization for:
— a limited number of events that trigger conversion or migration;
— the types of conversions and migrations to be done, and their intervals;
— the method of recording (and certifying if necessary) that the above activities are carried out as required.
The organization’s policy or procedures document shall list these authorizations.
4.4.2 Development of procedures manuals
The process of converting and migrating digital records interferes significantly with the records’ existence,
creating risks to their authenticity, integrity, reliability and usability. To mitigate these risks, it is important to
control the process by applying approved and documented procedures.
The approach to the development of a conversion and migration procedures manual is at the discretion of the
individual organization. There could be separate manuals that address each type of conversion and migration,
or a single manual with appropriate subsections for each type. At a minimum, the conversion and migration
procedures manual shall address all phases of the conversion and migration process. Conversion and migration
may be executed at the same time.
The manual shall also describe the procedures for disposition of source records or media; the unconverted
records/media shall be removed from the active environment and maintained according to established
disposition provisions, which shall always be documented. If additional types of conversions or migrations are
encountered, specific manuals shall be developed for them.
All revisions to procedures should be documented in the manual with appropriate authorizations. Ad hoc manual
entries should be avoided as they can destroy the credibility of the program in the event of an investigation or
regulatory inquiry in which the method of conversion or migration underpins the establishment of the integrity
of digital records as evidence.
Conversion and migration procedures manuals shall address all phases of the process as follows.
— Planning: the procedural steps, methods, people and other resources needed to execute a successful
conversion/migration of the target digital records.
— Testing: the tests needed to verify that the planned procedures and methods will yield a successful
conversion/migration of the records.
— Conversion and/or migration: the procedural steps to be performed in carrying out actual conversion
and/or migration of the target digital records.
— Validation: the procedural steps and methods to be used to verify that the target digital records have been
successfully converted or migrated. This will enable third parties to be certain that the authenticity of the
records has been maintained through the use of a documented procedure to record the conversion or
migration process. Quality assurance procedures shall enumerate the steps needed to ensure a controlled
and secure conversion and migration process. Lastly, the content and format of error reports shall be
generated once the conversion or migration is complete.
— Sign-off: the authorizations needed to verify that the conversion and migration process has been
successfully performed in compliance with approved policy and procedures.
— Documentation: detailed records of the conversion and migration process during and after each conversion
and migration project.
Clause 7 outlines additional details of the procedures that constitute each phase of the conversion and
migration process.
5 Recordkeeping requirements
5.1 General
This clause includes those issues associated with the management of the records to be converted and migrated
so that complete, accurate, reliable and authentic records can be produced once the conversion and migration
process has been completed.
5.2 Conversion and migration requirements
The following activities shall be completed for a successful digital conversion or migration process, to ensure
that recordkeeping requirements outlined in this clause can be met.
— Perform all conversion and migration process testing on a sample copy of the records. In case problems
arise, do not undertake any irreversible activities. When performing conversion or migration activities,
make sure the originating file is not deleted until the result is verified, and any jurisdictional legislative and
policy requirements are met.
— Establish a methodology for comparing the content, context and structure of the converted/migrated
records with those of the source records so that problems can be identified, corrected and validated. The
source records may be disposed of once the validation is complete and all problems are fixed, and such
decisions are documented and validated. In addition, ensure that all jurisdictional legislative and policy
requirements are met before any source records are destroyed.
— Document all conversion and migration activities to ensure that the organization continues to possess
complete, accessible and authentic records throughout their full retention period. This documentation
shall demonstrate that all records, including those created while the conversion/migration activities were
in progress, have been converted/migrated.
— Ensure that processes applied to the new format will yield consistent results compared to the same or
similar processes applied in the originating format.
— It is possible that some of the digital information may be lost or corrupted prior to the conversion or
migration. If this happens, document the damage. A conversion and migration plan should aim to reduce
the risk of further degradation of the content, context and structure of the records to an absolute minimum.
— Consider physical and logical security when conversion or migration is undertaken. Physical security
means access control to IT suites; logical security means access control to the platform in which the
conversion or migration is being undertaken. The conversion and migration process shall not affect
existing access rights to the data.
— Define what metadata and data are needed to retain the ability to reproduce a complete and authentic
record so that this data can be protected during the conversion or migration.
— Define what metadata are needed in order to identify and use the record so that the record can be searched
for and accessed after the conversion or migration.
— Document any attributes of the record that should not be converted to the new format, or migrated to the
new system, and state the reason.
— The conversion or migration of digital records from one technology environment to another can alter the
content, context or structure of the records. If this occurs, the organization might risk non-compliance with
recordkeeping requirements through loss of the records’ reliability and authenticity. An effective digital
conversion and migration plan can be used to identify all of the characteristics of the records that shall be
preserved after the records have been converted or migrated.
— Consult a records retention and disposition schedule prior to initiating a digital conversion or migration
project in order to ensure that resources are not wasted on converting or migrating digital records that are
to be destroyed.
8 © ISO 2012 – All rights reserved

— Identify records that are relational or linked and establish whether existing relationships or links could
be compromised by the conversion or migration. Establish safeguards to protect these links during the
conversion or migration.
— Determine whether the appearance of the record contributes to its meaning as a digital record (considering
such things as formatting, colours, fonts, etc.). If appearance is integral to the meaning, the plan shall
address how to maintain it. Once conversion or migration is complete, document any changes to the
appearance of the record.
— Digital records (e.g. text documents, e-mail messages, databases, spreadsheets, web pages) are created
using the technology (hardware and software) that is available at the time of their creation. The targeted
format of the records shall be defined, and conversion or migration shall occur as quickly as possible
before the current format of the digital information becomes obsolete so that new technology can be used
for the conversion or migration procedures.
— Recordkeeping process metadata are essential to prove authenticity and reliability (see 5.3). A formal
evaluation of the extent of the process metadata is required prior to deciding whether some or all of this
metadata should be converted or migrated.
5.3 Conversion/migration process metadata
See ISO 23081-2, which specifies metadata requirements for managing records. Metadata documenting the
conversion and/or migration process provide the information that allows one to demonstrate that a record,
having gone through the conversion or migration process, continues to be authentic and reliable. Therefore,
the creation, maintenance and preservation of this information is extremely important.
For the purposes of documenting the processes of conversion and migration, the event history metadata are
crucial. During conversion/migration, the existing event history metadata shall be migrated with the record in
order to ensure the ability to make assertions on the authenticity of the record. Every conversion or migration
process shall create event history metadata for every individual record converted or migrated.
Relationships documented in metadata shall be maintained during conversion/migration. Relationships of
particular concern may be:
— internal relationships, i.e. within the document, such as a document containing a linked spreadsheet or images;
— functional relationships, for example between records documenting related aspects of the business;
— aggregational relationships, for example documents aggregated to files/folders;
— structural relationships, for example between records and creating agents, or business;
— systematic relationships between records and control tools, such as business classification schemes,
disposition authorities, access and security controls, and mandates (these control tools contain contextual
information which informs the meaning of the record).
Conversion and migration processes shall ensure that the metadata about the records continues to be
persistently linked to the converted or migrated record.
5.4 Recordkeeping process metadata implementation issues
As noted above, recordkeeping process metadata about the conversion and migration actions provide the
information that allows one to demonstrate that a record, having gone through the conversion or migration
process, continues to be authentic and reliable. Therefore, the creation, maintenance and preservation of this
information are extremely important.
As records may go through multiple conversions, each conversion or migration shall create its own accompanying
volume of event history. In this scenario, the metadata linked to the records will exponentially increase to
document each conversion and/or migration the records undergo. The authenticity, reliability, integrity and
usability of the records depend on the validity of each successive set of event history metadata.
Sometimes the value of the metadata elements within a record changes as a result of the conversion or
migration process. If this occurs, every change in the metadata value shall be recorded in the event history
metadata accompanying the record, in order to ensure that the records can be understood.
Compound documents and relationships between records also present issues at the time of conversion and/or
migration. Assuming the related record is needed for the authenticity and reliability of a record, it is best to
preserve the related record as an independent record within the recordkeeping system itself. In other words,
bring the information into the system one controls rather than relying on maintaining a link to information
outside the system. The related record shall have its own set of metadata that also documents the history of
actions taken on that record.
6 Conversion and migration planning
6.1 General
This clause addresses the technology planning for the conversion and migration process. It is not intended
to provide a comprehensive guide to technology planning and acquisition, but rather it identifies those key
infrastructure issues and technology elements that ensure a successful conversion/migration project.
For the purpose of using generic terms, the description of the project refers to two systems:
a) the existing records system, on which the records are currently kept;
b) the new system, which may be:
— in the case of conversion of format, the existing system in which specific capabilities for handling a
different records format are either activated or added;
— in the case of migration to another storage solution, the existing system in which new storage devices
are either activated or added;
— in the case of migration from one records system to another, a completely different records system.
Technology planning involves assessment of current technological capabilities as well as specification
development for new hardware and software that may be needed to successfully manage the conversion/migration
process and operate the new system. New hardware and software may be needed for handling a different
records format in the existing system, managing different storage devices, or migrating the records from one
records system to another. In addition, technology planning shall address the organization’s infrastructure and
the sustainability of that infrastructure to support file formats, access and integrity.
If organizations do not already have technology development tools in place, records professionals and
others assigned the responsibility of technology planning may find it helpful to develop planning templates, a
methodology for identifying requirements and linking resources, and a traceability matrix. Individuals conducting
the planning process shall also consider any organizational business operation rules that may apply.
6.2 Business requirements
An understanding of the requirements given in this subclause will be crucial for the specification development
process and for ensuring that the technology planning process meets existing organizational policies and
procedures for such activities.
— Identify and define the business needs and benefits of the anticipated conversion/migration project.
— Identify the legal and regulatory requirements.
— Ensure that all stakeholders, including users of the records system, have been contacted and sufficiently
involved in the project.
— Ensure that all personnel with assigned duties in the conversion/migration project are given their tasks and
their participation is secured and documented.
10 © ISO 2012 – All rights reserved

— Comply with non-technical requirements for hardware/software acquisition within the organization, i.e.
project management objectives and timelines, price and contractual issues, purchasing procedures (e.g.
request for proposal, bid development). These requirements may vary with the type of organization.
— Ensure that, if the conversion or migration process is carried out by an outside vendor, all business needs
of the organization, technology compatibility issues, customization needs, testing, validation, training and
provision of other services are thor
...