iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/FDIS 18759

(Main)

Document management — Trusted storage sub-system (TSS) functional and technical requirements

Document management — Trusted storage sub-system (TSS) functional and technical requirements

Gestion des documents — Exigences fonctionnelles et techniques du sous-système de stockage fiable (TSS)

General Information

Status
Withdrawn
ICS
37.080 - Document imaging applications
Technical Committee
ISO/TC 171/SC 2 - Document file formats, EDMS systems and authenticity of information
Drafting Committee
ISO/TC 171/SC 2/WG 11 - EDMS Guidelines
Current Stage
5098 - Project deleted
Completion Date
17-Dec-2019
Ref Project

Buy Standard

ISO/FDIS 18759 - Document management — Trusted storage sub-system (TSS) functional and technical requirements Released:7/27/2018ISO/FDIS 18759 - Document management — Trusted storage sub-system (TSS) functional and technical requirements Released:7/27/2018
PreviousNext
Draft
ISO/FDIS 18759 - Document management — Trusted storage sub-system (TSS) functional and technical requirements Released:7/27/2018
English language
22 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


DRAFT INTERNATIONAL STANDARD
ISO/DIS 18759
ISO/TC 171/SC 2 Secretariat: ANSI
Voting begins on: Voting terminates on:
2018-09-25 2018-12-18
Document management — Trusted Storage Sub-System
(TSS) functional and technical requirements
Gestion des documents — Exigences fonctionnelles et techniques du sous-système de stockage fiable (TSS)
ICS: 37.080
THIS DOCUMENT IS A DRAFT CIRCULATED
FOR COMMENT AND APPROVAL. IT IS
THEREFORE SUBJECT TO CHANGE AND MAY
NOT BE REFERRED TO AS AN INTERNATIONAL
STANDARD UNTIL PUBLISHED AS SUCH.
IN ADDITION TO THEIR EVALUATION AS
BEING ACCEPTABLE FOR INDUSTRIAL,
This document is circulated as received from the committee secretariat.
TECHNOLOGICAL, COMMERCIAL AND
USER PURPOSES, DRAFT INTERNATIONAL
STANDARDS MAY ON OCCASION HAVE TO
BE CONSIDERED IN THE LIGHT OF THEIR
POTENTIAL TO BECOME STANDARDS TO
WHICH REFERENCE MAY BE MADE IN
Reference number
NATIONAL REGULATIONS.
ISO/DIS 18759:2018(E)
RECIPIENTS OF THIS DRAFT ARE INVITED
TO SUBMIT, WITH THEIR COMMENTS,
NOTIFICATION OF ANY RELEVANT PATENT
RIGHTS OF WHICH THEY ARE AWARE AND TO
©
PROVIDE SUPPORTING DOCUMENTATION. ISO 2018

ISO/DIS 18759:2018(E)
© ISO 2018
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2018 – All rights reserved

ISO/DIS 18759:2018(E)
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Retention requirements for trusted storage environments . 2
4.1 Overview . 2
4.2 Electronically Stored Information (ESI) . 2
4.3 Retained ESI . 2
4.4 Legal Hold of retained ESI . 3
4.5 Enforcement of litigation holds . 3
4.6 Retained ESI retention management . 3
4.7 ESI retention management states . 4
4.7.1 Overview . 4
4.7.2 ESI permanent retention state . 4
4.7.3 ESI fixed retention state. 4
4.7.4 ESI hybrid retention state (Minimum retention and overall retention) . 5
4.8 TSS retention enforcement . 6
4.9 TSS retention policies . 7
4.9.1 Overview . 7
4.9.2 TSS-defined retention policy . 7
4.9.3 Application-defined retention policy . 7
4.9.4 Application-defined retention policy class . 8
5 TSS operational states. 9
5.1 Overview . 9
5.2 Autonomous storage state . 9
5.3 WORM Storage State .10
5.4 Integrated state .10
5.5 Application State .10
6 General Trusted Storage Sub-System requirements .11
6.1 Storage security .11
6.2 ESI encryption .11
6.3 Secure delete and erasure .12
6.4 Redundancy .12
6.5 Retained ESI integrity checks by one or more cryptographic hash values or checksum.12
6.6 Application and ESI security .12
6.7 Storage migration and upgrades .12
6.8 Auditability .13
6.8.1 Overview .13
6.8.2 Trusted Storage Sub-System audit capabilities .13
6.8.3 Trusted Storage Sub-System audit trail .13
7 Technical methods for trusted storage environments .13
7.1 Overview .13
7.2 Trusted Storage Sub-System operational policies .14
7.3 Security .14
7.3.1 Management and organization of security .14
7.3.2 Risk assessment . .14
7.3.3 Physical security .14
7.3.4 Hardware security .14
7.3.5 Security of custom software and software products .15
7.3.6 Maintenance of the TSS .15
7.3.7 System change-management and migration of media .15
ISO/DIS 18759:2018(E)
7.3.8 Security backups .15
7.3.9 Business Continuity Plan to demonstrate of access to stored ESI .15
7.3.10 Date and time stamping .15
7.4 Audit trail .15
7.4.1 General.15
7.4.2 Secure preservation of the audit trail .15
7.4.3 TSS lifecycle log .16
7.4.4 Events log .16
7.5 Hash values or Checksums .16
7.6 Ransomware protection .16
7.7 Error correction .16
7.8 Monitoring, notifications and alerts .16
7.9 Encryption .17
7.10 Permissions .17
7.11 Integrity of storage devices and media .17
8 Compliance requirements and mitigating technical methods .18
8.1 Migration of information between media .18
8.2 Technical obsolescence .18
8.3 Discovery requests .18
8.4 “Rig
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/TS 18759:2022(Main)
Document management — Trustworthy storage system (TSS) — Functional and technical requirements

This document specifies the functional, technology-neutral requirements for trustworthy storage systems (TSS) that ensure storing and managing electronically stored information (ESI) in a protected and secure fashion during the lifecycle of the information. The TSS as specified in this document is storage technology neutral and accordingly does not specify any specific storage media types or configurations. This document is applicable to all information systems in which users and applications must manage the protection, preservation and security of stored ESI throughout its entire lifecycle to meet organizational and regulatory requirements to enforce: — immutability, authenticity and trustworthiness of the stored ESI; — protection of application managed ESI and other stored ESI against tampering, malicious acts and ransomware; — organizational ESI preservation and retention policies; — protection for unstructured and unmanaged data.

  • Technical specification
    32 pages
    English language
    sale 15% off
ISO
ISO/TR 22957:2018(Main)
Document management — Analysis, selection and implementation of enterprise content management (ECM) systems

This document gives guidelines for a set of procedures and activities to be considered and/or performed by organizations when planning, designing and implementing various enterprise content management (ECM) technologies. The aspects or project phases range from initial business analysis through to vendor/integrator selection and technology implementation. The implementation of processes to manage electronically stored information (ESI) requires significant participation from the affected business units, if the content is stored and managed when created/received and controlled through the information life cycle following organizational policies and/or records retention and control policies are applied. As these efforts require multiple people with different disciplines, including technical teams, records managers and organizational management, this document has been prepared taking those perspectives into account. This document is applicable to both in-house and outsourced systems, including cloud solutions. It can also be useful when dealing with specialized business systems. The term "enterprise content management (ECM)" (or "document management") used throughout this document is intended as an all-encompassing term referring to capture technologies [scanning, indexing, optical character recognition (OCR), forms, digital creation, etc.], management technologies (document services, workflow and other work management tools), and storage [primarily non-alterable or write once read many (WORM) technologies]. This document provides information to users related to the technical reports, guidelines and standards that have been developed for technologies commonly available in ECM systems. This document is not intended to be an all-inclusive paper on electronic document or content management and does not attempt to influence any single technology or provide legal guidance or legal opinions. While there are storage technologies other than optical/magnetic currently available (i.e. microfilm, microfiche and hybrid storage systems) that are not included in this document, those technologies can be reviewed if determined to be appropriate by the end-user organization.

  • Technical report
    60 pages
    English language
    sale 15% off
  • Technical report
    60 pages
    English language
    sale 15% off
ISO
ISO 22938:2017(Main)
Document management — Electronic content/document management (CDM) data interchange format

ISO 22938:2017 defines the interchange format for content/document management (CDM) data and all associated resources.

  • Standard
    13 pages
    English language
    sale 15% off
ISO
ISO 18565:2015(Main)
Document management — AFP/Archive

ISO 18565:2015 specifies the AFP document architecture by defining a subset appropriate for long-term preservation and retrieval. This subset will avoid ambiguity by assuring page independence and eliminating the use of resolution dependent fonts and images, device default fonts and external resources.

  • Standard
    35 pages
    English language
    sale 15% off
ISO
ISO 12029:2010(Main)
Document management — Machine-readable paper forms — Optimal design for user friendliness and electronic document management systems (EDMS)

ISO 12029:2010 specifies requirements concerning the design of forms for user friendliness, with optimal machine readability for processing by electronic document management systems (EDMS). These requirements are limited to forms using roman characters.

  • Standard
    17 pages
    English language
    sale 15% off
ISO
ISO/TR 12033:2009(Main)
Document management — Electronic imaging — Guidance for the selection of document image compression methods

ISO/TR 12033:2009 gives information to enable a user or electronic image management (EIM) integrator to make an informed decision on selecting compression methods for digital images of business documents. It provides technical guidance to analyse the type of documents and which compression methods are most suitable for particular documents in order to optimize their storage and use. For the user, ISO/TR 12033:2009 provides information on image compression methods incorporated in hardware or software in order to help the user during the selection of equipment in which the methods are embedded. For the equipment or software designer, ISO/TR 12033:2009 provides planning information. ISO/TR 12033:2009 is applicable only to still images in bit map mode. It only takes into account compression algorithms based on well-tested mathematical work.

  • Technical report
    15 pages
    English language
    sale 15% off
ISO
ISO 10196:2003(Main)
Document imaging applications — Recommendations for the creation of original documents

ISO 10196:2003 provides guidance on the creation of printed documents so that they may be easily reproduced as microforms or scanned images. Although studies were based more specifically on the Latin alphabet, the general principles may be used as guidelines for the production of documents using other alphabets or ideograms. ISO 10196:2003 does not apply to technical drawings for which requirements are given in ISO 5457 and ISO 6428. It also does not apply to special micrographics or scanning-related applications (scanning of bank cheques or bar codes).

  • Standard
    12 pages
    English language
    sale 15% off
ISO
ISO 4669-1:2023(Main)
Document management — Information classification, marking and handling — Part 1: Requirements

This document specifies requirements for information classification, marking and handling (ICMH). This document also defines how such information can be accessed by users, both inside and outside the organization, who own the information. This document is applicable to, but not limited to, the following: a) organizations of any size that create, store, share or otherwise process information; b) individuals who create, store, share or otherwise process information; c) individuals with responsibilities for document management, information governance and management, information security, data protection, privacy and/or compliance; and d) organizations that create, provide or support tools that enable a) to c). This document addresses information that can be understood by humans and is capable of being shared. Throughout this document such information is referred to as an “information asset” regardless of its media or format. NOTE Information assets can include structured information, unstructured information, text, pictures and audio/video recordings, i.e. anything that contains information, including information that is derived from databases and turned into a tangible asset.

  • Standard
    31 pages
    English language
    sale 15% off
ISO
ISO/TS 18759:2022(Main)
Document management — Trustworthy storage system (TSS) — Functional and technical requirements

This document specifies the functional, technology-neutral requirements for trustworthy storage systems (TSS) that ensure storing and managing electronically stored information (ESI) in a protected and secure fashion during the lifecycle of the information. The TSS as specified in this document is storage technology neutral and accordingly does not specify any specific storage media types or configurations. This document is applicable to all information systems in which users and applications must manage the protection, preservation and security of stored ESI throughout its entire lifecycle to meet organizational and regulatory requirements to enforce: — immutability, authenticity and trustworthiness of the stored ESI; — protection of application managed ESI and other stored ESI against tampering, malicious acts and ransomware; — organizational ESI preservation and retention policies; — protection for unstructured and unmanaged data.

  • Technical specification
    32 pages
    English language
    sale 15% off
ISO
ISO 19475:2021(Main)
Document management — Minimum requirements for the storage of documents

This document specifies the minimum requirements necessary to maintain the authenticity, integrity and readability of documents managed by an electronic document management system. Clarifying the methods and procedures for appropriately handling electronic documents promotes the usability of the documents, in both a legal and business context. This document expresses a general business process as a document handling process. The document handling processes include receiving, processing and delivering the documents as follows: — approving the receipt of a document in a manner that is appropriate for a work process; — storing the formal document in the work process environment; — delivery of the document to another organization. This document establishes the controls for execution of the work processes while maintaining the authenticity and integrity of the document received. This document establishes the policies for the storage of documents used as part of the work process. It also details the controls for performing the receipt and conversion process appropriately.

  • Standard
    15 pages
    English language
    sale 15% off
  • Standard
    15 pages
    English language
    sale 15% off