ISO 24143:2022
(Main)Information and documentation — Information Governance — Concept and principles
Information and documentation — Information Governance — Concept and principles
This document establishes concepts and principles for Information Governance. This document applies to the governance of the organisation's past, current and future information assets. It applies to organisations of all sizes in all sectors, including public and private companies, government entities, and not-for-profit organisations.
Information et documentation — Gouvernance de l’information — Concept et principes
Le présent document établit les concepts et principes relatifs à la gouvernance de l'information. Le présent document s'applique à la gouvernance des actifs informationnels passés, présents et futurs de l'organisme. Il s'applique aux organismes de toutes tailles et de tous les secteurs, y compris les sociétés publiques et privées, les entités gouvernementales, et les organisations à but non lucratif.
Informatika in dokumentacija - Upravljanje informacij - Koncept in načela
Ta dokument določa koncepte in načela upravljanja informacij.
Uporablja se za upravljanje preteklih, sedanjih in prihodnjih informacijskih sredstev organizacije. Uporablja se za organizacije vseh velikosti v vseh sektorjih, vključno z javnimi in zasebnimi podjetji, vladnimi subjekti in neprofitnimi organizacijami.
General Information
Standards Content (Sample)
SLOVENSKI STANDARD
01-januar-2023
Informatika in dokumentacija - Upravljanje informacij - Koncept in načela
Information and documentation -- Information Governance -- Concept and principles
Information et documentation -- Gouvernance de l’information -- Concept et principes
Ta slovenski standard je istoveten z: ISO 24143:2022
ICS:
01.140.20 Informacijske vede Information sciences
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
INTERNATIONAL ISO
STANDARD 24143
First edition
2022-05
Information and documentation —
Information Governance — Concept
and principles
Information et documentation — Gouvernance de l’information —
Concept et principes
Reference number
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
3.1 Terms relating to concept of information . 1
3.2 Terms relating to the concept of Information Governance . 2
4 Benefits of Information Governance .3
4.1 General . 3
4.2 Strategic benefits . . . 3
4.3 Operational benefits . 4
5 Principles of Information Governance . 5
5.1 Recognising information as a corporate, strategic asset. 5
5.2 Designing Information Governance as a key element of corporate strategy . 5
5.3 Integrating Information Governance into the organisation’s governance
frameworks . 5
5.4 Securing senior management’s leadership and commitment . 5
5.5 Building Information Governance in a collaborative way . 6
5.6 Ensuring Information Governance supports legal compliance and any mandatory
requirements . . . 6
5.7 Aligning Information Governance to business objectives . 6
5.8 Ensuring Information Governance supports information security and privacy . 6
5.9 Ensuring Information Governance supports information quality and integrity . 6
5.10 Fostering a collaboration and knowledge sharing culture . 7
5.11 Adopting a risk-based approach . 7
5.12 Ensuring the availability and accessibility of information to authorised stakeholder . 7
5.13 Governing information throughout its information lifecycle . 7
5.14 Supporting corporate culture . 7
5.15 Supporting sustainability . 8
Annex A (informative) Concept diagrams . 9
Bibliography .11
iii
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 46, Information and documentation.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
iv
Introduction
Information is a critical asset that is indispensable to support business processes and therefore, a
foundation for the success of any business activities. Due to numerous existing and emerging forms
and uses of information and information-related risks, organizations often struggle with implementing
consistent and comprehensive systems to store, retrieve, share and analyse information. The current
global digital transformation and the changes in societal expectations increasingly demand greater
transparency, accountability, data protection, security, interoperability and information sharing within
and between organisations. This trend requires a solid vision and strategy for Information Governance
that supports the business process at a strategic level including digital transformation initiatives. Many
governmental and non-governmental organisations worldwide already perceive the necessity and
understand the benefits of coordinating at a strategic level the efforts of multiple information-, data-
and knowledge-related disciplines.
This document defines concepts and principles for Information Governance.
This document provides guiding principles for members of governing bodies of organisations (which
can comprise owners, directors, partners, executive managers, or similar) on the effective, efficient,
compliant, secure, transparent and accountable creation, use, maintenance, preservation and
disposition of information within their organisations.
Information Governance is an integral part of the overall governance of the organisation. It identifies
common high-level principles and provides a framework enabling effective and efficient cooperation of
all the information-related professionals, in support of the mission of an organisation and achievement
of its strategic goals. Stakeholders which are engaged in the collaboration include but are not limited to:
— Data Management
— Information Management
— Records Management
— Knowledge Management
— Regulatory Compliance
— Digital Preservation
— Information Security
— Enterprise Architecture
— Data Protection
— Open Data
— Big Data
— Artificial Intelligence (AI)
— Blockchain
— Business Processes
— Quality Management.
Information Governance requires coherence and integration with relevant Management System
Standards (MSS), such as ISO 9000, ISO/IEC 27000 and the ISO 30300 series.
Information Governance is a strategic framework for managing information assets across an entire
organisation to support its business outcomes and obtain assurance that the risks to its information,
and thereby the operational capabilities and integrity of the organisation, are adequately identified
v
and managed. Information Governance includes but is not limited to policies, processes, procedures,
roles and controls put in place to meet regulatory, legal, risk and operational requirements. Information
Governance provides an overarching high-level framework that:
— aligns all information-related activities with the mission and goals of an organisation, and its
business, legal and societal obligations,
— ensures a comprehensive and systematic approach to information by integrating processes relevant
to directing and controlling information,
— supports cooperation between stakeholders, and
— creates a high-level basis for managing information regardless its form, type and format, informs
education, professional development of the workforce and awareness about information-related
obligations, risks and possibilities.
vi
INTERNATIONAL STANDARD ISO 24143:2022(E)
Information and documentation — Information
Governance — Concept and principles
1 Scope
This document establishes concepts and principles for Information Governance.
This document applies to the governance of the organisation's past, current and future information
assets. It applies to organisations of all sizes in all sectors, including public and private companies,
government entities, and not-for-profit organisations.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1 Terms relating to concept of information
3.1.1
authentic (preferred term)
authenticity (admitted term)
property of information (3.1.3) that can be proven to be what it purports to be
Note 1 to entry: Authenticity implies that information has been created or sent by the agent purported to have
created or sent it, and to have been created or sent when purported.
Note 2 to entry: When information can be proven to be what it purports to be it, it can be called authentic
information.
Note 3 to entry: See Figure A.1 in Annex A.
[SOURCE: ISO 30300:2020, 3.2.2, modified — “records” has been replaced by "information". “Authentic”
has been replaced by “authenticity”. A new Note 2 to entry has been added.]
3.1.2
data
set of characters or symbols to which meaning is or could be assigned
Note 1 to entry: See Figure A
...
INTERNATIONAL ISO
STANDARD 24143
First edition
2022-05
Information and documentation —
Information Governance — Concept
and principles
Information et documentation — Gouvernance de l’information —
Concept et principes
Reference number
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
3.1 Terms relating to concept of information . 1
3.2 Terms relating to the concept of Information Governance . 2
4 Benefits of Information Governance .3
4.1 General . 3
4.2 Strategic benefits . . . 3
4.3 Operational benefits . 4
5 Principles of Information Governance . 5
5.1 Recognising information as a corporate, strategic asset. 5
5.2 Designing Information Governance as a key element of corporate strategy . 5
5.3 Integrating Information Governance into the organisation’s governance
frameworks . 5
5.4 Securing senior management’s leadership and commitment . 5
5.5 Building Information Governance in a collaborative way . 6
5.6 Ensuring Information Governance supports legal compliance and any mandatory
requirements . . . 6
5.7 Aligning Information Governance to business objectives . 6
5.8 Ensuring Information Governance supports information security and privacy . 6
5.9 Ensuring Information Governance supports information quality and integrity . 6
5.10 Fostering a collaboration and knowledge sharing culture . 7
5.11 Adopting a risk-based approach . 7
5.12 Ensuring the availability and accessibility of information to authorised stakeholder . 7
5.13 Governing information throughout its information lifecycle . 7
5.14 Supporting corporate culture . 7
5.15 Supporting sustainability . 8
Annex A (informative) Concept diagrams . 9
Bibliography .11
iii
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 46, Information and documentation.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
iv
Introduction
Information is a critical asset that is indispensable to support business processes and therefore, a
foundation for the success of any business activities. Due to numerous existing and emerging forms
and uses of information and information-related risks, organizations often struggle with implementing
consistent and comprehensive systems to store, retrieve, share and analyse information. The current
global digital transformation and the changes in societal expectations increasingly demand greater
transparency, accountability, data protection, security, interoperability and information sharing within
and between organisations. This trend requires a solid vision and strategy for Information Governance
that supports the business process at a strategic level including digital transformation initiatives. Many
governmental and non-governmental organisations worldwide already perceive the necessity and
understand the benefits of coordinating at a strategic level the efforts of multiple information-, data-
and knowledge-related disciplines.
This document defines concepts and principles for Information Governance.
This document provides guiding principles for members of governing bodies of organisations (which
can comprise owners, directors, partners, executive managers, or similar) on the effective, efficient,
compliant, secure, transparent and accountable creation, use, maintenance, preservation and
disposition of information within their organisations.
Information Governance is an integral part of the overall governance of the organisation. It identifies
common high-level principles and provides a framework enabling effective and efficient cooperation of
all the information-related professionals, in support of the mission of an organisation and achievement
of its strategic goals. Stakeholders which are engaged in the collaboration include but are not limited to:
— Data Management
— Information Management
— Records Management
— Knowledge Management
— Regulatory Compliance
— Digital Preservation
— Information Security
— Enterprise Architecture
— Data Protection
— Open Data
— Big Data
— Artificial Intelligence (AI)
— Blockchain
— Business Processes
— Quality Management.
Information Governance requires coherence and integration with relevant Management System
Standards (MSS), such as ISO 9000, ISO/IEC 27000 and the ISO 30300 series.
Information Governance is a strategic framework for managing information assets across an entire
organisation to support its business outcomes and obtain assurance that the risks to its information,
and thereby the operational capabilities and integrity of the organisation, are adequately identified
v
and managed. Information Governance includes but is not limited to policies, processes, procedures,
roles and controls put in place to meet regulatory, legal, risk and operational requirements. Information
Governance provides an overarching high-level framework that:
— aligns all information-related activities with the mission and goals of an organisation, and its
business, legal and societal obligations,
— ensures a comprehensive and systematic approach to information by integrating processes relevant
to directing and controlling information,
— supports cooperation between stakeholders, and
— creates a high-level basis for managing information regardless its form, type and format, informs
education, professional development of the workforce and awareness about information-related
obligations, risks and possibilities.
vi
INTERNATIONAL STANDARD ISO 24143:2022(E)
Information and documentation — Information
Governance — Concept and principles
1 Scope
This document establishes concepts and principles for Information Governance.
This document applies to the governance of the organisation's past, current and future information
assets. It applies to organisations of all sizes in all sectors, including public and private companies,
government entities, and not-for-profit organisations.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1 Terms relating to concept of information
3.1.1
authentic (preferred term)
authenticity (admitted term)
property of information (3.1.3) that can be proven to be what it purports to be
Note 1 to entry: Authenticity implies that information has been created or sent by the agent purported to have
created or sent it, and to have been created or sent when purported.
Note 2 to entry: When information can be proven to be what it purports to be it, it can be called authentic
information.
Note 3 to entry: See Figure A.1 in Annex A.
[SOURCE: ISO 30300:2020, 3.2.2, modified — “records” has been replaced by "information". “Authentic”
has been replaced by “authenticity”. A new Note 2 to entry has been added.]
3.1.2
data
set of characters or symbols to which meaning is or could be assigned
Note 1 to entry: See Figure A.1 in Annex A.
[SOURCE: ISO 30300: 2020, 3.2.4]
3.1.3
information
data (3.1.2) in context with a particular meaning
Note 1 to entry: See Figure A.1 in Annex A.
[SOURCE: ISO 30300:2020, 3.2.7]
3.1.4
information asset
information (3.1.3) that has value to the relevant stakeholder
Note 1 to entry: See Figure A.1 in Annex A.
[SOURCE: ISO/TS 17573-2:2020, 3.95, modified — “information” is taken place of “knowledge and data”.]
3.1.5
integrity
property of information that is complete and unaltered
Note 1 to entry: See Figure A.1 in Annex A.
[SOURCE: ISO 30300:2020, 3.2.8, modified — “records” has been replaced by "information".]
3.2 Terms relating to the concept of Information Governance
3.2.1
complia
...
NORME ISO
INTERNATIONALE 24143
Première édition
2022-05
Information et documentation —
Gouvernance de l’information —
Concept et principes
Information and documentation — Information Governance —
Concept and principles
Numéro de référence
DOCUMENT PROTÉGÉ PAR COPYRIGHT
© ISO 2022
Tous droits réservés. Sauf prescription différente ou nécessité dans le contexte de sa mise en œuvre, aucune partie de cette
publication ne peut être reproduite ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique,
y compris la photocopie, ou la diffusion sur l’internet ou sur un intranet, sans autorisation écrite préalable. Une autorisation peut
être demandée à l’ISO à l’adresse ci-après ou au comité membre de l’ISO dans le pays du demandeur.
ISO copyright office
Case postale 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Genève
Tél.: +41 22 749 01 11
E-mail: copyright@iso.org
Web: www.iso.org
Publié en Suisse
ii
Sommaire Page
Avant-propos .iv
Introduction .v
1 Domaine d'application .1
2 Références normatives .1
3 Termes et définitions . 1
3.1 Termes relatifs au concept d'information. 1
3.2 Termes relatifs au concept de gouvernance de l'information . 2
4 Avantages de la gouvernance de l'information . 3
4.1 Généralités . 3
4.2 Avantages stratégiques . 4
4.3 Avantages opérationnels . 4
5 Principes de gouvernance de l'information . 5
5.1 Reconnaître l'information comme un actif stratégique pour l'organisme. 5
5.2 Concevoir la gouvernance de l'information comme un élément clé de la stratégie
de l'organisme . 5
5.3 Intégrer la gouvernance de l'information aux cadres de gouvernance de l'organisme . 5
5.4 Garantir le leadership et l'engagement de l'équipe de direction . 6
5.5 Construire collectivement la gouvernance de l'information . 6
5.6 Garantir la conformité juridique et le respect des exigences obligatoires . 6
5.7 Aligner la gouvernance de l'information avec les objectifs de l'organisme . 6
5.8 Garantir la sécurité et la confidentialité de l'information . 7
5.9 Garantir la qualité et l'intégrité de l'information . 7
5.10 Promouvoir la collaboration et la culture du partage des connaissances . 7
5.11 Adopter une approche basée sur les risques . 7
5.12 Garantir la disponibilité et l'accessibilité de l'information aux parties prenantes
autorisées . 7
5.13 Gouverner l'information tout au long de son cycle de vie . 8
5.14 Soutenir la culture de l'organisme . 8
5.15 Soutenir le développement durable . 8
Annexe A (informative) Schémas conceptuels . 9
Bibliographie .11
iii
Avant-propos
L'ISO (Organisation internationale de normalisation) est une fédération mondiale d'organismes
nationaux de normalisation (comités membres de l'ISO). L'élaboration des Normes internationales est
en général confiée aux comités techniques de l'ISO. Chaque comité membre intéressé par une étude
a le droit de faire partie du comité technique créé à cet effet. Les organisations internationales,
gouvernementales et non gouvernementales, en liaison avec l'ISO participent également aux travaux.
L'ISO collabore étroitement avec la Commission électrotechnique internationale (IEC) en ce qui
concerne la normalisation électrotechnique.
Les procédures utilisées pour élaborer le présent document et celles destinées à sa mise à jour sont
décrites dans les Directives ISO/IEC, Partie 1. Il convient, en particulier, de prendre note des différents
critères d'approbation requis pour les différents types de documents ISO. Le présent document a
été rédigé conformément aux règles de rédaction données dans les Directives ISO/IEC, Partie 2 (voir
www.iso.org/directives).
L'attention est attirée sur le fait que certains des éléments du présent document peuvent faire l'objet de
droits de propriété intellectuelle ou de droits analogues. L'ISO ne saurait être tenue pour responsable
de ne pas avoir identifié de tels droits de propriété et averti de leur existence. Les détails concernant
les références aux droits de propriété intellectuelle ou autres droits analogues identifiés lors de
l'élaboration du document sont indiqués dans l'Introduction et/ou dans la liste des déclarations de
brevets reçues par l'ISO (voir www.iso.org/brevets).
Les appellations commerciales éventuellement mentionnées dans le présent document sont données
pour information, par souci de commodité, à l’intention des utilisateurs et ne sauraient constituer un
engagement.
Pour une explication de la nature volontaire des normes, la signification des termes et expressions
spécifiques de l'ISO liés à l'évaluation de la conformité, ou pour toute information au sujet de l'adhésion
de l'ISO aux principes de l’Organisation mondiale du commerce (OMC) concernant les obstacles
techniques au commerce (OTC), voir www.iso.org/avant-propos.
Le présent document a été élaboré par le comité technique ISO/TC 46, Information et documentation.
Il convient que l’utilisateur adresse tout retour d’information ou toute question concernant le présent
document à l’organisme national de normalisation de son pays. Une liste exhaustive desdits organismes
se trouve à l’adresse www.iso.org/fr/members.html.
iv
Introduction
L'information est un actif critique indispensable à la conduite des processus métier et par conséquent
un élément fondamental de la réussite de toute activité métier, quelle qu'elle soit. Or, les organismes
rencontrent souvent des difficultés dans la mise en œuvre de systèmes cohérents et complets de stockage,
de recherche, de partage et d'analyse de l'information, en raison de l'existence et de l'émergence d'une
grande variété de formes et d'usages de l'information, et de risques liés à la gestion de l'information. La
transformation numérique actuelle (qui est un phénomène mondial), ainsi que l'évolution générale des
sociétés, suscitent une demande accrue de transparence, de responsabilité, de protection des données,
de sécurité, d'interopérabilité et de partage de l'information au sein des organismes et entre eux. Cette
tendance requiert une vision et une stratégie solides en matière de gouvernance de l'information,
en soutien aux processus métier à un niveau stratégique, y compris en ce qui concerne les projets de
transformation numérique. De nombreuses organisations gouvernementales et non gouvernementales,
partout dans le monde, perçoivent déjà la nécessité – et comprennent les avantages – d'une coordination
stratégique des nombreuses disciplines relatives aux informations, données et connaissances.
Le présent document définit les concepts et principes relatifs à la gouvernance de l'information.
Le présent document fournit des principes directeurs destinés aux membres des instances dirigeantes
des organismes (il peut s'agir d'actionnaires, de dirigeants, de partenaires, de cadres dirigeants ou
autres) pour créer, utiliser, tenir à jour et conserver l'information de leur organisme et lui appliquer le
sort final approprié, de manière effective, efficace, conforme, sécurisée, transparente et responsable.
La gouvernance de l'information fait partie intégrante de la gouvernance globale d'un organisme.
Elle identifie des principes communs de haut niveau et fournit un cadre permettant une coopération
effective et efficace de tous les professionnels de l'information, en vue de soutenir la mission de
l'organisme et d'atteindre ses objectifs stratégiques. Cette collaboration s'effectue dans les domaines
suivants, entre autres :
— Gestion des données ;
— Gestion de l'information ;
— Gestion des documents d'activité (quasi-synonyme : Gestion des données et documents) ;
— Gestion des connaissances ;
— Conformité réglementaire ;
— Conservation numérique (quasi-synonyme : Archivage électronique) ;
— Sécurité de l'information ;
— Architecture d'entreprise ;
— Protection des données ;
— Données ouvertes ;
— « Big Data » ;
— Intelligence artificielle (IA) ;
— Blockchain ;
— Processus métier ;
— Management de la qualité.
La gouvernance de l'information requiert cohérence et intégration avec les normes de systèmes de
management pertinentes, telles que les séries ISO 9000, ISO/IEC 27000 et ISO 30300.
v
La gouvernance de l'information est un cadre stratégique pour la gestion transverse des actifs
informationnels de l'ensemble d'un organisme, permettant de soutenir les résultats opérationnels
de celui-ci et de garantir que les risques relatifs à ces informations, et par conséquent les capacités
opérationnelles et l'intégrité de l'organisme, sont correctement identifiés et gérés. La gouvernance de
l'information comprend, entre autres, les politiques, processus, procédures, rôles et contrôles mis en
place dans le but de répondre aux exigences réglementaires, légales, opérationnelles et relatives aux
risques. La gouvernance de l'information fournit un cadre global de haut niveau qui :
— organise toutes les activités de gestion de l'information en fonction de la mission et des objectifs de
l'organisme, ainsi que de ses obligations commerciales, légales et sociétales ;
— garantit une approche complète et systématique de l'information en intégrant des processus relatifs
à la diffusion et au contrôle de l'information ;
— soutient la coopération entre les parties prenantes ; et
— crée une base de haut niveau pour la gestion de l'information, quels qu'en soient la forme, le type
et le format ; contribue à la formation et au développement professionnel du personnel, et à la
sensibilisation au sujet des obligations, risques et possibilités relatifs à l'information.
vi
NORME INTERNATIONALE ISO 24143:2022(F)
Information et documentation — Gouvernance de
l’information — Concept et principes
1 Domaine d'application
Le présent document établit les concepts et principes relatifs à la gouvernance de l'information.
Le présent document s'applique à la gouvernance des actifs informationnels passés, présents et futurs
de l'organisme. Il s'applique aux organismes de toutes tailles et de tous les secteurs, y compris les
sociétés publiques et privées, les entités gouvernementales, et les organisations à but non lucratif.
2 Références normatives
Le présent document ne contient aucune référence normative.
3 Termes et définitions
Pour les besoins du présent document, les termes et définitions suivants s'appliquent.
L'ISO et l'IEC tiennent à jour des bases de données terminologiques destinées à être utilisées en
normalisation, consultables aux adresses suivantes :
— ISO Online browsing platform : disponible à l'adresse https:// www .iso .org/ obp
— IEC Electropedia : disponible à l'adresse https:// www .electropedia .org/
3.1 Termes relatifs au concept d'information
3.1.1
authentique (terme à privilégier)
authenticité (terme admis)
propriété d'une information (3.1.3) dont on peut prouver qu'elle est bien ce qu'elle est supposée être
Note
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.