ISO/TR 24332:2025

Technical
Report
ISO/TR 24332
First edition
Information and documentation —
2025-01
Blockchain and distributed ledger
technology (DLT) in relation to
Corrected version
authoritative records, records
2025-04
systems and records management
Information et documentation — Chaînes de blocs et dispositifs
d'enregistrement électronique (DEE) partagé en lien avec les
enregistrements officiels, les systèmes d'enregistrement et la
gestion des enregistrements
Reference number
© ISO 2025
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .v
Introduction .vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Overview of records management and distributed ledger technology (DLT) . 1
4.1 General .1
4.2 Overview of records management concepts and principles .2
4.2.1 Concepts .2
4.2.2 Principles for managing records .2
4.3 Overview of distributed ledger technology (DLT) and blockchain .3
4.3.1 General .3
4.3.2 Overview of the distributed ledger technology (DLT) reference architecture .3
4.3.3 Different types of distributed ledger technology (DLT) systems .4
4.3.4 Distributed ledger technology (DLT) use cases .5
5 Distributed ledger technology (DLT) and authoritative records . 5
5.1 General .5
5.2 On-ledger records .6
5.3 Off-ledger records .6
5.4 Metadata for records . .6
5.5 Relationship between distributed ledger technology (DLT) and characteristics of
authoritative records .7
5.5.1 General .7
5.5.2 Authenticity .7
5.5.3 Reliability .8
5.5.4 Integrity .8
5.5.5 Useability .9
6 Distributed ledger technology (DLT) and records processes . 9
6.1 Creating records.9
6.2 Capturing records .9
6.3 Records classification.9
6.4 Access control .10
6.5 Storing records .10
6.6 Use and reuse .11
6.7 Migrating and converting records . 12
6.8 Disposition . 12
7 Relationship between distributed ledger technology (DLT) systems and records systems .13
7.1 Characteristics of records systems . 13
7.2 Design considerations for records systems .14
8 Distributed ledger technology (DLT) systems and records management .15
8.1 Policies and responsibilities . 15
8.2 Records controls . 15
8.2.1 General . 15
8.2.2 Metadata schemas . 15
8.2.3 Business classification schemes .16
8.2.4 Access and permissions rules .17
8.2.5 Disposition authorities .17
9 Challenges, considerations and potential benefits . 17
9.1 Distributed ledger technology (DLT) and management of retention and disposition of
records .17
9.2 Legal issues .18

iii
9.2.1 General .18
9.2.2 eDiscovery .19
9.2.3 Custody and ownership . . .19
9.2.4 Geolocation restrictions on data storage and transfer . 20
9.2.5 Jurisdictional restrictions on the operation of distributed ledger technology
(DLTs) . 20
9.3 Personally identifiable information (PII) protection . 20
9.4 Access control mechanisms . 22
9.4.1 General . 22
9.4.2 Read access . 23
9.4.3 Write access . 23
9.5 Identification, authentication, and authoritative records .24
9.6 Addressing the business need to modify records .24
9.7 Distributed ledger technology (DLT) and records destruction .24
9.8 Longevity of distributed ledger technology (DLT) systems . 25
9.8.1 General . 25
9.8.2 Longevity of cryptographic algorithms . 26
9.8.3 Long-term preservation of authoritative records . 26
9.9 Timestamping and ordering in DLT .27
9.10 Key management .27
9.11 Distributed ledger technology (DLT) security . 28
9.11.1 General . 28
9.11.2 Malicious participants . 28
9.11.3 Consensus hijacking . 28
9.11.4 Vulnerability of distributed ledger technology (DLT) software . 29
9.11.5 Vulnerability of smart contracts related to external data . 29
9.12 Smart contracts . 29
9.13 Auditing, monitoring and evaluation . 30
9.14 Tokenization .31
Bibliography .33

iv
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out through
ISO technical committees. Each member body interested in a subject for which a technical committee
has been established has the right to be represented on that committee. International organizations,
governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely
with the International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of ISO document should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
ISO draws attention to the possibility that the implementation of this document may involve the use of (a)
patent(s). ISO takes no position concerning the evidence, validity or applicability of any claimed patent
rights in respect thereof. As of the date of publication of this document, ISO had not received notice of (a)
patent(s) which may be required to implement this document. However, implementers are cautioned that
this may not represent the latest information, which may be obtained from the patent database available at
www.iso.org/patents. ISO shall not be held responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 46, Information and documentation,
Subcommittee SC 11, Archives/records management, in collaboration Technical Committee ISO/TC 307,
Blockchain and distributed ledger technologies.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
This corrected version of ISO/TR 24332:2025 incorporates the following corrections:
— correction TC information in the foreword;
— correction of Figure 1;
— further editorial corrections.

v
Introduction
Distributed ledger technology (DLT), including blockchain technology, is expected to be widely adopted for
business and governance purposes. The viability of this technology is already established in many contexts,
and DLT solutions can potentially be used in any industry, sector or context.
Information systems used for business and governance can create, receive and store records. DLT solutions
are no different. There can be records in these solutions that need to be managed in compliance with existing
legal, regulatory, business, societal and other requirements. Also, DLT solutions or their constituent parts
have potential to be designed to manage records.
The need for the analysis of DLT from a records management point of view results from the specific
characteristics of this technology (e.g. distributed and decentralized nature, immutability, use of consensus
and use of smart contracts) and some of its modes of application (e.g. including the possibility of there being
no designated owner, distributed governance, transborder use, and different trust assumptions). The specific
characteristics of DLT can both facilitate records management (e.g. maintenance of integrity) and result in
difficult records management and legal challenges [e.g. possible absence of a designated authoritative copy
of a record, difficulties in disclosing records to authorities and courts including e-discovery, difficulties
managing retention and disposition, and challenges managing personally identifiable information (PII)
protection].
This document provides a foundation for common understanding among records managers, DLT system
designers/developers and related professionals and can inform the development of future standards
concerning DLT and records management. This document does not presume in depth knowledge of records
management principles or DLT.
vi
Technical Report ISO/TR 24332:2025(en)
Information and documentation — Blockchain and
distributed ledger technology (DLT) in relation to
authoritative records, records systems and records
management
1 Scope
This document analyses challenges, considerations, and potential benefits of blockchain and distributed
ledger technology (DLT) in relation to records management standards and related standards for systems that:
— create records that are required to be authoritative records;
— can be used as records systems; or
— can be used for records management, including records controls.
The target audience of this document includes records managers and allied professionals, IT professionals
and application developers, legal and compliance professionals, researchers, educators and other interested
parties.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content constitutes
requirements of this document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
ISO 22739, Blockchain and distributed ledger technologies — Vocabulary
ISO 30300, Information and documentation — Records management — Core concepts and vocabulary
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 22739 and ISO 30300 apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
4 Overview of records management and distributed ledger technology (DLT)
4.1 General
Any governance or business activity heavily relies on authoritative records, rather than on just any
information or data. Authoritative records are essential for decision-making, protection of rights,
transparency, accountability and memory. As soon as DLT solutions are used for business and governance,
they can create, receive and keep records that are subject to legal, regulatory, business and other
requirements, and can also have long-term or historical value.

To manage these records, one can rely on extensive body of knowledge and practical experience reflected in
ISO records management standards.
Records management is the discipline responsible for the efficient and systematic governance of records
using records processes, records controls and records systems. Understanding records as information
created or received and maintained as evidence of conducting business, records processes are a set of
activities for creating, capturing and managing authoritative records. These activities are supported
by records controls, such as business classification schemes or metadata schemas, and are performed in
records systems or across an organization.
DLT, which includes blockchain technology, enables the operation and use of distributed ledgers containing
transaction records that are intended to be final, definitive and immutable.
To help understand this document, this clause introduces overviews of the records management and DLT
based on the following International Standards.
— ISO 30300: provides the most relevant definitions and concepts diagrams related to the concepts used in
the records management domain;
— ISO 30301: specifies requirements to be met by a management system for records;
— ISO 15489-1: establishes the core concepts and principles for the creation, capture and management of
records;
— ISO 23257: specifies a reference architecture for DLT;
— ISO 22739: specifies vocabulary for DLT.
These documents can be consulted for more detailed advice on aspects of managing records or DLT.
4.2 Overview of records management concepts and principles
4.2.1 Concepts
Records are both evidence of business processes, activities and transactions and information assets. Any
set of information, regardless of its structure or form, can be managed as a record. The creation, capture
and management of records are integral parts of conducting business, in any context. Records document
individual events or transactions or can form aggregations that have been designed to document business
processes, activities or functions.
Evidence is understood as information that can be used either by itself or in conjunction with other
information, to establish proof about an event or action. Evidence is not limited to the legal sense of the term.
Records that possess the characteristics of authenticity, reliability, integrity and useability are considered
authoritative evidence. Records that have these characteristics are called authoritative records.
Metadata for records is data describing the context, content and structure of records, as well as their
management over time (see ISO 23081).
Records that do not possess such metadata are generally not considered authoritative.
Decisions regarding the creation, capture and management of records are based on the analysis and risk
assessment of business functions, processes and activities, in their business, legal, regulatory and societal
contexts. The analysis process is called appraisal (see ISO/TR 21946).
4.2.2 Principles for managing records
Managing records encompasses the following:
— establishing management systems for records
— creating and capturing records to meet requirements for evidence of business activity;

— taking appropriate action to maintain and protect their authenticity, reliability, integrity and useability
as their business context and requirements for their management change over time.
A management system for records is a set of interrelated elements used to direct and control an organization
with regard to records. Elements include leadership, policy, planning, resources and other supports,
operations, performance evaluation and continual improvement.
Records management operations are supported by processes for creating records, capturing records,
classification and indexing, access control, storing records, use and reuse, migration or conversion and
disposition (retention, destruction or transfer) of records. These records processes rely on records controls
which are instruments designed specifically to help in their performance such as metadata schemas for
records, business classification schemes, access and permissions rules and disposition authorities.
The management of records is supported by records systems which are information systems that are
designed specifically to manage records, or that are designed for other business processes that are adapted
to support the management of records.
Continuous monitoring and evaluation are essential to ensure that records management practices remain
effective and aligned with evolving business needs.
4.3 Overview of distributed ledger technology (DLT) and blockchain
4.3.1 General
Ledgers underlie accounting, commerce, taxation, and the orderly conduct of economies. Historically, ledger
technologies have included physical tokens, tally sticks, double-entry books, and centralized computerized
information systems. Blockchain and DLT are a new kind of computerized ledger technology, where ledgers
are not just distributed (in their physical structure) but can also be decentralized (in their control structure).
A blockchain system is one type of DLT system, but some DLT systems are not blockchain systems. In
the remainder of this document, DLT includes blockchain technology, and only distinguishes them when
required.
Blockchain technology was introduced by the Bitcoin platform, which demonstrated a solution to the long-
standing challenge of how to enable digital cash. Digital cash, like traditional physical cash (and unlike bank
deposits) can be directly controlled by its owner, but like bank deposits (and unlike physical cash) can be
transferred to remote parties globally. A challenge for digital cash systems is to ensure that every unit of
digital cash has no more than one owner at a time even without a centralized authority (often referred to
as the “double spending problem”). Solving this is difficult because information goods are not inherently
exclusionary. The Bitcoin platform realized digital cash as the Bitcoin cryptocurrency, and Bitcoin’s ledger
was defined by a blockchain which represented all transactions of transfers of Bitcoin (and associated data)
in a single globally visible list of transactions.
DLT can account not just for money, but also for other kinds of assets. DLT systems after Bitcoin have
expanded the capability of their ledgers to be able not just to represent cryptocurrencies, but also other kinds
of digital assets, data, and programs called “smart contracts”. Smart contracts are recorded in a DLT system,
and their results of execution are also recorded on the ledger. DLT systems can, either through validation in
the platform or through smart contract execution, enforce integrity conditions for digital assets, data, and
smart contracts on their ledgers. Consequently, just like modern centralized databases, modern DLT systems
can be used as general-purpose data storage, computation, and communication components in information
systems. DLT systems typically have some limitations compared to centralized database systems (such as
for performance efficiency and confidentiality) but can have some advantages (such as for availability and
integrity).
4.3.2 Overview of the distributed ledger technology (DLT) reference architecture
A reference architecture is a common generic model for a class of systems. The reference architecture for
DLT systems describes both the internal architecture of underlying DLT platforms, and the related non-DLT
systems that all together implement solutions for specific use cases. The reference architecture standard
ISO 23257 describes a range of overall DLT concepts and identifies important cross-cutting aspects for DLT

systems. In the design of software systems, architectural decisions are important in addressing these cross-
cutting aspects, which include qualities such as security, and performance efficiency, and other aspects such
as identity, governance, and management of DLT systems. The reference architecture standard ISO 23257
outlines how the decentralized nature and typical structure of DLT systems impacts the achievement of
requirements for these cross-cutting aspects.
An important part of a reference architecture is the set of architectural views. Each view models a system
relative to a specific set of concerns. The DLT reference architecture provides three views.
— User view – the roles and responsibilities associated with DLT systems, including users, providers,
developers, administrators, governors, and auditors.
— Functional view – the functionalities within and provided by DLT systems. These are grouped by coarse
“layers”: Infrastructure Layer, DLT Platform Layer, API Layer, Non-DLT Systems, User Layer, and Cross-
Layer Functions. Non-DLT systems include DLT oracles that provide a gateway for external data to a DLT
system, non-DLT applications that can interoperate with the DLT system, and off-ledger data that can
relate to the DLT system.
— System view – the structural elements within and connected to DLT systems. A DLT system is implemented
by a network of DLT nodes, each of which runs the DLT platform. The platform provides API interfaces to
users, and other interfaces to external non-DLT systems and other DLT systems. Within a DLT platform,
there are elements including the ledger, transaction and consensus mechanisms, smart contracts, and
cryptographic services. Spanning the whole DLT system are other elements such as infrastructure
services, and other cross-layer elements for development, management and operations, security, and
governance and compliance.
4.3.3 Different types of distributed ledger technology (DLT) systems
There are different kinds of DLT systems. They differ in five important aspects: access for use, authorization,
ledger structure, smart contract capability, and consensus mechanism.
DLT systems can be public, in which case access for use is available to all, or private, in which case access for
use is restricted to a limited group of participants. Privacy is not guaranteed even in the case of private DLT
systems, because all the DLT nodes participating in the consensus mechanism for a transaction will typically
have access to the information in that transaction. Private DLT systems tend to be smaller, and can have
well-known and more trustworthy DLT nodes, and therefore often have better performance than public DLT
systems. However, public DLT systems can provide high levels of transparency and integrity through wide
public participation and oversight.
A DLT system can be permissionless, in which case authorization is not required to perform activities in the
system, or can be permissioned, in which case authorization is required to perform at least some activities.
The ledger structure of a blockchain system is a linked chain: a single global list of transactions, grouped
into cryptographically linked blocks, each of which contains a list of transactions. However, other kinds of
DLT systems can have different ledger structures, which can help to improve concurrency and performance.
Some DLT systems fragment the ledger into multiple shards, to improve scalability. In other DLT systems,
instead of their being a global ledger, there are many small ledgers, shared just between parties of interest
to their transactions.
DLT systems can vary in their smart contract capability. For example, some smart contract languages are
“Turing-complete” and so are in principle as expressive as every other programming language. In practice,
smart contract execution is usually highly resource-constrained, so that it will complete within the time
and space constraints of the DLT system’s consensus mechanism. Several DLT systems use expressive but
sub-Turing complete smart contract languages, so that the smart contracts are more amenable to automatic
static analysis or formal verification, to provide assurance about their correctness. Some DLT systems (such
as the original Bitcoin blockchain) have very limited linear scripting capabilities, and some DLT systems
have no smart contract capabilities.
The consensus mechanism of a DLT system enables agreement between numerous DLT nodes about the
contents of the ledger. Prior to Bitcoin, a variety of consensus mechanisms were known that allowed a small
number (i.e. tens) of well-known DLT nodes to reach consensus. These mechanisms included algorithms

such as Practical Byzantine Fault Tolerance, and Raft. However, in a DLT network with an unknown but
large number (i.e. thousands) of DLT nodes, those approaches do not work. Bitcoin used a mechanism
called Nakamoto consensus, in which DLT nodes accept as authoritative the longest ledger seen at any time.
Ledgers cannot grow arbitrarily quickly in Bitcoin because of the use of a proof-of-work mechanism: blocks
in the ledger must demonstrate a solution to a cryptographic puzzle which is computationally easy to check,
but computationally difficult to create. Many public DLT systems continue to use Nakamoto consensus, in
combination with proof-of-work, or with other approaches such as proof-of-stake. A limitation of Nakamoto
consensus is that it does not provide conventional transaction properties. In conventional transaction
processing, when a transaction is committed it is final, and cannot be reversed (although a reversing
transaction can be subsequently committed). In Nakamoto consensus, there is only long-run probabilistic
finality. At any one time, each DLT node will have their own independent view of the longest (and so,
authoritative) ledger. If a DLT node is presented with a new longer but different ledger it will change what it
reports as the authoritative new ledger. In practice, DLT users can reduce the likelihood of being exposed to
this issue to any low-enough risk by waiting for a sufficiently long time.
4.3.4 Distributed ledger technology (DLT) use cases
DLT is a general-purpose ledger technology that can in principle be used in any sector or industry domain
(see ISO/TR 3242). To satisfy the requirements of any specific use case, the design of a DLT solution will
need to accommodate the limitations of the DLT system and leverage its strengths.
As demonstrated by the Bitcoin blockchain, DLT systems can support cryptocurrencies, or in general digital
assets. Tokens constitute an important category of digital assets. They can represent other digital assets
such as digital art or access rights, or they can represent physical assets such as museum objects. Tokens
can have intrinsic value within an ecosystem or can have extrinsic value by being exchangeable for other
valuable digital or physical assets. Tokens can also be used for other purposes, such as for tracking resource
utilization.
Because they aim to provide a verifiable ledger, DLT systems can support efficient and trustworthy
reconciliation processes and can provide coordination about mutual status and data between different
individuals, businesses, or governments. These capabilities can be valuable in a wide range of industry
sectors, including finance, insurance, healthcare, and supply chain management. DLT systems can enhance
transparency and traceability, thereby reducing fraud and improving efficiency.
5 Distributed ledger technology (DLT) and authoritative records
5.1 General
A ledger is a long-established concept used in business and technology. Traditionally, a ledger is an
information store, such as a book, containing accounts to which debits and credits are posted from books of
original entry.
In the context of DLTs, a distributed ledger is a ledger that is shared across a set of DLT nodes and synchronized
between the DLT nodes using a consensus mechanism. Ledger records are records containing transaction
records, hash values of transaction records or references to transaction records (e.g. cryptographic links)
recorded on a distributed ledger.
It is easier to use distributed ledgers for records management purposes if they are authoritative and possess
the characteristics of records as described in 4.2.1. A person or organization can place confidence in an
authoritative distributed ledger and rely upon it to act (i.e. to trust it).
Appraisal from the point of view of records management informs the design process for business systems
that deal with records and involves the evaluation of business activities to determine which records need to
be created and captured, and how long the records need to be kept. In the design of DLT solutions, designers
can undertake appraisal in order to determine whether records should be created and kept on or off-ledger.
Decisions about whether records and associated metadata are created and stored on or off-ledger can affect
their authenticity, reliability, integrity, and useability.

5.2 On-ledger records
On-ledger records are records that are created or received, located, performed, or run inside a distributed
ledger. Ledger records can contain transaction records, hash values of transaction records, or references
to transaction records recorded on a distributed ledger. Ledger records can include smart contracts, which
are computer programs stored in a DLT system, and include the recorded outcome of the execution of the
program. Note that a smart contract can represent terms in a contract in law and create a legally enforceable
obligation under the legislation of an applicable jurisdiction.
DLT systems are intended to ensure the integrity of ledger records, i.e. that the ledger and its associated
records are tamper-resistant and immutable. Integrity of ledger records is supported by enforcing the
validation rules of the DLT platform.
Some reasons that records are created and kept on-ledger include:
— they are necessary for the proper functioning of the DLT system (e.g. the hashes of transaction records
that are used to generate the Merkle root hash that forms part of the hash used to chain blocks together
in a blockchain);
— to embed reference metadata about a transaction into a ledger record to capture the context and
pragmatic meaning of the transaction or for purposes of records management;
— to embed a link to transaction records or related contextual information (e.g. metadata) stored off-
ledger for purposes of capturing the context and pragmatic meaning of a ledger record or to link it to
supporting records related to the same transaction that are stored off-ledger. Such linkages among
records or contextual information can be known by different names and in archival science are referred
to as the “archival bond”.
5.3 Off-ledger records
Off-ledger records are records that are related to on-ledger records but are located in data storage outside
of the DLT system. They can include any number of different types of transaction records or metadata about
on-ledger records. Off-ledger data is often not immutable. A DLT system can be used as a mechanism for
securing off-ledger data.
Some reasons that records are created and kept off-ledger include:
— DLT system performance, including processing efficiency;
— DLT system storage constraints;
— integration of DLT system with pre-existing business systems;
— protection of privacy and confidentiality regarding parties to a transaction or the nature of a transaction;
— legal requirements.
5.4 Metadata for records
Records can be distinguished from other information assets by their role as evidence of business and by their
reliance on metadata. Metadata for records are used to indicate and preserve context and apply appropriate
rules for managing records.
In DLT systems, metadata for records can be embedded into transaction records or stored as part of a record
on-ledger. Alternatively, on-ledger records can link to metadata for records stored off-ledger.

5.5 Relationship between distributed ledger technology (DLT) and characteristics of
authoritative records
5.5.1 General
Authoritative records possess the characteristics of authenticity, reliability, integrity and useability. This
subclause discusses the relationship between DLT and characteristics of authoritative records, and the effect
that decisions for the design of systems using DLT can have on the authoritativeness of records, including
both on-ledger and off-ledger records.
Note that judgement about the authoritativeness of records, and thus an individual’s willingness to rely upon
a record to ac
...