- About Us
- Membership
- Groups
- News
- Training & Events
- Resources
- Jobs
Standards and Frameworks |
Information and Records Management Standards and FrameworksThe management of various aspects of information and records management can be achieved through various British and International standards. Some are specific to the UK (usually marked BS) and some have been agreed internationally (usually marked ISO). The IRMS has a role in some of these standards, and below is a full list of a wide range of standards for your reference. While this is not currently an exhaustive list, it is growing as we become aware of more and as more are developed. Whichever framework you wish to utilise is your decision and many members can share their experiences of it with you if asked (and they are willing to, of course). The links below will take you to a third-party site where you can purchase a copy of the standard or get more information on it. Please be aware any links below will take you to another website where you can access relevant information.
Information and Records Management Documentation:ISO15489 - Records management ISO16175 - Processes and functional requirements for software for managing records ISO21965 - Records management in enterprise architecture ISO22428 - Managing records in cloud computing environments ISO30301 - Management systems for records — Requirements ISO30302 - Management systems for records — Guidelines for implementation ISO13008 - Digital records conversion and migration process ISO17068 - Trusted third party repository for digital records ISO18128 - Risk assessment for records processes and systems ISO23081 - Metadata for records (in 3 parts) ISO26122 - Work process analysis for records BS10008 - Evidential weight and legal admissibility of electronic information BS10010 - Information classification, marking and handling NHS RM Code of Practice - Records Management Code of Practice for Health and Social Care IRMS Local Government Classification and Retention Scheme (LGCRS) - IRMS developed scheme for setting retention for organisations in the public sector IRMS Local Government Functional Classification Scheme (LGFCS) - IRMS developed scheme for classifying records of organisations in the public sector
Data Protection and Privacy:General Data Protection Regulation (GDPR) - Use and management of Personal Data Data Protection Act (UK) - Use and management of Personal Data for the United Kingdom and Northern Ireland ICO Accountability Framework - A framework produced by the ICO to help implement Accountability within an organisation ICO Children's Design Code - A legal code of conduct for producing online products and services aimed at Children Data Sharing Code - A code of practice for conducting sharing of Personal Data Data Protection Act (Ireland) - Use and management of Personal Data for Ireland Data Protection Act (Isle of Man) - Use and management of Personal Data for the Isle of Man Data Protection Act (Isle of Jersey) - Use and management of Personal Data for the Isle of Jersey BS10012 - Specification for a personal information management system
Open Government: Freedom of Information Act 2000 - Disclosure of information held by public authorities in the UK (excl Scotland) Freedom of Information Act 2000 (Section 46 Records Management Code of Practice) - A code of practice for the management of public authority records ICO FOI Self Assessment Toolkit - A self assessment questionnaire to benchmark compliance with FOIA against Freedom of Information (Scotland) Act 2002 - Disclosure of information held by public authorities in Scotland Environmental Information Regulations 2004 - Disclosure of environmental information held by public authorities in the UK Re-use of Public Sector Information Regulations 2015 - Rules regarding the use of public sector data by other entities
Information Security:ISO/IEC 27000 - Information security overview and vocabulary ISO/IEC 27001 - Information security management system requirements ISO/IEC 27002 - Code of Practice for Information Security controls ISO/IEC 27017 - Information security controls for cloud services ISO/IEC 27031 - Information security controls on business continuity eIDAS (Standards on trust services) - A legal framework for the use of electronic trust services offered within the UK and recognise equivalent services offered in the EU. NIS Regulations 2018 - A legal framework for providing online marketplaces, search engines and cloud software.
|