ISO 19475 pdf free download

ISO 19475-2021 pdf free download.Document management – Minimum requirements for the storage of documents.
5 Receipt and approval
5.1 Requirements
Organizations should define handling methods for each type of document to properly control the documents they receive.
The type of document and the handling methods are defined according to the receiving policy and the contract with the vendor or customer.
NOTE The type of document is defined by its use and purpose. The format of the document is defined by its handling method.
5.2 Controls for receipt
The organization shall confirm the skill level of the person responsible for receiving the document before giving the work order.
The organization shall confirm whether it has the rights and privileges to receive and use a received
document.
An organization shall not receive types of document they do not have the rights and privileges to use. The organization shall maintain the integrity of the document received and approved in accordance with its purpose for processing.
The organization shall maintain the quality o the equipment involved in the receiving and approval processes.
When outsourcing receipt duties to another organization, care shall be taken to avoid receiving documents not authorized to be outsourced.
NOTE The authenticity and reliability of the document received is either confirmed by such public credibility information as an electronic signature or time stamp, or the organizational trust or credibility of the party who sent the information.
5.3 Controls for approval
Controls for the approval process of the document received from an outside organization into a format appropriate for the document handling process are explained below.
Approval processes for the purpose of conversion include digitizing a paper document received, registering or duplicating the document, whether received in paper form or an electronic file, and deploying a data file received into processing.
NOTE Security risks in terms of physical security or system security are not discussed in this document. Please refer to the relevant IT security standards.
When converting a document into a format that is appropriate for processing, the organization should ensure that the information content of the received document and the converted document are not compromised.
During the receipt process, handling shall be suspended if the information includes a document that is not able to be approved. When the receipt process is suspended, the organization shall store the information in question and return the relevant document to the sender.
NOTE See Annex B for the controls for inspection of the document format received.
5.4 Document to be used at processing
Metadata shall he extracted from the received document that will he used during processing.
Metadata to be used during the document handling processes contains rights and privileged information, information for identifying the document, and the purpose of the document being processed for use.
Metadata is used to control the processes of the users and custodians of the document, as well as to identify the processing procedures.
The organization shall store the extracted metadata as well as the received contents into the EDMS or ECM.
NOTE The requirements for EDMS and ECM are shown in Annex A.
5.5 PreservIng the receiving and approved context
The context of the receiving and approval operations shall be recorded as a system log or as an operations log. The context information contains the received and approved documents; the software used for approval and the converted documents (if necessary) for use, and stores this information in the preservation system.
The document metadata shall contain the name of the person that created it, an electronic signature and a time stamp marking the date it was preserved. The use of an electronic signature and time stamp shall be as described in ISO 14641.
NOTE 1 The requirements for ensuring the authenticity of the preserved document can vary depending on local regulations,
1) Authorize the output document.
Authenticate and apply a time stamp for both the received document and the output document.
3) Documents are stored with a trusted storage service. This document is called a true copy.
In addition, the context information (use log, reference log, update log, etc.) related to the generation of the document is preserved with an electronic signature and time stamp.
4) In addition to 2), the name and version of the software program used for editing and creation is also recorded and stored.
In addition to above, the usage history of the system program should be required.
NOTE 2 Local legislation can exist concerning the evidential requirements of documents.
NOTE 3 The document to be stored contains the name of the person, the date of creation, etc. It is critical to
decide on the handling procedures to ensure data integrity according to the information handling rules.
6 Delivery
6.1 Requirements
Organizations should define the handling methods for each type of document to be controlled and delivered.
The type of document and the handling methods are defined according to the delivery policy and the contract with the vendor or customer.
NOTE See Annex1 for the controls for inspection of the document format that is deliverable.
6.2 Controls for the delivery process
The organization shall preserve appropriate and validated business processes according to roles and responsibilities. Thus, the organization maintains the integrity of the processing process.ISO 19475 pdf download.