In the wake of recent failures in corporate governance and repeated scandals in so many sectors worldwide, notably in the realm of banking and of the media, two new ISO International Standards will help organizations disclose corporate information quickly and effectively.
In government and in business it has become necessary to render more transparent the decision-making process and actions taken, to ensure legal and ethical obligations are not just met, but are publicly seen to be met. The unstoppable transition to a fully digital environment is both a challenge and an opportunity.
To address these needs, ISO has published new International Standards : ISO 30300:2011, Information and documentation – Management systems for records – Fundamentals and vocabulary, and ISO 30301:2011, Information and documentation – Management systems for records – Requirements. They distill the knowledge and experience of experts drawn from 27 countries on five continents.
The ISO 30300 series offers the methodology for a systematic approach to the creation and management of records, aligned with organizational objectives and strategies. Managing records using a management system for records (MSR) supports cost-effective operational processes, such as storage, information retrieval, information re-use. It prepares an organization for the possibility of litigation or inquiry arising in the future, and ensures that a thorough preparation for due diligence can be carried out.
The ISO 30300 series of International Standards focuses on the implementation and operation of an effective MSR to ensure that authoritative and reliable information about, and evidence of, business decisions and transactions is recorded, managed and made accessible to those who need it, and maintained for as long as it is required. This is fundamental and incontrovertible if the concerns of the public are to be addressed and current and future challenges are to be met.
Click on picture to enlarge
New addition to MSS
The ISO 30300 series of MSR standards was created to link the management of records to organizational success and accountability. This series sets benchmarks for organizations to assess the adequacy of their methods of maintaining their records. It provides management with the tools necessary to realize a systematic and verifiable approach to the creation and control of records. ISO 30300 supports the management and documentation requirements of organizations implementing other management systems standards (MSS), such as ISO 9001 (quality), ISO 14001 (environment) and ISO 22000 (food safety).
The new ISO standards are targeted at all sectors including governments and their agencies, educators, financial services, manufacturing (with a particular emphasis on the pharmaceutical and mining industries), and companies or governments which are actively involved (or passively implicated) in issues of social responsibility. All sectors with a vital need to demonstrate compliance, such as nuclear energy and telecommunications, will reap particular benefits from the effective implementation of these International Standards.
The ISO 30300 series is a new addition to the MSS group. Development of these new International Standards incorporates experience gained in the implementation of the series ISO 15489:2001, Information and documentation – Records management which is a bestseller and has been used by 50 countries and translated into 22 languages in developed and developing countries.
In developed countries, the ISO 15489 series is implemented in support of good governance and effective business operations. In developing countries, this series has been adopted by governments seeking to demonstrate to their own populations and to the wider international community, improvements in governance, accountability and administrative capability. This leads to a level playing field for all potential actors, whatever their origin.
This International Standard explains the rationale behind the creation of an MSR, the guiding principles for its successful implementation, and provides the terminology which ensures that it is compatible with other management systems standards. It also establishes the objectives for using an MSR and describes a process approach and specifies roles for top management.
ISO 30300:2011 is applicable to any organization that needs to establish, implement, maintain and improve an MSR to support its business. It also provides assurance of conformity with a stated records policy.
This International Standard specifies the requirements necessary to develop a records management policy. It also sets objectives and targets for an organization to implement systemic improvements. This is achieved through formulating the design of processes and systems, estimating the appropriate allocation of resources, and establishing benchmarks to properly monitor, measure and evaluate outcomes. These steps will ensure corrective action can be taken and continuous improvements are built into the system to support an organization in achieving its mandate, mission, strategy and goals.
ISO 30301:2011 can be implemented with other MSS. It is especially useful in demonstrating compliance with the documents and records requirements of other MSS. The bottom-line
The aim for organizations is to strategically utilize these standards to :
- Integrate records requirements into business processes, to eliminate redundancy, establish consistency, optimize processes and resources, reduce maintenance and improve decision-making
- Use and exploit information resources as business, commercial and intellectual property assets.
The cost of developing an MSR depends on the scope of implementation within each organization and is determined by business needs and an assessment of risk. This investment can provide both short- and long-term returns, as well as aiding an organization in avoiding unnecessary expenditure.
Memory and assets
The creation of records is integral to any organization’s activities, processes and systems. An MSR promotes business efficiency, accountability, risk management and business continuity. It empowers organizations to capitalize on the value of their information resources as business, commercial and intellectual property assets.
At the same time, an MSR contributes to the preservation of organizational memory (something that can be irretrievably lost given a high turnover in personnel – whether voluntary or involuntary), in response to the exponentially growing challenges of the global and digital environment.
The structure of the MSR links the records management requirements and expectations of stakeholders to the production of records which are reliable, authentic, whose integrity is unassailable, and which can be utilized in an effective and efficient manner (see Figure 1).
For organizations implementing an MSR, the benefits are extensive and include :
- Common policy and practice benchmarks across geographical boundaries, facilitating its utilization in different countries, cultures and jurisdictions
- Legal compliance and protection, including support for due diligence and effective preparation in cases of potential litigation
- The ability to meet regulatory requirements, including the effective monitoring of accountability and ethical and corporate governance guidelines, proper oversight of financial and practice audits
- Support for the management of risk, including security, controlling the effects of attacks on reputation, business continuity planning and implementation
- The ability to set and assess performance measures for the use of commercial service providers, and for inclusion in commercial contracts
- Compatibility and interoperability with other commonly used management systems standards, for example ease of integrating records management into the processes and practices required of ISO 9000 and ISO 14000
- Demonstrated commitment to organizational governance, accountability and integrity
- The potential to make organizations more cost effective and efficient.
The adoption of the ISO 30300 series of International Standards is needed whether they are implemented locally or globally, and for all sectors. This series has the potential to benefit society in both developed and developing countries as it promotes and provides a road map to improve :
- The efficiency and responsiveness of government
- The accountability and governance of public, private and non-profit organizations
- Organizational compliance with international treaties, laws and regulations at every level
- The trust in environments for the conduct of business and interaction between governments and their citizens, businesses and their clients, in particular for all issues involving electronic transactions and communications
- Access to information and the preservation of collective memory.
ISO 30300:2011 and ISO 30301:2011 were developed by ISO technical committee ISO/TC 46, Information and documentation, subcommittee SC 11, Archives/records management. It is currently working on two further standards in the ISO 30300 series :
- ISO 30303, Management systems for records – Guidelines for implementation
- ISO 30304, Management systems for records – Assessment guide.
Judith Ellis is the Convenor of ISO/TC 46, Information and documentation, subcommittee SC 11, Archives/Records management, working group WG 8, Management systems for records – Fundamentals and vocabulary. She is the owner and Managing Director of Enterprise Knowledge Pty Ltd, based in Australia, and is well known for her involvement in international and Australian standards development. She has also been a consultant in the information and knowledge management field over the past 30 years.
Carlota Bustelo is the Convenor of ISO/TC 46/SC 11, WG 9, Management systems for records – Requirements. She has more than 25 years’ experience acting as an independent consultant in the organization of information, documentation and records in the public, private and non-profit sectors, mainly in Spain and Latin America. She has specialized in the application of information technologies to the management of documents, records and information.