FD ISO/TR 18128

FD ISO/TR 18128

June 2014
Published document Cancelled

Information and documentation - Risk assessment for records processes and systems

ISO/TR 18128:2014 intends to assist organizations in assessing risks to records processes and systems so they can ensure records continue to meet identified business needs as long as required.ISO/TR 18128:2014:a) establishes a method of analysis for identifying risks related to records processes and systems,b) provides a method of analysing the potential effects of adverse events on records processes and systems,c) provides guidelines for conducting an assessment of risks related to records processes and systems, andd) provides guidelines for documenting identified and assessed risks in preparation for mitigation.ISO/TR 18128:2014 can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure. These factors, and the regulatory regime in which the organization operates which prescribes the creation and control of its records, are taken into account when identifying and assessing risk related to records and records systems.ISO/TR 18128:2014 can be used by records professionals or people who have responsibility for records in their organizations and by auditors or managers who have responsibility for risk management programs in their organizations.

See more
View the extract
Main informations

Collections

National standards and national normative documents

Publication date

June 2014

Number of pages

51 p.

Reference

FD ISO/TR 18128

ICS Codes

01.140.20   Information sciences

Classification index

Z44-023

Print number

1

International kinship

ISO/TR 18128:2014
Sumary
Information and documentation - Risk assessment for records processes and systems

ISO/TR 18128:2014 intends to assist organizations in assessing risks to records processes and systems so they can ensure records continue to meet identified business needs as long as required.

ISO/TR 18128:2014:

a) establishes a method of analysis for identifying risks related to records processes and systems,

b) provides a method of analysing the potential effects of adverse events on records processes and systems,

c) provides guidelines for conducting an assessment of risks related to records processes and systems, and

d) provides guidelines for documenting identified and assessed risks in preparation for mitigation.

ISO/TR 18128:2014 can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure. These factors, and the regulatory regime in which the organization operates which prescribes the creation and control of its records, are taken into account when identifying and assessing risk related to records and records systems.

ISO/TR 18128:2014 can be used by records professionals or people who have responsibility for records in their organizations and by auditors or managers who have responsibility for risk management programs in their organizations.

Table of contents
  • Avant-propos
    iv
  • Introduction
    v
  • 1 Domaine d'application
    1
  • 2 Références normatives
    1
  • 3 Termes et définitions
    2
  • 4 Critère d'appréciation du risque de l'organisme
    2
  • 5 Identification du risque
    4
  • 6 Analyse des risques identifiés
    14
  • 7 Évaluation du risque
    17
  • 8 Communication des risques identifiés
    21
  • Annexe A (informative) Exemple d'une entrée de risque documentée dans un registre des risques
    22
  • Annexe B (informative) Exemple: listes de contrôle visant à identifier les zones d'incertitude
    23
  • Annexe C (informative) Guide d'utilisation des mesures de l'Annexe A de l'ISO/IEC 27001
    31
  • Bibliographie
    43
ZOOM ON ... the Requirements department
To comply with a standard, you need to quickly understand its issues in order to determine its impact on your activity.

The Requirements department helps you quickly locate within the normative text:
- mandatory clauses to satisfy,
- non-essential but useful clauses to know, such as permissions and recommendations.

The identification of these types of clauses is based on the document “ISO / IEC Directives, Part 2 - Principles and rules of structure and drafting of ISO documents ”as well as on a constantly enriched list of verbal forms.

With Requirements, quickly access the main part of the normative text!

With Requirements, quickly access the main part of the normative text!
Need to identify, monitor and decipher standards?

COBAZ is the simple and effective solution to meet the normative needs related to your activity, in France and abroad.

Available by subscription, CObaz is THE modular solution to compose according to your needs today and tomorrow. Quickly discover CObaz!

Request your free, no-obligation live demo

I discover COBAZ