FD ISO/TR 18128
Information and documentation - Risk assessment for records processes and systems
ISO/TR 18128:2014 intends to assist organizations in assessing risks to records processes and systems so they can ensure records continue to meet identified business needs as long as required. ISO/TR 18128:2014: a) establishes a method of analysis for identifying risks related to records processes and systems, b) provides a method of analysing the potential effects of adverse events on records processes and systems, c) provides guidelines for conducting an assessment of risks related to records processes and systems, and d) provides guidelines for documenting identified and assessed risks in preparation for mitigation. ISO/TR 18128:2014 can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure. These factors, and the regulatory regime in which the organization operates which prescribes the creation and control of its records, are taken into account when identifying and assessing risk related to records and records systems. ISO/TR 18128:2014 can be used by records professionals or people who have responsibility for records in their organizations and by auditors or managers who have responsibility for risk management programs in their organizations.
ISO/TR 18128:2014 intends to assist organizations in assessing risks to records processes and systems so they can ensure records continue to meet identified business needs as long as required.
ISO/TR 18128:2014:
a) establishes a method of analysis for identifying risks related to records processes and systems,
b) provides a method of analysing the potential effects of adverse events on records processes and systems,
c) provides guidelines for conducting an assessment of risks related to records processes and systems, and
d) provides guidelines for documenting identified and assessed risks in preparation for mitigation.
ISO/TR 18128:2014 can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure. These factors, and the regulatory regime in which the organization operates which prescribes the creation and control of its records, are taken into account when identifying and assessing risk related to records and records systems.
ISO/TR 18128:2014 can be used by records professionals or people who have responsibility for records in their organizations and by auditors or managers who have responsibility for risk management programs in their organizations.
- Avant-proposiv
- Introductionv
-
1 Domaine d'application1
-
2 Références normatives1
-
3 Termes et définitions2
-
4 Critère d'appréciation du risque de l'organisme2
-
5 Identification du risque4
-
6 Analyse des risques identifiés14
-
7 Évaluation du risque17
-
8 Communication des risques identifiés21
- Annexe A (informative) Exemple d'une entrée de risque documentée dans un registre des risques22
- Annexe B (informative) Exemple: listes de contrôle visant à identifier les zones d'incertitude23
- Annexe C (informative) Guide d'utilisation des mesures de l'Annexe A de l'ISO/IEC 2700131
- Bibliographie43
The Requirements department helps you quickly locate within the normative text:
- mandatory clauses to satisfy,
- non-essential but useful clauses to know, such as permissions and recommendations.
The identification of these types of clauses is based on the document “ISO / IEC Directives, Part 2 - Principles and rules of structure and drafting of ISO documents ”as well as on a constantly enriched list of verbal forms.
With Requirements, quickly access the main part of the normative text!
COBAZ is the simple and effective solution to meet the normative needs related to your activity, in France and abroad.
Available by subscription, CObaz is THE modular solution to compose according to your needs today and tomorrow. Quickly discover CObaz!
Request your free, no-obligation live demo
I discover COBAZ