BSI PD ISO/TR 18128:2014
$189.07
Information and documentation. Risk assessment for records processes and systems
| Published By | Publication Date | Number of Pages |
| BSI | 2014 | 48 |
This Technical Report intends to assist organizations in assessing risks to records processes and systems so they can ensure records continue to meet identified business needs as long as required.
The report
-
establishes a method of analysis for identifying risks related to records processes and systems,
-
provides a method of analysing the potential effects of adverse events on records processes and systems,
-
provides guidelines for conducting an assessment of risks related to records processes and systems, and
-
provides guidelines for documenting identified and assessed risks in preparation for mitigation.
This Technical Report does not address the general risks to an organization’s operations which can be mitigated by creating records.
This Technical Report can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure. These factors, and the regulatory regime in which the organization operates which prescribes the creation and control of its records, are taken into account when identifying and assessing risk related to records and records systems.
Defining an organization or identifying its boundaries should take into account the complex structures and partnerships and contractual arrangements for outsourcing services and supply chains which are a common feature of contemporary government and corporate entities. Identifying the boundaries of the organization is the initial step in defining the scope of the project of risk assessment related to records.
This Technical Report does not address directly the mitigation of risks as methods for these will vary from organization to organization.
The Technical Report can be used by records professionals or people who have responsibility for records in their organizations and by auditors or managers who have responsibility for risk management programs in their organizations.
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 6 | Foreword |
| 7 | Introduction |
| 8 | Figure fig_1 |
| 9 | Section sec_1 Section sec_2 1 Scope 2 Normative references |
| 10 | Section sec_3 Section sec_3.1 Section sec_3.1.1 Section sec_3.2 Section sec_3.2.1 Section sec_3.2.2 Section sec_4 Section sec_4.1 3 Terms and definitions 3.1 Terms specific to risk 3.2 Terms specific to records 4 Risk assessment criteria for the organization 4.1 Assessment of risk |
| 11 | Section sec_4.2 Section sec_4.3 Section sec_5 Section sec_5.1 4.2 Risk criteria 4.3 Assignment of priority 5 Risk identification 5.1 General |
| 12 | Figure fig_2 |
| 13 | Section sec_5.2 Section sec_5.2.1 Section sec_5.2.2 Section sec_5.2.3 5.2 Context: External factors |
| 14 | Section sec_5.2.4 Section sec_5.3 Section sec_5.3.1 5.3 Context: Internal factors |
| 15 | Section sec_5.3.2 Section sec_5.3.3 |
| 16 | Section sec_5.3.4 Section sec_5.4 Section sec_5.4.1 5.4 Records systems |
| 17 | Section sec_5.4.2 Section sec_5.4.3 |
| 18 | Section sec_5.4.4 Section sec_5.4.5 |
| 19 | Section sec_5.5 Section sec_5.5.1 Section sec_5.5.2 Section sec_5.5.3 Section sec_5.5.4 5.5 Records processes |
| 20 | Section sec_5.5.4.1 Section sec_5.5.5 Section sec_6 Section sec_6.1 6 Analysing identified risks 6.1 General |
| 21 | Section sec_6.2 Table tab_1 Section sec_6.2.1 6.2 Likelihood analysis and probability estimation |
| 22 | Section sec_6.2.2 Section sec_6.2.3 Section sec_6.2.4 |
| 23 | Section sec_7 Section sec_7.1 7 Evaluating risks 7.1 General |
| 24 | Section sec_7.2 Table tab_2 Section sec_7.3 7.2 Evaluating impact of adverse events 7.3 Evaluating the risk |
| 25 | Table tab_3 Section sec_8 8 Communicating the identified risks |
| 27 | Annex sec_A Annex A (informative) Example of a documented risk entry in a risk register |
| 28 | Annex sec_B Annex sec_B.1 Annex sec_B.1.1 Annex sec_B.1.2 Annex sec_B.1.3 Annex sec_B.1.4 Annex B (informative) Example: checklists for identifying areas of uncertainty |
| 29 | Annex sec_B.2 Annex sec_B.2.1 Annex sec_B.2.2 |
| 30 | Annex sec_B.2.3 Annex sec_B.2.4 Annex sec_B.3 Annex sec_B.3.1 |
| 31 | Annex sec_B.3.2 Annex sec_B.3.3 |
| 32 | Annex sec_B.3.4 Annex sec_B.3.5 Annex sec_B.4 Annex sec_B.4.1 |
| 33 | Annex sec_B.4.2 Annex sec_B.4.3 Annex sec_B.4.4 Annex sec_B.4.5 |
| 34 | Annex sec_B.4.6 |
| 35 | Annex sec_C Annex C (informative) Guide to using controls from ISO/IEC 27001, Annex A |
| 45 | Reference ref_1 Reference ref_2 Reference ref_3 Reference ref_4 Reference ref_5 Reference ref_6 Reference ref_7 Reference ref_8 Reference ref_9 Bibliography |
Related products
-
BSI PD ISO/TR 18828-1:2018:2023 Edition
Industrial automation systems and integration. Standardized procedures for production systems engineering. Overview – Overview Published…
-
BSI PD ISO/TR 23199:2019
Cosmetics. Calculation of organic indexes of hydrolates. Supplemental information for ISO 16128-2 Published By Publication…
-
BS ISO 18128:2024
Information and documentation. Records risks. Risk assessment for records management Published By Publication Date Number of…
-
BSI PD ISO/TR 18228-10:2024
Design using geosynthetics – Asphalt pavements Published By Publication Date Number of Pages BSI 2024…
-
BSI PD ISO/TR 22582:2019
Cosmetics. Methods of extract evaporation and calculation of organic indexes. Supplemental information to use with…
