RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US
Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: ISO 15489 ADOPTION
From:
Larry Medina <[log in to unmask]>
Reply To:
Records Management Program <[log in to unmask]>
Date:
Fri, 20 Jul 2007 09:18:02 -0700
Content-Type:
text/plain
Parts/Attachments:
text/plain (109 lines) 
> It is important to remember that ISO 15489 is more guideline than standard
> and that it is intended to be applied within variable contexts. It is
> based
> upon the Australian standard AS 4390,  so views on its utility there are
> important and hold valuable lessons, but canot be simply carried into
> jurisdictions where there is not a state or national level adoption of the
> guide as "a standard".


And its my understanding that Govt in AUS routinely employs the use of
15489, but private industry does not apply it as consistently.

I can say that
> ISO 15489 is a valuable resource but not auditable (some may debate that)
> because its application covers extreme variables within a given context.


I'm not one that will disagree with you John.  ISO 15489, especially Part 1
is nearly impossible to "audit compliance with" and while Part 2 is a bit
more prescriptive in nature, you can still pick and choose how you intend to
employ its use.  It provides users the ability to establish a framework from
which they can assign best practices, but it isn't a rigid requirement by
any means.  And while you're right that it was based on AS4390, I felt 4390
was a much better document, which is why AS 15489 still has DIRKS as a
back-end.

Notably, there are some underpinnings that may not be
> at the heart of recorded information management in some jurisdictions--and
> businesses operating in these jurisdictions are not quick to take up a
> "standard" that does not fit the local values.


To a degree, what you've outlined here is why many US organizations have
not, and will not, adopt ISO 15489. While I personally see that the central
value to adoption is that it results in a consistent manner of managing
recorded information through the application of uniform best practices
across industry segments, irrespective of their lines of business, that
alone isn't enough for many for-profit organizations.  They don't see a
direct bottom line impact, and more to the point, there is no requirement to
comply with it.  Its not like 9001 or 14001, where if you're not compliant,
you cant do business with some EU companies... but that may change in the
not too distant future.   Word is ISO is considering adding language to
14001 that RM Program components must be compliant with 15489... and this
will REALLY make for a sticky wicket!

English is an imprecise language and we all use terms that may hold a range
> of meanings.  Standard is increasingly one of those terms, I think.


Whats the saying?  *England and America are two countries separated by a
common language.*
--George Bernard Shaw

As for Standard being one of those terms, much needs to be done here,
especially in this field.  As the Chair of ARMA's Standards Development
Committee, I bristle quite fervently when I see organizations, even those
doing work under the guise of IEEE referring to documents and publications
they generate related to management of information as a "standard" and I
intentionally used a lower case 's' here.

If the participants involved in the development don't represent a cross
section of all impacted parties, then there is no "consensus or balance"
achieved here and the document shouldn't prescribe how others should conduct
themselves to be in compliance.  Secondly, it's become more routine,
especially among those in the IT industry to establish "pay to play" groups
of participants and then produce documents they call standards that
essentially only the products of the paid players are able to comply with.

While I won't name any specific products/services/organizations here,
examples include information storage and medical information management
systems.

Overall, I see strong relationship between the MoReq and DOD 5012.2
> standards and the frame within which these work--ostensibly ISO 15489.



=)  And here's another case neither MoReq OR DoD 5015.2 are 'standards'.
One is a model requirements and the other includes 'standard' in it's title,
but it's  a directive and design criteria document.  So PLEASE, let's not
perpetuate the myth or misuse of the word Standard here.

ISO 15489 is about the total picture.  In my view and experience, it is
> rightly tailored to suit context and this may retain the strength of a
> comprehensive approach, or water it down, as management determines.  My
> job
> is to tell then the truth -- and that they aloe are accountable for what
> they do with that  ;-)


If an organization chooses to use ISO 15489 as a guidance document to
develop their own policies and best practices from and then ensures they are
consistent with the regulators that guide what  they must do, I don't see a
problem with that.  They can then periodically audit themselves, or even
hire an outside auditor to ensure they are consistent with their OWN
policies, but I think that's the best most organizations should expect form
ISO 15489.

Larry
-- 
Larry Medina
Danville, CA
RIM Professional since 1972

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2