Full RSS Feed
Receive
the Free CMSWire NewsletterThe records and information management standard ISO 15489 groups authenticity with sister concepts reliability, usability and integrity. The standard tells us the retention phase of the life cycle of the record should eliminate as early as possible — and in an authorized, systematic manner — records which are no longer required. In addition, the record should retain its context so future users may judge its authenticity and reliability.
An authentic record is one that can be proven to be what it should be, created or sent by the creator or sender, and created or sent at the moment it was created. The iteration lends credibility to the definition, but translated in simpler terms, think of it this way: You don’t mess with the record once a document is declared to be one. ISO 15489 advises the use of policies and procedures to “control the creation, receipt transmission, maintenance and disposition of records to ensure that records creators are authorized and identified.”
Procedures support the issues around conversion and migration — “any kind of system change, including format conversion, migration between hardware and operating systems or specific software applications, for the entire period of their retention.” When a records system is discontinued or decommissioned, no further records may be added to the system, although they should continue to be accessible. The most important reference to authenticity occurs in ISO 15489’s Technical Report (Part Two): evidential weight.
If the integrity or authenticity of a record is called into doubt in court by suggestions of tampering, incompetence, improper system functionality or malfunction, the evidential weight or value put on the document by the court may be lost or, at least, reduced, to the detriment of the case.
Also, the standard’s authors were foresighted enough to describe the relationship between authenticity and media and/or application storage.
Records should be stored on media that ensure their usability, reliability, authenticity and preservation for as long as they are needed. Issues relating to the maintenance, handling and storage of records arise throughout their existence, not only when they become inactive. Systems for electronic records should be designed so that records will remain accessible, authentic, reliable and useable through any kind of system change, for the entire period of their retention. This may include migration to different software, re-presentation in emulation formats or any other future ways of re-presenting records. Where such processes occur, evidence of these should be kept, along with details of any variation in records design and format.
Business Connectivity Services
Authenticity is a half-step outside the purview of systems architecture, but SharePoint 2010 does valiantly try to address it in small but significant ways. We’ve already discussed In-Place Records Management versus records transition to the Records Center, so I won’t dwell on that here. I prefer to discuss authenticity from a Business Connectivity Services (BCS) point of view, or “authorization.”
Business Connectivity Services is a service application that bridges the gap between external softwares and SharePoint 2010 sites, lists, search functions and user profiles. The SharePoint 2010 Administrator’s Companion tells us two of the many benefits of BCS are “a deeper integration of data into places where a user works” and “centralize(d) data security auditing and connections.” The Administrator creates the BCS application, then the base metadata, and finally names, properties, permissions, and custom settings. They can describe all of this in an XML file (aka “the BDC model”). Then, once the file is imported into SharePoint 2010, the external data becomes available to the web applications associated with the BCS application.
Continue reading this article:
Email It
