标准摘要
[中文适用范围]: 该文件:a)提供识别和记录与记录、记录流程、控制和系统(记录风险)相关的风险的方法;b)提供分析记录风险的技术;c)提供评估记录风险的指南。该文件旨在帮助组织评估记录风险,以便他们能够确保记录在需要时继续满足已确定的业务需求。所有组织均可使用该文件,无论其规模、活动性质或职能和结构的复杂程度如何。该文件并不直接涉及风险缓解,因为缓解风险的方法因组织而异。该文件可供记录专业人员或组织中负责记录和记录流程、控制和/或系统的人员使用,也可供组织中负责风险管理计划的审计师或经理使用。 [外文原描述]: The document: a) provides methods for identifying and documenting risks related to records, records processes, controls and systems (records risks); b) provides techniques for analysing records risks; c) provides guidelines for conducting an evaluation of records risks. This document intends to assist organizations in assessing records risks so they can ensure records continue to meet identified business needs as long as required. This document can be used by all organizations regardless of size, nature of their activities, or complexity of their functions and structure. This document does not directly address the mitigation of risks, as methods for these vary from organization to organization. It can be used by records professionals or people who have responsibility for records and records processes, controls and/or systems in their organizations, and by auditors or managers who have responsibility for risk management programs in their organizations.
英文名称Information and documentation — Records risks — Risk assessment for records management