scope:

The present document addresses the Information Security Management System of Information Preservation Systems, by specifying Security requirements for Information Preservation Service Providers to abide by, when implementing and managing an IPS, in order to provide Information Preservation Services that are trustable and reliable from the Information Security viewpoint.

Sister document TR 101 533-2 [i.24] provides recommendations on how to assess electronic information preservation services against the provisions specified in the present document.

These measures are based on provisions of ISO/IEC 27001 [1], ISO/IEC 27002 [2] and TS 102 573 [3], enhancing them where necessary.

The present document does not address specific document management related issues that are addressed by a number of ISO standards, such as ISO 14721 [i.5], ISO/IEC 15489 [i.17], ISO 23081 [i.27] and, more in general, those dealt with by ISO/TC 46/SC11 which the reader of the present document should refer to.

NOTE The present document and its sister document TR 101 533-2 [i.24] can be referred to by various archival management standards and standard families as a complementary and detailed set of specifications through which a reliable Information Security Management System can be implemented, managed and assessed, as regards the Information Preservation peculiarities.