BS ISO 30301:2019 pdf download – Information and documentation — Management systems for records — Requirements 7.5.2 Creating and updating When creating and updating documented information the organization shall ensure appropriate: a) identification and description (e.g. a title, date, author, or reference number); b) format (e.g. language, software version, graphics) and media (e.g. paper, electronic); c) review and approval for suitability and adequacy. 7.5.3 Control of documented information Documented information required by the MSR and by this document shall be controlled to ensure: a) it is available and suitable for use, where and when it is needed; b) it is adequately protected (e.g. from loss of confidentiality, improper use, or loss of integrity). For the control of documented information, the organization shall address the following activities, as applicable: — distribution, access, retrieval and use; — storage and preservation, including preservation of legibility; — control of changes (e.g. version control); — retention and disposition. Documented information of external origin determined by the organization to be necessary for the planning and operation of the MSR shall be identified as appropriate, and controlled. NOTE Access can imply a decision regarding the permission to view the documented information only, or the permission and authority to view and change the documented information, etc. Documented information of the MSR is part of the records of an organization, which shall be managed in a records system. The MSR documented information creation and control requirements shall be consistent with the general records creation, capture and management requirements (Clause 8 and Annex A). 8 Operation 8.1 Operational planning and control The organization shall plan, implement and control the records processes needed to meet the requirements and to implement the actions determined in 6.1, by: — establishing criteria for the records processes; — implementing control of the records processes in accordance with the criteria; — keeping documented information to the extent necessary to have confidence that the records processes have been carried out as planned. The organization shall control planned changes and review the consequences of unintended changes,taking action to mitigate any adverse effects, as necessary. The organization shall ensure that outsourced records processes included in the scope on MSR are controlled. 8.2 Determining records to be created The organization shall determine what, when and how records shall be created and captured for each business process. This shall be achieved through: — the analysis of the business process in order...

Download Address

  • Download