🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BS 10008-2:2020

BS 10008-2:2020

$215.11

Evidential weight and legal admissibility of electronically stored information (ESI) – Code of practice for implementation of BS 10008-1

Published By Publication Date Number of Pages
BSI 2020 168
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Categories: ,

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This British Standard gives recommendations and guidance for the implementation and operation of information management systems that manage information electronically (including where the electronic information is transferred from one computer system to another) and where the issues of authenticity, integrity and availability as required for legal admissibility and evidential weight are important. It describes the processes for use in the identification and development of policies and procedures as specified in BS 10008‑1, in relation to the management of electronically stored information (ESI).

This British Standard is applicable to any system that:

  1. stores and/or transmits information electronically;

  2. uses any type of database or other electronic system; and/or

  3. manages information electronically, using any type of electronic storage medium including write‑once‑read‑many (WORM) and rewritable technologies.

This British Standard also covers procedures and processes relevant to the following ESI authentication principles:

  1. electronic identity verification – proving the genuineness of the individual/organization that produced, transferred and/or stored the electronic document;

  2. electronic signature – the application of the legal equivalent of a “pen and ink” signature on a paper document;

  3. electronic copyright – the application of a copyright mark to ESI; and

  4. linking the electronic identity and/or electronic signature and/or electronic copyright to the particular ESI (and preventing compromise to its integrity).

It covers aspects of the information management processes that affect the use of ESI in normal business transactions, even where legal admissibility per se is not an issue. Such aspects include the legibility, accuracy and completeness of the ESI, and the transfer of the ESI to other systems.

This British Standard is also applicable to electronic identity management systems and can be applied to any form of electronic identity management system, irrespective of the technology used.

This British Standard is intended for:

  • end user organizations that wish to ensure that ESI captured by, imported into, stored and/or transmitted within their information management systems can be used with confidence as evidence in any dispute, within or outside a court of law;

  • end user organizations that wish to ensure that electronic identity management systems can be used with confidence as evidence in any dispute, within or outside a court of law; and

  • integrators and developers of information management systems that provide facilities to meet user requirements.

This British Standard does not cover processes used to evaluate the authenticity of ESI prior to it being imported into the system. However, it can be used to demonstrate that output from the information management system is a true record of what was imported.

Compliance with this British Standard does not guarantee legal admissibility. It defines good practice.

PDF Catalog

PDF Pages PDF Title
5 Foreword
7 0 Introduction
0.1 Management summary
0.2 Purpose of this British Standard
8 0.3 Compliance
0.4 Information as an asset
9 0.5 Technology
0.6 Management framework
0.7 Brief history of this British Standard
1 Scope
10 2 Normative references
3 Terms and definitions
16 4 Context of the organization
17 4.1 General
4.2 Issues
20 Figure 1 — Encryption keys
21 Figure 2 — Hierarchy of trust
4.3 Requirements
4.4 Boundaries and applicability
22 5 Leadership
5.1 Leadership and commitment
5.2 Policy statements
32 5.3 Roles and responsibilities of workers
34 5.4 Legal and regulatory environment
35 6 Planning
6.1 Actions to address risks and opportunities
36 6.2 Objectives and achievements
37 7 Support
7.1 Resources
7.2 Competence
7.3 Awareness
38 7.4 Reporting and communication
7.5 Documented information
48 8 Operation
8.1 General
8.2 Creation
8.3 Importing
51 8.4 Business process management, robotic process automation and workflow systems
52 8.5 Document scanning
53 8.6 Data extraction
54 8.7 Metadata capture
55 8.8 Self-modifying files
8.9 Compound documents
56 8.10 ESI in structured databases
62 8.11 Blockchain and distributed ledger technologies
8.12 Version control
65 8.13 Storage systems
71 8.14 ESI transfer
72 Table 1 — Key recommendations
87 8.15 Indexing and other metadata
88 8.16 Authenticated output procedures
90 8.17 Identity
107 8.18 ESI retention, redaction and disposal
110 8.19 Information security procedures
114 8.20 System maintenance
8.21 External service provision
121 8.22 Information management system testing
9 Performance evaluation
9.1 Monitoring, measurement, analysis and evaluation
9.2 Internal audit
123 9.3 Management review
125 10 Improvement
10.1 Nonconformity and corrective actions
126 10.2 Continual improvement
128 Annex A (normative)  Unstructured message considerations
134 Annex B (informative)  Application of controls
136 Table B.1 — Applicability matrix
139 Annex C (informative)  Example information storage policy statement
141 Annex D (informative)  Legal context
147 Annex E (normative)  Preparation of paper documents
163 Bibliography

Related products

BS 10008-2:2020
$215.11