1. Home
  2. Moldova standards
  3. STM
  4. St ISO IEC 27050-2-2018

ISO IEC 27050-2-2018 PDF

St ISO IEC 27050-2-2018

Name in English:
St ISO IEC 27050-2-2018

Name in Russian:
Ст ISO IEC 27050-2-2018

Description in English:

Original standard ISO IEC 27050-2-2018 in PDF full version. Additional info + preview on request

Description in Russian:
Оригинальный стандарт ISO IEC 27050-2-2018 в PDF полная версия. Дополнительная инфо + превью по запросу
Document status:
Active
Format:
Electronic (PDF)
Delivery time (for English version):
1 business day
Delivery time (for Russian version):
365 business days
SKU:
stiso26012
Choose Document Language:
€25

Full title and description

Information technology — Electronic discovery — Part 2: Guidance for governance and management of electronic discovery. Provides guidance for senior management, compliance and technical staff on establishing governance, policy and controls for electronic discovery (eDiscovery) processes within an organisation.

Abstract

Part 2 of ISO/IEC 27050 gives high-level guidance for technical and non-technical personnel at senior management levels on identifying and taking ownership of risks related to electronic discovery, setting eDiscovery policy, achieving compliance with legal and regulatory requirements, and implementing and controlling eDiscovery processes in line with those policies.

General information

  • Status: Published.
  • Publication date: September 2018 (Edition 1, 2018).
  • Publisher: ISO/IEC (International Organization for Standardization / International Electrotechnical Commission).
  • ICS / categories: 35.030 (IT security / information security).
  • Edition / version: 1 (2018).
  • Number of pages: 9 (official ISO record).

Scope

Guidance for governance and management of electronic discovery across an organisation — including identifying eDiscovery-related risks, establishing roles and responsibilities, creating policy and process controls, and aligning eDiscovery activities with legal, regulatory and internal compliance obligations. The document is aimed at informing process control and the implementation and control of eDiscovery in accordance with defined policies.

Key topics and requirements

  • Governance framework for eDiscovery: ownership, accountability and reporting lines.
  • Risk identification and treatment related to preservation, collection and production of electronically stored information.
  • Development and approval of eDiscovery policy aligned with legal, regulatory and business requirements.
  • Roles and responsibilities for legal, compliance, records management and IT teams.
  • Process controls and procedures for legal hold, preservation, collection, review and production.
  • Integration with information security management and data protection obligations.
  • Recommendations for documenting, monitoring and reviewing eDiscovery practices.

Typical use and users

Used by senior management, legal counsel, compliance officers, records and information managers, IT managers and eDiscovery practitioners to design, approve and oversee organisational eDiscovery policy and controls; used as a management-level companion to technical eDiscovery procedures and to align eDiscovery activities with broader information security and compliance programmes.

Related standards

Part of the ISO/IEC 27050 series on electronic discovery; related to other information security and privacy standards such as ISO/IEC 27001 (information security management), and to other parts of the 27050 series that address concepts, processes and technical considerations for eDiscovery. National/adopted versions (for example BS ISO/IEC 27050-2) may also be available.

Keywords

electronic discovery, eDiscovery, governance, legal hold, preservation, records management, compliance, information security, policy, ISO/IEC 27050.

FAQ

Q: What is this standard?

A: ISO/IEC 27050-2:2018 is the management-level guidance standard for governance and management of electronic discovery (eDiscovery) within organisations.

Q: What does it cover?

A: It covers high-level guidance on identifying eDiscovery risks, assigning ownership and responsibilities, creating and implementing eDiscovery policy and process controls, and ensuring compliance with legal and regulatory requirements. It is not a technical how-to for specific toolsets but rather a governance and management guide.

Q: Who typically uses it?

A: Senior managers, legal and compliance teams, IT and records managers, and eDiscovery practitioners use it to develop and oversee organisational eDiscovery policies and to align eDiscovery with information security and compliance programmes.

Q: Is it current or superseded?

A: The document was published in 2018 (Edition 1) and is listed as a published ISO/IEC standard; ISO standards are typically reviewed on a five-year cycle. Users should check the ISO catalogue or their national standards body for any confirmation, amendments or revisions since 2018.

Q: Is it part of a series?

A: Yes — it is Part 2 of the ISO/IEC 27050 series on electronic discovery; other parts of the series address concepts, processes and technical aspects of eDiscovery.

Q: What are the key keywords?

A: eDiscovery, electronic discovery, governance, legal hold, preservation, records management, compliance, information security, policy.