Risk assessment for records processes and systems
ISO/TR 18128 Risk assessment for records processes and systems was published in 2014 to provide a systematic and comprehensive method for assessing the risks related to records processes and systems. It includes an identification of areas of uncertainty and guidelines to apply ISO 31000 Risk management to the managing of records over time.
WG 19 was formed in 2019 to update the technical report and ensure it is in alignment with the recent revision of ISO 31000:2018 Risk Management – Guidelines. Work is underway to confirm the scope, ensure terminology is consistent with ISO 30300:2020 Records management: core concepts and vocabulary, use plain language and simplify/update the methodologies and techniques related to the three key components of the risk assessment process: identification, analysis, and evaluation of risks to records processes, systems, and controls.