Electronic imaging - Recommendations for the management of electronic recording systems for the recording of documents that may be required as evidence on WORM optical disk
Some standard content:
ICS37.080
National Standardization Guidance Technical Document of the People's Republic of China GB/Z20649—2006/ISO/TR12654:1997 Electronic imaging
Recommendations for the management ofelectronic recording systems for the recording of documents that may berequiredasevidence,onWoRMopticaldisk(ISO/TR12654:1997,IDT)
Published on December 5, 2006www.bzxz.net
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China Administration of Standardization of the People's Republic of China
Digital Anti-Counterfeiting
GB/Z20649—2006/IS0/TR12654:1997 This guidance technical document is equivalent to ISO/TR12654:1997 "Recommended management methods for electronic recording systems for recording evidence documents on WORM optical disks" (English version). This guidance technical document is for reference only. Suggestions and opinions on this guidance technical document should be reported to the standardization administrative department of the State Council.
This guidance technical document is proposed and managed by the National Technical Committee for Standardization of Document Imaging Technology (SAC/TC86). This guidance technical document is drafted by the Seventh Branch of the National Technical Committee for Standardization of Document Imaging Technology. The main drafters of this guidance document are Qian Yi and Liu Peiping. This guidance document is published for the first time.
GB/Z20649--2006/ISO/TR12654:1997 Introduction
Although this guidance document is only for WORM optical disc systems, it does not mean that other recording systems cannot be legally accepted. As described below, this is for the court to decide. At present, many organizations use optical storage media to store documents generated or received in the normal course of business. Optical storage systems can provide compact storage, and as long as there is an index, effective case detection can be achieved. In order to obtain legal permission, the documents can only be destroyed after the organization confirms that the paper documents have been recorded. In this case, electronic images can replace a large number of paper documents. In the normal course of business, some documents occasionally have to be produced as evidence. At this time, the legal recognition of the electronic image of the document becomes important. Unlike the readable information recorded directly on paper, the information recorded on optical storage media requires the help of electronic devices such as computer terminals to be interpreted by readers. To prove the integrity of an electronic image of a document, it is necessary to show that the image was created as part of normal business, that appropriate security measures were taken, and that the corresponding hard copy version was destroyed. This guidance document has been prepared to help organizations that already use or plan to use optical storage media to store documents to ensure that they adopt and follow appropriately designed and approved procedures so that when documents are needed as evidence, they can prove that their electronic images were generated as part of normal business and are complete. The recommendations made in this guidance document are very general. Regarding my country's requirements for legal recognition, it is recommended to consult legal experts. 1
1Scope
GB/Z20649—2006/IS0/TR12654:1997 Electronic imaging
Recording evidence documents on WORM optical discs
Recommended management methods for electronic record systems
This guidance document sets out recommendations that should be followed when developing procedures for capturing and storing electronic images of documents. These recommendations will ensure the preservation and integrity of the information recorded on the documents. This technical guidance document applies to optical storage systems that use write-once-read-many (WORM) media (CD-ROM) to store electronic images of documents. It does not apply to systems where images can be erased or changed after they are captured. 2 Normative referenced documents
The clauses in the following documents become clauses of this technical guidance document through reference in this technical guidance document. For any referenced document with a date, all subsequent amendments (excluding errata) and revisions are not applicable to this technical guidance document. However, parties to an agreement based on this technical guidance document are encouraged to study whether the latest versions of these texts can be used. For any referenced document without a date, the latest version applies to this technical guidance document. GB/T17704.11999 Information technology 130 mm write-once optical disc cartridges for information exchange Part 1: Unrecorded optical disc cartridges (idtISO/IEC9171-1:1990) GB/T17704.2-1999 Information technology 130 mm write-once optical disc cartridges for information exchange Part 2: Recording format (idtISO/IEC9171-2:1990)
ISO/IEC10885:1993, Information technology 356 mm optical disc cartridges for information exchange Write-once format ISO/IEC13403:1995, Information technology Interchange of write-once read-many (WORM) 300 mm optical disc cartridges using the CCS method
ISO/IE ISO/IEC 13490-1:1995, Information technology—Capacity and file structure of read-only and write-once compact disk media for information—Part 1: General
ISO/IEC 13490-2:1995, Information technology—Capacity and file structure of read-only and write-once compact disk media for information—Part 2: Capacity and file structure
ISO/IEC 13614:1995, Information technology—Interchange of write-once-read-many (WORM) 300 mm optical disk cartridges using the SSF method
3 Establishing procedures
3.1 Principles
If an electronic image is produced as a substitute for an original document, the organization has the responsibility to ensure that the image accurately and reliably replaces the original. Therefore, organizations that plan to destroy original documents after their images have been captured should establish procedures that include safeguards against forgery and error and designate a person responsible for ensuring that these procedures are followed. It is possible for documents or parts of documents to be modified electronically before optical storage. The content of electronic images stored on WORM discs cannot be changed, but an image can be deleted from the file directory and replaced by a new one. Appropriate procedures and safeguards should be established to control the processing process to ensure that the modification or replacement of images can be detected, as well as the revised status of the file directory.
It is necessary to provide a detailed index. Document images on WORM discs will not be well retrieved if they are not properly indexed. 1
GB/Z20649—2006/IS0/TR12654:1997 See 4.2.
3.2 Procedures
The relevant organization should approve relevant policies for the capture, storage and management of information on optical storage media and issue written procedures for the implementation of the policy. These procedures, certificates and related documents should be stored securely. Written procedures should include information on the following aspects: a) Type of data to be stored; b) Procedures for access and access levels; scanning procedures; indexing procedures; quality control procedures; retrieval and printing procedures; certification procedures; original destruction and record destruction procedures; storage and preservation procedures; procedures for making a backup copy of a CD or index information; procedures for ensuring the correct operation of the system; upgrading, software updating, repairing or replacing system components or equipment systems, including backup systems; 1) Procedures for training staff who operate the system to an approved level of operation; m) Procedures for internal or external audits; 0) Authorization, publication, revision and operation procedures. Relevant organizational policies should be reviewed regularly to take into account any changes in legislation, technology or other relevant matters. Details of the review and any changes made should be recorded. All procedures should be reviewed regularly and any revisions recorded so that their legal validity can be established when necessary. Changes to policies or procedures should be communicated to relevant personnel by revising the documents and revoking obsolete documents. It is recommended that versions of policies, procedures and reviews be retained as long as images are recorded as long as they are relevant to their processing or use. 3.3 Certification
3.3.1 Overview
The recommended procedures in 3.2 should include 3.3.All or part of the certificates given in 2 to 3.3.5. These certificates may be completed at appropriate stages as required by the organization. Certificates shall be kept for the same period as the documents they certify, whether they are in their original form in hard copy or on WORM discs. 3.3.2 Certificate of Authorization
Before capturing images of documents, a certificate of authorization for the conversion shall be completed. 3.3.3 Operator's Certificate
After capturing images of a batch of documents, the operator shall complete a certificate containing the operator's identity, scanning date and index details.
This certificate need not be completed if the system automatically records the necessary information for internal audits. 3.3.4 Certificate of Acceptance
After the captured images have been verified, an acceptance certificate shall be completed stating that the images are authentic and fully reproduce the documents captured. If the certificate applies to a batch of documents, the number of images and the number of days of the documents shall be stated. When retrieving the image, a certificate of acceptance should also be completed stating that the paper copy is a true copy of the electronic image stored on the WORM disc, see 4.3.3.3.5 Certificate of Destruction
After confirming the authenticity of the captured image, a certificate of permission to destroy the original should be submitted, see 4.9.3.4 Service Company
The same principles that apply to the record owner apply to the service company. If an organization uses a service company to record documents on optical storage media, the organization should find out whether the service company can ensure the security of the documents and is competent to provide certification, indexing and input. The person responsible for selecting the service company should check the service company's procedures and confirm in writing that these procedures are satisfactory. The service company's procedures should be reviewed from time to time and their implementation should be checked regularly. In these cases, the information input by the service company is equivalent to information input performed by the organization.
4 General Recommendations
4.1 Preparation of Documents
Organizations should ensure that the hard copy documents produced in-house are of good quality to enable clear scanned images to be obtained. Documents that are damaged or wrinkled should be repaired before scanning, but should not be altered or retouched to improve clarity as this would affect integrity. 4.2 Reference and Retrieval
Stored information should be organized, labeled and indexed in accordance with the retrieval system for a particular file or series of files. Indexing information is usually recorded on rewritable media (usually magnetic), sometimes as a separate index associated only with the image information, or in more complex systems as part of a database of information. In either case, sufficient indexing information should be stored on WORM discs to relate to the information stored on the disc, which is also necessary to store the indexing information for reference by a master database or other indexing system.
Information identifying the disc and the location of the file on the disc, including the reference position of the file on the disc and the disc identifier. It also includes the relationship between the file being searched and the logical address of the data (the system should ensure that the user cannot modify or lose the index, and maintain the relationship between the logical address and the file).
4.3 Image corruption
Procedures should be in place to prevent corruption of images during capture or retrieval, see 4.7. 4.4 Backup
As with any computer system, images stored in optical storage systems can be lost if the disk or device used to store and retrieve the images is damaged. Special care should be taken to protect the index and system software. Therefore, making copies of images should be a routine operation and a backup procedure should be established when the system is introduced. At regular intervals, all recorded images since the last backup should be copied to WORM disk, and more frequent backups or additional copies should be made as necessary. Each time a backup is made, the details of the backup and its contents should be recorded for future reference. It is important that backup copies of index information are also made regularly, whether the information is recorded on disk or WORM disk. Backup copies should be stored in their own containers and kept in a safe location separate from the master disk. Backup copies should be durable, authentic and non-rewritable. 4.5 WORM optical disks
Any size of optical disk can be used as long as it is a WORM disk and complies with this guidance technical document and no reversible physical changes occur during recording. As far as the current standards are concerned, 130mm optical disks comply with the requirements of GB/T17704, 300mm optical disks comply with the requirements of ISO/IEC13403:1995 and IS0/IEC13614:1995, and 356mm optical disks comply with the requirements of IS0/IEC10885:1993. CL complies with the requirements of ISO/IEC13490:1995. 4.6 Maintenance of the disk
Any cleaning and maintenance of WORM optical disks should be carried out according to the manufacturer's instructions. 4.7 Security Measures
4.7.1 Information stored on WORM discs
Once information is recorded on a WORM disc, it cannot be deleted. Although information can be distorted or damaged, such changes can be detected and it is impossible to modify the recorded information. Error correction codes and check bits are used to ensure that any changes will be detected.
Any attempt to modify the information on the disc will either be insignificant or cause damage that will make the file irrecoverable, and the consequences of the action can be detected by physical methods in the medium. Software protection measures should be taken to ensure that when recording information to WORM discs GB/Z20649--2006/IS0/TR12654:1997, no damage to the stored files (data) will occur. 4.7.2 Access to WORM discs
To prevent the information stored on the disc from being leaked, misused or destroyed, access to the disc and the information stored on the disc should be limited to authorized personnel. The level of access allowed may vary for different staff members. 4.7.3 Access to Information
Access should be based on unique identification and authentication, such as the use of a password or magnetic card, to gain access to information stored on optical storage media. The system should include means to check and record the information of personnel who have obtained access rights, and access should be limited to necessary functions, i.e. read-only, read/write or write-only, see 4.7.4. Systems with special requirements, such as those with high security, confidentiality or personnel information, should consider the use of more advanced automated access control methods. These methods may include encryption, electronic sealing, digital time stamps and other high-security technologies. 4.7.4 Audit Trail
Audit trails should record who has used the system, when they were used, what was done when using the system and what the results were. Properly enabled audit trails can automatically detect who has accessed the system, whether personnel have followed procedures and whether fraud or unauthorized behavior has occurred. Audit trails can independently confirm that prescribed procedures have been followed. 4.8 Storage and Inspection
WORM discs should be stored in accordance with relevant national and international standards or the best conditions available at the time. Storage conditions should be designed to take into account local climate and any special hazards, such as fire risk, extreme temperatures, flooding, chemicals, etc. As storage media deteriorate over time, they should be inspected regularly to ensure that the images are retrievable. The recorded information should be copied to new discs before the end of the life recommended by the original disc manufacturer or as recommended by the system software.
If a document imaging system is to be replaced by a new system, the documents stored on the old system should be transferred to the new system and the old system should be retired after inspection and verification. 4.9 Documents of Archival Value
The documents themselves should be destroyed only after administrative and legal approval of their electronic images and appropriate destruction authorization has been obtained. Specific authorization should be obtained before materials of long-term historical or archival value are destroyed. Other systems, such as microfilm, may be considered for permanent preservation of images.
5 Legal status
The purpose of the recommendations is to develop procedures to facilitate the admission of electronic images of documents as evidence. However, if the authenticity of a document is in doubt, the authenticity of its electronic image will also be in doubt. There is no guarantee that any image produced in accordance with these recommendations will automatically be admitted. Any organization that decides to store documents on optical disks should seek legal advice. Copyright reserved.
Book number: 155066·1-29139
Price:
GB/Z20649-20065 All or part of the certificates given, which may be completed at appropriate stages as required by the organization. Certificates should be kept for the same period as the documents they certify, whether they are in their original form in hard copy or on WORM discs. 3.3.2 Certificate of Authorization
Before capturing images of documents, a certificate of authorization for conversion should be completed. 3.3.3 Operator's Certificate
After capturing images of a batch of documents, the operator should complete a certificate containing the operator's identity, scanning date and index details.
This certificate need not be completed if the system automatically records the necessary information for internal audits. 3.3.4 Certificate of Acceptance
After the captured images have been verified, an acceptance certificate should be completed stating that the images are authentic and fully reproduce the documents captured. If the certificate applies to a batch of documents, the number of images and the number of days of the documents should be stated. When retrieving the image, a certificate of acceptance should also be completed stating that the paper copy is a true copy of the electronic image stored on the WORM disc, see 4.3.3.3.5 Certificate of Destruction
After confirming the authenticity of the captured image, a certificate of permission to destroy the original should be submitted, see 4.9.3.4 Service Company
The same principles that apply to the record owner apply to the service company. If an organization uses a service company to record documents on optical storage media, the organization should find out whether the service company can ensure the security of the documents and is competent to provide certification, indexing and input. The person responsible for selecting the service company should check the service company's procedures and confirm in writing that these procedures are satisfactory. The service company's procedures should be reviewed from time to time and their implementation should be checked regularly. In these cases, the information input by the service company is equivalent to information input performed by the organization.
4 General Recommendations
4.1 Preparation of Documents
Organizations should ensure that the hard copy documents produced in-house are of good quality to enable clear scanned images to be obtained. Documents that are damaged or wrinkled should be repaired before scanning, but should not be altered or retouched to improve clarity as this would affect integrity. 4.2 Reference and Retrieval
Stored information should be organized, labeled and indexed in accordance with the retrieval system for a particular file or series of files. Indexing information is usually recorded on rewritable media (usually magnetic), sometimes as a separate index associated only with the image information, or in more complex systems as part of a database of information. In either case, sufficient indexing information should be stored on WORM discs to relate to the information stored on the disc, which is also necessary to store the indexing information for reference by a master database or other indexing system.
Information identifying the disc and the location of the file on the disc, including the reference position of the file on the disc and the disc identifier. It also includes the relationship between the file being searched and the logical address of the data (the system should ensure that the user cannot modify or lose the index, and maintain the relationship between the logical address and the file).
4.3 Image corruption
Procedures should be in place to prevent corruption of images during capture or retrieval, see 4.7. 4.4 Backup
As with any computer system, images stored in optical storage systems can be lost if the disk or device used to store and retrieve the images is damaged. Special care should be taken to protect the index and system software. Therefore, making copies of images should be a routine operation and a backup procedure should be established when the system is introduced. At regular intervals, all recorded images since the last backup should be copied to WORM disk, and more frequent backups or additional copies should be made as necessary. Each time a backup is made, the details of the backup and its contents should be recorded for future reference. It is important that backup copies of index information are also made regularly, whether the information is recorded on disk or WORM disk. Backup copies should be stored in their own containers and kept in a safe location separate from the master disk. Backup copies should be durable, authentic and non-rewritable. 4.5 WORM optical disks
Any size of optical disk can be used as long as it is a WORM disk and complies with this guidance technical document and no reversible physical changes occur during recording. As far as the current standards are concerned, 130mm optical disks comply with the requirements of GB/T17704, 300mm optical disks comply with the requirements of ISO/IEC13403:1995 and IS0/IEC13614:1995, and 356mm optical disks comply with the requirements of IS0/IEC10885:1993. CL complies with the requirements of ISO/IEC13490:1995. 4.6 Maintenance of the disk
Any cleaning and maintenance of WORM optical disks should be carried out according to the manufacturer's instructions. 4.7 Security Measures
4.7.1 Information stored on WORM discs
Once information is recorded on a WORM disc, it cannot be deleted. Although information can be distorted or damaged, such changes can be detected and it is impossible to modify the recorded information. Error correction codes and check bits are used to ensure that any changes will be detected.
Any attempt to modify the information on the disc will either be insignificant or cause damage that will make the file irrecoverable, and the consequences of the action can be detected by physical methods in the medium. Software protection measures should be taken to ensure that when recording information to WORM discs GB/Z20649--2006/IS0/TR12654:1997, no damage to the stored files (data) will occur. 4.7.2 Access to WORM discs
To prevent the information stored on the disc from being leaked, misused or destroyed, access to the disc and the information stored on the disc should be limited to authorized personnel. The level of access allowed may vary for different staff members. 4.7.3 Access to Information
Access should be based on unique identification and authentication, such as the use of a password or magnetic card, to gain access to information stored on optical storage media. The system should include means to check and record the information of personnel who have obtained access rights, and access should be limited to necessary functions, i.e. read-only, read/write or write-only, see 4.7.4. Systems with special requirements, such as those with high security, confidentiality or personnel information, should consider the use of more advanced automated access control methods. These methods may include encryption, electronic sealing, digital time stamps and other high-security technologies. 4.7.4 Audit Trail
Audit trails should record who has used the system, when they were used, what was done when using the system and what the results were. Properly enabled audit trails can automatically detect who has accessed the system, whether personnel have followed procedures and whether fraud or unauthorized behavior has occurred. Audit trails can independently confirm that prescribed procedures have been followed. 4.8 Storage and Inspection
WORM discs should be stored in accordance with relevant national and international standards or the best conditions available at the time. Storage conditions should be designed to take into account local climate and any special hazards, such as fire risk, extreme temperatures, flooding, chemicals, etc. As storage media deteriorate over time, they should be inspected regularly to ensure that the images are retrievable. The recorded information should be copied to new discs before the end of the life recommended by the original disc manufacturer or as recommended by the system software.
If a document imaging system is to be replaced by a new system, the documents stored on the old system should be transferred to the new system and the old system should be retired after inspection and verification. 4.9 Documents of Archival Value
The documents themselves should be destroyed only after administrative and legal approval of their electronic images and appropriate destruction authorization has been obtained. Specific authorization should be obtained before materials of long-term historical or archival value are destroyed. Other systems, such as microfilm, may be considered for permanent preservation of images.
5 Legal status
The purpose of the recommendations is to develop procedures to facilitate the admission of electronic images of documents as evidence. However, if the authenticity of a document is in doubt, the authenticity of its electronic image will also be in doubt. There is no guarantee that any image produced in accordance with these recommendations will automatically be admitted. Any organization that decides to store documents on optical disks should seek legal advice. Copyright reserved.
Book number: 155066·1-29139
Price:
GB/Z20649-20065 All or part of the certificates given, which may be completed at appropriate stages as required by the organization. Certificates should be kept for the same period as the documents they certify, whether they are in their original form in hard copy or on WORM discs. 3.3.2 Certificate of Authorization
Before capturing images of documents, a certificate of authorization for conversion should be completed. 3.3.3 Operator's Certificate
After capturing images of a batch of documents, the operator should complete a certificate containing the operator's identity, scanning date and index details.
This certificate need not be completed if the system automatically records the necessary information for internal audits. 3.3.4 Certificate of Acceptance
After the captured images have been verified, an acceptance certificate should be completed stating that the images are authentic and fully reproduce the documents captured. If the certificate applies to a batch of documents, the number of images and the number of days of the documents should be stated. When retrieving the image, a certificate of acceptance should also be completed stating that the paper copy is a true copy of the electronic image stored on the WORM disc, see 4.3.3.3.5 Certificate of Destruction
After confirming the authenticity of the captured image, a certificate of permission to destroy the original should be submitted, see 4.9.3.4 Service Company
The same principles that apply to the record owner apply to the service company. If an organization uses a service company to record documents on optical storage media, the organization should find out whether the service company can ensure the security of the documents and is competent to provide certification, indexing and input. The person responsible for selecting the service company should check the service company's procedures and confirm in writing that these procedures are satisfactory. The service company's procedures should be reviewed from time to time and their implementation should be checked regularly. In these cases, the information input by the service company is equivalent to information input performed by the organization.
4 General Recommendations
4.1 Preparation of Documents
Organizations should ensure that the hard copy documents produced in-house are of good quality to enable clear scanned images to be obtained. Documents that are damaged or wrinkled should be repaired before scanning, but should not be altered or retouched to improve clarity as this would affect integrity. 4.2 Reference and Retrieval
Stored information should be organized, labeled and indexed in accordance with the retrieval system for a particular file or series of files. Indexing information is usually recorded on rewritable media (usually magnetic), sometimes as a separate index associated only with the image information, or in more complex systems as part of a database of information. In either case, sufficient indexing information should be stored on WORM discs to relate to the information stored on the disc, which is also necessary to store the indexing information for reference by a master database or other indexing system.
Information identifying the disc and the location of the file on the disc, including the reference position of the file on the disc and the disc identifier. It also includes the relationship between the file being searched and the logical address of the data (the system should ensure that the user cannot modify or lose the index, and maintain the relationship between the logical address and the file).
4.3 Image corruption
Procedures should be in place to prevent corruption of images during capture or retrieval, see 4.7. 4.4 Backup
As with any computer system, images stored in optical storage systems can be lost if the disk or device used to store and retrieve the images is damaged. Special care should be taken to protect the index and system software. Therefore, making copies of images should be a routine operation and a backup procedure should be established when the system is introduced. At regular intervals, all recorded images since the last backup should be copied to WORM disk, and more frequent backups or additional copies should be made as necessary. Each time a backup is made, the details of the backup and its contents should be recorded for future reference. It is important that backup copies of index information are also made regularly, whether the information is recorded on disk or WORM disk. Backup copies should be stored in their own containers and kept in a safe location separate from the master disk. Backup copies should be durable, authentic and non-rewritable. 4.5 WORM optical disks
Any size of optical disk can be used as long as it is a WORM disk and complies with this guidance technical document and no reversible physical changes occur during recording. As far as the current standards are concerned, 130mm optical disks comply with the requirements of GB/T17704, 300mm optical disks comply with the requirements of ISO/IEC13403:1995 and IS0/IEC13614:1995, and 356mm optical disks comply with the requirements of IS0/IEC10885:1993. CL complies with the requirements of ISO/IEC13490:1995. 4.6 Maintenance of the disk
Any cleaning and maintenance of WORM optical disks should be carried out according to the manufacturer's instructions. 4.7 Security Measures
4.7.1 Information stored on WORM discs
Once information is recorded on a WORM disc, it cannot be deleted. Although information can be distorted or damaged, such changes can be detected and it is impossible to modify the recorded information. Error correction codes and check bits are used to ensure that any changes will be detected.
Any attempt to modify the information on the disc will either be insignificant or cause damage that will make the file irrecoverable, and the consequences of the action can be detected by physical methods in the medium. Software protection measures should be taken to ensure that when recording information to WORM discs GB/Z20649--2006/IS0/TR12654:1997, no damage to the stored files (data) will occur. 4.7.2 Access to WORM discs
To prevent the information stored on the disc from being leaked, misused or destroyed, access to the disc and the information stored on the disc should be limited to authorized personnel. The level of access allowed may vary for different staff members. 4.7.3 Access to Information
Access should be based on unique identification and authentication, such as the use of a password or magnetic card, to gain access to information stored on optical storage media. The system should include means to check and record the information of personnel who have obtained access rights, and access should be limited to necessary functions, i.e. read-only, read/write or write-only, see 4.7.4. Systems with special requirements, such as those with high security, confidentiality or personnel information, should consider the use of more advanced automated access control methods. These methods may include encryption, electronic sealing, digital time stamps and other high-security technologies. 4.7.4 Audit Trail
Audit trails should record who has used the system, when they were used, what was done when using the system and what the results were. Properly enabled audit trails can automatically detect who has accessed the system, whether personnel have followed procedures and whether fraud or unauthorized behavior has occurred. Audit trails can independently confirm that prescribed procedures have been followed. 4.8 Storage and Inspection
WORM discs should be stored in accordance with relevant national and international standards or the best conditions available at the time. Storage conditions should be designed to take into account local climate and any special hazards, such as fire risk, extreme temperatures, flooding, chemicals, etc. As storage media deteriorate over time, they should be inspected regularly to ensure that the images are retrievable. The recorded information should be copied to new discs before the end of the life recommended by the original disc manufacturer or as recommended by the system software.
If a document imaging system is to be replaced by a new system, the documents stored on the old system should be transferred to the new system and the old system should be retired after inspection and verification. 4.9 Documents of Archival Value
The documents themselves should be destroyed only after administrative and legal approval of their electronic images and appropriate destruction authorization has been obtained. Specific authorization should be obtained before materials of long-term historical or archival value are destroyed. Other systems, such as microfilm, may be considered for permanent preservation of images.
5 Legal status
The purpose of the recommendations is to develop procedures to facilitate the admission of electronic images of documents as evidence. However, if the authenticity of a document is in doubt, the authenticity of its electronic image will also be in doubt. There is no guarantee that any image produced in accordance with these recommendations will automatically be admitted. Any organization that decides to store documents on optical disks should seek legal advice. Copyright reserved.
Book number: 155066·1-29139
Price:
GB/Z20649-20063Operator's Certificate
After capturing images of a batch of documents, the operator shall complete a certificate containing the operator's identity, scanning date and index details.
This certificate need not be completed if the system automatically records the necessary information for internal review. 3.3.4Acceptance Certificate
After the captured images have been verified, an acceptance certificate shall be completed stating that the images are authentic and exact representations of the documents captured. If the certificate applies to a batch of documents, the image number and document number shall be stated. When retrieving images, an acceptance certificate shall also be completed stating that the paper copy is a true copy of the electronic image stored on the WORM disc, see 4.3. 3.3.5 Certificate of Destruction
After confirming the authenticity of the captured images, a certificate of destruction giving permission to destroy the originals shall be submitted, see 4.9. 3.4Service Company
The same principles that apply to the document owner apply to the service company. If an organization employs a service company to record documents on optical storage media, the organization should find out whether the service company can ensure the security of the documents and is competent to provide certification, indexing and input. The person responsible for selecting the service company should check the service company's procedures and confirm in writing that these procedures are satisfactory. The service company's procedures should be reviewed from time to time and its implementation should be checked regularly. In these cases, the information input by the service company is equivalent to the information input performed by the organization.
4 General recommendations
4.1 Preparation of documents
Organizations should ensure that the hard copy documents produced in-house are of good quality so that clear scanned images can be obtained. If the documents are damaged or wrinkled, they should be repaired before scanning, but alterations or retouching methods should not be used to improve clarity because this will affect integrity. 4.2 Reference and Retrieval
Stored information should be organized, labeled and indexed in accordance with the retrieval system for a particular file or series of files. Indexing information is usually recorded on rewritable media (usually magnetic), sometimes as a separate index related only to the image information, or in more complex systems as part of a database of information. In either case, sufficient indexing information should be stored on the WORM disc that is relevant to the information stored on the disc, which is also necessary to store the indexing information for reference by a master database or other indexing system.
Information identifying the disc and the location of the file on the disc, including the reference position of the file on the disc and the disc identifier. It also includes the relationship between the file being searched and the logical address of the data (the system should ensure that the user cannot modify or lose the index and maintain the relationship between the logical address and the file).
4.3 Image corruption
Procedures should be in place to protect images from corruption during capture or retrieval, see 4.7.4.4 Backup
As with any computer system, images stored in optical storage systems can be lost if the disk or device used to store and retrieve the images is damaged. Special care should be taken to protect the index and system software. Therefore, making copies of images should be a routine operation and a backup procedure should be established when the system is introduced. At regular intervals, all recorded images since the last backup should be copied to WORM disk, and more frequently or additional copies should be made as necessary. Each time a backup is made, the details of the backup and its contents should be recorded for future reference. It is important that backup copies of index information are also made regularly, whether the information is recorded on disk or WORM disk. Backup copies should be stored in their own container and kept in a secure location separate from the master disk. Backup copies should be durable, reliable and non-rewritable. 4.5 WORM optical discs
Any size of optical disc can be used as long as it is a WORM disc and complies with this technical guidance document and no reversible physical changes occur during recording. As far as the current standards are concerned, 130mm optical discs comply with the requirements of GB/T17704, 300mm optical discs comply with the requirements of ISO/IEC13403:1995 and ISO/IEC13614:1995, and 356mm optical discs comply with the requirements of ISO/IEC10885:1993. CL complies with the requirements of ISO/IEC13490:1995. 4.6 Maintenance of discs
Any cleaning and maintenance of WORM optical discs should be carried out in accordance with the manufacturer's instructions. 4.7 Safety measures
4.7.1 Information stored on WORM optical discs
Once information is recorded on a WORM optical disc, it cannot be deleted. Although information can be distorted or damaged, such changes can be detected and it is impossible to make any changes to the recorded information. Error correction codes and check bits are used to ensure that any changes are detected.
Any attempt to modify the information on the disk is either insignificant or causes damage that makes the file irrecoverable, and the consequences of the action can be detected physically in the medium. Software protection measures should be taken to ensure that when recording information to WORM optical disks GB/Z20649--2006/IS0/TR12654:1997, no damage to the stored files (data) occurs. 4.7.2 Access to WORM optical disks
To prevent the information stored on the optical disk from being leaked, misused or destroyed, access to the disk and the information stored on the disk should be limited to authorized personnel. The level of access allowed can vary for different personnel. 4.7.3 Access to information
Access should be based on unique identification and authentication, such as the use of passwords or magnetic cards to gain access to information stored on optical storage media. The system should include means to check and record the information of persons who have been granted access rights, and access should be limited to essential functions, i.e. read-only, read/write or write-only, see 4.7.4. Systems with special requirements, such as those with high security, confidentiality or personnel information, should consider the use of more advanced automated access control methods. These methods may include encryption, electronic sealing, digital time stamping and other high security technologies. 4.7.4 Audit trails
Audit trails should record who has used the system, when they were used, what was done when using the system and what the results were. Properly enabled audit trails can automatically detect who has accessed the system, whether personnel have followed procedures and whether fraudulent or unauthorized behavior has occurred. Audit trails can independently confirm that prescribed procedures have been followed. 4.8 Storage and inspection
WORM optical disks should be stored in accordance with relevant national and international standards or the best conditions available at the time. Storage conditions should be designed to take into account local climate and various special hazards, such as fire hazards, extreme temperatures, flooding, chemicals, etc. As storage media will gradually age, they should be checked regularly to ensure that images can be retrieved. The recorded information should be copied to a new disc before the original disc manufacturer's recommended lifespan has expired, or as recommended by the system software.
If a new system is to be replaced by a new document imaging system, the documents stored on the old system should be transferred to the new system and the old system should be decommissioned after inspection and verification. 4.9 Documents of Archival Value
The document itself should be destroyed only after administrative and legal approval of the electronic image of the document and appropriate authorization for destruction has been obtained. Specific authorization should be obtained before documents of long-term historical or archival value are destroyed. For the permanent preservation of images, other systems, such as microfilm, may be considered.
5 Legal Status
The purpose of the recommendations is to establish procedures to facilitate the admissibility of electronic images of documents as evidence. However, if the authenticity of the document is in doubt, the authenticity of its electronic image will also be in doubt. There is no guarantee that any image produced in accordance with these recommendations will be automatically admissible. Any organization that decides to store documents on optical discs should seek legal advice. Copyright exclusive. Infringement will be investigated.
Book number: 155066·1-29139
Price:
GB/Z20649-20063Operator's Certificate
After capturing images of a batch of documents, the operator shall complete a certificate containing the operator's identity, scanning date and index details.
This certificate need not be completed if the system automatically records the necessary information for internal review. 3.3.4Acceptance Certificate
After the captured images have been verified, an acceptance certificate shall be completed stating that the images are authentic and exact representations of the documents captured. If the certificate applies to a batch of documents, the image number and document number shall be stated. When retrieving images, an acceptance certificate shall also be completed stating that the paper copy is a true copy of the electronic image stored on the WORM disc, see 4.3. 3.3.5 Certificate of Destruction
After confirming the authenticity of the captured images, a certificate of destruction giving permission to destroy the originals shall be submitted, see 4.9. 3.4Service Company
The same principles that apply to the document owner apply to the service company. If an organization employs a service company to record documents on optical storage media, the organization should find out whether the service company can ensure the security of the documents and is competent to provide certification, indexing and input. The person responsible for selecting the service company should check the service company's procedures and confirm in writing that these procedures are satisfactory. The service company's procedures should be reviewed from time to time and its implementation should be checked regularly. In these cases, the information input by the service company is equivalent to the information input performed by the organization.
4 General recommendations
4.1 Preparation of documents
Organizations should ensure that the hard copy documents produced in-house are of good quality so that clear scanned images can be obtained. If the documents are damaged or wrinkled, they should be repaired before scanning, but alterations or retouching methods should not be used to improve clarity because this will affect integrity. 4.2 Reference and Retrieval
Stored information should be organized, labeled and indexed in accordance with the retrieval system for a particular file or series of files. Indexing information is usually recorded on rewritable media (usually magnetic), sometimes as a separate index related only to the image information, or in more complex systems as part of a database of information. In either case, sufficient indexing information should be stored on the WORM disc that is relevant to the information stored on the disc, which is also necessary to store the indexing information for reference by a master database or other indexing system.
Information identifying the disc and the location of the file on the disc, including the reference position of the file on the disc and the disc identifier. It also includes the relationship between the file being searched and the logical address of the data (the system should ensure that the user cannot modify or lose the index and maintain the relationship between the logical address and the file).
4.3 Image corruption
Procedures should be in place to protect images from corruption during capture or retrieval, see 4.7.4.4 Backup
As with any computer system, images stored in optical storage systems can be lost if the disk or device used to store and retrieve the images is damaged. Special care should be taken to protect the index and system software. Therefore, making copies of images should be a routine operation and a backup procedure should be established when the system is introduced. At regular intervals, all recorded images since the last backup should be copied to WORM disk, and more frequently or additional copies should be made as necessary. Each time a backup is made, the details of the backup and its contents should be recorded for future reference. It is important that backup copies of index information are also made regularly, whether the information is recorded on disk or WORM disk. Backup copies should be stored in their own container and kept in a secure location separate from the master disk. Backup copies should be durable, reliable and non-rewritable. 4.5 WORM optical discs
Any size of optical disc can be used as long as it is a WORM disc and complies with this technical guidance document and no reversible physical changes occur during recording. As far as the current standards are concerned, 130mm optical discs comply with the requirements of GB/T17704, 300mm optical discs comply with the requirements of ISO/IEC13403:1995 and ISO/IEC13614:1995, and 356mm optical discs comply with the requirements of ISO/IEC10885:1993. CL complies with the requirements of ISO/IEC13490:1995. 4.6 Maintenance of discs
Any cleaning and maintenance of WORM optical discs should be carried out in accordance with the manufacturer's instructions. 4.7 Safety measures
4.7.1 Information stored on WORM optical discs
Once information is recorded on a WORM optical disc, it cannot be deleted. Although information can be distorted or damaged, such changes can be detected and it is impossible to make any changes to the recorded information. Error correction codes and check bits are used to ensure that any changes are detected.
Any attempt to modify the information on the disk is either insignificant or causes damage that makes the file irrecoverable, and the consequences of the action can be detected physically in the medium. Software protection measures should be taken to ensure that when recording information to WORM optical disks GB/Z20649--2006/IS0/TR12654:1997, no damage to the stored files (data) occurs. 4.7.2 Access to WORM optical disks
To prevent the information stored on the optical disk from being leaked, misused or destroyed, access to the disk and the information stored on the disk should be limited to authorized personnel. The level of access allowed can vary for different personnel. 4.7.3 Access to information
Access should be based on unique identification and authentication, such as the use of passwords or magnetic cards to gain access to information stored on optical storage media. The system should include means to check and record the information of persons who have been granted access rights, and access should be limited to essential functions, i.e. read-only, read/write or write-only, see 4.7.4. Systems with special requirements, such as those with high security, confidentiality or personnel information, should consider the use of more advanced automated access control methods. These methods may include encryption, electronic sealing, digital time stamping and other high security technologies. 4.7.4 Audit trails
Audit trails should record who has used the system, when they were used, what was done when using the system and what the results were. Properly enabled audit trails can automatically detect who has accessed the system, whether personnel have followed procedures and whether fraudulent or unauthorized behavior has occurred. Audit trails can independently confirm that prescribed procedures have been followed. 4.8 Storage and inspection
WORM optical disks should be stored in accordance with relevant national and international standards or the best conditions available at the time. Storage conditions should be designed to take into account local climate and various special hazards, such as fire hazards, extreme temperatures, flooding, chemicals, etc. As storage media will gradually age, they should be checked regularly to ensure that images can be retrieved. The recorded information should be copied to a new disc before the original disc manufacturer's recommended lifespan has expired, or as recommended by the system software.
If a new system is to be replaced by a new document imaging system, the documents stored on the old system should be transferred to the new system and the old system should be decommissioned after inspection and verification. 4.9 Documents of Archival Value
The document itself should be destroyed only after administrative and legal approval of the electronic image of the document and appropriate authorization for destruction has been obtained. Specific authorization should be obtained before documents of long-term historical or archival value are destroyed. For the permanent preservation of images, other systems, such as microfilm, may be considered.
5 Legal Status
The purpose of the recommendations is to establish procedures to facilitate the admissibility of electronic images of documents as evidence. However, if the authenticity of the document is in doubt, the authenticity of its electronic image will also be in doubt. There is no guarantee that any image produced in accordance with these recommendations will be automatically admissible. Any organization that decides to store documents on optical discs should seek legal advice. Copyright exclusive. Infringement will be investigated.
Book number: 155066·1-29139
Price:
GB/Z20649-20065 Certificate of Destruction
After the authenticity of the captured image has been confirmed, a certificate of permission to destroy the original should be submitted, see 4.9. 3.4 Service Company
The same principles that apply to the owner of the document apply to the service company. If an organization employs a service company to record documents on optical storage media, the organization should find out whether the service company can ensure the security of the documents and is competent to provide certification, indexing and input. The person responsible for selecting the service company should check the service company's procedures and confirm in writing that these procedures are satisfactory. The service company's procedures should be reviewed from time to time and their implementation should be checked regularly. In these cases, the information input by the service company is equivalent to the information input performed by the unit.
4 General Recommendations
4.1 Preparation of Documents
Organizations should ensure that the hard copy documents produced in-house are of good quality to enable clear scanned images to be obtained. Documents that are damaged or wrinkled should be repaired before scanning, but should not be altered or retouched to improve clarity as this would affect integrity. 4.2 Reference and Retrieval
Stored information should be organized, labeled and indexed in accordance with the retrieval system for a particular file or series of files. Indexing information is usually recorded on rewritable media (usually magnetic), sometimes as a separate index associated only with the image information, or in more complex systems as part of a database of information. In either case, sufficient indexing information should be stored on WORM discs to relate to the information stored on the disc, which is also necessary to store the indexing information for reference by a master database or other indexing system.
Information identifying the disc and the location of the file on the disc, including the reference position of the file on the disc and the disc identifier. It also includes the relationship between the file being searched and the logical address of the data (the system should ensure that the user cannot modify or lose the index, and maintain the relationship between the logical address and the file).
4.3 Image corruption
Procedures should be in place to prevent corruption of images during capture or retrieval, see 4.7. 4.4 Backup
As with any computer system, images stored in optical storage systems can be lost if the disk or device used to store and retrieve the images is damaged. Special care should be taken to protect the index and system software. Therefore, making copies of images should be a routine operation and a backup procedure should be established when the system is introduced. At regular intervals, all recorded images since the last backup should be copied to WORM disk, and more frequent backups or additional copies should be made as necessary. Each time a backup is made, the details of the backup and its contents should be recorded for future reference. It is important that backup copies of index information are also made regularly, whether the information is recorded on disk or WORM disk. Backup copies should be stored in their own containers and kept in a safe location separate from the master disk. Backup copies should be durable, authentic and non-rewritable. 4.5 WORM optical disks
Any size of optical disk can be used as long as it is a WORM disk and complies with this guidance technical document and no reversible physical changes occur during recording. As far as the current standards are concerned, 130mm optical disks comply with the requirements of GB/T17704, 300mm optical disks comply with the requirements of ISO/IEC13403:1995 and IS0/IEC13614:1995, and 356mm optical disks comply with the requirements of IS0/IEC10885:1993. CL complies with the requirements of ISO/IEC13490:1995. 4.6 Maintenance of the disk
Any cleaning and maintenance of WORM optical disks should be carried out according to the manufacturer's instructions. 4.7 Security Measures
4.7.1 Information stored on WORM discs
Once information is recorded on a WORM disc, it cannot be deleted. Although information can be distorted or damaged, such changes can be detected and it is impossible to modify the recorded information. Error correction codes and check bits are used to ensure that any changes will be detected.
Any attempt to modify the information on the disc will either be insignificant or cause damage that will make the file irrecoverable, and the consequences of the action can be detected by physical methods in the medium. Software protection measures should be taken to ensure that when recording information to WORM discs GB/Z20649--2006/IS0/TR12654:1997, no damage to the stored files (data) will occur. 4.7.2 Access to WORM discs
To prevent the information stored on the disc from being leaked, misused or destroyed, access to the disc and the information stored on the disc should be limited to authorized personnel. The level of access allowed may vary for different staff members. 4.7.3 Access to Information
Access should be based on unique identification and authentication, such as the use of a password or magnetic card, to gain access to information stored on optical storage media. The system should include means to check and record the information of personnel who have obtained access rights, and access should be limited to necessary functions, i.e. read-only, read/write or write-only, see 4.7.4. Systems with special requirements, such as those with high security, confidentiality or personnel information, should consider the use of more advanced automated access control methods. These methods may include encryption, electronic sealing, digital time stamps and other high-security technologies. 4.7.4 Audit Trail
Audit trails should record who has used the system, when they were used, what was done when using the system and what the results were. Properly enabled audit trails can automatically detect who has accessed the system, whether personnel have followed procedures and whether fraud or unauthorized behavior has occurred. Audit trails can independently confirm that prescribed procedures have been followed. 4.8 Storage and Inspection
WORM discs should be stored in accordance with relevant national and international standards or the best conditions available at the time. Storage conditions should be designed to take into account local climate and any special hazards, such as fire risk, extreme temperatures, flooding, chemicals, etc. As storage media deteriorate over time, they should be inspected regularly to ensure that the images are retrievable. The recorded information should be copied to new discs before the end of the life recommended by the original disc manufacturer or as recommended by the system software.
If a document imaging system is to be replaced by a new system, the documents stored on the old system should be transferred to the new system and the old system should be retired after inspection and verification. 4.9 Documents of Archival Value
The documents themselves should be destroyed only after administrative and legal approval of their electronic images and appropriate destruction authorization has been obtained. Specific authorization should be obtained before materials of long-term historical or archival value are destroyed. Other systems, such as microfilm, may be considered for permanent preservation of images.
5 Legal status
The purpose of the recommendations is to develop procedures to facilitate the admission of electronic images of documents as evidence. However, if the authenticity of a document is in doubt, the authenticity of its electronic image will also be in doubt. There is no guarantee that any image produced in accordance with these recommendations will automatically be admitted. Any organization that decides to store documents on optical disks should seek legal advice. Copyright reserved.
Book number: 155066·1-29139
Price:
GB/Z20649-20065 Certificate of Destruction
After the authenticity of the captured image has been confirmed, a certificate of permission to destroy the original should be submitted, see 4.9. 3.4 Service Company
The same principles that apply to the owner of the document apply to the service company. If an organization employs a service company to record documents on optical storage media, the organization should find out whether the service company can ensure the security of the documents and is competent to provide certification, indexing and input. The person responsible for selecting the service company should check the service company's procedures and confirm in writing that these procedures are satisfactory. The service company's procedures should be reviewed from time to time and their implementation should be checked regularly. In these cases, the information input by the service company is equivalent to the information input performed by the unit.
4 General Recommendations
4.1 Preparation of Documents
Organizations should ensure that the hard copy documents produced in-house are of good quality to enable clear scanned images to be obtained. Documents that are damaged or wrinkled should be repaired before scanning, but should not be altered or retouched to improve clarity as this would affect integrity. 4.2 Reference an
Tip: This standard content only shows part of the intercepted content of the complete standard. If you need the complete standard, please go to the top to download the complete standard document for free.