Skip to main content
SpringerLink
Log in

Are We Missing the Cybersecurity Factors in Recordkeeping?

  • Conference paper
  • First Online:
Information for a Better World: Normality, Virtuality, Physicality, Inclusivity (iConference 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13971))

Included in the following conference series:

Abstract

When creating, storing, and maintaining sensitive records, such as government data or records that reflect citizen rights or represent their health data, those records need to be trustworthy and secure. Since organizations are creating huge digital records, security in recordkeeping grows in complexity, and the relationship between the cybersecurity and recordkeeping domains is also expanding. While integrity and appraisal of records have always been considered important for records, existing standards and security discussions are missing some essential perspectives. Thus, research is needed to understand cybersecurity factors (different cybersecurity standards, techniques, protocols, etc.) for recordkeeping and the potential consequences of ignoring factors. With this goal, we explore two core standards, International Organization for Standardization ISO 15489 and ISO 27001, and selected relevant recent literature. This study makes a case for a universal standard for these cross-domain aspects of recordkeeping and cybersecurity by considering the existing standards and identifying the missing cybersecurity factors in recordkeeping. It also discusses relevant challenges and future research directions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Attacks in record handling in service NSW. https://www.itnews.com.au/news/service-nsw-told-to-urgently-improve-data-handling-after-cyber-attack-559244

  2. Compliance with the NSW cyber security policy (CSP). https://www.audit.nsw.gov.au/our-work/reports/compliance-with-the-nsw-cyber-security-policy

  3. The application of technology-assisted review to born-digital records transfer, inquiries and beyond. Technical report, The National Archives UK (2016)

    Google Scholar 

  4. Allegrezza, S., et al.: Policies for recordkeeping and digital preservation. Recommendations for analysis and assessment services-code 04. Project report (2017)

    Google Scholar 

  5. Bak, G.: Trusted by whom? TDRs, standards culture and the nature of trust. Arch. Sci. 16(4), 373–402 (2016)

    Article  Google Scholar 

  6. Bearman, D.: Office of the secretary: evaluation of email records management and cybersecurity requirements, ESP-16-03. Am. Arch. 80(2), 459–462 (2017)

    Google Scholar 

  7. Bralić, V., Stančić, H., Stengård, M.: A blockchain approach to digital archiving: digital signature certification chain preservation. Rec. Manag. J. 30(3), 345–362 (2020)

    Google Scholar 

  8. Bui, T., et al.: Archangel: tamper-proofing video archives using temporal content hashes on the blockchain. In: Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (2019)

    Google Scholar 

  9. Duranti, L., Rogers, C.: Trust in records and data online. In: Integrity in Government through Records Management, pp. 227–238. Routledge (2016)

    Google Scholar 

  10. Frank, R.D.: Risk in trustworthy digital repository audit and certification. Arch. Sci. 22(1), 43–73 (2022)

    Article  Google Scholar 

  11. Hofman, D., Lemieux, V.L., Joo, A., Batista, D.A.: The margin between the edge of the world and infinite possibility: blockchain, GDPR and information governance. Rec. Manag. J. 29, 240–257 (2019)

    Google Scholar 

  12. Huda, M.: Empowering professional and ethical balance in digital record management. Organ. Cybersecur. J. Pract. Process People 2(1), 60–73 (2021)

    Google Scholar 

  13. International Organization for Standardization (ISO): 15489 information and documentation - records management - Part 1: concepts and principles. Standard, ISO, Cenevre (2016)

    Google Scholar 

  14. ISO: 27001 information technology - security techniques - information security management systems - requirements. Standard, ISO, Cenevre (2013)

    Google Scholar 

  15. ISO: 27035 information technology - security techniques - information security incident management - Part 1: principles of incident management. Standard, ISO, Cenevre (2016)

    Google Scholar 

  16. ISO: 15801 document management - electronically stored information - recommendations for trustworthiness and reliability. Standard, ISO, Cenevre (2017)

    Google Scholar 

  17. ISO: 17068 information and documentation - trusted third party repository for digital records. Standard, ISO, Cenevre (2017)

    Google Scholar 

  18. ISO: 18829 document management - assessing ECM/EDRM implementations - trustworthiness. Standard, ISO, Cenevre (2017)

    Google Scholar 

  19. ISO: 27003 information technology - security techniques - information security management systems - guidance. Standard, ISO, Cenevre (2017)

    Google Scholar 

  20. ISO: 14641 electronic document management - design and operation of an information system for the preservation of electronic documents - specifications. Standard, ISO, Cenevre (2018)

    Google Scholar 

  21. ISO: 27005 information technology - security techniques - information security risk management. Standard, ISO, Cenevre (2018)

    Google Scholar 

  22. ISO: 27050-1 information technology - electronic discovery - Part 1: overview and concepts. Standard, ISO, Cenevre (2019)

    Google Scholar 

  23. ISO: 22428 managing records in cloud computing environments - Part 1: issues and concerns. Standard, ISO, Cenevre (2020)

    Google Scholar 

  24. ISO: 27002 information security, cybersecurity and privacy protection - information security controls. Standard, ISO, Cenevre (2022)

    Google Scholar 

  25. Jaigirdar, F.T., Rudolph, C., Bain, C.: Prov-IoT: a security-aware IoT provenance model. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1360–1367. IEEE (2020)

    Google Scholar 

  26. Larsen, D.: Integrity and keeping the nation’s records. Public Sector 42(2), 23–24 (2019)

    Google Scholar 

  27. Lemieux, V.L.: Trusting records: is blockchain technology the answer? Rec. Manag. J. (2016)

    Google Scholar 

  28. Moreau, L., et al.: The open provenance model core specification (v1.1). Future Gener. Comput. Syst. 27(6), 743–756 (2011)

    Google Scholar 

  29. Mosweu, O., Ngoepe, M.: Trustworthiness of digital records in government accounting system to support the audit process in Botswana. Rec. Manag. J. 31(1), 89–108 (2021)

    Google Scholar 

  30. Rolan, G.: Towards interoperable recordkeeping systems: a meta-model for recordkeeping metadata. Rec. Manag. J. 27(2), 125–148 (2017)

    Google Scholar 

  31. SAĞLIK, Ö.: Arşivlenen elektronik belgelerin güvenilirliğini tehdit eden riskler: Teknolojik koşullar açısından bir inceleme. Bilgi Ve Belge Araştırmaları (16), 29–47

    Google Scholar 

  32. Yeo, G.: Records, information and data: exploring the role of record-keeping in an information culture. Facet Publishing London (2018)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Monash University, Melbourne, Australia

    Fariha Tasmin Jaigirdar, Carsten Rudolph & Joanne Evans

  2. Bursa Uludag University, Bursa, Turkey

    Ozhan Saglik

Authors
  1. Fariha Tasmin Jaigirdar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ozhan Saglik
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Carsten Rudolph
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Joanne Evans
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Fariha Tasmin Jaigirdar .

Editor information

Editors and Affiliations

  1. iSchool Organization, Berlin, Germany

    Isaac Sserwanga

  2. Victoria University of Wellington, Wellington, New Zealand

    Anne Goulding

  3. University of Missouri, Chicago, IL, USA

    Heather Moulaison-Sandy

  4. University of South Australia, Adelaide, SA, Australia

    Jia Tina Du

  5. University of Porto, Porto, Portugal

    António Lucas Soares

  6. Monash University, Clayton, VIC, Australia

    Viviane Hessami

  7. University of Tennessee at Knoxville, Knoxville, TN, USA

    Rebecca D. Frank

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Jaigirdar, F.T., Saglik, O., Rudolph, C., Evans, J. (2023). Are We Missing the Cybersecurity Factors in Recordkeeping?. In: Sserwanga, I., et al. Information for a Better World: Normality, Virtuality, Physicality, Inclusivity. iConference 2023. Lecture Notes in Computer Science, vol 13971. Springer, Cham. https://doi.org/10.1007/978-3-031-28035-1_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-28035-1_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-28034-4

  • Online ISBN: 978-3-031-28035-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation