Can you explain how your records management program matches up to ISO 15489?

One of the critical “safe harbors” available to organizations navigating the perils of electronic discovery is reached by demonstrating a “routine, good faith operation of an electronic information system”. These are the words used in Rule 37(e) of the Federal Rules of Civil Procedure. If such operations can be shown to exist, then Rule 37(e) generally protects an organization from sanctions that may otherwise be imposed for being unable to produce electronically stored information (ESI) which has been “lost”.
But one of the gaping idiosyncrasies of applying that Rule is that no guidance is provided to judges on how to measure the operations of an electronic information system in order to determine if the systems have been operated routinely and in good faith. For that reason, standards become a vital source of knowledge, something judges are allowed to consider under the Rules of Evidence.
ISO 15489-1:2001 is formally titled “Information and Documentation—Records Management—Part I: General”. It is paired with a second standard, ISO 15489-2:2001, titled “Information and Documentation—Records Management—Part 2: Guidelines”. Together, these represent the recognized international standard against which to evaluate existing records management programs, design new or improved programs, and manage those programs forward with a focus on continuous improvement.
ISO 15489 informs adverse counsel what to look for in requesting records management policies, procedures and operating records. The standards emphasize the importance of strong programs for collecting and maintaining business records with legal value. The program elements and controls proposed by these standards apply expressly to both paper and digital records and information.
While many records professionals acknowledge awareness of ISO 15489, very few have actually committed to develop their programs pursuant to its terms. While I have hear many “reasons”, most of the explanations cover for the absence of senior management leadership, insufficient funding, inadequate professional skills, or similar factors. In relying on ISO 15489 as the basis to explore whether electronic information systems are being operated routinely and in good faith, adverse counsel has a compelling foundation from which to expose systematic gaps, underfunding and policy enforcement laggards.
So, even if you don’t operate pursuant to ISO 15489, be prepared to answer the questions based on the standard’s terms and provisions. Indeed, an inability to be prepared will seriously undermine any claim that the existing systems have been operated in good faith.
Defending Electronic Mail as Evidence—The Critical E-Discovery Questions includes a detailed model deposition and QUEENs Map that are heavily informed by the ISO 15489 terms.