The European Telecommunications Standards Institute (ETSI) has issued standards on the long-term preservation of electronic documents.
As I was involved in the design of the first Hungarian qualified archiving service provider operating according to the Hungarian electronic signatures act, I also took part the ETSI specialist task force elaborating the ETSI standards on information preservation.
Working together with colleagues from Italy, Spain and Austria, we created the following two specifications:
- ETSI TS 101 533-1 Information Preservation Systems Security - Part 1: Requirements for Implementation and Management: This is an extension of ISO 27001, it specifies additional controls that are applicable to information preservation systems.
- ETSI TR 101 533-2 Information Preservation Systems Security - Part 2 Guidelines for Assessors: This recommendation provides a checklist assessors of information preservation systems should follow during their audit.
The above standards rely on electronic signatures as a tool for ensuring the integrity and authenticity of the preserved information.
Now that there are European standards for information preservation systems, it shall be possible to use them instead of the current Hungarian specifications for qualified archiving service providers.