S 2.246 Determination of the organisational influencing factors for electronic archiving

Initiation responsibility: IT Security Officer

Implementation responsibility: Archive Administrator, IT Security Officer

Regarding electronic archiving, there is a host of influencing factors that must be taken into consideration when designing the archive system. Amongst other things, these include

The aforementioned influencing factors are explained in more detail below.

Period of use of the archive system

The period of use of the archive system must be calculated separately from the archiving period. The period in which the specific system to be selected is to be operational must be estimated. This influences the selection of the components, specifically the required service life of the components.

A long period implies the selection of durable IT components, as well as the design of the corresponding service and supply agreements typically involving higher costs.

A short period implies an earlier migration of the archive to a new archive system.

Archiving periods

In order to calculate the required memory capacity of the archive system, an estimation of the retention period of the archived documents is indispensable. Based on legal or organisation-internal specifications, minimum, but sometimes also maximum storage periods that must be observed result for the retention period.

However, the retention period does not only influence the memory capacity of the archive system, but also the selection of the storage medium and its disposal upon expiration of the retention period.

Confidentiality requirements of the data

When determining the confidentiality requirements, the fact that these requirements may change during the archiving period must especially be taken into account. In this connection, economic and legal influencing factors may be applicable. Typically, it can be assumed that the confidentiality requirements will decrease over the course of time.

If long-term protection of confidentiality is required, this influences the organisational design of the archiving concept (see S 2.264 Regular regeneration of encrypted data in archiving) and the selection of technical components.

Availability requirements of the data

Electronic archiving is typically used for long-term retention of data and documents. In this connection, an essential requirement already defined in one of the items above includes the period the corresponding data is to be archived for.

Additionally, the further requirements to be imposed on the availability must be defined, e.g. the reliability of the archive system and the stability of the used storage media.

Integrity requirements of the data

The integrity of electronically archived documents must typically be guaranteed and verifiable after a long retention period. Here, it must be particularly assumed that original documents and further context information are no longer existent in the meantime, i.e. the integrity audit must be provided directly by the archive system.

Along with the classification of the integrity requirements (e.g. low to medium, high to very high), the period during which this must be verifiable must be defined.

Authenticity requirements of the data

In analogy to the integrity, the authenticity requirements and the period during which it must be possible to verify the authenticity of documents must be defined. It must also be assumed at this point that the original documents and context information can no longer be provided after a longer archiving period. Therefore, the authenticity verification must be provided by the archiving process.

Definition of acceptable response times

There is a delay between the query to an archive system and the response (response time). The requirements regarding this delay are typically defined by an average and a maximum acceptable response time to be achieved.

The response time must be characterised according to different factors, amongst others:

The required response time strongly depends on the application scenario. For example, a response time of a few minutes may be a reasonable requirement for the check-in of passengers at airports. On the contrary, response times of several hours within the core working hours may be absolutely acceptable when doing research in old databases of a land registry.

Typically, there are also subjective requirements regarding response times. For example, a long response time may be considered more disruptive when searching queries or opening archived documents than the same response time for receipt of a storage confirmation when storing documents in the archive.

The requirements imposed on the response time must be determined and documented.

Time and expense for reconstruction

The temporal and technical effort acceptable for finding and providing archived documents must be determined. This depends on the type and the structure of the archived data and therefore on the specific application scenario.

Required personnel

The personnel required for operating the archive system constitutes an essential influencing factor when selecting the system. The acceptable additional manpower requirements and additional strain on individual members of staff caused by archiving must be determined in an organisation-specific manner.

This influences future personnel planning, since additional personnel may be required. The roles of Archive Administrator and (technical) user must be filled at least. If the not enough personnel is available during ongoing operations, this must be compensated by external maintenance and service agreements.

Know-how and IT-specific qualifications of the users

The selection of suitable user interfaces of the archive system depends on the know-how of the designated users, amongst other things. The IT-specific know-how present should be determined at this point.

This also influences the design of services in the field of archiving, for example the organisation of user support (helpdesk).

All users must be trained as to how to handle the archive system in order to avoid damages caused by accidental operation as far as possible. The required training must be included in the calculation of the overall costs.

Ergonomics and user-friendliness of the archive system

The user-friendliness has a decisive influence on the acceptance by the users and therefore on the proper use of the archive system.

Along with legal requirements in the field of ergonomics at workplaces, the subjective impression of users must also be taken into consideration. The corresponding requirements may be determined by questioning the future users, for example, but experiences from pilot and test installations of the designed archive system components should also be incorporated.

Compliance with standards

Regarding the interoperability with other products and organisational processes, it should be ensured that archive system components compliant with the existing standards are selected. Although the standards are not permanently valid, but change´over time due to technical progress, the compliance with the relevant standards is typically considered investment protection.

However, this depends on the specific purpose and the application environment. Therefore, the relevant standards should be determined on a case-by-case basis. Some relevant technical standards are described in safeguards S 4.169 Use of appropriate archival media and S 4.170 Selection of suitable data formats for the archival storage of documents.

General financial conditions

The implementation of archive systems and the design of the corresponding organisational framework are typically influenced by the costs incurred:

The technical planning of archive system operations is therefore typically accompanied by financial planning. Here, the organisation-internal regulations (budget planning, distribution of cost centres, etc.) must be taken into consideration.

The required training of the users and administrators must be included in the calculation of the total cost of archiving.

Review questions:

© Federal Office for Information Security. All rights reserved.