Standard: DoD 5015.2 (Electronic Records Management Systems)

Sponsor: Department of Defense (DoD)

Description: 5015.2 is a set of specifications set forth by DoD covering the legal, logical, and technical requirements that are applicable to all U.S. federal agencies with respect to the management of electronic records (E-records). DoD has issued a directive that all DoD systems should be compliant with the standard in November 1999. The National Archives and Records Administration (NARA) has endorsed the 5015.2 standard for potential use by all Federal agencies.  Australia has proposed the adoption of similar specifications as an international standard.

Relationship to Records Management: By definition, electronic records management systems (ERMSs) are required to manage electronic records (E-records).

Problems/Issues/Weaknesses: NARA has failed to provide explicit notice to agencies of the truism that ERMSs are required to manage E-records. Circumstances have been complicated by the decision of the appeals court in the GRS 20 litigation that NARA was within its rights to grant agencies authority to destroy E-records that have been printed for record-keeping.

5015.2 does not address requirements for privacy under the Privacy Act or public access under the Freedom of Information Act (FOIA), as amended by the Electronic Freedom of Information Act Amendments (E-FOIA). DoD intends to address those requirements in the future. However, DoD has determined to give higher priority to the requirements for security classification/declassification of records, which is not a priority for most civilian agencies, at least not in the traditional sense.

(The underlying requirements to secure E-records from unauthorized access or modification may not differ much regardless of the type of threat. The only distinction may be the level of sensitivity of the E-records involved and, thus, the level of security required.)

Closely Related Standards: Australia's proposal (OII summary), DMA, ODMA, and WebDAV

Links to More Information:

DISA, JOINT INTEROPERABILITY TEST COMMAND, Records Management Application (RMA) Certification Testing

DoD's December 1, 1997, press release

Federal Computer Week's hot topics site on records management

NARA's Electronic Records Workgroup site

Some Provisions of Law Relating to Access to Public Information

Metadata or Malfeasance: Which Will It Be?

Please convey corrections, updates, or suggested enhancements in this summary to:

Back to FIRM Standards Summaries Index