Where Software Meets Recordkeeping 

Request a Copy

Complete in the form at the right to request a copy of the report in PDF form, delivered via email reply. 

The US DoD 5015.2-STD standard defines a very clear set of software capabilities that an RMA (Records Management Application) must meet in order to be certified compliant against the standard. There are many software products on the market that meet this standard, and some that do not. The standard covers not just general-purpose recordkeeping capabilities, but it also specifies some capabilities rather specific to the US federal government. This implies that if you are not a federal government organization, you very well may not need all of the capabilities mandated by the standard. 

The standard is very comprehensive – it spans a broad base of all the basic formal recordkeeping infrastructure (file plan, declaration and classification, disposition, etc.) that any organization would typically require. However it calls for quite a bit more – it adds on a layer of capabilities specific to the US government (supplemental markings for example). It does not stop there. It has two sets of optional capabilities (security, and FOIA) that are not necessary for all government agencies, and certainly would not likely be required for many non-government organizations. The standard also adds in some useful generic capabilities that are mandatory for compliance, but may not be needed by many non-governmental organizations. A good example of this would be Transfer – the ability to exchange stored electronic records among different RMAs. 

If you are a US federal government organization and are obliged to be compliant with the standard, you have no choice but to purchase or build solutions that are 100% compliant with it. But what about other organizations? Do you need all of the DoD 5015.2 capabilities? Many organizations have adopted the standard as a minimum mandatory requirement for product purchase. However if you are not mandated to be compliant, which 5015.2 capabilities do you need?

In this report RIMtech defines a subset of the 5015.2 requirements that we believe represent the minimum necessary for a “typical” organization. Hypothetically, these requirements will suffice for most organizations, without regard to their size or any government-specific requirements. RIMtech will refer to this subset as the F1000 Requirements List. We do not in any way mean to imply the requirements are only for the Fortune 1000 firms. We use this moniker only as means of implying broad-based potential application.Obviously we cannot state with any certainty that this requirements list will be suitable for any specific organization. Our proposed F1000 requirements is really just the 5015.2 requirements, stripped of the things we believe most organizations can do without. To arrive at this list, we eliminated from the 168 5015.2 requirements all those that were obviously unique to the US government, as well as those that we felt were needed by only a small portion of organizations (perhaps 5% or less of the market).

RIMtar Report

F1000 Requirements for Electronic Recordkeeping