Revising DoD 5015.2, the de facto RM software standard: the latest revision of DoD 5015.2-STD now includes requirements for records management application (RMA)-to-RMA interoperability.

• Author: Swartz, Nikki
• Position: ON THE EDGE: The Use & Misuse of Information

In 1997, the U.S. Department of Defense (DoD) developed a voluntary records management standard--DoD 5015.2-STD Design Criteria Standard for Electronic Records Management Software Applications--as a requirement for records management applications (RMAs) implemented within its departments.

The standard established mandatory baseline functional requirements for RMAs and requirements for classified marking, access control, and other processes. It also identified non-mandatory features the DoD deemed desirable for RMA software. Since then, the standard has undergone a few revisions and has become the de facto seal of approval not only for federal agencies, but also for public and private organizations worldwide considering software to manage electronic records.

DoD 5015.2-STD is a standard and certification program for records management software products whose requirements really apply only to software vendors wanting to sell their products to the National Archives and Records Administration (NARA) and federal agencies. In the past, the use of the standard--and its testing and certification program--was limited for those outside of the U.S. government because it didn't test for key functionalities--including scalability and interoperability--that weren't federal or NARA requirements. However, with the introduction of recent revisions of the standard, this situation is changing, and DoD 5015.2-STD has become more relevant for records managers everywhere while moving the federal government into the future.

A Focus on FOIA, Interoperability

Major additions in Version 3 of DoD 5015.2-STD, which was signed April 25, 2007, include requirements supporting the Freedom of Information Act (FOIA), the Privacy Act, e-mail, and interoperability. The Joint Interoperability Test Command (JITC), a U.S. government organization that tests technology for multiple branches of the armed services and government and runs the 5015.2-STD testing and certification program for software vendors, began testing under the new version of the standard in January 2008.

Specifically, Version 3 provides for greater data security and integrity. It builds on the automatic linking, user-defined fields, and logic in Version 2. New with Version 3 is a requirement to be able to create alerts and notifications regarding changes in metadata fields and to restrict metadata access based on the contents of fields.

It also requires data integrity checking, comparing the expected and actual...