Digital Signatures are essential to achieving fully digital processes (see my previous post). I would like to explore how digital signatures contribute to the 7 Information Management principles.
Digitally signed documents are easier to identify with respect to the owning organisation(s). However it does not mean the ownership will be assigned or will be clear. To solve this the owner must be registered at the storage location of the document f.i. in the meta data within a document management solution.
Digitally signed documents contain signing information. Therefore it is relatively easy to establish that a document is an original version. However there can succeeding versions that have made the contents of the document obsolete. To solve this there should be a reference to the successor or versioning functionality in place.
Digitally signed documents can be copied therefore the signing does not resolve this challenge. However it can be easier to establish whether documents are stored in the right location due to the signing information within the document. Based on periodic review an procedure should be in place to move misplaced documents to the right location.
Digitally signed documents can be verified whether these have been changed. Combined with good access controls the access to the documents should be possible. The risk of the document being changed should not be a limiting factor.
Note: the contents may be confidential and therefore only accessible to certain roles and/or persons
Digitally signed documents contain signing information. This means the document is an original version at some point in time and also the contents can be verified to be untampered. However it does not necessarily mean that this is the latests valid version.
Digitally signed documents should put under records management control. This means that documents retention and disposition are controlled more tightly. Because of the signing information and ideally as part of the signing workflow these documents can be marked as records and managed accordingly.
Digitally signed documents can be transferred much easier that paper documents. Due to the signing process there is a higher likelihood of complete and accurate content. This is by no means a guarantee though.
Digital Signatures definitely contribute to the Information Management Principles. However there are still additional measures required such as meta data and versioning.