Trustworthy Information Systems Handbook: Section 2
How do you use this handbook?
Use this handbook to look at all of the technical and non-technical workings of information systems in order to determine the level of trustworthiness required of your system. The Handbook provides a thorough, effective, and practical set of tools to craft procedures based on the specific and unique needs and information requirements of your government agency.
The Handbook tools can help to answer:
- What is meant by a trustworthy system?
- What is the process for establishing trustworthiness?
- Who should participate in the process?
- Why are metadata and documentation so important?
- How important is your information?
- How do you use the Trustworthy Information Systems (TIS) criteria set?
- What are the criteria for a trustworthy information system?
The Handbook provides additional background and useful information, including:
- A glossary of terms
- A bibliography of sources that were the basis for the Handbook
- The methodology for developing and testing the TIS criteria
- Pertinent Minnesota laws and policies
- Relevant citations to case law
- Case studies of five government agency applications of the TIS criteria
- Citation of the Handbook
Use of the Handbook should not be limited to computer-based information systems, although they are the focus. Systems frequently are connected to, or interface with, other information systems in different formats, such as paper and microforms. They also may encompass legacy systems that contain similar data from an earlier time period and other platforms.
- Data simply asserts facts but provides no context for those facts. Data can be such items as the discrete elements in a field in a database or the dynamic components of a web page.
- Information has meaning to us based on the context of its creation and use. For example, customized reports from a database is information.
- Records, on the other hand, are accessed, understood, and retained as evidence of a particular situation or event. These could include the minutes from a meeting or all of the data captured to serve as evidence of an electronic commerce transaction. Though all of the elements of a record may exist within a single computer file, they may also be distributed across a network. The integrity of these elements and the links between them are much more important than where they physically reside.
You can use the Handbook at any time during information system development. It is never too late to think about system trustworthiness. However, the earlier during the system development life cycle that you consider its trustworthiness, the better off you'll be. During the analysis phase of system development, before a lot of time and money is spent on system design, is the most opportune time to weigh all of the TIS criteria that might be important to implement. At this time, you can think about the big picture without the constraints of a system that's already well along in development or operation.
That's the ideal, but most agencies don't have that luxury. The Handbook is useful at any point during the system development life cycle. The Handbook also can be used to examine the trustworthiness of systems that are already in place—your legacy systems. You can document what you presently have and establish how well the system is set up to meet various requirements. Information systems are not static; they must respond to changes all of the time. Changes in software, hardware, platforms, means of communications, and growth as systems are becoming more interconnected necessitate considering and revisiting the TIS criteria on a periodic basis.
The Handbook can be used for evaluating the trustworthiness of any government information system—large or small, old or new. It provides a valuable set of proven tools that your agency can apply, practically and efficiently. We encourage you to make this handbook your own!
Section 3, What is a trustworthy information system?
TIS Handbook last updated July 2002, Version 4.