1 / 28

Legal , Organizational and Technological Assurance of e-Workflow’s Relevance in Law

Research/Practice Conference: “Government Employee’s Office Package : e-Workflow and Intranet Portal Astana , “ NIT “ JSC , 3 Dec. 2009. Legal , Organizational and Technological Assurance of e-Workflow’s Relevance in Law. Alexander Zagoruyko Deputy General Director for Research,

hien
Download Presentation

Legal , Organizational and Technological Assurance of e-Workflow’s Relevance in Law

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Research/Practice Conference: “Government Employee’s Office Package: e-Workflow and Intranet Portal Astana, “NIT“ JSC, 3 Dec. 2009 Legal, Organizational and Technological Assurance of e-Workflow’s Relevance in Law Alexander Zagoruyko Deputy General Director for Research, “IRM Research/Technology Center”Tel.: +7 (495) 645-02-99 http://www.mdi.ru

  2. Localization of European specificationMoReq2 “Infodocum” Conferences Corporate standard of Корпоративный стандарт взаимодействия СЭД Voluntary certification СЭД «ДОУ Сертификат» Training, workshops “Documentation Managers Guild” RОО www.gdm.ru www.infodocum.ru

  3. About “IRM RTC” Company Automation ofdocumentation provisionfor management Automation of автоматизация “Single Window” services Integrationin the field of workflow and paperwork Automation of documentation provision forConstruction Complex Executive agencies and city organizations in Moscow Administrations of constituent entities of Russian Federation Administrations ofmunicipal entities commercialorganizations and enterprises

  4. Tendencies • ICT accessibility and mass nature • Globalization ofdigital interoperability • Administrative reform • Information Society • Innovation-based economy • Migration from information/reference systems to legally valid information systems

  5. Development of RF’s and Moscow’s e-Workflow Systems’ Legal Framework 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 Регламентработы ОИВв режиме «одного окна» СЭВ МЭМ,SOA, BPEL Process management ППМN 101-ППот 24.02.04 ГОСТ Р ISO 9001-96since 01.01.97 ГОСТ Р 52294 ЭАР АР ОГВППРФ №679 от 2005г. Draft Law “On Administrative Regulations” Development of “single window” mode “single window” mode Citizen Service Centers in Moscow) ППМ № 438-ППот 10.6.03 Adm.reform in RFУПРФ N 824 от 23.7.03 Concept for adm.reform in RF МФЦ (в СРФ)одобрено от 27.07.2007 УУЦ г.Москвы работа ОИВ с ЭДиЭЦП E-Moscow metainformation environment Development of digital signature technology ФЗ № 1-ФЗот 10.01.02 ГОСТ 6.10.4-84Validation of docs on machine-readable media Law “On Digital Signature Development of CA in RF constituent entities (www.reestr-pki.ru ) Development ofPKI infrastructure Concept for move to information society “E-Moscow” city program2003-2007 Draft “eMoscow-2” city program РММ № 715-РМof 20.7.01 E-Government development “e-Russia” federal program 2002-2010 Concept for building up e-Government in RF IS for classifiers’ service Moscow-wide classifiers ЕСККМ, Реестр ИСиРМППМ 496-ПП 24.06.2003 RDF / OWL Formalization,classification and encoding SystemОК 1993-94. ОКОК026-96 Evolution of classification system ОКОК 026-2002 Russia-wide classifiers НСИ Одобрена 16.08.2007 Creation of e-workflow single system in Moscow Mayor Office Development of departmentale-workflow systems СЭВ МЭМ Development ofe-workflow automated system ГОСТ 6.38-90 ГОСТ Р 6.30-97 УСД ГОСТ Р6.30-2003УСД ГОСТ ISO15489-2007 MoReq-2 РПРФ № 1789-р от 25.10.05 РППМ № 194-РП от 27.02.1997 РММ № 422-РМ от 25.08.1994 ППМ от 10.4.07 № 249-ПП ППРФ № 1212 от 1.11.99 ППМ №367-ПП от 13.05.03 ППМ № 848-ПП от 07.12.04 ППМ N730-ППот 21.8.07 ППРФ № 677 от 10.11.03 ППМ № 681 от 27.07.99 ППРФ № 65 от 28.01.02 с 01.07.2007 с 01.07.03 с 01.07.05 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010

  6. General Principles of e-Workflow Basic (target) principles: • Equity of e-document and paper document • Equity of handwritten signature and digital signature Necessity to ensure (as to e-documents): • authorship • integrity • safety • authenticity(compliance with rules, confirmation of data and time) • credibility(reflection of real facts) • suitability(capability of localization, finding, reproduction and interpretation) • interoperability (compatibility of formats, functions, and classifiers) Context: • inlocal (inside an organization) information interoperation • ingovernment-wide (inter-organizational) information interoperation • intrans-borderinformation interoperation • atshort-termstorage • at operativestorage • atperpetualstorage • at interoperation withgovernment authorities(…2G ) • at interoperation withbusinesses (…2B ) • at interoperation withcitizens (…2C )

  7. Principles for Building up Single Infrastructure • Local e-workflow systems are anintegral part ofinfrastructure • Distributedrepository(a network of authorized operative storages of e-documents) • Capability of storingthe e-document “body” separatelyfrom e-document’s metainformation(to transfer an e-document, it is enough to transfer document’s metaindormation, digital signature and link to the e-document’s “body”) • Simultaneousthree-party registration (keeping protocol) of meaningful events(at the originator side, at the recipient side, at trusted third party side) • Use ofsingle high-structured resources • Guarantee of permanence of address of the e-document published in repository • Document registration must be related to publication of document in repository • Capability of using single registration numberof an e-document within the single infrastructure of e-workflow • Guaranteed delivery ofe-documents • СSystem of governmente-archives • Standardization and certification of e-workflow systems, storages of documents, e-documents and other information systems

  8. Infrastructure Components • Singlenormativespace • Singlesemantic/linguistic space • Singlereliability space for signature keys • Distributedrepository(a network of authorized storages) • Network of governmente-archives • Package of interoperatingcompatible systems of e-workflowand other IS • Singletelecommunications environment

  9. General Information Resources of Infrastructure • Single register of recipients • Single register of e-documents • Single register of authorized persons • Single register of digital signature key certificates • Single register of access rights • Single register of meaningful events The above registers can be stored:- centrally (at federal node)- distributed (at regional nodes)- locally (in local e-workflow systems)

  10. Principles that require legislative recognition • Safety of official document (safety of mandatory copy of official e-document since the moment of registering and issuing it) • Uniqueness of versionof official document(forbidden alterations in the signed, registered and issued official document) • Guarantee for access rightsto e-document on the part of recipients and those persons to whom the document’s legal force applies • Formalization of terms of referenceof authorized persons – signers of e-documents • Legal regulation of use of other digital analogues of signature (including “trust in system” principle)

  11. Infrastructures under Development • Pan-Russian Public Information Center • Resolution by Government of RF  № 931 of 25.12.2007 “On Some Measures to Ensure Digital Interoperation between Government Agencies and Local Governments When Rendering Public Services to Citizens and Businesses” • Order by Ministry of Information & Communication № 32 of 11.03.2008 “On Approval of Regulation on Pan-Russian Public Information Center” (registered in Ministry of Justice on March 21, 2008, registration № 11394) • E-Moscow Metasystem’s digital interoperation environment • Regulation on e-Moscow Metasystem’s digital interoperation environment approved by Informatization Administration of Moscow • Resolution by Moscow Government “On e-Moscow Metasystem”

  12. Пример использования инфраструктуры СЭВ МЭМ для целей реализации режима «одного окна» • РПМ от 15.06.2005 № 1050-РП «Концепция информатизации работы ОИВ в режиме «одного окна» • РПМ от 01.03.2007 № 333-РП «Об утверждении положений об экспериментальных ЦОНах» • ППМ от 21.08.2007 № 730-ПП «Концепция ГЦП по созданию ЦОНов в 2008-2010 гг. » • ППМ от 24.06.2008 № 554-ПП «О ГЦП по созданию ЦОНов на территории г.Москвы на 2009-2011 годы»

  13. Уровни структурирования информации в документах Efficiency of computer interpretation Convenience for human perception Unstructurede-message(electronic raster image of paper document) Chief of “Single Window” Service I. Ivanov Application Please prepare the end document... Attached please find the required initial documents... P. Petrov. 12 March 2007 Weakly structurede-message(plain text in ANSIorUnicode coding) Document type:application for obtaining end document...; Applicant: P. Petrov; ID: passport; Series:1234; Number:567890; Issued: 23.01.2000; Executor: I. Ivanov; Date of acceptance: 12.03.2007; Moderatelystructured e-message(text names of fields and text values) ID_doc_class:12345678-00000011; ID_document: 00000312-00001432; ID_customer:CVBA-DFGD-AWDF-AWRG-...; ID_executor: YJXE-6WD8-KRDV-CHGX-...; DATA_accept: 2007-03-12; HL_doc_folder:https://oh123.mos.ru/...; {SDFG-TF65-...}:XPTM-PRHS-ERGA-KS7V-...; {3WEF-GCPS-...}:0453-0463-0231-0463-...; Highly structured e-message(encoded names of fields and values of data fields)

  14. Information Classification and Encoding

  15. Regulation Information’s Lifecycle.Roles of authors (signers) of interim documents «measured», «fixed», «I report», «I witness» «verified», «registered», «accounted» «developed», «drew up» «reconciled», «I do not object» «I hereby approve», «I hereby order», «I hereby resolve», «I hereby entrust» «I accept obligations», «I accept for execution», «I have read and understood», «executed» Proposal:formalize the permitted legal actions over the documents through developing and adopting the respective classifier Proposal:formalize persons’ official powers through implementing the system of electronic job regulations. Proposal:formalize the interrelation between the permitted legal actions over documents and electronic job regulations.

  16. Proposal: Digital Signature Scope of Application Proposal:formallypresent the signature key scope of application as an aggregate of three classes: class of documents permitted to sign, class of subject area, andclass of permitted legal actions.

  17. About single register of e-documents,and transfer of e-documents Proposal:to transfer an e-document, it is enough to advise the recipient the metainformation on document, hyperlink to the e-document file posted in the official information resource accessible for recipient, as well as digital signature to the document. Proposal: within the common e-workflow systems, organize the common register of e-documents where metainformation on documents should be stored.

  18. MoReq2 – Model Requirements to Management of Official e-Documents Major novelties in MoReq2 • terminology has been clarified(terminology harmonized according to other international standards) • modularity(extraction of basic and expanded requirements, possibility of certification of system by modules) • meta-model(set of mandatory classes, tables and fields) • XML-scheme(mechanism for ensuring the compatibility of systems) • “zero chapter”(each country may add national requirements) • methodology for testing and certification(formalized tests for execution of functional requirements)

  19. General requirements to systems for management of official e-documents(according toMoReq2) • supporting modern methods for document classification and identification(sections 3, 7); • ensuring information security(sections 4, 10.13); • regulating and supporting document lifecycle(section 5) ; • registration (capture, declaring) of records(section 6); • well-developed features for search, retrieval and representation(section 8); • well-developed features for system administration(section 9); • OPTIONAL REQUIREMENTS (section 10) • management of physical and electronic records(sections 10.1, 10.2); • ensuring shared work over documents(section 10.3); • supporting formalized business processes(sections 10.4); • working with structured data(sections 10.5, 10.6); • digital signature, enciphering(sections 10.7, 10.8); • distributed systems, autonomous and remote working(sections 10.10, 10.11); • integration with facsimile communication (section 10.12); • NON-FUNCTIONAL REQUIREMENTS (section 11): easiness of use (11.1), performance and scalability (11.2), system accessibility (11.3), supporting technical standards (11.4), legislative and normative requirements (11.5), outsourcing and third party management of data (11.6), long-term storage and technologies’ ageing (11.7), business processes (11.8).

  20. MoReq2 relation to other guidelines

  21. MoReq2 Glossary роль администратора / administrative role администратор / administrator агрегация / aggregation протокол аудита / audit trail аутентичность / authenticity уполномоченный пользователь / authorised user массовый импорт / bulk importing захват / capture досье (структурированное дело) / case file исполнитель / case worker класс / class классификация / classification код классификации / classification code схема классификации / classification scheme допуск / clearance закрытие / close закрытый / closed система управления содержимым (СУС) / CMS компонент / component этап конфигурации / configuration time ответственный за хранение / custodian уничтожение / destruction цифровой / digital предотвращение перемещения или уничтожения / disposal hold отбор и передача / disposition документ / document тип документа / document type электронное хранилище документов, ЭХД / EDMS электронный / electronic электронный документ / electronic document электронный официальный документ / electronic record СУЭОД / erms экспорт / export дело / file форматфайла / file format формат / format группа / group импорт / import ключевоеслово / keyword метаданные / metadata остаточные метаданные / metadata stub неструктурированное дело / non-case file открыть, открытый / open владелец / owner бумажное дело / paper file PDF PDF/A материальное дело / physical file материальный официальный документ / physical record представление / presentation профиль / profile официальный документ / record тип официального документа / record type цензурировать / redact выписка из официального документа / redaction регистрация / registration преобразовывать / render рандеву / rendezvous образ / rendition опись / repertory порядок хранения, отбора и передачи / retention and disposition schedule роль / role гриф ограничения доступа / security category уровень допуска / security clearance остаточный / stub раздел / sub-file передача / transfer пользователь / user группа пользователей / user group профиль пользователя / user profile роль пользователя / user role версия / version особо важный официальный документ / vital record том / volume

  22. MoReq2 Meta-Model • 158 elements defined describing: • classification schemes; • classes, folders, sections, volumes; • records, extracts; • metadata; • document types; • components; • procedures, rules • agents (users, groups and roles)

  23. XML-scheme ofMoReq2 MoReq2-Record.xsd

  24. Set of tests Test Data Repository Test Cases

  25. Development of MoReq2 Zero Chapter • Requirements to “zero chapter” are covered in sections: • “Individual specifics of member states” (1.8 ), • “Capture process” (6.1) • “Altering, deleting and redacting the records” (9.3) • “Digital Signature” (10.7) • “Security categories” (10.13) • “Legislative and normative requirements” (11.5 ) • Proposed “functional” sections: • Preparation of regular statistical, analytical, and official reports • Reconciling a document electronically • Control over execution of orders and prescriptions set forth in records

  26. XML-scheme ofMoReq2 MoReq2-Record.xsd

  27. Maturity of management processes( underCMM/CMMi scale ) $ $ $ $ $ t t t t t РП ? regulation metrics ? knowledge  -LY   0 Same Same  LY > >  LX  LY   LX  -LX   0  -LX   0  -LX  > > 0 Methodology: - “Control over execution of assignments”. Methodology: - PMBOK(as To time management) Methodology: - ISO 9000 Methodology: - BSC / KPI • Methodology: • Knowledge management • (Attachment А to ГОСТ Р 52294) • Predictable: • timelines. • Predictable: • timelines; • quality. • Predictable: • timelines; • quality; • costs. Same measurable initial repeatable standardized improvable

  28. Research/Practice Conference: “Government Employee’s Office Package: e-Workflow and Intranet Portal Astana, “NIT“ JSC, 3 Dec. 2009 Thank you! Alexander Zagoruyko Deputy General Director for Research, “Research/technology Center IRM” Tel.: (495) 645-02-99 http://www.mdi.ru

More Related