ISO/IEC 11179
ISO/IEC 11179 is an international standard for metadata registries. It provides a framework for the representation of metadata in order to facilitate the correct and proper use and interpretation of data.
Request a demo of Secureframe Custom FrameworksDefinition and purpose
The purposes of ISO/IEC 11179 are to promote:
- Standard description of data
- Common understanding of data across organizational elements and between organizations
- Re-use and standardization of data over time, space, and applications
- Harmonization and standardization of data within an organization and across organizations
- Management of the components of descriptions of data
- Re-use of the components of descriptions of data
In other words, ISO/IEC 11179 is designed to make data understandable and shareable within and among organizations.
Governing Body
The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) jointly govern and maintain the ISO/IEC 11179 framework.
Last updated
ISO/IEC 11179 was last updated in 2023.
Applies to
ISO/IEC 11179 is a general description framework for data of any kind so it can apply to any organization in any industry and for any purpose. It is particularly valuable in data-intensive fields such as healthcare, finance, government, and information technology, where data standardization and data management are crucial.
Controls and requirements
ISO/IEC 11179 does not specify detailed controls or requirements itself but provides a conceptual framework for metadata management that includes definitions of basic metadata attributes. Organizations implementing ISO/IEC 11179 typically develop their own controls and requirements for metadata creation, maintenance, and usage based on their unique needs.
Please refer to the official ISO/IEC 11179 publication for more details.
Audit type, frequency, and duration
Since ISO/IEC 11179 is a guide for creating and maintaining a metadata registry, it does not dictate audit types, frequencies, or durations.
Instead, organizations would use this guide to inform and structure their own assessment and testing activities to ensure their metadata registry conforms to ISO/IEC 11179.