ISO 16175-1:2020 — Processes and Functional Requirements for Software for Managing Records (digital records)
ISO 16175-1:2020 — Processes and Functional Requirements for Software for Managing Records (digital records) — 60% covered.
5 requirements · 3 enforced · 0 designed · 0 advisory · 0 deferred.
Source: ISO 16175-1:2020 specifies the principles and functional requirements for software that creates and manages digital records — capture, identification, classification, access control, retention/disposition, and audit trail. KYE Protocol™ is NOT records-management software — Iron Mountain InSight DXP is. KYE Protocol™ governs ACTION (who was authorised to act on a digital record at the moment it drives a consequential AI action), not the management of the record itself. The capture / classification / retention functional requirements map out-of-scope (records-management software); the audit-trail and access-decision overlay at the action boundary maps enforced (KYE Protocol™'s chain-of-authority). · License: ISO copyright — citation only; KYE registry cites clause structure for mapping purposes (no normative text reproduced).
By category
| Category | Reqs | Enforced | Designed | Advisory | Deferred | Coverage |
|---|---|---|---|---|---|---|
| Action-decision audit trail (authority overlay) | 2 | 2 | 0 | 0 | 0 | 100% |
| Access-control decision at the action boundary (authority overlay) | 1 | 1 | 0 | 0 | 0 | 100% |
| Capture & classification functional requirements (records-software) | 1 | 0 | 0 | 0 | 0 | 0% |
| Retention & disposition functional requirements (records-software) | 1 | 0 | 0 | 0 | 0 | 0% |
Every requirement → the KYE™ artefact that enforces it
| ID | Title | Status | KYE™ enforcement |
|---|---|---|---|
iso-16175.action-audit-trail |
Action-decision audit trail: every consequential AI action over a digital record emits an immutable, tamper-evident governance audit entry | enforced | audit_events: kye.evidence.pack.v1, kye.replay.proof.v1, kye.compliance.attestation.v1engines: internal, internalrule_packs: kye:rule-pack:chain-of-authority-insightconstitution_refs: constitution/30-AUDIT-WORM-RETENTION.md |
iso-16175.replayable-decision-record |
Replayable decision record: the action decision is reconstructable offline from public keys alone | enforced | audit_events: kye.replay.context_seal.v1, kye.replay.proof.v1engines: internal, internalrule_packs: kye:rule-pack:chain-of-authority-insightconstitution_refs: constitution/13-RESILIENCE-LOOP.md |
iso-16175.access-control-decision |
Access-control decision at the action boundary: refuse an unauthorised AI action on a classified digital record | enforced | audit_events: kye.purpose.request.v1, kye.purpose.admissibility.v1engines: internal, internalrule_packs: kye:rule-pack:chain-of-authority-insightconstitution_refs: constitution/12-PURPOSE-PERMISSION.md |
iso-16175.capture-classification-functional |
Capture & classification functional requirements (records-software — owned by Iron Mountain InSight DXP, not KYE™) | out-of-scope | constitution_refs: constitution/15-MCP-AND-SDK.md |
iso-16175.retention-disposition-functional |
Retention & disposition functional requirements (records-software — owned by Iron Mountain, not KYE™) | out-of-scope | constitution_refs: constitution/30-AUDIT-WORM-RETENTION.md |