hero-two-bg

ISO/IEC 11179

ISO/IEC 11179 is an international standard for metadata registries. It provides a framework for the representation of metadata in order to facilitate the correct and proper use and interpretation of data.

Request a demo of Secureframe Custom Frameworksangle-right

Definition and purpose

The purposes of ISO/IEC 11179 are to promote:

  • Standard description of data
  • Common understanding of data across organizational elements and between organizations
  • Re-use and standardization of data over time, space, and applications
  • Harmonization and standardization of data within an organization and across organizations
  • Management of the components of descriptions of data
  • Re-use of the components of descriptions of data

In other words, ISO/IEC 11179 is designed to make data understandable and shareable within and among organizations.

Governing Body

The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) jointly govern and maintain the ISO/IEC 11179 framework.

Last updated

ISO/IEC 11179 was last updated in 2023.

Applies to

ISO/IEC 11179 is a general description framework for data of any kind so it can apply to any organization in any industry and for any purpose. It is particularly valuable in data-intensive fields such as healthcare, finance, government, and information technology, where data standardization and data management are crucial.

Controls and requirements

ISO/IEC 11179 does not specify detailed controls or requirements itself but provides a conceptual framework for metadata management that includes definitions of basic metadata attributes. Organizations implementing ISO/IEC 11179 typically develop their own controls and requirements for metadata creation, maintenance, and usage based on their unique needs.

Please refer to the official ISO/IEC 11179 publication for more details.

Audit type, frequency, and duration

Since ISO/IEC 11179 is a guide for creating and maintaining a metadata registry, it does not dictate audit types, frequencies, or durations. 

Instead, organizations would use this guide to inform and structure their own assessment and testing activities to ensure their metadata registry conforms to ISO/IEC 11179. 

Get compliant using Secureframe Custom Frameworks

Request a demoangle-right
cta-bg