This document specifies the functional, technology-neutral requirements for trustworthy storage systems (TSS) that ensure storing and managing electronically stored information (ESI) in a protected and secure fashion during the lifecycle of the information. The TSS as specified in this document is storage technology neutral and accordingly does not specify any specific storage media types or configurations.
This document is applicable to all information systems in which users and applications must manage the protection, preservation and security of stored ESI throughout its entire lifecycle to meet organizational and regulatory requirements to enforce:
— immutability, authenticity and trustworthiness of the stored ESI;
— protection of application managed ESI and other stored ESI against tampering, malicious acts and ransomware;
— organizational ESI preservation and retention policies;
— protection for unstructured and unmanaged data.