ISO 19650-5-2020 PDF

Full title and description

ISO 19650-5:2020 — Organization and digitization of information about buildings and civil engineering works, including building information modelling (BIM) — Information management using building information modelling — Part 5: Security-minded approach to information management. The standard specifies principles and requirements for a security‑minded approach to managing sensitive information throughout the lifecycle of built‑environment projects and assets.

Abstract

This document defines a proportionate, organisation‑level security mindset and associated measures for information obtained, created, processed or stored during the creation, design, construction, manufacture, operation, management, modification, improvement, demolition and/or recycling of assets or products in the built environment. It addresses sensitivity assessment, the initiation of a security‑minded approach, development of security strategy and management plans, incident/breach response and the responsibilities of appointed parties.

General information

• Status: Published (confirmed).
• Publication date: 2020-06 (June 2020).
• Publisher: International Organization for Standardization (ISO).
• ICS / categories: 93.010; 35.240.67; 91.010.01.
• Edition / version: Edition 1 (2020).
• Number of pages: 28.

Authoritative bibliographic and lifecycle details above (status, date, edition, pages and ICS codes) are recorded on the ISO catalogue entry for ISO 19650-5:2020.

Scope

Specifies the principles and requirements for applying a security‑minded information management approach where sensitive information is handled as part of built‑environment activities. The scope covers creation and maintenance of a security mindset and culture, sensitivity assessment of information, development of security strategy and security management plans, incident/breach management, monitoring and auditing of compliance, and coordination with appointed parties across the lifecycle of projects and assets. The approach is intended to be proportionate to risk and applicable to any organisation that uses information management and related technologies in the built environment.

Key topics and requirements

• Establishing the need for a security‑minded approach using a sensitivity assessment process.
• Initiating and embedding a security‑minded culture and governance across organisations and supply chains.
• Developing a proportionate security strategy aligned to roles, responsibilities and context.
• Preparing security management plans that define controls for access, handling, storage and sharing of sensitive information.
• Incident and breach management planning, reporting and recovery arrangements.
• Monitoring, auditing and continual review of security measures and compliance.
• Defining obligations for appointed parties and information exchanges within projects and operations.

These topics align with the clauses and guidance set out in the ISO 19650‑5 text.

Typical use and users

Used by asset owners, project clients, principal contractors, design and engineering teams, facility managers, information managers, security and risk teams, and any appointed parties involved in BIM or digital information management for built‑environment projects. It supports organisations seeking to protect commercial sensitivity, personal data and intellectual property while enabling appropriate information sharing.

Related standards

ISO 19650-5 is part of the ISO 19650 series (information management using BIM) and is intended to be used alongside ISO 19650‑1 and ISO 19650‑2 (and related parts) that define concepts, principles and procedural requirements for information management. Many national bodies have published identical/adopted versions (for example EN ISO / BS EN adoptions).

Keywords

security-minded, information management, BIM, sensitivity assessment, security strategy, security management plan, incident management, built environment, ISO 19650.

FAQ

Q: What is this standard?

A: An ISO international standard (ISO 19650‑5:2020) that defines a security‑minded approach to information management for BIM and other digital information used in the built environment.

Q: What does it cover?

A: Principles and requirements for assessing information sensitivity, establishing governance and culture, creating security strategies and management plans, handling incidents/breaches, and coordinating appointed parties to protect sensitive information throughout asset and project lifecycles.

Q: Who typically uses it?

A: Asset owners/clients, project teams, information managers, security/risk officers, contractors, facility managers and consultants involved in BIM and digital information exchange in construction and asset management.

Q: Is it current or superseded?

A: ISO 19650‑5:2020 is the first edition (published June 2020). The ISO catalogue shows the standard was reviewed and confirmed through the regular review cycle, and the published edition remains current. Users should check their national adoption or amendments for any local modifications.

Q: Is it part of a series?

A: Yes — it is Part 5 of the ISO 19650 series (information management using BIM). It is intended to be used together with other parts of ISO 19650 (for example Part 1 and Part 2) and with relevant national/adopted versions (EN/BS/other national adoptions).

Q: What are the key keywords?

A: security-minded, information sensitivity, BIM, information management, security strategy, security management plan, incident response, asset lifecycle.