ISO/IEC 27050-2:2018本文件为组织内高级管理层的技术和非技术人员提供指导，包括负责遵守法律法规要求和行业标准的人员
它描述了此类人员如何识别和承担与电子发现相关的风险，制定政策，并实现对相应外部和内部要求的遵守。它还建议如何以一种能够通知过程控制的形式制定此类政策。此外，它还为如何根据政策实施和控制电子发现提供了指导。

ISO/IEC 27050-2:2018 This document provides guidance for technical and non-technical personnel at senior management levels within an organization, including those with responsibility for compliance with statuary and regulatory requirements, and industry standards.
It describes how such personnel can identify and take ownership of risks related to electronic discovery, set policy and achieve compliance with corresponding external and internal requirements. It also suggests how to produce such policies in a form which can inform process control. Furthermore, it provides guidance on how to implement and control electronic discovery in accordance with the policies.