Thursday, March 19, 2015

Trustworthiness: Self-assessment of an Institutional Repository against ISO 16363-2012

Trustworthiness: Self-assessment of an Institutional Repository against ISO 16363-2012. Bernadette Houghton. D-Lib Magazine. March/April 2015.
Digital preservation is a relatively young field, but progress has been made for developing tools and standards to better support preservation efforts. There is increased interest in standards for the audit and certification of digital repositories because researchers want to know they can trust digital repositories. Digital preservation is a long-term issue. The Trustworthy Repositories Audit and Certification (TRAC) checklist has been widely used as the basis of the activities. It later became ISO 16363 (based on the OAIS model) which contains 105 criteria in 3 areas:
  1. Organizational infrastructure (governance, structure and viability, staffing, accountability, policies, financial sustainability and legal issues)
  2. Digital object management (acquisition and ingest of content, preservation planning and procedures, information management and access)
  3. Infrastructure and security risk management (technical infrastructure and security issues)
 "Undertaking a self-assessment against ISO 16363 is not a trivial task, and is likely to be beyond the ability of smaller repositories to manage." An audit is an arms-length review of the repository, requiring evidence of compliance and testing to see that the repository is functioning as a Trusted Digital Repository.  Most repositories at this time are in an ad hoc, still-evolving situation. That is appropriate at this time, but a more mature approach should be taken in the future. The assessment process would rate features for: Full Compliance, Part Compliance, Not Compliant. The conclusions in the article include:
  • Self-assessment is time-consuming and resource-heavy, but a beneficial exercise
  • Self-assessment is needed before considering external certification. 
  • Certification is expensive.
  • Get senior management on board. Their support is essential.
  • Consider doing an assessment first against NDSA Levels of Digital Preservation  
  • Repository software may be OAIS-compliant, but it doesn't mean your repository is also
  • Not all ISO 16363 criteria have the same importance. Assess each criteria accordingly
  • ISO 16363 is based on a conceptual model and may not fit your exact situation
  • Determine in advance how deep the assessment will go.
  • Document the self-assessment from the start on a wiki and record your findings  

1 comment:

Mark Grogan said...

Well, if we aren't going to resolve this preservation issue, I foresee we're going to see a lot more of the hardware in mobile self storage pods in time to come!