1 / 21

Trusted Digital Repositories: A New Audit Standard A Follow-on to the OAIS

Trusted Digital Repositories: A New Audit Standard A Follow-on to the OAIS. Dan Kowal, Data Administrator, NGDC. Digital Preservation and Nuclear Disaster: An Animation . OAIS Framework. Providers. Users. Other Stakeholders. Why an Audit?. Trustworthiness. OAIS. Archive.

azia
Download Presentation

Trusted Digital Repositories: A New Audit Standard A Follow-on to the OAIS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trusted Digital Repositories: A New Audit Standard A Follow-on to the OAIS Dan Kowal, Data Administrator, NGDC Digital Preservation and Nuclear Disaster: An Animation

  2. OAIS Framework

  3. Providers Users Other Stakeholders Why an Audit? Trustworthiness OAIS Archive

  4. TDR: ISO-16363 www.iso16363.org/ Audit and Certification of Trustworthy Digital Repositories ISO Standard XXXXX

  5. At the very basic level, the definition of a trustworthy digital repository must start with ‘a mission to provide reliable, long-term access to managed digital resources to its Designated Community, now and into the future.’ TDR Definition

  6. Organizational Infrastructure Digital Object Management Infrastructure and Security Risk Management. Audit Structure

  7. Governance & Organizational Viability Organizational Structure & Staffing Procedural Accountability & Preservation Policy Framework. Financial Sustainability Contracts, Licenses & Liabilities. Organizational Infrastructure

  8. Ingest: Acquisition of Content Ingest: Creation of the AIP Preservation Planning AIP Preservation Information Management Access Management Digital Object Management

  9. Technical Infrastructure Risk Management. Security Risk Management. Risk Management

  10. Discussions with Data Managers • Reviewed examples of TDR criteria. • Internal vs. External audit. • Surface vs. Deep Dive. • TDR Checklist Eval. for the DOM.

  11. TDR Checklist Eval. • Do the DM’s understand the criteria? • 45 DOM criteria / 37 for DMs. • Discussed some in depth at DM Mtg. • One confirmed reading support doc. • One 1-on-1 session with DM. • 3 weeks given to review criteria – flag those they don’t understand.

  12. Results of TDR Eval • 6 DMs responded • Most tried to evaluate their data sets. • What don’t you understand? • No indication by two DMs. They only made it through half the questions. • 1 to 11 questions flagged. • 1 DM did not submit spreadsheet results: • “evaluation criteria not particularly clear” • “It appears that the DOM portion of TDR Certification is very narrowly directed at the OAIS…and not necessarily applicable to the broad and varied world of data management systems at NGDC.”

  13. Next Steps • Clarify Criteria Further. • Remove some of the Criterion? What don’t apply? • Expectations for assessment feedback. • Implementation plan for the audit. • Pick a few data sets. • Include in the data migration to CLASS. • Answer the first question: Is TDR certification in NGDC’s best interest?

  14. The repository shall have a mission statement that reflects a commitment to the preservation of, long term retention of, management of, and access to digital information. The repository shall have a Preservation Strategic Plan that defines the approach the repository will take in the long-term support of its mission. The repository shall have a Collection Policy or other document that specifies the type of information it will preserve, retain, manage and provide access to. Org. Infrastructure Example.

  15. Org. Infrastructure Metric Ex.:

  16. Org. Infrastructure Metric Ex. 2:

  17. Digital Object Element Ex.:

  18. 108 audit metrics. TDR Board Approves, Audit Teams has to have certifiable credentials. “Bi-directional” connections emphasized. PDI Representation Info Emphasized. TDR characteristics

  19. TDR Audit Eval. Form https://www.ngdc.noaa.gov/wiki/images/a/ac/Tdr_checklist.xlsx.zip

  20. References • Center for Research Libraries – TDR • Audit Checklist • ISO 16919, entitled, Requirements for Bodies providing Audit and Certification • Primary Trustworthy Digital Repository • Download the ISO 16363 Standard

  21. Archive Audit -Summary How well does NGDC comply to the Open Archive Information System Standard? Trusted Digital Repository Audit Certification - ISO 16363:2012 Defines a recommended practice for assessing the trustworthiness of digital repositories Audit Covers: Organizational Structure Digital Object Management Infrastructure and Security Risk 25 Measures 45 Measures 17 Measures e.g.Repository has the appropriate number of staff to support all functions and services. e.g. Repository identifies properties it will preserve for digital objects. e.g. Repository manages the number and location of copies of all digital objects. • Three Stage Process: • Self Audit • External Audit Team Review • Audit Team Final Report • Status: • STP “Deep Dive” Review in 2011 • TDR Education Overview in 2011 • Documentation Collection in 2012

More Related