1 / 28

Assuring long term access to your digital collections:  Risk Assessment and its role

Assuring long term access to your digital collections:  Risk Assessment and its role. LIZ BISHOFF, DIRECTOR BCR, DIGITAL & PRESERVATION SERVICES University of Alberta-Ex Libris Symposium March 4-5, 2010. Policy environment.

gita
Download Presentation

Assuring long term access to your digital collections:  Risk Assessment and its role

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Assuring long term access to your digital collections:  Risk Assessment and its role LIZ BISHOFF, DIRECTOR BCR, DIGITAL & PRESERVATION SERVICES University of Alberta-Ex Libris Symposium March 4-5, 2010

  2. Policy environment • ‘Perhaps digital preservation is the wrong label. Maybe we should be using preserving for long term access. Maybe we can gain more traction with the public if we use different terminology.’ • Dame Lynn Brindley, CEO British Library, September 29, 2008 • ‘Too often an organization undertakes responsibility for digital stewardship without first ensuring that the necessary policies and controls are in place or that the institution itself views digital preservation as a core mandate.’ • Kenney & Buckley, Developing Digital Preservation Programs: Cornell Survey of Digital Readiness, Digi-News,2005

  3. Goal of long term access: digital preservation • Digital preservation: • Managed activities necessary for ensuring both the long-term maintenance of a byte stream and continued accessibility of its contents. (TDR, p.3) • Aims to ensure that future users will be able to discover, retrieve, render, manipulate, interpret and use digital information in face of constantly changing technology

  4. Backup vs. digital preservation ‘Disaster recovery strategies and backup systems are not sufficient to ensure survival and access to authentic digital resources over time. A backup is short-term data recovery solution following loss or corruption and is fundamentally different to an electronic preservation archive.’ JISC. Digital Preservation: Continued Access to authentic digital assets. (November, 2006)

  5. ALCTS PARS digital preservation definitions • Short definition:Digital preservation combines policies, strategies and actions that ensure access to digital content over time. • Medium definition:Digital preservation combines policies, strategies, and actions that ensure access to content that is born digital or converted to digital form regardless of the challenges of file corruption, media failure and technological change. The goal of digital preservation is the most accurate rendering possible of authenticated content over time. 5

  6. ALCTS long definition • Digital preservation combines policies, strategies and actions to ensure the most accurate rendering of authenticated content over time, regardless of the challenges of file corruption, media failure and technological change. Digital preservation applies to content that is born digital or converted to digital form. • Digital preservation policies document an organization's commitment to preserve digital content for future use; specify file formats to be preserved and the level of preservation to be provided; and ensure compliance with standards and best practices for responsible stewardship of digital information. • Digital preservation strategies and actions address content creation, integrity and maintenance. 6

  7. ALCTS long definition (cont.) • Content creation includes: • Clear and complete technical specifications • Production of reliable master files • Sufficient descriptive, administrative and structural metadata to ensure future access • Detailed quality control of processes • Use of persistent identifiers • Content integrity includes: • Documentation of all policies, strategies and procedures • Recorded provenance and change history for all objects • Verification mechanisms • Attention to security requirements • Routine audits • Content maintenance includes: • A robust computing and networking infrastructure • Storage and synchronization of files at multiple sites • Continuous monitoring and management of files • Programs for refreshing, migration and emulation • Creation and testing of disaster prevention and recovery plans • Periodic review and updating of policies and procedures 7

  8. Open Archival Information System (OAIS) • Conceptual framework for an archival system dedicated to preserving and maintaining access to digital information over the long term • Defines 6 functions of a digital archive • Ingest • Archival storage • Data management • Administration • Access • Preservation planning

  9. Descriptive Info. AIP Open Archival Information System Preservation Planning P R O D U C E R C O N S U M E R Data Management queries result sets SIP Ingest Access orders Archival Storage DIP Administration MANAGEMENT SIP = Submission Information Package AIP = Archival Information Package DIP = Dissemination Information Package Adapted from OAIS Tutorial presented at the Library of Congress, 2003-06-13

  10. How do you decidewhat to preserve?

  11. A risk… • Varies by specific application & situation/context • Described both qualitatively and quantitatively • Risk is considered an indicator of both • Threat, vulnerability, impact, uncertainty • Chance that specific individuals are willing to undertake some desired goal

  12. Digital preservation risks • Can be technical • Can be physical • Can be organizational • Can be socio-cultural • Can be legal • Can be financial • Can be political • Can be contractual • Can be force majeur

  13. Risk and digital collections

  14. Risk impact on digital collections • Considered in terms of: • Impact on repository staff or public well-being • Impact of damage to or loss of digital assets • Impact of statutory or regulatory breach • Damage to organizations reputation • Damage to financial viability • Deterioration of product or service quality • Environmental damage • Loss of ability to ensure digital object authenticity and understandability is ultimate expression of impact

  15. How do you measure your organization’s risk? • Commitment to preservation: • Mandate or mission statement of the repository • Defines who the repository services are for • Defines target users of the content • Defines digital content to be collected • Defines how long the content will be kept • Defines type of services repository will offer • Risk is that the mandate is not formalized • How committed are you to your collections?

  16. Failure of sustainability • Risk: Failure of succession planning and sustainability • Has the organization implemented an organizational structure that will support its continued commitment? • Is there a budget that supports continued commitment? • Is there a defined exit strategy or succession plan?

  17. File formats in your collections • Risk: Lack of knowledge of file formats in collection • Is there a comprehensive list of file formats in the digital library’s care? • Lacking an easily available list makes it difficult to plan digital preservation activities • Risk: Identify file formats that meet user expectations • Have you identified the specific file formats you can preserve based on your user needs? • Repository needs to clarify the file formats required by the user that it can support

  18. Organizational fitness • Risk: Sustainability of key members of staff • Repository staff—supported with soft money • Loss of key personnel would put operation of repository at risk • How many staff can leave & the repository still operate? • Risk: Sustainability of budget • What funding sources support the repository? Is the budget balanced? Do they following generally accepted accounting practices? • Is there an exit strategy?

  19. Staff skills • Risk: Staff skills maintained • Can staff deal with emerging technologies, formats, and concepts? • Skills audit: Create an inventory of required skills, what skills are needed and how will those be gained? • Provide ongoing training: demonstrate through budget and training plan.

  20. Legal and regulatory legitimacy • Risk: Maintain requisite contractual and legal rights • Will you have materials that commit you due to regulatory framework or legislative requirements? • Are there societal, ethical, judicial or other governance requirements? • Are there standards or voluntary codes to comply with? • Examples

  21. Clear policy framework • Risk: Need a clear policy framework • Is there a tradition of developing policies, reviewing them at regular intervals & enforcing them? • Policy by ‘oral tradition’ is insufficient in digital preservation • Cannot enforce policies that aren’t in writing • Repository is inefficient if it is not transparent • Transparency comes about by having policies written down and being openly available

  22. Risk Assessment: Putting it into practice

  23. Risk assessment activities • Inventory your digital assets • Categorize by format (TIFF, JPEG) • Number of files • Software/hardware/operating system to create • Storage environment for digital resources • Hardware, software, operating environment • Age, maintenance environment • Metadata available to support these resources. • Data is required for planning and decision making

  24. Assessing and managing the risk • Define the risk • Conduct a risk benefit analysis • Relevance to the mission • Adherence to organizations policies • Authenticity • Integrity • Physical condition • Accuracy & completeness • Etc. • DRAMBORA lists 80 sample risks

  25. Typical technical risks • Requirement is to: • Have a technical infrastructure adequate to provide continuing maintenance and security of the digital objects • Preserve original files exactly as submitted with demonstrated integrity, viability and authenticity • Adequate hardware and software • Trained staff • Renewal strategies • Suitable contractual arrangements

  26. Typical technical risks • Risk: • Non-availability of core utilities—power, water, electricity resulting in loss of digital library service. • Risk: • Natural disaster that disrupts digital library service • Risk: • Loss of core services due to loss of network, catalog, storage device, etc. • Risk: • Security breach • Loss of access to stored objects • Physical capacity of stored objects is insufficient

  27. Planning and digital repositories? • Tools for planning • Digital Repository Audit Method Based on Risk Assessment (DRAMBORA), DCC http://www.repositoryaudit.eu • Audit and certification • Trustworthy Repository: Audit and Certification. OCLC/CRL, February, 2007. http://www.crl.edu/sites/default/files/attachments/pages/trac_0.pdf

  28. Thank you Questions? Liz Bishoff lbishoff@bcr.org 303-751-6277

More Related