Digital Preservation Standards Using ISO for assessment

Similar documents
Trusted Digital Repositories. A systems approach to determining trustworthiness using DRAMBORA

ISO Self-Assessment at the British Library. Caylin Smith Repository

An overview of the OAIS and Representation Information

MAPPING STANDARDS! FOR RICHER ASSESSMENTS. Bertram Lyons AVPreserve Digital Preservation 2014 Washington, DC

University of British Columbia Library. Persistent Digital Collections Implementation Plan. Final project report Summary version

The OAIS Reference Model: current implementations

Improving a Trustworthy Data Repository with ISO 16363

Agenda. Bibliography

Digital Preservation with Special Reference to the Open Archival Information System (OAIS) Reference Model: An Overview

Trust and Certification: the case for Trustworthy Digital Repositories. RDA Europe webinar, 14 February 2017 Ingrid Dillo, DANS, The Netherlands

Digital Preservation DMFUG 2017

Certification. F. Genova (thanks to I. Dillo and Hervé L Hours)

Conducting a Self-Assessment of a Long-Term Archive for Interdisciplinary Scientific Data as a Trustworthy Digital Repository

OAIS: What is it and Where is it Going?

Applying Archival Science to Digital Curation: Advocacy for the Archivist s Role in Implementing and Managing Trusted Digital Repositories

ebooks Preservation at Scholars Portal Kate Davis & Grant Hurley Scholars Portal, Ontario Council of University Libraries

Ensuring Proper Storage for Earth Science Data: The USGS Process to Certify Trusted Digital Repositories

European digital repository certification: the way forward

Certification Efforts at Nestor Working Group and cooperation with Certification Efforts at RLG/OCLC to become an international ISO standard

ISO/ IEC (ITSM) Certification Roadmap

Session Two: OAIS Model & Digital Curation Lifecycle Model

DIGITAL ARCHIVES & PRESERVATION SYSTEMS

GEOSS Data Management Principles: Importance and Implementation

Woodson Research Center Digital Preservation Policy

Introduction to Digital Preservation. Danielle Mericle University of Oregon

Improving Cybersecurity through the use of the Cybersecurity Framework

DEVELOPING, ENABLING, AND SUPPORTING DATA AND REPOSITORY CERTIFICATION

MHA Consulting BCM Metrics Resiliency Through Measurement

ISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006

Audit & Certification: an auditors perspective. Barbara Sierman, KB National Library of the Netherlands Royal Irish Academy, Dublin 4 june 2013

Agile Master Data Management TM : Data Governance in Action. A whitepaper by First San Francisco Partners

<goals> 10/15/11% From production to preservation to access to use: OAIS, TDR, and the FDLP

Preservation and Access of Digital Audiovisual Assets at the Guggenheim

Large Scale Repository Auditing to ISO José Carvalho

Public Meeting Agenda Formatting Best Practices

Geospatial Records and Your Archives

Establishing Trust in Data Curation: OAIS and TRAC applied to a Data Staging Repository (DataStaR)

TOGAF 9 Foundation v9.1 Level 1 Level 1: An Introduction to TOGAF

An Introduction to PREMIS. Jenn Riley Metadata Librarian IU Digital Library Program

How to implement NIST Cybersecurity Framework using ISO WHITE PAPER. Copyright 2017 Advisera Expert Solutions Ltd. All rights reserved.

UNIVERSITY OF NOTTINGHAM LIBRARIES, RESEARCH AND LEARNING RESOURCES

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

A Model for Managing Digital Pictures of the National Archives of Iran Based on the Open Archival Information System Reference Model

Contents. viii. List of figures. List of tables. OGC s foreword. 3 The ITIL Service Management Lifecycle core of practice 17

PRESERVING DIGITAL OBJECTS

30 April 2012 Comprehensive Exam #3 Jewel H. Ward

Assessment of product against OAIS compliance requirements

What is ISO ISMS? Business Beam

Response to the CCSDS s DAI Working Group s call for corrections to the OAIS Draft for Public Examination

Digital Preservation Policy. Principles of digital preservation at the Data Archive for the Social Sciences

Practical IT Research that Drives Measurable Results OptimizeIT Strategic Planning Bundle

DAITSS Demo Virtual Machine Quick Start Guide

Preservation of digital IG at the ICGC. Dolors Barrot, J. Luis Colomer, Anna Lleopart, Carme Montaner, Maria Pla

UVic Libraries digital preservation framework Digital Preservation Working Group 29 March 2017

falanx Cyber ISO 27001: How and why your organisation should get certified

Device Discovery for Vulnerability Assessment: Automating the Handoff

1 There is no single, authorized definition of digital preservation. 2 Definition is from the Framework for Applying OAIS to

Importance of cultural heritage:

ISO Certification. How we got there and why it s worth it! Worried that your compliance program isn t good enough?

Strategy for long term preservation of material collected for the Netarchive by the Royal Library and the State and University Library 2014

Certification as a means of providing trust: the European framework. Ingrid Dillo Data Archiving and Networked Services

Building for the Future

ISACA. Certification Details for Certified in the Governance of Enterprise IT (CGEIT )

UNT Libraries TRAC Audit Checklist

Assessing the FAIRness of Datasets in Trustworthy Digital Repositories: a 5 star scale

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

DCH-RP Trust-Building Report

Different Aspects of Digital Preservation

AV Description with AVPreserve & Indiana University

User Stories : Digital Archiving of UNHCR EDRMS Content. Prepared for UNHCR Open Preservation Foundation, May 2017 Version 0.5

NCSF Foundation Certification

An Audit Checklist for the Certification of Trusted Digital Repositories DRAFT FOR PUBLIC COMMENT

ISO 55001: 2014 Asset Management System 5-Day Training Course (IAM Certified)

DRS Update. HL Digital Preservation Services & Library Technology Services Created 2/2017, Updated 4/2017

CoSA & Preservica Practical Digital Preservation 2015/16. Achieving ISO Standards for your Digital Archive October 27, :00-15:00 EDT

3D Visualization. Requirements Document. LOTAR International, Visualization Working Group ABSTRACT

Report on compliance validation

What do you do when your file formats become obsolete? Lydia T. Motyka Florida Center for Library Automation USETDA 2011

SOLUTION BRIEF Virtual CISO

Building YOUR Privacy Program: One Size Does Not Fit All. IBM Security Services

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

Slide 1 & 2 Technical issues Slide 3 Technical expertise (continued...)

Data Curation Handbook Steps

CCSDS STANDARDS A Reference Model for an Open Archival Information System (OAIS)

31 March 2012 Literature Review #4 Jewel H. Ward

Building on to the Digital Preservation Foundation at Harvard Library. Andrea Goethals ABCD-Library Meeting June 27, 2016

Framework for Improving Critical Infrastructure Cybersecurity

Implementing ITIL v3 Service Lifecycle

Building a Digital Repository on a Shoestring Budget

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

ITG. Information Security Management System Manual

Advanced Security Tester Course Outline

BYOD WORK THE NUTS AND BOLTS OF MAKING. Brent Gatewood, CRM

Management s Response to the Auditor General s Review of Management and Oversight of the Integrated Business Management System (IBMS)

Perfect Balance of Public and Private Cloud

Digits Fugit or. Preserving Digital Materials Long Term. Chris Erickson - Brigham Young University

Preserving Electronic Mailing Lists as Scholarly Resources: The H-Net Archives

Business Architecture Implementation Workshop

How to Underpin Security Transformation With Complete Visibility of Your Attack Surface

Its All About The Metadata

Transcription:

Digital Preservation Standards Using ISO 16363 for assessment Preservation Administrators Interest Group, American Library Association, June 25, 2016 Amy Rudersdorf Senior Consultant, AVPreserve amy@avpreserve.com @avpreserve / @rudeamy Digital preservation standards assessment VS. AUDIT 16363 for assessment This presentation offers an extremely brief overview of the concept of digital preservation, an equally brief overview of two of the standards employed by digital preservationists to create frameworks and guide development and assessment of systems they manage. It also covers the difference between assessments and audits, and why and how ISO standard 16363 can be used to assess your digital preservation program. 2

Digital PRESERVATION Digital preservation is a function of digital curation, in which digital content is prepared and actively managed for long-term access. Digital content requires constant, active management. At the most basic level, this includes managing multiple copies in different geographic locations, ongoing and consistent comparison of the same files in multiple locations to ensure that no changes have occurred to them (this is called fixity checking) and performing healing procedures when files no longer match up, and maintaining audit logs from the time of ingest into the archival system that tracks all activities, like access and changes to the files over time. 3 Digital preservation is the active management of digital content over time to ensure ongoing access. Here s a simple definition of the to concept of digital preservation. Again, you ll see the mention of active management. Digital content can t be left on external hard drives that are stored in a closet. Hard drives degrade, computers crash, CDs and DVDs aren t as stable as we once thought. We need to constantly move or manage our digital content redundantly on multiple servers to keep them safe. But digital preservation is not just about technical management. It is also an ecosystem of organization, administration, resources, and people who are keeping these technologies and the tools and services performed in the cause of digital preservation active. http://www.digitalpreservation.gov/about/ 4

Standards This leads to standards. Standards are key to guiding our practice, ensuring that we re all working in the same way and towards the same goals. Standards mean we re aligning our practice so that, while our day-to-day work may be specific to an institution s organizational structure and needs, each organization is using the same frameworks and strategies to manage and assess the systems we use. 5 ISO 14721:2012 Open archival information system (OAIS) Reference model The standard that is probably most often discussed in reference to digital preservation is the Open Archival Information System reference model. It is a conceptual framework for an archival system dedicated to preserving and maintaining access to digital information over the long term. It describes the environment in which an archive resides, the functional components of the archive itself, and the information infrastructure supporting the archive s processes. 6

P R O D U C E R SIP Descriptive Info Ingest AIP Preservation Planning DATA MANAGEMENT archival storage Descriptive Info AIP access DIP C o n s u m e r The Open Archival Information System, usually referred to as the OAIS model, is a reference model that has been widely accepted by the digital preservation community as a key standard for digital repositories. The OAIS model is a framework for how digital assets should be preserved from the moment digital material is ingested into the digital storage system, through subsequent preservation strategies to the creation of a dissemination package for the end user. It was adopted as an ISO standard in 2003 (ISO 14721:2003 OAIS) and reviewed and updated again in 2012. It is currently under review with revisions expected in 2017. ADMINISTRATION MANAGEMENT 7 ISO 16363:2012 Audit and certification of trustworthy digital repositories Another important standard in the digital preservation community is ISO 16363 - The Audit and certification of trustworthy digital repositories. The main purpose of this document is to define a Recommended Practice on which to base an audit and certification process for trustworthiness of digital repositories. 8

A trusted digital repository is one whose mission is to provide reliable, long-term access to managed digital resources to its designated community, now and in the future The standard outlines, in very specific terms, the organizational and technical requirements that a repository (in the OAIS sense) needs to implement to be considered truly trustworthy. http://www.digitalpreservation.gov/about/ 9 1 organizational infrastructure = 25 The standard is broken into three sections: Organizational Structure, Digital Object Management, and Information and Security Risk Management. Each section is comprised of specific metrics that number is on the right that describe the characteristics of the TDR. 2 digital object management = 60 3 information and security risk management = 24 10

This is an example of what one metric from the organizational infrastructure section looks like. Each metric has a statement (at the top, highlighted in yellow), Supporting text to explain it further, examples of how the repository can demonstrate it is meeting the requirement, and a further discussion. 11 There are 109 metrics in all that a repository is assessed against. It is complex, time consuming to undertake, and some of the metrics can be really challenging to understand and address. Even so, the ISO 16363 standard is powerful as a repository assessment tool. 109 Metrics 12

I ve used assessment and audit in the context of ISO 16363. What s the difference and why might one be used over the other with ISO 16363? Assessments VS. AUDITS 13 vs. 0-4 14 An audit is a review of a system, in this case a digital repository, to ensure compliance. The outcome of an audit is binary either you pass or fail either you are trusted or not. The 109 metrics must be met in order to be certified as trusted. If you don t meet them, you fail. An assessment, on the other hand, looks at a digital repository to see how the the system is succeeding and where there are gaps. At AVPreserve, we ve developed a measurement tool that considers each metric separately, and the outcome of each is scored on a scale from 0 to 4 based on readiness. We also prioritize when a metric needs to be addressed and how. Organizations get a sense of how they stand up to each metric, each category (such as organizational infrastructure ), and the entire set of metrics scored at each level to give a true sense of readiness, strengths, and gaps.

Here s the outcome of an actual assessment this is a list of metrics that scored 3s (in yellow) and a 2 (in red). Beside each score is a timeframe (short, medium) and a priority (first, second, third) by which the metric should be addressed. That way, everything doesn t have to be a priority, and growth can happen in manageable chunks. 15 identify gaps in practice find opportunities for growth The outcome of an assessment isn t a pass/fail it provides feedback for growth, identifies gaps in practice, and spotlights strengths. Each assessment, when repeated every 2-3 years, takes us a step closer to a TDR. spotlight strengths in our approaches to Trustworthy Digital Repository management 16

16363 ASSESSMENT Assessments against ISO 16363 can be done internally or by an neutral, external party. Set aside a good chunk of time or seek assistance before undertaking an assessment but definitely consider doing one! Wider adoption of 16363 standard as an assessment tool would, over time, move the digital preservation community and its repositories ever closer to the high bar of trustworthiness and compliance. 17 THANK YOU! avpreserve.com amy@avpreserve.com @rudeamy @avpreserve 18

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback