|
⇤ ← Revision 1 as of 2008-06-26 12:26:09
Size: 4413
Comment: Created by the PackagePages action.
|
← Revision 2 as of 2010-03-17 13:12:55 ⇥
Size: 4430
Comment: converted to 1.6 markup
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 3: | Line 3: |
| DRAMBORA is short for ''Digital Repository Audit Method Based on Risk Assessment''. The DRAMBORA creators are the [http://www.dcc.ac.uk/ Digital Curation Centre] (DCC) and [http://www.digitalpreservationeurope.eu/ DigitalPreservationEurope] (DPE). The notes are for the DRAMBORA guide version 1.0 ''Draft for Public Testing & Comment''. | DRAMBORA is short for ''Digital Repository Audit Method Based on Risk Assessment''. The DRAMBORA creators are the [[http://www.dcc.ac.uk/|Digital Curation Centre]] (DCC) and [[http://www.digitalpreservationeurope.eu/|DigitalPreservationEurope]] (DPE). The notes are for the DRAMBORA guide version 1.0 ''Draft for Public Testing & Comment''. |
| Line 5: | Line 5: |
| * [#Summary Executive Summary] * [#Introduction Introduction] * [:NotesOnDramboraPartIBackground: PART I: Background] * [#Process PART II: Audit Process] * [#Conclusions PART III: Conclusions] * [#app3 Appendix 3: Example Risk Register] |
* [[#Summary|Executive Summary]] * [[#Introduction|Introduction]] * [[NotesOnDramboraPartIBackground| PART I: Background]] * [[#Process|PART II: Audit Process]] * [[#Conclusions|PART III: Conclusions]] * [[#app3|Appendix 3: Example Risk Register]] |
| Line 12: | Line 12: |
| [[Anchor(Summary)]] | <<Anchor(Summary)>> |
| Line 18: | Line 18: |
| [[Anchor(Introduction)]] | <<Anchor(Introduction)>> |
| Line 29: | Line 29: |
| [:NotesOnDramboraPartIBackground: Notes on the background.] | [[NotesOnDramboraPartIBackground| Notes on the background.]] |
| Line 31: | Line 31: |
| [[Anchor(Process)]] | <<Anchor(Process)>> |
| Line 53: | Line 53: |
| [:NotesOnDramboraPartIIAuditProcess: More notes on the audit process.] | [[NotesOnDramboraPartIIAuditProcess| More notes on the audit process.]] |
| Line 55: | Line 55: |
| [[Anchor(Conclusions)]] | <<Anchor(Conclusions)>> |
| Line 64: | Line 64: |
| [[Anchor(app3)]] | <<Anchor(app3)>> |
DRAMBORA Notes
DRAMBORA is short for Digital Repository Audit Method Based on Risk Assessment. The DRAMBORA creators are the Digital Curation Centre (DCC) and DigitalPreservationEurope (DPE). The notes are for the DRAMBORA guide version 1.0 Draft for Public Testing & Comment.
Executive Summary
The DRAMBORA toolkit represents the latest developement in an effort to conceive criteria, means and methodologies for audit and certification of digital repositories. The RLG/NARA Task Force (TRAC) and the nestor working group have also developed criteria (check-lists) for audit and certification of trustworthy digital repositories. Drambora can be used in association with one or both of these check-lists.
Introduction
- Digital curation is characterised as a process of transforming controllable and uncontrollable uncertainties into a framework of manageable risks.
- The method seeks to determine whether the repository has made every effort to avoid and contain identified risks that might impede its ability to recieve, curate and provide access to authentic, understandable digital information.
- Repositories are expected not only to identify and manage risks, but also to demonstrate their ability to do so.
- This toolkit is meant for self-assessment and should help identify risks and measures.
- The primary repository functions are receiving, keeping, documenting and disseminating authentic usable objects.
- Risks should be divided into functional classes and internal and external risks.
PART I: Background
PART II: Audit Process
Audit Process Stages:
- Stage 1: Identify organisational context
- Stage 2: Document policy and regulatory framework
- Stage 3: Identify activities, and their owners (see functional classes activity examples pages 71-73)
- Stage 4: Identify risks (see generic list of risks pages 81-83)
- Stage 5: Assess risks
- Stage 6: Manage risks
Functional classes:
- Operational functional classes:
Acquisition & Ingest
Preservation & Storage
- Metadata management
Access & dissemination
- Support functional classes:
Organisation & management
- Staffing
- Financial management
Technical infrastructure & security
More notes on the audit process.
PART III: Conclusions
Valuable results of the process are a documented self-awareness of fundamental objectives, a documented understanding of the risks and choice of means for risk management including strategies for avoidance, treatment, transfer and tolerance.
Appendix 3: Example Risk Register
The summary example list is on pages 81-83; this appendix contain the full examples. There are examples which focus on management, resource allocation, business reputation and staffing, but there are also a couple on community requirements, some on policies and procedures, some on legal liability (IPR is Intellectual Property Rights), a couple on 'repository success' and some on hardware, software, storage media, security, third-party services, recieved packages (for ingest), loss of confidentiality/availability/authenticity/integrity/reliability/provenance of information, backups/copies, preservation, metadata management and access and dissemination (78 in total). We should probably take a quick look at all of them.