Criteria for Assessing Repository Trustworthiness: An Assessment

Slides:

Advertisements

Similar presentations

Co-funded by the European Union under FP7-ICT aparsen.eu #APARSEN Audit & Certification: an auditors perspective Barbara Sierman, KB National Library.

Advertisements

Providing access to your data: Determining your audience Robert R. Downs, PhD NASA Socioeconomic Data and Applications Center (SEDAC) Center for International.

Fedora Users’ Conference Rutgers University May 14, 2005 Researching Fedora's Ability to Serve as a Preservation System for Electronic University Records.

By Eileen Clegg Digital Preservation at Columbia in the Old Days (2009)

TRAC / TDR ICPSR Trustworthy Digital Repositories.

IS Audit Function Knowledge

Designing Flexible Workflow for Upstream Participation of the Scientific Data Community Robert R. Downs and Robert S. Chen NASA Socioeconomic Data and.

Purpose of the Standards

Who is doing a good job in digital preservation? Audit and Certification of Digital Repositories: ISO and the European Framework.

Internal Auditing and Outsourcing

Chinese-European Workshop on Digital Preservation, Beijing July 14 – Network of Expertise in Digital Preservation 1 Trusted Digital Repositories,

Providing Access to Your Data: Tracking Data Usage Robert R. Downs, PhD NASA Socioeconomic Data and Applications Center (SEDAC) Center for International.

World Data Center for Human Interactions in the Environment Conducting a Self-Assessment of a Long-Term Archive for Interdisciplinary Scientific Data as.

Repository Requirements and Assessment August 1, 2013 Data Curation Course.

MOIMS Reportp. 1 Digital Repository Audit and Certification BOF Goal  Obtain CCSDS / ISO approval of a standard that establishes the criteria that a repository.

Data Archiving and Networked Services DANS is an institute of KNAW en NWO Trusted Digital Archives and the Data Seal of Approval Peter Doorn Data Archiving.

Responsible Data Use: Data restrictions Robert R. Downs, PhD NASA Socioeconomic Data and Applications Center (SEDAC) Center for International Earth Science.

BSBPMG404A Apply Quality Management Techniques Apply Quality Management Techniques Unit Guide C ertificate IV in Project Management Qualification.

Workshop on Implementing Audit Quality Practices March 2006 Building Quality into the Financial Audit Process The NAO’s experience Gareth Caller.

OAIS Open Archival Information System. “Content creators, systems developers, custodians, and future users are all potential stakeholders in the preservation.

Reference Model for an Open Archival Information System (OAIS) ESIP Summer Meeting John Garrett – ADNET Systems at NASA/GSFC ESIP Summer Meeting.

DigCCurr Professional Institute: Curation Practices for the Digital Object Lifecycle Digital Curation Program Development Nancy Y McGovern Research Assistant.

BSBPMG505A Manage Project Quality Manage Project Quality Unit Guide Diploma of Project Management Qualification Code BSB51507 Unit Code BSBPMG505A.

Responsible Data Use: Data Restrictions Robert R. Downs, PhD NASA Socioeconomic Data and Applications Center (SEDAC) Center for International Earth Science.

OAIS Rathachai Chawuthai Information Management CSIM / AIT Issued document 1.0.

April 12, 2005 WHAT DOES IT MEAN TO BE AN ARCHIVES? Trusted Digital Repository Model Original Presentation by Bruce Ambacher Extended by Don Sawyer 12.

A Compendium of Selected Educational Resources for You and Your Students, Part 2 CIESIN.

Data Systems Integration Committee of the Earth Science Data System Working Group (ESDSWG) on Data Quality Robert R. Downs 1 Yaxing Wei 2, and David F.

SEDAC Long-Term Archive Development Robert R. Downs Socioeconomic Data and Applications Center Center for International Earth Science Information Network.

Providing access to your data: Determining your audience Robert R. Downs, PhD NASA Socioeconomic Data and Applications Center (SEDAC) Center for International.

Working with your archive organization: Broadening your user community Robert R. Downs, PhD Socioeconomic Data and Applications Center (SEDAC) Center for.

Providing access to your data: Handling sensitive data Robert R. Downs, PhD NASA Socioeconomic Data and Applications Center (SEDAC) Center for International.

ICAJ/PAB - Improving Compliance with International Standards on Auditing Planning an audit of financial statements 19 July 2014.

SciDataCon 2014, WDS Forum, Dehli WDS Certification Objective: building trust in the usage of data & data services Michael Diepenbroek Rorie Edmunds Mustapha.

INFORMATION SYSTEMS SERVICES UNIVERSITY OF LEEDS ERPANET: OAIS Seminar Copenhagen - København 28th November 2002 Introducing the OAIS Model _________________________________.

 Planning an audit of cost statements, records and other related documents is considered necessary to ensure achievement of audit objectives with available.

DSA & WDS WG Certification RDA Outputs: Munich 20 February 2015.

BSBPMG404A Apply Quality Management Techniques Apply Quality Management Techniques Unit Guide C ertificate IV in Project Management Qualification.

Audit & Certification in APARSEN

Audit & Certification with ISO standards

Robert R. Downs1and Robert S. Chen2

Digital Repository Certification Schema A Pathway for Implementing the GEO Data Sharing and Data Management Principles Robert R. Downs, PhD Sr. Digital.

Auditing of Trustworthy Data Repositories – Speakers

Preparing a Trustworthy Domain Repository for ISO Certification

Trusted Repository Systems Overview

OAIS Producer (archive) Consumer Management

Adapted from Presentations by:

Developing Criteria to Establish Trusted Digital Repositories

Certification of Trusted Repositories

RDA/WDS IG Certification of Digital Repositories The new 'Core Trustworthy Data Repository Requirements' hands-on RDA Plenary 9, Barcelona,

D33.1B PEER REVIEW OF DIGITAL REPOSITORIES

Providing Access to Your Data: Handling sensitive data

Trustworthiness of Preservation Systems

The Job Market for Data Professionals

Federation of Earth Science Information Partners (ESIP)

Digital Repository Audit and Certification BOF

Manage Project Quality Unit Guide Diploma of Project Management Qualification Code BSB51507 Unit Code BSBPMG505A.

Prepared by Rand E Winters, Jr. ASR Senior Auditor October 2014

W. Christopher Lenhardt

Open Archival Information System (OAIS)

ISO 9001:2015 Auditor / Registration Decision Lessons Learned

Identifiers Answer Questions

Standards and Certification Training

Registration Decision Criteria

METHOD VALIDATION: AN ESSENTIAL COMPONENT OF THE MEASUREMENT PROCESS

Open Archival Information System

Introduction to the Information Quality Use Case on the Data Rice Cooker Theory Robert R. Downs NASA Socioeconomic Data and.

A Case Study for Synergistically Implementing the Management of Open Data Robert R. Downs NASA Socioeconomic Data and Applications.

The Reference Model for an Open Archival Information System (OAIS)

Experimental Internet Resource Allocations

Presentation transcript:

Criteria for Assessing Repository Trustworthiness: An Assessment John Steven Hughes1 and Robert R. Downs2 1 steve.hughes@jpl.nasa.gov NASA Jet Propulsion Laboratory (JPL), California Institute of Technology 2 rdowns@ciesin.columbia.edu NASA Socioeconomic Data and Applications Center (SEDAC) Center for International Earth Science Information Network (CIESIN), The Earth Institute, Columbia University SciDataCon 2016 Denver, CO 11-13 September 2016 Session 100: Auditing of Trustworthy Data Repositories Monday 12 September 2016, 14:00 Copyright 2016, John Steven Hughes and Robert R. Downs

The OAIS Reference Model ISO 14721, Reference Model for an Open Archival Information System (OAIS) Framework for repositories to provide long-term stewardship of data and other digital information Used as a basis for assessment instruments and activities Developed by Consultative Committee for Space Data Systems (CCSDS) in 2003 Published by ISO in 2003, reviewed and revised in 2012 https://public.ccsds.org/Pubs/650x0m2.pdf ISO 14721:2012 5-year review started in August 2016

ISO Repository Trustworthiness ISO 16363, Audit and Certification of Candidate Trustworthy Digital Repositories Based on OAIS Reference Model Instrument for assessing trustworthiness of repositories Developed by CCSDS in 2011 https://public.ccsds.org/Pubs/652x0m1.pdf Published by ISO in 2012 ISO 16363:2012 5-year review started in August 2016 Simultaneous review with ISO 14721:2012 (OAIS RM)

Pre-Review Assessment of ISO 16363 Scope of preliminary assessment Overall suitability of ISO 16363 to assess data repository trustworthiness Approach Analysis of the ISO 16363 organization and metrics for measuring the trustworthiness of a data repository Method Independently assessed ISO 16363 metrics for Mandatory Responsibilities Attained consensus based on agreement of independent assessments Details examined Organization of ISO 16363:2012 ISO 16363 Metrics for measuring the Mandatory Responsibilities for compliance with the Open Archival Information Systems (OAIS)

Hierarchical organization of metrics into three sections* Organization of ISO 16363:2012 Hierarchical organization of metrics into three sections* Organizational Infrastructure Digital Object Management Infrastructure and Security Risk Management Hierarchical organization within sections Subsections under each section Hierarchical organization of metrics Sub-metrics under selected metrics Structure within metrics Supporting text, Examples, and Discussion for each metric *Source: CCSDS. 2011. Audit and Certification of Trustworthy Digital Repositories

OAIS Mandatory Responsibilities* Negotiates for and Accepts Information Negotiate for and accept appropriate information from information Producers. Obtains Sufficient Control Obtain sufficient control of the information provided to the level needed to ensure Long Term Preservation. Determines Designated Community Determine, either by itself or in conjunction with other parties, which communities should become the Designated Community and, therefore, should be able to understand the information provided, thereby defining its Knowledge Base. Ensures Information is Independently Understandable Ensure that the information to be preserved is Independently Understandable to the Designated Community. In particular, the Designated Community should be able to understand the information without needing special resources such as the assistance of the experts who produced the information. Follows Established Preservation Policies and Procedures Follow documented policies and procedures which ensure that the information is preserved against all reasonable contingencies, including the demise of the Archive, ensuring that it is never deleted unless allowed as part of an approved strategy. There should be no ad-hoc deletions. Makes the Information Available Make the preserved information available to the Designated Community and enable the information to be disseminated as copies of, or as traceable to, the original submitted Data Objects with evidence supporting its Authenticity. *Derived from: CCSDS. 2012. Reference Model for an OAIS.

Results - ISO 16363 Organization Hierarchical organization of metrics into 3 sections Organizational Infrastructure, Digital Object Management, and Infrastructure and Security Risk Management are logical groupings Hierarchical organization within sections Subsections within each section reflect logical organization of standard Metrics pertain to the section in which they appear Hierarchical organization of metrics Sub-metrics under selected metrics introduces potential redundancy Structure within metrics Metrics are described concisely, but some could be explained further Supporting text, Examples, and Discussion provide context for each metric

Requirements by Organizational Structure

Requirements within Organizational Structure

ISO 16363 Measurement of Mandatory Responsibilities 109 metrics and sub-metrics Multiple metrics measure each Mandatory Responsibility Many metrics measure multiple Mandatory Responsibilities Mandatory Responsibilities measured more than others Follow Established Preservation Policies and Procedures Obtains Sufficient Control Mandatory Responsibilities measured less than others Negotiates for and Accepts Information Ensures Information is Independently Understandable Determines Designated Community Make the Information Available

Metrics Measuring Mandatory Responsibilities Number of Metrics Found that Measure Mandatory Responsibilities

Metrics Measuring Mandatory Responsibilities within Organizational Structure of ISO 16363

Recommendations (3 Examples) Generally, revise or update language in metrics, including explanation, discussion, and examples for selected metrics to reflect current capabilities and recent improvements in data management practices Revise terms in metrics to enable consistent interpretation "Obtain sufficient control for Preservation" implies legal issues (metric 3.5.1); business planning (metric 3.4.1); and tracking 4.1.6 Combine or revise metrics for consistent level of detail For example, the submetrics for Identifiers (4.2.4.x) and for identifying and managing risks (5.1.1.x) appear to be much more detailed than most submetrics.