1. DANS Certification Efforts Use Case
Ingrid Dillo
DANS, The Netherlands
Session Auditing of Trustworthy Data Repositories
SciDataCon16, Denver, September 2016

2. DANS in a nutshell Mission: Main tasks and services:
Data service provider (50 colleagues); institute of KNAW and NWO; 2005 and 1964
Mission to promote permanent access to digital research data
Focus on social sciences and humanities
Main tasks and services:
Archiving: EASY, DataverseNL
Reuse: NARCIS
Training and Consultancy: RDM, digital curation, certification
Research: sustained access

3. Certification at DANS
Founding father of DSA, handed over to an international board
Involved in the development of other standards (DIN/Nestor, WDS)
Involved in certification activities within RDA
Certification of the DANS repository
DANS is an organisation that has a very specific long term mission. Therefore we believed that we had to make certification one of our main goals for Not as a goal in itself but as a means to provide trust to the users of our repository and to our funders. We hope it will show them that we take this trustworthiness very seriously.

4. Certification of the DANS repository: what have we done?
2011: certification of the DANS repository becomes an important target in long term policy strategy
2011: DSA seal
2011: ISO test audit
2013: renewal DSA seal
: nestorSeal, WDS accreditation

5. Certification in practice: broad scope
Broad range of topics: organizational, staffing, financial and legal aspects, archival workflows, IT-infrastructure, risk management, etc.
Properly describing policies, processes, etc.
Development of missing policies,
processes, IT- and infrastructural
elements, etc.
What does the actual work consist of?

6. Certification in practice: organizational aspects
Responsibility for achieving the target on management level
Core certification team: planning, discussing, monitoring and partly executing the work
Many colleagues within DANS with specific expertise temporarily involved in the actual work
Now, let us look at the certification work in practice. First the organisational arrangements

7. Certification in practice: the effort involved
Highly dependent on your level of entry
DSA: if you meet all 16 guidelines at the required level -> 2 weeks for the self assessment, but:
The effort will rise, if you still need to do real work in order to comply with the guidelines
The effort will rise when you climb the certification stairs to an extended and formal certification level

8. Effort: DANS DSA renewal (goal 2013)
DSA has a two year life cycle: you do not certify for life, you have to pass the test regularly
Back to the first DSA self assessment
Revisiting the descriptions based on:
the revised guidelines
the comments and recommendations in the self assessment
the present situation of our institute

9. Effort: DANS DSA renewal
In total around 250 hours of work: policies 26 hours technical development 106 hours writing of the self-assessment 98 hours Projectmanagement 16 hours

10. Effort: nestorSeal (goal 2014)
Extended self assessment based on the 34 criteria of DIN 31644
Procedures defined by the German NESTOR group
Review of self assessment by two NESTOR reviewers
End result = nestorSeal

11. Effort: nestorSeal The criteria build on the DSA guidelines
Required a big effort
Around 1500 hours of work
Around half of all DANS colleagues involved in some way at some point

12. 311 272 474 289 209 Total 1555 Activities related to DANS’s policies
regarding the repository
regarding the organisation
Activities related to workflows associated with the repository
human workflows
automated workflows
documentation
internal consultation
Activities related to the technical infrastructure of the repository
internal consultation and design of new/ improved archival functionality
development
Activities related to the text for the self-assessment
writing, reviewing and discussing documents in support of the self-assessment
internal consultations about these texts
Project management, including meetings of the core team and administration
311
272
474
289
209
Total 1555
NB: met zulke precieze uren ziet het eruit als harde wetenschap. Dat is het natuurlijk niet:
Van sommige personen zijn gewoon alle uren aan 1 activiteit toegeschreven
Van andere is het proportioneel gebeurd
Er is geschat dat er in ‘Ontwikkeling EASY’ (apart project) 200 uur is gewerkt; die vallen onder de 474.

13. Why do repositories invest in certification efforts?
Builds stakeholder confidence in the repository
Improves communication within the repository
Improves repository processes
Ensures transparency
Differentiates the repository from others

14. Why do we do this at DANS?
Certification as a means to build trust in our repository with our clients, both depositors and users of data, with our partner organizations and with research funders
Certification as a ‘big stick’ to further develop and professionalize our core services, workflows and our organization as a whole

15. What do we show our stakeholders?

16. What do we show our stakeholders?

17. Certification in practice: lessons learned
Commitment from the top is crucial
Broad support within the organization is needed
Use the framework: do not aim to high at once
Finally, what lessons have we learnt at DANS so far? I think there are three important observations to be made:
Why? In order to keep the long term certification process on the agenda and not to be faded away by other urgent priorities; how do we commit the top? By making certification one of our targets and by incorporating it in our policy cycle.
Why? Certification leads to lots of extra work that sometimes does not seem to deliver added value at once; chance of resistance; how? Internal communication (lunch meetings) is important. It is also important to apply a practical approach; start with topics that are already on the agenda form a different perspective: work you have to do in the framework of a project, etc.
Speaks for itsef..

18. Thank you for listening!