Main Web>ReferenceInputDocuments>RacCharter (28 May 2008, BarbaraSierman)EditAttach

2 MISSION OPERATIONS AND INFORMATION MANAGEMENT SERVICES AREA

2.X DIGITAL REPOSITORY AUDIT AND CERTIFICATION WORKING GROUP

Title of Group	2.x Digital Repository Audit and Certification Working Group
Chair	David Giaretta/BNSC
Area Director	Nestor Peccia/ESA
Mailing List	moims-rac@mailman.ccsds.org

2.X.1 RATIONALE

Agencies and other organizations are producing digitally encoded information at an increasing rate. These collections are held in a number of digital repositories ~~(archives)~~. So far there have been no independent criteria to objectively judge whether or not any of these repositories~~archives~~ have been adequately protecting their digital holdings, and in particular whether the information in those holdings will remain understandable and usable by their Designated Communities in the future. As recorded in the successful OAIS Reference Model, there is a demand for a standard against which rRepositories of digital information may be audited and on which an international accreditation and certification process may be based. The working group will seek to produce the required audit and certification standard. In addition to Space Agency support, it is anticipated that significant resources will be contributed from many other organisations.

-- MarkConrad - 19 May 2008 Digital repositories and archives are not synonymous. The previous paragraph uses the two terms as if they were. There are many types of digital repositories, including digital libraries and archives. I thought the TRAC document used the term "repository" because it was more generic.

-- DavidGiaretta - 19 May 2008 good point - let's stick to repositories

-- BarbaraSierman - 28 May 2008 this document can and will also be used to anticipate audits, to do self-auditing and for repositories to find out what is expected from them. May be we can add a phrase reflecting this?

2.X.2 GOALS

Goal 1: Obtain ISO approval of a standard that establishes the criteria that a repository~~/archive~~ must meet to be designated an ISO Trusted Digital Repository.

Review the existing work on audit and certification criteria for digital repositories, such as that from the RLG/NARA working group and the NESTOR project. These two documents are broadly similar, and both are based on the OAIS Reference Model.
Prepare a draft (or adopt one of the above documents) and submit to ISO as a Committee Draft to get the ISO process going.
Analyse the consistency of those works with the OAIS Reference Model (ISO 14721) and follow on standards such as PAIMAS and the forthcoming PAIS.
Review existing audit and certification standards such as ISO 9000 and ISO 27000, and the requirements on such standards for supporting an accreditation and certification programme to obtain guidance on the form of this standard. Neither of these two standards audit the preservation of the encoded information, hence the need for a new standard.

1 Generate and review options for hierarchies of audit requirements and levels of (or profiles for) certification. The RLG/NARA and NESTOR documents are rather simple checklists. A hierarchical structure or a profile approach could offer the possibility of a finer granularity of evaluation for the archives.

-- MarkConrad - 19 May 2008 Was this in the previous version of the charter? This is certainly not something that we have been thinking about in analyzing the individual requirements in the TRAC document.

-- DavidGiaretta - 19 May 2008 - the point above was in originally I think, but we can remove it since it is indeed something we are not currently doint. Note that removing this does not actually prevent us doing it if we wish to return to it.

Develop accompanying document to facilitate the development of the audit and certification process providing criteria and procedures for auditors.
Progress the document through the CCSDS and ISO process in parallel.

-- MarkConrad - 19 May 2008 See previous comment about using repository and archives interchangeably.

2.x.3 Schedule and Deliverables

2.x.3.1 Goal 1:

Date	Milestone
Jan 2007	Action: Seek inputs to the review process
May 2008	Deliverable: Draft certification document (White Book v0), submit as ISO Committee Draft
Oct 2008	Deliverables: Metrics for Digital Repository Audit and Certification White Book v1 Requirements for Bodies Providing Audit and Certification of Digital Repositories White Book v1
Dec 2008	Deliverable: Test report of audits using WB
March 2009	Deliverable: Magenta Book "Metrics for Digital Repository Audit and Certification" - for review i.e. external review of draft including ISO review
March 2009	Deliverable: Magenta Book "Requirements for Bodies Providing Audit and Certification of Digital Repositories" - for review i.e. external review of draft including ISO review
June 2009	Deliverable: Parallel audits of a repository~~an archive~~ to check consistency of evaluations

2.X.4 RISK MANAGEMENT STRATEGY

2.x.4.1 Technical Risks

Technical risks are medium to low since there has already been international activity in this area and many years of experience of audit activities in related areas.

There is considerable support for this activity from outside the Space Agencies, and the success and widespread take-up of the OAIS Reference Model provides the paradigm which we can follow.

The standard is expected to be strongly linked to the OAIS Reference Model. The latter is undergoing its 5 year review and any changes are likely to be made and agreed well before the completion of the Audit and Certification standard, so there is little chance of inconsistencies.

2.x.4.2 Management Risks

Unavailability of resources could delay achievement of milestones. Fallback option would be to reschedule the milestones. However, this risk is mitigated by~~but~~ the expected resources being provided by organizations that have not traditionally been associated with CCSDS.

-- MarkConrad - 19 May 2008 In the previous sentence I believe the word "but" should be replaced with the word "by".

-- DavidGiaretta - 19 May 2008 - yes

There is the potential that one or more active experts from various agencies may become unavailable and, this could impact the schedule ~~if the timeline slips substantially~~.

-- MarkConrad - 19 May 2008 I would suggest ending the previous sentence after the word "schedule."

-- DavidGiaretta - 19 May 2008 - agreed

2.X.5 RESOURCE REQUIREMENTS

Role	Effort FTE/year	From
WG Lead	0.1	BNSC/STFC
WG Deputy	0.1	ESA via PARSE.Insight project
Document Editor	0.20	BNSC/STFC
Contributor	0.05 proposed	CNES
DonaldSawyer	0.05	former NASA/GSFC/NSSDC
NancyMcGovern	0.05	ICPSR
RiccardoFerrante	0.1	Smithsonian Institution Archives
ClaudeHuc	0.05	formerly CNES
ChrisRusbridge	0.05	Digital Curation Centre, UK
JohnGarrett	0.1	SP Systems at NASA/GSFC/NSSDC
KirstenNeilsen	0.05	California Digital Library
AndrewMcHugh	0.05	HATII/DCC
SusanneDobratz	0.05	nestor
Marie Waltz	0.1	Center for Research Libraries
MarkConrad	0.1	National Archives and Records Administration
RobertDowns	0.05	Columbia University
KatiaThomaz	0.1	Instituto Nacional de Pesquisas Espaciais INPE
BarbaraSierman	0.05	KB National Library of the Netherlands
CandidaFenton	0.05	HATII, U Glasgow
BruceAMbacher?	0.05	U Maryland
HelenTibbo	0.05	UNC

-- MarkConrad - 19 May 2008 Several of the people listed above have not been regular contributors to the recent meetings. A few people who have been contributing on a regular basis (e.g., Bruce Ambacher and Helen Tibbo) are not listed above.

-- DavidGiaretta - 19 May 2008 - good point. Apologies to both - I think they asked me to put in a 0.05 figure for each, which I have now added.

-- DavidGiaretta - 18 Jan 2007

Topic revision: r10 - 28 May 2008 - 13:39:32 - BarbaraSierman

Main

Webs
Main
MainOld
Sandbox
TWiki

Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback