SlideShare a Scribd company logo

Dasish workshop on Audit and Certification 2014-b sierman

B
Barbara Sierman

A summary of the history of the ISO 16363 Audit and Certification of Trustworthy Digital Repositories and ISO 16919 Requirements for bodies providing Audit and Certification for candidate trustworthy repositories

1 of 25
Download to read offline
Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN ISO standards and Audit & Certification Barbara Sierman, KB National Library of the Netherlands Dasish Meeting 17-10-2014, The Hague
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification: introduction –History of the standards for audit and certification –The ISO standards 16363 and 16919 –The APARSEN test audits –Final remarks and further reading
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification: what is it and what not •Audit: planned and documented investigation by an independent qualified group of the compliance of an organization against a certain standard Not a simple Yes or No, but recommendation for improvements •Certification: Confirmation that organization meets the requirements of the standard to which it is audited Temporarily: regularly revised
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The history : Infrastructure and Security Risk Management 2002 •OAIS ISO 14721 published (updated 2012) •Par. 1.5: standard(s) for accreditation of archives. 2005 •Checklist for Certification of Trusted Digital Repositories (RLG/NARA) •Testaudits performed by RLG 2007 •DRAMBORA (2007), NESTOR (2006) •Trusted Repositories Audit and Certification final report. •(Input for Repositories Audit and Certification Working Group (RAC-WG) 2012- •ISO 16363 Audit and Certification of Trustworthy Digital Repositories (RAC-WG) •Draft ISO 16919 Requirements for bodies providing Audit and Certification for candidate trustworthy repositories (RAC- WG) •Primary Trustworthy Digital Repository Authorisation Body (PTAB)
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification : European Framework 3 Levels of Certification •Basic Certification (based on DSA) •Extended Certification (self-assessment based on DSA plus self-audit based on ISO 16363 or DIN 31644) •Formal Certification (self-assessment based on DSA plus full external audit of ISO 16363 or DIN 31644) This Framework is supported by and coordinated with the help of the European Commission
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363 •ISO 16363- 2012 Audit and Certification of Trustworthy Digital Repositories : Infrastructure and Security Risk Management Organisational Infrastructure Digital Objects Management Infrastructure and Security Risk Mgmt. Metrics •Statement of requirement •Supporting text •Examples: repository demonstrates it is meeting this requirement •Discussion
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363 : Infrastructure and Security Risk Management The ISO standard follows the chapters in TRAC and distinguished 3 areas of auditing: Organisational Infrastructure Digital Objects Management Infrastructure and Security Risk Management as this one is also dealt with in other IT-related standards, only the specific requirements in relation to preservation are mentioned. The standard consitis of metrics In comparison with the TRAC document the explanation of the “ metrics” is extended Statement of requirement Supporting text Examples: repository demonstrates it is meeting this requirement Discussion part to explain various points of view in relation to the statement or “metric” •TRAC 2005 •TRAC 2007 •ISO 16363
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363: example : Infrastructure and Security Risk Management The ISO standard follows the chapters in TRAC and distinguished 3 areas of auditing: Organisational Infrastructure Digital Objects Management Infrastructure and Security Risk Management as this one is also dealt with in other IT-related standards, only the specific requirements in relation to preservation are mentioned. The standard consitis of metrics In comparison with the TRAC document the explanation of the “ metrics” is extended Statement of requirement Supporting text Examples: repository demonstrates it is meeting this requirement Discussion part to explain various points of view in relation to the statement or “metric” Metric: “3.3.1 The repository shall have defined its Designated Community and associated knowledge base(s) and shall have these definitions appropriately accessible” Evidence: “A written definition of the Designated Community. “ Discussion:
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363: example : Infrastructure and Security Risk Management The ISO standard follows the chapters in TRAC and distinguished 3 areas of auditing: Organisational Infrastructure Digital Objects Management Infrastructure and Security Risk Management as this one is also dealt with in other IT-related standards, only the specific requirements in relation to preservation are mentioned. The standard consitis of metrics In comparison with the TRAC document the explanation of the “ metrics” is extended Statement of requirement Supporting text Examples: repository demonstrates it is meeting this requirement Discussion part to explain various points of view in relation to the statement or “metric” Metric: 3.3.2 The repository shall have Preservation Policies in place to ensure its Preservation Strategic Plan will be met. Evidence: Preservation Policies; Repository Mission Statement. Discussion:
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363 •ISO 16363- 2012 Audit and Certification of Trustworthy Digital Repositories •Guidance for auditors •Other standards also applicable (security) •Dependent on auditors experience Consistency!
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16919 •ISO : standards of good auditing practices , accreditation of auditors •Basis: ISO/IEC 17021 –Standard requirements for A&C general management systems –Adapted for Trustworthy Digital Repositories (TDR) Reference to OAIS Reference to ISO 16363 as the set of criteria Dealing with sensitive collection / confidentiality List of competencies (normative in annex) •PTAB group created new standard •ISO 16919-2014 Requirements for bodies providing Audit and Certification for candidate trustworthy digital repositories
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16919 Process of accreditation ISO CASCO: Committee on Conformity Assesment: advice IAF: International Accreditation Forum Assessors, Training/Accreditation Group National standards bodies Monitoring & Approving
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16919
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN What to expect from an auditor? In general: •Impartiality, •Competence, •Responsibility, •Openness, •Confidentiality, •Responsiveness to complaints
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN What to expect from an auditor?
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The APARSEN test audits: what? “Trust” is one of the pillars in APARSEN 2011: Testing of practical use of (draft) standards •Metrics understandable and usable •How much effort and time is needed for a repository •Consistency in evaluation of the evidence •Is the standard ISO 16363 applicable on different kind of repositories?
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The APARSEN test audits Europe Data Archiving and Networked Services (DANS), UK Data Archive (UKDA), Centre Informatique National de l’Enseignement Supérieur: Département Archivage et Diffusion (CINES-DAD, France), German National Library (DIN 31644 standard) United States Socio-economic Data and Applications Center (SEDAC), National Space Science Data Center (NSSDC) Kentucky Department for Libraries and Archives (KDLA). International Group of “test-auditors” Members of the RAC-WG
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Test Audit preparations How much time will it take? •Greater effort than expected to prepare the audit. Preparation varied between 1.5 to 3 months •Time spent on: –Internal discussions about the standard –Writing documentation that was not there yet –Collecting existing documentation –Improving existing documentation •“Difficult to evaluate level of compliance”
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Test Audit procedure •Expectations document: test-audit! •Two Stages: –1. Repositories completed a Self-Audit template (Checklist based on 16363) Checklist plus documentation returned to audit team to prepare audit –2. Site visit (2 days) Verbal feedback with first impressions Detailed audit report: areas for improvement
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Test audits: benefit quotes Benefits as stated in the APARSEN report: •DNB: “to have their own processes and documentation reviewed, scrutinized, and ideally approved by some external professionals. “ •DANS: “it sheds a clear light on what the strengths and the weaknesses are in the archiving activities of our institute. It gave us confidence that we are well on our way to fulfil the requirements. •CINES-DAD : [it] certainly helped them to evaluate the progress made since the previous audits and the relevance of the actions taken over the past couple of years
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audits: benefits for organisations •3rd Party view of qualified people •Better understanding of requirements •Identification of areas for improvement •Incentive to take action
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Test audits: benefits for organisations •In line with report of 4C project: –“To improve work processes –To meet contractual obligation –Publicly understandable statement of quality and reliability” •In line with experience self-assesment SB Denmark: –Improvement common vision organisation –Competency development –Organisational awareness digital preservation –Good overview available documentation
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification : costs •Factor costs often discussed •4C project showed: –The only figures we have are of the APARSEN test audits –Distinguish Procurement of standards (preparation) Staff costs Certification costs •Audit and certification will cost time and money
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification : risks •Digital preservation is pioneering area •Need for qualified auditors •Growth path in audit and certification
Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Further information •APARSEN : Report on peer review of Digital Repositories http://bit.ly/1jxRorz •4C project on audit & certification: http://bit.ly/1yGDpvc •iPRES 2014 G. Elstroem & J. Junge: Self-assessment of the Digital Repository at the State and University Library, Denmark - a Case Study •Blogposts David Rosenthal about recent TRAC audit http://bit.ly/1vyLzEI •PTAB group: http://www.iso16363.org/ – News and updates about these standards – Self-Assessment Template

Recommended

European Patent Office - general presentation
European Patent Office - general presentationEuropean Patent Office - general presentation
European Patent Office - general presentation
TechHub Bucharest
 
The European (EP) grant procedure
The European (EP) grant procedureThe European (EP) grant procedure
The European (EP) grant procedure
TechHub Bucharest
 
Time manegement
Time manegementTime manegement
Time manegement
Jaison Mukalel
 
Barbara Sierman: Policy levels in SCAPE
Barbara Sierman: Policy levels in SCAPEBarbara Sierman: Policy levels in SCAPE
Barbara Sierman: Policy levels in SCAPE
Barbara Sierman
 
Realistic preservation policies b sierman-def
Realistic preservation policies b sierman-defRealistic preservation policies b sierman-def
Realistic preservation policies b sierman-def
Barbara Sierman
 
Sistem Politik Indonesia
Sistem Politik IndonesiaSistem Politik Indonesia
Sistem Politik Indonesia
Leni L
 
Mekanisme pasar modal
Mekanisme pasar modalMekanisme pasar modal
Mekanisme pasar modalLeni L
 
Wawancara
WawancaraWawancara
Wawancara
Leni L
 

Recommended

European Patent Office - general presentation
European Patent Office - general presentationEuropean Patent Office - general presentation
European Patent Office - general presentation
TechHub Bucharest
 
The European (EP) grant procedure
The European (EP) grant procedureThe European (EP) grant procedure
The European (EP) grant procedure
TechHub Bucharest
 
Time manegement
Time manegementTime manegement
Time manegement
Jaison Mukalel
 
Barbara Sierman: Policy levels in SCAPE
Barbara Sierman: Policy levels in SCAPEBarbara Sierman: Policy levels in SCAPE
Barbara Sierman: Policy levels in SCAPE
Barbara Sierman
 
Realistic preservation policies b sierman-def
Realistic preservation policies b sierman-defRealistic preservation policies b sierman-def
Realistic preservation policies b sierman-def
Barbara Sierman
 
Sistem Politik Indonesia
Sistem Politik IndonesiaSistem Politik Indonesia
Sistem Politik Indonesia
Leni L
 
Mekanisme pasar modal
Mekanisme pasar modalMekanisme pasar modal
Mekanisme pasar modalLeni L
 
Wawancara
WawancaraWawancara
Wawancara
Leni L
 
DATAD-R: Criteria for Trusted African Institutional Repositories
DATAD-R: Criteria for Trusted African Institutional RepositoriesDATAD-R: Criteria for Trusted African Institutional Repositories
DATAD-R: Criteria for Trusted African Institutional Repositories
Academy of Science of South Africa (ASSAf)
 
The Research Data Alliance ICT Technical Specifications
The Research Data Alliance ICT Technical SpecificationsThe Research Data Alliance ICT Technical Specifications
The Research Data Alliance ICT Technical Specifications
Research Data Alliance
 
Trm Trusted Repositories
Trm Trusted RepositoriesTrm Trusted Repositories
Trm Trusted Repositories
DigitalPreservationEurope
 
Criteria for a trusted institutional repository
Criteria for a trusted institutional repositoryCriteria for a trusted institutional repository
Criteria for a trusted institutional repository
Ina Smith
 
1 archiver omc project_overview
1 archiver omc project_overview1 archiver omc project_overview
1 archiver omc project_overview
Archiver
 
RJ Broker: Automating Delivery of Research Output to Repositories
RJ Broker: Automating Delivery of Research Output to RepositoriesRJ Broker: Automating Delivery of Research Output to Repositories
RJ Broker: Automating Delivery of Research Output to Repositories
EDINA, University of Edinburgh
 
Presentation 16 may casestudy daniel steinmeier
Presentation 16 may casestudy daniel steinmeierPresentation 16 may casestudy daniel steinmeier
Presentation 16 may casestudy daniel steinmeierNederlands Instituut voor Beeld en Geluid
 
How the Core Trust Seal (CTS) Enables FAIR Data
How the Core Trust Seal (CTS) Enables FAIR DataHow the Core Trust Seal (CTS) Enables FAIR Data
How the Core Trust Seal (CTS) Enables FAIR Data
dri_ireland
 
How core trust seal enables FAIR data - Natalie Harrower
How core trust seal enables FAIR data - Natalie HarrowerHow core trust seal enables FAIR data - Natalie Harrower
How core trust seal enables FAIR data - Natalie Harrower
OpenAIRE
 
Ptcris euro cris-nov-2015v1
Ptcris euro cris-nov-2015v1Ptcris euro cris-nov-2015v1
Ptcris euro cris-nov-2015v1
PTCRIS FCT
 
RDA ICT Technical Specifications
RDA ICT Technical SpecificationsRDA ICT Technical Specifications
RDA ICT Technical Specifications
Research Data Alliance
 
PARTHENOS Common Policies and Implementation Strategies
PARTHENOS Common Policies and Implementation StrategiesPARTHENOS Common Policies and Implementation Strategies
PARTHENOS Common Policies and Implementation Strategies
Parthenos
 
Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference
CRISP Project
 
Who is doing what, and how do we know? [PEPRS]
Who is doing what, and how do we know? [PEPRS]Who is doing what, and how do we know? [PEPRS]
Who is doing what, and how do we know? [PEPRS]
EDINA, University of Edinburgh
 
CRISP - Overview and results
CRISP - Overview and results CRISP - Overview and results
CRISP - Overview and results
CRISP Project
 
The European Open Science Cloud
The European Open Science CloudThe European Open Science Cloud
The European Open Science Cloud
Helix Nebula The Science Cloud
 
H2020 Open Data Pilot
H2020 Open Data PilotH2020 Open Data Pilot
H2020 Open Data Pilot
Sarah Jones
 
CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings
CRISP Project
 
Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...
Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...
Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...
Michael Svendsen
 
Progress of the Helix Nebula Science Cloud PCP Project
Progress of the Helix Nebula Science Cloud PCP ProjectProgress of the Helix Nebula Science Cloud PCP Project
Progress of the Helix Nebula Science Cloud PCP Project
Helix Nebula The Science Cloud
 
2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf
Frederic Leger
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Matjaž Lipuš
 

More Related Content

Similar to Dasish workshop on Audit and Certification 2014-b sierman

DATAD-R: Criteria for Trusted African Institutional Repositories
DATAD-R: Criteria for Trusted African Institutional RepositoriesDATAD-R: Criteria for Trusted African Institutional Repositories
DATAD-R: Criteria for Trusted African Institutional Repositories
Academy of Science of South Africa (ASSAf)
 
The Research Data Alliance ICT Technical Specifications
The Research Data Alliance ICT Technical SpecificationsThe Research Data Alliance ICT Technical Specifications
The Research Data Alliance ICT Technical Specifications
Research Data Alliance
 
Trm Trusted Repositories
Trm Trusted RepositoriesTrm Trusted Repositories
Trm Trusted Repositories
DigitalPreservationEurope
 
Criteria for a trusted institutional repository
Criteria for a trusted institutional repositoryCriteria for a trusted institutional repository
Criteria for a trusted institutional repository
Ina Smith
 
1 archiver omc project_overview
1 archiver omc project_overview1 archiver omc project_overview
1 archiver omc project_overview
Archiver
 
RJ Broker: Automating Delivery of Research Output to Repositories
RJ Broker: Automating Delivery of Research Output to RepositoriesRJ Broker: Automating Delivery of Research Output to Repositories
RJ Broker: Automating Delivery of Research Output to Repositories
EDINA, University of Edinburgh
 
How the Core Trust Seal (CTS) Enables FAIR Data
How the Core Trust Seal (CTS) Enables FAIR DataHow the Core Trust Seal (CTS) Enables FAIR Data
How the Core Trust Seal (CTS) Enables FAIR Data
dri_ireland
 
How core trust seal enables FAIR data - Natalie Harrower
How core trust seal enables FAIR data - Natalie HarrowerHow core trust seal enables FAIR data - Natalie Harrower
How core trust seal enables FAIR data - Natalie Harrower
OpenAIRE
 
Ptcris euro cris-nov-2015v1
Ptcris euro cris-nov-2015v1Ptcris euro cris-nov-2015v1
Ptcris euro cris-nov-2015v1
PTCRIS FCT
 
RDA ICT Technical Specifications
RDA ICT Technical SpecificationsRDA ICT Technical Specifications
RDA ICT Technical Specifications
Research Data Alliance
 
PARTHENOS Common Policies and Implementation Strategies
PARTHENOS Common Policies and Implementation StrategiesPARTHENOS Common Policies and Implementation Strategies
PARTHENOS Common Policies and Implementation Strategies
Parthenos
 
Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference
CRISP Project
 
Who is doing what, and how do we know? [PEPRS]
Who is doing what, and how do we know? [PEPRS]Who is doing what, and how do we know? [PEPRS]
Who is doing what, and how do we know? [PEPRS]
EDINA, University of Edinburgh
 
CRISP - Overview and results
CRISP - Overview and results CRISP - Overview and results
CRISP - Overview and results
CRISP Project
 
The European Open Science Cloud
The European Open Science CloudThe European Open Science Cloud
The European Open Science Cloud
Helix Nebula The Science Cloud
 
H2020 Open Data Pilot
H2020 Open Data PilotH2020 Open Data Pilot
H2020 Open Data Pilot
Sarah Jones
 
CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings
CRISP Project
 
Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...
Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...
Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...
Michael Svendsen
 
Progress of the Helix Nebula Science Cloud PCP Project
Progress of the Helix Nebula Science Cloud PCP ProjectProgress of the Helix Nebula Science Cloud PCP Project
Progress of the Helix Nebula Science Cloud PCP Project
Helix Nebula The Science Cloud
 

Similar to Dasish workshop on Audit and Certification 2014-b sierman (20)

DATAD-R: Criteria for Trusted African Institutional Repositories
DATAD-R: Criteria for Trusted African Institutional RepositoriesDATAD-R: Criteria for Trusted African Institutional Repositories
DATAD-R: Criteria for Trusted African Institutional Repositories
 
The Research Data Alliance ICT Technical Specifications
The Research Data Alliance ICT Technical SpecificationsThe Research Data Alliance ICT Technical Specifications
The Research Data Alliance ICT Technical Specifications
 
Trm Trusted Repositories
Trm Trusted RepositoriesTrm Trusted Repositories
Trm Trusted Repositories
 
Criteria for a trusted institutional repository
Criteria for a trusted institutional repositoryCriteria for a trusted institutional repository
Criteria for a trusted institutional repository
 
1 archiver omc project_overview
1 archiver omc project_overview1 archiver omc project_overview
1 archiver omc project_overview
 
RJ Broker: Automating Delivery of Research Output to Repositories
RJ Broker: Automating Delivery of Research Output to RepositoriesRJ Broker: Automating Delivery of Research Output to Repositories
RJ Broker: Automating Delivery of Research Output to Repositories
 
Presentation 16 may casestudy daniel steinmeier
Presentation 16 may casestudy daniel steinmeierPresentation 16 may casestudy daniel steinmeier
Presentation 16 may casestudy daniel steinmeier
 
How the Core Trust Seal (CTS) Enables FAIR Data
How the Core Trust Seal (CTS) Enables FAIR DataHow the Core Trust Seal (CTS) Enables FAIR Data
How the Core Trust Seal (CTS) Enables FAIR Data
 
How core trust seal enables FAIR data - Natalie Harrower
How core trust seal enables FAIR data - Natalie HarrowerHow core trust seal enables FAIR data - Natalie Harrower
How core trust seal enables FAIR data - Natalie Harrower
 
Ptcris euro cris-nov-2015v1
Ptcris euro cris-nov-2015v1Ptcris euro cris-nov-2015v1
Ptcris euro cris-nov-2015v1
 
RDA ICT Technical Specifications
RDA ICT Technical SpecificationsRDA ICT Technical Specifications
RDA ICT Technical Specifications
 
PARTHENOS Common Policies and Implementation Strategies
PARTHENOS Common Policies and Implementation StrategiesPARTHENOS Common Policies and Implementation Strategies
PARTHENOS Common Policies and Implementation Strategies
 
Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference Introduction to the CWA process - CRISP Final Conference
Introduction to the CWA process - CRISP Final Conference
 
Who is doing what, and how do we know? [PEPRS]
Who is doing what, and how do we know? [PEPRS]Who is doing what, and how do we know? [PEPRS]
Who is doing what, and how do we know? [PEPRS]
 
CRISP - Overview and results
CRISP - Overview and results CRISP - Overview and results
CRISP - Overview and results
 
The European Open Science Cloud
The European Open Science CloudThe European Open Science Cloud
The European Open Science Cloud
 
H2020 Open Data Pilot
H2020 Open Data PilotH2020 Open Data Pilot
H2020 Open Data Pilot
 
CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings CRISP and HECTOS projects - key findings
CRISP and HECTOS projects - key findings
 
Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...
Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...
Knowledge exchange consensus on monitoring oa, presentation open aire, oslo, ...
 
Progress of the Helix Nebula Science Cloud PCP Project
Progress of the Helix Nebula Science Cloud PCP ProjectProgress of the Helix Nebula Science Cloud PCP Project
Progress of the Helix Nebula Science Cloud PCP Project
 

Recently uploaded

2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf
Frederic Leger
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Matjaž Lipuš
 
Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
Faculty of Medicine And Health Sciences
 
Burning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdfBurning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdf
kkirkland2
 
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Sebastiano Panichella
 
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Dutch Power
 
Media as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern EraMedia as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern Era
faizulhassanfaiz1670
 
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Dutch Power
 
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
AwangAniqkmals
 
María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024
eCommerce Institute
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
khadija278284
 
Tom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issueTom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issue
amekonnen
 
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie WellsCollapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Rosie Wells
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
Howard Spence
 
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdfSupercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Access Innovations, Inc.
 
Gregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptxGregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptx
gharris9
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
Sebastiano Panichella
 
Gregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics PresentationGregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics Presentation
gharris9
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Sebastiano Panichella
 

Recently uploaded (19)

2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf2024-05-30_meetup_devops_aix-marseille.pdf
2024-05-30_meetup_devops_aix-marseille.pdf
 
Bitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXOBitcoin Lightning wallet and tic-tac-toe game XOXO
Bitcoin Lightning wallet and tic-tac-toe game XOXO
 
Obesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditionsObesity causes and management and associated medical conditions
Obesity causes and management and associated medical conditions
 
Burning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdfBurning Issue Presentation By Kenmaryon.pdf
Burning Issue Presentation By Kenmaryon.pdf
 
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...Doctoral Symposium at the 17th IEEE International Conference on Software Test...
Doctoral Symposium at the 17th IEEE International Conference on Software Test...
 
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
Presentatie 4. Jochen Cremer - TU Delft 28 mei 2024
 
Media as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern EraMedia as a Mind Controlling Strategy In Old and Modern Era
Media as a Mind Controlling Strategy In Old and Modern Era
 
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
Presentatie 8. Joost van der Linde & Daniel Anderton - Eliq 28 mei 2024
 
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
AWANG ANIQKMALBIN AWANG TAJUDIN B22080004 ASSIGNMENT 2 MPU3193 PHILOSOPHY AND...
 
María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024María Carolina Martínez - eCommerce Day Colombia 2024
María Carolina Martínez - eCommerce Day Colombia 2024
 
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdfBonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
Bonzo subscription_hjjjjjjjj5hhhhhhh_2024.pdf
 
Tom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issueTom tresser burning issue.pptx My Burning issue
Tom tresser burning issue.pptx My Burning issue
 
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie WellsCollapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
Collapsing Narratives: Exploring Non-Linearity • a micro report by Rosie Wells
 
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptxsomanykidsbutsofewfathers-140705000023-phpapp02.pptx
somanykidsbutsofewfathers-140705000023-phpapp02.pptx
 
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdfSupercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
Supercharge your AI - SSP Industry Breakout Session 2024-v2_1.pdf
 
Gregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptxGregory Harris' Civics Presentation.pptx
Gregory Harris' Civics Presentation.pptx
 
International Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software TestingInternational Workshop on Artificial Intelligence in Software Testing
International Workshop on Artificial Intelligence in Software Testing
 
Gregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics PresentationGregory Harris - Cycle 2 - Civics Presentation
Gregory Harris - Cycle 2 - Civics Presentation
 
Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...Announcement of 18th IEEE International Conference on Software Testing, Verif...
Announcement of 18th IEEE International Conference on Software Testing, Verif...
 

Dasish workshop on Audit and Certification 2014-b sierman

  • 1. Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN ISO standards and Audit & Certification Barbara Sierman, KB National Library of the Netherlands Dasish Meeting 17-10-2014, The Hague
  • 2. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification: introduction –History of the standards for audit and certification –The ISO standards 16363 and 16919 –The APARSEN test audits –Final remarks and further reading
  • 3. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification: what is it and what not •Audit: planned and documented investigation by an independent qualified group of the compliance of an organization against a certain standard Not a simple Yes or No, but recommendation for improvements •Certification: Confirmation that organization meets the requirements of the standard to which it is audited Temporarily: regularly revised
  • 4. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The history : Infrastructure and Security Risk Management 2002 •OAIS ISO 14721 published (updated 2012) •Par. 1.5: standard(s) for accreditation of archives. 2005 •Checklist for Certification of Trusted Digital Repositories (RLG/NARA) •Testaudits performed by RLG 2007 •DRAMBORA (2007), NESTOR (2006) •Trusted Repositories Audit and Certification final report. •(Input for Repositories Audit and Certification Working Group (RAC-WG) 2012- •ISO 16363 Audit and Certification of Trustworthy Digital Repositories (RAC-WG) •Draft ISO 16919 Requirements for bodies providing Audit and Certification for candidate trustworthy repositories (RAC- WG) •Primary Trustworthy Digital Repository Authorisation Body (PTAB)
  • 5. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification : European Framework 3 Levels of Certification •Basic Certification (based on DSA) •Extended Certification (self-assessment based on DSA plus self-audit based on ISO 16363 or DIN 31644) •Formal Certification (self-assessment based on DSA plus full external audit of ISO 16363 or DIN 31644) This Framework is supported by and coordinated with the help of the European Commission
  • 6. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363 •ISO 16363- 2012 Audit and Certification of Trustworthy Digital Repositories : Infrastructure and Security Risk Management Organisational Infrastructure Digital Objects Management Infrastructure and Security Risk Mgmt. Metrics •Statement of requirement •Supporting text •Examples: repository demonstrates it is meeting this requirement •Discussion
  • 7. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363 : Infrastructure and Security Risk Management The ISO standard follows the chapters in TRAC and distinguished 3 areas of auditing: Organisational Infrastructure Digital Objects Management Infrastructure and Security Risk Management as this one is also dealt with in other IT-related standards, only the specific requirements in relation to preservation are mentioned. The standard consitis of metrics In comparison with the TRAC document the explanation of the “ metrics” is extended Statement of requirement Supporting text Examples: repository demonstrates it is meeting this requirement Discussion part to explain various points of view in relation to the statement or “metric” •TRAC 2005 •TRAC 2007 •ISO 16363
  • 8. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363: example : Infrastructure and Security Risk Management The ISO standard follows the chapters in TRAC and distinguished 3 areas of auditing: Organisational Infrastructure Digital Objects Management Infrastructure and Security Risk Management as this one is also dealt with in other IT-related standards, only the specific requirements in relation to preservation are mentioned. The standard consitis of metrics In comparison with the TRAC document the explanation of the “ metrics” is extended Statement of requirement Supporting text Examples: repository demonstrates it is meeting this requirement Discussion part to explain various points of view in relation to the statement or “metric” Metric: “3.3.1 The repository shall have defined its Designated Community and associated knowledge base(s) and shall have these definitions appropriately accessible” Evidence: “A written definition of the Designated Community. “ Discussion:
  • 9. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363: example : Infrastructure and Security Risk Management The ISO standard follows the chapters in TRAC and distinguished 3 areas of auditing: Organisational Infrastructure Digital Objects Management Infrastructure and Security Risk Management as this one is also dealt with in other IT-related standards, only the specific requirements in relation to preservation are mentioned. The standard consitis of metrics In comparison with the TRAC document the explanation of the “ metrics” is extended Statement of requirement Supporting text Examples: repository demonstrates it is meeting this requirement Discussion part to explain various points of view in relation to the statement or “metric” Metric: 3.3.2 The repository shall have Preservation Policies in place to ensure its Preservation Strategic Plan will be met. Evidence: Preservation Policies; Repository Mission Statement. Discussion:
  • 10. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363 •ISO 16363- 2012 Audit and Certification of Trustworthy Digital Repositories •Guidance for auditors •Other standards also applicable (security) •Dependent on auditors experience Consistency!
  • 11. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16919 •ISO : standards of good auditing practices , accreditation of auditors •Basis: ISO/IEC 17021 –Standard requirements for A&C general management systems –Adapted for Trustworthy Digital Repositories (TDR) Reference to OAIS Reference to ISO 16363 as the set of criteria Dealing with sensitive collection / confidentiality List of competencies (normative in annex) •PTAB group created new standard •ISO 16919-2014 Requirements for bodies providing Audit and Certification for candidate trustworthy digital repositories
  • 12. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16919 Process of accreditation ISO CASCO: Committee on Conformity Assesment: advice IAF: International Accreditation Forum Assessors, Training/Accreditation Group National standards bodies Monitoring & Approving
  • 13. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16919
  • 14. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN What to expect from an auditor? In general: •Impartiality, •Competence, •Responsibility, •Openness, •Confidentiality, •Responsiveness to complaints
  • 15. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN What to expect from an auditor?
  • 16. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The APARSEN test audits: what? “Trust” is one of the pillars in APARSEN 2011: Testing of practical use of (draft) standards •Metrics understandable and usable •How much effort and time is needed for a repository •Consistency in evaluation of the evidence •Is the standard ISO 16363 applicable on different kind of repositories?
  • 17. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The APARSEN test audits Europe Data Archiving and Networked Services (DANS), UK Data Archive (UKDA), Centre Informatique National de l’Enseignement Supérieur: Département Archivage et Diffusion (CINES-DAD, France), German National Library (DIN 31644 standard) United States Socio-economic Data and Applications Center (SEDAC), National Space Science Data Center (NSSDC) Kentucky Department for Libraries and Archives (KDLA). International Group of “test-auditors” Members of the RAC-WG
  • 18. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Test Audit preparations How much time will it take? •Greater effort than expected to prepare the audit. Preparation varied between 1.5 to 3 months •Time spent on: –Internal discussions about the standard –Writing documentation that was not there yet –Collecting existing documentation –Improving existing documentation •“Difficult to evaluate level of compliance”
  • 19. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Test Audit procedure •Expectations document: test-audit! •Two Stages: –1. Repositories completed a Self-Audit template (Checklist based on 16363) Checklist plus documentation returned to audit team to prepare audit –2. Site visit (2 days) Verbal feedback with first impressions Detailed audit report: areas for improvement
  • 20. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Test audits: benefit quotes Benefits as stated in the APARSEN report: •DNB: “to have their own processes and documentation reviewed, scrutinized, and ideally approved by some external professionals. “ •DANS: “it sheds a clear light on what the strengths and the weaknesses are in the archiving activities of our institute. It gave us confidence that we are well on our way to fulfil the requirements. •CINES-DAD : [it] certainly helped them to evaluate the progress made since the previous audits and the relevance of the actions taken over the past couple of years
  • 21. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audits: benefits for organisations •3rd Party view of qualified people •Better understanding of requirements •Identification of areas for improvement •Incentive to take action
  • 22. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Test audits: benefits for organisations •In line with report of 4C project: –“To improve work processes –To meet contractual obligation –Publicly understandable statement of quality and reliability” •In line with experience self-assesment SB Denmark: –Improvement common vision organisation –Competency development –Organisational awareness digital preservation –Good overview available documentation
  • 23. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification : costs •Factor costs often discussed •4C project showed: –The only figures we have are of the APARSEN test audits –Distinguish Procurement of standards (preparation) Staff costs Certification costs •Audit and certification will cost time and money
  • 24. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification : risks •Digital preservation is pioneering area •Need for qualified auditors •Growth path in audit and certification
  • 25. Barbara Sierman, KB-NL Dasish, The Hague 17-10-2014 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Further information •APARSEN : Report on peer review of Digital Repositories http://bit.ly/1jxRorz •4C project on audit & certification: http://bit.ly/1yGDpvc •iPRES 2014 G. Elstroem & J. Junge: Self-assessment of the Digital Repository at the State and University Library, Denmark - a Case Study •Blogposts David Rosenthal about recent TRAC audit http://bit.ly/1vyLzEI •PTAB group: http://www.iso16363.org/ – News and updates about these standards – Self-Assessment Template