Digital Preservation: Audit Metrics

What are Audit Metrics?

Digital preservation auditing metrics are used to ensure that an institutional repository is using updated tools, technology, and process for preserving data. The metrics include standards on governance, digital object management, and security and technologies. Many institutions have begun pursuing certification, and it is an ultimate goal for Virginia Tech Libraries' digital preservation initiatives.

Audit Metric Examples

ISO 16363: Audit and Certification of trustworthy digital repositories, a.k.a. Trusted Digital Repository (TDR)

Developed in 2012
International
Consultative Committee for Space Data Systems (CCSDS) and published by International Standards Organization
Ultimate audit

Trustworthy Repository Audit & Certification (TRAC)

Developed in 2007
United States
Online Computer Library Center
Foundation for TDR

CoreTrustSeal

Developed 2017
Merged the World Data System of the International Science Council (WDS) and the Data Seal of Approval (DSA)
Purpose is a first step towards repository certification, followed by the nestor Seal and then TDR

Data Seal of Approval (DSA)

Developed in 2008
Netherlands
Data Archiving and Networked Services (DANS)
Compatible with nestor Seal

nestor Seal for Trustworthy Digital Archives

Developed in 2013
Germany
nestor Certification Working Group
Compatible with DSA

DIN 31644 Information Documentation -- Criteria for Trustworthy Digital Archives

Developed in 2012
Germany
German Institute for Standardization

Digital Repository Audit Method Based on Risk Assessment (DRAMBORA)

Developed in 2006-7
United Kingdom
Data Curation Centre and DigitalPreservationEurope
Self-assessment

Ten Principles

Developed in 2007
United States
Center for Research Libraries

Timeline of Metric Development

Digital preservation development extends far beyond this timeline, but this also illustrates how these metrics are evolving incrementally and through international collaboration.

1999: The Open Archival Information System (OAIS) reference model isdeveloped by the Consultative Committee for Space Data Systems (CCSDS) in the US, and then passed to the International Organization for Standardization (ISO) for approval and control (Lavoie, 2000).
2000: ISO 17799 Information Security Policy is added to ISO from the existing British standard BS 7799. ISO 17799 evolves into ISO 27002.
2002: Digital Preservation Coalition is established in the UK.
2003: OAIS reference model for long-term preservation is officially released by ISO.
2004: The Digital Curation Centre is established in the UK.
2005: ISO 17799-2 becomes ISO 27001 and the ISO 27000 series develops further from ISO 27001 and ISO 27002.
2006: Center for Research Libraries (CRL) is established in the US.
2006-2007: DRAMBORA is developed by the Data Curation Centre (DCC) and DigitalPreservationEurope (DPE) for self-assessment risk management.
2007: TRAC is developed by OCLC and is implemented by CRL auditors.
2007: The Ten Principles is developed by four digital preservation organizations and published by the CRL.
2008: DSA is developed by Data Archiving and Networked Services (DANS) at the Royal Netherlands Academy of Arts and Sciences (DSA About).
2009: Control of DSA is transferred to an international Board of external auditors (DSA About).
2012: ISO 16363, otherwise known as Trusted Digital Repositories (TDR), is developed as an expanded, better-organized version of TRAC and is currently the ultimate certification standard.
2012: DIN 31644 Information and Documentation -- Criteria for Trustworthy Digital Archives, which is the expansion of the Ten Principles, is released in Germany.
2013: nestor Seal is developed by the nestor Certification Working Group as verification for DIN 31644 compliance for the purposes of extended certification.
2013: National Digital Stewardship Alliance (NDSA) develops the NDSA Levels of Preservation.
2014: ISO 16919 "Space data and information transfer systems -- Requirements for bodies providing audit and certification of candidate trustworthy digital repositories" is created, which is a prerequisite for ISO 16363 certification.

Examples of Certified Insitutions

ISO 16363 Trusted Digital Repository Certifications by ISO

PTAB - Primary Trustworthy Digital Repository Authorisation Body Ltd.

TRAC Certifications by CRL

DSA Certifications

nestor SEAL Certifications

DRAMBORA Certifications

Resources

David Rosenthal's DSHR's Blog on TRAC Certification of the CLOCKSS Archive.

Goportis' blog on Consortial Certification Processes: the Goportis Digital Archive: A Case Study

Bishoff, L., The Bishoff Group, & Rhodes, E. (2007). "Planning for digital preservation: A self-assessment tool." NDCC. Available here.

Welch, T. & Phillips, K. (2014). Trustworthy repositories: Audit and certification (TRAC) Cline 63 Library internal audit, Spring 2014. Available here.

Witt, M., Kroll, M., Minor, D., and Reilly, B. (2012). "ISO 16363: Trustworthy Digital Repository Certification in Practice." Purdue e-Pub. Available here.