Slide 1

Slide 2 Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit & Certification: an auditors perspective Barbara Sierman, KB National Library of the Netherlands Slide 3 Barbara Sierman, KB-NL Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The history : Infrastructure and Security Risk Management 2002 OAIS ISO 14721 published (updated 2012) Par. 1.5: standard(s) for accreditation of archives. 2005 Checklist for Certification of Trusted Digital Repositories (RLG/NARA) Testaudits performed by RLG 2007 DRAMBORA (2007), NESTOR (2006) Trusted Repositories Audit and Certification final report.(OCLC,CRL) (Input for Repositories Audit and Certification Working Group (RAC-WG) 2012- ISO 16363 Audit and Certification of Trustworthy Digital Repositories (RAC-WG) Draft ISO 16919 Requirements for bodies providing Audit and Certification for candidate trustworthy repositories (RAC-WG) Slide 4 Barbara Sierman, KB-NL Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The standard 16363 ISO 16363- 2012 Audit and Certification of Trustworthy Digital Repositories : Infrastructure and Security Risk Management Organisational Infrastructure Digital Objects Management Infrastructure and Security Risk Mgmt. Metrics Statement of requirement Supporting text Examples: repository demonstrates it is meeting this requirement Discussion Slide 5 Barbara Sierman, KB-NL Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN TRAC 2005 TRAC 2007 ISO 16363 Comparison Slide 6 Barbara Sierman, KB-NL Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN European Framework for Audit and Certification of Thrustworthy Repositories http://trusteddigitalrepository.eu/http://trusteddigitalrepository.eu/ Three levels of certification: Basic certification : Data Seal of Approval Extended certification Self assesment against DIN 31644 or ISO 16363 Formal certification Formal audit against ISO 16363 or DIN 31644 European Framework Slide 7 Barbara Sierman, KB-NL Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN The APARSEN test audits ISO 16363 and DIN 31644 (developed by German Nestor Group) (in-) formal audit via ISO 16363 Testing of practical use of (draft) standards Metrics understandable and usable Consistency in evaluation of the evidence How much effort and time is needed for a repository Is the standards applicable on different kind of repositories? Slide 8 Barbara Sierman, KB-NL Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Europe Data Archiving and Networked Services(DANS), UK Data Archive (UKDA), Centre Informatique National de lEnseignement Suprieur: Dpartement Archivage et Diffusion (CINES-DAD) German National Library (DIN 31644 standard) United States Socioeconomic Data and Applications Center (SEDAC), National Space Science Data Center (NSSDC) Kentucky Department for Libraries and Archives (KDLA). International Group of Auditors Members of the RAC-WG Who was involved? Slide 9 Barbara Sierman, KB-NL Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Audit procedure Two Stages: 1. Repositories completed a Self-Audit template (Checklist based on 16363) Checklist plus documentation returned to audit team to prepare audit 2. Site visit (2 days) Verbal feedback with first impressions Detailed report: areas for improvement Slide 10 Barbara Sierman, KB-NL Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN Preparation took more time than expected Test audit was very useful Gave insights in strenghts and weaknesses Audit procedure needed to be improved How is conformancy measured Would like to see a yard stick In general: hughely rewarding process for all participants Feedback from organisations Slide 11 Barbara Sierman, KB-NL Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN ISO has a range of standards related to good auditing practices ISO 16919 Requirements for bodies providing Audit and Certification for candidate trustworthy repositories Defines a process for accreditation of auditors. Will be an official standard very soon! The standard 16919 Slide 12 Barbara Sierman, KB-NL Co-funded by the European Union under FP7-ICT-2009-6 aparsen.eu #APARSEN More information APARSEN website D33.1B Report on peer review of digital repositories, http://www.alliancepermanentaccess.org/wp- content/uploads/downloads/2012/04/APARSEN-REP-D33_1B-01-1_1.pdf http://www.alliancepermanentaccess.org/wp- content/uploads/downloads/2012/04/APARSEN-REP-D33_1B-01-1_1.pdf http://www.iso16363.org/ News about the status of the ISO standard References to ISO16363 Self-Assessment Template http://www.iso16363.org/preparing-for-an-audit/ http://www.iso16363.org/preparing-for-an-audit/