Add to collection(s) Add to saved
  1. History
  2. European History

webinar-trust-2013-bs

advertisement 
Co-funded by the European Union under FP7-ICT-2009-6
Audit & Certification: an auditors perspective
Barbara Sierman, KB National Library of the
Netherlands
aparsen.eu
#APARSEN
Co-funded by the European Union under FP7-ICT-2009-6
The history
2002
2005
2007
2012-
• OAIS ISO 14721 published (updated 2012)
• Par. 1.5: standard(s) for accreditation of archives.
• Checklist for Certification of Trusted Digital Repositories
(RLG/NARA)
• Testaudits performed by RLG
• DRAMBORA (2007), NESTOR (2006)
Security
Management
• Trusted: Infrastructure
Repositoriesand
Audit
and Risk
Certification
final
report.(OCLC,CRL)
• (Input for Repositories Audit and Certification Working Group
(RAC-WG)
• ISO 16363 Audit and Certification of Trustworthy Digital
Repositories (RAC-WG)
• Draft ISO 16919 Requirements for bodies providing Audit
and Certification for candidate trustworthy repositories
(RAC-WG)
Barbara Sierman, KB-NL
aparsen.eu
#APARSEN
Co-funded by the European Union under FP7-ICT-2009-6
The standard 16363
• ISO 16363- 2012 Audit and Certification of Trustworthy
Digital Repositories
Organisational
Infrastructure
Digital Objects
Management
Infrastructure and
Security Risk Mgmt.
: Infrastructure and Security Risk Management
Metrics
• Statement of requirement
• Supporting text
• Examples: repository demonstrates it is
meeting this requirement
• Discussion
Barbara Sierman, KB-NL
aparsen.eu
#APARSEN
Co-funded by the European Union under FP7-ICT-2009-6
Comparison
• TRAC 2005
• TRAC 2007
• ISO 16363
Barbara Sierman, KB-NL
aparsen.eu
#APARSEN
Co-funded by the European Union under FP7-ICT-2009-6
European Framework
European Framework for Audit and Certification of Thrustworthy
Repositories http://trusteddigitalrepository.eu/
Three levels of certification:
 Basic certification :
Data Seal of Approval
 Extended certification
Self – assesment against DIN 31644 or ISO 16363
 Formal certification
Formal audit against ISO 16363 or DIN 31644
Barbara Sierman, KB-NL
aparsen.eu
#APARSEN
Co-funded by the European Union under FP7-ICT-2009-6
The APARSEN test audits
•
ISO 16363 and DIN 31644 (developed by German Nestor Group)
•
(in-) formal audit via ISO 16363
•
Testing of practical use of (draft) standards
•
•
•
•
Metrics understandable and usable
Consistency in evaluation of the evidence
How much effort and time is needed for a repository
Is the standards applicable on different kind of repositories?
Barbara Sierman, KB-NL
aparsen.eu
#APARSEN
Co-funded by the European Union under FP7-ICT-2009-6
Who was involved?
Europe
•
•
•
Data Archiving and Networked Services(DANS),
UK Data Archive (UKDA),
Centre Informatique National de l’Enseignement Supérieur:
•
Département Archivage et Diffusion (CINES-DAD)
German National Library (DIN 31644 standard)
United States
•
•
•
Socioeconomic Data and Applications Center (SEDAC),
National Space Science Data Center (NSSDC)
Kentucky Department for Libraries and Archives (KDLA).
International Group of Auditors
•
Members of the RAC-WG
Barbara Sierman, KB-NL
aparsen.eu
#APARSEN
Co-funded by the European Union under FP7-ICT-2009-6
Audit procedure
• Two Stages:
– 1. Repositories completed a Self-Audit template (Checklist
based on 16363)
 Checklist plus documentation returned to audit team to prepare
audit
– 2. Site visit (2 days)
 Verbal feedback with first impressions
 Detailed report: areas for improvement
Barbara Sierman, KB-NL
aparsen.eu
#APARSEN
Co-funded by the European Union under FP7-ICT-2009-6
Feedback from organisations
•
•
•
•
•
Preparation took more time than expected
Test audit was very useful
Gave insights in strenghts and weaknesses
Audit procedure needed to be improved
How is conformancy measured
– Would like to see a “yard stick”
• In general: hughely rewarding process for all participants
Barbara Sierman, KB-NL
aparsen.eu
#APARSEN
Co-funded by the European Union under FP7-ICT-2009-6
The standard 16919
• ISO has a range of standards related to good auditing practices
• ISO 16919 Requirements for bodies providing Audit and
Certification for candidate trustworthy repositories
• Defines a process for accreditation of auditors.
• Will be an official standard very soon!
Barbara Sierman, KB-NL
aparsen.eu
#APARSEN
Co-funded by the European Union under FP7-ICT-2009-6
More information
APARSEN website
D33.1B Report on peer review of digital repositories,
http://www.alliancepermanentaccess.org/wpcontent/uploads/downloads/2012/04/APARSEN-REP- D33_1B-01-1_1.pdf
http://www.iso16363.org/



News about the status of the ISO standard
References to ISO16363
Self-Assessment Template
http://www.iso16363.org/preparing-for-an-audit/
Barbara Sierman, KB-NL
aparsen.eu
#APARSEN
Related documents
SiermanISO16363-4thRDAPlenary
SiermanISO16363-4thRDAPlenary
APARSENwebinar_201404_02_storagesolutions_Salza
APARSENwebinar_201404_02_storagesolutions_Salza
Webinar_Nov2013_Lambert
Webinar_Nov2013_Lambert
Emanuele-Bellini-APARSEN_demos_V2
Emanuele-Bellini-APARSEN_demos_V2
cost models
cost models
APARSEN Storage Solutions
APARSEN Storage Solutions
1_Webinar_Nov2014_Lambert
1_Webinar_Nov2014_Lambert
Webinar_Use_Case_DNB-Audio
Webinar_Use_Case_DNB-Audio
104-Salza-Guercio-APA 2014-v4-anim
104-Salza-Guercio-APA 2014-v4-anim
The VCoE: what it offers
The VCoE: what it offers
APARSEN_DRM-webinar
APARSEN_DRM-webinar
Folie 1 - aparsen
Folie 1 - aparsen
Usability_-_interoperability_strategies_withAudio
Usability_-_interoperability_strategies_withAudio
Points.
Points.
PEERRS training- power point presentation
PEERRS training- power point presentation
The Slides
The Slides
INHOPE
INHOPE
Auditing
Auditing
Proposal title - İstanbul Bilgi Üniversitesi
Proposal title - İstanbul Bilgi Üniversitesi
Ch. 17 - Ross Fuerman
Ch. 17 - Ross Fuerman
The Future of Defense Financial Management and You
The Future of Defense Financial Management and You
Risk Management Certification PowerPoint - OR
Risk Management Certification PowerPoint - OR
Download
advertisement