Digital preservation risks
Jump to navigation
Jump to search
Process
Content
Scenarios
Communication
Resources
How do you describe risk?
Relationship between risks, costs, drivers
Risk areas to think about:
Use the DRAMBORA (http://www.repositoryaudit.eu/about/) classification:
- Physical environment
- Personnel, Management and Admin procedures
- Operations & Service Delivery
- Hardware, Software of Communications Equipment and Facilities
Cross reference with the SPOT (http://www.dlib.org/dlib/september12/vermaaten/09vermaaten.print.html) model:
- availability (long-term use...)
- identity (referencibility...)
- persistence
- renderability (use and retain sig. char.)
- understandability (interpretation of content)
- authenticity (digital bit or rendered form is what it is supposed to be)
- security
How do you prioritise risk?
Using a risk assessment to inform the business case
Scoring risks
Scenarios
- Risks to consider/prioritise in a business case for a repository system
- Risks to consider/prioritise in a business case for new DP staff
- Risks to consider/prioritise in a business case for a digital preservation service
The following are all examples that could factor into any of the above sections...
CURATION
- responsibility (who is actually responsible)
- rights and licensing, use/re-use
- IP
- sensitivity (access control)
- who adds value
ORGANISATION
- capability and skills (skills gap)
- succession planning
- MANDATE (local, institutional, national, international)
- usability
- marketing/surfacing/relevance
- value of asset, reputation of asset
- accruing value, impact, re-use, evidence
- measuring and metrics
- understand the long-term vision if the data is view over a long/short-term
- managing expectations of use
- value of materials against strategy
- what happens when the organization no longer values the collection?
- flow of resources to keep activity going (sustainability)
- respond to external factors
- institutional sustainability
- organization maturity (are they ready to care for these assets)
- risk profiles (are they similar to physical or organization structure) are we making assumptions?
Communications