Důvěryhodnost: Self-audit institucionálního repozitáře podle ISO 16363-2012

V posledním vydání časopisu D-lib vyšel pěkný článek o self-auditu pomocí ISO 16363. Je z univerzitního prostředí a Bernadette Houghton v něm popisuje zážitky z provádění auditu, přípravu na něj i výstupy. Článek může být extrémně užitečný instituci, která se na podobný self-audit vlastními silami chystá.

Bernadette Houghton. Trustworthiness: Self-assessment of an Institutional Repository against ISO 16363-2012. http://www.dlib.org/dlib/march15/houghton/03houghton.html

V článku je 16 doporučení pro správce repozitářů, kteří by se do auditu chtěli pustit. :

1. Do a self-assessment before considering paying for external certification. Certification — and re-certification — is expensive.
2. Get senior management on board. Their support is essential. Digital preservation is a long-term issue.
3. The individual doing the self-assessment should be reasonably familiar with the organisation's and repository's policies and procedures.
4. If you don't have the time or resources to undertake an ISO 16363 assessment, consider doing an assessment against NDSA Levels of Digital Preservation (Owens, 2012).
5. Set up a wiki to document the self-assessment. Do this at the start, and document findings as you go along.
6. Tailor the self-assessment to risk and available time and resources.
7. Determine in advance how deep the assessment will go. For example, will the assessor just collect and review documentation, or will he also check to ensure that documented procedures have been followed and everything 'under the hood' is working properly?
8. Use local knowledge when gathering documentation. ISO 16363's 'suggested evidence' are possibilities only.
9. Become familiar with the criteria before you start the assessment. Some documentation will be relevant to multiple criteria, so it saves time if you can identify those criteria early on.
10. Remember, not all ISO 16363 criteria will be applicable to your particular situation.
11. Keep up the momentum. Finishing the self-assessment does not mean the hard work is over. There will be improvements that need making. Aim to build up your repository's digital resilience over time.
12. Schedule regular self-assessments.
13. If you're thinking about doing an ISO 16363 self-assessment at some time in the future, start the process now. Set up a wiki page to record relevant documentation you come across in the meantime. Keep a watching brief on digital preservation issues, and update the wiki as needed to save time later on.
14. Don't assume that because your repository software is OAIS-compliant, your repository itself is also. Workflows and repository setup can make or break OAIS-compliance.
15. Not all ISO 16363 criteria have the same importance or risk level. Assess each criteria accordingly.
16. ISO 16363 is based on a conceptual model (OAIS). Don't expect the criteria to necessarily align with your repository's particular setup and workflows.