Information Technology Reference
In-Depth Information
•
Organisational Infrastructure
◦
GOVERNANCE & ORGANIZATIONAL VIABILITY
◦
ORGANIZATIONAL STRUCTURE & STAFFING
◦
PROCEDURAL ACCOUNTABILITY & PRESERVATION POLICY
FRAMEWORK
◦
FINANCIAL SUSTAINABILITY
◦
CONTRACTS, LICENSES, & LIABILITIES
•
Digital Object Management
◦
INGEST: ACQUISITION OF CONTENT
◦
INGEST: CREATION OF THE AIP
◦
PRESERVATION PLANNING
◦
AIP PRESERVATION
◦
INFORMATION MANAGEMENT
◦
ACCESS MANAGEMENT
•
Infrastructure and Security Risk Management
◦
TECHNICAL INFRASTRUCTURE RISK MANAGEMENT
◦
SECURITY RISK MANAGEMENT
This breakdown into topics is not unique and indeed several different breakdowns
have been tried; this one seemed to fit best.
Looking in even more detail the guidance for the auditors is further split out into
metrics. Some of these metrics are broken into sub-metrics indicating that the audi-
tor needs to check these even more specific points; a few of these sub-metrics have
some even more specific sub-sub-metrics specified. Even these sub-sub-metrics are
not hugely specific - it is still a matter for the judgement of the auditor. Indeed
the metrics themselves are a matter of judgement; in this case of course it is the
judgement of the working group which produced the metrics.
The following table shows the metrics at the time of writing, showing clearly the
metrics and sub-metrics, with number of comments which should be helpful.
Each metric has one or more of the following informative pieces of text
associated with it
•
Supporting text: giving an explanation of why the metric is important
•
Examples of Ways the Repository can Demonstrate it is Meeting this
Requirement: providing examples of the evidence which might be examined to
test whether the repository satisfies the metric
•
Discussion: clarifications about the intent of the metric