3.3.6 Self-assessment and external certification
|3.3.6 Self-assessment and external certification|
|Status||Ready for review|
|Compliance Rating||Fully compliant|
The repository shall commit to a regular schedule of self-assessment and external certification.
This is necessary in order to ensure the repository continues to be trustworthy and there is no threat to its content.
Examples for Meeting the Requirement
Completed, dated checklists from self-assessments and/or third-party audits; certificates awarded for compliance with relevant ISO standards; timetables and evidence of adequate budget allocations for future certification.
A one-time check on trustworthiness is not adequate because many things will change over time. A longer term commitment should be demonstrated.
The work of the Trusted Digital Repository working group and this Wiki of documentation organized per the Trusted Digital Repository structure represents the first step in this self-assessment process. The 2015 roadmap document lists “TDR analysis, adoption of practices, eventual certification” as a high priority outcome of the TDR working group.
The Preservation Services Policy (https://doi.org/10.18130/V3N58CK61) states that, "This policy is to be reviewed and updated annually by a group designated by either the APTrust Board and/or the Advisory Committee." The Policy also includes a history of versions and reviewers.
The APTrust Collection Development Policy (https://doi.org/10.18130/V3RX93C9C) states that the Review frequency is "No less frequently than two years from adoption or previous review." The Policy also includes a history of versions and reviewers.
Academic Preservation Trust Succession Policy (https://doi.org/10.18130/V31C1TF5Z) outlines the process for regular review and evaluation of APTrust's financial health.
Financial Sustainability and Business Principles and Practices (https://doi.org/10.18130/V3WM13T1F) outlines the strategic, financial, and Service Principles for the Academic Preservation Trust. It also includes access to APTrust Budget Reports.
See the Technical Documentation section on Reporting for information on self-auditing measures. In brief, "APTrust will use a subset of fields from the PREMIS metadata schema to record and report event metadata. Details about the following events should be captured and registered with the Administrative Interface: Ingest, Fixity Generation, Fixity Check, Deletion, and Identifier Assignment."