3.3.6 Self-assessment and external certification

From aptrust
Jump to: navigation, search


3.3.6 Self-assessment and external certification
Status Ready for review
Compliance Rating Fully compliant
Responsible


The repository shall commit to a regular schedule of self-assessment and external certification.

Supporting Text

This is necessary in order to ensure the repository continues to be trustworthy and there is no threat to its content.

Examples for Meeting the Requirement

Completed, dated checklists from self-assessments and/or third-party audits; certificates awarded for compliance with relevant ISO standards; timetables and evidence of adequate budget allocations for future certification.

Discussion

A one-time check on trustworthiness is not adequate because many things will change over time. A longer term commitment should be demonstrated.

Evidence Provided

The work of the Trusted Digital Repository working group and this Wiki of documentation organized per the Trusted Digital Repository structure represents the first step in this self-assessment process. The 2015 roadmap document lists “TDR analysis, adoption of practices, eventual certification” as a high priority outcome of the TDR working group.

The Preservation Services Policy (https://doi.org/10.18130/V3N58CK61) states that, "This policy is to be reviewed and updated annually by a group designated by either the APTrust Board and/or the Advisory Committee." The Policy also includes a history of versions and reviewers.

The APTrust Collection Development Policy (https://doi.org/10.18130/V3RX93C9C) states that the Review frequency is "No less frequently than two years from adoption or previous review." The Policy also includes a history of versions and reviewers.

Academic Preservation Trust Succession Policy (https://doi.org/10.18130/V31C1TF5Z) outlines the process for regular review and evaluation of APTrust's financial health.

Financial Sustainability and Business Principles and Practices (https://doi.org/10.18130/V3WM13T1F)  outlines the strategic, financial, and Service Principles for the Academic Preservation Trust. It also includes access to APTrust Budget Reports.

See the Technical Documentation section on Reporting & Auditing for information on self-auditing measures. In brief, "APTrust will use a subset of fields from the PREMIS metadata schema to record and report event metadata. Details about the following events should be captured and registered with the Administrative Interface: Ingest, Fixity Generation, Fixity Check, Deletion, and Identifier Assignment."

Compliance Rating

Fully Compliant

Status

Ready for review