Digital repository audit method based on risk assessment

The digital repository audit method based on risk assessment (DRAMBORA) is a methodology and associated software-based toolkit developed by Digital Curation Centre (DCC) and DigitalPreservationEurope (DPE) to support the assessment of digital preservation repositories.

The DRAMBORA toolkit is intended to facilitate internal audit of digital preservation repositories by providing repository administrators with a means to assess their capabilities, identify their weaknesses, and recognise their strengths. The development of the toolkit follows a concentrated period of repository pilot audits undertaken by the DCC, conducted at a diverse range of organisations including national libraries, scientific data centres and cultural and heritage data archives. The construction of a toolkit of this kind is a dynamic process and this is the second stage in this process. The DRAMBORA toolkit represents the latest development in an ongoing international effort to conceive criteria, means and methodologies for audit and certification of digital repositories. The intention throughout its development was to build upon, extend and complement existing efforts. A key requirement has been to establish a toolkit that contributes towards a single process for repository assessment. The importance of international cooperation and collaboration, and the potential dangers associated with divergence were acknowledged very early on within the DCC and DPE's work in this area.

The results of the original efforts of RLG/NARA task force and the nestor working group to develop criteria for audit and certification of trustworthy digital repositories and the work that was led by the Center for Research Libraries (CRL) were foremost within the considerations throughout the development of the DRAMBORA toolkit, and in the DCC-led pilot audits that preceded it. The DCC/DPE working group has engaged with representatives of other groups to agree upon a set of principles, representing the fundamental, objective baseline criteria for preservation repositories, and these and their underlying concepts, are profoundly important within the toolkit. It is anticipated that self-audit based on DRAMBORA can be facilitated if undertaken in association with one or both of the check-lists, and vice versa. The risk-based approach assists efforts to match a repository against these lists of requirements. Only with a clear view of an organisation's business context and its implicit risks can an auditor effectively use these requirements. The toolkit contextualises these lists so they can be more effectively applied. In addition to these resources, we have also sought to incorporate and adapt ideas and concepts from an additional, diverse range of sources, including a wide range of international information standards, many with their basis in the risk management industry aiming to broaden ever further the perspectives that our international colleagues have already established.

DRAMBORA is released under the Creative Commons Attribution – Non-Commercial – Share-Alike 2.0 License.