Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • Documented preservation strategies (B3.1)
  • Documented preservation planning (B3.11)
  • Document strategies for AIP storage and migration (B3.2)
  • Policy on copies (number, location, etc.) and backups (D1.2, D1.3)
  • Policy about what access information should be recorded (what is accessed, who is accessing, etc.) (C3.2)
  • Policy about how and when to test understandability (C4.1, C4.2)
  • Policy on what actions to take when data is corrupted or lost (D1.6)
  • Document a change management process that includes creating records of changes made (D1.8)
    • Define process for testing the effect of critical changes to the system (D1.9)
  • Policy for staying current with security fixes (D1.10)

Technical Infrastructure

  • Monitoring and feedback mechanisms to ensure operation and resolve problems (A3.2)
  • Collect and report information integrity measurements (chain of custody, checksums, etc.) (A3.6)
  • Track and enforce copyrights and restrictions on use specified in agreements with depositors using appropriate authentication measures (A5.3, B5.1, C3.3, C3.4)
    • Log all access management failures and review inappropriate access denial incidents (B5.2)
    • Ensure that users that are allowed access to objects can access them in their entirety or that they get a response telling them that part or all of their request cannot be filled. (B5.3, B5.5)
  • Processes "to ensure that the information is acquired from the expected source" (B1.4)
  • Obtain "sufficient physical control over the digital objects to preserve them." (B1.5)
    • Analysis of digital content
    • Verification, analysis, and creation of metadata
    • Authentication and integrity checking
    • Creation of the AIP


  • Ensure that "the process that generates the DIP is correct in relation to the request." (If they get the right image, but in the wrong format, that's a violation of this.) (B5.4)
  • Ensure that "all access requests result in a response of acceptance or rejection." (B5.3, B5.5)
  • Ensure that the process that generates the DIP does not cause the loss or corruption of any content information (B5.6)
  • Implement the access recording policy (C3.2)
  • Ability to test understandability (C4.1, C4.2)
  • Well-supported operating systems and other core infrastructural software (D1.1)
  • Backup functions appropriate to content and services (D1.2)
  • Track number and location (without ambiguity) of all copies of stored digital objects (D1.3)
    • Ability to synchronize multiple copies (D1.4)
  • Mechanisms to detect and report data corruption or loss (D1.5)
  • "Repository has defined processes for storage media migration" (D1.7)
  • Process for testing the effect of critical changes to the system (D1.9)
  • Process for staying current with security fixes (D1.10)


  • Mechanism for reviewing and updating policies (A3.1)
  • Mechanism for eliciting new requirements from depositors (A3.2)
  • Formal, periodic reviews (A3.3)
  • Regular certification; between certifications notify certifying bodies "of operational changes that will change or nullify" certification status (A3.7)
  • Regular short- and long-term business planning to support sustainability (A4.1)
  • Regular "risk, benefit, investment, and expenditure" analysis and reporting (A4.4)
  • "Repository provides Producer/depositor with appropriate responses at predefined points during the ingest process." (B1.7)
  • Demonstrate when preservation responsibility is formally accepted for the contents of the SIP (B1.9) (Is this a technical stage or a workflow process?)
  • Record actions taken during ingest while they're happening (if not automated) (B3.8)
  • Take action when notified that Representation Information (including formats) approaches obsolescence (B3.10)
  • Review inappropriate access denial incidents (B5.2)
  • Procedure for testing understandability (C4.1, C4.2)
  • Take action when data is corrupted or lost (D1.6)
  • "Repository has defined processes for storage media migration" (D1.7)
  • Change management process (D1.9)
    • Process for testing the effect of critical changes to the system (D1.9)
  • Process for staying current with security fixes (D1.10)


  • Staff have skills and expertise appropriate to their duties (A2.1)
  • Appropriate number of staff (A2.2)