Purpose: A Trustworthy Digital Repository (TDR) exists to preserve, in an OAIS compliant manner, the digital resources entrusted to its care. For each ISO 16363 metric there is a section labelled, “Examples of Ways the Repository Can Demonstrate it is Meeting this Requirement.” The purpose of these sections is to assist the repository in collecting or creating the appropriate documents and information as it conducts its internal review in preparation for an ISO 16363 certification audit. Repositories may already have a wide variety of the evidence that is required in existing documents, policies, practices and procedures that document the ways in which that repository meets the various requirements of ISO 16363. Other evidence should, or easily can be created in the course of normal operations and be readily assembled in preparation for the ISO 16363 certification process
Broadly, the evidence consists of written policies and procedures which support ingest of the Submission Information Package (SIP), the creation and preservation of the Archival Information Package (AIP), and provision of user access to the preserved digital resources in the form of standard and/or custom Dissemination Information Packages (DIP). In many instances evidence can be used to satisfy a number of separate metrics. This significantly reduces the repository’s preparation efforts..
A fundamental piece of evidence is the mission statement, indicating the repository’s role in the chain of preservation, which can take a variety of forms. The next fundamental type of evidence documents the established policies and procedures routinely executed to ensure long term preservation and retrieval of trustworthy digital objects. This category of evidence also includes community-wide guidance and appropriate local, national and international standards. The other, more detailed group of evidence reflects how the TDR carries out its mission on a daily or periodic basis to ensure the preservation of trustworthy digital information.
Section 3, Organizational Infrastructure, focuses on ensuring that the repository has the appropriate legal basis and resources to operate as a viable TDR. Section 4, Digital Object Management, is devoted to the evidence that shows the adequacy of the whole process from receipt and ingest of the SIP, to the creation and preservation of the AIP, and then to the provision of user access to the preserved digital resources. Section 5, Infrastructure and Security Risk Management, focuses on functions that protect the integrity and security of the bits in which the information is encoded. The lack of appropriate evidence for any metric in any section may indicate flaws in the repository’s operations and/or documentation and lead to re-examining the relevant procedures and addressing those issues. Finally, it should be remembered that perfection is not required; an improvement plan will always be part of the certification plan