Trip Report: DRAMBORA Workshop

DRAMBORA Workshop, 23 October 2007, Bayerische Staatsbibliothek München

Introduction
DRAMBORA (Digital Repository Audit Method Based on Risk Assessment) is a framework for risk assessment aiming at projects that have to do with digital repositories. From their website:

''This toolkit is intended to facilitate internal audit by providing repository administrators with a means to assess their capabilities, identify their weaknesses, and recognise their strengths. Digital repositories are still in their infancy and this model is designed to be responsive to the rapidly developing landscape. The development of the toolkit follows a concentrated period of repository pilot audits undertaken by the DCC, conducted at a diverse range of organisations including national libraries, scientific data centres and cultural and heritage data archives.''

Participants
Ulla Tschida, Andreas Gros

General impression
The two lecturers -- Andrew McHugh from the DCC and Raivo Ruusalepp from the DPE -- were very competent regarding the framework. Both worked on DRAMBORA for a considerable amount of time and contributed to its formulation and revision.

Info material
The toolkit can be downloaded after registration from http://www.repositoryaudit.eu/download/. It consists of a PDF file containing an introduction into the methodology of audits and risk assessment, guidelines for risk evaluation, as well as a questionnaire that helps in auditing a digital repository project. This questionnaire can be downloaded also as a Word file or an Excel sheet.

Summary
The introduction given by Raivo Ruusalepp gave a comprehensive overview over the methodology of DRAMBORA. It became clear that it is important for a digital repository to have well-defined roles and responsibilities, as well as to have a clear mandate and clear policies for Clear and unambiguously defined roles become especially important if one is to enable quick responses to emerging failures. Such failures can be of various kind, e.g.:
 * what to store and for how long
 * quality assurance and assessment
 * monetary: a financing body withdraws its support
 * staff related: an important staff member leaves the project and was the only one who knew (how to ..., the passwords for ..., the one crucial software item...)
 * technical: the automated storage facility reports a success in migrating the data from A to B, yet it failed to actually migrate the data

The practical part was led by Andrew McHugh. The attendands were instructed to address certain potential risks that could emerge in a given field (technical problems, staff related, legal questions, ... ) of a repository and strategies on how to react to those risks.

---Andreas Gros 16:57, 31 October 2007 (CET)