Trip Report: DRAMBORA Workshop

From MPDLMediaWiki
Jump to navigation Jump to search

DRAMBORA Workshop, 23 October 2007, Bayerische Staatsbibliothek München


DRAMBORA (Digital Repository Audit Method Based on Risk Assessment) is a framework for risk assessment aiming at projects that have to do with digital repositories. From their website:

This toolkit is intended to facilitate internal audit by providing repository administrators with a means to assess their capabilities, identify their weaknesses, and recognise their strengths. Digital repositories are still in their infancy and this model is designed to be responsive to the rapidly developing landscape. The development of the toolkit follows a concentrated period of repository pilot audits undertaken by the DCC, conducted at a diverse range of organisations including national libraries, scientific data centres and cultural and heritage data archives.


Ulla Tschida, Andreas Gros

General impression[edit]

The two lecturers -- Andrew McHugh from the DCC and Raivo Ruusalepp from the DPE -- were very competent regarding the framework. Both worked on DRAMBORA for a considerable amount of time and contributed to its formulation and revision.

Info material[edit]

The toolkit can be downloaded after registration from . It consists of a PDF file containing an introduction into the methodology of audits and risk assessment, guidelines for risk evaluation, as well as a questionnaire that helps in auditing a digital repository project. This questionnaire can be downloaded also as a Word file or an Excel sheet.


The introduction given by Raivo Ruusalepp gave a comprehensive overview over the methodology of DRAMBORA. It became clear that it is important for a digital repository to have well-defined roles and responsibilities, as well as to have a clear mandate and clear policies for

  • what to store and for how long
  • quality assurance and assessment

Clear and unambiguously defined roles become especially important if one is to enable quick responses to emerging failures. Such failures can be of various kind, e.g.:

  • monetary: a financing body withdraws its support
  • staff related: an important staff member leaves the project and was the only one who knew (how to ..., the passwords for ..., the one crucial software item...)
  • technical: the automated storage facility reports a success in migrating the data from A to B, yet it failed to actually migrate the data

The practical part was led by Andrew McHugh. The attendands were instructed to address certain potential risks that could emerge in a given field (technical problems, staff related, legal questions, ... ) of a repository and strategies on how to react to those risks.

---Andreas Gros 16:57, 31 October 2007 (CET)