DRAMBORA audit of NUSL as a trustworthy digital repository
A regular audit of the NUSL as a trustworthy digital repository has been performed since 2009 to ensure the long-term proper functioning of the repository. For this aim, the tool and methodology called Digital Repository Audit Method Based on Risk Assessment (DRAMBORA) is used. The output of the audit is a mapped repository and its relevant environment together with the identified risks, on the basis of which the action plan is built. The action plan is aimed to eliminate or moderate the impact of individual risks on the NUSL operation.
The first audit of the NUSL as a trustworthy digital repository using the tool
and methodology of DRAMBORA (Digital Repository Audit Method Based on Risk
Assessment) was performed at the end of 2009 as a part of creating a digital
repository of grey literature in the National Technical Library (NTK). The
audit results and experience from its course were summarized in a final report
and during 2010 they were published in the book Grey Literature Repositories.
The most important outcome of the audit was represented by the identified risks connected to the NUSL and potentially endangering its operation, quality, image and other features; these risks were being eliminated or moderated by the NUSL team during the whole year of 2010. The main principle of the DRAMBORA audit and, at the same time, its main contribution, is iteration, i. e., its repetition after a certain time period in new conditions when the original risks are reassessed, the measurements adopted for their solution are assessed and new risks are identified.
The second audit of the NUSL digital repository was performed after one year, at the year's end again. In this audit, the actual state of the repository was assessed, its progress reached during 2010, new potential risks were identified as well as possible ways to eliminate them or to reduce their impact. The NUSL documentation, the description of the whole project, its processes, procedures and related documents significantly developed during 2010 and, therefore, they made a very good basis for the audit.
The third audit was performed after one year using the same method as the two
preceding audits, with the presence of an external consultant who obtained
information by interviewing NUSL team members and through study of the most
significant documents containing responses to the previous audit and progress
of the NUSL in 2011 including changes in its relevant environment.
In addition to the mapped repository and the relevant environment, the producers of the methodology and the tool consider the most important output to be the analysis of identifiable risks endangering the repository, its quality, readiness, reputation and position in the eyes of both specialists and ordinary users.
In the 2011 audit, 24 risks were assesses that were identified in the audits 2009 and 2010, primarily the progress in their elimination, and 3 new risks were identified. The biggest change in comparison with last year is that the NUSL pilot project ended in 2011, and the NUSL became an integral part of services offered by the NTK and is fully funded from the NTK budget, which was reflected in the assessment of risks related to the mandate and funding of the NUSL. The other significant changes are apparent from incremental commentaries in the DRAMBORA database, from files attached to it and from records added mainly in the areas of Constraints, Objectives and Activities. The identified and reassessed risks continue to pertain particularly to the conditions of activity description and repository procedures, condition and development of staff, project funding, hardware and software resources and NUSL collections including backup and relevant NUSL environment.
The end of the pilot project and NUSL became an integral part of services offered by the NTK and is fully funded from the NTK budget was still the big change and it was reflected in the assesment of mandate and funding related risks. The biggest risk was identified in NUSL cooperation network - it’s state and future developement. In the 2012 audit, 27 risks were assessed and 5 new risks were identifed.