5.1.1 - The repository shall identify and manage the risks to its preservation operations and goals associated with system infrastructure.
SP performs technical risk management in order to ensure the integrity, security, and reliability of the repository's content. SP has assessed threats to its hardware, software, and technical operations and implemented a broad range of risk-minimization strategies in collaboration with the University of Toronto Libraries' Information Technology Services (ITS) department. Technical risk management is a part of the repository's comprehensive risk management strategy, described in the Risk Analysis and Management Strategies document. In addition, the repository has a Backup Plan that describes policies and procedures implemented by SP and ITS to provide reliable backup of the repository's data, databases, and applications. To support the repository's risk-minimization activities, SP maintains an inventory of hardware and software components.
The Risk Analysis and Management Strategies document covers, among other things, the following technical risks:
- hardware failure and obsolescence
- storage media failure and obsolescence
- software failure and obsolescence
- loss of critical hardware or software support
- operator error
- cyber attack
In order to change hardware or software components without disrupting normal operations, SP implements and tests changes in isolated environments. For policies and procedures related to hardware and software change management, please see 188.8.131.52.4, 184.108.40.206.8, 220.127.116.11, 18.104.22.168 , 22.214.171.124.1, and 126.96.36.199.2. For policies and procedures related to operator authorization and access, please see 5.2.3.
Digital Preservation Policy Librarian