5.1.1 - The repository shall identify and manage the risks to its preservation operations and goals associated with system infrastructure.
Explanation
SP performs technical risk management in order to ensure the integrity, security, and reliability of the repository's content. SP has assessed threats to its hardware, software, and technical operations and implemented a broad range of risk-minimization strategies in collaboration with the University of Toronto Libraries' Information Technology Services (ITS) department. Technical risk management is a part of the repository's comprehensive risk management strategy, described in the Risk Analysis and Management Strategies document. In addition, the repository has a Backup Plan that describes policies and procedures implemented by SP and ITS to provide reliable backup of the repository's data, databases, and applications. To support the repository's risk-minimization strategies, SP maintains an inventory of hardware and software components.
The Risk Analysis and Management Strategies document covers, among other things, the following technical risks:
- hardware failure and obsolescence
- storage media failure and obsolescence
- software failure and obsolescence
- loss of critical hardware or software support
- operator error
- cyber attack
In order to change hardware or software components without disrupting normal operations, SP implements and tests changes in isolated environments. For policies and procedures related to hardware and software change management, please see 5.1.1.1.4, 5.1.1.1.8, 5.1.1.4, 5.1.1.6.1, and 5.1.1.6.2. For policies and procedures related to operator authorization and access, please see 5.2.3 .
Responsibility
Digital Preservation Policy Librarian
Systems Administrator
Potential Risks
See this item in 5.2.1 and 5.2.2.
Monitoring Commitments
See this item in 5.2.1 and 5.2.2.
Future Plans
See this item in 5.2.1 and 5.2.2.
Relevant Documents
- Risk Analysis and Management Strategies
- Backup Plan
- Hardware and Software Inventory