An audit of NRGL as a trustworthy digital repository

The first audit of the NRGL as a trustworthy digital repository using the tool and methodology of DRAMBORA (Digital Repository Audit Method Based on Risk Assessment) was performed at the end of 2009 as a part of creating a digital repository of grey literature in the National Technical Library (NTK). The audit results and experience from its course were summarized in a final report and during 2010 they were published in the book Grey Literature Repositories.

The most important outcome of the audit was represented by the identified risks connected to the NRGL and potentially endangering its operation, quality, image and other features; these risks were being eliminated or moderated by the NRGL team during the whole year of 2010. The main principle of the DRAMBORA audit and, at the same time, its main contribution, is iteration, i. e., its repetition after a certain time period in new conditions when the original risks are reassessed, the measurements adopted for their solution are assessed and new risks are identified.

The second audit of the NRGL digital repository was performed after one year, at the year´s end again. In this audit, the actual state of the repository was assessed, its progress reached during 2010, new potential risks were identified as well as possible ways to eliminate them or to reduce their impact. The NRGL documentation, the description of the whole project, its processes, procedures and related documents significantly developed during 2010 and, therefore, they made a very good basis for the audit.

In addition to the mapped repository and the relevant environment, the producers of the methodology and the tool consider the most important output to be the analysis of identifiable risks endangering the repository, its quality, readiness, reputation and position in the eyes of both specialists and ordinary users.

In the 2010 audit, 16 risks were assesses that were identified in the last audit, primarily the progress in their elimination, and 8 new risks were identified. The NRGL repository is still in the pilot project stage; however, it is run on final software versions and real data are stored. Identified and reassessed risks mainly refer to the description of activities and procedures of the repository, the state and development of the staff, project funding, hardware and software sources including their backup and related NRGL environment.

A yearly repetition of the audit in new conditions, identification of new or modified risks, and creation of another action plan make the audit an iterative process that contributes to the trustworthiness of the NRGL.

Full audit text is accessible here.