Abstract
The Digital Preservation Storage Criteria (hereafter, the Criteria) grew out of a community discussion at the 12th International Conference on Digital Preservation (iPRES 2015) on the evolving landscape of digital preservation storage approaches. A Working Group convened to develop guidance for organizations that either use or provide digital preservation storage. The first version of the Criteria was presented at an iPRES 2016 workshop and outlined the Working Group’s preliminary results and sought feedback. The Working Group has shared iterative versions over the last three years that have been informed by community feedback gathered through conference sessions, online review and a survey. Possible uses of the Criteria include helping organizations to develop requirements for their digital preservation storage, evaluating digital preservation storage solutions, raising awareness about digital preservation storage, and providing training materials to inform practitioners and others, including a game to demonstrate how the Criteria might be adapted for use. A Usage Guide accompanied the release of the current public iteration of the Criteria to help apply the Criteria. This iteration of the Criteria contains 61 criteria grouped into categories: Content Integrity, Cost Considerations, Flexibility, Information Security, Resilience, Scalability and Performance, Support, and Transparency. The unreleased draft, Version 4, includes an additional category: System Security. In addition to introducing the Criteria and providing background about their evolution, this article highlights new areas of development. First, the preliminary results from an ongoing effort to map the Criteria to relevant international digital preservation and information technology standards are presented. Second, updates to the Usage Guide are discussed. The Usage Guide is a supplement to the Criteria that provides the contextual information necessary for implementing the Criteria and includes sections on considerations such as risk management, cost, understanding independence and ensuring bit safety. Finally, examples of using the Criteria in various contexts are provided to encourage organizations to apply the Criteria to their own situation. The Criteria, the Usage Guide, the Criteria game and related documents are open and available for review at https://osf.io/sjc6u/, where future additions and updates will be shared.
Keywords
Introduction
The need to navigate generations of storage technologies is a challenge for formulating effective preservation strategies. The Digital Preservation Storage Criteria (hereafter, the Criteria) are intended to help address the evolving requirements, emerging and competing solutions, increasing need for capacity, and ever-changing resources available for digital preservation that organizations of all kinds face. The Criteria are a result of a collaborative process within the digital preservation community that began in 2015. This article provides context for the iterative development of the Criteria, highlights recent updates and extensions, and looks ahead to further work and possible developments. The Criteria are in the fourth iterative cycle of definition and elaboration by the Criteria Working Group. Throughout this collaborative process, the Working Group has organized and provided opportunities for community review and feedback. After each round of community engagement, the Working Group integrates or otherwise addresses the feedback gathered to produce new versions, which are publicly available on a project website (Goethals, McGovern, Schaefer et al., 2018).
Background on the Criteria creation
An idea arose during a community discussion of digital preservation storage convened at the 12th International Conference on Digital Preservation (iPRES 2015): Would a guiding document that outlined requirements for digital preservation storage be useful? The acknowledgement of the lack of this type of guidance resulted in a call for volunteers, and a Working Group was subsequently formed to design a set of digital preservation storage requirements. It quickly became clear that the ‘requirements’ would vary from organization to organization, making the objective of a definitive list both unrealistic and unhelpful. The Working Group determined that a set of criteria would be most helpful for the development of good practice for digital preservation storage that is responsive to a shifting technological environment and would allow an organization to select the subset of the criteria that fit its situation. That is the objective of the Working Group and the purpose of the Criteria.
The Working Group gathered requirements from organizations of different shapes and types and then synthesized the results into more general criteria. In preparation for the 2016 iPRES workshop that introduced the Criteria, the Working Group listed this starter set of criteria in a survey of workshop participants prior to the conference. The survey asked the participants to rank each criterion according to the value they would assign to it. This activity engaged the participants with the Criteria and enabled a productive discussion during the workshop. The feedback from that workshop, and from a session at the annual Library of Congress Designing Storage Architectures meeting, informed Version 2 of the Criteria.
The Working Group then used this same pattern in 2017 and 2018: revise the Criteria; share the next version at iPRES and at the Library of Congress meetings; incorporate the feedback to create a new version and repeat. To expand the reach of community engagement, the Working Group created a Google email group for interested community members to discuss and comment on the resulting versions. Currently, the Working Group is drafting Version 4, which is informed by feedback from a paper presented at (Zierau, Schaeffer, McGovern et al., 2019) and presentations at other meetings.
Defining digital preservation storage
Engaging the digital preservation community in developing good practice for digital preservation storage is hampered by the absence of an authoritative source for definitions. Creating working definitions provides a way to develop a shared understanding of core concepts that enables international collaboration. Early in their work, the Criteria Working Group identified the need for a working definition of digital preservation storage. First, the group had to define ‘digital preservation’. As a starting point, they adopted the Digital Preservation Coalition’s (2015) definition: ‘the series of managed activities necessary to ensure continued access to digital materials for as long as necessary’.
Building on that base, the Criteria’s working definition of digital preservation storage is: a fundamental component of digital preservation infrastructure, both organizational and technological, that supports and enables ongoing digital preservation activities. The term ‘digital preservation storage’ encompasses multiple functional areas (or entities) of the open archival information system (OAIS) Reference model (ISO 14721:2012; International Organization for Standardization, 2012b). In the ‘functional entity’ diagram of the OAIS Reference model, the ‘archival storage’ functional entity may appear to equate to digital preservation storage. However, the Criteria use a broader definition for digital preservation storage that includes the ‘archival storage’ functional entity as well as other OAIS functional entities and organizational decision-making and practices for digital preservation that are needed to store, maintain, monitor and retrieve Archival Information Packages. The roles and interactions within the OAIS model that relate to digital preservation storage are explained in McGovern and Zierau (2014). Examples of additional OAIS functional entities in digital preservation storage include: Preservation planning, which is responsible for monitoring technology for storage options, relevant standards and practices, and media migrations; Data management, which maintains the relationship between preserved content and its associated metadata; Administration, which is concerned with policies and standards pertaining to digital preservation storage management and for auditing submissions from receipt through deposit in storage; Ingest, which creates and updates preservation packages and is responsible for delivering preservation objects to digital preservation storage.
The OAIS Reference model provided a starting point for developing the Criteria and a framework for thinking about how the OAIS functional entities relate to preservation storage. The standards-mapping process described in this article uses a range of other relevant standards in addition to the OAIS to inform the Criteria.
The Criteria are intended to continually enable the digital preservation community to weigh the potential opportunities and risks of modern storage services and options while addressing the expectations of modern digital preservation practices.
New developments and use
The Working Group has developed the Criteria as a set of design attributes with associated considerations for digital preservation storage services. The possible audiences for the Criteria include digital preservation managers who need to implement and manage digital preservation storage, providers of digital preservation storage services, auditors of digital preservation programmes, digital preservation instructors and students, and practitioners in affiliated domains who rely on digital preservation storage. A guiding principle for the versions of the Criteria has been ensuring that the Criteria remain generally applicable to digital preservation storage in any context by avoiding the inclusion of local practices. The Criteria provide a bridge to implementation by including a Usage Guide and accumulating examples to demonstrate the local use of the Criteria.
The remainder of the article includes five sections that give an overview of the Criteria, highlight recent developments and describe future work on the Criteria. ‘Inside the Criteria’ reviews the content, categories and format of the Criteria. ‘Standards mapping’ explains the Working Group’s efforts to map the Criteria to standards. ‘Inside the Usage Guide’ provides an overview of the topics addressed and the implications of those topics for digital preservation storage planning and implementation. ‘Using the Criteria’ demonstrates through examples the ways in which organizations and individuals might benefit from and apply the Criteria. And finally, the ‘Discussion’ section considers the implications of some aspects of developing the Criteria and shares an overview of ongoing work and possible developments.
Inside the Criteria
Presentation
The Criteria are organized into a table with five columns and one row per criterion, as shown in Table 1. The columns are for the ‘Number’ (sequential identification for the criterion), ‘Criteria’ (short descriptive name for the criterion), ‘Category’ (one of eight topical areas used to group the Criteria), ‘Description’ (short definition for the criterion) and ‘Related standards’ (an area to list relevant standards to the criterion). So, for example, in Table 1, the first listed criterion is integrity checking in the category of Content Integrity. The integrity checking criterion indicates that the digital preservation storage ‘[p]erforms verifiable and/or auditable checks to detect changes or loss in or across copies’.
Subset of the Preservation Criteria.
Categories
Initial feedback from the digital preservation community indicated that instead of simply providing a long list of criteria, some sort of organization would be helpful. In response, the Criteria were organized into categories to group similar criteria together and provide an overall structure. Each criterion belongs to only one category. The categories do not have strict definitions and may be edited in future versions as new criteria are added or current criteria are refined. For example, the System Security category has been recently created and will be present in the next version of the Criteria. Currently, there are the following nine categories:
Content Integrity, which refers to practices that ensure the state of the stored data has not changed. The two criteria that make up this category – integrity checking and independent integrity checking – require that not only are there detection mechanisms to ensure that the data has not been changed, altered or removed, but also these mechanisms can be audited by internal and external entities.
Cost Considerations, which reflects the financial impact of storage decision-making. This also includes the criteria that the storage be energy-efficient, which is related to both costs and environmental concerns.
Flexibility, which refers to the adaptability, interoperability and overall ability to customize digital preservation storage solutions to an organization’s needs. For example, the customizable replication criterion provides for the ability to establish content-based rules to replicate a variable number of copies. This could be particularly useful for organizations which have policies to keep more copies of content that is classified at a higher value level.
Information Security, which refers to data protection methods to ensure that the data cannot easily be tampered with or removed. The closely related Content Integrity category is about detecting changes to content, while the Information Security category is about protecting against those changes occurring, especially across all copies of the content. For example, the geographical independence criterion requires multiple copies to be stored in geographically separate locations, thus reducing location-specific risks of data loss. Similarly, the organizational independence criterion requires copies to be managed by separate organizations, protecting data from the risks associated with one organization managing all the copies of content.
Resilience, which refers to the durability and availability of the digital preservation storage system. This category includes criteria such as durable media, specifying that the storage media have acceptable longevity rates. The error control criterion is concerned with storage-level error remedies, such as Redundant Array of Independent Disks (RAID), ZFS and erasure coding, while the recovery and repair criterion helps outline how such remedies should occur: within acceptable time frames, without error propagation and, if necessary, with tools allowing the content-owning institution to remedy the error.
Scalability and Performance, which refers to computational performance and the ability to be scaled up or down according to organizational needs. This category includes criteria such as supports expansion, which provides for an increase in storage capacity, as well as its inverse, supports reduction, should a decrease in storage needs arise. It also lists criteria related to system performance such as compute power, file system limits and Input/Output (I/O) performance.
Support, which refers to support contracts as well as services like training, accessibility and additional preservation services such as migration.
Transparency, which refers to the visibility into the storage system’s functions – for example, auditing, reporting, error notification and documentation. Specific criteria include open storage formats, which requires support for non-proprietary storage formats such as tar and the Linear Tape File System. Expose location, which requires that the specific storage location be disclosed to the content owner, may be especially useful in cloud storage architectures.
System Security, which refers to the security of the system itself rather than the data within it. Closely related to the Information Security category, System Security contains criteria that are related to managing access to the system, whether in person or virtually. For example, security protocols may be required when protective measures for access to physical hardware are regulated. Authentication integration may be important for organizations wishing to integrate organizational-wide identity services such as Active Directory.
Standards mapping
The forthcoming Version 4 of the Criteria will include mappings between specific criteria and relevant standards, such as ISO 14721 and ISO 16363. This feature was intended from the inception of the document. Currently, the following standards have been mapped to the Criteria: ISO 16363:2012: Space data and information transfer systems – Audit and certification of trustworthy digital repositories (International Organization for Standardization, 2012a). ISO 14721:2012: Space data and information transfer systems – Open archival information system (OAIS) – Reference model (International Organization for Standardization, 2012b). ISO/TR 17797:2014: Electronic archiving – Selection of digital storage media for long term preservation (International Organization for Standardization, 2014). ISO/IEC 27000:2018: Information technology – Security techniques – Information security management systems – Overview and vocabulary (International Organization for Standardization, 2018). ISO/IEC 27001:2013: Information technology – Security techniques – Information security management systems – Requirements (International Organization for Standardization, 2013b). ISO/IEC 27002:2013: Information technology – Security techniques – Code of practice for information security controls (International Organization for Standardization, 2013a). IASA-TC 04: ‘Guidelines on the production and preservation of digital audio objects’ (International Association of Sound and Audiovisual Archives Technical Committee, 2009).
Additionally, the following standards are under review for applicability and potential mapping to the Criteria: ISO/TR 15801:2017: Document management – Electronically stored information – Recommendations for trustworthiness and reliability (International Organization for Standardization, 2017). ISO/TR 18492:2005: Long-term preservation of electronic document-based information (International Organization for Standardization, 2005).
Certain criteria map to many of the different standards that were reviewed. One such criterion, security protocols, states that the digital preservation storage ‘includes protective measures, controls and documented procedures to prevent security incidents related to hardware, software, personnel, physical structures, devices and deletions’. As one may expect, this criterion mapped to all three of the related Information technology – Security techniques – Information security management systems ISO standards – ISO 27000, 27001, 27002. Table 2 shows the specific areas and wording that relate to the criterion definition. Section 4.1 of ISO 27000 states that: ‘Organizations need to: a) monitor and evaluate the effectiveness of implemented controls and procedures; b) identify emerging risks to be treated; and c) select, implement and improve appropriate controls as needed’ (International Organization for Standardization, 2018: p. 11). ISO 27001 maps to this criterion in eight different areas of the standard, as outlined in Table 2. In addition to noting the standard in the ‘Related standards’ column as shown in Table 1, Version 4 of the Criteria will include a detailed mapping of each criterion to the specific section of a related standard and also the relevant text from the standard, much like in Table 2.
Example showing the standards mapped to the criterion security protocols.
The process of mapping the criteria to standards has highlighted the need to reword particular criterion definitions, as well as identifying new potential criteria. For example, in reviewing the same security protocols criteria discussed above, it became evident while mapping to the OAIS that there was a need to refine the original definition to address ad hoc deletions and approved policies, both of which are explicitly mentioned in the OAIS. Thus, the new definition of the criterion was drafted as: ‘Includes protective measures, controls and documented procedures to prevent security incidents related to hardware, software, personnel, physical structures, devices and deletions that are not allowed as part of an approved policy/strategy’.
Another by-product of the standards-mapping process is the identification of new criteria. As standards are reviewed, gaps in the current Criteria are uncovered. One such gap was identified after a review of ISO 27001, which states that: ‘Formal transfer policies, procedures and controls shall be in place to protect the transfer of information through the use of all types of communication facilities’ (International Organization for Standardization, 2013a: p. 51). Version 3 of the Criteria has no criterion relating to policies or procedures around data transfer, yet this is an area of critical concern as the risk of data loss or corruption during transfer is much higher than while data is at rest. To remedy this oversight, a new criterion related to transfer policies and procedures has been proposed. Currently, 18 recommendations for new or revised criteria have been proposed by the Working Group as a result of this standards-mapping work. Each recommendation will undergo further review before being submitted to the digital preservation community for feedback prior to finalizing and publishing in Version 4 of the Criteria.
Inside the Usage Guide
The Criteria need to be set in the context of basic preservation considerations. For example, an institution’s digital preservation storage solution should be designed so that there is no single point of failure. This means thinking across the solution and making sure that there is enough variability so that incidents or failures will leave possibilities for recovery. Digital preservation storage solutions should be resilient enough to be able to recover from loss of any one part, whether it is caused, for example, by media failure, a malicious attack or the shutdown of a storage company.
Within this larger context of an institution’s overall digital preservation storage solution, an institution may make different decisions about the relative importance of the Criteria for different components – for example, for particular copies, data centres or collections. In this way, some of the Criteria might be critically important for some of its collections, copies or data centres, but not for others.
The Usage Guide explains the different considerations that need to be taken into account when using the Criteria. Preservation in general is about prevention of loss of data, and the Usage Guide provides context for specific concepts that are important to support that work. The Usage Guide focuses on activities that organizations can consider and perform based on these key concepts. It also addresses the interplay among the concepts and how one consideration has an impact on others. For example, the concept of ‘independence of copies’ is a driver of the concept of ‘risk management’. Similarly, analysis of risks is done in conjunction with ‘cost analysis’, since cost drivers have an effect on which risks can be accepted and which need to be mitigated. The current version of the Usage Guide includes the following key concepts that should be considered in relation to the Criteria:
Assessing and managing storage solution risks: An organization can use risk management practices to identify and isolate long-term risks and reduce and mitigate impacts on digital preservation operations. Similarly, an organization can use risk assessment to compare digital preservation storage solutions that address different sets of criteria. Because digital preservation storage solutions must be sustained, it is useful to have a consistent methodology for risk management that can be used by the organization over time, even as solutions change. The description of risk management is based on various literature from both the digital preservation community (Digital Curation Center and DigitalPreservationEurope, 2015; Digital Preservation Coalition, 2015) and outside the community (European Banking Authority, 2019; Joint Task Force Transformation Initiative, 2011, 2015).
Independence between copies: For digital preservation storage, risk management must take into account that either no data or only an acceptable amount of data may become lost. This means preventing or reducing the likelihood that one event or incident can harm several copies of the data. The best way to mitigate such risks is to make the copies independent in a way that prevents the same event or incident from harming multiple copies. The individual criteria related to organizational governance, geographic location and technical dependencies should be considered together because of their combined effect on the degree to which each copy can be relied on. The description of independence is based on a number of references (Rosenthal, 2010; Zierau, 2012, 2018; Zierau and Schultz, 2013).
Interplay between number of copies, independence of copies and the integrity monitoring of those copies: A full risk assessment of digital preservation storage needs to include three essential elements, which are required for evaluating whether a digital preservation storage solution provides the required level of bit safety: (1) ‘number of copies’, where there should be enough copies available to survive the loss of some of the copies; (2) ‘independence between copies’, to mitigate the risks of losing all copies at one event; and (3) ‘integrity checks (of copies and among copies)’, to ensure the continued fidelity of the copies. Together, considerations of these elements determine the degree to which bits are kept safe. Integrity considerations are also a component of information security in combination with requirements for availability and confidentiality, necessitating a balance among these considerations in planning and implementation. The description of the basic elements is based on a number of references (Rosenthal, 2010; Zierau, 2012, 2018; Zierau and Schultz, 2013).
Assessing storage costs: The costs of storage solutions may cause an institution to make difficult decisions about the relative importance of individual digital preservation storage criteria and which risks are acceptable in order to meet budget requirements. An organization can use cost analysis to identify and isolate storage solution costs that are specific to digital preservation, and/or to compare the costs of storage solutions that address different sets of criteria. The description of the cost assessment is based on various literature from both the digital preservation community (4C, 2014a, 2014b; Wright et al., 2009) and outside the community (International Cost Estimating and Analysis Association, 2020; United States Government Accountability Office, 2009).
As the key concepts in the Usage Guide are interrelated, each organization can take into account how these concepts are related and relevant to their particular situation for evaluating and using the Criteria. The Usage Guide is designed to outline issues and provide direction for available resources that may help organizations to get the most out of the Criteria. In the work with mapping standards to the Criteria, it has become apparent that there are additional concepts that need to be added to the Usage Guide. These are:
Considering how an organization supports storage criteria: The organization’s policies and strategies are important to maintain and sustain digital preservation storage over the long term.
Ensuring sufficient level of documentation: The level of documentation of digital preservation actions is crucial for performing health checks or proving compliance with policies and audits.
Establishment of needed service-level agreements: Both internal and external service-level agreements can be crucial for ensuring that the service will meet the organization’s digital preservation storage requirements.
The Criteria’s logo illustrates the interconnectedness of the considerations discussed in the Usage Guide (see Figure 1).

An image of copies threatened by an erupting volcano, which is used to illustrate the need for the Criteria.
If all copies of the digital materials are co-located at an erupting volcano, it will not matter whether there are 10, 100 or 1000 copies, since all will be lost if an eruption occurs. This is because the copies are not placed in geographically independent locations. The Criteria could be used with risk management and, of course, cost considerations to make a set-up which is so safe that we do not need to rely on luck.
Using the Criteria
The Criteria were developed to help any organization that is responsible for the storage and long-term preservation of digital materials, as well as other audiences – for example, providers of digital preservation storage and digital preservation instructors. For each of these audiences, multiple ways of using the Criteria were envisioned (see Table 3).
The audiences and uses of the Criteria.
In practice, the Criteria have been used in the ways described in Table 3 by a variety of institutions.
At the ‘Using the Digital Preservation Storage Criteria’ workshop at iPRES 2018 (Goethals, Mandelbaum, Schaefer, et al., 2018), individuals from five different cultural heritage and academic organizations shared practical examples of how the Criteria had been used within their organizations. One of these institutions demonstrated well that the Criteria could be used in a variety of ways. This university had used the Criteria (1) as a reference for the Digital Curation Librarian; (2) to expand conversations and thinking between the library and other parts of the university; (3) as a component of its evaluation of institutional repository platforms; and (4) for a gap analysis of the campus’s storage infrastructure. Here are further examples of how the Criteria have been used to advance understanding and good practice: The Criteria Working Group used the Criteria as a basis for an educational game to help individuals think about the characteristics of digital preservation storage. MIT Libraries used the Criteria to develop the appropriate digital preservation service for its collections. Archives New Zealand used the Criteria as a framework for the storage component of the digital preservation guidance it provides to institutions. The University of Melbourne used the Criteria as a starting point for generating discussion and for ultimately developing its storage requirements for preserving its collections.
Used for education by the Criteria Working Group
For an iPRES 2018 workshop, the Criteria Working Group created the Criteria game (Goethals et al., 2019) to introduce the workshop participants to the Criteria. The game board is divided into an equal number of tiles labelled as either ‘must have’, ‘nice to have’ or ‘can do without’. Players take turns selecting a criterion card, reading the definition if they are not familiar with the concept, and then choosing to classify it as a ‘must have’, ‘nice to have’ or ‘can do without’ (see Figure 2).

A player of the Criteria game.
Each player is randomly assigned an organizational role that provides context for considering the relative importance of the criterion. For example, one role is: ‘You are from a small cultural heritage society with few resources but unique material’. A person with this role might rate high availability as a ‘can do without’ because of the high financial cost of achieving this objective. Another example role is: ‘You manage an archive with confidential and highly sensitive material’. A person in this role might classify encrypted transfer as a ‘must have’ because of the security requirements of this material.
When a player places a criterion card on a game tile, they must give a reason for classifying it in the way they have. For example, the player classifying encrypted transfer as a ‘must have’ could say: ‘My institution’s security policy requires confidential and highly sensitive material to be encrypted whenever it is in transit, so this is a must-have requirement’. The reason for this game rule is that it gives players an opportunity to practise making the case for particular digital preservation storage characteristics, as they might have to do within their own organizations. It also gives them a chance to think about different contexts and how they might affect the relative importance of the criteria.
Used for infrastructure design by MIT Libraries
During a multi-year project, MIT Libraries used the Criteria to develop and launch its Comprehensive Digital Preservation Services (CDPS). Initially, the Criteria helped the CDPS team discuss and explore the requirements for digital preservation storage, and then to define and complete a review of the Criteria. The process informed the definitions in the ‘Levels of digital preservation commitment’ (McGovern and Smith, 2020) document, which outlines the categories of digital content that MIT Libraries intends to preserve, with the corresponding care level. The levels helped to right-size digital preservation storage options for components of MIT Libraries’ digital collections. The review results framed the CDPS foundational services that include digital preservation storage and informed the MIT Libraries Maintenance and Support Plan for CDPS. The CDPS Criteria review included the following steps: Rank the Criteria for CDPS: The CDPS team ranked the Criteria as each applied to this phase of digital preservation storage development. Define provider service status: The CDPS team suggested a service status for each criterion, and the two providers for MIT’s digital preservation storage confirmed or modified in completing their responses. Criteria review response review: The CDPS team iteratively reviewed the provider responses until responses for all of the Criteria were complete and documented. Evaluate Criteria review response: The CDPS team combined the responses into one spreadsheet that informed the development of the CDPS Maintenance and Support Plan and is being used to monitor and assess CDPS. This spreadsheet will be updated as new versions of the Criteria are shared. Synthesize results for service features: The CDPS team synthesized the Criteria review results into a set of CDPS service features and characteristics that is appended to the Maintenance and Support Plan and will be used in monitoring and enhancing CDPS. Define service responsibilities: The CDPS team defined an initial RASCI matrix for CDPS that specifies roles (responsible, accountable, supporting, consulted and informed) for digital preservation, digital archives and information technology responsibilities.
MIT Libraries launched CDPS in June 2020 with Archivematica and digital preservation storage. The CDPS team is monitoring the services and will evaluate them at the end of Year 1 using the results of the Criteria review. Details of MIT’s Criteria review with illustrations are available on the Criteria’s website (McGovern, 2020).
Used for guidance by Archives New Zealand
Archives New Zealand provides online guides and resources to help information managers meet the requirements of relevant laws and standards and implement good practice. One guidance section is on the operational implementation of records and information management, including best practice guidance on digital storage and preservation (Archives New Zealand, 2020). Archives New Zealand used the Criteria as a basis for its guidance on digital preservation storage, adapting them to fit the context of information and records management.
The guidance is structured under headings that map to many of the Criteria’s categories: Content integrity and authenticity; Content discovery, identification and reuse; Flexibility; Information and system security; Resilience; Scalability and performance; Support; Transparency; Risk management.
Archives New Zealand adapted the Criteria to emphasize what it determined to be important in its information and records management context. For example, the ability to support content authenticity is made explicit as an important characteristic to consider for digital preservation storage. This is how the Criteria were intended to be used – as a community resource that can be adapted to fit local contexts.
Used to develop requirements by the University of Melbourne
One of the University of Melbourne’s key principles defined in its digital preservation strategy (Shadbolt et al., 2013) is to commit to ongoing investment in high-quality infrastructure, including a secure, persistent storage infrastructure. To define its requirements for digital preservation storage, it ran a workshop (Weatherburn, 2018), bringing together university archivists, records managers and information technology staff to discuss their digital collections and their digital preservation storage requirements. The goals of the workshop were to gain a shared understanding of acceptable digital preservation storage and articulate requirements and general principles. Version 2 of the Criteria was used as a starting point for discussion, and from this a set of 24 of the Criteria was selected as particularly important for the University of Melbourne’s context (see Table 4).
The subset of the Criteria prioritized as important to the University of Melbourne.
One of the guiding principles of the Criteria is that not all of the Criteria will be applicable to all institutions. They are meant to be used as a base for deciding what is most important given local policies, applicable regulations, needs and preferences. This example of the University of Melbourne shows how organizations can bring together key stakeholders in a similar exercise to prioritize the Criteria based on their local context.
Discussion
Differences in perspectives can alter the interpretation of the Criteria and highlight additional considerations. Depending on the role an institution plays with regard to digital preservation storage, each criterion could be interpreted as having a ‘providing’ or ‘receiving’ implication. For example, the documented access criterion is defined as: ‘Provides immutable logs and/or reports that show all file system access’. A digital preservation storage service provider could interpret this criterion to mean that they are responsible for providing the logs and reports, while an institution purchasing digital preservation storage from a vendor could interpret this criterion to mean that it expects to receive the logs and reports.
In addition, the standards currently mapped to the Criteria can provide users with further considerations from the perspectives of different disciplines. For example, the adapts to requirements criterion refers to the need for digital preservation storage to be adjustable so that it can adapt to changing requirements. In ISO 16363, the standard for trusted digital repositories, this adaptability is important so that the preservation repository can provide an appropriate level of service to repository users. This standard also points out that supporting processes will be required to regularly monitor technological changes so organizations can evaluate and decide whether to implement these changes to their digital preservation storage (International Organization for Standardization, 2012a). In ISO/IEC 27001, a standard for information security management systems, this adaptability is important, particularly around an organization’s requirements for information classification, information value and criticality, cryptographic controls and processes for handling assets, so that the system can adhere to any agreements, legislation or regulation when necessary (International Organization for Standardization, 2013b).
Developing the Criteria using an iterative and collaborative approach ensures that they remain continually relevant to their users and informs quality practices in an era when technological change is commonplace. In each iterative cycle, the Criteria are updated based on feedback and shared learning from users across different types of organizations within the digital preservation community. This approach takes advantage of the collective and evolving experience, knowledge and differing perspectives from within the community to help refine the Criteria and identify gaps where they exist. By reviewing the Criteria and the accompanying Usage Guide iteratively, they can be updated during each cycle to incorporate relevant criteria and key contextual considerations in response to the latest storage technological advances and changing institutional requirements for digital preservation storage. In addition, up-to-date standards that are relevant to digital preservation storage can be reviewed and mapped to better support the Criteria and ensure their ongoing relevance.
Future development
Looking ahead, the Criteria Working Group will review the working definitions of the Criteria categories and incorporate new criteria identified as a result of the standards-mapping activity. The Usage Guide will be expanded to include special topics, such as service-level agreements, documentation and organizational aspects, or other areas that will further support the use of the Criteria by the digital preservation community. The Working Group will also share a Standards-Mapping Document, which demonstrates areas of the selected standards that are pertinent to the Criteria. On a continuing basis over time, additional standards relevant to digital preservation storage will be mapped to the Criteria. For example, the upcoming revision of ISO 14721 will be reviewed by the Working Group. The Working Group will continue to engage with the digital preservation community on further development of the Criteria, the Standards-Mapping Document and the Usage Guide.
Footnotes
Acknowledgements
The authors thank Jane Mandelbaum for providing invaluable feedback to this article as one of the core members of the Digital Preservation Storage Working Group. They also thank MIT Libraries, Archives New Zealand, Jaye Weatherburn and the University of Melbourne for sharing their experience of using the Digital Preservation Storage Criteria.
Declaration of conflicting interests
The authors declared no potential conflicts of interest with respect to the research, authorship and/or publication of this article.
Funding
The authors received no financial support for the research, authorship and/or publication of this article.
