CPA3.3 Technical Resilience - Infrastructure

Purpose

The objective of infrastructural technical resilience is to ensure that in the event of failure of a key infrastructural component that there is sufficient resources to ensure continuation of functions and services of the repository to its designated community in accordance with policies and service level agreements.

CC3.3: Capability completeness of Technical Resilience - Infrastructure

  1. Initial: There is some awareness of the need for technical resilience, but this is not fully described or communicated. There is an intent to meet the specific objectives but there is no evidence of a procedure in place to do so.
  2. Partial: There is at least one required activity that is not present or not at a repeatable level. There is evidence that the direction the organisation is taking will lead to a complete capability in this area.
  3. Complete: All required activities are shown to be present in the organisation and at least at a defined level.

SO3.3.1: Digital Object Duplication

The organisation ensures that the authenticity of the digital objects deposited in its repository through a strategy of maintaining a series of duplications over time.

RA3.3.1.1: Data Backup and Storage Redundancy

The organisation ensures it has a strategy and procedure for sufficient data backup and storage redundancy to assure that it is possible to roll-back to a previous version of the data object if required in accordance with policy and service level agreements with depositors. The back-ups of the digital objects must be held at a separate location to the primary digital objects storage location.

(0) Not defined:

There is no evidence of a backup strategy or procedure. There is no evidence of offsite duplication of the data objects held by the repository.

(1) Initial:

Backups are made of the data objects held by the repository, but insufficient to facilitate roll-back to a specific version. There is no evidence of offsite backup or there is insufficient storage redundancy.

(2) Repeated/partial:

There is a procedure in place to make regular backups of the digital objects held by the repository. There may still be insufficient storage redundancy to ensure roll-back to meet policy or service level agreements.

(3) Defined:

The organisation has a strategy and procedure for automatic backup and duplication of digital objects held by the repository with sufficient storage redundancy. All backups are held at an offsite location and are available for restoration if required in accordance with policy and service level agreements.

(4) Managed:

The backup procedure is monitored and any identified issues recorded. Sufficient storage redundancy is continuously maintained as the number of digital objects held by the repository increases.

(5) Optimised:

At regular intervals the strategy, policy and procedure for data backup is reviewed and is adapted in accordance with policies and any service level agreements to meet the needs of the functions and services of the repository.

 

EA3.3.1.2: Consistency Checking Across Digital Object Copies

All copies of digital objects held by the repository are checked for authenticity and consistency. If an inconsistency is found then this is recorded and reported to the responsible role in accordance with organisational policy.

(0) Not defined:

There is no evidence of consistency checking or it is not applicable.

(1) Initial:

There are consistency checks but these are performed on a reactive ad hoc basis.

(2) Repeated/partial:

Consistency is checked on a regular basis but there is no defined procedure for doing so. Corrections are made but not reported or recorded.

(3) Defined:

All copies of digital objects held by the repository are checked for authenticity and consistency. If an inconsistency is found then this is recorded and reported to the responsible role in accordance with organisational policy.

(4) Managed:

Consistency checking is monitored. Levels of inconsistencies recorded are analysed and corrective procedures are implemented.

(5) Optimised:

At regular intervals the policy and procedures for consistency checking are reviewed and adapted if necessary and in accordance with organisational policy.

 

SO3.3.2: Data Storage Media Maintenance

The organisation ensures that the data storage media used for the repository does not cause a disruption to the service or corrupt (introduce errors into) the data.

RA3.3.2.1: Monitoring Deterioration of Data Storage Media

The deterioration of storage media is monitored, managed and maintained to a defined quality threshold. Identified faults are addressed in accordance with the management and maintenance plan.

(0) Not defined:

There is no monitoring of storage media failure or deterioration or it is not applicable.

(1) Initial:

When a failure occurs or when corruption of data has been identified then corrective measures are taken.

(2) Repeated/partial:

There is monitoring of storage media deterioration through the monitoring of data integrity and corrective measures are taken when faults appear. There is no quality threshold set for the storage media. When a media storage device has, or is about to, fail then it is managed according to common practice.

(3) Defined:

Storage media is monitored, managed and maintained to a defined quality threshold. Identified faults and data corruptions are addressed in accordance with the management and maintenance plan.

(4) Managed:

The level of corruption, error and failure of storage media is monitored as are the corrective procedures of the management and maintenance plan.

(5) Optimised:

At regular intervals the monitoring of the storage media is reviewed and altered if appropriate to do so.

 

EA3.3.2.2: Data Storage Media Replacement

At regular intervals the storage media is replaced even if no potential failure or deterioration has been detected, in accordance with the management and maintenance plan.

(0) Not defined:

There is no evidence awareness of or need to regular replacement of storage media or it is not applicable.

(1) Initial:

Some storage media is replaced depending upon its type.

(2) Repeated/partial:

There is regular replacement of storage media, but not in a predetermined and defined timeframe, only in the event of failure.

(3) Defined:

At regular intervals the storage media is replaced in accordance with the management and maintenance plan.

(4) Managed:

Management and replacement of storage media procedures are monitored and any discrepancies are recorded

(5) Optimised:

At regular intervals the policy for storage media replacement and the procedures for replacement are evaluated. Any changes to the policy and procedures are communicated to the relevant roles and stakeholders.

 

SO3.3.3: Network Redundancy

The organisation ensures that there is no one point in the communications network infrastructure where, in the event of unplanned network outages, then there would be an interruption in the access to repository services for a period of time longer than that defined in the organisation’s policies or service agreements.

EA3.3.3.1: Network Redundancy Planning

The network infrastructure has communications redundancy between the organisation and its designated communities such that if there is a network outage it does not affect the delivery of service in accordance with service policies or service level agreements.

(0) Not defined:

Not applicable or there is no evidence or no awareness of network redundancy planning

(1) Initial:

There is only one network connection between the services provided by the repository and the internet. There is a redundancy plan in place which will be implemented.

(2) Repeated/partial:

There are more than one network connection between the services provided by the repository and the Internet. Network resilience is not regularly tested.

(3) Defined:

There are more than one network connection between the services provided by the repository and the Internet. Network resilience is regularly tested.

(4) Managed:

Network resilience and the testing thereof are monitored and any discrepancies are recorded.

(5) Optimised:

At regular intervals the monitoring of the network resilience is assessed and changes made. Any changes are recorded in the technical management and maintenance plan and are communicated to the relevant roles and stakeholders.