Space data and information transfer systems — Requirements for bodies providing audit and certification of candidate trustworthy digital repositories

ISO 16919:2014 is meant primarily for those setting up and managing the organization performing the auditing and certification of digital repositories. It should also be of use to those who work in or are responsible for digital repositories seeking objective measurement of the trustworthiness of their repository and wishing to understand the processes involved. The main purpose is to define a CCSDS Recommended Practice (and ISO International Standard) on which to base the operations of the organization(s) which assess the trustworthiness of digital repositories using ISO 16363 and provide the appropriate certification. ISO 16919:2014 specifies requirements for bodies providing audit and certification of digital repositories, based on the metrics contained within ISO/IEC 17021 and CCSDS 652.0-M-1/ISO 16363. It is primarily intended to support the accreditation of bodies providing such certification. ISO/IEC 17021 provides the bulk of the requirements on bodies offering audit and certification for general types of management systems. However, for each specific type of system, specific additional requirements will be needed, for example, to specify the standard against which the audit is to be made and the qualifications which auditors require. ISO 16919:2014 provides the (small number of) specific additions required for bodies providing audit and certification of candidate trustworthy digital repositories. Trustworthy here means that they can be trusted to maintain, over the long-term, the understandability and usability of digitally encoded information placed into their safekeeping. In order improve readability, the clause numbers are kept consistent with those of ISO/IEC 17021. Some subclauses are applicable as they stand, and these are simply enumerated; otherwise additions to subclauses are explicitly given. In the former case, the clauses may consist of just a few sentences. As a result, this document must be read in conjunction with ISO/IEC 17021. The requirements contained in this document need to be demonstrated in terms of competence and reliability by any organization or body providing certification of digital repositories.

Systèmes de transfert des informations et données spatiales — Exigences pour les organismes d'audit et de certification des référentiels numériques potentiellement de confiance

General Information

Status
Published
Publication Date
28-Oct-2014
Current Stage
9092 - International Standard to be revised
Completion Date
14-Jul-2023
Ref Project

Buy Standard

Standard
ISO 16919:2014 - Space data and information transfer systems -- Requirements for bodies providing audit and certification of candidate trustworthy digital repositories
English language
22 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO
STANDARD 16919
First edition
2014-11-01
Space data and information transfer
systems — Requirements for bodies
providing audit and certification of
candidate trustworthy digital repositories
Systèmes de transfert des informations et données spatiales —
Exigences pour les organismes d'audit et de certification des
référentiels numériques potentiellement de confiance
Reference number
ISO 16919:2014(E)
©
ISO 2014

---------------------- Page: 1 ----------------------
ISO 16919:2014(E)
COPYRIGHT PROTECTED DOCUMENT
©  ISO 2014
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any
means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior written permission.
Permission can be requested from either ISO at the address below or ISO’s member body in the country of the requester.
ISO copyright office
Case postale 56  CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2014 – All rights reserved

---------------------- Page: 2 ----------------------
ISO 16919:2014(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO
member bodies). The work of preparing International Standards is normally carried out through ISO technical
committees. Each member body interested in a subject for which a technical committee has been established has
the right to be represented on that committee. International organizations, governmental and non-governmental, in
liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical
Commission (IEC) on all matters of electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are described in the
ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types of ISO
documents should be noted. This document was drafted in accordance with the editorial rules of the
ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights.
ISO shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified
during the development of the document will be in the Introduction and/or on the ISO list of patent declarations
received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not constitute an
endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as
well as information about ISO's adherence to the WTO principles in the Technical Barriers to Trade (TBT) see the
following URL: Foreword - Supplementary information
ISO 16919 was prepared by the Consultative Committee for Space Data Systems (CCSDS) (as CCSDS 652.1-M-
2, March 2014) and was adopted (without modifications except those stated in Clause 2 of this International
Standard) by Technical Committee ISO/TC 20, Aircraft and space vehicles, Subcommittee SC 13, Space data and
information transfer systems.
© ISO 2014 – All rights reserved
iii

---------------------- Page: 3 ----------------------
INTERNATIONAL STANDARD ISO 16919:2014(E)

Space data and information transfer systems — Requirements
for bodies providing audit and certification of candidate
trustworthy digital repositories
1 Scope
The main purpose of this document is to define a CCSDS Recommended Practice and ISO International
Standard on which to base the operations of the organization(s) which assess the trustworthiness of digital
repositories using ISO 16363 and provide the appropriate certification. This document specifies requirements
for bodies providing audit and certification of digital repositories, based on the metrics contained within
ISO/IEC 17021 and CCSDS 652.0-M-1/ISO 16363. It is primarily intended to support the accreditation of
bodies providing such certification.
ISO/IEC 17021 provides the bulk of the requirements on bodies offering audit and certification for general
types of management systems. However, for each specific type of system, specific additional requirements
will be needed, for example, to specify the standard against which the audit is to be made and the
qualifications which auditors require.
This document provides the (small number of) specific additions required for bodies providing audit and
certification of candidate trustworthy digital repositories. Trustworthy here means that they can be trusted to
maintain, over the long-term, the understandability and usability of digitally encoded information placed into
their safekeeping.
In order improve readability, the clause numbers are kept consistent with those of ISO/IEC 17021. Some
subclauses are applicable as they stand, and these are simply enumerated; otherwise additions to subclauses
are explicitly given. In the former case, the clauses may consist of just a few sentences. As a result, this
document must be read in conjunction with ISO/IEC 17021.
The requirements contained in this CCSDS Recommended Practice need to be demonstrated in terms of
competence and reliability by any organization or body providing certification of digital repositories
This document is meant primarily for those setting up and managing the organization performing the auditing
and certification of digital repositories.
It should also be of use to those who work in or are responsible for digital repositories seeking objective
measurement of the trustworthiness of their repository and wishing to understand the processes involved.
2 Requirements
Requirements are the technical recommendations made in the following publication (reproduced on the
following pages), which is adopted as an International Standard:
CCSDS 652.1-M-2, March 2014, Requirements for Bodies Providing Audit and Certification of Candidate
Trustworthy Digital Repositories
For the purposes of international standardization, the modifications outlined below shall apply to the specific
clauses and paragraphs of publication CCSDS 652.1-M-2.
Pages i to vi
© ISO 2014 – All rights reserved 1

---------------------- Page: 4 ----------------------
ISO 16919:2014(E)
This part is information which is relevant to the CCSDS publication only.
3 Revision of publication CCSDS 652.1-M-2
It has been agreed with the Consultative Committee for Space Data Systems that Subcommittee
ISO/TC 20/SC 13 will be consulted in the event of any revision or amendment of publication CCSDS 652.1-M-
2. To this end, NASA will act as a liaison body between CCSDS and ISO.
2 © ISO 2014 – All rights reserved

---------------------- Page: 5 ----------------------
ISO 16919:2014(E)
Recommendation for Space Data System Practices
REQUIREMENTS FOR BODIES
PROVIDING AUDIT AND
CERTIFICATION OF
CANDIDATE TRUSTWORTHY
DIGITAL REPOSITORIES
RECOMMENDED PRACTICE
CCSDS 652.1-M-2
MAGENTA BOOK
March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 6 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
AUTHORITY
Issue: Recommended Practice, Issue 2
Date: March 2014
Location: Washington, DC, USA
This document has been approved for publication by the Management Council of the
Consultative Committee for Space Data Systems (CCSDS) and represents the consensus
technical agreement of the participating CCSDS Member Agencies. The procedure for
review and authorization of CCSDS documents is detailed in Organization and Processes for
the Consultative Committee for Space Data Systems (CCSDS A02.1-Y-3), and the record of
Agency participation in the authorization of this document can be obtained from the CCSDS
Secretariat at the address below.
This document is published and maintained by:
CCSDS Secretariat
Space Communications and Navigation Office, 7L70
Space Operations Mission Directorate
NASA Headquarters
Washington, DC 20546-0001, USA
CCSDS 652.1-M-2 Page i March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 7 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
STATEMENT OF INTENT
The Consultative Committee for Space Data Systems (CCSDS) is an organization officially
established by the management of its members. The Committee meets periodically to address
data systems problems that are common to all participants, and to formulate sound technical
solutions to these problems. Inasmuch as participation in the CCSDS is completely
voluntary, the results of Committee actions are termed Recommendations and are not in
themselves considered binding on any Agency.
CCSDS Recommendations take two forms: Recommended Standards that are prescriptive
and are the formal vehicles by which CCSDS Agencies create the standards that specify how
elements of their space mission support infrastructure shall operate and interoperate with
others; and Recommended Practices that are more descriptive in nature and are intended to
provide general guidance about how to approach a particular problem associated with space
mission support. This Recommended Practice is issued by, and represents the consensus of,
the CCSDS members. Endorsement of this Recommended Practice is entirely voluntary
and does not imply a commitment by any Agency or organization to implement its
recommendations in a prescriptive sense.
No later than five years from its date of issuance, this Recommended Practice will be
reviewed by the CCSDS to determine whether it should: (1) remain in effect without change;
(2) be changed to reflect the impact of new technologies, new requirements, or new
directions; or (3) be retired or canceled.
In those instances when a new version of a Recommended Practice is issued, existing
CCSDS-related member Practices and implementations are not negated or deemed to be non-
CCSDS compatible. It is the responsibility of each member to determine when such Practices
or implementations are to be modified. Each member is, however, strongly encouraged to
direct planning for its new Practices and implementations towards the later version of the
Recommended Practice.
CCSDS 652.1-M-2 Page ii March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 8 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
FOREWORD
This document is a technical Recommended Practice to use for setting the requirements for
bodies providing audit and certification of trustworthy digital repositories.
Through the process of normal evolution, it is expected that expansion, deletion, or
modification of this document may occur. This Recommended Practice is therefore subject
to CCSDS document management and change control procedures, which are defined in the
Organization and Processes for the Consultative Committee for Space Data Systems
(CCSDS A02.1-Y-3). Current versions of CCSDS documents are maintained at the CCSDS
Web site:
http://www.ccsds.org/
Questions relating to the contents or status of this document should be addressed to the
CCSDS Secretariat at the address indicated on page i.
CCSDS 652.1-M-2 Page iii March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 9 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
At time of publication, the active Member and Observer Agencies of the CCSDS were:
Member Agencies
– Agenzia Spaziale Italiana (ASI)/Italy.
– Canadian Space Agency (CSA)/Canada.
– Centre National d’Etudes Spatiales (CNES)/France.
– China National Space Administration (CNSA)/People’s Republic of China.
– Deutsches Zentrum für Luft- und Raumfahrt (DLR)/Germany.
– European Space Agency (ESA)/Europe.
– Federal Space Agency (FSA)/Russian Federation.
– Instituto Nacional de Pesquisas Espaciais (INPE)/Brazil.
– Japan Aerospace Exploration Agency (JAXA)/Japan.
– National Aeronautics and Space Administration (NASA)/USA.
– UK Space Agency/United Kingdom.
Observer Agencies
– Austrian Space Agency (ASA)/Austria.
– Belgian Federal Science Policy Office (BFSPO)/Belgium.
– Central Research Institute of Machine Building (TsNIIMash)/Russian Federation.
– China Satellite Launch and Tracking Control General, Beijing Institute of Tracking
and Telecommunications Technology (CLTC/BITTT)/China.
– Chinese Academy of Sciences (CAS)/China.
– Chinese Academy of Space Technology (CAST)/China.
– Commonwealth Scientific and Industrial Research Organization (CSIRO)/Australia.
– Danish National Space Center (DNSC)/Denmark.
– Departamento de Ciência e Tecnologia Aeroespacial (DCTA)/Brazil.
– European Organization for the Exploitation of Meteorological Satellites
(EUMETSAT)/Europe.
– European Telecommunications Satellite Organization (EUTELSAT)/Europe.
– Geo-Informatics and Space Technology Development Agency (GISTDA)/Thailand.
– Hellenic National Space Committee (HNSC)/Greece.
– Indian Space Research Organization (ISRO)/India.
– Institute of Space Research (IKI)/Russian Federation.
– KFKI Research Institute for Particle & Nuclear Physics (KFKI)/Hungary.
– Korea Aerospace Research Institute (KARI)/Korea.
– Ministry of Communications (MOC)/Israel.
– National Institute of Information and Communications Technology (NICT)/Japan.
– National Oceanic and Atmospheric Administration (NOAA)/USA.
– National Space Agency of the Republic of Kazakhstan (NSARK)/Kazakhstan.
– National Space Organization (NSPO)/Chinese Taipei.
– Naval Center for Space Technology (NCST)/USA.
– Scientific and Technological Research Council of Turkey (TUBITAK)/Turkey.
– South African National Space Agency (SANSA)/Republic of South Africa.
– Space and Upper Atmosphere Research Commission (SUPARCO)/Pakistan.
– Swedish Space Corporation (SSC)/Sweden.
– Swiss Space Office (SSO)/Switzerland.
– United States Geological Survey (USGS)/USA.
CCSDS 652.1-M-2 Page iv March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 10 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
DOCUMENT CONTROL
Document Title Date Status
CCSDS Requirements for Bodies Providing November Original issue,
652.1-M-1 Audit and Certification of Candidate 2011 superseded
Trustworthy Digital Repositories,
Recommended Practice, Issue 1
CCSDS Requirements for Bodies Providing March 2014 Current issue
652.1-M-2 Audit and Certification of Candidate
Trustworthy Digital Repositories,
Recommended Practice, Issue 2
CCSDS 652.1-M-2 Page v March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 11 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
CONTENTS
Section Page
1 INTRODUCTION . 1-1
1.1 PURPOSE . 1-1
1.2 SCOPE . 1-1
1.3 APPLICABILITY . 1-1
1.4 RATIONALE . 1-2
1.5 STRUCTURE OF THIS DOCUMENT. 1-2
1.6 DEFINITIONS . 1-3
1.7 CONFORMANCE . 1-4
1.8 REFERENCES . 1-4
2 OVERVIEW . 2-1
3 RESERVED . 3-1
4 PRINCIPLES . 4-1
5 GENERAL REQUIREMENTS . 5-1
5.1 LEGAL AND CONTRACTUAL MATTERS . 5-1
5.2 MANAGEMENT OF IMPARTIALITY . 5-1
5.3 LIABILITY AND FINANCING . 5-1
6 STRUCTURAL REQUIREMENTS . 6-1
7 RESOURCE REQUIREMENTS . 7-1
7.1 COMPETENCE OF MANAGEMENT AND PERSONNEL . 7-1
7.2 PERSONNEL INVOLVED IN THE CERTIFICATION ACTIVITIES . 7-1
7.3 USE OF INDIVIDUAL EXTERNAL AUDITORS AND EXTERNAL
TECHNICAL EXPERTS . 7-1
7.4 PERSONNEL RECORDS . 7-2
7.5 OUTSOURCING . 7-2
8 INFORMATION REQUIREMENTS . 8-1
8.1 PUBLICLY ACCESSIBLE INFORMATION . 8-1
8.2 CERTIFICATION DOCUMENTS . 8-1
8.3 DIRECTORY OF CERTIFIED CLIENTS . 8-1
8.4 REFERENCE TO CERTIFICATION AND USE OF MARKS . 8-1
CCSDS 652.1-M-2 Page vi March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 12 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
CONTENTS (continued)
Section Page
8.5 CONFIDENTIALITY . 8-1
8.6 INFORMATION EXCHANGE BETWEEN A CERTIFICATION
BODY AND ITS CLIENTS . 8-1
9 PROCESS REQUIREMENTS . 9-1
10 MANAGEMENT SYSTEM REQUIREMENTS FOR
CERTIFICATION BODIES . 10-1
ANNEX A REQUIRED TRUSTED DIGITAL REPOSITORY MANAGEMENT
SYSTEM (TDRMS) COMPETENCIES (NORMATIVE) . A-1
ANNEX B SECURITY (INFORMATIVE) .B-1
CCSDS 652.1-M-2 Page vii March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 13 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
1 INTRODUCTION
1.1 PURPOSE
The main purpose of this document is to define a CCSDS Recommended Practice (and ISO
standard) on which to base the operations of the organization(s) which assess the
trustworthiness of digital repositories using ISO 16363 (reference [1]) and provide the
appropriate certification. This document specifies requirements for bodies providing audit
and certification of digital repositories, based on the metrics contained within ISO/IEC
17021 (reference [4]) and CCSDS 652.0-M-1/ISO 16363 (reference [1]). It is primarily
intended to support the accreditation of bodies providing such certification.
ISO/IEC 17021 provides the bulk of the requirements on bodies offering audit and
certification for general types of management systems. However, for each specific type of
system, specific additional requirements will be needed, for example, to specify the standard
against which the audit is to be made and the qualifications which auditors require.
This document provides the (small number of) specific additions required for bodies
providing audit and certification of candidate trustworthy digital repositories. Trustworthy
here means that they can be trusted to maintain, over the long-term, the understandability and
usability of digitally encoded information placed into their safekeeping.
In order improve readability the section numbers are kept consistent with those of ISO/IEC
17021. Some subsections are applicable as they stand, and these are simply enumerated;
otherwise additions to subsections are explicitly given. In the former case the sections may
consist of just a few sentences. As a result this document must be read in conjunction with
ISO/IEC 17021.
1.2 SCOPE
The requirements contained in this CCSDS Recommended Practice need to be demonstrated
in terms of competence and reliability by any organization or body providing certification of
digital repositories.
1.3 APPLICABILITY
This document is meant primarily for those setting up and managing the organization
performing the auditing and certification of digital repositories.
It should also be of use to those who work in or are responsible for digital repositories
seeking objective measurement of the trustworthiness of their repository and wishing to
understand the processes involved.
CCSDS 652.1-M-2 Page 1-1 March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 14 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
1.4 RATIONALE
There is a hierarchy of standards concerned with good auditing practice (references [3]-[5]).
This document is positioned within this hierarchy in order to ensure that these good practices
can be applied to the evaluation of the trustworthiness of digital repositories.
ISO/IEC 17021 Conformity assessment — Requirements for bodies providing audit and
certification of management systems (reference [5]) is an International Standard which sets
out criteria for bodies operating audit and certification of organizations’ management
systems. If such bodies are to be accredited as complying with ISO/IEC 17021 with the
objective of auditing and certifying candidate trustworthy digital repositories in accordance
with CCSDS 652.0-M-1/ISO 16363 (reference [1]), some requirements that are additional to
ISO/IEC 17021 are necessary. These are provided by this document.
The text in sections 4 to 10 in this document follows the structure of ISO/IEC 17021, with
specific additions on the application of ISO/IEC 17021 for certification of candidate
trustworthy digital repositories.
1.5 STRUCTURE OF THIS DOCUMENT
This document is divided into informative and normative sections and annexes.
Sections 1-2 of this document give a high-level view of the rationale, the conceptual
environment, some of the important design issues and an introduction to the terminology and
concepts.
– Section 1 gives purpose and scope, rationale, a view of the overall document
structure, and the acronym list, glossary, and reference list for this document. These
are normative.
– Section 2 provides an overview of auditing practices. This is informative.
– Section 3 is reserved for future use.
– Section 4 states the principles that apply.
– Sections 5 to 10 provide the normative rules against which an organization providing
audit and certification of candidate trustworthy digital repositories may be judged,
based on ISO/IEC 17021 (reference [4]).
– Annex A specifies the trusted digital repository management system competencies for
certification body personnel for specific certification functions.
– Annex B is a CCSDS-required informative discussion of the security implications of
applying this CCSDS Recommended Practice.
CCSDS 652.1-M-2 Page 1-2 March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 15 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
1.6 DEFINITIONS
1.6.1 ACRONYMS AND ABBREVIATIONS
CAB conformity assessment body
CCSDS Consultative Committee for Space Data Systems
IEC International Electrotechnical Commission
ISO International Organization for Standardization
OAIS Open Archival Information System
TDR trustworthy digital repository
TDRMS trustworthy digital repository management system
1.6.2 TERMINOLOGY
1.6.2.1 General
Digital preservation interests a range of different communities, each with a distinct
vocabulary and local definitions for key terms. A glossary is included in this document, but it
is important to draw attention to the usage of several key terms.
In general, key terms in this document have been adopted from the Open Archival
Information System (OAIS) Reference Model (reference [2]). One of the great strengths of
the OAIS Reference Model has been to provide a common terminology made up of terms
‘not already overloaded with meaning so as to reduce conveying unintended meanings’.
Because the OAIS has become a foundational document for digital preservation, the common
terms are well understood and are therefore used within this document.
The OAIS Reference Model uses ‘digital archive’ to mean the organization responsible for
digital preservation. In this document, the term ‘repository’ or phrase ‘digital repository’ is
used to convey the same concept in all instances except when quoting from the OAIS, and is
used to denote any type of digital repository; it may be a Trustworthy Digital Repository
(TDR), a candidate TDR, a lapsed TDR, or one not seeking certification. It is important to
understand that in all instances in this document, ‘repository’ and ‘digital repository’ are
used to convey digital repositories and archives that have, or contribute to, long-term
preservation responsibilities and functionality.
1.6.2.2 Glossary
For the purposes of this document, the terms and definitions given in ISO/IEC 17021
(reference [4]), CCSDS 650.0-B-1/ISO 14721 (reference [2]), CCSDS 652.0-M-1/ISO 16363
(reference [1]), ISO 9000:2005 (reference [3]) and the following apply.
trustworthy digital repository, TDR: A repository which has a current certification.
CCSDS 652.1-M-2 Page 1-3 March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 16 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
1.6.3 NOMENCLATURE
The following conventions apply throughout this Recommended Practice:
a) the words ‘shall’ and ‘must’ imply a binding and verifiable specification;
b) the word ‘should’ implies an optional, but desirable, specification;
c) the word ‘may’ implies an optional specification;
d) the words ‘is’, ‘are’, and ‘will’ imply statements of fact.
1.7 CONFORMANCE
An organization which provides audit and certification for TDRs conforms to this
recommended practice if it fulfils all the binding and verifiable specifications in this
document.
1.8 REFERENCES
The following publications contain provisions which, through reference in this text,
constitute provisions of this document. At the time of publication, the editions indicated
were valid. All publications are subject to revision, and users of this document are
encouraged to investigate the possibility of applying the most recent editions of the
publications indicated below. The CCSDS Secretariat maintains a register of currently valid
CCSDS publications.
[1] Audit and Certification of Trustworthy Digital Repositories. Issue 1. Recommendation
for Space Data System Practices (Magenta Book), CCSDS 652.0-M-1. Washington,
D.C.: CCSDS, September 2011. [Equivalent to ISO 16363:2012]
[2] Reference Model for an Open Archival Information System (OAIS). Issue 1.
Recommendation for Space Data System Standards (Blue Book), CCSDS 650.0-B-1.
Washington, D.C.: CCSDS, January 2002. [Equivalent to ISO 14721:2003]
[3] Quality Management Systems—Fundamentals and Vocabulary. 3rd ed. International
Standard, ISO 9000:2005. Geneva: ISO, 2005.
[4] Conformity Assessment—Requirements for Bodies Providing Audit and Certification of
Management Systems. 2nd ed. International Standard, ISO/IEC 17021:2011. Geneva:
ISO, 2011.
[5] Conformity Assessment—Vocabulary and General Principles. International Standard,
ISO/IEC 17000:2004. Geneva: ISO, 2004.
CCSDS 652.1-M-2 Page 1-4 March 2014
© ISO 2014 – All rights reserved

---------------------- Page: 17 ----------------------
ISO 16919:2014(E)
RECOMMENDED PRACTICE FOR REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF CANDIDATE TRUSTWORTHY DIGITAL REPOSITORIES
2 OVERVIEW
This document addresses issues arising from ap
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.