• Register

Who uses the SPOT Model for Risk Assessment?

+1 vote
I'm currently investigating using the Simple Property-Oriented Threat (SPOT) Model for risk assessing our repository content and I'd like to know if anyone else is using it in practice? 
Two example organisations (Statistics New Zealand and the Florida Digital Archive are including in the D-Lib article), but I'd like to know if anyone else has attempted to use SPOT since 2012. Good and negative experiences welcome!
~Chris Fryer, Senior Digital Archivist, Parliamentary Archives
asked Dec 15, 2014 by fryerc (230 points)

1 Answer

0 votes
Not sure if the following qualifies more as answer or as comment, but here it goes:

Though I am not using the SPOT model (just became aware of its existence), I am using Barateiro's approach to risk identification and mitigation, since the end of last year. I have augmented his approach to incorporate other aspects we could use.

One particular note I made about previous models I was able to review, is the fact "content obsolescence" is not perceived as a threat. We all know content loses value, and a lack of awareness of it at minimum, or failure to include this consideration in the overall process, at best, is leading to economic and technological investments that preserve materials the designated community finds "irrelevant". Libraries are moving away from this model of acquire/keep first, then user find it useful next to "we'll acquire/keep" what users find mostly valuable. One might think of "Beauty lies in the eyes of the beholder", except that the beholder (community here in ArchiveLand) is rarely involved in the prior appraisal decision...nor in the "continued valuation of the preservation asset", if this viewpoint is admittedly not revolutionary. So, to extend the efficacy of the risk models, designated community input could be sought and given some kind of weight, in the overall risk management approach to digital preservation.

I must say, the report you are referencing is well documented and did a good analysis of what's available to propose a well-reasonned model. As for the SPOT model, you are the first I know that intends to use it. I would be interested in learning about your test-drive conclusions:-)
answered Feb 12, 2015 by tibaut.houzanme (750 points)
Interesting point about bringing designated communities into this approach. This highlights the underlying issue that there simply isn't enough work done to bring users into the mix... another question which merits attention. I'm trying to keep our own risk assessment as pragmatic as possible. After all, there's little point in undertaking risk exercises for the sake of it! They need to result in practical actions.