5.2.3 Staff shall have delineated roles, responsibilities, and authorizations related to implementing changes
From CLOCKSS Trusted Digital Repository Documents
As described in CLOCKSS: Governance and Organization, the CLOCKSS Board has outsourced the operation of the CLOCKSS Archive to the LOCKSS team:
- The delineated roles and responsibilities that the various categories of LOCKSS team staff have in implementing changes to the software and configuration information are described in the Internal Attack section of CLOCKSS: Threats and Mitigations.
- The roles and responsibilities for changing operational procedures are described in CLOCKSS: Box Operations.
- The techniques used to prevent staff exceeding their authorizations are described in the Internal Attack section of CLOCKSS: Threats and Mitigations and, for the property server, in LOCKSS: Property Server Operations.