5.2.3 Staff shall have delineated roles, responsibilities, and authorizations related to implementing changes

5.2.3 - The repository staff shall have delineated roles, responsibilities, and authorizations related to implementing changes within the system.

As described in CLOCKSS: Governance and Organization, the CLOCKSS Board has outsourced the operation of the CLOCKSS Archive to the LOCKSS team:

• The delineated roles and responsibilities that the various categories of LOCKSS team staff have in implementing changes to the software and configuration information are described in the Internal Attack section of CLOCKSS: Threats and Mitigations.
• The roles and responsibilities for changing operational procedures are described in CLOCKSS: Box Operations.
• The techniques used to prevent staff exceeding their authorizations are described in the Internal Attack section of CLOCKSS: Threats and Mitigations and, for the property server, in LOCKSS: Property Server Operations.

Relevant Documents

1. CLOCKSS: Governance and Organization
2. CLOCKSS: Box Operations
3. LOCKSS: Property Server Operations
4. CLOCKSS: Threats and Mitigations