Long-term security of digital information: Assessment through risk management and Enterprise Architecture

The Digital Preservation community is used to address digital preservation in a problem centric perspective, where the expected common solution is a dedicated Open Archival Information System Reference Model compliant system. In this paper we raise a new perspective to address digital preservation as a long-term information security problem ideally addressed in the origin by the initial information system that has created or makes direct use of the objects where, in some scenario, they can be better protected against several threats that can affect their future interpretation and reuse. In order to achieve this goal, we suggest the use of Risk Management processes in collaboration with Enterprise Architecture processes. The relations between these two processes are detailed, showing how each phase of one process can positively influence a phase on the other process. Finally, in order to illustrate this approach, we present a risk assessment of a scenario concerning dam structural safety information.