As any auditor will tell you, your business always incurs risks whenever there is a transition, and a heightened risk when the transition is between two very different environments. How much are our problems multiplied when we also have to think through the migration of huge amounts of information from a physical process stream into a digital process stream, without losing continuity of service along the way? The fact that we are so bad at seeing these transitions through an information continuity lense means that embarrassing mistakes are too frequently made.
So in the transition from physical world to digital world, how do you ensure that information continuity is not put at risk? There are three key areas to watch out for, each one rooted in a common delusion about technology.
Information input
This is the point at which the information enters the digital world. In most e-government initiatives, it’s the citizen’s completion of a form, or the transfer of paper information by a keyboard operator into a database. Our main delusion here is “If I put it in, it’s inside, and if I put it in, the information is correct.” Not true.
Reliability and integrity of the information capture is imperative, and not just from the inputter’s point of view. Yes, maybe the information was input properly, but does it get to the database safely? Some projects use redundant inputting – multiple keyboardists inputting the same data. A validation system scans the parallel inputs, and looks for variations. Variations suggest there might be an error. It’s the same information, it should be the same across all inputters.
The Intellectual Property Office of Singapore (IPOS) in its e-Patents project uses a triangulation technique. The patent application documents are optically scanned, and then processed for optical character recognition to populate the forms that contain the main metadata for the database.
The operator matches the entries in the fields against the content in the scanned image, edits and completes more fields. Then the data is indexed. Finally the file goes to a verification operator, who looks for inconsistencies between the scanned image, the form data, and the indexes.
Other projects will have specific back-testing procedures on the data in its systems, to check whether the information has been stored and maintained properly. In real-world terms, the tally of real world votes against the database count is one such validation test.
Backup
Technically, this is the best documented and supported set of functions, with multiple ways of ensuring survival through system malfunction all the way to disasters arising from terrorism or acts of God. However, again as the e-voting case demonstrates, we have another frequent delusion. “Disaster will never strike my data, because it’s never struck before. Backups are not urgent.”
Many organisations that have archival responsibilities into the far future – like the IPOS e-patents operation (patents are the permanent property of the society that licenses them) – will warehouse the paper copies of converted information permanently. It’s the ultimate backup.
For records that are created digitally, you can now buy technology from companies like Kodak, that will print digital records directly to 100-year guaranteed microfilm or if storage is an issue, you can engrave 200,000 document images onto 2” nickel plates in resolutions that can only be read by electron microscopes. And then there are the digital options we mentioned earlier – the main thing to remember here is that having all your backup tapes in the same room (or even the same building) as your computer server is a half baked backup.
Preservation
This is the scariest and least well-understood risk to long-term digital information continuity. It arises from the delusion “Digital information is just like information stored on physical objects. If I leave it alone for a long time, it will still be the same when I go back to it again”.
If the lifespan of a PC is 18 months, the lifespan of operating systems, storage media, and interoperability standards is now barely double that. If you get a cheap CD ROM and store your backup data on it, then leave it exposed to sunlight, chances are you’ll lose everything in a few weeks. Backup tapes warp, distort and grow fungus just like video tapes do. Hard disks crash for unknown reasons.
Customised software that was used to create and read the data doesn’t get preserved along with the databases, so a couple of years later, when you want to retrieve it, you don’t have the software player that decodes it for your latest computer. Hardware and software standards change – who can now read a 5 ¼” floppy disk containing WordStar documents?
National libraries and archives are among the few agencies trying to struggle with strategies for dealing with the frightening speed with which technology and its standards are changing, so that they can make previously stored data unreadable. Even if they can preserve the information, it’s pure gobbledygook unless they have the software and hardware that can unpack it for the user who needs it.
If you think about it, e-government initiatives are good candidates for information disasters. The information that moves into the digital domain in these digitised transactions is often sensitive, is required for long term access and reuse, and may be stored for very long periods.
Until the library and archive agencies figure out resilient ways of dealing with this problem long term, there are only three reasonable ways of protecting your information continuity in an e-government system.
The first is to make a practice of frequently accessing all your information stores, and logging errors. This will alert you early to an impending degradation or system interface problem.
The second is to conduct access and integrity audits (similar to the validation tests mentioned above), both on a routine basis as well as whenever you implement a major system change or upgrade. Something will not have been anticipated. You’d better catch the problem while the programmers are still in the building. Finally, think about physical archiving, using the paper, microfilm or nickel plate route.
Most of all, you’d better assume disaster will strike. Not because this assumption will help you avoid disaster. It might, but this is not the point. The real point is that you will be better prepared when disaster strikes, and you will have a strategy in place to recover more of your critical information than if you were unprepared. In the realm of digital information, ignorance is not bliss. It’s extinction.
Autor: Patrick Lambe
Quelle: Public Sector Technology & Management, 10.12.2004
