Maureen Pennock

Maureen Pennock

Last updated on 1 March 2024

Dr. Maureen Pennock is Head of Digital Collection Management at The British Library

Have you ever noticed the range of different ways we talk about risk in digital preservation? We talk – and write – extensively about risks, but the terminology we use to describe them can be quite inconsistent. We often use different terms and different measures to define the same kind of concerns. We talk a lot about trust too, sometimes seemingly confusing it with risk - though they’re not the same thing.

As a community we’ve developed many different solutions that can help explore and address risk within our institutions. They’re all helpful, in different ways. But as they all take different approaches and explore risk at different levels of granularity, it’s difficult to piece these together to establish a full – and consistent - overview of the digital preservation risk landscape. This makes it difficult to manage digital preservation risk holistically, and difficult to represent different types of digital preservation risks consistently for integration into wider, institutional risk management programmes.

It’s for these reasons that the CHARM Reference Model for Digital Preservation Risk has been developed [1]. CHARM offers a fresh perspective on digital preservation risk, drawing on concepts and methods from the fields of risk science and design science. It represents a new, knowledge-base contribution to our community discussions on risk – about how we think about risk, how we talk about it, and ultimately how we might manage it. It’s not intended to replace existing risk tools but looks instead at the ‘big picture’ of digital preservation risk. It disentangles our various uncertainties, inconsistencies, and unknowns, into a structured, consistent, logical, and holistic framework, with an abstract yet re-usable overview of the digital preservation risk landscape.

One of the most important features of CHARM is its distinction between the concept and the characterisation of digital preservation risk [2]. The concept is a high level, abstract definition of risk, whilst characterised risk takes a more descriptive and measurable form. Deep and consistent contextualisation is key to CHARM, at both conceptual and characterised levels. CHARM establishes a contextualised, conceptual definition of digital preservation risk, structured around three main reference points: an undesirable outcome, the target values against which outcomes are assessed, and the potential causes of a negative outcome [3]. This definition provides us with a meaningful, substantiated yet still conceptual answer for that most fundamental question: what is digital preservation risk?  

CHARM then draws upon that definition as the foundation from which to develop and detail a contextualised abstract model of the digital preservation risk domain. It applies a newly designed risk source concept model to the whole domain, allowing for a consistent mapping of different aspects of risk across structurally consistent families of related risk source entities. These include risk factors – which CHARM considers to be changeable aspects of risk sources – as well as classes of risk sources, and associated instance types. The contextual nature of individual risk sources is then addressed with a process model and a series of suggested methods to help assessors use the abstract model for identifying risks and risk sources in situ.

If it sounds complicated then that’s only because it’s such a complex landscape that a very short, introductory blogpost can’t really do it justice. The reference model itself is very clear, logically defining the key concepts – and their relationships - with precision and consistency. The plan is that the first version of the Reference Model, as well as its associated User Guide and templates, will be released to the community in the coming months. This blog post precedes that release with the aim of raising awareness of CHARM – that it’s complete, that it will soon be available, and that feedback will be very welcome. 

So please do keep a look out for the release and for opportunities to get involved! 

[1] Conceptualising and Characterising Digital Preservation Risk: A Reference Model. It’s a terribly contrived acronym but it stood for something else at first (now long forgotten) and the name just stuck!

[2] For more on this distinction, see Ylönen, M. and Aven, T. (2023) 'A framework for understanding risk based on the concepts of ontology and epistemology', Journal of Risk Research, Issue 6, pp. 581 - 593. Available at:

[3] This structure was developed in 2015 for the supply chain management risk concept - for more information, see Heckmann, I., Comes, T. and Nickel, S. (2015) 'A critical review on supply chain risk – Definition, measure and modeling', Omega, Volume 52, pp. 119-132. Available at: 


Bruce N. Smith
3 months ago
Thanks for this! Adding this link for others, it took me a bit of typing and clicking to find it and

Scroll to top