-
Can complete deletion of a dataset be done only at the request of the institute or depositor?
-
Do employees of DANS and/or subprocessors have access to the data?
-
Is there layering and/or compartmentalization of management accounts? How is this regulated?
-
How does user authentication take place?
-
Are there log files that track mutations to datasets?
-
What information security policy applies?
-
Are updates/new versions of Dataverse first tested in a test or acceptance environment?