Risk-Strategy Interrelation Matrix
Illustrating how key risk areas are interrelated, as strategies adopted to mitigate risks in one area may shift, intensify, or introduce risks in others.
π¦
Legal
Compliance with copyright laws where ownership or copyright status is ambiguous.
Conduct a copyright and rights audit to determine copyright status, ownership, and rights holders.
Reduces infringement risk and strengthens legal compliance.
Requires staff time, training, and workflow capacity.
π§
Financial
π¨
Technical
πͺ
Policy
π¦
Legal
Misuse due to incorrect or unclear licensing or rights information.
Apply standardised licences and rights statements carefully.
Provides clear reuse guidance and reduces infringement risk.
May raise concerns about revenue loss or reputation.
π§
Financial
π¦
Legal
Risk of infringement claims or takedown requests.
Develop infringement response protocols, including open access and takedown policies.
Enables consistent and transparent handling of claims.
Introduces procedural and communication overhead.
πͺ
Policy
π§
Financial
π¨
Technical
π¦
Legal
Exposure of sensitive personal information in collection records.
Identify and protect personal and sensitive data through anonymisation or redaction.
Reduces legal and ethical risk from data disclosure.
Adds processing and metadata work.
π©
Ethical
π¨
Technical
π¦
Legal
Non-compliance with third-party platform terms of service.
Regularly review and comply with third-party terms of service.
Avoids forced removals or account restrictions.
May conflict with open access aims.
πͺ
Policy
π¨
Technical
π©
Ethical
Ethical issues relating to culturally sensitive materials.
Engage in community consultations and co-develop sensitivity protocols.
Supports respectful representation and community trust.
Slows publication and requires sustained engagement.
πͺ
Policy
π¦
Legal
π©
Ethical
Risk of misrepresentation or disrespect to communities connected to collections.
Incorporate cultural guidance and context into metadata and documentation.
Improves accuracy, dignity, and ethical reuse.
Requires ongoing cataloguing effort.
π¨
Technical
πͺ
Policy
π©
Ethical
Ethical tensions arising when platform norms conflict with institutional or community values.
Review social and community norms of third-party platforms used for sharing collections.
Reduces reputational harm and ethical misalignment.
May limit platform reach or visibility.
πͺ
Policy
π¨
Technical
π¨
Technical
Limited resources for digitisation, digital preservation, and open access management.
Use open-source software, community-driven platforms, or shared infrastructures where appropriate.
Enables access despite budget or staffing constraints.
Introduces dependency, terms of service, and governance risks.
π¦
Legal
π©
Ethical
π§
Financial
π¨
Technical
Challenges with metadata quality, legacy systems, and interoperability.
Implement flexible, layered metadata frameworks, and commonly-used, recognised standards.
Improves discoverability, reuse, and sustainability.
Risk of over-standardisation or loss of nuance.
π©
Ethical
πͺ
Policy
π¨
Technical
Vulnerabilities in securing and maintaining digital collections (cybersecurity, outages, data loss).
Ensure regular security audits and ongoing system maintenance.
Protects access, integrity, and continuity of collections.
Requires sustained funding and staff capacity.
π§
Financial
π₯
Geopolitical
π§
Financial
Financial burden of digitisation, licensing, and maintaining open access infrastructure.
Explore low-cost digitisation approaches and strategic partnerships.
Reduces upfront costs and expands capacity.
Partnerships may introduce legal or policy constraints, as well as political dependencies.
π¦
Legal
πͺ
Policy
π₯
Geopolitical
π§
Financial
Perceived or actual revenue loss from open access and open licensing.
Leverage indirect value from openness (visibility, partnerships, fundraising).
Supports long-term financial sustainability narratives.
Benefits may be indirect or difficult to measure.
πͺ
Policy
πͺ
Policy
Lack of formal policies for managing risks associated with open access.
Create a comprehensive open access policy covering legal, ethical, and technical issues.
Enables coordinated and transparent decision-making.
Requires institutional change management.
π§
Financial
π¨
Technical
πͺ
Policy
Insufficient workflows for handling copyright, ethical, and technical challenges.
Adopt a risk assessment checklist and documented workflows.
Reduces ad-hoc decision-making and inconsistency.
Adds steps to publication workflows and requires staff time.
π¨
Technical
π§
Financial
πͺ
Policy
Unclear procedures for restricting or removing access to materials.
Establish a formal takedown procedure with clear criteria.
Enables accountability and timely responses.
Communication and reputational workload.
π¦
Legal
π¨
Technical
π₯
Geopolitical
Loss of institutional autonomy due to political interference, censorship, or governance pressure.
Establish governance and editorial policies safeguarding institutional independence.
Protects curatorial integrity and public trust.
May provoke political or funding backlash.
πͺ
Policy
π¦
Legal
π©
Ethical
π§
Financial
π₯
Geopolitical
Jurisdictional dependency and access disruption from conflict, sanctions, or environmental crisis.
Implement geo-redundant storage, preservation planning, and cross-border partnerships.
Improves continuity of access and preservation.
Increases legal, technical, and funding complexity.
π¨
Technical
π§
Financial
π¦
Legal
π₯
Geopolitical
Loss of integrity, availability, or trust due to cyberattacks or undocumented access changes.
Apply security best practices and document and disclose access or content changes.
Preserves authenticity, transparency, and credibility.
Adds operational and communication burden.
π¨
Technical
πͺ
Policy
π©
Ethical
Download a copy
Sharing this matrix
Please cite this matrix as: Ilkay Holt and Revekka Kefalea (2025) βRisk-Strategy Interrelation Matrixβ in Risk Management Toolkit for Open GLAM (Version 2.0). Zenodo. https://doi.org/10.5281/zenodo.14419072.
This matrix is licensed under a Creative Commons Attribution 4.0 International (CC BY 4.0) license.
This license requires that reusers give credit to the creator(s). It allows reusers to distribute, remix, adapt, and build upon the material in any medium or format, even for commercial purposes.
Last updated