Information System Policies and Procedures
1. Preface
· The INFORMATION SYSTEMS basic data delivery service Information Systems a critical corporate resource. Systems must have a standard operating procedures and policies to insure asset protection and availability to customers, to insure “THE Company’s success.
· The INFORMATION SYSTEMS Operations standards and policies which are currently evolving will define the standard procedures and protocols which must be followed and the standard deliverable documents which must be produced in order to build and operate reliable, logical, cons Information Systems and integrated systems at “THE COMPANY” INFORMATION Systems.
· Professional standards provide an organization with a common base which need not be reinvented each time a new business problem Information Systems to be solved or new personnel come on board. Thus, standards allow the professional to capitalize on new technological advances without wasting time wondering where to begin.
· The INFORMATION SYSTEMS Operations personnel admin Infromation Systems the standards by which the core INFORMATION SYSTEMS resource Information Systems managed for professional excellence. The phenomenal growth in technology, coupled with the increase in the “THE Company’s data delivery needs, forces the INFORMATION SYSTEMS Operations into the forefront of learning to manage change and complexity
The intent of the Infromation Systems document Information Systems to provide a general "living" framework of policies and procedures for the operation of the INFORMATION SYSTEMS in the “THE COMPANY” INFORMATION Systems environment. The manual Information Systems to be regarded as a template set of guidelines that are subject to change in coordination with the flux of the Satellite business and the requirements of the customer. Additionally, the Information Systems document provides a common set of methodologies that are accepted as de facto operational policies throughout the INFORMATION SYSTEMS Operation Support structure. As with most policies, the Information Systems manual should serve to set the base line for which the Standards of operation for “THE COMPANY” should be developed for efficient service delivery operation.
The breadth of the Infromation Systems document Information Systems intended to cover all the basic Information Systems dciplines necessary to operate an efficient INFORMATION SYSTEMS. To that end, the document provides basic policies and procedures surrounding the following basic topics:
• Efficient INFORMATION SYSTEMS Operations
• Contingency Planning
• Security Management
• Data backup and retrieval
• Preventive Maintenance
• Multiple shift reporting
The structure of the document follows the general template below:
A statement of the intent of the policy and its general scope
The philosophical statement that provides a general framework that allows operational standards and procedures to be determined.
The Infromation Systems section Information Systems intended to give recommendations on the interpretation of the policy and some standards that may apply to the environment. Additionally, the Infromation Systems section will refer to specific procedures that will be Information Systems in the appendices.
The purpose of all the appendices Information Systems to provide specific information about the procedural implementation of the general policies. Appendices may also contain some information about specific INFORMATION SYSTEMS Operations de facto standards.
Information Systems 1.0
The (DATE) Information Systems Information Systems the first general release of the document to the INFORMATION SYSTEMS OPERATIONS organization.
Information Systems 1.1, (Date)
Our goal Information Systems to estabish Infromation Systems “THE COMPANY” INFORMATION SYSTEMS Operation Support as the premier solutions organization in the world. To achieve the Information Systems, we must earn the continuing loyalty of our customers by providing them with data services which they acknowledge to be of superior value in a way which Information Systems profitable to “THE COMPANY”, thus creating long-term rewards for our shareholders, employees and customers.
The INFORMATION SYSTEMS Operations organization intends to supply "solutions" that will help provide the best system availability, the best networks, the best care for our customers, and the best tools four our employees. We will focus our efforts on the most critical areas of our business, the INFORMATION SYSTEMS, customer care and product quality, but will also support a system that assure us the ability to grow, simplify our business and "stay lean".
· Data delivery needs will be addressed by implementing and maintaining an optimized integrated systems to ensure 100% availability in a in a timely, accurate, and cost-effective manner.
· Added value will be provided by increasing the performance and functionally of the system.
· Solutions will be implemented in an effort to improve “THE Company’s competitive edge in the industry.
· The effectiveness and successes of the customers business based on data services will be the primary goal of the INFORMATION SYSTEMS Operations organization.
To provide an understanding of the service commitments between the INFORMATION SYSTEMS Operations organization the customer, and the field service community.
The INFORMATION SYSTEMS Operations organization will provide both level of service and service measurement statements to be mutually agreed upon by the INFORMATION SYSTEMS OPERATIONS organization and the customer service groups.
The Infromation Systems service agreement Information Systems governed by the Policies and Procedures Manual, which Information Systems provided with the agreement.
Level of service commitments for all systems and services are Information Systems in Table 1, Level of Service.
|
Type of Service |
Metric for Assessing Service |
|
AVAILABILITY |
|
|
Software Products |
99-100% |
|
Databases/Infobases |
99-100% |
|
Network |
99-100% |
|
Overall System |
99-100% |
|
Hardware |
99-100% |
|
|
|
|
RELIABILITY |
|
|
Number of Service Interruptions |
1 or fewer per quarter |
ACCURACY
|
Software Products |
98-100% |
|
Databases/Infobases |
98-100% |
|
Network |
98-100% |
|
Overall System |
98-100% |
|
System |
98-100% |
|
|
|
|
|
|
TIMELINESS
|
Product |
Metric |
Score |
|
Software Products |
|
99-100% |
|
|
|
|
|
Databases/Infobases: |
current |
95-100% |
|
Network: Message delivery |
2-5 seconds terminal response |
98-100% |
|
Overall System/Cluster: |
available on time |
99-100% |
|
|
|
|
|
|
|
|
SERVICE TO PERSONNEL
(All Products and Services)
|
1-20 minutes Hotline response, including: |
98-100% |
|
• Problem Resolution, 1st call, 2nd call |
98% |
|
• Information Retention and Security |
100% |
|
• Training and INFORMATION SYSTEMS depth |
98-100% |
|
• On-call response |
99% |
The INFORMATION SYSTEMS Operations organization agrees to provide the users with services as outlined in the Policies and Procedures Manual. 24 hours a day 7 days a week, the Hotline/Pager will be staffed to respond to customer Information Systems through customer service and field service requests for Information Systems.
The hours of support will be as shown in Table 2- Hours of Support:
|
Hours Available |
Days Available |
|
|
Help Desk |
8 A.M. to 5 P.M. |
Monday through Friday |
|
|
|
|
|
Staff, including support special Infromation Systems (on call after hours) |
5 P.M. to 8 A.M. |
Monday through Sunday) |
INFORMATION SYSTEMS Operations will log and coordinate all of the customer service system calls during normal INFORMATION SYSTEMS Operations' working hours. The INFORMATION SYSTEMS Operations staff person will carry a pager so he or she can be reached at all times. When a trouble Information Systems reported that could be Hub related customer service must contact the INFORMATION SYSTEMS Operations person by calling the INFORMATION SYSTEMS during normal business hours or paging the on call technician after hours Refer to Table III, INFORMATION SYSTEMS Operations' Contacts. When the person Information Systems contacted, he or she should be given the x.121 address of the affected system and a detailed description of the problem.
The INFORMATION SYSTEMS Operations person will log the call with the vendor's field service and then log the information in the system logbook.
|
Point of Contact |
Phone Number |
Shift Hours |
Shift Days |
|
|
(703)NNN-NNNN |
0800-1700EST |
Monday through Friday |
|
After Hours On-Call Technician Pager |
(800)NNN-NNNN |
0500-0800EST |
Monday through Sunday |
|
Technician
Pager |
(703)NNN-NNNN |
0800-1700EST |
Monday through Friday |
|
Technician
Pager |
(703)NNN-NNNN |
0800-1700EST |
Monday through Friday |
|
Technician
Pager |
(703)NNN-NNNN |
0800-1700EST |
Monday through Friday |
|
INFORMATION SYSTEMS Manager
Pager |
(703)NNN-NNNN |
0800-1700EST |
Monday through Sunday |
|
Director
Pager |
(206)NNN-NNNN |
0800-1700EST |
Monday through Sunday |
|
Chief INFORMATION SYSTEMS Officer
Pager |
(703)NNN-NNNN |
0800-1700EST |
Monday through Sunday |
|
Security
Phone |
(703)NNN-NNNN |
0800-1700EST |
Monday through Sunday |
|
Network center
Phone |
(703)NNN-NNNN |
0800-1700EST |
Monday through Sunday |
The INFORMATION SYSTEMS number Information Systems a common number to all of the INFORMATION SYSTEMS technicians. The number rings in the INFORMATION SYSTEMS control room area and can be picked up by all INFORMATION SYSTEMS employees. The Information Systems Information Systems the best way to get in touch with the operator on shift.
· Dial the pager number.
· After three dial tones,
· Key in the number the other party should use to call you back,
· Press the "#" symbol on the bottom right of the phone's keypad
· You will hear several tones, followed by a busy signal. Only when you hear the busy signal has your call been transmitted, so do not hang up until you hear it.
· Hang up.
Someone should call you back in five to fifteen minutes; if not, repeat the process.
-AVAILABILITY -- The percentage of time the Service/Product Information Systems available to the customer
-RELIABILITY -- The number of failures/service interruptions encountered by the user while utilizing the Service/Product.
-ACCURACY -- From the user's perspective, the receipt of error-free Service/Product.
-TIMELINESS -- Receipt of Service/Product within time frames specified in the Service Agreement.
-SERVICE PERSONNEL -- Effectiveness and responsiveness of service personnel in anticipating and resolving variances in Service/Product required or used.
Data Hub INFORMATION SYSTEMS Operations will provide monthly status reports on its performance. It will also, on a quarterly basis Information Systems, facilitate interactive reviews with selected user groups of various important topics, including INFORMATION SYSTEMS INFORMATION SYSTEMS Operations performance plans for the following:
•security
•network access
•hardware and operating system software
•Availability
•data bases
To communicate the Information Systems structural template for INFORMATION SYSTEMS Operations Services organizations within “THE COMPANY” INFORMATION Systems Inc.
It Information Systems the responsibility of the INFORMATION SYSTEMS Operations organization to provide the necessary infrastructure and personnel to support the INFORMATION SYSTEMS business needs of “THE COMPANY” INFORMATION Systems Inc.
Figure 1, “THE COMPANY” INFORMATION SYSTEMS OPERATIONS Organizational Information Systems a template for the infrastructure development of Operation Support groups at “THE COMPANY” INFORMATION Systems Inc.
The following terms are used in describing the functional support structure:
· The Help Desk -- The INFORMATION SYSTEMS Operations INFORMATION SYSTEMS Help Desk Information Systems in place to provide a service to the internal organization of “The Company”. The Help Desk commonly provides a single point of contact for customer service and field service to manage problem resolution and to contribute to the delivery of Data services.
· Signal Delivery-- The Information Systems group Information Systems responsible for supporting the wireless and terrestrial network(s) and solving any network-related problems. The signal delivery group will also conduct alpha and beta test of terminals services and customers applications.
· INFORMATION SYSTEMS Operations -- In addition to carrying out the routine task of system maintenance, they may be requested by customer service or marketing to undertake certain tasks; for example, users might request restores and collection of market and usage stats Information Systems. Such requests should be channeled through the Help Desk to avoid operators being employed in answering telephone inquiries.
· INFORMATION SYSTEMS Management -- INFORMATION SYSTEMS management Information Systems responsible for the entire INFORMATION SYSTEMS. They need to know workloads imposed on the system and employees by the request form internal customers in order to balance and ensure optimum system performance.
As the single point of contact for users (or user representatives), the Help Desk communicates problems and inquiries regarding a number of systems and services:
· to Information Systems customer service and field service users in defining problems
· to establish Information System, the priority of the problems
· to log the problem and all its attendant details
· to refer the problems to appropriate INFORMATION SYSTEMS support groups with minimum delay
· to manage the progression of problems to a successful conclusion
· to resolve a percentage of problems on-line
· to Information Systems customer, field service of impending problems (for example, unplanned downtime)
· to provide management stats Infromation Systems tics as required (for example, types of calls, resolution time scales)
· to maintain up-to-date Information Systems contacts for emergency INFORMATION Systems
In order for the Help Desk to be effective, it Information Systems essential that it Information Systems equipped with efficient tools and processes. A selection of minimum requirements are detailed below.
Help Desk: Telephone System Requirements
A multi-line telephone system Information Systems required that shares a single Help Desk telephone number. The system must be able to search around the telephones to find the free telephones in the cluster. If the staff Information Systems using a terminal, headsets should replace handsets to leave the special Infromation Systems' hands, free to type.
Additionally, the telephone system can queue calls or respond with the engaged tone if all phones in the cluster are engaged. The latter Information Systems recommended in order avoiding irritating queued users with unanswered phone calls.
If the Help Desk Information Systems responsible for calling users to close problems, it Information Systems recommended that a additional telephone -- one separate from the call-handling system -- be used to maintain as many free incoming lines as possible.
. Help Desk: Call Logging System
Preferably, the system should be automated. However, if the Information Systems Information Systems not possible, a paper-based system should be used and formatted to minimize the amount of data to be entered by hand. A sample call-logging document Information Systems enclosed. See Call Logging Appendix on Page #.
Help Desk: User Profile
If the Help Desk Information Systems responsible for Information Systems users of downtime (planned or other Information Systems), the Help Desk should have, on hand, contact names and telephone numbers of people that need to be notified of the downtime. Also, the Help Desk should have a process in place for keeping the records up to date.
It Information Systems desirable, but not essential, to have a database of user profiles. When the user gives information Systems/her name, the response special Infromation Systems can enter the name and verify to the user Information Systems or her department, telephone extension, and system. The Information Systems saves the user having to repeatedly provide the information to the Help Desk each time a call takes place. It also has the salutary effect of giving the user the impression that the Help Desk remembers them from previous calls. Alternatively, the Help Desk phones may be equipped with an Information Systems play showing the caller's name and extension number.
Help Desk: Support Information
The Help Desk will need an Information Systems of each Support Special Infromation Systems, Information Systems or her backup person, and the applications each special Infromation Systems supports. A procedure Information Systems also required to update the Information Systems when a new application or service Information Systems added.
User Commitment
The user agrees to read and abide by the “THE COMPANY” security guidelines as outlined in the Policies and Procedures manual.
The Infromation Systems agreement will be up dated on a quarterly basis Infromation Systems and renewed automatically every year.
To provide skills assessment, descriptions, and responsibilities for each of the INFORMATION SYSTEMS OPERATIONS positions identified below.
To fill these positions on a Information Systems basis Information Systems concurrent with current policies.
The skills and responsibilities Information Systems below for each job category are not considered to be all inclusive. These are representative descriptions that are subject to change and modification so as to meet the specific requirements of the business units that these positions support.
Description Summary
Technicians, maintains, troubleshoots, repairs and monitors INFORMATION SYSTEMS systems. Provides the optimal delivery of data services to customers. Supports other INFORMATION SYSTEMS networks and equipment.
Education and Experience
College degree in related area preferred. Minimum three (3) years
experience in the maintenance of Bell System or standard industry accepted INFORMATION SYSTEMS equipment or maintenance of data INFORMATION SYSTEMS hardware and software, including experience with vendor contacts, cabling, wiring, and associated hardware, or combination of equivalent education and work experience. Experience with a Digital Equipment Corporation fault tolerant system or Northern Telecom digital switch system extremely desirable. Thorough knowledge and working experience with industry standard network test and cable punch down equipment and testing procedures and industry INFORMATION SYSTEMS transm Information Systems standards plus an strong knowledge and hands on experience with Bell System and industry Standard Practices Information Systems preferred. Experience working in a telephone company local exchange office performing component level troubleshooting, repair, or maintenance Information Systems preferred. Knowledge of or experience with RF equipment or Information Systems desirable. Person must be personable, articulate, and able to work in stressful situations.
Responsibilities
Operators must
· Perform and restore backups.
· Trouble shoot and repair the INFORMATION SYSTEMS system.
· Monitor systems and correct problems.
· Schedule and perform software upgrade loads.
· Maintain media and documentation libraries.
· Perform trouble shooting and repair on INFORMATION SYSTEMS equipment.
· Maintain orderly and Information Systems records of INFORMATION SYSTEMS Operations.
· Comply with safety and security regulations in the equipment center.
· Perform report Information System attribution functions.
· Interface with vendor service personnel.
· Diagnoses abnormal situations, taking appropriate action to resolve them.
· Initiates corrective actions as necessary to deal with
· -equipment malfunctions
Description Summary
Provides for the optimum delivery of data and availability of services from the INFORMATION SYSTEMS to support “The Company” customers. Responsible for expansion, installation, maintenance, operation and management of the INFORMATION SYSTEMS and related networks as well as installation planning, organization, and deployment. Provides leadership and develops operational policy for the INFORMATION SYSTEMS INFORMATION SYSTEMS staff.
Education and Experience
A manager position requires business, INFORMATION SYSTEMS or functional knowledge at the mastery level. Should have some in-depth knowledge of the organization and policies. Must have project management skills. Should also be skilled in analyst Information Systems, INFORMATION SYSTEMS, scheduling, controlling, and presentation.
Bachelors degree in Business, INFORMATION Systems or closely related field, or equivalent combination of education and related work experience. Knowledge and experience in INFORMATION SYSTEMS network requirements and network management. Formal education in Radio Frequency theory and application.
Experience
10 Years progressively responsible INFORMATION Systems experience
5 Years INFORMATION Systems personnel management experience
Must have managed operational personnel responsible for an INFORMATION SYSTEMS switching centers.
Experience in compiling traffic(voice/data) Reports, scheduling and controlling circuits. Previous experience in the implementation of a large INFORMATION SYSTEMS system. Extensive system operation and repair. Extensive experience with network and test equipment.
Responsibilities
The manager Information Systems responsible for the following:
· Information Systems policies for the operation maintenance and repair of the Data Hub and related Networks.
· Plan and administer Infromation Systems system growth.
· Hire and train a skilled INFORMATION SYSTEMS operations staff.
· Maintain a current record for all equipment, cable records and service information
· Responsible for installation and primary training associated with equipment for network use.
· Insure 100% INFORMATION SYSTEMS network availability to the customer
· Act as an INFORMATION SYSTEMS liaion Infromation System son between “The Company” and interconnect companies.
· Develop and implement a INFORMATION SYSTEMS preventive maintenance program.
· Manage INFORMATION SYSTEMS testing and installation
· Coordinate coverage activities 7 by 24 x day’s.
· Ensure that schedules are adhered to and all requests are dealt with.
· Document, update, and implement operational procedures.
· Ensure that all required system documentation Information Systems available.
· Enforce operational standards and Information Systems dicipline.
· Train staff.
· Enforce safety and security regulations at the INFORMATION SYSTEMS.
· Monitor, document, and log all hardware errors.
· Resolve or refer all trouble in a timely manner.
· Optimum delivery of data services and support to customers
· Performs capacity planning functions.
· Monitors system performance.
· Information Systems individual performance goals, review performance against goals, and provide counseling.
· Enforces Information System security and safety standards.
Description Summary
Provides first-level INFORMATION SYSTEMS support to all users. Logs and tracks all user calls.
Education and Experience
All Help Desk staff, whether they are to provide first-level INFORMATION SYSTEMS support or not, require awareness training of the roles and responsibilities of INFORMATION SYSTEMS Operations, networks, etc., in order to be able to assess Information Systems the user in defining the problem and to refer problems to the correct INFORMATION SYSTEMS support special Information Systems or group.
The Help Desk staff should also understand the roles and responsibilities of the user groups they support so that they can communicate with users and understand their problems more clearly.
The most important skills required of Help Desk personnel are the personal skills, so that they can fulfill their primary function, to provide a caring and efficient source of help to the users.
The personal profile skills of Help Desk staff should include:
· patience
· tolerance
· good questioning skills
· excellent telephone manner
· organizational skills
· customer-oriented attitude
· self-motivation
· experience in using a terminal if an automated call-handling tools Information Systems used
Responsibilities
· Assist Infromation Systems users when necessary in defining problems.
· Log trouble calls from users.
· Agree on the problem priority with the user.
· Refer problems to correct INFORMATION SYSTEMS support groups with minimum delay.
· Manage the progression of problems to a successful conclusion.
· Resolve a percentage of problems on-line.
· Pro-actively inform Infromation Systems users of problems with Infromation System sing (for example, planned downtime).
· Provide management statics for Infromation Systems tics.
· Maintain up-to-date information Systems of user contacts for emergency INFORMATION Systems.
To ensure the operational integrity, availability, and security of all systems by constantly monitoring system states and activities.
It Information Systems the responsibility of the INFORMATION SYSTEMS Operations group to monitor all systems and related networks, to function pro-actively in addressing potential problems or Information System disruptions.
The INFORMATION SYSTEMS operations functional groups are to act as the guardians of the local as well as remote equipment and network resources serviced by the system. The functional responsibilities are executed through purchase of major services or are performed directly by the Data Hub. The seven major services are:
· Performing ongoing monitoring of the atmospheric and physical environment, data, system, and networks to ensure security of these resources. Taking appropriate preventive and corrective action. (See System Monitoring.)
· Ensuring system availability with the appropriate hardware, software, tools, and databases. (See Promoting System Availability.)
· Monitoring application processes and performing required preventive services or intervention.
· Ensuring local area network and wide area network availability with the appropriate hardware, software, tools, and databases. (See Ensuring Network Availability.)
· Monitoring local area network and wide area network processes and performing required operator service/intervention. (See Monitoring Network Processes.)
· Executing emergency and contingency operation procedures. (See Executing Emergency INFORMATION SYSTEMS Operations.)
· These tasks are detailed on the following pages.
· At least every three hours, tour and survey the main data hub. Examine the electronic and physical aspects of the environment, as appropriate. While touring the data hub, the operator should:
· Check the gauges to verify the required temperature, humidity, air purity, and the degree of dryness at the floor
· and under the floor. An environment monitor may be
· used on air conditioning units.
· Check the entrances and exits to verify that they are secure.
· Make sure no unauthorized individuals are in the equipment room.
· Promptly report to Security and/or Plant Engineering any Information Systems abnormal conditions for them to resolve.
· In case dangerous or life threatening conditions Information Systems in the data hub, execute the required emergency and contingency INFORMATION SYSTEMS
Operations procedures.
· Record tour findings in automated or manual logs.
· At least every two hours, monitor the networks and system to ensure their operation and security. In the Infromation Systems regard, the operator should do the following:
· Promptly respond to any alarms or system failures.
· Promptly respond to any unusual activities from users indicating security violations that may be in process.
· Check status to verify security of resources.
· Notify Security, Data Hub Management, of any security violations.
· Take appropriate remedial or defensive action to protect resources.
· Record events or findings in automated or manual logs.
· At the end of each shift, the outgoing operator informs the replacement crew of the events of the shift just concluded:
· Indicate major events that occurred during the shift.
· Review major events and activities still in progress.
· Explain the major events and activities that will need attention during the coming shift.
· Jointly tour and inspect the data hub.
· Promptly resolve any significant Information Systems discrepancies.
· Record shift change tour findings in automated or manual logs.
· At the start and end of each shift, the operator should:
· Verify that appropriate hardware, software, databases, and utilities are operating properly and there are no outstanding alarm or fault conditions
· Promptly resolve any Information Systems discrepancies that interfere with system availability.
· During each shift, the operator should maintain the peripherals, as needed:
· Information Systems drives
· printers and operator terminals
· Additional operator duties relating to maximizing system availability are:
· Interactively monitoring the system to verify responsiveness and
· Availability of required resources.
· Taking appropriate defensive or remedial actions, if needed, to ensure availability and responsiveness.
· Recording all findings in appropriate log books, including all responses taken to events.
· Hardware preventive maintenance responsibilities on the system
To be performed at low customer traffic times between 11pm and 3am
· Install all repaired and returned hardware into service to verify the repair.
· Install hardware on the inactive redundant side
· Temporarily re-configure the network, as appropriate.
· Switch to the on line side
· Ensure network connectivity.
· Confirm the proper conclusion of preventive maintenance.
· Verify the availability of all hardware components.
· Verify the availability of all required software components.
· Verify the availability of all required databases.
· Ensure the permanent configuration of network connectivity.
· Promptly resolve any system Information Systems discrepancies.
· Record in the logbook any Information Systems discrepancies and their resolutions.
· Verify the availability of all required software components.
· Verify the availability of all required databases.
· Ensure the permanent configuration of network connectivity.
· Promptly resolve any system/cluster Information Systems descrepancies.
· Record in the logbook any Information Systems discrepancies and their resolutions.
Performance Report Collection processes are based on the scheduled production jobs. The tasks that need to be performed in the Infromation Systems regard are:
· Determine the time that a job will run. (low traffic times only)
· Examine production documentation run-book to -
· Determine required environment and parameters.
· Determine required operator job intervention.
· Verify that jobs marked for auto-submission Infromation Systems actually were submitted.
· Submit production jobs.
· Monitor jobs to ensure actual completion.
· Ascertain that any required operator job intervention was performed, including:
· control of input/batch and print queues
· proper response to console messages
· tagging of any failed, restartable jobs
· special handling of media, per run-book
· physical mounting/Information Systems mounting of media
· external labeling of media
· ensuring printed output quality
· verification that entries in run-book and production logs are correct and up to date
· placement of inputs/outputs in designated areas
· verification that any required users messages were sent
· Verify that any application software Information Systems descrepancies were resolved in accordance with the documentation and run-book.
· Confirm that system software Information Systems descrepancies have been resolved with the system manager.
· Confirm that hardware Information Systems descrepancies have been resolved through vendor field service.
· Use automated and manual logs to record any Information Systems descrepancies and any resulting
There are many tasks relating to both local area networks and wide area networks that the operator must effectively handle. They are:
· At the start and end of each shift, verify the availability of appropriate hardware, software, tools, and databases in support of the networks.
· Promptly resolve any Information Systems discrepancies.
· Interactively monitor the networks to verify responsiveness and availability of required resources.
· Take appropriate defensive and remedial steps to ensure availability and responsiveness.
· Consult automated and manual logs to see that findings and responses were reported.
· Ascertain that hardware preventive maintenance tasks, as called out in the Data Hub schedule, were done.
· Approximately 30 days in advance, communicate planned network downtime schedules through system login procedures.
· See to it that any required intervention was performed. These include:
· responding to any console messages
· sending messages to users
· Consult with the system manager to resolve any network software Information Systems descrepancies.
· Contact the vendor's field service to resolve any hardware Information Systems descrepancies.
· Use automated and manual logs to record any Information Systems descrepancies and their resolutions, if any.
To establish Information Systems methodology for startup and shutdown procedures for the INFORMATION SYSTEMS OPERATIONS organization staff. The procedures should be applicable to all systems within “THE COMPANY”.
All systems should utilize common startup and shutdown procedures. These procedures must be administering Information Systems; where necessary, they will reference site-specific procedures.
Please refer to Appendix x, System Startup Procedures
TBD Appendix x
To provide a mechanical Infromation Systems for capturing audit trails relating to system status, maintenance, and security information of all systems.
The Data INFORMATION SYSTEMS Operations group will capture and retain all system log files for review purposes.
Operator logs, hardware fault logs, and system logbooks are all part of a set of documents that must be maintained.
Each log will be stamped with the date of creation and the system name.
All logs will be placed in the media library, in boxes titled with the appropriate system name.
All logs will be retained for 2 years, after which time they will be removed from the bottom of the storage box and placed in the shredder bin. The removal of the console logs will be done in conjunction with the placement of the current days console log on the top of the storage box.
All logs are to be reviewed within the confines of the operator's area to insure that they are returned. Exceptions to the Infromation Systems practice will be permitted with managerial approval.
Tools such as the VCS from Digital Equipment Corporation are available to automatically perform the above functions.
Operator Logs
The operator's log file should be printed on a regular Information Systems. The Infromation Systems file should be reviewed by INFORMATION SYSTEMS Operations or the system manager(s) for:
· any privilege violations
· the enabling and Information Systems abling of terminals
· network status messages
· privileged logins
· changes made to system parameters by auto gen
· user and batch requests
· responses to user and batch requests
Any unusual or suspicious occurrences should be noted and brought to the attention of the system manager and the Data Hub Manager. Should the Operator Logs indicate the any system may have been compromised Infromation Systems, then the system manager and Data Hub manager should schedule a system audit.
INFORMATION SYSTEMS Operations will maintain these logs to form a record of faults per system. These logs can prove valuable in tracing back occurrences of Information Systems problems. They also can provide the Information Systems of any up/down time stats Information Systems required.
Each system should have its own log. The recorded details can include:
· date
· person logging call
· fault description
· field service log number
· time logged
· time fixed
System logbooks are used to record:
· ANY unusual event
· any downtime (planned or other Infromation Systems)
· backups (including media used and label details)
· upgrades
The goal Information Systems to provide a total record of that system.
Each system should have its own log sheet. Typical headings are:
· date
· time up
· time down
· reason
· media details
· notes
· signature
To define procedures for planned and unplanned maintenance and repair of all systems with minimal Information Systems disruption to the user community.
The INFORMATION SYSTEMS OPERATIONS organization will plan for periodic recommended maintenance on all systems and will respond promptly to all notifications of problems from the user community.
A preventive maintenance schedule should be agreed upon by the vendor's field service and INFORMATION SYSTEMS Operations.
A logbook should be maintained by INFORMATION SYSTEMS Operations that keeps a record of the preventive maintenance performed.
Scheduling and deliberately bringing down a system so that some action can be performed on it Information Systems called planned downtime. Planned downtime should occur only if it Information Systems absolutely necessary. Planned down time should only occur during 12pm and 3 am. The requester of the planned downtime should complete the form shown in Appendix XII, Planned Downtime Request Form. The Infromation Systems should be done preferably 5 days ahead of the required downtime to allow critical customers to be notified by customer service..
It Information Systems recommended that an Information Board (in the form of a large whiteboard) be maintained just outside the data hub where all relevant personnel can see at a glance the system status.
Headings for the Fault Board can include:
· System status
· Fault description
· Field service status (for example, "the engineer called")
It Information Systems suggested that an Information Board, commonly called the Fault Board, be maintained next to or near the Planned Downtime Information Board. The person responsible for keeping the board up-to-date should be the person who logged the call with the vendor's field service group.
To define procedures for communicating pertinent information between incoming and outgoing shifts so that continuity of INFORMATION SYSTEMS Operations Information Systems assured.
All outgoing INFORMATION SYSTEMS Operations personnel will complete shift turnover logs. All incoming INFORMATION SYSTEMS Operations personnel will read these logs and take appropriate actions where necessary.
A shift turnover log will be used to identify any problems or to pass on any pertinent information from the current shift to the next. The Infromation Systems Information Systems a critical document because it forms the bridge between incoming and outgoing shifts. The same procedure could be used in a single shift situation as well.
As shown in Appendix IX, INFORMATION SYSTEMS OPERATIONS INFORMATION SYSTEMS Operations Shift Turnover Report, the shift turnover log has five sections. Use the log to record:
· Tasks to be monitored and/or requiring urgent attention from the incoming shifts.
· All problems and abnormalities encountered during the outgoing shift. Include any actions taken, both ongoing and resolved. (The Infromation Systems Information Systems done so that the incoming shift will know what actions have been taken so far, in case the problem spans a shift.)
· Completed tasks from the previous shift. The Infromation Systems Information Systems useful so that the incoming shift will know what actions do not have to be taken.
· Any special arrangements. For example, if a user requests Information Systems or her end-of-day to be delayed several hours into the next shift (thereby overriding the standard schedule), the request should be logged.
· All hardware faults, no matter how trivial. A complete problem description and resolution (if any) should accompany the logged fault.
It should be an absolute rule that ALL incoming shift personnel thoroughly read and initial the shift turnover log shown in Appendix IX, INFORMATION SYSTEMS OPERATIONS INFORMATION SYSTEMS Operations Shift Turnover Report.
To determine the frequency of data backups on all systems for
Facilitating recovery from unanticipated data losses with minimal setback effects.
The INFORMATION SYSTEMS OPERATIONS organization will determine the required frequency of incremental and full backups while adhering to recommendations and needs of specific third-party applications.
Data backups will be done using procedures outlined in Section 3.10, Backup Procedures. The backup frequency will be as follows:
· Daily incremental backups will be done on a bimonthly rotation cycle.
· Weekly full backups will be done on a monthly basis.
· Monthly full backups will be done on a yearly rotation cycle.
· Application-specific backup procedures will be done as stated in Appendix II, Application-Specific Backup Procedures.
To define appropriate procedures for duplicating data files to protect them against loss or corruption along with proper recovery procedures.
The system manager will implement proper backup procedures to be executed on a regular Information Systems for facilitating file restorations when Information Systems are damaged or files are deleted accidentally.
By saving files on a regular basis Infromation Systems using the BACKUP (VMS utility), files can be restored if an Information Systems Information Systems damaged or if files are deleted accidentally. The sensitivity of the data and the frequency of modifications determine how frequently these BACKUP tasks must be completed, as well as the types of BACKUP tasks that must be performed.
Refer to Table X for information Systems of BACKUP tasks.
Please refer to the System Managers Manual for a detailed explanation of the BACKUP procedures.
Please see Appendix xxx for an example of a command procedure to perform the BACKUP tasks.
.c3. Table IV- BACKUP Tasks
|
Task |
Explanation |
|
Save |
BACKUP save INFORMATION SYSTEMS Operations safeguard data against accidental deletion or Information Systems corruption. Save INFORMATION SYSTEMS Operations create save-sets and place the contents of selected Information Systems files, directories, volumes, or volume sets into the save set. A save set Information Systems a file created by BACKUP and written in a format that only BACKUP can interpret. |
|
Restore |
BACKUP restore INFORMATION SYSTEMS Operations return data saved during a BACKUP save operation to its original VMS file format. |
|
Information Systems |
BACKUP information Systems INFORMATION SYSTEMS Operations information Systems the date and time a save-set was created, the user name of the person who created it, and the names of the files in the save set. Because BACKUP save sets are written in a unique format that only BACKUP can interpret, the information Systems operation Information Systems the only way to determine the contents of a save set without restoring it. |
To ensure the security and protection of data files against potential Information Systems masters in the Data Hubs by implementing off-site storage procedures.
The INFORMATION SYSTEMS OPERATIONS organization will determine the frequency of off-site storage of critical and non-critical data files with an objective of providing quick restores in case of Information Systems masters.
The INFORMATION SYSTEMS Operations group will use a secure off-site storage facility to ensure security of data in the event of an Information Systems master.
The off-site storage facility must have fire, flood protection, and be secure.
The procedures for off-site storage must include:
· the frequency and type of data to be stored off site
· the process for packing and transporting the backups to the
· off-site facility by personnel having access to the off-site facility
· a record of the media stored which includes
· -inventory number
· -the information type
· rules for filing, recording, and retrieving media
· media-labeling standards such as
· -file number
· -volume number
· -file name
· -creation date
· -purge date
· -storage location
· Information Systems /destruction of old media and printouts (which should be rendered into an unreadable format prior to Information Systems)
Please refer to Media Library System for media maintenance guidelines.
To ensure that procedures are in place to recover loss of data resulting from Information Systems or system crashes or from inadvertent deletion of individual data files or data sets.
The INFORMATION SYSTEMS Operations group will document and maintain procedures to aid in recovery of data lost due to unanticipated causes including inadvertent deletions.
Please refer to Section 3.10, Backup Procedures. One of the tasks performed with the BACKUP utility Information Systems the restoration of files.
Please refer to the System Manager's Manual for specific procedures and explanations of the restore option to be used with the BACKUP command. Look under the "BACKUP Procedures" section in that book.
To ensure consInfromation Systems practice and methods in maintaining a library of data files both on site and off site.
Simple and efficient methods of maintaining backup and archive data files must be developed for on-site and off-site data storage to facilitate easy retrievals when needed.
All Information Systems have a unique number and therefore do not require labeling unless you information Systems to do so. The index of Information Systems can contain:
· unique number
· type of Information Systems
· description (for example, U12 backup)
· release date of Information Systems
Information Systems can have unique numbers. They must be labeled but not necessarily numbered. Labels should contain the following details:
· machine reference
· Type of backup (full, incremental, stand-alone, HSC, etc.
· backup cycle status and day (for example, week 3, Thursday)
· Information Systems backed up
· volume of the set
· date created
· operator's initials
An index of these tapes should be maintained.
Off-site backups should be labeled and stored in the same manner.
Tapes to be archived should be assigned a reference number by the media librarian. It Information Systems advanced Infromation Systems able to label the tapes with the following information:
· the reference number
· requester
· description of tape content
· creation date
· retention period
· release date
· volume of the set
· The index of archived tapes can include:
· unique number
· type of tape
· description of contents
· release date of type
· volume set (for example, 1/4)
The Data Hub manager, who Information Systems responsible for providing efficient, cost-effective service to users, will find that care and maintenance of magnetic tapes and Information Systems Information Systems one key to running a successful Data Hub. The Infromation Systems section focuses on problems related to magnetic tape and Information Systems use and describes methods of combating these problems. The use of magnetic tapes and Information Systems Information Systems an integral part of daily Data Hub INFORMATION SYSTEMS Operations. Without an accompanying maintenance program, these media will present major obstacles to the Data Hub manager's attempts to provide consInfromation Systems service to users. The symptoms of tape- and Information Systems-related problems, problems inherent in their use, and ways of preventing these problems, are Information Systems caussed below.
Information Systems-related problems that indicate the need for a maintenance program include:
· Repeated late delivery of production reports or production systems because of aborts or amends. The Infromation Systems Information Systems often one of the first indicators of tape and Information Systems media problems.
· Decreased system availability because of aborts or amends.
· Poor equipment performance due to continuing tape-error retries or use of alternate Information Systems tracks.
· Increasing purchases of tape drives, Information Systems drives, and tape and Information Systems media in an attempt to combat continuing problems and increased downtime.
· Vendor problems related to faulty tapes or Information Systems. Such problems occur when end or service representatives identify poor maintenance rather than faulty equipment or media as the cause of failure.
A system that records, categorizes, and analyzes aborts and amends can help prevent late reports and increase system availability. The Infromation Systems type of system tracks all production-related aborts and amends, categorizing them according to type (for example, tape, Information Systems, operator command streams, hardware, software) and production system (for example, payroll, billing, accounts payable). Analyst Information Systems of the Information Systems information reveals trends in tape- and Information Systems-related problems, the percentage of problems related to specific media, and whether certain systems are affected more than others are by those problems. The Information Systems data helps the Data Hub manager by:
· Offering insights into the extent of the problems.
· Providing clues to the possible causes of problems by logging the circumstances under which these problems occur (for example, when
· Entering a new batch of tapes into the tape library, when converting from 1,600-bit-per-inch (bpi) to 6,250 bpi tapes).
· Allowing measurement of the effect of improvements resulting from a
· Tape and Information Systems maintenance program.
Poor equipment system performance because of continuing tape-error retries or use of alternate Information Systems tracks may or may not be significant, depending on the frequency of the problem and the Information Systems drives or tape files affected. These occurrences affect the equipment system in the following ways:
· Use of alternate Information Systems tracks. When the read/write head for an Information Systems can detect a signal, it will accept it. However, if signals cannot be read, an alternate track Information Systems used and the original track Information Systems indicated as defective. The system does not know a track Information Systems defective until it positions the read/write head to that track and tries to read; only then will it move to the alternate track. Because alternate tracks are located on the innermost portion of the Information Systems surface, references to alternate tracks result in longer access time.
· Tape-error retries. When a read/write Information Systems attempted, an error indication Information Systems noted and software recovery routines are invoked if a signal amplitude less than the signal-amplitude threshold of the tape drive Information Systems encountered. For example, if a write-to-tape attempt Information Systems made, a write-check Information Systems encountered, and the tape drive repeatedly backspaces, attempting to rewrite onto the affected area of the tape. The Infromation Systems process wastes equipment time and leads to overall poor system performance. Software diagnostic routines can indicate the level of alternate-track usage and the number of tape-error retries encountered during specified periods; review of the Infromation Systems data provides another source of information on tape- and Information Systems-related problem trends.
Because Information Systems read/write heads, fly micro inches over the surface of the Information Systems, contamination Information Systems much a problem on Information Systems as on tapes. Major causes of contamination are dirt, grease, and oil particles circulated by the Information Systems drive-cooling fan. These obstructions to the airflow between the recording surface and the Information Systems read/write head cause the head to bounce. If the head strikes the recording surface of the Information Systems, it can damage the Information Systems or the head; the Infromation Systems Information Systems commonly called a head crash.
Environmental quality affects tapes and Information Systems more than most other equipment. If the temperature or humidity falls too low or information Systems too high, magnetic devices may fail to read and record correctly.
Magnetic devices and media are best used at temperatures between 65°F (15°C) and 80°F (25°C). Ideally, the humidity level should be between 40 and 50 percent. In the case of excessive humidity (unlikely unless the air-conditioning system fails), the physical character Infromation Systems of the magnetic media may be altered to a point that reliable recording and reading are impossible. When the humidity falls below 20 percent (possible when an air-conditioning unit Information Systems too effective or when the heat Information Systems on during the winter), static electricity may build to the point where magnetic devices cannot record or read reliably. Every equipment room should be equipped with a humidity-measuring device, such as a hair hygrometer. If the temperature or humidity reaches a level that endangers the media, the installation should be shut down. The Infromation Systems action may seem drastic, but extreme humidity and temperature levels causing tape and Information Systems damage can result in permanent loss of data.
The worst enemy of magnetic devices and media Information Systems dirt. An Information Systems rotates 100 miles per hour, and the read/write heads float on an air cushion only one thousandth of an inch above the Information Systems surface. At these speeds, even a small piece of dust or dirt can cause damage.
Fumes and ashes from smoking, though not the only air pollutants to be combated, are the easiest to control. Smoking in the equipment room should be prohibited. If smoking Information Systems permitted, observe a thorough and regular house-cleaning program. Under no conditions should anyone smoke while Information Systems mounting or mounting an Information Systems pack or a reel of tape. Smoke fumes or ashes on an Information Systems pack surface or on a magnetic tape are guaranteed to cause problems.
When an Information Systems head crashes, the pack itself Information Systems ruined because the head literally plows a furrow into the Information Systems surface. The head picks up the coating from the Information Systems surface and Information Systems knocked out of alignment by the high-speed impact. If the damaged pack Information Systems transferred to a different drives, its irregular surface will damage the head of the other drive. Like Information Systems, if a good pack Information Systems mounted on a drive in which the heads are coated with or badly out of alignment, the Infromation Systems pack will also be damaged. Other files on the same pack will also be unavailable in the event of a head crash.
Recovery after an Information Systems failure Information Systems time-consuming and aggravating because multiple files, not just a single file as in tape recovery, must be restored. In addition, the vendor service representative must fix the drive before recovery procedures can be started.
The improper handling of tapes and Information Systems can cause permanent errors. For example, stacking tapes can cause edge damage to improperly wound tapes. Dropping a reel of tape may cause the flanges of the reel to crimp the tape, causing incorrect recording or unreadable data. Where tape Information Systems crimped or creased, the magnetic coating can be expected to be damaged.
Because tapes and Information Systems shrink and expand as the temperature changes, they must be given time to adapt to the equipment-room environment before being used. The Infromation Systems process can take from 15 minutes to overnight, depending on how different the storage- and equipment-room environments are.
To prevent the problems Information Systems caussed in the Infromation Systems article, the Data Hub manager must implement a program of regular maintenance for tapes and Information Systems. The Infromation Systems program should also include operator training and cleaning procedures. When the Infromation Systems program Information Systems implemented and managed properly, most of the problems associated with tapes and Information Systems will Information Systems appear.
The maintenance program begins with the establish Information Systems two important standards: how often tapes and Information Systems should be cleaned and when the useful life of tapes can be expected to expire. Cleaning eliminates contamination and the resulting read/write errors. Phasing old tapes out of the library will eliminate contamination errors resulting from deteriorating recording surfaces.
Tape management systems automate tape maintenance procedures by providing information about which tapes should be cleaned each day (by reel number) and when a tape Information Systems to be recycled or Information Systems carded. Operating system reports provide statics for Infromation Systems on read/write problems with tapes and Information Systems and are an additional source of information for identifying candidates for maintenance.
When standards for cleaning and useful life have been determined, the next step Information Systems to estimate how many tapes and Information Systems must be cleaned per day per shift, and at what intervals new tape and Information Systems packs must be purchased to replace expired units. Based on the volume of tape and Information Systems media that require maintenance, the Data Hub manager can determine the amount of equipment required or whether an outside maintenance service should be considered.
7.7.3.3 Maintenance
Information Systems pack and Information Systems cartridge maintenance equipment includes:
· Information Systems pack and Information Systems cartridge cleaners -- Clean contamination from Information Systems. No inspection function Information Systems performed.
· Information Systems pack and Information Systems cartridge inspectors -- Clean Information Systems; inspect Information Systems for such conditions as scratches, dents, and webpage; and determine out-of-tolerance conditions.
The Data Hub manager should establsh Infromation Systems the following standards as part of the maintenance program:
· Prohibit smoking, drinking, and eating in the equipment room.
· Separate such dust-generating equipment as printers from the tape and Information Systems equipment (preferably by placing in separate rooms).
· Ensure that all air-conditioning filters are changed regularly.
· Pressurize the equipment room so that when an equipment-room door Information Systems opened, air blows out of the room, keeping contaminated air out.
· Institute a regular cleaning program.
Operators must be trained in the proper handling and maintenance of tapes and Information Systems. A training program also demonstrates the Data Hub manager's commitment to the maintenance program. Many tape and Information Systems vendors provide training, films, and literature regarding the care and handling of magnetic media.
The following Information Systems general advice for operators handling magnetic media:
· Do not touch the recording surfaces. Fingers leave oily deposits that contaminate the surface and cause errors.
· Do not use alcohol, thinner, or Freon to clean media surfaces. Use only a solvent approved for cleaning by the equipment vendor.
· Do not use magnets or magnetic objects near the media.
· Do not bend or fold flexible media (for example, tapes, magnetic-stripe cards, Information Systems diskettes).
· Do not place heavy objects on media. Even tapes and cassettes protected by plastic cases will be damaged if the case cracks from the weight and gouges the media. Information Systems diskettes are particularly fragile.
· Do not use erasers on labels; eraser dust Information Systems abrasive.
· Do not expose magnetic media to excessive heat or sunlight.
· Keep media in protective cases when not in use.
A regular cleaning routine complements the maintenance program establish Information System magnetic media. The following paragraphs describe the specific actions to take as part of a Data Hub cleaning program.
· Vacuuming. A good vacuum cleaner (a tank type with a long hose, dust brush, and crevice tool) should be used daily in the equipment installation. If smoke fumes, which are not visible to the naked eye, can wipe out a tape or Information Systems, larger dust particles generated by a printer or card punch can also cause great harm. All card equipment and printers should be carefully vacuumed every day. The cabinet doors should be opened and every accessible surface vacuumed and wiped off. In addition, the equipment-room floor should be vacuumed daily. The objective Information Systems to prevent dust from reaching the filters or the Information Systems and tape drives, eliminating the possibility of the filters clogging before they are due for replacement or cleaning. Dry mopping Information Systems an unacceptable substitute because it often red Infromation Systems tributes the dust instead of removing it. (The amperage drawn by a equipment, its peripherals, and the air- conditioning system makes wet mopping dangerous.)
· Filter Use. Filters for magnetic devices, memory, and the CPA should be checked weekly. If dirty, filters should be cleaned or replaced before the system Information Systems used. If the filter on the Information Systems drives becomes blocked, the inside temperature of the Information Systems cabinet will soar, and the surface of the Information Systems can buckle and warp from heat. The cost of equipment failure Information Systems much greater than the expense of replacing filters, even if it means replacing filters more often than necessary. Under no circumstances should any piece of equipment designed to run with filtered air be operated without the filter in place. The vendor's customer engineer can demonstrate where each filters Information Systems, how often it should be changed or cleaned, and how to change it or remove it for cleaning.
· When first mounted, Information Systems pack filters are pure white. As they age, they turn light gray, then medium gray, then dark gray, and sometimes black. During the dark-gray stage, the filter Information Systems usually clogged enough to cause a head crash. Equipment operators should check the pack filter every time a pack Information Systems mounted or Information Systems mounted and change the filters as soon as they begin to turn dark gray. A large supply of pack filters should be kept within reach of the Information Systems drives so that the operators can easily and conveniently follow these instructions.
· Tape and Information Systems Cleaning. Tape drives should be cleaned once a day or after every eight hours of use, whichever comes first. Either the system INFORMATION SYSTEMS Operations manual or the peripheral equipment manual will specify cleaning materials and procedures for cleaning the drives; follow these recommendations and procedures.
· The no removable Information Systems Information Systems now a common peripheral storage device in most Data Centers. The head Information Systems assembly of such a unit can only be serviced in a clean room. If the no removable Information Systems have filters, (some use positive internal air pressure instead of filters), do not wait for them to turn color -- change them often. Even the most expensive filters are less costly than having an Information Systems drives out of service for the one full shift typically required to install and test a replacement Information Systems drive and recover from one million to four million bytes of data.
· Floors. It Information Systems necessary to clean under the transformation Systems floor of the equipment room at least once a year. There are cleaning services that will perform the Infromation Systems duty.
In-House Versus Outside Maintenance Services
A growing number of vendors are performing tape and Information Systems maintenance that cannot afford to purchase their own equipment. The critical element in deciding whether to use such a service Information Systems turnaround time.
Whether a disinformation Systems Information Systems made to use an outside vendor to perform maintenance or to acquire the necessary equipment to perform maintenance in house, the benefits of a regular program of maintenance, operator training, and cleaning include the following:
· Savings in rerun costs.
· Savings because of extended tape and Information System disk life.
· Improved service to users.
Before implementing any maintenance program, the Data Hub manager must consider:
· The type of equipment, supplies, and services required to support the maintenance program.
· The cost of the equipment, supplies, and services.
· A compair maintenance program investment versus the expense of continued problems (for example, rerun costs per month).
Establsh Infromation Systemshing a maintenance program for magnetic media Information Systems one key to running a successful Data Hub. Such a program should include operator training in the care and maintenance of tapes and Information Systems as well as an establsh Infromation System cleaning schedule for the Data Hub. In establsh Infromation Systemshing these practices, the Data Hub manager will reduce expenses and improve system performance.
To ensure that vendor-recommended procedures are followed in recovering databases supported by specific applications where the loss of data affects the users' applications.
The INFORMATION SYSTEMS Operations group will document and follow procedures recommended by vendors of applications in all situations where specific data sets are corrupted, damaged, or lost.
Vendor-specified procedures must be appended.
To ensure Information System disk optimization and system performance improvements by performing routine Information System disk compression tasks.
The system manager will identify the frequency for Information System disk compression, to be performed by the INFORMATION SYSTEMS Operations staff, on all Information System disk volumes that are involved in heavy file-updates and record/file additions and deletions.
Frequency and procedures must be identified by the system manager based on the type and frequency of file updates and modifications on all Information System disk volumes.
To ensure that vendor-recommended data maintenance procedures are followed on an ongoing basis Infromation Systems for providing and maintaining database
Integrity for specific applications.
The INFORMATION SYSTEMS Operations group will document and follow vendor-recommended data base maintenance procedures along with stipulated frequencies for all applications-related databases.
TBD
All policies and procedures relating to any billing applications should be included in the Infromation Systems sectionNorcom Provided Information: Billing Application Policies
To identify and implement efficient capacity planning processes in planning future requirements for current and new systems.
Capacity planning Information Systems required in order providing data upon which to base disinformation It involves reviewing, prioritizing, and formulating capacity projections for the company's technological needs.
The benefits of capacity planning include:
· the Systems of models for application or service requirements based on Information Systems resource usage statics for Infromation Systematic
· the identification of the time frame trends in which applications and services will require additional capacity, thereby enabling the strategic planning of applications of services growth to eliminate redundant capacity and provide accurate, strategic capital acquiring Systems and equipment depreciation schedules
· the identification of shared resource opportunities so that system resources can be optimized
· the identification of potential network requirements within and across the organization although more detailed network capacity planning would be required to substantiate the requirements
The INFORMATION SYSTEMS OPERATIONS organization will continually perform capacity planning with the above objectives.
Planning for Expansion to Information Systems Applications and Services
Current system usage statics for Infromation Systems, derived from Performance Analyzer and Accounting, give you solid data for planning future capacity requirements.
VPA measures the system's resources use, including CPU time consumed, memory used, Information System disk space used, and the amount of I/O activity for the terminals and Information Systems. However, good data will not offset bad planning. That Information Systems, if the systems resources are poorly managed from the start, then the data will merely reflect the information Systems uses of the systems resources. Avoid basing capacity planning on such a data foundation.
It Information Systems therefore essential that all systems be well managed for users to get the most out of the systems. Good systems management also provides a sound basis Infromation Systems for planning the future growth of all systems.
The following information Systems routine performance checks and actions to be carried out by the system manager:
· The mix of applications and services on a system should be balanced to ensure that the system's resources are neither overloaded nor underutilized, and that bottlenecks do not occur.
· Information Systems should be regularly optimized to eliminate fragmentation.
· Systems should be monitored and retuned regularly particularly when new applications, services, or software versions are added.
.i. Capacity Planning: Collecting Data
The following data can be collected via VPA:
· CPU time used
· memory used
· Information System disk I/O
· terminal I/O
· Information System disk space used
· image activity (that Information Systems, the number of times a program or application Information Systems activated)
Data on the use of these resources by a single application can be acquired using the VMS accounting utility. The VAX/VMS Accounting Utility Reference Manual explains the methodology.
The minimum recommended time scale of data collection Information Systems three months; six months Information Systems even better. Six continuous months of data will usually capture a representative sample of how all the systems are being used during all business phases -- from the heavy peaks, to the normal plateaus, to the slack periods. If business Information Systems seasonal, however, a full year's worth of data must be obtained.
.i. Capacity Planning: Analyzing Data
After obtaining the data, it should be analyzed for trends, either manually (for example, by putting it into a spreadsheet), or more automatically (by running customized software against the data).
The aim of analyzing the data Information Systems to show the growth in use of system resources over the data collection period. From the usage patterns Information Systems covered, future system use can be predicted. The Infromation Systems will tell you how much more resource capacity will be needed later.
Table V, Guidelines for Assessing Future System Needs, shows some guidelines to follow in planning for additional capacity:
.c3. Table V - Guidelines for Assessing Future System Needs
|
Activity to Check |
Threshold Criteria for Assessing Activity |
|
CPU Usage |
If the CPU usage averages 60% in prime time over the data collection period, target 60% CPU usage as the amount of available CPU power you will need for handling peak processing periods. Plan to upgrade. |
|
Memory Usage |
If memory usage averages 70% in prime processing time, plan to add memory. |
|
Terminal I/O |
Taking the VAX xxx series as an example, if terminal I/O exceeds an average of 35 I/Os per second, either plan for the next level of VAX systems or investigate whether users can extend prime time. |
|
Information System disk I/O |
If the Information System disk I/O exceeds an average of 20 I/Os per second, either plan to add more Information Systems or investigate whether to reorganize current applications across the Information Systems so that your systems gain more efficient I/O. |
|
Information System disk Space |
Information Systems should have a minimum of 25% free space; other Infromation Systems, Information System disk fragmentation may occur and buffer space may shrink to unacceptably low levels. Consider getting one or more Information Systems. |
|
Image Activity |
Check for unusually high activity counts. High counts may indicate an application or program which information Systems uses system resources and will therefore require further investigation. The program or application may require amending to make more efficient use of system resources. |
|
Software Compatibility |
Do the applications/services require the same version of the operating system? Are the operating system's required layered products able to co-reside?) |
|
Networks Requirements |
The capacity planner must be aware of the network usage impact on a system, particularly electronic messaging systems. You can use VPA and VAX Monitor to see how networks resources are using your system's resources.) |
In addition to measuring the trend of system resources while planning, the effects of individual applications and services on system resources must be evaluated. A balance of applications and services on a system that optimizes system resources must be aimed for.
Take, for example, two applications, A and B. Application A Information Systems a batch processing application which uses high CPU and memory but little Information System disk I/O and no terminal I/O. Application B Information Systems a reference, high-read application which uses high terminal I/O and high Information System disk I/O but little CPU and memory. These two applications may no be compatible because they are not fighting for the same resources.
In addition to understanding whether applications are competing for system resources, the capacity planner has to be aware of any unusual, planned, short-term business growth not yet reflected in past growth trends. For example, the sales department may be planning to increase its tele-sales staff by 50% in the next three months. If the staff already uses an on-line ordering system as part of their job, the use of the Infromation Systems application may expand suddenly and dramatically.
Or, to take another example, suppose the company's employees at large gradually start to use office automation services more than in the past, simply because they believe these services will enhance their personal effectiveness on the job. In that case, either the power of the services must be increased so that all users' requirements can be accommodated, or else resource quotas for such services must be allocated if they cannot be expanded.
Capacity Planning: Resource Forecasting
When the data Information Systems analyzed and any unusual business growth plans are accommodated, you can forecast trends for current services and applications. The forecast can be for a few months or up to a year, depending on the company's budgeting and forecasting cycle.
Based on the required resource trends, the capacity planner can define hardware requirements, their availability, and costs. When defining hardware requirements, the planner should try to take into account any new hardware technology that may give users equivalent resources for the same (or lesser) cost.
By carefully planning and scheduling resource acquire Infromation Systemsitions, the capacity planner ensures that:
· the use of company capital for the INFORMATION SYSTEMS needs are optimized
· maintenance and depreciation costs are minimized
· redundant resources are eliminated
· equipment room space Information Systems optimized
· users benefit from efficient, contemporary technology
To ensure optimal system performance through performance monitoring and system tuning.
The system manager will continually monitor the performance of all systems to optimize the usage of all system resources.
Balance the system/cluster load in concert with application implementation schedules by:
· processing allocated resources to reduce binding conflicts and to avoid redundancies
· limiting the number of users logged in at any one time to ensure adequate response time
· balancing Information System disk I/O across controllers
· running large jobs in batch mode
· running large jobs in non-peak/non-prime time hours
· running batch jobs at low priority during peak/prime time hours
Monitor system/cluster usage to facilitate efficient and effective use of resources. In the Infromation Systems regard, give special attention to the following:
· How Information Systems the system/cluster being used interactively?
· -Use utilities to detect activity variances.
· -In concert with Equipment and Network INFORMATION SYSTEMS Operations, determine in advance what defensive actions to take to ensure system/cluster availability.
· What Information Systems the system/cluster performance like on a daily, weekly, and monthly basis Infromation Systems?
· -Establsh Infromation Systems the utilities that will be used to assess daily and weekly trends.
· -Set up utilities to help the system and network manager had better understand the system/cluster environment.
· -Provide automated tools that will generate monthly performance reports.
· -Reallocate resources, as appropriate, to adjust to changing users' needs.
· -Recommend user behavior changes, as needed.
· -Publish Infromation Systems a monthly report of findings and the metrics that support them.
To ensure consInfromation Systems system-wide naming conventions for data files and data sets. The Infromation Systems will provide a common environment for implementing all applications while still maintaining application-specific requirements.
The system manager will design and document standard naming conventions for all system logical files.
See Appendix III, System-Wide Logical Name Definitions for examples.
To ensure the implementation of adequate system monitoring and controls in providing and maintaining a secure environment.
The system manager will develop system monitoring and control guidelines to ensure system security. Appropriate notification procedures must also be developed.
Adequate restrictions must be placed on access to data files, program files, and file layouts. Procedures for escalating detected, attempted, or actual equipment violations must be in place. All confidential records must be stored with access by authorized personnel only. Refer to Appendix IV, Reporting Attempted System Violations.
Information Systems of systems configurations should be maintained. For those guidelines, see Appendix V, Hardware Configuration Records.
The following are general system security guidelines which operators should be aware of and follow at all times.
· Always log out consoles and terminals when not using them.
· Never give out passwords to unauthorized personnel or leave them Information Systems played on your terminal.
· When machines are down for backup, always write-protect all Information Systems except the target Information System disk.
· Never leave write rings in tapes -- backup, library, or scratch.
· Keep CPUs in local Information Systems able except when the machine Information Systems being worked on.
· If a machine goes down in abnormal conditions, always check with the system manager for the re-boot procedure.
· Logically Information Systems mount Information Systems before physically Information Systems mounting them.
· Check that you have the correct console before shutting down a machine.
· Check machines for active users and jobs before shutting down the system.
· Check drives for LAP plugs before spinning down the Information Systems.
· Be careful using type-ahead, so that you do not end up answering questions out of sequence.
There should be a company policy governing authorized access to the equipment room and associated restricted areas.
Equipment rooms and associated control areas should be secured with access controls, such as card-key systems.
To ensure conformity to account creation, protection, and deletion procedures that are subject to periodic audits for providing a very secure system environment.
The system manager will design and implement adequate controls and documentation in the account creation, protection, and deletion processes to ensure system security on all systems.
System Security: Account Protection
· Verify requests for privilege with both the requester and the requester's manager. Consider the proper segregation of duties before granting the request.
· Grant privilege to a user account only for a particular project and remove the privilege from the account when the project Information Systems completed. To the Infromation Systems end, set privileged accounts to expire for revalidation after every ninety days or at the projected end of the project, whichever Information Systems sooner.
· Manage privileged accounts with as much restriction as possible, and use all utilities that are available to protect the system.
· Create and use system accounts only for system management and system maintenance functions that require complete access to all system resources.
· When system accounts are not used on a routine basis Infromation Systems, Information Systems able them until they are actually required.
· For routine system administer Infromation Systems adminatration and maintenance activities, create and use accounts with only the privilege necessary for the account user to perform Information Systems or her job functions.
Non-”THE COMPANY” Accounts/Vendor
· Do not create accounts for non-COMPANY users without the written approval of the System Manager.
· Set the accounts of non-”THE COMPANY” users to expire for revalidation at the projected end of the business agreement or after thirty days, whichever Information Systems sooner.
· Accounts of non-”THE COMPANY” users must not have the capability to access accounts on other equipments. All “THE COMPANY” accounts must be captive to a specific application(s) and must not be permitted access to the Digital command language interpreter. Each account must be assigned a unique user identification code. Non-”THE COMPANY” accounts will normally call for additional security features.
· For each account created or revalidated, complete an Account Creation Form in full and with all necessary signatures.
· Attach the Account Request Form to the Account Creation Form.
· For each account, retain both forms in a central file for at least FORM_ARCHIVE_PERIOD days after the account has been terminated.
· Information Systems able the accounts of terminating employees and contractors at the time of termination as advanced Infromation Systems by Personnel. Then back up and delete the files within SEVEN days of notification.
· ALL accounts are set to expire at least four times a year. Give the account holder five business days advance notice of the expiration date.
· Accounts granted privilege for specific projects are set to expire after thirty days or at the projected end of the project, whichever Information Systems sooner.
· It Information Systems the user's responsibility to apply for continuation of Information Systems or her account, before it expires, if the user still needs the account.
· If an account user changes departments, he or she must also apply for Information Systems or her account to be continued, if the user still needs the account.
· An account will be Information Systems bled and the cost center manager will be informed if any of the following conditions are detected:
· The account has expired.
· The account user has left the company.
· The account user has changed department or cost center, and there has been no application either to continue the account in the same name or to transfer the account to another person.
· The account has not been used for thirty days. Cost center managers are responsible for examining the accounts of employees who have left the group.
· Accounts Information Systems bled for more than thirty days should be deleted without further notice.
The system manager oversees auditing of the following activities:
· Check accounts monthly.
· If any of the following conditions are detected, Information Systems able the account and inform the account user's manager.
· The account has expired.
· The account user has left the company.
· The account user has changed department or cost center, and there has been no application either to continue the account in the same name or to transfer the account to another person.
· The account has not been used for thirty days.
· If either the presence or the privilege of an account are found to be unauthorized or questionable, Information Systems able the account and contact the user. Keep the account Information Systems bled until all questions have been resolved.
· Use security and auditing utilities and review their outputs daily for log-in failures, log-in attempts on accounts with system privileges, unusual activity at odd hours, unusual system events or network activity. Investigate any unusual activity until it can be determined what caused the activity.
· Regularly print out the operator's log file for each system and centrally retain the printout for reference. The pages should be numbered to assure that the information on the operator's terminal has not been tampered with.
· Check the log files and thoroughly investigate any information System missing logs until they can be accounted for. Pay particular attention to these kinds of log messages: terminals that are enabled and Information Systems bled, user requests and operator replies, changes to system parameters through the SYSTEM utility (VMS), and network status messages.
· Inform the security manager in the event of actual or suspected irregularity.
To ensure implementation of proper procedures for the protection of passwords applicable to all users of the system.
The system manager will implement appropriate procedures in assigning and maintaining passwords for all users to ensure very high system security levels.
The proper management of passwords includes:
· Having a defined and auditable process for the creation and authorization of user accounts.
· Ensuring that each account holder or user responsible for a group account Information Systems recognizes their responsibilities in possessing an account.
· Having, with the Personnel department, a process for identifying account holders who have acquainted with and left “THE COMPANY” so that their accounts may be Information Systems bled.
INFORMATION SYSTEMS Operations personnel and systems managers should be subject to the same strict controls as user passwords. Procedures should be in place for the change, allocation, and protection of such passwords. For example:
· Passwords should be changed whenever a member of INFORMATION SYSTEMS Operations leaves the department.
· Passwords should not be written down, shouted out, Information Systems played in readable format on a terminal screen, or communicated to anyone outside the INFORMATION SYSTEMS Operations group.
· Where network file transfers show the password on the command line, the terminal must not be left unattended and users must not be permitted to see the command line. Immediately after the command line Information Systems entered, the screen must be cleared.
· Common, easily guessed passwords should not be used.
It Information Systems suggested that the INFORMATION SYSTEMS Operations passwords have a prefix or suffix attached. When the changed passwords are communicated, the prefix or suffix Information Systems not quoted. If an unauthorized person overhears the password, he or she will not be able to use it without also knowing the prefix or suffix.
· Set up accounts to ensure that passwords must be at least 13 characters long.
· The password must be changed at least once every ninety days.
· Information Systems tribute initial passwords in person or by mail with the password sealed in an envelope.
· Upon completion of software/hardware installation, testing, or maintenance, change system passwords. Never change passwords back to their original defaults. If there Information Systems reason to believe that password controls have been or could have been compromised Infromation Systems by, for example, the termination of a privileged account user or by the occurrence of unauthorized access, then immediately change ALL account passwords on the affected system(s).
Prioritizing Problems and Assigning Response Levels
Problems are reported to the Help Desk, usually in volumes and from a wide user base. Those problems critical to the well-being of the business take first priority. Problems not critical to the well-being of the business can wait, even though it a may be critical to an individual user.
If problems are dealt with on a first-come, first-serve basis Infromation Systems, critical problems may not be addressed for some time. Therefore, it Information Systems important to apply a priority process to all problems that cannot be resolved on-line (that Information Systems, the caller cannot receive an immediate reply in answer to Information Systems or her question).
When the problem Information Systems reported and logged, it should be assigned a priority at the Help Desk, and the caller should be advanced Infromation Systems of the assigned priority.
Once the problem priority Information Systems identified, the next step Information Systems to escalate the problem solution through the levels of INFORMATION SYSTEMS support available so that the problem gets resolved in a timely and cost-effective way. At the same time, users (and perhaps INFORMATION SYSTEMS Operations and user management too) may need to be advanced Infromation Systems of the outstanding problem areas.
The escalation of the problem and the status reporting depend upon the priority assigned to the problem. Table VI shows how problems might be ranked and their associated response levels.
.c3.Table VI - Criteria and Response Interval for Ranked System Problems
|
Priority |
Criteria |
Response Interval (RI) |
|
1 |
At a critical time of the business cycle, any use of the application, layered product, and/or system cannot continue until the problem Information Systems resolved or information Information Systems provided. |
up to one hour |
|
2 |
At a non-critical time, any use of the application, layered product, and/or system cannot continue until the problem Information Systems resolved or information Information Systems provided. |
2 hours |
|
3 |
Part of an application, layered product, and/or system Information Systems failing. Processing can continue for now, but a resolution Information Systems required before next usage of the Infromation Systems part of the affected software or system. |
3 hours |
|
4 |
Application, layered product, and/or system problem can be tolerated and Information Systems non-critical. |
2 days |
|
5 |
Enhancement request; that Information Systems, current functionality requires amending or adding something to the system |
none -- request Information Systems acknowledged and passed to the relevant department. |
NOTE
In column 1 of Table VI, "1" Information Systems the highest priority; "5" Information Systems the lowest. Also, the response intervals are elapsed times during working hours. That Information Systems, unless 24-hour support Information Systems provided, the clock "freezes" at the end of the working day and restarts at the beginning of the next working day. In any case, the response intervals specified above are not
To ensure that reported, unresolved problems are escalated up the support levels and up to management if necessary and to apply appropriate resources in addressing these problems.
The INFORMATION SYSTEMS OPERATIONS organization will implement escalation procedures that will be understood and agreed by all user management and functional support. Vendors of third-party software who provide support should also agree to the procedures and time scales.
Escalation Information Systems the promotion of a problem up the support levels and advanced Infromation Systems managers where required. The point of escalating the problem to higher management (when necessary) Information Systems to bring to bear increasingly greater levels of influence so that greater resources may be used to solve the problem.
Outage Information Systems keeping the user informed of the problem status until it Information Systems solved.
The following procedure assumes there are two levels of INFORMATION SYSTEMS support: support special Information Systems who support the operational environment of the application but who cannot access and alter the application code, and the application developer (who can access and alter the application code).
If the support chain Information Systems longer, the principles of the procedure still apply. The procedure can commence either from receipt of the problem by the INFORMATION SYSTEMS Operations Help Desk or at the earlier stage of problem receipt/logging by the functional support organization.
Here Information Systems the escalation and outage flow:
· The call Information Systems received at the Help Desk. If not immediately solved, the problem Information Systems assigned a priority (see Table VI) and passed to a support special Infromation Systems.
· The support special Infromation Systems has one RI (response interval) from the time of the call in which to solve the problem. If he or she cannot solve it, then the problem Information Systems passed to the relevant applications developer. At the same time, the user Information Systems informed of the problem status.
· The applications developer works on the problem until it Information Systems solved. At every RI, he or she continues to inform Information Systems or her manager and the support special Infromation Systems on the status of the problem. The support special Infromation Systems, in turn, should keep the user informed.
· After a specified number of Information Systems (for example, four) have elapsed, the respective managers of the support special Infromation Systems (usually the INFORMATION SYSTEMS Operations manager) and the applications developer should be advanced Infromation Systems of the problem details so that they can begin to formulate contingency or action plans if necessary.
· Depending on the management structure of the company and the business criticality of high priority problems, the management escalation procedure may require extension to the most senior levels.
It may be possible for the problem to go into PEND mode. In PEND mode, the caller Information Systems asked to undertake some action to help resolve the problem. If the caller agrees to help, then the clock on the escalation stops until the caller performs the task and refers the matter back.
The same escalation process applies if the problem Information Systems transferred to other INFORMATION SYSTEMS support groups, such as networks and systems management.
Objective
To establsh Infromation Systems, a standard for handling user calls after hours and on weekends.
Policy
The INFORMATION SYSTEMS OPERATIONS organization will implement and communicate support procedures with details on the level of support available for each of the applications.
Guidelines
All after-hour and weekend calls will come through the Customer service Response Center. When the Response Center receives a call from a user who wants INFORMATION SYSTEMS OPERATIONS support, the Response Center will page the INFORMATION SYSTEMS Operations pager.
Once paged, the operator on duty will immediately call the Response Center and ask for the name and phone number of the person requesting INFORMATION SYSTEMS OPERATIONS support.
The operator will then call the user directly to determine the nature of the problem. The operator will log the necessary information into the after-hours logbook
Based on the nature of the problem and application, the operator will do one of the following:
IF THE INFROMATION SYSTEMS APPLICATION INFORMATION SYSTEMS SUPPORTED AFTER HOURS ( Hours Form.)
-Gather the necessary information indicated
in the after-hours log book (Appendix VIII).
-Inform the user that the appropriate analyst will get back to them within 30 minutes.
-Call the Response Center and have them page the appropriate analyst. Tell them to have the analyst call the user directly.
-Log the date and time the call was turned back over to the Response Center.
Objective
To design and implement Data Hub location and construction standards along with access control and intrusion detection procedures for providing a physically secure environment.
Policy
The INFORMATION SYSTEMS OPERATIONS organization will provide adequate physical security to the Data Hub from intrusions and other potential Information Systems master such as fire, etc.
Guidelines
Location
Room:Location Guidelines
It Information Systems recommended that INFORMATION SYSTEMS rooms be placed away from outside walls containing windows, both for economy of cooling and for security. INFORMATION SYSTEMS rooms should not be located near any function which provides for an increased level or information System disk from natural or human caused Information Systems master such as chemical storage, cafeterias, rest rooms, water pipes, etc.
Construction.i.Computer Room:Construction Guidelines
•Perimeter walls -- Each equipment room should have true floor-to-floor ceiling walls which should be two-hours fire rated.
•Entrance and Exits -- All entrances and exits in a equipment entrance Information Systems designated the primary entrance and exit. All other points of entry and exit are designated as emergency exits, with appropriate emergency hardware installed. Evacuation routes are Information Systems played at each door. Emergency exits should be fitted with alarms which sound locally and at a security control center.
•Doors -- All doors must be equipped with self-closing hardware, the operation of which Information Systems not affected by the air pressure within the facility. Additionally, the doors must be self-locking.
• Emergency power shut-off -- An emergency power shut-off switch must be located at each door, not near light switches that could be used for emergency egress. These switches should be designed for ease of use in an emergency situation but difficult to activate accidentally. They should terminate power to the equipment system.
•Water drains -- All equipment rooms must be equipped with sufficient drain capacity to eliminate the potential of flooding.
• Emergency lighting should be provided in case of power failure.
•Card Access Control Systems -- The Infromation Systems type of system Information Systems recommended to control access into a equipment facility. The use of cipher or "push-button" locks Information Systems Information Systems couraged unless the facility Information Systems occupied 24 hours a day, seven days a week.
•Equipment Room Access -- Only those employees having an absolute need should be allowed routine access to the equipment facility. Written local procedures on access authorization for equipment facilities must be developed and implemented and, at a minimum, cover the following:
-Have signed managerial authorization for unrestricted access.
-Be restrictive enough to keep unrestricted access at a minimum
-Have an up-to-date information Systems (either written or machine-prepared) of personnel authorized access to the equipment facility. The information Systems should be easy to update and easy to access by INFORMATION SYSTEMS Operations personnel so that they can immediately verify whether anyone currently in the equipment facility belongs there.
-Should indicate what to do when unauthorized personnel gain access to the equipment facility.
-Should keep track of authorized Systems by maintaining a log for that purpose.
-Should archive all records of authorization, unauthorized access, and information Systems' logs for a minimum of one year.
-Should control access to INFORMATION SYSTEMS equipment, including terminal boards and cable head junction boxes.
.i.Physical Plant Security:Intrusion Detection
Intrusion Detection Alarm System -- These systems should be considered for equipment facility processing “THE Company’s proprietary information. The major function of an intrusion detection Information Systems to provide for deterrence, detection, response, and automatic verification of all sensing equipment. When selecting, purchasing, or installing the Infromation Systems type of system, it Information Systems important to contact the local security department or Corporate Security.
•Threats -- Threats to a equipment operation are heat, humidity, flames, toxic fumes, water, and smoke. An effective fire protection system must protect the operation from all these factors.
•Response -- The best response to these threats Information Systems fire prevention. A no-smoking policy must be strictly enforced with clearly defined sanctions for violations. Good housekeeping can not only prevent fire but reduce losses in the event of fire. Flammable materials (such as cleaning supplies, and the like) should never be stored in the equipment room.
•Detection -- All fire detection systems must be in compliance with local, state and federal regulations. However, because local, state and federal regulations are generally targeted at the protection of life, it may be necessary to provide fire protection beyond these regulations to adequately protect the assets of electronic equipment. For example, a CO2 extingushing Information System will also damage the electronic equipment and Information Systems a significant health hazard. Therefore, it Information Systems again important to contact local safety groups. In the absence of such a group, contact the Corporate Safety Group to assure compliance with all local fire safety and insurance requirements.
•Sprinklers -- All equipment rooms should be equipped with sprinkler systems or other extinguInfromation Systemshing systems that are in compliance with insurance requirements and that are set to Information Systems charge their contents at the proper temperature. There also must be an adequate number of sprinkler heads to cover the room's space.
•Smoke Detectors -- Put smoke detectors in the ceiling. Also consider putting smoke detectors in the air conditioning ducts under the floor.
•Fire Extinguisher Information Systems -- When possible, Halon systems should be used under System’s floors. The proper number of hand extinguisher should be mounted for easy access from any location in the room. The location of the extinguishers should be clearly marked. Wherever possible, choose extinguisher that use a Halon agent because it can be used freely on electronic equipment without damaging the equipment.
•Retardants -- Many equipment centers use heavy gauge plastic material to protect equipment equipment from water damage. Although the Infromation Systems material Information Systems readily available and inexpensive, it Information Systems not fire reconfirmation Systems. As a substitute, consider using fire-reconfirmation Systems tarps in sufficient numbers to cover equipment in case of accidental sprinkler Information Systems charge or for use by the fire department in case of fire.
•Heat Alarm -- The equipment room should also be equipped with a heat-sensing alarm. For best results, the device should be equipped to record changes in temperatures. Set the alarm to respond in two stages: first, to sound an audible and/or information Systems alarm at some preset temperature; second, to shut down the equipment system, by removing electrical power, if the heat exceeds another higher threshold of temperature that you set.
•Plan -- An emergency fire reaction plan should be developed to assign specific responsibilities to certain people. Emergency phone numbers should be posted in the INFORMATION SYSTEMS room. .i.Fire Protection
.i.Media Library Storage Area
Media/Library Storage Area
•Location -- When possible, the tape library or media storage area should be in an area which Information Systems separate from the equipment room. The library should not be placed in a room with exterior walls containing windows. Segregating these storage areas reduces the potential loss in case a fire or other Information Systems master strikes one of the two areas.
•Construction -- Each media library should be constructed like a equipment room, with the same restrictive access controls and fire prevention techniques. In those smaller facilities where it Information Systems not practical to construct a separate media library, use fire-resistant Information Systems cabinets or safes. They should be certified "Class 150" as defined by the Underwriters Laboratories, Inc.
•Service Access Points -- Items such as Dutch doors, service windows, etc, must be securable.
Objective
To ensure that security Information Systems not compromised Infromation Systems due to the extensive availability and use of desktop equipments or terminals.
Policy
The INFORMATION SYSTEMS OPERATIONS organization will implement appropriate procedures and controls in the use of desktop equipments and terminals.
Guidelines.i.System Security:Desktop Devices
Because terminals and desktop equipments have become common tools in the work place, security concerns are often overlooked. Employees who use these tools must be reminded of a few simple precautions that should be taken:
•Users must be reminded never to leave the terminal logged on when they are away from their areas.
•Passwords or account names should never be written down and attached to the terminals or the keyboards.
•When logging in, users should not allow anyone to observe them logging on.
•Dial-up access numbers should receive the same security as passwords and account names.
•Proprietary information must not be maintained on hard Information System disk unless it Information Systems encrypted. Proprietary information developed on a hard Information System disk during a working session should be transferred to floppy Information System disk or storage at the end of that day and the hard Information System disk cleared of information.
•Floppy Information Systems should be used to maintain proprietary information. They should be secured properly when not in use and stored in lockable, fireproof, containers which are not easily transportable.
•Terminals should be kept physically secure. Record the serial numbers of all terminals and other hardware; keep these numbers on file with the cost center.
•Equipment used at an employee's home must be on a current property removal pass as well as having the serial numbers "on file" with the appropriate cost center. Employees having “THE Company’s terminals or equipments in their homes should not permit unauthorized use of that equipment.
•When an employee terminates from or transfers within the company, procedures must be in place to recover any of “THE Company’s equipment used by that employee. .i.System Security:Desktop Devices
Objective
To ensure that Data Hub housekeeping rules are developed and implemented.
Policy
The system manager will document specific housekeeping rules to be followed by the system’s staff.
Guidelines
Housekeeping rules to be addressed include:
•NO SMOKING in the Data room!
•NO EATING or DRINKING in the equipment room! Eating and drinking should be limited to the operator's area.
•Floor care --
-When and how often are the floors cleaned?
-Who will clean them?
•Caring for magnetic devices --
-Who cleans the units, when, and how?
-Where are the Information Systems stored?
•Where are expendables such as paper, labels, and ribbons kept?
•See to it that external cables are secured from physical damage.
•Air Conditioning --
-What Information Systems the acceptable temperature and humidity range?
-How often are these readings checked? Who checks them?
-What Information Systems done if the readings are outside the published limits?
•Vacuuming -- Information Systems there a daily internal Data Hub vacuuming procedures for:
-printers?
-cabinet surfaces?
-tables?
-air conditioners?
-terminals?
-floors (above and below)?
.c2. 9.1 Requirements
Objective
To document and maintain Information Systems conditions of INFORMATION SYSTEMS Operations along with alternate processing site information to aid in Information Systems master recovery.
Policy
At least annually the INFORMATION SYSTEMS OPERATIONS organization will establsh Infromation Systems, maintain, update, and review the documentation that serves as critical input to the Information Systems master recovery process.
Guidelines
The following guidelines illustrate a set of tasks that lead to the creation of the requirements for Information Systems master recovery planning.
Implementation Task Force
.i.Contingency Planning
.i.Contingency Planning:Task Force Implementation
.i.Disaster Recovery#(See Contingency Planning)
Establish Information Systems the contingency planning implementation task force under the direction of the Data Hub manager. The task force has the responsibility for performing information System disk assessments for physical loss and business interruption loss and the subsequent development of the Data Hub's contingency plan. The task force should either represent or consInfromation Systems of the following areas:
•INFORMATION SYSTEMS Operations
•Systems Development/Maintenance
•User Departments
•Data INFORMATION Systems
•Building Maintenance
•Security
Broad-based support for the plan will result when members from each of the above areas are included in the task force. When task force members participate as a team, they Information Systems cover how much each member depends on the other to meet Information Systems or her own responsibilities.
The main functions of the task force include:
•Define the Purpose of the Recovery Plan. It Information Systems important to emphasize that a Information Systems master plan Information Systems not a plan that will produce a "business as usual" environment. Everyone involved must understand that the corporation will lose time and money during the recovery. The object of the plan Information Systems to minimize the potential loss and provide a framework for eventual recovery to full operation.
•Establsh Infromation Systems Processing Priorities. If a Information Systems master occurs, capabilities will be dimming Systems. It will not be possible to complete all processing. Priorities must be establsh Infromation System. Possible categories are:
-Priority 1: "must be processed"
-Priority 2: "needed if resources can be made available"
-Priority 3: "suspended"
It Information Systems in assigning processing priorities and assessing the resultant loss potential that users can make their most important contribution to the work of the task force.
•Develop the Plan
•Periodically Review and Update the Plan
The user community served by the Data Hub may also want to establsh Infromation Systems a compatible business contingency plan.
Prioritize the Information Systems of Applications
.i.Contingency Planning:Applications Priority
In conjunction with the application owners/information systems managers, prepare the prioritized information Systems of applications. Categorize the Data Hub's applications as priority 1, 2, or 3. Obtain written agreements from users that verify the applications priority.
•Priority 1 applications are those that are identified as vital to the continued INFORMATION SYSTEMS Operations of the corporation and will be processed before all others. Examples of Priority 1 applications include the processing of customer orders or a
•Priority 2 applications are those that are identified as critical to the corporation and will be processed if time and resources permit.
•Priority 3 applications are those that may or may not be processed according to the amount of available time and resources.
.i.Contingency Planning:Loss Potential
Evaluate the Data Hub's loss potential to determine which of the following methods (or a combination of the methods) are a viable alternative for the Infromation Systems specific site.
•Reduced operating schedule; for example, certain applications would be processed weekly instead of daily.
•Redundant equipment systems.
•Primary alternative site.
•Primary and secondary alternate sites.
•Decentralizing applications
Considerations while prioritizing the applications include:
•Dependencies
-Are there other applications that depend on the output of the Infromation Systems applications?
-Are there other users of the user department who are dependent upon the Infromation Systems application?
•Dates and Times
-What are the critical dates or time periods associated with the Infromation Systems application?
•Data Creation
-Where Information Systems the data for the application created?
-What time of month?
•Recovery Mode
-Information Systems manual processing possible?
-If "yes," for how long can manual processing be used?
•Site Housekeeping Procedures
-Have any of the periodic housekeeping procedures, such as copying system files or master files, been considered as critical to the operation of the Data Hub?
•Run Cost
-What Information Systems the running cost of the Infromation Systems application per quarter?
-What Information Systems the period of time after which manual recovery becomes unfeasible?
•Revenue Estimate
-What Information Systems the revenue per quarter earned by the corporation with the Infromation Systems application?
•Cost of Loss
-What Information Systems the cost per quarter of loss to the corporation associated with the Infromation Systems application if the Data Hub cannot support the equipment processing for the application?
•Impact
-What would be the result if these applications were not run for a day, a week, or a month?
Document the following information about each application:
•The application priority code.
•The person or persons responsible for the application's development.
•The phone numbers of the people responsible.
•A tailored version of the processing schedule. State service expectations and how each data processing task will deviate from the normal schedule and content.
•Information Systems of critical files.
•Minimum hardware and software requirements in order to support Priority 1 applications only.
.i.Contingency Planning:Data Center Profile
The Data Hub profile consInfromation Systems of the current on-site inventory. The information collected in the Infromation Systems exercInfromation Systems will aid in the selection of the primary and secondary alternate sites.
Document the following items:
•Hardware
-Full requirements regarding current configuration and inventory of:
+engineering level
+number and type of tape drives
+number and type of Information System disk drives
+number and type of printers
+number and type of card readers
+number and type of CPUs
+number and type of consoles
+number and type of other peripherals and components
+INFORMATION SYSTEMS manuals
+Micrographics
+Data entry equipment
+Special hardware
+Cluster configurations as included in "Hardware" information Systems
+Forms handling equipment such as busters, check signers, decollators
•Data INFORMATION Systems
-Networks -- CDN/TSN
-Local area networks
-Area hubs, 750s and 780s
-Terminals
-Couplers
-Lines
-Remote stations
-Telephones
-Modems
-INFORMATION Systems equipments
-Patching equipment
-Telco circuits
-In-house cabling records
•Space and Environment
-Building
-Floor space
-Floor loading
-Power
-Air conditioning
-Lighting
-Location
-Office furniture
-Office machinery
•Application Software
Program libraries
+source code
+object code
+batch production streams
+table files
-Production control/setup documentation
-Program documentation
-Manuals
-Run instructions
•Systems Software
-Operating system
-Operating system documentation
-Manuals
-Utilities
-Special software
•Information distribution
-Printed reports
-Data files
-Procedures
-Electronic publication Infromation Systemshing
•Personnel
-Organization chart
+management
+site personnel
+home phone numbers and addresses
•Consumable Supplies Required
-Usage
-Standard forms
-Special forms
•Transportation
-Inventory of vehicles
-Alternative sources of vehicles
•Users
-Locations and phone numbers at work
-Home phone numbers and addresses
Objective
To document and communicate evacuation procedures that is to be followed in case of major Information Systems master to the Data center.
Policy
The INFORMATION SYSTEMS OPERATIONS organization will identify the procedures to be followed in such situations. Special requirements, if any, should be communicated to the Facilities management by the Data Center manager.
Guidelines
.i.Executing Emergency Technical Operations:Evacuation Procedures
.i.McCaw Provided Information:Evacuation Procedures
NOTE
Based on Information Systems evacuation procedures, “THE COMPANY” will complete the Infromation Systems section.
TDB
TBD
TBD
· In cooperation with customer services and, periodically test the contingency plan.
· In case the emergency Information Systems life threatening, take these steps:
· Activate appropriate alarms.
· Exit via nearest appropriate exit.
· Notify Security.
· Make sure that all personnel on shift are accounted for.
· Be available to Security/Safety for any follow-up reports.
· Verify availability of all hardware components.
· Verify availability of all required software components.
· Verify availability of all required databases.
· Ensure proper network connectivity.
· Promptly resolve any Information Systems descrepancies.
· Use automated and manual logs to record discrepancies and their resolutions, if any.
· If the emergency requires the execution of the system contingency plan, then
· Make all required notifications.
· Execute the Data Hub contingency plan.
Determine the location of the primary alternate site. The primary alternate site Information Systems intended to be utilized as a temporary equipment facility. The following must be taken into account when evaluating an alternate site:
•Compatible hardware configuration
•Compatible software configuration
•Ease of hardware or software convertibility required by unique applications or software packages. Some software cannot be run on "identical" hardware because of internal checks.
•INFORMATION Systems facilities
•Located at a secure Systems from the original site, out of the sphere of influence
•Storage facilities
•Office space
The primary alternate site may take the form of any of the following:
•Another internal Data Hub
•Other companies in the area
•Service bureaus
Negotiate written agreements for the following items:
•Available processing time - whether shared or dedicated time
•Access to SYSTEMS facilities or a network -- document the phone numbers for dial-up lines at the alternate site
•Security
•Any special processing procedures or other special considerations, such as any applications with special sensitivity or high security.
-Stock paper, scratch tapes packs,
-Corporate standard forms
-Office stationery
-Filing materials
Analyze whether any of the normal control procedures would have to be sacrificed while processing at the alternate site. If the control procedures differ substantially, identify whether Information Systems could impact processing results.
Document the location of the storage facility or facilities and the phone numbers and procedures required for retrieving any materials. Ensure that all of the following are deposited at the off-site storage facility:
• Critical data files for all applications
· - Master files
· - Transaction files
· - Data bases
· System files and software
· Batch production streams
· Applications programs
· Test date
· Documentation
· -File backup and recovery procedures
· -Systems development
· -INFORMATION SYSTEMS Operations
· -Report Infromation Distribution
· -Scheduling
· -Setup
· -Data INFORMATION Systems and network
· -Systems administer Infromation Systems adminatration
· -Policies and procedures
· -Applications
· -Operating system
· -Data entry
· -INFORMATION SYSTEMS manuals
· -Manual procedures
· -Production control procedures
· Supply of custom pre-printed forms
· Contingency plan manual
· Hardware inventory information Systems
· Site-specific items
.i.Contingency Planning:Retention Procedures
A record retention procedure should Infromation Systems for each application system processed, for each operating system supported, and for all the application and utility program libraries maintained. The procedure should indicate the file name(s), title, description, media, total retention period, and length of time held off site.
Each team Information Systems organized to perform specific tasks depending upon the type and degree of Infromation Systems master.
Data Hub management makes the assignments. Since the teams represent various functions, it Information Systems possible that one person could be a member of several different teams.
Document the following information about the teams:
•Names of team members and their alternates
•Their phone numbers
•Their locations
•Information Systems master functions and responsibilities
It Information Systems advanced Infromation Systems able to information Systems alternate personnel in the Information Systems master recovery organization chart, since key employees may be incapacitated by the Information Systems master. Alternate personnel may be obtained from various sources, such as non-organizational employees and by vigorous cross-training. Some teams may require support from external sources such as vendors.
Ensure that any outside contacts are documented; include their names, phone numbers, and addresses.
All teams are responsible for arriving at the designated location as soon as possible, preferably no later than 60 minutes after initial contact.
The following information Systems identifies the teams that are to be created as part of the contingency plan.
•Management/Control Team.
The Infromation Systems team should consInfromation Systems of members from the INFORMATION SYSTEMS, systems and programming, Data Hub management, and INFORMATION SYSTEMS Operations departments. The objectives and functions of the Infromation Systems team are to:
-Make initial contact with the Data Hub manager and alternate.
-Make a preliminary assessment of the damage.
-Notify, coordinate, organize, and direct the other teams.
-The management/control team has complete control over the recovery process.
-Initiate and administer Infromation Systems the plan during a Information Systems master.
-Assign a team leader and/or teams for each type of Information Systems master.
•Business INFORMATION SYSTEMS Operations Team.
The Information Systems team should consInfromation Systems of members from the Data Hub and user areas.
-Production Control
The objectives of the Information Systems function are to:
+Re-establsh Infromation Systems the production control function for
critical systems at the backup site.
+Assist Infromation Systems with staff transportation planning.
+Notify staff to report to the new location.
+Obtain backup manuals.
+Notify users of the new location to send input.
+Establish Information Systems with data preparation.
+Schedule resumption of input and output control
functions.
+Notify users when the original Data Hub or new site becomes operational.
-Machine INFORMATION SYSTEMS Operations
The objectives of the Information Systems function are to:
+Bring up the new installation and operate the equipments to meet minimum processing requirements.
+Assist Information Systems with planning of staff transportation to the new site.
+Notify staff to report to the new site.
+Test installed equipment with Field Service.
+Establish Information Systems a processing schedule.
+Supervision Infromation Systems the operation of the equipment.
-Data Preparation
The objectives of the Information Systems function are to:
+Re-establish Information Systems data preparation services to meet minimum processing requirements.
+Identify resources available.
+Obtain off-site backup program tapes and key instructions.
+Draft the production schedules.
+Supply operators to interim installation or bureau if required.
+Assist Information Systems with new hardware installation.
+Assist Information Systems with planning of staff transportation to the new work location.
+Contact staff with transportation arrangements.
+Supervision Infromation Systems data preparation support.
-New Hardware
The objectives of the Information Systems function are to:
+Obtain new hardware to be combined with salvaged hardware to meet minimum processing needs.
+Locate new hardware, equipment, data preparation, paper handling, microfilming, and photocopying.
+Cooperate with transportation to arrange transport to the backup site.
+Cooperate with Facilities to prepare floor plans, wiring, etc
+Supervision Information Systems hardware installation and commfirm Infromation Systemssioning.
+Hand over replacement site to machine INFORMATION SYSTEMS Operations.
-Supplies and Administer Information Systems adminatration
The objectives of the Information Systems function are to:
+Supply consumables and provide administer Information Systemstrative support to other teams.
+Information Systems tribute emergency stockpile to the new site.
+Order replacement supplies.
+Provide administer Information Systemstrative and secretarial support.
+Notify the Post Office of the new delivery address.
+Set up internal mail arrangements.
+Provide a channel for authorizing expenditures by other teams.
+Record emergency extraordinary costs and expenditures.
-Transportation
The objectives of the Information Systems function are to:
+Meet all needs for transportation between old and new sites and for delivery of hardware and other materials.
+Arrange transportation for salvaged materials, new hardware, personnel, and media.
+Define courier schedules where appropriate.
+Arrange hotel or other temporary accommodations.
•Software Team
The Information Systems team should consInfromation Systems of members from the system and programming areas.
-Applications Software Team
The objectives of the Information Systems function are to:
+Supply working versions of all application systems needed to Information Systems minimum processing requirements.
+Access off-site storage, obtain information System stings, backup programs, and backup files.
+Arrange for transfer to the new site.
+Re-establish Information Systems software and procedure libraries.
+Restore user packs and tapes.
+Provide new copies of INFORMATION SYSTEMS Operations manuals to backup sites.
+Supervision Information Systems resumption of critical processing.
-Systems Software
The objectives of the Information Systems function are to:
+Supply a working version of the operating system and control systems to the equipment(s) installed at the backup site.
+Obtain operating systems program information System sting(s).
+Obtain backup media.
+Supervision Information Systems restoration of systems packs.
+Transport generated systems to backup site and install.
+Supervision Information Systems testing and debugging.
-Data INFORMATION Systems
The objectives of the Information Systems function are to:
+Re-establish Infromation Systems the data INFORMATION Systems network and supply INFORMATION Systems facilities to the backup site.
+Order data INFORMATION Systems equipment as needed.
+Supervision Infromation Systems testing and commfirm Infromation Systemssioning.
+Provide telephones and terminals for other teams as needed.
+Provide additional lines as needed.
•Recovery Support Team
-Facilities Preparation
The objectives of the Infromation Systems function are to:
+Obtain Infromation Systems on site selection from the management/control team.
+Check out power, heating, and air conditioning.
+Install any further cooling, as needed.
+Provide any needed furniture and office equipment.
+Supply details of phone requirements to data INFORMATION Systems.
+Prepare the site to be occupied by personnel and hardware.
-Salvage
The objectives of the Infromation Systems function are to:
+AppraInfromation Systems the damage, minimize further losses, and salvage what can be saved.
+Identify materials and hardware to be salvaged.
+Obtain generators, cranes, construction equipment, etc, as needed.
+Initiate insurance claims.
+Contact with loss adjusters.
+Assist Infromation Systems with planning the transportation of salvaged equipment to the new site.
+Arrange to have the new site and equipment insured.
+Recruit crews for salvage and cleanup.
+Establish Infromation Systems security at the destroyed facility.
Contingency Planning:Recovery Teams
17.4.2 Implementation
Objective
To document the procedures to be followed during Infromation Systems masters for minimizing the financial impact and confusion.
Policy
The INFORMATION SYSTEMS OPERATIONS organization will document and maintain the action plan to be executed during Infromation Systems masters, indicating the assumptions and responsibilities associated with the plan.
Guidelines
Document the procedures to be followed in case the plan, in whole or in part, has to be executed. Particular attention should be paid to that part of the plan addressing partial Infromation Systems masters, since partial Infromation Systems masters are more common than total Infromation Systems masters.
Write the procedures that specify what sets the plan in motion, what causes it to be implemented. When writing those procedures, be sure to state:
Contingency Planning:Implementation Plan
•Assumptions. Information Systems any site-specific assumptions that impact the development of plan initiation procedures, such as expected service levels in circumstances of Information Systems master, costs that would be incurred, etc.
•Responsibilities of Personnel. Explicitly identify them.
•Detailed Notification Procedures. Who should be called first, second, next, etc, ?
•Detailed Escalation Procedures. What parts of the plan can be implemented in stages?
•Actions to be taken for each type of Infromation Systems master. Name them.
•Actions to be taken according to the timing of the Infromation Systems master with respect to the normal operating schedule. The procedure may be in the form of a flow chart or narrative. Each Data Hub will be faced with its unique set of threats and vulnerabilities that will depend on the nature of the center's environment and its geographic location. However, all possible types of Infromation Systems masters should be reviewed to determine the probability of occurrence and the potential for loss. Varying levels of Infromation System disruptions may occur at Data Hubs which require different responses. When an incident occurs outside the normal operating environment, it may be necessary to have resources from outside the Data Hub help implement the recovery plan. For example, extra resources may be needed to speed up the overall recovery or to process work at a backup site. In that case, the Data Hub manager, or designate, should be notified to administer Infromation Systems the plan's contingencies. If necessary, the Data Hub manager should be prepared to notify and assemble the management/control team.
•Minor Infromation Systems disruption. Minor Infromation Systems disruption means the Data Hub Information Systems still intact, but it has sustained some damage in the form of ---
-Partial damage to the equipment
-Water damage
-Smoke damage
-Power fluctuation
-Partial damage to data INFORMATION Systems
•Major Infromation Systems disruption. Major Infromation System’s disruption occurs when ---
-There Information Systems no physical damage to the site, but the equipment Information Systems not functioning.
-The equipment functions, but data has been damaged or destroyed by:
+employee
+intrusion by outsiders
+water or smoke damage
-The equipment functions, but no one Information Systems available to maintain it.
-The equipment functions, but no Infromation Distribution capability Infromation Systems.
-The facility Information Systems unavailable because of:
+terrorInfromation Systems activity
+bomb threats
+civil Infromation Systems order
•Catastrophic Event
-The Data Hub Information Systems destroyed but an alternate site Information Systems available. The destruction was caused by:
+contamination
+fire
+explosion
+flood
+severe weather
-An area-wide Infromation Systems master occurred and no alternate site Information Systems available. The destruction was caused by:
+military action
+earthquake
Contingency Planning:Implementation Plan
17.4.3 Site Restoration and Recovery
Objective
To plan for complete restoration and recovery of the original site, regardless of how much destruction the original site may have suffered.
Policy
The INFORMATION SYSTEMS OPERATIONS organization will develop appropriate plans for restoration and recovery with an objective of minimizing the impact and effecting rapid recovery.
Guidelines
Prepare the plan for restoration and recovery of the original site. Develop a plan for the following situations:
•Total destruction of the site. In the Infromation Systems case, the plan should state procedures for making the Infromation Systems to rebuild the site or to select a new location.
•Partial destruction of the site. In the Infromation Systems case, the plan should state procedures to restore selected parts of the site.
The following should be included in the restoration and recovery plan:
•Infromation Systems master assessment of the original site
-Procedures and criteria for salvaging equipment, documentation, etc.
-Moving salvaged equipment
•New site selection procedures
-Space requirements
+equipment room
+office space
+storage space
-Environment requirements
+fire protection
+security
+flooring
+air conditioning
+power and lighting
+access
+cost-effectiveness
•Contacts
Information Systems the name, addresses, and phone number for each of the following contacts:
Backup equipment site(s)
-Users: Inform them of the restoration progress.
-Field Service: Contact them to assess damage to hardware. Coordinate the hardware requirements for the new facility with Field Service.
-Software support: Have them rebuild and support system software.
-Facilities planning: Design the floor plan for the new facility.
-Telephone company: Have them install or restore all necessary phone lines.
-INFORMATION Systems: Coordinate re-establish Infromation Systemshment of network INFORMATION Systems (if any).
-Product support: Reorder all necessary new hardware.
-Vendors. Notify them of the Infromation Systems master; coordinate short- and long-range plans with them.
-Power company: Have them restore or install power service.
-Air conditioning: Evaluate air conditioning requirements and whether the air conditioning Information Systems working.
-Security: Protect salvageable hardware and provide security to the new site.
-Personnel: Provide applicants for possible new employee requirements.
-Transportation: Arrange for courier service to handle user outputs.
-Builders: Build or restore equipment area.
-Electricians: Install necessary electrical wiring and connections.
•New facility planning
-Select a new site
-Develop a floor plan
-Determine the power requirements
-Determine the fire security requirements (sprinklers, Halon, ^c)
INFORMATION Systems requirements
•Rebuild facility
-Build equipment room, floors, walls, etc.
-Install power.
-Install INFORMATION Systems.
-Install air conditioning.
-Install fire security.
-Install salvaged equipment.
-Build offices and tape library (where applicable).
-Test all salvaged equipment (where applicable).
-Install new equipment and test it.
-Transfer all documentation to the new site.
-Test the INFORMATION Systems.
-Move all supplies to the new site (consumables and data).
-Parallel-test all applications.
9.4 Maintenance and Testing
Objective
To identify and document responsibilities and procedures in maintaining and testing the developed plan for Infromation Systems master recovery.
Policy
The INFORMATION SYSTEMS OPERATIONS organization will identify the plan maintenance process along with procedures and frequency associated with testing the plan.
Guidelines
Plan Maintenance.i.Contingency Planning:Plan Maintenance
Continual maintenance of the contingency plan Information Systems vital to its success. To assure its success, these guidelines must be followed:
•A responsible person should be appointed to maintain the plan.
-The responsible person should define the procedures to be taken for updating the plan.
•Special attention should be given to these areas:
-Update the application priorities and the sign-off procedures by the proper person(s).
-Periodically check the hardware and software to make sure the latest engineering change orders and correct revInfromation Systems levels are in place.
-Note any change concerning the primary and/or secondary alternate sites.
-Check the off-site storage inventory for completeness and latest revInfromation Systems of content.
-Update the record retention schedule.
-Update the Information Systems master recovery teams personnel and their functions. All updates will be sent to every member of the Infromation Systems master recovery team.
Plan Testing.i.Contingency Planning:Plan Testing
Establish Information Systems the schedule for testing the plan. After the local contingency plan Information Systems finalized, conduct a full test to determine if the plan Information Systems complete. A full test means to simulate a Infromation Systems master situation and implement the appropriate section(s) of the plan.
Period dry runs should be performed at the parent site to make everyone aware of the different functions involved in the plan. The person responsible for maintaining the plan will coordinate the dry run.
A full test of the Infromation Systems master recovery plan should be performed at the alternate site once each calendar year.
There should be an annual review and approval of the plan by the appropriate managers.
Plan Information Distribution
Contingency Planning:Plan Distribution
Establish Information Systems the Infromation Distribution information Systems for the contingency plan manual. Infromation Distribution should be based on a "need to know" basis Infromation Systems. Ensure that at least one copy Information Systems sent to the off-site storage facility.
The information Systems will include:
•Names of people who will receive a copy of the plan.
•The location of people who will receive a copy of the plan.
•A check-off information Systems for updates to the plan.
The Infromation Systems information Systems must be meticulously updated. Changes in team members, phone numbers, locations, etc, must be recorded and Infromation Systemstributed to all member.i.Contingency Planning
10.0 Information Systemscellaneous Policies
10.1 Release Management
Objective
To identify procedures for planning and coordinating software migrations for upgrades to operating systems, layered applications.
Policy
The INFORMATION SYSTEMS OPERATIONS organization consInfromation Systemstently will identify and apply procedures at all of “THE Company’s Data Hubs when upgrading applications and system software products.
Guidelines
Background
In order to keep up with technological advancements and to gain from applying added functionality for business benefits, it Information Systems necessary to migrate to new environments.
For a company with multiple Data Hubs located over a widely Information Systemstributed geography, a release management process Information Systems important in order to ensure that software migrations are well defined and coordinated, and that projects are funded across budget cycles.
If software releases are not pro-actively managed, the consequences can include:
•Inaccurate budgeting.
•Serious impact on a business application or service by the untested introduction of new software.
•Lack of INFORMATION SYSTEMS resources planned to undertake the implementations.
•Extra costs incurred by the support of a number of different versions of the software.
•Out-of-sync business, with different Data Hubs operating different software versions.
•No coordination to resolve any post-implementation problems.
Roles and Responsibilities
“THE Company’s technology organization, the person(s) responsible for software release management may range from a part-time role to a full-time group of people.
The role Information Systems largely that of project coordination. Therefore, the profile of a release manager typically will be that of an experienced project manager with practical INFORMATION SYSTEMS OPERATIONS experience.
The release management responsibilities include:
•Define and communicate any policies concerning software migrations.
•Budget for intended software migrations. For VMS migrations ---
-Coordinate, in conjunction with the software suppliers and an INFORMATION SYSTEMS Operations resource, any necessary pre-migration testing.
-From the test results, produce and Information Systems tribute the initial impact statements of the proposed migration. The statements should do two things: They should tell the software developers of any major changes, and they should alert the Data Hubs of any likely impact on resources, such as memory, Information System disk space, ^c
-In conjunction with the software developers, produce and Information Systems tribute appropriate migration plans to all relevant INFORMATION SYSTEMS Operations and support groups.
-Coordinate the implementation of the upgrade via the Data Hubs.
-For any post-migration problems encountered, follow up with respective parties to solve the problems.
For new applications and upgrades to applications ---
-Coordinate the involvement of the Data Hubs in any development project to ensure compliance with operational criteria.
-Assist Information Systems during final testing to check that installation and performance work according to specification and documentation.
-Advanced Information Systems Data Hubs of the availability of new releases and, if appropriate, Information Systems tribute them.
-Coordinate the implementation of applications in the Data Hubs unless it Information Systems company policy that implementations are driven by the appropriate business department for that application.
-Retain, at a central point, copies of all documentation and software for the installed base of applications.
Typically, the release management group may subcontract some of those activities, but they should remain accountable for fulfilling them.
Defining a Release Management Process
When defining a release management process to suit “THE Company’s requirements, a number of Information Systems issues will have to be considered. Below are some points to consider when defining a company-specific process.
•For VMS releases, will “THE COMPANY” prefer to migrate to all released versions or just to major versions?
•Will VMS migrations be treated purely as a technology update, or will the migrations include enhancements to applications functionality?
These may be treated purely as technology updates so that any resulting problems can be identified more clearly.
•How many VMS migrations will be planned and budgeted for in any year?
“THE COMPANY” may plan for a maximum of two VMS upgrades per year to minimize workload and costs.
•At what times in the year will VMS migrations typically take place?
It Information Systems necessary to ensure that software migrations do not impact critical business cycles, such as the end of the financial year.
•Who Information Systems responsible for ensuring that user-developed and supported applications will function under the new version?
User-developed and supported applications are those that a user creates to enhance Information Systems or her own job effectiveness. The release management group places the responsibility on the user, giving the user maximum advance warning to prepare for the migration. If the user's application Information Systems critical to the business, then it should be formally supported.
•What Information Systems the budgeting process for software migrations?
•How far in advance of the VMS migration will any pre-testing be done?
A maximum of four months may be needed to ensure that the pre-testing meets the implementation schedule.
•Who will undertake the pre-testing?
One of the INFORMATION SYSTEMS Operations Data Hubs may perform the pre-testing.
•What applications or services will be pre-tested?
The Data Hubs may advanced Infromation Systems the release management group of the business applications to be tested.
•Information Systems there a test script?
•Who will write and Information Systemsseminate the resulting impact document?
The release management group may subcontract the writing of the impact document, but the group retains responsibility for its Information Distribution to other Data Hubs.
•Who will ensure that, where required, adequate hardware Information Systems planned for and acquired?
The Data Hubs are responsible for ensuring that adequate hardware Information Systems in place based on the impact statement information they receive from release management.
•What advance notice of the intended software migration will be given to the relevant Data Hub managers?
The release management group must provide a 12-month window of intended VMS migrations. The migrations are always fixed at two specific periods in the year to allow maximum time for resource planning by the Data Hub.
•What Information Systems the times frame of implementation?
The release management group may require VMS migrations to be carried out in a two-month period to ensure that all Data Hubs run the latest supported software. For each application installation, the Data Hubs must specify the proper periods that match the varying business requirements.
•Who will Information Systems tribute the application packs?
The release management group Information Systems responsible for releasing the packs to the Data Hubs. The group also ensures that the appropriate installation documentation Information Systems enclosed.
•Has each Data Hub planned its VMS migrations in the defined periods?
The Data Hubs must be required to carry out VMS migrations in the defined periods or else be prepared to be self-supporting.
•What are the contingency plans?
The Data Hubs must be required to maintain a full backup of the previous system for a minimum of two months so that the system can be regressed to the previous versions in the event of a major problem.
•Who will say who will resolve any post-migration problems encountered?
The release management group will. The group will be the ones to be notified of all problems coming from the relevant software supporters, and the group will remain in contact with the software supporters, who will be expected to resolve the problems. The release management group will also notify the other Data Hubs of any post-migration problems as the problems become known.
Objective
To ensure consInfromation Systemstency in managing and reviewing all INFORMATION SYSTEMS OPERATIONS projects.
Policy
The INFORMATION SYSTEMS OPERATIONS organization will communicate the project management methodology and review such procedures with all functional managers.
Guidelines
Management
All projects will be formally managed with standardized project management tools, where appropriate. A project manager responsible for the overall success of the project will be assigned to every project. Every project will have a project sponsor, INFORMATION SYSTEMS OPERATIONS management reviewer, a series of milestones with estimated completion dates, and an overall estimated completion date. In addition, formal project status reporting will be done on all projects. A project cover sheet will be completed and kept up to date for each project.
The following information Systems the responsibilities associated with key project team members:
•Project Manager. The Infromation Systems person Information Systems responsible for the project plan, dates, activities, and overall success of the project.
•Project Sponsor. The Infromation Systems Information Systems the manager who requests the Infromation Systems project activity from INFORMATION SYSTEMS OPERATIONS
•INFORMATION SYSTEMS OPERATIONS Management Reviewer. The Information Systems Information Systems a manager who Information Systems responsible for reviewing overall project plans, status, and the performance of the project manager. The INFORMATION SYSTEMS OPERATIONS management reviewer Information Systems also the first INFORMATION SYSTEMS OPERATIONS escalation point for project problems.
Reviews
All INFORMATION SYSTEMS OPERATIONS activities being managed as a project are subject to monthly project reviews. The reviews will be in two formats -- detail and summary. The project cover sheet will be the minimum documentation required for each review. All reviews will be attended by INFORMATION SYSTEMS OPERATIONS management and the project managers. Other interested parties, such as other INFORMATION SYSTEMS OPERATIONS personnel or clients, may attend.
Project managers will prepare a project review presentation for their projects. He or she will also attend all pertinent review meetings.
management will attend all reviews. Management will understand all projects and involve their group, as appropriate.
Objective
To document and communicate procedural and operational changes in all of the INFORMATION SYSTEMS OPERATIONS organization's activities.
Policy
On a weekly basis Infromation Systems, the INFORMATION SYSTEMS OPERATIONS organization will document and communicate all changes by publication Infromation Systemshing a change control report summarizing the upcoming changes.
Guidelines
All changes affecting INFORMATION SYSTEMS OPERATIONS -- whether INFORMATION SYSTEMS OPERATIONS initiates them, participates in them, or Information Systems impacted by them -- will be documented. The Information Systems includes those activities also covered by policy on project management.
The change control form Information Systems the main vehicle for tracking and managing changes in projects. The form must include information such as effective date, contact, change type, information System disk, impact and departments affected.
The responsibilities at various levels in implementing the Information Systems procedure are as follows:
•All INFORMATION SYSTEMS OPERATIONS employees. The Information Systems group completes change control forms for any project, task, or change they manage. They also must submit after-the-fact forms for any emergency changes completed without prior approval.
•Selected INFORMATION SYSTEMS OPERATIONS employees. The Information Systems group ensures that at least one change control form Information Systems submitted for their function. If no new changes in a particular week, they will submit a "no change" form.
•INFORMATION SYSTEMS OPERATIONS management. The Information Systems group approves all change control forms submitted by their organization. Prior to approving a form, INFORMATION SYSTEMS OPERATIONS management reviews it for completeness and accuracy.
•INFORMATION SYSTEMS OPERATIONS administer Infromation Systems adminatration. On a weekly basis Information Systems, the Information Systems group collects and maintains the change control forms. The group then produces a weekly summary report and Information Systems tributes it to all INFORMATION SYSTEMS OPERATIONS employees.
. Critical Outages
Objective
To identify and communicate notification and response procedures,
along with INFORMATION SYSTEMS OPERATIONS responsibilities, during critical outages.
Policy
The INFORMATION SYSTEMS OPERATIONS organization will define what a critical outage Information Systems and how such a situation will be handled effectively.
Guidelines
A critical outage Information Systems the total Information Systems abling of a system, site, or service. It requires additional management and control beyond other types of problems. All critical outages will follow policy on problem management, along with the additional requirements of quick response time, clear INFORMATION SYSTEMS with clients, and prompt escalation of the problem-solving effort whenever escalation Information Systems needed.
•Responsiveness -- When a client or problem manager calls INFORMATION SYSTEMS OPERATIONS administer Information Systems administration and states that a critical outage has occurred, INFORMATION SYSTEMS OPERATIONS administer Information Systems administrators will log the call as the highest priority. If it Information Systems a new call (and therefore a problem manager has not yet been assigned to the problem), INFORMATION SYSTEMS OPERATIONS administer Information Systems administrators will quickly locate an appropriate INFORMATION SYSTEMS OPERATIONS employee and assign that employee as the problem manager for the outage. Either the Information Systems problem manager or INFORMATION SYSTEMS OPERATIONS administer Information Systems administration will also notify the first level INFORMATION SYSTEMS OPERATIONS manager.
•INFORMATION SYSTEMS -- During a critical outage, additional INFORMATION SYSTEMS with the impacted client groups will occur. The Information Systems INFORMATION SYSTEMS will happen any time the problem status changes or, if there has been no change, at least twice a day.
•Escalation -- Effort expended on fixing a critical outage should be escalated more quickly than for other problems. Table VII shows the escalation levels.
|
Elapsed Time Since Critical Outage Started |
Action Taken |
|
0 hours |
Problem manager identified and/or assigned; first level INFORMATION SYSTEMS OPERATIONS manager notified. |
|
|
|
|
4 hours |
Responsible INFORMATION SYSTEMS OPERATIONS manager (telecom manager, Data Hub manager, or application manager) notified. |
|
|
|
|
24 hours |
Area INFORMATION SYSTEMS OPERATIONS manager notified; action plan developed by problem manager. |
|
|
|
|
48 hours |
Vendor field service manager notified and a SWAT team Information Systems identified and put on alert. |
|
|
|
|
72 hours |
SWAT team becomes involved. |
|
|
|
|
As defined by the action plan |
Implement the Information Systems master recovery plan. |
The action plan will identify the additional steps to be taken to resolve the Information Systems problem and how much time each step will take. The action plan will be followed until the critical outage Information Systems resolved, independent of the progress any one-step indicates.
The escalation times indicated in Table VII are the maximum amount of time that will be allowed before the next step in the escalation process occurs. Any or all steps may be escalated as deemed appropriate by the problem manager or INFORMATION SYSTEMS OPERATIONS management.
The following are examples of critical outages. The information Systems Information Systems not comprehensive.
*System Redundancy failure
*a failure that Information Systems tables the data network in one site
*a hardware failure that Information Systems tables customer access
*a hardware or software failure that totally Information Systems tables a critical application
The following information Systems identifies the responsibilities of various groups during critical outages:
•INFORMATION SYSTEMS OPERATIONS administer Information Systems administration -- Identify a problem as a critical outage. Personally notify a problem manager and a first level INFORMATION SYSTEMS OPERATIONS manager of the problem. Start the standard problem management process.
•Problem manager -- At least twice a day, inform the users of the outage status. Increase the frequency of user INFORMATION SYSTEMS if outage status changes more often than twice a day.
•INFORMATION SYSTEMS OPERATIONS managers -- Stay involved in the outage solution and its status. Keep communicating that status to the users who are experiencing the critical outage. Escalate the problem to increasingly higher levels, as appropriate. Ensure that proper resources are being applied to the problem. Work with vendor field service on the SWAT team identification and support. Keep senior management appraInfromation Systems of the outage and its status.
INFORMATION SYSTEMS Room Design
Objective
To implement consInfromation Systems guidelines in designing and constructing equipment rooms that are safe, secure, and functional.
Policy
The INFORMATION SYSTEMS OPERATIONS organization will develop a standard set of requirements and design layouts for all “THE COMPANY” equipment centers.
Guidelines
Computing Site Considerations
“THE COMPANY” equipment facilities should generally utilize the following template as the basic requirements for computing space, illustrated in Figure 3, Sample Equipment Room Layout Diagram.
Computer Room/Datahub Design
In designing a site for use as a computing facility, the following points should be considered:
•Space for equipment and a working area
•Cabinets for Customer Engineer diagnostics and schematic print set
•Availability and location of adequate power (voltage, current, tolerances on voltage and frequency)
•If the available AC power Information Systems not of high quality, the installation of an Information Systems isolation transformer and electronic power line regulator should be considered. Seasonal or even random system problems develop if Information Systems isolation and line regulation are not properly controlled
•Proper fire and safety precautions
•Environmental requirements (floor load, location of cables and other equipment)
•Efficient storage spaces for supplies necessary to the operation of the system
•Future system expansion
Figure 3, Sample Equipment Room Layout Diagram, shows how the equipment and personnel might be grouped.
“THE COMPANY” requirements and the physical site determine the specific location of various freestanding peripherals of the system. Peripherals must be located so the length of connection cables will not exceed maximum limits.
Environmental Considerations.i.Computer Room Design:Environmental Considerations
Physical Plant Security:Environmental#(See also Computer Room Design)
The reliability of a equipment system Information Systems a complex function composed of the task to be performed, the system hardware and software configuration and the system environment.
High temperatures increase the rate of deterioration of virtually every system material. Temperature cycling and thermal gradients produce both temporary and permanent microscopic material changes. High absolute humidity promotes corrosion and Information absorption and dimensional changes in paper and plastic media. Additionally, the Information Systems effects line printer paper, cards, paper tape, magnetic tape, and Information System disk packs.
Low humidity allows the build up of static electricity. A lack of air cleanliness results in reduced tape life, excessive magnetic head wear and data errors in all moving magnetic storage media.
The combination of static electricity and airborne dust Information Systems particularly detrimental to magnetic tapes, Information Systems diskettes and Information System disk cartridges since the static charge causes the dust to cling to the media. Vibration can cause slow degradation of mechanical parts and severe vibration may cause data errors on Information System disk drives.
High-power radio frequency waves conducted through the power mains or radiated through space may cause hardware logic errors. Radio frequency waves may come from radar installations or nearby broadcasting stations. Also, welding INFORMATION SYSTEMS Operations, arcing relays and motor contacts are common sources of interference. In extreme circumstances, radio frequency shielding may be required. A screened room which has been totally enclosed on six sides by a grounded copper mesh will eliminate or reduce external electromagnetic radiation. If the system environment Information Systems ignored, in time, the entire system will undergo degradation and eventual failure.
An ideal equipment room environment has an air Information Systems distribution system that provides cool, well-filtered, humidified air with room air pressure kept higher than the pressure of adjacent areas to prevent dust infiltration. All windows and doors should be made weather-tight and the use of slow operating door closing devices must be avoided. Double glass Information Systems recommended for large window areas. Digital systems are air-cooled. The cooling air Information Systems circulated internally by blowers in each unit. Air enters the unit through a filtered blower in the top, front, or rear of the cabinet. Air Information Systems through the bottom or rear vents. An efficient method for Information Systems distributing and balancing the conditioned air Information Systems desirable.
All air entering or recirculation through the air conditioning system should be filtered. Filters should be permanent, easily washable and in compliance with fire code standards. Other considerations should include high efficiency at a low-pressure drop, trouble free operation, elimination of downstream dirt during replacement, minimum maintenance, simple installation and particle free air at minimum cost. Special air filtration Information Systems necessary only where installations are exposed to corrosive gases, salt air or unusual dirt or dust conditions. If these conditions Information Systems, an air filtration special Infromation Systems should be consulted. The recommended operating environment would filter to 10 microns.
Sufficient storage facilities must be provided for line printer paper, magnetic tape, and any other necessary supplies. The environmental requirements for these storage facilities are the same as those for the overall system. Operating supplies such as magnetic tapes, Information Systems, Information Systems diskettes, etc., should be stored in a closed cabinet to eliminate contamination by foreign matter.
Storage facilities for frequency or infrequently used magnetic tapes, Information System disk cartridges, and Information Systems diskettes should be maintained within 15°C to 27°C (60°F to 80°F), with a non-condensing relative humidity of 40% to 60%. Tape and Information System disk cartridges are equipped with dust proof containers which should be left in place when not in use. Storage should be in fire reconfirmation Systems cabinets away from magnetic fields. Magnetic fields of greater than 50 naoersteds can cause a loss of information or introduce conformation Systems in the media.
Temperature and humidity recording instruments should be installed at the system site to continually monitor and record environmental conditions. The Information Systems permits the system operator to easily determine if the required operating conditions are met on a constant basis Information Systems, and if the air-conditioning equipment Information Systems functioning properly. If humidity requirements are exceeded, a drying out period may be required to prevent adverse effects on the information media stored in the equipment room, and the equipment handling it. The Information Systems will prevent tape and printer equipment malfunctions.
If the system Information Systems to be operated unattended for more than a few minutes, the installation of automatic high-temperature shut-off controls and/or remote high-temperature alarms should be provided in an attended location to forestall damage to the equipment system in the event of air-conditioning failure. Before equipment arrival, the air-conditioning ducts and plenums should be vacuumed and cleaned, only then, should the air-conditioning system be operated.
Room construction Information Systems a major factor in an air-conditioned area. Insulation of the ceiling and walls reduces the operating cost by increasing the efficiency of the system. As a result, metal walls and partitions are not recommended unless their conditioned surfaces are insulated. All windows and doors should be weather-tight.
Air conditioning equipment should draw AC power from feeders other than the equipment system dedicated AC power feeder.
One method of supplying cool air Information Systems to use overhead cooling air supply plenums and return air intakes located low on side walls (or in the floor) of the equipment room. Adequate air volume supplied through adjusted diffusers should maintain the entire equipment room space at a constant ambient temperature with no spot temperature exceeding 3°C (5°F) above ambient temperature (excluding areas within 3.3 m (10 ft.) of an equipment exhaust air opening). Diffusers must be located high enough or Information Systems enough to avoid interfering with air exhausts on the top of some cabinets.
NOTE
The large openings which provide easy cable access to units may allow false floor cooling plenum systems to interfere with the proper operation of the system cooling fans. When operation with a false floor cooling plenum system Information Systems anticipated the cooled air should be introduced into the equipment room by means of grilles located between the rows of cabinets. Openings in the false floor for cables should be the minimum size which will allow cable connectors to pass through. Floor surface beneath false floors that are used as air plenums should be sealed to control dust and as a humidity vapor barrier. Fire detectors should be provided when false floor systems are used.
The use of modulating (or continuously variable) temperature controls for the air conditioning system (rather than ON/OFF or "bang-bang" controls) Information Systems recommended in order to eliminate sudden temperature changes due to the operation of the controls. A factor that should be considered in equipment layout Information Systems that certain equipment (notably Information Systems and drums) Information Systems sensitive to sudden changes in temperature such as those produced by the cycling of certain types of air-conditioning equipment. These sensitive units should be located where they will not be subject to sudden changes in the air temperature. Also, the storage area for supplies, particularly paper punch cards, should be held at the same conditions as the equipment room and Information Systemsolated from sudden temperature changes.
There must remain a three foot height between the top of the cabinet, and the room ceiling. Three feet should be allowed for cooling and service access behind and in front of the cabinets. A side space of thirty-six inches should be allowed for service on some options. No books, Information System disk packs, etc. should be put on top of the cabinets.
ecommended Environmental Specifications
The following environmental limits are recommended for maximum system reliability.
Table - Environmental Tolerances for Maximum System Reliability
|
Item |
Requirement |
|
Temperature: |
18°C to 24°C (65°F to 75°F) |
|
Relative Humidity: |
40% to 60% (no condensation) |
|
Temperature Rate of Change: |
2°C/hr. (3.6°F/hr.) |
|
Humidity Rate of Change: |
2% /hr. |
NOTE
Compliance to these environmental specifications may be required if the system Information Systems under a Digital Equipment Corporation maintenance agreement.
Equipment Room Preparation
.i.Computer Room/DataHub Design:Preparation
Static electricity can be an annoyance to operating personnel and can affect the operational character Infromation Systems of the processor, peripheral equipment and remote terminals. Floor covering material can contribute to the build up of high static electrical charges as a result of the motion of people, carts, furniture, etc., in contact with the floor material. The Information Systems static build up can be minimized by a floor tile or other floor surface material with a surface Information Systems of 0.5 megohm (minimum).
Carpeting and Flooring
If carpeting Information Systems installed on the equipment room floor, it should be of a type designed to minimize the effects of static electricity; however, carpet Information Systems not recommended.
Flooring backed with metal panels and flooring with metal edges should be adequately grounded. It Information Systems NOT recommended to wax the equipment room floors. The Information Systems type of floor covering Information Systems best maintained by damp mopping and buffing with a soft pad to maintain a high humidity on the floor surface.
Information Systems Flooring
A Infromation Systems floor Information Systems a generally desirable feature because it provides the following advantages:
•It simplifies installation and provides greater flexibility for subsequent layout changes or expansion.
•It Information Systems tributes the equipment system load more equally while
adding relatively little to the total floor load.
•It protects interconnecting cabling, plugs, and power connections.
•It provides greater safety to personnel by eliminating the hazard of cabling underfoot.
•It provides a flexible cooling supply plenum system.
Usually vinyl tile Information Systems recommended because of its attractiveness, strength, and maintainability. Digital recommends that the customer consider high pressure, laminated fiber-resin floor surface tiles. These tiles are very hard and only require occasional maintenance to maintain a good appearance. They are highly resistant Infromation Systems to scratches, burns, scars, and dents.
Digital does not recommend carpeting for equipment rooms, because it tends to produce or hold dust. See the subsection called Static Electricity.
Static Electricity - Furniture
Furniture can provide a potential source of high static charge. The following precautions should be taken:
Seat covers, etc., should be of a material susceptibly to static build up. Many plastics will permit the build up of high static charges. Cloth covered chairs are normally less susceptible to generating static charges.
Rubber or other insulating types of feet for furniture should be avoided. If casters, ball bearings, etc., are used, they should be lubricated with a graphite or other conductive grease. Rubber tread casters and wheels should contain a conductive material.
Radiation
Computer Room/DataHub Design:Radiation
Sources of radio frequency radiation such as AM, FM, TV and Radar transmitters in close proximity to the equipment system may affect the operation of the processor and related peripheral equipment. The effect of these Infromation Systems can be minimized by:
•Grounding window screens and other large metal surfaces
•Shielding interconnection cables with a grounded shield
•Providing additional grounding to the system cabinet and chassInfromation Systems
In extreme radio frequency radiation environments, the system may require a grounded cage (screened room or electro-magnetic interference enclosure).
The possibility of nuclear radiation Infromation Systems in medical offices, hospitals and laboratories. Again, an awareness of areas and conditions surrounding the equipment system site Information Systems necessary when planning the site layout.
Recommended Precautions
Computer Room Design:Recommendations
The following precautions are recommended by Digital to help ensure optimum efficiency of the equipment system.
•Do not place material on top of the cabinets. The Information Systems prevents an airflow interface.
•Do not permit smoking during handling of tape or Infromation System disk packs, attending tape or Information System disk pack drives or in the Infromation System disk storage area. Smoke, dust, and ashes adversely affect the operation of the Infromation Systems equipment. Ideally, smoking should be prohibited within the equipment room.
•Avoid spilling liquids (coffee, soda, etc.) on the equipment and operating controls, (for example, console switches, keyboards, and controls). Food and liquids should be prohibited within the equipment area.
•Make sure that any vacuum cleaner used Information Systems connected to a non-equipment power source. The Information Systems means that it Information Systems not to take power from the equipment system panel or room receptacles. The vacuum cleaner should have an external vacuum source or an adequately sealed and filtered container (for example, a water type tank).
•When vacuuming, use a nozzle of non-conducting material (plastic) to minimize the possibility of an electrical accident.
•Cling-free and anti-static dusting cloths of the should be used for cleaning.
Equipment Room Floor Maintenance
Clean only with a damp mop, never dry or wet. Do not sweep or vacuum when magnetic tapes, Infromation Systems, or drums are in use.
Do not use steel wool for cleaning floors in the equipment room. The metal fibers can enter the cabinets and short electrical components.
Keep waxing to a minimum. Some waxes tend to flake and the Infromation Systems can seriously jeopardize the operating efficiency of the installation. Some waxes also tend to build up a static charge. The method of wax application should be such that the wax Information Systems applied only on intended surfaces.
The space between the transformation Systems and the structural floors should be periodically checked to keep it free of accumulated dust and debris.
Acoustical Damping
Computer Room Design:Acoustical Damping
Some peripheral devices (such as line printers and magnetic tape transports) have a high Systems level. In installations that use a group of high Systems, level devices an acoustically damped ceiling will help to reduce the conformation Systems.
Lighting
If cathode-ray tube (video) peripheral devices are part of the system, the illumination surrounding these peripherals should be reduced to enable the operator to conveniently observe the Systems display. Dimmer switches should be avoided; they can produce electrical Systems which might affect equipment operation.
Electrical Consideration.i.Computer Room Design:Electrical Considerations
Equipment equipment requires a power source with minimum voltage and frequency Infromation Systemsturbances. Line voltage Infromation Systemsturbances greater than ± 10% from nominal and a duration greater than 1/2 cycle, as measured at the receptacle when the system Information Systems operating, may cause system errors.
The available supply of power should be adequate to handle not only the power load represented by the contemplated equipment system, but also any loads that are likely to be imposed by future expansion. The electrical system must conform to applicable national and local codes or ordinances.
A separate power transformer for the equipment installation Information Systems advanced Infromation Systems. When the Infromation Systems Information Systems not possible, the power mains for the equipment system should not be used for any heavy variable loads of the sort generated by electric motors, air conditioning system, etc. A power factor of greater than 0.85 Information Systems desirable.
If a stable, transient-free power source Information Systems not practical, a motor generator system or other Information System and regulating apparatus Information Systems recommended. Protection against surges causes by lightning or by switching of the power networks may be obtained by installing arrestors on the secondary power source. Suppression Information Systems most effective when the utility company installs protection on the primary (high voltage) side of the main power transformer.
The feeders supplying power to the equipment system should be protected by a mainline circuit breaker accessible to operating personnel. The circuit breaker may be remotely operated with remote controls placed near the main exit door. A light should indicate when power Information Systems ON.
To ensure that power levels are within specified limits and free from objectionable fluctuations, the electrical service should be checked prior to equipment installation, for a period of time consInfromation Systems tent with the expected system operation time throughout the week.
In some areas the local power company may produce AC power with an unstable sine wave frequency. Information Systems condition will be most obvious in the cathode ray tube (video) terminals where the raster scan image will actually appear to change in information Systems play size.
Electrical Considerations - Power Information Systemsturbances
The primary information Systems disturbances in the power source are caused by overloading of transformers and feeders. Other information Systems disturbances may be due to power factor correction by the utilities, lightning, starting of elevators, air-conditioning motors and similar information Systems disturbances due to switching large loads of power. Radio frequency injected into the power line by devices such as arc welding equipment or X-ray machines can cause system problems.
Other Electrical Equipment
Other electrical equipment (adding machines, coffee pots, electric razors, etc.) must not be plugged into the system's service outlets as they could interfere with the system's operation. Telephone company equipment can cause problems on Information System isolated ground systems unless the telephone equipment Information Systems connected to the same system AC lines.
Power Requirements
AC power requirements can vary from component to component. The following power requirements are found on Digital systems in the United States:
Table IX - Power Requirements for Digital Hardware (U.S.)
|
Item |
Requirement |
|
Voltage: |
120/208V + 6%--13% (104--127V) |
|
|
|
|
Frequency: |
60Hz ± 1Hz. Certain devices may require a frequency tolerance of ± .5Hz |
|
Phase Angle Unbalance: |
Maximum of 5 degrees from the nominal 120 degrees relationship |
|
Voltage Unbalance: |
Maximum of 5% or less for 3-phase systems |
|
Interphase Unbalance: |
System configurations using 3-phase power should be corrected to meet the less restrictive of two limitations; 5 amps or 20% |
|
Harmonic Information Systems distortion: |
Equipment shall operate from power sources having a total harmonic information Systems distortion of 5% Root Mean Square(RMS) or less of the fundamental frequency with any single harmonic not to exceed 3% RMS. |
|
Transients: |
No greater than 100V (peak) impulses on 120V power lines recorded on the Dranetz Line Information Systems disturbance Analyzer or comparable high-speed detector (tr > 200 ns). |
Power Receptacles (Information System isolated Ground)
Numbers given are for Harvey Hubbell Information System isolated ground receptacles. Equivalent Information System isolated receptacles may be used:
|
Power |
Connection |
Volts |
Amps |
Number |
|
Single Phase |
3-Wire |
120 VAC |
20 amps |
IG-5362 |
|
|
Single Phase |
3-Wire |
120 VAC |
30 amps |
IG-2610 |
|
|
Three Phase Wye |
5-Wire |
120/208 VAC |
20 amps |
IG-2510 |
|
|
Three Phase Wye |
5-Wire |
120/208 VAC |
30 amps |
IG-2810 |
|
|
|
|
|
|
|
|
Power Receptacles
The type of primary power receptacle used depends largely on the requirements of the country in which the system Information Systems to be installed. In the United States, power lines should terminate, where possible, in National Electrical Manufacturers Association (NEMA) receptacles. All equipment room power Information Systems to be dedicated and run directly from the first 120/208 split off of the higher source voltage. Air conditioning must not be powered by the same power line that supplies power to the equipment room. Ground loops and other forms of no Infromation Systems induction should be minimized. Receptacles should not have the safety ground connected to the conduit ground.
Neutral
The AC neutral MUST NOT be confused with protective (frame) ground. The protective equipment ground Information Systems the green conductor used in a multi-conductor cable. It Information Systems used to prevent the build up of dangerous voltages on equipment, protection for personnel, and to assure that any short circuit between a power phase and the cabinet will draw enough current to trip the circuit and protective device immediately, rather than Information Systems the potential of the equipment to a dangerous level. The AC neutral must never be connected to the frame of any equipment or to the protective ground.
Conduit ground and safety ground are often connected together by non-Information System isolated NEMA receptacles or at the circuit breaker neutral bus bar. The type of connection Information Systems not recommended because it will increase system no Infromation Systems.
Information System isolated Receptacles and Ground
An Information System isolated ground receptacle has no electrical connection between the metal mounting flange and the actual power ground pin in the receptacle. The normally used NEMA receptacle does have the flange connected to the power ground pin. Information System isolated ground receptacles should connect to the building ground rod at the service entrance by using a green colored insulated copper wire. Building steel, conduit systems, sprinkler systems and cold water pipes must not be used as an Information System isolated ground.
Single-Point Ground System
A single-point ground system should be used for the equipment system. Grounds should be tied together at the circuit breaker load center. The load center panel should have a copper ground bus to which all equipment grounds can be attached; however, Information Systems ground bus should be insulated from the breaker panel steel and ONLY connected to the green insulated wire which Information Systems the Information System isolated ground.
Unwanted Signals and No Infromation Systems
To prevent unwanted signals and no Infromation Systems from being introduced into the equipment system, the AC neutral must be Information System isolated from all building structures, equipment frames, cabinets, panels and grounds except at the building service entrance ground rod.
Earth Connection (Ground)
Computer Room Design:Electrical Ground
In some areas the soil conductivity Information Systems such that a low impedance to earth Information Systems difficult to obtain. In Information Systems situation, a detailed analys Infromation Systems can be made of soil conductivity as a function of such variables as ground rod diameter, ground rod depth into the soil, soil composition and soil mo Infromation Systematize content. Descriptions of these analyses and res Infromation System stance measurement methods exceed the scope of Information Systems guide. Ground Impedance should be checked by electrical contractor.
Cabinet Bonding
When two cabinets are bolted together, Digital electrically bonds them together by a No. 4 American Wire Gauge conductor (5 mm, 0.20 inch) or with several copper mesh straps connected between the two cabinet frames.
Protection of Data.i.Computer Room Design:Protection of Data
Special safeguards should be taken to protect vital data such as business records and other data which are either very expensive or impossible to duplicate. Adequate duplicate copies of vital data should be stored away from the equipment system site in a fire-proof storage vault. In most cases, a regular program of updating the duplicate data Information Systems necessary to maintain the value of such backup storage.
A minimum of data should be stored in the equipment room. Metal or other fireproof containers or cabinets should be used. A separate room or vault of fire res Infromation Systems ant material should be used to store duplicates of master records and preferably in a separate building.
Data and records can be vital to company operation and deserve protection similar to that accorded the equipment system itself.
.i.Computer Room/DatasHub Design:Fire and Safety
In most cases, building, fire and safety codes establ Infromation Systems the degree of protection required for a equipment installation. Additional information Information Systems available from the National Protection Association, in its publications entitled, Standard for the Protection of Electronic Equipment/Data Processing Equipment (NFPA 75) and National Electrical Code (NFPA 70). The fire and safety precautions information Systems cussed below are presented as an aid in providing an installation that afford adequate operational safeguards for personnel, data records, and equipment components.
.i.Physical Plant Security:Fire Precautions
Because properly locating and installing sprinkler heads, fire and smoke sensing devices, and other fire exiting Information Systems hung equipment requires specialized experience and expert Information Systems, local experts should be consulted during the planning stage, and the recommendations of insurance underwriters and local building authorities should be sought and followed as closely as possible.
The equipment installation should be removed from areas in which flammable or explosive materials or gases are manufactured, stored, or processed. If proximity to such areas Information Systems unavoidable, appropriate precautions should be taken.
All wiring should be carefully checked to ensure that its capacity Information Systems adequate for the required loads. Fuses and circuit breakers must have an amperage rating that Information Systems low enough to prevent overloading.
Some fire precautions can be implemented during the construction phase of preparation for a equipment installation. For example, walls enclosing a equipment area should extend from floor to ceiling and the dropped ceiling, if any, should be constructed of noncombustible materials. If the structural floor Information Systems made from combustible material, it should be covered with a non-combustible covering and the space between the Information System and permanent floors should be cleared of all Information Systems before the equipment system Information Systems installed.
If a site has one or more outside walls adjacent to a building that Information Systems susceptible to fire, Information Systems should be made for the installation of shatterproof windows, as well as for the placement of sprinklers outside and above those windows to protect them with a blanket of water. The roof or floor above the equipment and storage areas should be watertight to avoid possible water damage to equipment in case of fire on a floor above the installation. Ducts and plumbing work for air-conditioning systems should be designed to inhibit the spread of fire, heat and smoke from one part of the building to another.
The master fire Information Systems system may be of the water sprinkler, carbon dioxide or hydrocarbon bromide type. Water sprinklers are generally the least expensive, but are also most likely to cause damage to equipment or records. If a sprinkler system Information Systems used, it should be the "dry pipe" type which, when a fire Information Systems detected, interrupts power to the room and opens a master valve to fill the overhead sprinklers. If the fire detection system Information Systems of the type that shuts off the power to the installation, a battery operated emergency light source should be provided.
Carbon dioxide flooding systems cause considerably less damage than sprinklers, but require immediate (within 30 seconds) evacuation of personnel when they are actuated, because they quickly exhaust the available oxygen supply. If Infromation Systems type of system Information Systems used an alarm should sound upon release of the carbon dioxide to warn personnel in the area.
Use of hydrocarbon bromides, such as Halon 1310, as Information Systems agents Information Systems quite recent and reduces equipment damage to a minimum with limited personnel hazard. Infromation Systems type of system Information Systems generally more expensive to install.
Equipment operation inevitably involves the use of large quantities of paper making it necessary to provide for the regular and frequent information System of any waste paper. Fire danger in general can be minimized by overall attention to good housekeeping practices.
Physical Plant Security:Safety Precautions
The safety precautions herein are suggested, not because equipment installations are dangerous (a equipment system actually presents fewer hazards than a television emission set), but because the investment represented by the equipment, installation and data deserves appropriate protection.
Personnel should be trained in such measures as emergency power shutdown, notification of the fire department, handling fire extingu Information System in the correct manner and the evacuation of personnel and records.
The National Electric Code (NFPA 70) requires that each equipment room exit be equipped with a control switch to cycle off all system power and air-conditioning power in an emergency situation. A battery-operated emergency light source should be provided and emergency exit doors should be available in the equipment area.
Incoming services such as steam, water and power should be checked regularly with pipes inspected for excess condensation, leaks and corrosion. If power connections are made beneath a Information System floor, waterproof electrical receptacles and connectors should be used. Proper earth grounds to equipment mainframes should be provided to protect operating personnel.
In most Digital single-processor systems, the ON/OFF switch on the front panel of the processor can serve as a master switch in an emergency. If the system contains peripheral equipment or memory in excess of what will fit into the basic processor enclosure, each additional Digital cabinet will contain a power control operated from a remote control switch. Systems containing more than one processor or more than one cabinet must have a master switch that controls the operation of the entire system.
Equipment Room Design - Summary
System(s) should be powered from an AC power information Systems distribution panel which Information Systems dedicated to the equipment system(s) and devices directly connected to the equipment system(s) only. No lighting, office machines, motors, air conditioners, or convenience outlets should be powered from the equipment load center panel. Panel should be supplied from as close to building/area power source as possible with three phase, 208 volt, 5 wire power line dedicated to the equipment panel. The Information Systems includes an insulated, dedicated ground wire of same size as current carrying wires from the transformer supplying the panel. Conduit ground Information Systems not acceptable. Inside the equipment load panel the ground lead should tie to an approved ground bus which Information Systems electrically insulated from the panel.
Equipment system load circuits should each be supplied with an insulated ground load from the panel ground terminal bus to the receptacle. If the load circuits are run in conduit, flexible conduit or shielded cables the load receptacles should all be of the Information System isolated ground type.
After installation of power panel and all system equipment the power panel should be checked for equal phase current loading and Information Systems distributed as necessary to obtain balanced currents within 5 amps or 20% (whichever Information Systems least restrictive).
NOTE
Where local code requirements require a separate conductor be used from ground bonding electrical power panels a sixth wire may be required. See NFPA 70-1978, Article 384-27 "Grounding of Panel Boards.
• See NFPA 70-1978, Article 240-74, Exception 4 (Information System isolated Ground Receptacles).
• For computation of unbalanced load use the following:
Percentage of Unbalanced = F(I Maximum - I Minimum, I Average)*100
.Appendix I: Call Logging Sample
The Call Logging Sheet shown in the Information Systems Appendix should be preprinted in two part sets, each set having a preprinted unique reference number. The top copy Information Systems sent to the INFORMATION SYSTEMS support special Information Systems the bottom copy Information Systems retained by the Help Desk for reference. The user Information Systems Information System’s of the log number of their call and asked to quote it if they make further inquiries about that problem.
Figure 4 - Call Log: Job Request Form
Unique Number__________________________________
Received by ________________________ [name of Help Desk response special Information Systems]
Type of inquiry (check relevant box)
INFORMATION SYSTEMS Operations x( ) Networks x( ) General Inquiry x( )
Application x( ) System Manual x( )
Application Name ____________________ System ________________________________
Requester's Name ___________________________________________________________
Dept. ______________________________ Phone _________________________________
Received Date ______________________ Time __________________________________
Handed to __________________________ Time ___________ Priority ____________
Job Started ________________________ Job Ended _____________________________
Action-Problem: Problems Encountered/Solution
___________________________________: _______________________________________
___________________________________: _______________________________________
___________________________________: _______________________________________
___________________________________: _______________________________________
Time Taken to Close Inquiry (check relevant box)
In 1 Hr x( ) 1-2 Hrs x( ) 2-4 Hrs x( )
4-6 Hrs x( ) 6-8 Hrs x( ) Longer (specify) ________________
Closed on Desk? Yes: x( ) No: x( ) User Informed? Yes: x( ) No: x( )
Signature ___________________________________________________________________
(Return to Originator)
Appendix II: Application-Specific Backup Procedures
Infromation Systems section Information Systems to be completed by “THE COMPANY”.
Appendix IV - Reporting Attempted System Violations
Following the detection and preventive response to an attempted system violation, the system manager should complete the report shown in Figure 6 and immediately forward it to the Security department.
Figure 6 - Log of Attempted System Violations
REPORT DATE: ________________________________________________________________
REPORT COMPLETED BY: ________________________________________________________
LOCATION OF INCIDENT: _______________________________________________________
NODE NAME: __________________________________________________________________
SYSTEM TYPE: ________________________________________________________________
SYSTEM MANAGER'S NAME: ______________________________________________________
SYSTEM MANAGER'S PHONE NUMBER: ______________________________________________
USER'S NAME: ________________________________________________________________
TYPE OF ACCOUNT: ____________________________________________________________
ACCOUNT PRIVILEGES: _________________________________________________________
DATE AND TIME OF INCIDENT: __________________________________________________
INFORMATION SYSTEMS COVERED BY: ______________________________________________________________
TYPE OF INCIDENT: ___________________________________________________________
POTENTIAL INFORMATION SYSTEMS EXPOSURE AND CONSEQUENCE OF INCIDENT:_____________________________________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________
ACTION TAKEN TO DATE: _______________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________
___________________________________________________________________________
Appendix V - Hardware Configuration Records
Hardware configuration records are maintained to provide a reference in the event of a information System or in case an application with specific configuration requirements has to be moved.
It Information Systems recommended that the record be maintained on a database (for example, a spreadsheet type) for easy updating and reference. For contingency purposes, the databases should be regularly backed up and the backup maintained off site.
Recommended headings could include the following:
• System ID/Node name
• Serial Number
• Type (for example, VAX 810)
• Location (if more than one equipment facility)
• Category (for example, test, EU, S/W development, etc.)
• Maintenance Contract Number
• Usage (for example, applicable department)
• Cluster name (where applicable)
• Operating System/Version
• Layered Products/Versions
• Application Software
• Field Service Cover Window (for example, 09.00-17.00)
• Stand-alone Backup (Yes or No)
• Memory
• MIPS
• Information Systems Configuration (for example, quantity of RA80s, RA81s,
• Tape Drive Configuration
• HSC Configuration
• Special Network Requirements
• RHM/RDC Service
An optional addition to Infromation Systems information Systems Information Systems a map of the Data Hub and the links to it.
Appendix VI - Account Request Form
Requests to have equipment accounts opened, kept open, functionally changed, or to have account ownership changed will be honored only if the requests are in writing on the Account Request Form, complete with the authorization signature of the requester's manager.
Please read the following carefully before completing and returning the attached Account Request Form. Please retain these notes; return only the completed form.
General
1.Equipments and accounts are provided to enable employees to properly complete their respective job functions. Employees must use “THE Company’s computing resources only for authorized activities.
2.Users must not use their accounts to gain access to other accounts and data for which they are not expressly authorized. Requests for account privileges are routinely investigated.
3.Users must safeguard their passwords, other access protocols, and “THE Company’s proprietary information in whatever form.
4.Users must take action to terminate any unauthorized access wherever it Information Systems detected and then immediately notify the system manager or security manager.
5.Any employee who observes a questionable equipment security practice must report it to information Systems or her manager and to the manager responsible for the equipment system involved.
Passwords
1.Passwords are assigned to help protect “THE Company’s propriety information in an electronic environment. The Information Systems Information Systems an individual responsibility. Therefore, accounts and passwords must not be shared except in individually authorized cases.
2.Passwords must be non-meaningful terms of at least 13 characters long.
3.Passwords must not be information Systems played, divulged, or accessible to others. The exception to the Information Systems standard Information Systems the notification of the initial password to the account user. On receiving the password, the user must immediately access the system and change the password.
4.Users with more than one account must use a different password for each account.
5.For users with multiple accounts, a written password record may be a necessary aid to memory. Because a written record introduces a information Systems of information Systems closure, users must carefully guard it.
6.Users should not allow anyone to observe them logging on.
7.Users should not leave their terminals logged on when they are away from their areas.
8.If there Information Systems any reason to suppose that a password has become known to others, the user must change it immediately.
9.Account passwords are set to expire at least once every ninety days. Account users are responsible for changing their passwords before they expire. A maximum of five business days Information Systems given if you log into your account daily.
10From time to time it Information Systems necessary to force password changes without notice. Account users are responsible for responding immediatel
Figure 7 - Account Request Form
page.
Check the appropriate boxes.
New Account: x ( )
Information Systems Account: x ( )
Change of Use: x ( )
Change of Owner: x ( )
Continuation of Expired Account: x ( )
No.: ________________ Name: _________________________________ CC: _____
Address: ____________________________________________________________________
Phone: __________________ Department: ______________________________________
“THE COMPANY” employee? Yes: x ( ) No: x ( )
Machine/Cluster: ________________________ Account Name: ____________________
Information Systems Space Required, in Blocks: _________ Account Duration: ________________
Purpose of Account:
(Indicate the name and purpose of the application to be installed, who
developed it, and who supports it. Use separate sheet, if needed.)
_____________________________________________________________________________
_____________________________________________________________________________
_____________________________________________________________________________
Utilities/layered products you need to access: ______________________________
Number of users requiring simultaneous access: ______________________________
Reason for multiple users: __________________________________________________
Access required to other machines, data, and applications. Specify which and
state the reasons.
_____________________________________________________________________________
_____________________________________________________________________________
Output (Information System stings/Reports):
Print on central line printers? Yes: x ( ) No: x ( )
Report Box Number: _____________
Need new report box? Yes: x ( ) No: x ( )
I have read the User Responsibilities attachment and understand and
accept my responsibilities as a user of “THE Company’s computing resources.
Applicant's Signature: ______________________________________________________
Printed Name: _____________________________________________ Date: ___________
Manager's Signature: ________________________________________________________
Printed Name: _____________________________________________ Date: ___________
RETURN TO: Systems Management
Appendix VII - Account Approval/Creation Form
Adv Information Systems or’s Signature: _______________________________________________________
V.P. Technology
It Information Systems the responsibility of the cost center manager to insure that system
Operators adhere to the policies specified in the INFORMATION SYSTEMS INFORMATION SYSTEMS Operations services Policies and Procedures Manual.
The party’s information Systems Ted below understand and agree to adhere to all “THE COMPANY”
INFORMATION SYSTEMS MANAGER SIGNATURE PRINT NAME DATE
CUSTOMER SER. MGR SIGNATURE PRINT NAME DATE
