Co-ordinate and execute the activities and operational procedures required to deliver internal and outsourced IT services, including the execution of pre-defined standard operating procedures and the required monitoring activities.
Deliver IT operational service outcomes as planned.
<?>
<?>
Perform Operational Procedures
Develop and maintain operational procedures and related activities to support all delivered services.
Maintain a schedule of operational activities, perform the activities, and manage the performance and throughput of the scheduled activities.
Verify that all data expected for processing are received and processed completely, accurately, and in a timely manner. Deliver output in accordance with enterprise requirements. Support restart and reprocessing needs. Ensure that users are receiving the right outputs in a secure and timely manner.
Ensure that applicable security standards are met for the receipt, processing, storage, and output of data in a way that meets enterprise objectives, the enterprise’s security policy, and regulatory requirements.
Schedule, take and log backups in accordance with established policies and procedures
Manage Outsourced IT Services
Ensure that the enterprise’s requirements for the security of information processes are adhered to in accordance with contracts and SLAs with third parties hosting or providing services.
Ensure that the enterprise’s operational business and IT processing requirements and priorities for service delivery are adhered to in accordance with contracts and SLAs with third parties hosting or providing services.
Integrate critical internal IT management processes with those of outsourced service providers, covering, e.g., performance and capacity planning, change management, configuration management, service request, and incident management, problem management, security management, business continuity, and the monitoring of process performance and reporting.
Plan for independent audit and assurance of the operational environments of outsourced providers to confirm that agreed-on requirements are being adequately addressed.
Monitor IT Infrastructure
Log events, identifying the level of information to be recorded based on a consideration of risk and performance.
Identify and maintain a list of infrastructure assets that need to be monitored based on service criticality and the relationship between configuration items and services that depend on them.
Define and implement rules that identify and record threshold breaches and event conditions. Find a balance between generating spurious minor events and significant events, so event logs are not overloaded with unnecessary information.
Produce event logs and retain them for an appropriate period to assist in future investigations.
Establish procedures for monitoring event logs and conduct regular reviews.
Ensure that incident tickets are created in a timely manner when monitoring identifies deviations from defined thresholds.
Manage the Environment
Manage Facilities
Examine the IT facilities’ requirement for protection against power fluctuations and outages, in conjunction with other business continuity planning requirements. Procure suitable uninterruptible supply equipment (e.g., batteries, generators) to support business continuity planning.
Regularly test the uninterruptible power supply’s mechanisms, and ensure that power can be switched to the supply without any significant effect on business operations.
Ensure that the facilities housing the IT systems have more than one source for dependent utilities (e.g., power, telecommunications, water, gas). Separate the physical entrance of each utility.
Confirm that cabling external to the IT site is located underground or has suitable alternative protection. Determine that cabling within the IT site is contained within secured conduits, and wiring cabinets have access restricted to authorized personnel. Properly protect cabling against damage caused by fire, smoke, water, interception, and interference.
Ensure that cabling and physical patching (data and phone) are structured and organized. Cabling and conduit structures should be documented (e.g., blueprint building plan and wiring diagrams).
Analyze the facilities housing’s high-availability systems for redundancy and fail-over cabling requirements (external and internal).
Ensure that IT sites and facilities are in ongoing compliance with relevant health and safety laws, regulations, guidelines, and vendor specifications.
Educate personnel on a regular basis on health and safety laws, regulations, and relevant guidelines. Educate personnel on fire and rescue drills to ensure knowledge and actions taken in case of fire or similar incidents.
Record, monitor, manage, and resolve facility incidents in line with the IT incident management process. Make available reports on facilities incidents where disclosure is required in terms of laws and regulations.
Ensure that IT sites and equipment are maintained according to the supplier’s recommended service intervals and specifications. The maintenance must be carried out only by authorized personnel.
Analyze physical alterations to IT sites or premises to reassess the environmental risk (e.g., fire or water damage). Report results of this analysis to business continuity and facilities management.