Delivery and Support:

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 16:30, 29 April 2006 by Mdpeters (talk | contribs)
Jump to navigation Jump to search

DELIVERY AND SUPPORT

1 Define and Manage Service Levels
1.1 Service Level Management Framework
1.2 Definition of Services
1.3 Service Level Agreements
1.4 Operating Level Agreements
1.5 Monitoring and Reporting of Service Level Achievements
1.6 Review of Service Level Agreements and Contracts

2 Manage Third-party Services
2.1 Identification of All Supplier Relationships
2.2 Supplier Relationship Management
2.3 Supplier Risk Management
2.4 Supplier Performance Monitoring

3 Manage Performance and Capacity
3.1 Performance and Capacity Planning
3.2 Current Capacity and Performance
3.3 Future Capacity and Performance
3.4 IT Resources Availability
3.5 Monitoring and Reporting

4 Ensure Continuous Service
4.1 IT Continuity Framework
4.2 IT Continuity Plans
4.3 Critical IT Resources
4.4 Maintenance of the IT Continuity Plan
4.5 Testing of the IT Continuity Plan
4.6 IT Continuity Plan Training
4.7 Distribution of the IT Continuity Plan
4.8 IT Services Recovery and Resumption
4.9 Offsite Backup Storage
4.10 Post-resumption Review

5 Ensure Systems Security
5.1 Management of IT Security
5.2 IT Security Plan
5.3 Identity Management
5.4 User Account Management
5.5 Security Testing, Surveillance and Monitoring
5.6 Security Incident Definition
5.7 Protection of Security Technology
5.8 Cryptographic Key Management
5.9 Malicious Software Prevention, Detection and Correction
5.10 Network Security
5.11 Exchange of Sensitive Data

6 Identify and Allocate Costs
6.1 Definition of Services
6.2 IT Accounting
6.3 Cost Modeling and Charging
6.4 Cost Model Maintenance

7 Educate and Train Users
7.1 Identification of Education and Training Needs
7.2 Delivery of Training and Education
7.3 Evaluation of Training Received

8 Manage Service Desk and Incidents
8.1 Service Desk
8.2 Registration of Customer Queries
8.3 Incident Escalation
8.4 Incident Closure
8.5 Trend Analysis

9 Manage the Configuration
9.1 Configuration Repository and Baseline
9.2 Identification and Maintenance of Configuration Items
9.3 Configuration Integrity Review

10 Manage Problems
10.1 Identification and Classification of Problems
10.2 Problem Tracking and Resolution
10.3 Problem Closure
10.4 Integration of Change, Configuration and Problem Management

11 Manage Data
11.1 Business Requirements for Data Management
11.2 Storage and Retention Arrangements
11.3 Media Library Management System
11.4 Disposal
11.5 Backup and Restoration
11.6 Security Requirements for Data Management

12 Manage the Physical Environment
12.1 Site Selection and Layout
12.2 Physical Security Measures
12.3 Physical Access
12.4 Protection against Environmental Factors
12.5 Physical Facilities Management

13 Manage Operations
13.1 Operations Procedures and Instructions
13.2 Job Scheduling
13.3 IT Infrastructure Monitoring
13.4 Sensitive Documents and Output Devices
13.5 Preventive Maintenance for Hardware

--Mdpeters 08:42, 29 February 2006 (EDT)