INFORMATION SYSTEM OPERATIONS AND MAINTENANCE

CHAPTER 1 AND 2: INFORMATION SYSTEMS OPERATIONS

INFORMATION SYSTEMS OPERATIONS

➢ IS (Information System) operations are in charge of the daily support of an

organizations information system hardware and software environment. This
function is particularly important when very large and centralized computing
tasks are regularly executed for business purposes and producing output or
updating situations.

MANAGEMENT OF IS OPERATIONS

➢ IS management is responsible for all operations within the IS Department.

Therefore, operations management functions would:
• Resource allocation: Management is responsible to make sure the necessary
resources are available for plan activities
• Standards and Procedure: IS management is responsible for establishing the
necessary standards procedures for all operations that are aligned with business
strategies.
• Process Monitoring: IS management is responsible for monitoring and
measuring the effectiveness and efficiencies of the IS operation process.

MANAGEMENT CONTROL FUNCTIONS

IS Management

• Making adequate resources available

• Planning for the most efficient effective use of resources
• Authorizing and monitoring IT resource usage based on corporate policy
• Monitoring operations to ensure compliance of standards.
IS Operations

• Working with schedules for operating shifts

• Authorization of changes to schedules
• Review and authorization of changes
• Ensuring changes do not cause an outage
• Monitoring system performance and resource usage
• Monitoring SLA’s (Service Level Aggreement)
• Planning for equipment replacement
• Maintaining job accounting reports and other audits
 • Log reviews
• Handling problems in a timely manner
• Planning for major or minor disruptions

Information Security

• Ensuring the CIA of data (Confidentiality Integrity and Availability)

• Monitoring the environment and security facility to maintain proper conditions
• Identifying security vulnerabilities
• Keeping up-to-date with patches
• Detection of intrusion attempts
• Resolving information security events in a timely manner
• Limiting logical and physical access to resources to only those authorized.

SERVICE MANAGEMENT

IT Service Management (ITSM) is a concept made up of processes and procedures for

efficient and effective delivery of IT services to business

▪ ITSM focuses on business deliverables and infrastructure management

▪ Fine-tuning IT services to meet changing demands
▪ Measuring and demonstrating improvements in the quality of IT services
▪ Reduction of costs
➢ IT services are better managed with SLA’s, and the services offered from such
➢ agreements
➢ Changes should be handled to the change control process
➢ Controlling releases and ability to rollback when needed

SERVICE LEVEL

➢ Remember that the IS Department is a service organization for end users. Which
means there needs to be in adherence to the SLA’s (Service Level Agreement)
➢ The SLA describes services in non-technical terms for the viewpoint of the
customer
➢ Service level management is the process of:
▪ Defining, agreeing upon, documenting and managing levels of service that are
required and cost justified
▪ The aim of service level management is to maintain and improve customer
satisfaction and improve service delivered to the customer.
➢ Characteristics of IT services are used to define the SLA. There are many tools
available to monitor the efficiency and effectiveness of services which include:
 ▪ Exception Reports
▪ System and Application Logs
▪ Operator Problem Reports
▪ Operator Work Schedules

INFRASTRUCTURE OPERATIONS

➢ IT operations are processes and activities that support and manage the entire IT
infrastructure, systems, applications and data, focusing on day to day activities.

Tasks of IT operations staff include:

▪ Executing and monitoring schedule jobs

▪ Perform timely backup
▪ Looking for unauthorized access
▪ Monitoring for the adherence to the operation procedures
▪ Working with testing of DRP’s (Disaster Recovery Plans)
▪ Monitoring the performance, capacity, availability, and failure of information
resources.

SCHEDULING

➢ Scheduling is a major function of the IS Department, and scheduling includes: ▪

Jobs that must be run
▪ Sequence of job execution
▪ Conditions that cause program execution

➢ Low priority jobs can be scheduled if time is available

▪ Automated job scheduling software can provide extra control over this
process

➢ High priority jobs should be given optimal resource availability

▪ Some examples, such as backups, may be done at low peak times

➢ Job scheduling is necessary to make sure that IS resources are optimally used
MONITORING USE OF RESOURCES

➢ Computer resources, for example, should be used in a manner that benefits the
entire organization. Computer resources would include hardware, software,
telecommunications, networks, applications and data
PROCESS OF INCIDENT HANDLING

➢ Incident management is one of the critical processes in IT service management,

and need to be attended to on a continuous basis.
▪ The goal is to increase continuity of service by reducing or removing the
adverse effect of disturbances.
▪ Incident handling should have a method of prioritizing items to determine
the impact of urgency.

PROBLEM MANAGEMENT

➢ Problem management aims to resolve issues through the investigation

and in-depth analysis of a major incident, or several incidents that are of a
similar nature ▪ The goal is to determine the root cause
▪ This root cause is sometimes called the known error
▪ A workaround may have to be developed to address this error state and
prevent any future occurrences
➢ Problem management and incident management have slightly different
goals. Incident management tries to return to a normal state, whereas problem
management tries to reduce the number of incidents.

DETECTION, DOCUMENTATION, CONTROL, RESOLUTION, AND REPORTING

OF ABNORMAL CONDITIONS

➢ The complex nature of software, hardware and their interrelationships

should have a mechanism to detect and document any abnormal conditions
▪ Logs should contain the following kinds of errors: Application, system,
operator, network, telecommunication and hardware
▪ Log items should have the following information: o Error date, description,
code, source of error o Individuals assigned to the error o Status code of
problem resolution o Narrative of how the error was resolved
➢ Logs should be accessible to only those who are authorized, and those
logs should be updated as problems are resolved
➢ IS management should ensure that problem management mechanisms
are maintained and monitored and outstanding errors are being addressed in a
timely manner
▪ Should also be documented on how to escalate unresolved problems

CHAPTER 3: SUPPORT HELPDESK, CHANGE MANAGEMENT ,

PROCEDURES, RELEASE MANAGEMENT, SECURITY
MANAGEMENT AND MEDIA SANITIZATION
SUPPORT HELPDESK

➢ Technical supports functions are to provide specialized knowledge of

production systems, identify and assist in system change, and assist in
problem resolution ▪ Typical support functions:
– Determining the source of computer incidents and taking corrective actions
– Initiating problem reports and resolving incidents in a timely manner
– Answering inquiries regarding specific systems
– Providing multi-tiered support
– Providing technical support
– Communicating with IS operations about abnormal patterns and calls

CHANGE MANAGEMENT PROCESS

➢ Change control is an important function that should be handled by IS

management. It is often thought of as moving changes or upgrades from the
test environment to the production environment
➢ Change management can also be used when changing hardware or upgrading
off-the shelf applications
➢ Procedure associated with this migration process are in place to make sure that:
▪ System, operations and program documentation are complete, up-to-date
and in
▪ compliance with standards
▪ Job preparation, scheduling and operating instructions have been established
▪ Test results have been reviewed and approved
▪ Any data conversion occurred accurately and completely and has proper
approval
▪ The risk of causing an outage are reviewed and a rollback plan is developed

RELEASE MANAGEMENT

➢ Software release management is a process where software is made available to

users, and the term release often describes the collection of authorized changes
▪ Major release: Normally, a significant change or addition to new functionality. A
major upgrade usually supersedes all preceding minor upgrades
▪ Minor software releases: These are normally upgrades for small enhancements
and fixes
▪ Emergency software release: These are normally updates
▪ that have corrections to the small number of known problems. These are often
submitted as quickly as possible to prevent downtime and the potential of
vulnerabilities
 ➢ Planning a release involves:
▪ Getting consensus on the releases contents
▪ Agreeing to the release strategy. This may be done in phases
▪ Producing a high level release schedule
▪ Planning resource levels
▪ Agreeing on roles and responsibilities
▪ Creating a rollback plan
▪ Developing a quality plan for the release
▪ Planning acceptance of support groups and the customer

INFORMATION SECURITY MANAGEMENT

➢ The goal is to ensure continuous IT operation and security of business process

and dat. This is a critical part of IS operations.

Security management includes:

▪ Performing risk assessments on information assets

▪ Performing business impact analysis
▪ Developing and enforcing information security policies, procedures and
standards
▪ Regular security assessments
▪ Implementing a formal vulnerability management process

MEDIA SANITIZATION

➢ There should be a program establishing how to deal with a media sanitization.

This is an necessary step to preserve the confidentiality of sensitive information
that is stored on media to be reused, transported, or discarded
▪ Sanitization involves the permanent erasure of information storage media
▪ It is necessary to make sure that information cannot be restored after being
sanitized
▪ There should be a process of identifying that media which needs sanitizing
▪ There should be a procedure for proper sanitization of the different types of
storage media

CHAPTER 4: INFORMATION SYSTEMS HARDWARE

INFORMATION SYSTEMS HARDWARE

➢ This section will introduce hardware platforms that make up the enterprise
systems of today’s organizations. We look at the basic concepts of and history
behind different types of computers and the advances in information technology.

COMPUTER HARDWARE COMPONENTS AND ARCHITECTURE

➢The CPU (Central Processing Unit) is made up of the ALU (Arithmetic Logic Unit)
a Control Unit and internal memory.
▪ Other key components of the computer include the motherboard, memory,
read only memory
➢ The I/O components pass instructions and information to the computer, or
display record output generated by the computer.
COMMON ENTERPRISE BACKEND DEVICES

➢ Print Servers
➢ File Servers
➢ Application Servers
➢ Web Servers
➢ Proxy Servers
➢ Database Servers

SPECIALIZED DEVICES

➢ Firewall
➢ Intrusion detection systems
➢ Intrusion prevention systems
➢ Switches
➢ Routers
➢ Virtual Private Networks
➢ Load Balancers

RISKS

➢ Malware
➢ Data Theft
➢ Data and Media Loss
➢ Corruption of Data
➢ Loss of Confidentiality
SECURITY CONTROL

➢ Encryption
➢ Granular control-such as active directory
➢ Educating security personnel
➢ Enforce the “lock desktop” policy
➢ Updating AV
➢ Use only secure devices

CHAPTER 5: RADIO FREQUENCY IDENTIFICATION

➢ RFID uses radio waves to identify tagged objects within a limited range A tag
consists of a microchip and antenna
▪ The tag can be passive, drawing power from the incident radiation arriving
for the reader
▪ An active tag has battery supplied power

RFID APPLICATIONS

➢ Asset Management
➢ Tracking
➢ Authenticity verification
➢ Matching
➢ Process Control
➢ Access Control
➢ Supply chain management

RFID RISKS

➢ Business process risk is a direct attack on the RFID system components

➢ Business intelligence risk may come from a competitor or adversary that gains
unauthorized access to RFID
➢ Privacy risk can occur when the RFID system uses personally identifiable
information for purposes other than intended
➢ Externality risk occurs when RFID technology becomes a threat to a non-RFID
network or a non-RFID collected system

RFID SECURITY CONTROL

➢ Management control involves oversight of the security of the RFID system

➢ An operational control involves the actions performed on a daily basis by the
systems administrator and users
 ➢ A technical control uses technology to monitor or restrict the actions that can be
performed within the system. RFID systems might use technical controls to
protect data on tags, causing a tag to self-destruct, or to protect wireless
communications.

HARDWARE MAINTENANCE PROGRAM

➢ For proper operation, hardware should be regularly cleaned and serviced. The
maintenance requirements will depend on complexity and performance
workloads

HARDWARE MONITORING PROCEDURES

➢ Availability reports indicate the time periods during which the computer is in
operation and available for use. A key concern of this report is downtime
➢ Hardware error reports would identify the computer components that might fail.
These reports should be monitored to make sure that equipment is working
properly
➢ Utilization reports are generally automated reports that document use of the
machine and peripherals. You can also use software monitors to capture the
measurements for processors, secondary storage, and other components they
are used
➢ Asset management reports are basically an inventory of network connected
equipment.

CAPACITY MANAGEMENT

➢ Capacity management can be thought of as planning and monitoring of resources to

ensure the available resources
are used efficiently and effectively
➢ Capacity planning is projections based on past experience, plans for growths of
existing business, as well as future expansions
➢ Capacity management ensures that all current and future capacity and performance
aspects of the business requirements are provides in a cost-effective manner ➢
Capacity management can help with resource planning ➢ Capacity planning and
monitoring elements:
▪ Developing a capacity plan
▪ Monitoring IT components to ensure SLA’s are achieved
▪ Analysis of the data collected for the monitoring activities identify trends and to
create baselines
▪ Tuning is the optimization of systems to the actual workload
▪ Implementation is the introduction of changes or new capacity to meet new
requirements
▪ Modeling can forecast the behavior of resources to look at future capacity transit
requirements
▪ Application sizing takes into consideration the prediction of new capacity. Sizing
may consider number of users, number of transactions, and data storage
requirement