Isom Chapter 1 5 Module
Isom Chapter 1 5 Module
MANAGEMENT OF IS OPERATIONS
IS Management
Information Security
SERVICE MANAGEMENT
SERVICE LEVEL
➢ Remember that the IS Department is a service organization for end users. Which
means there needs to be in adherence to the SLA’s (Service Level Agreement)
➢ The SLA describes services in non-technical terms for the viewpoint of the
customer
➢ Service level management is the process of:
▪ Defining, agreeing upon, documenting and managing levels of service that are
required and cost justified
▪ The aim of service level management is to maintain and improve customer
satisfaction and improve service delivered to the customer.
➢ Characteristics of IT services are used to define the SLA. There are many tools
available to monitor the efficiency and effectiveness of services which include:
▪ Exception Reports
▪ System and Application Logs
▪ Operator Problem Reports
▪ Operator Work Schedules
INFRASTRUCTURE OPERATIONS
➢ IT operations are processes and activities that support and manage the entire IT
infrastructure, systems, applications and data, focusing on day to day activities.
SCHEDULING
➢ Job scheduling is necessary to make sure that IS resources are optimally used
MONITORING USE OF RESOURCES
➢ Computer resources, for example, should be used in a manner that benefits the
entire organization. Computer resources would include hardware, software,
telecommunications, networks, applications and data
PROCESS OF INCIDENT HANDLING
PROBLEM MANAGEMENT
RELEASE MANAGEMENT
MEDIA SANITIZATION
➢ This section will introduce hardware platforms that make up the enterprise
systems of today’s organizations. We look at the basic concepts of and history
behind different types of computers and the advances in information technology.
➢The CPU (Central Processing Unit) is made up of the ALU (Arithmetic Logic Unit)
a Control Unit and internal memory.
▪ Other key components of the computer include the motherboard, memory,
read only memory
➢ The I/O components pass instructions and information to the computer, or
display record output generated by the computer.
COMMON ENTERPRISE BACKEND DEVICES
➢ Print Servers
➢ File Servers
➢ Application Servers
➢ Web Servers
➢ Proxy Servers
➢ Database Servers
SPECIALIZED DEVICES
➢ Firewall
➢ Intrusion detection systems
➢ Intrusion prevention systems
➢ Switches
➢ Routers
➢ Virtual Private Networks
➢ Load Balancers
RISKS
➢ Malware
➢ Data Theft
➢ Data and Media Loss
➢ Corruption of Data
➢ Loss of Confidentiality
SECURITY CONTROL
➢ Encryption
➢ Granular control-such as active directory
➢ Educating security personnel
➢ Enforce the “lock desktop” policy
➢ Updating AV
➢ Use only secure devices
➢ RFID uses radio waves to identify tagged objects within a limited range A tag
consists of a microchip and antenna
▪ The tag can be passive, drawing power from the incident radiation arriving
for the reader
▪ An active tag has battery supplied power
RFID APPLICATIONS
➢ Asset Management
➢ Tracking
➢ Authenticity verification
➢ Matching
➢ Process Control
➢ Access Control
➢ Supply chain management
RFID RISKS
➢ For proper operation, hardware should be regularly cleaned and serviced. The
maintenance requirements will depend on complexity and performance
workloads
➢ Availability reports indicate the time periods during which the computer is in
operation and available for use. A key concern of this report is downtime
➢ Hardware error reports would identify the computer components that might fail.
These reports should be monitored to make sure that equipment is working
properly
➢ Utilization reports are generally automated reports that document use of the
machine and peripherals. You can also use software monitors to capture the
measurements for processors, secondary storage, and other components they
are used
➢ Asset management reports are basically an inventory of network connected
equipment.
CAPACITY MANAGEMENT