Académique Documents
Professionnel Documents
Culture Documents
Service Oriented Architecture
7KLVLVDVDPSOHRIWKHILQDOSURGXFW
WKHVHSDJHVDUHIRU\RXUUHYLHZRQO\
DQGDUHSURWHFWHGE\-DQFR¶VFRS\ULJKW
3$*(6+$9(%((1(;&/8'('
ZZZHMDQFRFRP
April 2010
This product is NOT FOR RESALE or REDISTRIBUTION in any physical or electronic format. The
purchaser of this template has acquired the rights to use it for a SINGLE Disaster Recovery Plan
unless the user has purchased a multi-‐use license. Anyone who makes an unlicensed copy of or
uses the template or any derivative of it is in violation of United States and International
copyright laws and subject to fines that are treble damages as determined by the courts. A
REWARD of up to 1/3 of those fines will be paid to anyone reporting such a violation upon the
successful prosecution of such violators.
The purchaser agrees that derivative of this template will contain the following words within the
first five pages of that document. The words are:
© 2001 -‐ 2008 Copyright Janco Associates, Inc. – ALL RIGHTS RESERVED
All Rights Reserved. No part of this book may be reproduced by any means without the prior
written permission of the publisher. No reproduction or derivation of this book shall be re-‐sold
or given away without royalties being paid to the authors. All other publisher’s rights under the
copyright laws will be strictly enforced.
435 940-‐9300
Publisher cannot in any way guarantee the procedures and approaches presented in this book are being
used for the purposes intended and therefore assumes no responsibility for their proper and correct use.
ITIL ® is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government
Commerce, and is registered in the U.S. Patent and Trademark Office
Table of Contents
IT Service Management and Service-Oriented Architecture ...................................................... 8
Definition .................................................................................................................................................................... 8
Infrastructure .......................................................................................................................................................... 9
Standards .......................................................................................................................... 45
Internet Standards ............................................................................................................. 45
User Guidelines ......................................................................................................................................................... 46
Employing the Help Desk ...................................................................................................................................... 46
Training ................................................................................................................................................................. 46
Problem Reporting ................................................................................................................................................ 46
Ticket Closure ........................................................................................................................................................ 46
Definition
ITservicemanagement(ITSM)isadisciplineformanaginginformationtechnology
(IT)systems,philosophicallycenteredonthecustomer'sperspectiveofIT's
contributiontothebusiness.ITSMstandsindeliberatecontrasttotechnologyͲ
centeredapproachestoITmanagementandbusinessinteraction.
ServiceͲOrientArchitecture(SOA)isanInformationTechnologyandsystem
architecturedesignapproachbuiltaroundcomputerservicesandcomponentsthat
arereusedandrecombinedeasilyusingastandardinterface.
InanSOA,softwareandapplicationcomponentsadvertisethemselvesona
networkofferingaservicetoothersoftwareandcomponents.Acustomerservice
systemcouldprovidealookͲupthatacreditapplicationandfinancialmanagement
systemcoulduse.Thatisincontrastwithatraditionalapproachwereeachofthe
threeapplicationswouldhavetocreatethesamefunctionthatconformedtoeach
individualapplicationarchitecture.
IntheSOAarchitectureonceacomponentorprocessiscreateditcanbeusedby
anyapplicationintheenterprise.
ITIL 3.0 is structured around core of Service. ITIL v3 has five components:
Service Strategy
Service Design
Service Transition
Service Operation
Continual Service Improvement
This template is in compliance with the ITIL v3.0 standard and has a service focus.
Access Management
Availability Management
Capacity Management
Evaluation
Event Management
Financial Management (aka Service Economics)
Information Security Management
Knowledge Management
Problem Management
Release and Deployment Management
Request Fulfillment
Service Asset and Configuration Management
P2 Tickets
Assign Ticket to
P2 Call Logged -
Analyst or Lead
Ticket Opened
within 15 min.
Yes
Analyst or Lead
Analyst assess Acknowledges
Yes
problem Customer within 2
hrs.
No
Reprioritize Notify
/ Hold Management,
Yes Reassign
Notify Lead (if
applicable)
No
Customer
Set Ticket Status Resolution within
Acknowledges Yes
to Resolved an additional 2 hrs.
Problem Solution
(6 hrs. total)
Yes No
Auto-Escalate to
Management
Close Ticket
(Management may
escalate to SWAT)
Overview
Quality is defined as the efficient and effective development,
deployment, and support of defect-‐free products and services
that meet, or exceed, the needs of the clients, users, and
business. All IT products and services must conform to client,
user, and business requirements in order to be considered
quality offerings.
Standard
Testing
The end user actively participates in application testing prior to user acceptance.
Department personnel should specify the test criteria and evaluate test results. The
purpose of testing is to prove that the product performs to user defined system
specifications. ENTERPRISE-‐IT defines the four stages of the test as:
It is the responsibility of all users, data owners and data managers to ensure that
adequate controls exist per the Internet and Information Technology Security
Manual or special requirements as established by the Audit Department or the
Internet and Information Technology Security group. Enforcement of these controls
is imperative in order to provide the best environmental security possible.
Use unique user names and passwords for files on the PC.
Use an external storage device for data and programs. The external storage device
data should be encrypted.
Use biometrics and other techniques, such as removable storage devices (when
possible). This should help to limit risks to ENTERPRISE if the PC is lost or stolen. Do
not store the external storage or key device with the PC.
Do not automatically save user names and passwords on the PC.
Do not leave your PC, PAD or printed documents unattended. If you have to leave
them in your hotel room, be aware that can be a major breach in security – see if
there is a safe that you can put them in.
When attending an offsite meeting, the organizer should provide a facility where
you can check you equipment and reports in which is secure and guarded.
When using remote printing send a test page before you send secure data. Be in
the location where the printer is printing. If there are any paper jams retrieve all of
the pages. After the jam clear see what comes out next.
When you are finished with report that contains secure data, keep it with you until
it can be disposed of properly.
User Environment
Provide the following information for each department that uses the application:
x Department name
x How the application is used (example: Department A inputs patient information, Department B enters billing information etc.)
x Primary contact (i.e. primary user or department head name)
x Number of people in department that use the application
x What attribute best describes the users that have access to this application:
Public
Customers and Employees
Groups of Employees
Specific Employees
Other __________
What’s New
Version 3.4
Update Blog and Personal Web Site Policy
Updated to meet Sarbanes-‐Oxley requirements
Updated Blog and Personal Web Site Compliance Agreement
Added section on Rights to Content
Add Best Practices Section
Version 3.3
Added section on Service Management Standards including ITIL and ISO 20000
Updated process flow charts
Version 3.2
Updated section on e-‐mail, Internet and Electronic Communications
Updated Blog Policy Acknowledgement Form
New Forms
Internet Usage Policy – Employee Acknowledgement (short form)
E-‐Mail Usage Policy – Employee Acknowledgement (short form)
Version 3.1
Corrections to errata
Defined Service-‐Oriented Architecture
Added Service Level Agreement Policy Template (application)
Version 3.0
Sensitive Information Policy
Sensitive Information Compliance Agreement
Version 2.2
Blog and Personal Web Site Policy
Blog Policy Compliance Agreement
Version 2.1
Internet, E-‐Mail and Electronic Communication Policy – Added
Travel and Off-‐Site Meeting Security – Added
Forms – Check boxes automated for double clicks