BT-450 A Lecture 3: IT Processes - PowerPoint PPT Presentation

issac
slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
BT-450 A Lecture 3: IT Processes PowerPoint Presentation
Download Presentation
BT-450 A Lecture 3: IT Processes

play fullscreen
1 / 98
Download Presentation
BT-450 A Lecture 3: IT Processes
138 Views
Download Presentation

BT-450 A Lecture 3: IT Processes

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

    3. (11)Security Planning & Management

    21. SECURITY THREATS

    23. VIRUS IMPACT How have viruses affected your company?

    26. Low Confidence in Net Privacy

    32. Top Security Obstacles Need to get hit to change

    35. Whos Breaking Into Your Systems?

    36. THE ENEMY WITHIN

    37. Top Tips for Preventing Insider Attacks

    40. Activities Included in Job descriptions for Information Security Managers

    44. HONEYPOT SECURITY LURES INTRUDERS TO WHAT THEY THINK IS A SENSITIVE AREA

    51. Staff Assigned to Information Security

    52. IS YOUR IT SECURITY BUDGET HIGHER OR LOWER THAN LAST YEARS? Base: 257 data center managers surveyed earlier this year

    54. Remote Access Security Reference Materials

    56. Big Names in Identity From modular components to full-fledged suites, the top vendors in the identity management space offer a range of tools to strengthen the security of your network.

    59. (12)Audit Planning & Management

    60. THE AUDIT MISSION

    61. Fair Information Practices Principles

    65. SARBANES-OXLEY Info

    68. WHEN WAS YOUR ORGANIZATIONS POLICY LAST UPDATED?

    69. Which department created the data policy?

    70. Top ten factors that could trigger workers to act unethically or illegally

    71. Ten Tips for Taming the E-mail Problem Create a reasonable and enforceable policy. Spell out privacy expectation clearly. Require that each employee sign the policy. Issue frequent policy reminders. When the policy is broken, consult the legal department and have an immediate conversation with the employee, accompanied by a human resources representative. Dont limit employee training to policy issues. Also include etiquette, proper use of group mailing lists, and information about recognizing scams and urban legends. Limit employee mailboxes to an appropriate size (CIOs interviewed for this article recommended a range from 15MB to 150MB depending on the type of work). Consider your potential legal liability in determining how long to store messages. Consider filtering tools, but be aware of the limitations. Install two different antivirus software packages (one for servers, one for the desktops). Teach users to distrust all attachments, particularly unexpected ones. .

    73. (13) Capacity Planning & Management

    74. Why is Capacity Planning Important ?

    75. CAPACITY PLANNING PROCESS

    77. CAPACITY PLANNING RATIONALE

    78. CAPACITY MANAGEMENT

    79. CAPACITY MANAGEMENT

    81. Planning Capacity

    82. (23) Change Control

    90. CHANGE MANAGEMENT

    91. (24) ASSET MANAGEMENT

    92. Asset Management Practices

    96. Fate of Old PCs This year, what percentage of your retired PCs will be :

    98. WAYS TO PROTECT YOURSELF 1 LEASE EQUIPMENT so that the title to the equipment transfers to the leasing company at the end of the term- along with the disposition issues. DISPOSE OF IT EQUIPMENT when its removed from service. BUNDLE DISPOSAL COSTS into new purchases by including the disposition of old IT assets in the RFP for equipment that replaces it. EMPTY THE IT CLOSETS: Dispose of unused, stored equipment immediately. This equipment incurs storage costs and property taxes plus disposal costs that are likely to increase over time. INCLUDE A COPY OF THE OPERATING SYSTEM when donating equipment. Machines without an operating system are likely to be discarded or shipped overseas. INCLUDE CONTRACT WORDING that prohibits the recycling vendor or its subcontractors from exporting equipment to developing countries that lack environmental regulations. REQUIRE A FULLY DOCUMENTED AUDIT TRAIL that shows what happened to each IT asset through its final disposition, whether sold, recycled or destroyed. CONDCT A DUE DILIGENCE background check on the recycling vendor and its practices that includes an on-site visit. CONSIDER DISPOSITION SERVICES from IBM, HP, Dell or other major IT equipment vendors. They charge more than smaller recyclers, but they have reputations to protect and deeper pockets if liability issues arise.

    102. Selected Systems Management Software(1 OF 6)

    103. Selected Systems Management Software (2 OF 6)

    104. Selected Systems Management Software (3 OF 6)

    105. Selected Systems Management Software (4OF 6)

    106. Selected Systems Management Software (5 OF 6)

    107. (26) Problem Control

    108. PROBLEM MANAGEMENT

    111. CAUSE OF UNPLANNED APPLICATION DOWNTIME

    112. RELATIVE OCCURRENCE OF OUTAGE INCIDENTS

    113. Most frequently cited outages Systems: operational error, user error, third party software error, internally developed software problem, inadequate change control, lack of automated processes Networks: performance overload, peak load problems, insufficient bandwidth Database: out of disk space, log file full, performance overload Applications: application error, inadequate change control, operational error, nonautomated application exceptions

    114. Fundamentals of autonomic computing ? Self-configuring ? Self-healing ? Self-optimizing ? Self-protecting

    116. How many calls does the help desk get ?

    117. EXAMPLE:Who calls the HELP desk?

    118. EXAMPLE:What are the calls for ?

    120. *** PROBLEM REPORTING FORM ***

    123. (27) Service Evaluating

    126. Systems Management Tools

    127. (29) Software Procurement

    128. Steps in Selecting a Vendor

    133. SW Product Assessment Criteria

    134. (30) Hardware Procurement and Upgrade

    136. HW Product Assessment Criteria

    141. Room for Improvement

    142. Purchase cards Borrow funds or petty cash Auctioning Sealed bidding Two-step sealed bidding Competitive proposals Competitive negotiations

    143. Contract Categories and Types

    144. Types of Lock-In and Associated Switching Costs

    147. FOUR WAYS NOT TO PERSUADE

    148. Tips for dealing with IT sales representatives:

    151. RELATIVE IMPORTANCE OF STANDARD COMPUTER CONTRACT PROVISIONS

    152. 17 Ways to Bust a Deadlock

    153. WIN-WIN WILL KILL YOUR DEAL

    154. Negotiation Tactics and Countertactics

    155. Crafting Your Behavior Slow down the conversation Listen and think Maintain a buffer between your brain and your mouth. Consider your response carefully in light of your new guiding principles Ask questions to get relevant information Catch the cue(s) Ask for time-out (that is, postpone your response) if need be Prepare for, and reflect on, interactions Think ahead to conversations and interactions Reflect back on conversations and interactions

    158. Negotiating the Contract Checklist

    161. (2) Architecture Scanning & Definition

    162. Architecture A set of guidelines and standards detailed enough that people can work independently yet create an envisioned end product Blueprint for a house Sub-division plan City highway plan

    163. DEVELOPING AN IT ARCHITECTURE

    164. DEVELOPING AN IT ARCHITECTURE

    165. Platform Decision Makers

    166. Technology Domains Clear accountabilityClear accountability

    171. ARCHITECTED DATA WAREHOUSING SYSTEM

    176. Key Factors

    181. Notable Standards Efforts Central Computing and Telecommunications Agency (CCTA) Methodology - IT Infrastructure Library (ITIL) http://www.exin.nl/itil/itinf/home Service Level Agreement (SLA) Working Group created by the Distributed Management Task Force (DMTF) http://www.dmtf.org The Appl MIB by the Internet Engineering Task Force (IETF) http://www.ietf.org Application Resource Measurement (ARM) Computer Measurement Group http://www.cmg.org

    184. Historical Architectural Changes

    185. Historical Architectural Changes

    186. Historical Architectural Change

    188. Think? Which processes are most important? Who owns each of these process containers? How much resource will be applied to each process? How effective are each of these processes today? What priority should be placed on improving each of these processes?