System Operations Standard

System Operations Standard

This System Operations Standard is aimed at IT Operations processes rather than normal end user activities and addresses IT requirements which must be incorporated into system deployment, system support, system security, data backup and recovery, and removable media processes. Due care must be taken to adhere to the requirements set forth in this document, as it aims to ensure that Company’s business processes are supported by IT practices that manage risk to the confidentiality, integrity, and availability of information resources and related systems.

This Standard highlights requirements aimed to mitigate risk inherent with the operation of IT managed systems within the Company. All systems that are controlled (either directly or indirectly by delegation of responsibility) by Company’s personnel performing IT Operations roles are in scope.

Additionally, this Standard applies to both the hardware and software components that comprise a system, and serves to protect the confidentiality, integrity, and availability of information resources within the Company’s environment.

CONTENT

1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. MANAGEMENT OF SYSTEMS
3.1 SYSTEM ACCEPTANCE
3.2 ESTABLISHMENT OF STANDARD CONFIGURATION REQUIREMENTS
3.3 USE OF STANDARD TOOLS AND PROCESSES TO ENFORCE STANDARD CONFIGURATION REQUIREMENTS
3.4 UNSUPPORTED SYSTEMS
3.5 PHYSICAL SECURITY OF IT EQUIPMENT
4. OPERATIONAL SUPPORT CONTROLS
4.1 SEGREGATION OF DUTIES
4.2 DOCUMENTED SUPPORT PROCEDURES
4.3 THIRD-PARTY SUPPORT
4.4 USE OF SYSTEM UTILITIES
4.5 CHANGE CONTROL
4.6 INVENTORY OF SYSTEMS
4.7 SECURING SYSTEM INFORMATION
4.8 ACCOUNT AND ACCESS REVIEW
5. LOGS
5.1 COLLECTION OF LOG INFORMATION
5.2 MONITORING AND REVIEW PROCESSES
6. BACKUP AND RESTORE
7. MEDIA HANDLING
7.1 MANAGEMENT OF REMOVABLE MEDIA
7.2 HANDLING OF REMOVABLE MEDIA
7.3 RE-USE AND DISPOSAL OF MEDIA
8. COMPLIANCE
9. EXCEPTIONS
10. FINAL CONSIDERATIONS
10.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
10.2 DOCUMENT REVISION

Pages: 18

Review System Operations Standard.

Related Products:

€1,549.00

Purchase

This bundle contains all the products listed in the Operations Management section. Take advantage of the 25% OFF when buying the bundle!

€79.00

Purchase

The Privacy and Data Protection Policy sets forth minimum standards for the collection, access, use, disclosure, disposal, safeguarding and other handling of certain nonpublic identifiable information on current, former, and prospective employees, clients and other third parties that the Company keeps or uses for business purposes. Such information is referred to as “Protected Information”.

€49.00

Purchase

The objective of the Vulnerability Alerts Procedure is to describe the vulnerability alerts process, which sets a consistent approach for the distribution, evaluation and follow-up of vulnerability alerts regarding Information Systems within IT environment.