IT Service Management for

 
Service Oriented Architecture  

   

7KLVLVDVDPSOHRIWKHILQDOSURGXFW
WKHVHSDJHVDUHIRU\RXUUHYLHZRQO\
DQGDUHSURWHFWHGE\-DQFR¶VFRS\ULJKW
3$*(6+$9(%((1(;&/8'('

ZZZHMDQFRFRP

Page  1   ©  2008  Janco  Associates,  Inc.  –  www.e-­‐janco.com  

 
 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

April  2010  
 
 
This  product  is  NOT  FOR  RESALE  or  REDISTRIBUTION  in  any  physical  or  electronic  format.    The  
purchaser  of  this  template  has  acquired  the  rights  to  use  it  for  a  SINGLE  Disaster  Recovery  Plan  
unless  the  user  has  purchased  a  multi-­‐use  license.    Anyone  who  makes  an  unlicensed  copy  of  or  
uses  the  template  or  any  derivative  of  it  is  in  violation  of  United  States  and  International  
copyright  laws  and  subject  to  fines  that  are  treble  damages  as  determined  by  the  courts.    A  
REWARD  of  up  to  1/3  of  those  fines  will  be  paid  to  anyone  reporting  such  a  violation  upon  the  
successful  prosecution  of  such  violators.  

The  purchaser  agrees  that  derivative  of  this  template  will  contain  the  following  words  within  the  
first  five  pages  of  that  document.    The  words  are:  

©  2001  -­‐  2008  Copyright  Janco  Associates,  Inc.  –  ALL  RIGHTS  RESERVED  

All  Rights  Reserved.    No  part  of  this  book  may  be  reproduced  by  any  means  without  the  prior  
written  permission  of  the  publisher.    No  reproduction  or  derivation  of  this  book  shall  be  re-­‐sold  
or  given  away  without  royalties  being  paid  to  the  authors.    All  other  publisher’s  rights  under  the  
copyright  laws  will  be  strictly  enforced.  

Published  by:   Janco  Associates  Inc.  

  11  Eagle  Landing  Court  
  Park  City,  UT  84060  

  435  940-­‐9300  

  e-­‐mail  -­‐  support@e-­‐janco.com  

Publisher  cannot  in  any  way  guarantee  the  procedures  and  approaches  presented  in  this  book  are  being  
used  for  the  purposes  intended  and  therefore  assumes  no  responsibility  for  their  proper  and  correct  use.  

Printed  in  the  United  States  of  America  

ISBN13    978-1-881218-09-8  

HandiGuide  is  a  registered  trademark  of  M.  Victor  Janulaitis.    

ITIL  ®  is  a  Registered  Trade  Mark,  and  a  Registered  Community  Trade  Mark  of  the  Office  of  Government  
Commerce,  and  is  registered  in  the  U.S.  Patent  and  Trademark  Office  

  ©  2010  Janco  Associates,  Inc.  –  www.e-­‐janco.com  

 
Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Table of Contents
IT Service Management and Service-Oriented Architecture ...................................................... 8
Definition  ....................................................................................................................................................................  8
Infrastructure  ..........................................................................................................................................................  9

Service Management Standards ........................................................................................... 11

IT  Service  Management  ............................................................................................................................................  11
Best  Practices  for  IT  Service  Management  ................................................................................................................  13
ITIL  .............................................................................................................................................................................  16
Service  Desk  -­‐  (Help  Desk  Policy,  Help  Desk  Standards,  Help  Desk  Procedures,  and  Help  Desk  Service  
Level  Agreement)  ........................................................................................................................................  18
Incident  Management  (Help  Desk  Procedures,  Service  Request  Policy  and  Service  Request  Standard)  .....  18
Problem  Management  (Help  Desk  Procedures,  Service  Request  Policy  and  Service  Request  Standard)  ....  19
Change  Management  (Change  Control  Standard,  Change  Control  Quality  Assurance  Standard,  
Change  Control  Management  Workbook,  Version  Control  Policy,  and  Version  Control  Policy)  .................  20
Configuration  Management  (Documentation  Standard,  Version  Control  Policy,  and  Version  Control  
Policy)  ..........................................................................................................................................................  20
Release  Management  (Documentation  Standard,  Version  Control  Policy,  and  Version  Control  Policy)  .....  21
ISO/IEC  20000  ...........................................................................................................................................................  21

Service Request Policy ........................................................................................................ 23

Policy  Statement  .......................................................................................................................................................  23
Goal  ...........................................................................................................................................................................  23

Service Request Standard ................................................................................................... 24

Overview  ...................................................................................................................................................................  24
Standard  ....................................................................................................................................................................  24
Service  Request  Process  ........................................................................................................................................  24
Problem  Resolution  Process  ..................................................................................................................................  25
Scheduled  Service  Request  ...................................................................................................................................  25
Service  Request  Management  ..............................................................................................................................  25
Responsibility  ............................................................................................................................................................  26
Management  &  Functional  IT  Heads  .....................................................................................................................  26
Functional  IT  Representative  (Help  Desk  Personnel)  ............................................................................................  26
Help  Desk  Best  Practices  .......................................................................................................................................  26

Help Desk Policy ................................................................................................................ 28

Policy  Statement  .......................................................................................................................................................  28
Goal  ...........................................................................................................................................................................  28
 

Page  i   ©  2010  Janco  Associates,  Inc.  –  www.e-­‐janco.com  

 
 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Help Desk Standards .......................................................................................................... 29

Overview  ...................................................................................................................................................................  29
Standard  ....................................................................................................................................................................  29
General  Support  ....................................................................................................................................................  29
Maintenance  Support  ...........................................................................................................................................  29
Triage  ....................................................................................................................................................................  29
Metrics  ..................................................................................................................................................................  30
Roles  and  Responsibilities  .........................................................................................................................................  30
Help  Desk  ..............................................................................................................................................................  30

Help Desk Procedures......................................................................................................... 31

Overview  ...................................................................................................................................................................  31
Procedures  ................................................................................................................................................................  31
Service  Request  –  Help  Desk  Priority  Matrix  &  Process  Flow  Charts  ........................................................................  32
Help  Desk  Triage  ...................................................................................................................................................  33
P1  Tickets  ..............................................................................................................................................................  34
P2  Tickets  ..............................................................................................................................................................  35
P3  Tickets  ..............................................................................................................................................................  36
P4  Tickets  ..............................................................................................................................................................  37

Help Desk Service Level Agreement ..................................................................................... 38

Overview  ...................................................................................................................................................................  38
Service  Level  Agreement  ...........................................................................................................................................  39
Help  Desk  Availability  ............................................................................................................................................  39
Call  Priorities  .........................................................................................................................................................  39
Scheduled  Tasks  ....................................................................................................................................................  39
User  ID  Creation  ...............................................................................................................................................  40
Internet  Access  .................................................................................................................................................  40
End  of  Employment  ..........................................................................................................................................  40
Moves  ...............................................................................................................................................................  40
Loaner  Equipment  ............................................................................................................................................  40
Laptops  ........................................................................................................................................................  40
Presentations  ...............................................................................................................................................  41
Video  Conferencing  ..........................................................................................................................................  41
Acknowledgment  Times  ........................................................................................................................................  41
Acknowledgments  Achieved  .................................................................................................................................  42
Resolution  Times  ...................................................................................................................................................  42
Escalation  .........................................................................................................................................................  42
Resolutions  Achieved  on  Time  ..............................................................................................................................  42
Metrics  ..................................................................................................................................................................  42
Support  Scope  ...........................................................................................................................................................  43
Desktop  Support  ...................................................................................................................................................  43
Network  Support  ...................................................................................................................................................  43
Technology  Standards  ...........................................................................................................................................  45
 

Page  ii   ©  2010  Janco  Associates,  Inc.  –  www.e-­‐janco.com  

 
 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Standards .......................................................................................................................... 45
Internet Standards ............................................................................................................. 45
User  Guidelines  .........................................................................................................................................................  46
Employing  the  Help  Desk  ......................................................................................................................................  46
Training  .................................................................................................................................................................  46
Problem  Reporting  ................................................................................................................................................  46
Ticket  Closure  ........................................................................................................................................................  46

Change Control Standard .................................................................................................... 47

Overview  ...................................................................................................................................................................  47
Standard  ....................................................................................................................................................................  47
Support  .................................................................................................................................................................  47
Security  and  Back-­‐up  .............................................................................................................................................  48
Ownership  Transfer  ...............................................................................................................................................  48
Testing  ...................................................................................................................................................................  48
Documentation  .....................................................................................................................................................  48
Responsibility  ............................................................................................................................................................  49
Functional  IT  Heads  ...............................................................................................................................................  49

Change Control Quality Assurance Standard ......................................................................... 50

Overview  ...................................................................................................................................................................  50
Standard  ....................................................................................................................................................................  50
Testing  ...................................................................................................................................................................  50
Test  Script  Development  .......................................................................................................................................  51
Unit  ...................................................................................................................................................................  51
Integration  ........................................................................................................................................................  52
Acceptance  .......................................................................................................................................................  52
Test  Script  Design  .............................................................................................................................................  53
Responsibility  ............................................................................................................................................................  53
Project  Manager  ....................................................................................................................................................  53
Functional  IT  Heads  ...............................................................................................................................................  53
Developer  ..............................................................................................................................................................  53
Client/Sponsor  ......................................................................................................................................................  54
Planning  and  Finance  ............................................................................................................................................  54

Change Control Management Workbook ............................................................................... 55

Overview  ...................................................................................................................................................................  55
Standard  ....................................................................................................................................................................  55
Change  Request  Form  ...........................................................................................................................................  55
Business  and  IT  Impact  Questionnaire  ..................................................................................................................  56
Change  Management  Certification  Form  ..............................................................................................................  56
User  Approval  Form  ..............................................................................................................................................  56
 

Page  iii   ©  2010  Janco  Associates,  Inc.  –  www.e-­‐janco.com  

 
 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Documentation Standard .................................................................................................... 57

Overview  ...................................................................................................................................................................  57
Standard  ....................................................................................................................................................................  58
Core  Application  Documentation  ..........................................................................................................................  58
Other  Application  Documentation  ........................................................................................................................  58
Summary  Documentation  ................................................................................................................................  58
Vendor  Documentation  ....................................................................................................................................  58
Project  Documentation  ....................................................................................................................................  59
Application  Development  Documentation  .......................................................................................................  59
Shared  Documentation  ....................................................................................................................................  59
Responsibility  ............................................................................................................................................................  59
Functional  IT  Heads  ...............................................................................................................................................  59
Client  .....................................................................................................................................................................  59
Audit  ......................................................................................................................................................................  59

Version Control Policy ......................................................................................................... 60

Policy  Statement  .......................................................................................................................................................  60
Goal  ...........................................................................................................................................................................  60

Version Control Standard .................................................................................................... 61

Overview  ...................................................................................................................................................................  61
Standard  ....................................................................................................................................................................  61
Change  Environment  .............................................................................................................................................  61
Project  Manager  ...............................................................................................................................................  61
Developer  .........................................................................................................................................................  61
System  Tester  ...................................................................................................................................................  61
Test  Environment  ..................................................................................................................................................  62
Production  Environment  .......................................................................................................................................  62
Quality  Metrics  ......................................................................................................................................................  62
Production  server  .............................................................................................................................................  62
Software  ...........................................................................................................................................................  62
Migration  ..........................................................................................................................................................  62
Access  Control  .......................................................................................................................................................  63
Documentation  .....................................................................................................................................................  63
Naming  .............................................................................................................................................................  63
Revision  History  ................................................................................................................................................  63
Version  Number  List  .........................................................................................................................................  63
Version  Releases  ...................................................................................................................................................  64
Version  Walkthrough  .......................................................................................................................................  64
Alpha  ................................................................................................................................................................  64
Beta  ..................................................................................................................................................................  64
Production  ........................................................................................................................................................  64
Definitions  .................................................................................................................................................................  64
Environments  ........................................................................................................................................................  64
Testing  ...................................................................................................................................................................  64
Operations  Status  ..................................................................................................................................................  65
Responsibility  ............................................................................................................................................................  65
Project  Sponsor  .....................................................................................................................................................  65

Page  iv   ©  2010  Janco  Associates,  Inc.  –  www.e-­‐janco.com  

 
 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Project  Manager  ....................................................................................................................................................  65

Developers  ............................................................................................................................................................  65
System  Testers  ......................................................................................................................................................  65
Application  Administrator  .....................................................................................................................................  65
Users  .....................................................................................................................................................................  66

Internet, E-Mail and Electronic Communication ..................................................................... 67

Overview  ...................................................................................................................................................................  67
Appropriate  use  of  Equipment  ..............................................................................................................................  67
Internet  Access  ......................................................................................................................................................  67
Electronic  Mail  ......................................................................................................................................................  67
Retention  of  E-­‐Mail  on  Personal  Systems  .............................................................................................................  68
E-­‐mail  and  Business  Records  Retention  ................................................................................................................  68
Copyrighted  Materials  ...........................................................................................................................................  70
Ownership  of  Information  .....................................................................................................................................  70
Security  .................................................................................................................................................................  70
Internet  and  Electronic  Communication  Policy  .........................................................................................................  72
Policy  .....................................................................................................................................................................  72
Personal  Responsibility.....................................................................................................................................  72
Term  of  Permitted  Use  .....................................................................................................................................  72
Purpose  and  Use  ..............................................................................................................................................  72
Network  Etiquette  ............................................................................................................................................  72
Banned  Activities  ..............................................................................................................................................  73
Confidential  Information  ..................................................................................................................................  74
Privacy  ..............................................................................................................................................................  74
Noncompliance  ................................................................................................................................................  75
E-­‐Mail  ........................................................................................................................................................................  76
Policy  .....................................................................................................................................................................  76
E-­‐mail  is  for  Business  Use  .................................................................................................................................  76
Employees  Have  No  Reasonable  Expectation  of  Privacy  ..................................................................................  76
Offensive  Content  and  Harassing  or  Discriminatory  Activities  Are  Banned  .....................................................  78
Confidential,  Proprietary,  and  Personal  Information  Must  Be  Protected  ........................................................  78
Do  Not  Use  E-­‐mail  to  Communicate  with  Lawyers  ...........................................................................................  79
Business  Record  Retention  ...............................................................................................................................  79
Violations  ..........................................................................................................................................................  79
E-­‐mail  -­‐  Employee  Acknowledgement  ...................................................................................................................  80

Travel and Off-Site Meetings Security .................................................................................. 81

Data  and  Application  Security  ...............................................................................................................................  81
Minimize  Attention  ...............................................................................................................................................  82
Public  Shared  Resources  .......................................................................................................................................  82
Off-­‐Site  Meeting  Special  Considerations  ...............................................................................................................  82
 

Page  v   ©  2010  Janco  Associates,  Inc.  –  www.e-­‐janco.com  

 
 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Blog and Personal Web Sites Policy ...................................................................................... 84

Policy  .........................................................................................................................................................................  84
Rights  to  content  .......................................................................................................................................................  85
Option  for  More  Restrictive  License  Terms  ...........................................................................................................  85
Attribution.............................................................................................................................................................  86
Guidelines  .................................................................................................................................................................  86
Personal  Website  and  Blog  Guidelines  –  Non  ENTERPRISE  domains  ........................................................................  88
Security  Standards  ....................................................................................................................................................  89

Sensitive Information Policy ................................................................................................ 90

Policy  .........................................................................................................................................................................  90
Secure  Network  Standards........................................................................................................................................  90
Install  and  Maintain  a  Network  Configuration  Which  Protects  Data  ....................................................................  90
Modify  Vendor  Defaults  ........................................................................................................................................  93
Protect  Sensitive  Data  ...........................................................................................................................................  93
Protect  Encryption  Keys,  User  IDs,  and  Passwords  ...............................................................................................  95
Protect  Development  and  Maintenance  of  Secure  Systems  and  Applications  .....................................................  96
Prior  to  Implementation  ...................................................................................................................................  96
Vendor  Products  ...............................................................................................................................................  97
ENTERPRISE  Products  .......................................................................................................................................  97
Manage  User  IDs  to  Meet  Security  Requirements  ................................................................................................  98
Restrict  Physical  Access  to  Secure  Data  Paper  and  Electronic  Files  ......................................................................  99
Regularly  Monitor  and  Test  Networks  ....................................................................................................................  100
Monitor  All  Access  to  Network  Resources  and  Sensitive  Data  ............................................................................  100
Test  Security  Systems  and  Processes  ..................................................................................................................  102
Email  and  Business  Records  Retention  ...................................................................................................................  103
Maintain  an  Information  Security  Policy  .................................................................................................................  103

Service Level Agreement for [The Application] .....................................................................104

Overview  .................................................................................................................................................................  104
Three-­‐Tier  Environment  .................................................................................................................................  104
SLA  ..........................................................................................................................................................................  104
Internal  IT  SLAs  ....................................................................................................................................................  104
Hardware/Network  Maintenance  ..................................................................................................................  104
Backup  and  Recovery  .....................................................................................................................................  104
Backup  .......................................................................................................................................................  105
Recovery  ....................................................................................................................................................  105
Application  Administration  .............................................................................................................................  105
Application  Updates  .......................................................................................................................................  105
External  SLA  ........................................................................................................................................................  106
IT  Obligations  ..................................................................................................................................................  106
Availability  .................................................................................................................................................  106
Accuracy  ....................................................................................................................................................  106
Training  and  Documentation  .....................................................................................................................  107
Help  Desk  /  Service  Requests  ....................................................................................................................  107
User  Friendly  Interface  ..............................................................................................................................  107
Feedback  ....................................................................................................................................................  107
End  User  Obligations  ......................................................................................................................................  107

Page  vi   ©  2010  Janco  Associates,  Inc.  –  www.e-­‐janco.com  

 
 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Training  ......................................................................................................................................................  108

Reporting  Problems  ...................................................................................................................................  108

Appendix .......................................................................................................................... 109

Change  Control  Request  Form  ................................................................................................................................  110
Business  and  IT  Impact  Analysis  Questionnaire  ......................................................................................................  114
Internet  Use  Approval  Form  ...................................................................................................................................  137
General  Administration  ..................................................................................................................................  137
Internet  Access  Request  Form  ................................................................................................................................  140
Internet  &  Electronic  Communication  -­‐  Employee  Acknowledgment  (short  form)  ................................................  141
Blog  Policy  Compliance  Agreement  ........................................................................................................................  142
Sensitive  Information  Policy  Compliance  Agreement  .............................................................................................  143
E-­‐mail  -­‐  Employee  Acknowledgement  (short  form)  ................................................................................................  144

What’s New ...................................................................................................................... 146

Version  4.0  –  April  2010  ......................................................................................................................................  146
Version  3.4  ..........................................................................................................................................................  146
Version  3.3  ..........................................................................................................................................................  146
Version  3.2  ..........................................................................................................................................................  146
Version  3.1  ..........................................................................................................................................................  146
Version  3.0  ..........................................................................................................................................................  146
Version  2.2  ..........................................................................................................................................................  147
Version  2.1  ..........................................................................................................................................................  147

Page  vii   ©  2010  Janco  Associates,  Inc.  –  www.e-­‐janco.com  

 
 Janco IT Service Management
Associates,Inc. Service Oriented Architecture
http://www.eͲjanco.com 

IT Service Management and Service-Oriented Architecture

Definition
ITservicemanagement(ITSM)isadisciplineformanaginginformationtechnology
(IT)systems,philosophicallycenteredonthecustomer'sperspectiveofIT's
contributiontothebusiness.ITSMstandsindeliberatecontrasttotechnologyͲ
centeredapproachestoITmanagementandbusinessinteraction.

ServiceͲOrientArchitecture(SOA)isanInformationTechnologyandsystem
architecturedesignapproachbuiltaroundcomputerservicesandcomponentsthat
arereusedandrecombinedeasilyusingastandardinterface.

InanSOA,softwareandapplicationcomponentsadvertisethemselvesona
networkofferingaservicetoothersoftwareandcomponents.Acustomerservice
systemcouldprovidealookͲupthatacreditapplicationandfinancialmanagement
systemcoulduse.Thatisincontrastwithatraditionalapproachwereeachofthe
threeapplicationswouldhavetocreatethesamefunctionthatconformedtoeach
individualapplicationarchitecture.

IntheSOAarchitectureonceacomponentorprocessiscreateditcanbeusedby
anyapplicationintheenterprise.

© 2010 Copyright Janco Associates, Inc. - http://www.e-janco.com Page 8

 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

ITIL  3.0  is  structured  around  core  of  Service.    ITIL  v3  has  five  components:  

Service  Strategy    
Service  Design    
Service  Transition    
Service  Operation  
 Continual  Service  Improvement  
This  template  is  in  compliance  with  the  ITIL  v3.0  standard  and  has  a  service  focus.  

The  processes  that  are  addressed  in  that  standard  are:  

Access  Management  
Availability  Management  
Capacity  Management  
Evaluation  
Event  Management  
Financial  Management  (aka  Service  Economics)  
Information  Security  Management  
Knowledge  Management  
Problem  Management  
Release  and  Deployment  Management  
Request  Fulfillment  
Service  Asset  and  Configuration  Management  

© 2010 Copyright Janco Associates, Inc. - http://www.e-janco.com Page 17

 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Service Request – Help Desk Priority Matrix & Process Flow

Charts

Service  Request  -­‐  Help  Desk  Priority  Matrix  

   
Priority   P1   P2   P3   P4  
Multiple  Users  
Work  around  
Multiple  Users  /   Available;                               Single  User  /  
Description   Scheduled  Requests  
No  Workaround   Single  User  /  No   Workaround  
Workaround;          
VIP  
Acknowledgement   10  min.   30  min.   1  hr.   8  hrs.  

Resolution   ASAP   4  hrs.   8  hrs.   per  agreement  

15  min.  Help   15  min.  Help  Desk,   15  min.  Help  
Assignment   Desk,  assign  to   assign  to  lead  or   Desk,  assign  to   Help  Desk  
SWAT   analyst   analyst  
Notify  
management    
Missed   with  Hourly  
Reminder  Page   Reminder  Page   Reminder  Page  
Acknowledgement   updates  until  
acknowledgement  
received  
Notify   Notify  
Notify  management;  
50%  to  Resolution   management;   management;  
N/A   Notify  Lead;  
Time   Notify  Lead;   Notify  Lead;  
Metrics  Report  
Metrics  Report   Metrics  Report  
Hourly  Updates  to   Reminder  email  8  
Proactive  
Help  Desk.           hours  prior  to  
Notification  
Coordinator   resolution  
Auto-­‐escalate  to   Auto-­‐escalate  to  
Notify  Management  
Missed  Resolution   N/A   next  support  level;   Lead  
Metrics  Report  
Metrics  Report   Metrics  Report  
Escalate  to  Lead  
Escalate  to  SWAT   after  missed  
or  next  level  of   resolution;  
management  after   Escalate  to  
Escalation  Level   N/A   missed  resolution;   Management   Metrics  Report  
150%  of  Resolution   after  150%  of  
time  (6  hours):   Resolution  time  
Metrics  Report   (12  hours):  
Metrics  Report  
Automatic  or  
Manual  Email  to  
CIO  within  30  
Notification  Level   Metrics  Report   Metrics  Report   Metrics  Report  
minutes;    
Page  IT  Managers,  
IT  Directors  

© 2010 Copyright Janco Associates, Inc. - http://www.e-janco.com Page 32

 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

P2 Tickets

Assign Ticket to
P2 Call Logged -
Analyst or Lead
Ticket Opened
within 15 min.

Analyst or Lead Reminder Page

Acknowledges No Automatically sent
customer within 30 to Analyst or Lead
min.

Yes

Analyst or Lead
Analyst assess Acknowledges
Yes
problem Customer within 2
hrs.

No

Reprioritize Notify
/ Hold Management,
Yes Reassign
Notify Lead (if
applicable)

No

Notify Analyst => Lead

No Resolution within Management Auto- Lead => Management
No
4 hrs. Escalate To Next
Support Level

Customer
Set Ticket Status Resolution within
Acknowledges Yes
to Resolved an additional 2 hrs.
Problem Solution
(6 hrs. total)

Yes No

Auto-Escalate to
Management
Close Ticket
(Management may
escalate to SWAT)

© 2010 Copyright Janco Associates, Inc. - http://www.e-janco.com Page 35

 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Change Control Quality Assurance Standard

Overview
Quality  is  defined  as  the  efficient  and  effective  development,  
deployment,  and  support  of  defect-­‐free  products  and  services  
that  meet,  or  exceed,  the  needs  of  the  clients,  users,  and  
business.    All  IT  products  and  services  must  conform  to  client,  
user,  and  business  requirements  in  order  to  be  considered  
quality  offerings.  

Standard

Testing
The  end  user  actively  participates  in  application  testing  prior  to  user  acceptance.    
Department  personnel  should  specify  the  test  criteria  and  evaluate  test  results.    The  
purpose  of  testing  is  to  prove  that  the  product  performs  to  user  defined  system  

Unit Test Unit Testing - The testing of individual

M M program modules. There must be at least
M one unit test for each program function. Unit
tests are normally designed and executed by
the programmer/analyst who designed and
coded the program being tested.

Product Test Product Testing - The testing of all modules

M M M M within a single application to ensure that all
M M modules function together properly.

Integration Integration Testing - Testing the product as a

whole. The purpose of integration testing is
M M M M Test to test the integration of product components
M M with each other and the integration of the
entire product into the existing environment.
M M M M
M M
Release

User Acceptance Testing - Serves to verify the

Acceptance "production readiness" of the product from
the perspective of those who will use or
support the product.

specifications.    ENTERPRISE-­‐IT  defines  the  four  stages  of  the  test  as:  

© 2010 Copyright Janco Associates, Inc. - http://www.e-janco.com Page 50

 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Travel and Off-Site Meetings Security

Protection  of  ENTERPRISE  data  and  software  is  often  is  complicated  by  the  fact  that  
it  can  be  accessed  from  remote  locations.    As  individuals  travel  and  attend  off-­‐site  
meetings  with  other  ENTERPRISE  employees,  contractors,  suppliers  and  customers  -­‐  
data  and  software  can  be  compromised.  

It  is  the  responsibility  of  all  users,  data  owners  and  data  managers  to  ensure  that  
adequate  controls  exist  per  the  Internet  and  Information  Technology  Security  
Manual  or  special  requirements  as  established  by  the  Audit  Department  or  the  
Internet  and  Information  Technology  Security  group.  Enforcement  of  these  controls  
is  imperative  in  order  to  provide  the  best  environmental  security  possible.  

In  addition  to  that  the  following  procedures  should  be  followed.  

Data and Application Security

Do  not  take  your  PC  on  trip  unless  it  is  absolutely  necessary.    If  you  need  to  take  a  
PC,  minimize  the  data  and  programs  that  are  on  the  PC.      

Use  unique  user  names  and  passwords  for  files  on  the  PC.      

Use  an  external  storage  device  for  data  and  programs.    The  external  storage  device  
data  should  be  encrypted.    

Use  biometrics  and  other  techniques,  such  as  removable  storage  devices  (when  
possible).  This  should  help  to  limit  risks  to  ENTERPRISE  if  the  PC  is  lost  or  stolen.    Do  
not  store  the  external  storage  or  key  device  with  the  PC.  

Do  not  automatically  save  user  names  and  passwords  on  the  PC.      

Do  not  leave  your  PC,  PAD  or  printed  documents  unattended.    If  you  have  to  leave  
them  in  your  hotel  room,  be  aware  that  can  be  a  major  breach  in  security  –  see  if  
there  is  a  safe  that  you  can  put  them  in.  

When  attending  an  offsite  meeting,  the  organizer  should  provide  a  facility  where  
you  can  check  you  equipment  and  reports  in  which  is  secure  and  guarded.  

When  using  remote  printing  send  a  test  page  before  you  send  secure  data.    Be  in  
the  location  where  the  printer  is  printing.    If  there  are  any  paper  jams  retrieve  all  of  
the  pages.      After  the  jam  clear  see  what  comes  out  next.    

When  you  are  finished  with  report  that  contains  secure  data,  keep  it  with  you  until  
it  can  be  disposed  of  properly.    

© 2010 Copyright Janco Associates, Inc. - http://www.e-janco.com Page 81

 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

User Environment

Provide the following information for each department that uses the application:

x Department name
x How the application is used (example: Department A inputs patient information, Department B enters billing information etc.)
x Primary contact (i.e. primary user or department head name)
x Number of people in department that use the application
x What attribute best describes the users that have access to this application:
Public
Customers and Employees
Groups of Employees
Specific Employees
Other __________

Department Name Purpose or Use Primary Contact Number of User Attribute

Users
… Public
… Customers
… Employees
… Groups of Employees
… Specific Employees
… _______________
… Public
… Customers
… Employees
… Groups of Employees
… Specific Employees
… _______________
… Public
… Customers
… Employees
… Groups of Employees
… Specific Employees
… _______________
… Public
… Customers
… Employees
… Groups of Employees
… Specific Employees
… _______________
… Public
… Customers
… Employees
… Groups of Employees
… Specific Employees
… _______________
… Public
… Customers
… Employees
… Groups of Employees
… Specific Employees
… _______________

© 2010 Copyright Janco Associates, Inc. - http://www.e-janco.com Page 119

 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

What’s New

Version 4.0 – April 2010

Updated  Format  to  comply  with  CSS  
Updated  Business  and  IT  Impact  Questionnaire  
Updated  to  meet  mandated  requirements  

Version 3.4
Update  Blog  and  Personal  Web  Site  Policy  
Updated  to  meet  Sarbanes-­‐Oxley  requirements  
Updated  Blog  and  Personal  Web  Site  Compliance  Agreement  
Added  section  on  Rights  to  Content  
Add  Best  Practices  Section    

Version 3.3
Added  section  on  Service  Management  Standards  including  ITIL  and  ISO  20000  
Updated  process  flow  charts  

Version 3.2
Updated  section  on  e-­‐mail,  Internet  and  Electronic  Communications  
Updated  Blog  Policy  Acknowledgement  Form  
New  Forms  
Internet  Usage  Policy  –  Employee  Acknowledgement  (short  form)  
E-­‐Mail  Usage  Policy  –  Employee  Acknowledgement  (short  form)  

Version 3.1
Corrections  to  errata  
Defined  Service-­‐Oriented  Architecture  
Added  Service  Level  Agreement  Policy  Template  (application)  

Version 3.0
Sensitive  Information  Policy  
Sensitive  Information  Compliance  Agreement  

© 2010 Copyright Janco Associates, Inc. - http://www.e-janco.com Page 146

 Janco   IT Service Management
Associates,  Inc.   Service Oriented Architecture  
-­‐janco.com  
http://www.e-­‐j  

Version 2.2
Blog  and  Personal  Web  Site  Policy  
Blog  Policy  Compliance  Agreement  

Version 2.1
Internet,  E-­‐Mail  and  Electronic  Communication  Policy  –  Added  
Travel  and  Off-­‐Site  Meeting  Security  –  Added  
Forms  –  Check  boxes  automated  for  double  clicks  

© 2010 Copyright Janco Associates, Inc. - http://www.e-janco.com Page 147