Example: marketing

ICT Processes Standard Operating Procedures and …

ICT Processes Standard Operating Procedures and Good Practices Prepared In January 2002 By OMSAR Table of Contents Preliminary and Administrative Activities .. 1 Activity 1 : Define Business Objectives as Related to ICT ..2 Activity 2 : Initiate and Plan the Good Practices Project ..3 Activity 3 : Collect Documents Relevant to the Project ..5 Activity 4 : Conduct Risk Management for the Good Practices Activity 5 : Establish Proper Communication Schemes ..8 Activity 6 : Setup a Performance Measurement Process .. 10 Activity 7 : How to Implement standards .. 12 Activity 8 : How to Manage ICT Projects .. 14 Activity 9 : Setup the Configuration Management Process .. 16 Managing ICT Human Resources .. 19 Activity 10 : Organize the Structure of the ICT 20 Activity 11 : Identify the Required Competencies per 22 Activity 12 : Identify Actual Competency Levels of all Staff.

ICT Processes Standard Operating Procedures and Good Practices Prepared In January 2002 By OMSAR

Tags:

  Operating, Standards, Processes, Procedures, Ict processes standard operating procedures and

Information

Domain:

Source:

Link to this page:

Please notify us if you found a problem with this document:

Other abuse

Advertisement

Transcription of ICT Processes Standard Operating Procedures and …

1 ICT Processes Standard Operating Procedures and Good Practices Prepared In January 2002 By OMSAR Table of Contents Preliminary and Administrative Activities .. 1 Activity 1 : Define Business Objectives as Related to ICT ..2 Activity 2 : Initiate and Plan the Good Practices Project ..3 Activity 3 : Collect Documents Relevant to the Project ..5 Activity 4 : Conduct Risk Management for the Good Practices Activity 5 : Establish Proper Communication Schemes ..8 Activity 6 : Setup a Performance Measurement Process .. 10 Activity 7 : How to Implement standards .. 12 Activity 8 : How to Manage ICT Projects .. 14 Activity 9 : Setup the Configuration Management Process .. 16 Managing ICT Human Resources .. 19 Activity 10 : Organize the Structure of the ICT 20 Activity 11 : Identify the Required Competencies per 22 Activity 12 : Identify Actual Competency Levels of all Staff.

2 24 Activity 13 : Analyze Competencies to Identify Training Requirements .. 26 Activity 14 : Identify Training 28 Activity 15 : Manage Training 29 Activity 16 : Maintain Training 30 Activity 17 : Define Recruitment 31 Relationships with Suppliers .. 32 Activity 18 : Prepare a List of Supplier Products and Services .. 33 Activity 19 : How to Audit or Qualify Suppliers .. 35 Activity 20 : Prepare an Agreements 38 Activity 21 : Evaluation of Suppliers, Products, Projects or Alternatives .. 40 Activity 22 : Recommended Issues to Consider in ICT Agreements .. 42 Including Technical Specifications in Agreements .. 42 Schedule and Timing of Product Deliveries .. 42 Costing and Other Financial Issues .. 43 Software Upgrades and Updates .. 44 The Supply of Source Code .. 44 Suggested Solutions .. 45 Data Structure vs Source 45 Maintenance and Warranty 46 Warranties and Maintenance on Equipment.

3 46 Warranties and Maintenance on 46 Terms Applying to Both Hardware and 47 Support 47 Ensuring Continuity of Services .. 48 Delivery and Acceptance Criteria .. 48 Authorization of Staff .. 49 Copyrights and Intellectual Property .. 49 Qualification Processes .. 51 Activity 23 : Specification Qualification (SQ) .. 53 Activity 24 : Installation Qualification (IQ) .. 56 Activity 25 : Operational Qualification (OQ).. 58 Activity 26 : Performance Qualification (PQ).. 60 Logical System Access and Security .. 64 Activity 27 : Identify Functions to be Secured .. 65 Activity 28 : Assign Privileges and Access 67 Activity 29 : Assign, Distribute and Control 68 Activity 30 : ISO standards for Security .. 70 Physical System Protection, Access and Security .. 72 Activity 31 : Infrastructure Server and Other Rooms .. 73 Activity 32 : Infrastructure Cabling.

4 75 Activity 33 : Infrastructure 76 Activity 34 : Assign Physical Access Privileges .. 78 Activity 35 : Assign, Distribute and Control 80 Activity 36 : Insure the ICT 81 Information Integrity : Backup / Archiving and Data 82 Activity 37 : Identify What is to be Backed Up and When .. 83 Activity 38 : Backing Up .. 85 Activity 39 : Identify What is to be Restore Tested and 87 Activity 40 : Restore 89 Activity 41 : Good Back Up 91 Activity 42 : Protection Against Viruses .. 93 Information Integrity : Business Continuity Planning .. 94 Business Continuity Plans .. 94 Classifying Disasters .. 94 Activity 43 : Disaster Recovery Procedures .. 96 Activity 44 : Disaster Recovery Good Practices .. 99 Activity 45 : Business Continuity Contingency Plans .. 100 Software Application Development .. 101 Activity 46 : Using a Software Development Process.

5 102 Activity 47 : Software Development 104 Activity 48 : Programming standards .. 105 Activity 49 : Selecting Software Applications .. 107 Operations Management .. 109 Activity 50 : Logging Maintenance and Support .. 110 Activity 51 : Control Dissemination of Hard Copies and Distribution .. 113 Activity 52 : Good Practices for User Support .. 115 Activity 53 : Managing the Supplies of the ICT 117 Activity 54 : Documenting Data Entry Procedures .. 118 Activity 55 : Standard Data Entry Checks and Controls .. 120 Activity 56 : Using and Supporting Office Technology Products .. 121 Environment Management .. 123 Activity 57 : Define the Required Environmental 124 Activity 58 : Monitor Environmental Behavior .. 126 The ICT Processes Page 1 Preliminary and Administrative Activities The Guide commences with a set of Activities that are general.

6 They do not fall under any specific Information Process. Most are fundamental Processes in that they apply to the whole Department. The ICT Processes Page 2 Activity 1 : Define Business Objectives as Related to ICT Objectives : this Activity defines the steps needed to establish Policies and Goals for using its current and projected ICT Systems. This Activity also assesses the degree to which business/organizational plans and ICT plans are aligned. It determines the appropriateness of the mechanisms for establishing the priorities of ICT investments (New projects, changes to existing systems, etc). It establishes the governing rules and structure of the ICT unit as a whole. Of critical importance is an assessment of ICT spending. Questions such as the following should be asked and answered : What is each ICT System for? What does the Department expect from each system?

7 How do the systems impact the general strategy of the Department? Who are the beneficiaries of the Department s ICT Systems? What are the Technologies selected for current and projected systems What is the justification for such selection? (Financial and otherwise) How does each system contribute to the Products and Services the Department is to provide to the Citizen? Or to other Departments? Or to the outside world? What are the key performance indicators to be measured and tested to establish the success of the system? What are the challenges facing the ICT Systems? What are the main risks facing the implementation of the Systems? What is the structure of the ICT unit setup to handle all the ICT Processes ? Scope of usage : to cover all ICT Systems under current use or that are projected for future use. Risks : should such goals and policies not be defined, the Department risks acquiring the wrong systems, using them in the wrong manner or even not estimating budgets properly.

8 Documentation and Deliverables : prepare a document that responds to the above questions and any others that the Department finds crucial. Such a document would therefore establish the ICT strategy and plan for the Department. The ICT Processes Page 3 Activity 2 : Initiate and Plan the Good Practices Project Objectives : the Good Practices Project is an ongoing process. The Department will benefit from an ongoing application of Good Practices. The Good Practices to be implemented in the Department should form part of a long term Project that is well planned, executed and monitored. The objectives of this Activity are to plan the Good Practices Project according to modern project management techniques. Scope of usage : restricted to the Good Practices Project. The Project will not be involved in any other ICT projects except in so far as it may propose and implement good practices for them.

9 Risks : should the Department not plan the Good Practices project properly, it risks the following : Undefined or unclear scope of the Project (Too wide or too narrow) Undefined or unclear deliverables Undefined or unclear communications channels Undefined or unclear authorizations Improper scheduling of the the Project Poor definition of a Project Team : responsibilities, authorities, etc. Improper acquisition of resources required by the Project such as documentation, project management, electronic documentation support, etc. Critical Risk : one of the major risks involved is that of the Department not having a Project Manager nor being able to assign a Project Team for the Project. This is a serious situation and can be known in advance. It is suggested that the Department contact OMSAR in such a case to study various other alternatives such as outsourcing, assistance by other Departments, etc.

10 Standard Operating Procedure : 1) Define the Project Scope, Objectives and Goals. 2) Assign a capable Project Manager. Usually, this would be the Head of the ICT Unit. However, in the case where the Unit has not been formed yet, the Management may find other parties for this role. 3) Identify all stakeholders of the project. Stakeholders are all parties within and outside the Department that may have a positive or negative interest in the Project. 4) Ensure that the Project Objectives are understood by all stakeholders or persons with active interest in the project. To do that, refer to the document developed in Use the document arrived at in Activity 1) 5) Analyze the Guide of Good Practices to identify the ICT Processes of interest to the Department and to determine the Activities that the Department needs to implement. The ICT Processes Page 4 6) Identify Alternatives and Options to such Activities.


Related search queries