Best IT Documents.com Blog


Sample Visio – Project Role Resource Request Flow

Posted in Projects (400),Visio Samples - Stencils (457) by Guest on the August 31st, 2013

Free Visio document download

Project Role Resource Request Flow

Negative impacts of resources not assigned or improperly allocated 

Impact Timesheet 

Impacts Budget 

Impacts Finance 

Impacts Capitalization 

Impacts Allocations 

Impacts our Customers 

Impacts to your current and future revenue streams

http://www.bestitdocuments.com/Services.html

 

Comments Off on Sample Visio – Project Role Resource Request Flow

Powerpoint – Identifying Worst Information Technology Practices

Comments Off on Powerpoint – Identifying Worst Information Technology Practices

Sample – Asset Collection Worksheet Considerations

Posted in Compliances (1300),Policies - Standards (600),Security (1500) by Guest on the August 17th, 2013

Considerations:

What are your important assets?

  • SAP
  • ERP
  • CRM
  • BizTalk
  • Financial Applications
  • Ultimus Applications
  • Payroll (included in financial systems)
  • Inventory (included in financial systems)
  • SQL databases
  • Quickbase databases (Internet services)
  • Greatplains databases
  • Kronos databases
  • Call Center Software
  • Remedy (Ticketing System)
  • Heat (Ticketing System)
  • Internet Websites
  • Intranet Websites
  • Country Offices
  • Exchange / E mail (mobile access)
  • Building Security System
  • PBX Telephone Switch
  • Shared Drives
  • Department. Drives
  • Vendor Partners
  • Outside e-mail lists
  • MS Documents
  • Access databases
  • Business and Technology reports
  • Technology assets (hardware / software and licensing)
  • FTP sites
  • Media Assets
  • Scanned, Printed, and Faxed documents
  • Hand written notes
  • Instant messaging
  • Voice messages 

Are there any other assets that you are required to protect (e.g., by law or regulation)?

  • Customer data
  • SOX Information
  • PCI information
  • Employee Information
  • HIPAA
  • PII 

What related assets are important?

  • ISP: AT&T, Qwest, VzB, Sprint, L3
  • Internet Service providers for field offices
  • Software vendors
  • Banking System
  • Back-up tapes 

From the assets that you have identified, which are the most important? 

What is your rationale for selecting these assets as important?

  • SAP
  • Financial Systems
  • Corporate website
  • SOX 

The following are action items that are apart from the Protection Strategy and Mitigation Plan (not in priority order): 

  • Sensitive data on the website
  • Single points of failure (Switches, SAN)
  • Firewalls, IDS and other countermeasure technologies
  • Data other than in SAN (Access DBs, Excel, paper, Client PCs, department public drives))
  • Partner country independent activities
  • Social engineering
  • Printer in IP
  • Password policy and enforcement
  • Access rights
  • Application passwords (stored in clear)
  • NT 200x in shipping
  • Laptop firewalls, remote access
  • Hackers
  • Terrorists

 http://www.bestitdocuments.com/Services.html

 

Comments Off on Sample – Asset Collection Worksheet Considerations

Customer Process for Audit and Compliance

Posted in Business (600),Compliances (1300),Security (1500) by Guest on the August 11th, 2013
Comments Off on Customer Process for Audit and Compliance

IT Strategy and Technology

Posted in Compliances (1300),Projects (400),Security (1500) by Guest on the August 10th, 2013

Becoming customer-centric starts with Strategy and is supported with Technology Enablers.  Technology is a means to an end.  Not an end in itself.

Strategy and objectives identification.

  1. What is our overall mission? 
  2. The value proposition? 
  3. Marketing strategy? 
  4. How will loyalty models be utilized or trigger-based marketing?  

Develop the customer and business metrics and establish benchmarks

Marketing strategy identification

  • Confirm customer segments and sub-segments
  • Perform data modeling including migration, attrition, and acquisition
  • Marketing program and tactics identification
  • Develop pricing plan
  • Identify communication plans
  • Develop testing plan
  • Gather & prioritize business requirements for new functions

High Level Work Streams Sample

Blueprint

Assessment Phase Solution Design Program Initiation
Business requirements gathering System architecture design Program Management Office
Source Systems Analysis   Meta data Define roles, quality control, standards
Organizational assessment   Data flows  
    System components Roadmap
  ETL Requirements
Tool recommendations Phases
Develop conceptual data model Timeline
Refine/Prioritize business requirements Organizational Readiness
Tool selection Benefits

Project Plan

Architecture

Road Map

 http://bestitdocuments.com/Services.html

 

Comments Off on IT Strategy and Technology

Sample Visio – Sample webcommerce AD – OU Structure

Posted in Visio Samples - Stencils (457) by Guest on the August 5th, 2013

Sample:

The OU structure of the directory will be the default after the initial promotion of the first DC with a couple of root level OU’s added.  These OU’s will be named Administration and Application respectively.  

The Administration OU will then have a sub-OU named the IT Architecture group which will contain all IT personnel.  If corporate or any other entity has the need for user or group creation then they should have a sub-OU created to house these objects.  

Only IT Support will have domain-wide administrative privileges but it may be necessary to grant others the rights to administer certain servers or other objects.

Free Visio document download

Sample webcommerce AD – OU Structure

http://www.bestitdocuments.com/Services.html

 

Comments Off on Sample Visio – Sample webcommerce AD – OU Structure

Sample – Defining Your Security Risk Exposure

Posted in Compliances (1300),Policies - Standards (600),Security (1500) by Guest on the August 1st, 2013

Regardless of how strong the security of network infrastructure or software implementations are, risks are present wherever there is administrative access to computer systems and data.

A risk analysis outlines all the threats to the viability of the business. It examines the likelihood of each threat occurring and the impact of that occurrence. This allows us to make informed decisions when assigning resources to manage our risk. 

We manage risk by controlling the vulnerabilities that expose us to it (if the threat is highly likely to eventuate), or planning how to recover from it (if the threat is unlikely, but must be guarded against). At its simplest, we might define nine broad levels of risk, each with an associated response, as follows: 

Probability of threat occurring

Impact to business

if threat occurs

Response to level of threat

Low Low AD Hoc Management of Occurrences
Low Medium Draft Response Plan
Low High Contingency Plan in Place
Medium Low Draft Response Plan
Medium Medium General Preventative Measures & Contingency Plan in Place
Medium High Specific Preventative Measures & Contingency Plan in Place
High Low Specific Preventative Measures
High Medium Specific & Fall-Back Preventative Measures & Contingency Plan in Place
High High Measures to Prevent Any Occurrences & Contingency Plan in Place

 Risk / Response Table 

Obviously, response will vary according to company and resources. Some companies may aim to prevent the occurrence of any threat, regardless of its impact; others may choose to accept even high-impact threats. Similarly, different areas of the same company may define higher impacts or risks for the same threat. Finally, you may want to extend the granularity of the risk model, to define additional levels of both risk and impact, to allow a finer tuning of the assessment and responses. 

The risk analysis requires consideration of the following:

  • Business Systems
  • Operating Environment
  • Vulnerabilities
  • Impact Assessment

http://www.bestitdocuments.com/Services.html

 

Comments Off on Sample – Defining Your Security Risk Exposure