SlideShare a Scribd company logo

Establishing IT Controls

Download as PPT, PDF
C
ccirino

The document outlines the IT organization and controls at Christy Cirino including: 1. The service delivery management methodology focuses on program and project management, architecture, and strategy. 2. The IT service management process framework includes incident, problem, change, and configuration management processes to support service desk, IT management, and business users. 3. Detailed process flows are provided for incident management, problem management, and change and configuration management which involve identification, classification, resolution, and closure of incidents, problems, and change requests.

1 of 12
Downloaded 17 times
1
2
3
4
5
6
7
8
9
10
11
12
Christy Cirino, Dir IT & Business Process Aug 2011 IT Organization and Controls
Service Delivery Management Methodology & Governance Selection ProductivityCentre ArchitectureLab ManagementSuite StrategyForum Result Station Program Program Project 1 Project 3 Project 5 Program X Y W Z Q 1 3 5 2 4 ! ? @ Benefits Solution Vision Mission Objectives Reality Organization Resources Market Product Target Organization Resources Market Product Dynamics (Services) Structure (Resources) Dynamics (Services) Structure (Resources) Current Capabilities Target Capabilities X Y Z Q W Direction Solution Solution Solution Project Change Blueprint 1 2 3 5 4 Change Initiatives Team Leader Project Team Solution Architect Program and Project Managers Business System Manager Upper Mgmt Enterprise Architect Operational Management Organization
Service Delivery Management Methodology & Governance
Service Management Process Framework IT Service Management Process Framework Service Desk IT Manager System Manager Business Users Incident Management Problem Management Change Management Configuration Management Release Management
Incident Management Level2 Legends Level1 Receive Call Record Incident Knowledge Base Classify incident Prioritize on impact & urgency Provide solution Escalate to L2 Solution Available? Incident details Analysis Related info Workaround, if any Solution Satisfactory? Y N Confirm resolution with Customer Log details Incident detail log Customer satisfaction log Time & effort log Close Incident N Analyze incident and its details Check for similar incidents in the past Design solution Software change required? N Implement solution / Inform L1 Y Initiate Change Management Incident detection & recording Classification & initial support Investigation and diagnosis Resolution and recovery Incident ownership, monitoring, tracking and communication Config Mgmt DB Check against problems, known errors or recurrence Y Level3
Incident Management Process Flow Incident detection and recording Classification and initial support Service Request Investigation and diagnosis Resolution and recovery Incident closure Service Request Procedure Ownership, monitoring, tracking and communication
Problem Management Process Flow Problem Control Problem identification and recording Problem Classification Problem Investigation and diagnosis RFC, Problem Resolution and closure Tracking and monitoring Problems Error Control Error identification and recording Error Assessment Record error resolution Close error and associated problem(s) Tracking and monitoring Errors RFC Change successfully implemented
Process for Change and Configuration Management Change Management Release Management Configuration Management Request for Change Filter, Record & Identify Prepare for Change Classification & Planning Release Change built, tested Implementation Change implemented Evaluation Closure End Release & Distribution of new documented software versions Reports and Audit Information Reports Update CI Details Update CMDB & DSL. Release from DSL Verify CMDB Configuration Management DB (CMDB) Definitive Software Library (DSL)
Regular Tool Update & Interaction with other Service towers Locations: Globally Requirements Gathering Change Review Board Approved Requests Define Test Build Deploy Close Test Break-Fix Level 1: Help Desk Severity 1 Calls & Multi-User Outages Severity 1 Problem Plan End Users Minor/Major Enhancements SW Vendor Escalation Severity 1 Problem L3 Support Analyze & Fix Enhancement Lifecycle Fix Release RCA Level 4: Application Support Escalation Onsite Coordinator / Team Level 3: Application Support ERP + Reporting Preventative Maintenance & Monitoring Change Request Process Critical Situation Team
Some Sample Templates Requirements Management Process for SAP Change Management Process Coding Standards (SAP – ABAP) SDLC Controls during AMS projects Information Security Process
Source Code / Document Version Control Source Code will be Used Standard SAP Tools Provided in SAP – Solution Manager Document Version Control will be implemented using Microsoft Share Point
Application Controls Completeness checks - controls that ensure all records were processed from initiation to completion. - Validity checks - controls that ensure only valid data is input or processed. - Identification - controls that ensure all users are uniquely and irrefutably identified. - Authentication - controls that provide an authentication mechanism in the application system. - Authorization - controls that ensure only approved business users have access to the application system. - Input controls - controls that ensure data integrity fed from upstream sources into the application system.

More Related Content

PDF
Lean Itil Event Management
Md Imran
 
PPTX
Software Quality Assurance
Saqib Raza
 
DOC
Chapter 8 software quality assurance and configuration audit
Cliftone Mullah
 
PPT
Software Quality Assurance in software engineering
MuhammadTalha436
 
PPTX
Se 381 - lec 28 -- 34 - 12 jun12 - testing 1 of 2
babak danyal
 
PDF
Softwarequalityassurance with Abu ul hassan Sahadvi
AbuulHassan2
 
PPT
Sqa
Rapunzall
 
PPT
Software Engineering (Software Quality Assurance)
ShudipPal
 
Lean Itil Event Management
Md Imran
 
Software Quality Assurance
Saqib Raza
 
Chapter 8 software quality assurance and configuration audit
Cliftone Mullah
 
Software Quality Assurance in software engineering
MuhammadTalha436
 
Se 381 - lec 28 -- 34 - 12 jun12 - testing 1 of 2
babak danyal
 
Softwarequalityassurance with Abu ul hassan Sahadvi
AbuulHassan2
 
Sqa
Rapunzall
 
Software Engineering (Software Quality Assurance)
ShudipPal
 

What's hot (20)

PPTX
Software engineering 15 software quality assurance practices
Vaibhav Khanna
 
PPTX
Software quality assurance and cyber security
Nascenia IT
 
PPT
Qa
Tanzeem Syed
 
PPTX
Software configuration management
Shivani Garg
 
PPTX
Software Quality Assurance(SQA)
Farkhanda Kiran
 
PDF
Software quality infrastructure
Luthfia Ulinnuha
 
PPTX
Anms 2009 Hotaling Boca Raton Program
city of dania beach
 
PPTX
Components of the sqa system
Hamza Malik
 
PPTX
Network Operations Center
Lorenta Erhabor
 
PDF
SQA Components
Luthfia Ulinnuha
 
PPTX
Itil prc review
Steven Ragsdale
 
PPT
Using Doors® And Taug2® To Support A Simplified
cbb010
 
PDF
Sqa 2 marks
Aruna Thillai
 
PDF
Software Quality Assurance SQA
Fizah Ali
 
PPTX
Software qualityassurance
sunilabj
 
PPT
Qa
arman Sharma
 
PPTX
Ch 10 cost of software quality
Kittitouch Suteeca
 
PPTX
Incident Escalation process Presentation
Lukas Williamson
 
PPT
Managing software project, software engineering
Rupesh Vaishnav
 
DOC
Control System - execution plan
Stephanus Roux C Eng , IntPE(uk) , FIET
 
Software engineering 15 software quality assurance practices
Vaibhav Khanna
 
Software quality assurance and cyber security
Nascenia IT
 
Qa
Tanzeem Syed
 
Software configuration management
Shivani Garg
 
Software Quality Assurance(SQA)
Farkhanda Kiran
 
Software quality infrastructure
Luthfia Ulinnuha
 
Anms 2009 Hotaling Boca Raton Program
city of dania beach
 
Components of the sqa system
Hamza Malik
 
Network Operations Center
Lorenta Erhabor
 
SQA Components
Luthfia Ulinnuha
 
Itil prc review
Steven Ragsdale
 
Using Doors® And Taug2® To Support A Simplified
cbb010
 
Sqa 2 marks
Aruna Thillai
 
Software Quality Assurance SQA
Fizah Ali
 
Software qualityassurance
sunilabj
 
Qa
arman Sharma
 
Ch 10 cost of software quality
Kittitouch Suteeca
 
Incident Escalation process Presentation
Lukas Williamson
 
Managing software project, software engineering
Rupesh Vaishnav
 
Control System - execution plan
Stephanus Roux C Eng , IntPE(uk) , FIET
 
Ad

Viewers also liked (11)

PPTX
360 Deegree Feedback System
Mohammad Shah - Al - Mamun Khondker
 
PPTX
Hdr
alex_mcafee08
 
PPT
360 degree appraisal
Zaheer Ahmed
 
PPTX
Escalation lets do it right
Hrishikesh Karekar
 
PPSX
ITIL [V3]
Mohammad Nur Alam
 
PPT
360 Degree Feedback
Navinder Narang
 
PPT
Bpo presentation
soni_nasa123456789
 
PPT
Technical Escalations Best Practices
magalong
 
PPT
Crisis Management
Impulsive Maya
 
PPTX
Performance appraisal
Madhuri Bind
 
PPTX
Crisis management - Types and Examples
Nupur Bhardwaj
 
360 Deegree Feedback System
Mohammad Shah - Al - Mamun Khondker
 
Hdr
alex_mcafee08
 
360 degree appraisal
Zaheer Ahmed
 
Escalation lets do it right
Hrishikesh Karekar
 
ITIL [V3]
Mohammad Nur Alam
 
360 Degree Feedback
Navinder Narang
 
Bpo presentation
soni_nasa123456789
 
Technical Escalations Best Practices
magalong
 
Crisis Management
Impulsive Maya
 
Performance appraisal
Madhuri Bind
 
Crisis management - Types and Examples
Nupur Bhardwaj
 
Ad

Similar to Establishing IT Controls (20)

PPTX
Introduction To ITIL Slide Share
dwslaterjr
 
PPT
Msp It Goverance And Service Delivery Process
kadhar_masthan
 
PPT
Itil & Process Concepts Awareness Tadawul 5 Of March 2007
Abdulaziz AlFaify
 
PPT
Co Dig Gov Perf Mgmt 08
James Lindauer
 
PDF
October 2008 - Transforming from Help Desk to Service Desk, Lowering TCO
IT Service and Support
 
PPTX
ITIL Best Practice for Software Companies
Daniel Brody
 
PDF
Exam Itil V2
Fernando Palma
 
PDF
Opposites Attract SOA, Agile, MDA
Denzil Wasson
 
PPS
ITIL Service Desk Tools
ahmedshama
 
PDF
Everware cbdi opposites attract 04-12-11
davemayo
 
PPTX
Benefiting from a Quality Problem Management Program
HDI Orange County
 
PPT
Deal With Production Issues - The ITIL Way
Linpei Zhang
 
PPTX
Hybrid ITSM FrontRange & Gartner Webcast
FrontRange
 
PPT
Ca Service Desk Presentation
Emirates Computers
 
PPT
ITIL version 2: Foundation Training
jogemwind
 
PPT
Itilv3
renukac1010
 
PDF
Microsoft Service Manager 2010
C/D/H Technology Consultants
 
PPTX
A Route To Quality 2007
nicxenos
 
PPTX
ITIL Webinar with Forrester
Alex D Paul
 
PPT
Itilv3
amanrecruiter
 
Introduction To ITIL Slide Share
dwslaterjr
 
Msp It Goverance And Service Delivery Process
kadhar_masthan
 
Itil & Process Concepts Awareness Tadawul 5 Of March 2007
Abdulaziz AlFaify
 
Co Dig Gov Perf Mgmt 08
James Lindauer
 
October 2008 - Transforming from Help Desk to Service Desk, Lowering TCO
IT Service and Support
 
ITIL Best Practice for Software Companies
Daniel Brody
 
Exam Itil V2
Fernando Palma
 
Opposites Attract SOA, Agile, MDA
Denzil Wasson
 
ITIL Service Desk Tools
ahmedshama
 
Everware cbdi opposites attract 04-12-11
davemayo
 
Benefiting from a Quality Problem Management Program
HDI Orange County
 
Deal With Production Issues - The ITIL Way
Linpei Zhang
 
Hybrid ITSM FrontRange & Gartner Webcast
FrontRange
 
Ca Service Desk Presentation
Emirates Computers
 
ITIL version 2: Foundation Training
jogemwind
 
Itilv3
renukac1010
 
Microsoft Service Manager 2010
C/D/H Technology Consultants
 
A Route To Quality 2007
nicxenos
 
ITIL Webinar with Forrester
Alex D Paul
 
Itilv3
amanrecruiter
 

Establishing IT Controls

  • 1. Christy Cirino, Dir IT & Business Process Aug 2011 IT Organization and Controls
  • 2. Service Delivery Management Methodology & Governance Selection ProductivityCentre ArchitectureLab ManagementSuite StrategyForum Result Station Program Program Project 1 Project 3 Project 5 Program X Y W Z Q 1 3 5 2 4 ! ? @ Benefits Solution Vision Mission Objectives Reality Organization Resources Market Product Target Organization Resources Market Product Dynamics (Services) Structure (Resources) Dynamics (Services) Structure (Resources) Current Capabilities Target Capabilities X Y Z Q W Direction Solution Solution Solution Project Change Blueprint 1 2 3 5 4 Change Initiatives Team Leader Project Team Solution Architect Program and Project Managers Business System Manager Upper Mgmt Enterprise Architect Operational Management Organization
  • 3. Service Delivery Management Methodology & Governance
  • 4. Service Management Process Framework IT Service Management Process Framework Service Desk IT Manager System Manager Business Users Incident Management Problem Management Change Management Configuration Management Release Management
  • 5. Incident Management Level2 Legends Level1 Receive Call Record Incident Knowledge Base Classify incident Prioritize on impact & urgency Provide solution Escalate to L2 Solution Available? Incident details Analysis Related info Workaround, if any Solution Satisfactory? Y N Confirm resolution with Customer Log details Incident detail log Customer satisfaction log Time & effort log Close Incident N Analyze incident and its details Check for similar incidents in the past Design solution Software change required? N Implement solution / Inform L1 Y Initiate Change Management Incident detection & recording Classification & initial support Investigation and diagnosis Resolution and recovery Incident ownership, monitoring, tracking and communication Config Mgmt DB Check against problems, known errors or recurrence Y Level3
  • 6. Incident Management Process Flow Incident detection and recording Classification and initial support Service Request Investigation and diagnosis Resolution and recovery Incident closure Service Request Procedure Ownership, monitoring, tracking and communication
  • 7. Problem Management Process Flow Problem Control Problem identification and recording Problem Classification Problem Investigation and diagnosis RFC, Problem Resolution and closure Tracking and monitoring Problems Error Control Error identification and recording Error Assessment Record error resolution Close error and associated problem(s) Tracking and monitoring Errors RFC Change successfully implemented
  • 8. Process for Change and Configuration Management Change Management Release Management Configuration Management Request for Change Filter, Record & Identify Prepare for Change Classification & Planning Release Change built, tested Implementation Change implemented Evaluation Closure End Release & Distribution of new documented software versions Reports and Audit Information Reports Update CI Details Update CMDB & DSL. Release from DSL Verify CMDB Configuration Management DB (CMDB) Definitive Software Library (DSL)
  • 9. Regular Tool Update & Interaction with other Service towers Locations: Globally Requirements Gathering Change Review Board Approved Requests Define Test Build Deploy Close Test Break-Fix Level 1: Help Desk Severity 1 Calls & Multi-User Outages Severity 1 Problem Plan End Users Minor/Major Enhancements SW Vendor Escalation Severity 1 Problem L3 Support Analyze & Fix Enhancement Lifecycle Fix Release RCA Level 4: Application Support Escalation Onsite Coordinator / Team Level 3: Application Support ERP + Reporting Preventative Maintenance & Monitoring Change Request Process Critical Situation Team
  • 10. Some Sample Templates Requirements Management Process for SAP Change Management Process Coding Standards (SAP – ABAP) SDLC Controls during AMS projects Information Security Process
  • 11. Source Code / Document Version Control Source Code will be Used Standard SAP Tools Provided in SAP – Solution Manager Document Version Control will be implemented using Microsoft Share Point
  • 12. Application Controls Completeness checks - controls that ensure all records were processed from initiation to completion. - Validity checks - controls that ensure only valid data is input or processed. - Identification - controls that ensure all users are uniquely and irrefutably identified. - Authentication - controls that provide an authentication mechanism in the application system. - Authorization - controls that ensure only approved business users have access to the application system. - Input controls - controls that ensure data integrity fed from upstream sources into the application system.