Jingga/Organization-Guide
1
0
Fork 0
mirror of https://github.com/Karaka-Management/Organization-Guide.git synced 2026-01-11 04:48:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
master
Organization-Guide/Processes/09_IT.md.md

2.5 KiB
Raw Permalink Blame History

IT

Key Objective Target Achieved
High internal server and software availability > 99% of business days YES
High customer facing server and software availability > 99% YES
High data protection No data loss YES
High data security No severe data leak YES

Backups

Backups are performed according to the Backup & Data Recovery policy. This includes the following 3 backup types for all data stored on the organization IT systems:

  • Backup to external data storage: Daily (R1)
  • Backup to an external service provider: Daily (R2)
  • Manual back (cloning): Quarterly (R3)

Both the external data storage backup and the external service provider backup are automatically generated by a software. The backup of these two methods is also validated automatically during the backup process by randomly comparing backup data with live data. (R4)

Maintenance

The IT department has to ensure that the IT systems are running according to their purposes with the necessary stability and robustness. This is done by manually inspecting error reports from the different software solutions running on the IT servers and manually testing the performance of the software and hardware.

IT security

Permission changes

Permissions for data access must be handled carefully and users should only receive permissions according to their functions and tasks. A General permission overview can be found in the Permission List. This list contains a basic guideline for permission handling but can be deviated from in special situations. Deviations must be approved according to the Change Management policy by the respective HOD and IT department. (R5)

Software changes

New software or software updates must be tested by the IT team in a sandbox environment before they can get migrated to the live environment (R6). Generally, updates should be installed as soon as reasonably possible to ensure the newest security fixes, bug fixes and newest software features. The Change Management policy defines the testing and approval procedures for software. (R7)

Additional guidelines

The IT Security policy defines additional best practices and guidelines how to handle IT security.

2022-01-01 - Version 1.0