Commits

Anonymous committed c767599

Removing 'topics' work for CFS demo

  • Participants
  • Parent commits 593ae52

Comments (0)

Files changed (1)

File topics.txt

-Customer Service
-	Who is responsible for customer service?
-	Do you have a formal help desk?
-	How are help-desk calls handled?
-	Who answers the calls, and what training do they receive?
-	Is there a ticket system?
-	Who responds to the requests?
-	Who confirms fulfillment of the request?
-	How are recurring or systemic problems distilled from the general pool of help desk requests?
-	What level of service is expected to be provided for end user support? In other words, what is the typical turnaround for an administrative request (e.g. new e-mail alias, additional storage quota, application installation)?
-	Are there any other unique or interesting aspects to Customer Service that were not captured in the previous questions?
-
-End User Infrastructure
-	Which desktop Operating Systems are supported?
-	Which additional unsupported desktop Operating Systems are allowed (or disallowed) if any?
-	Are most systems deployed to the LAN?
-	What is the desktop LAN infrastructure (switch speeds, wire speeds, routing)?
-	Are wireless networks employed? If so, for what purpose and for which users?
-	In what capacity are handheld devices (PDAs, Blackberrys, iPhone) supported?
-	Is a blackberry server used?
-	Are personally-owned PCs or handheld devices allowed on premesis, allowed to use the infrastructure, or permitted for use in any official capacity?
-	How is desktop hardware maintained? Is there a site-wide hardware maintenance plan, or handled at a departmental level?
-	Are there any other unique or interesting aspects to End User Infrastructure that were not captured in the previous questions?
-
-Server Infrastructure
-	What server OS are employed? What is the IT department's preferred platform (primary expertise), if any?
-	Are any of the OSs being favored or deprecated?
-	What types of hardware are used (e.g. shelf, rack, blade)?
-	How would you describe the overall capacity of the server infrastructure? What aspects are under-performing? What aspects have excess capacity?
-	How is server hardware maintained? What is the maintenance plan? How are budgets allocated for maintenance and upgrades?
-	Is there a site-wide file storage system provided (compulsory)?
-	Is an enterprise indexing system (e.g. Google appliance, Microsoft Index Server) employed?
-	Is there any enterprise-wide Content Management System?
-	How is e-mail supported (Exchange)? What is used for virus protection, spam filtering, etc.?
-	Are there any other unique or interesting aspects to Server Infrastructure that were not captured in the previous questions?
-
-Connectivity
-	What are the bandwidth and throughput limits on the Internet connection? Are these physical limits or artificial (i.e. you could pay for more)?
-	What quality of service (uptime, etc) is guaranteed by your Internet Service Provider?
-	What are the consequences of Internet downtime?  Who complains (internal and external)? Which staff members (if any) are disabled without Internet?
-	Is a backup connection in place? Is it configured for automatic or manual failover? What services failover and which depend on the primary connectivity?
-	How is remote access provided, if any (e.g. VPN, direct)?
-	To what extent is IT involved in telephony support? Is VoIP depolyed in any official capacity?
-	What steps have been taken toward the IPv6 transition?
-
-Policies and Procedures
-	How are policies relating to Information Services established and enforced?
-	Are policies written and maintained centrally?
-	Do you have an employee acceptable use policy? How frequently are employees required or encouraged to review the policy?
-	Are written policies available to end-users? If so, how are they published?
-	What are the procedures for policy deviance?
-	How are policy exception requests handled?
-	How are policy changes enacted and disseminated?
-	How is configuration management maintained? How are deviations from a baseline configuration documented?
-	Are automated logging and auditing tools employed to enforce policies? If so, which tools and how are they employed?
-	Are there areas where policies and procedures are inadequate or where an inordinate amount of manual intervention is required to maintain the policies?
-
-Centralized Management
-	How are software applications requested, licensed, and deployed?
-	What tools are used for centralized management (directory services, group policies, automatic updates)?
-	Do you have any desktop virtualization infrastructure (VDI) plans? If so, what is the status of the effort?
-	How are centralized management practices enforced for offsite or offline clients?
-	How is local storage (local hard disk, flash disk, etc) managed?
-	Is a formal disaster recovery plan in place? How is it updated? Are plans in place for in place for loss of critical resources (data, hardware, administrators)?
-	Are backups of critical data periodically validated for proper coverage?
-	Can you identify any single-point-of-failure not already covered?
-	Are there any other unique or interesting aspects to Centralized Management that were not captured in the previous questions?
-
-Information Security
-	How are security updates applied to desktop and server systems?
-	Do you have a security awareness program for employees? How frequent is the information refreshed? How frequently are employees required or encouraged to review the information?
-	What connectivity controls (firewalls) are used throughout the organization? How are policies defined, refined?
-	What antivirus or other security software is employed officially?
-	Has any formal penetration testing been performed on the information systems? If so, when and were all identified vulnerabilities corrected?
-	How do individuals authenticate (i.e. password, smart card, etc)? How is lost access recovered?
-	How are access controls used to restrict access to sensitive resources (Active Directory roles, groups, machines)?
-	What logs are actively maintained, and what are the retention policies for those logs?
-	How is access removed during employee offboarding or other role change?
-	Is data encryption employed (optional or compulsory)? How are keys managed? What is the recovery policy?
-	Are any database systems maintaining table-level or row-level security?
-	Do you have a formal intrusion detection system (other than basic logging) for monitoring networks and alerting to anomalies?
-	Are there any other unique or interesting aspects to Information Security that were not captured in the previous questions?
-
-Enterprise Application Services
-	How does EMS integrate with the corporate infrastructure?
-	Who supports EMS?
-	What application platforms and languages are employed (e.g. J2EE, ASP/.Net, Oracle, C#, Java, Javascript, CSS)?
-	Are external hosting providers used for any applications? If so, who provides the hosting and what are the applications?
-	To what extent is cloud computing employed (i.e. Google docs, Amazon S3 storage, virtualized hosting)?
-	What systems are employed for payroll, timekeeping, asset tracking and property management, logistics, and enterprise financials?
-	What other databases exist at the facility (relational databases, object databases, custom data structures other than file systems)?
-	What e-commerce mechanisms are utilized? Is this capability standardized or implemented at the departmental level?
-	Does e-commerce customer data flow through the 4-H network or is it stored on 4-H servers? In other words, how is sensitive customer data (credit cards, personal identity info) integrated into the 4-H application services?
-	What applications does IT supply to support fundraising efforts?
-	Is a commercial Customer Resource Management (CRM) in use? Are there other CRM techniques employed?
-	How does IT support networking and collaboration with external partners and clients?
-	How does IT support video production and video hosting?
-	Are any IT services outsourced? Please describe.
-	Are there any other unique or interesting aspects to Enterprise Application Services that were not captured in the previous questions?
-
-Additional Questions
-	What do you consider your primary IT role at the organization?
-	How is Sharepoint used?
-	What is Lyris?
-	What is "hospitality software (Delphi, Visual One)", and how is it supported through IT, if at all (referenced in CNA)?
-	How are "gadgets", such as the wind gadget, employed (referenced in CNA)?
-	Does IT help support services such as Facebook and Twitter (referenced in CNA)?
-	How as MAS500 utilized?
-	How are Google Maps or other GIS services supported?
-	Are there any other comments or concerns regarding Information Technology at your organization that you feel needs more attention?