Initial Draft This document contains trade secrets and proprietary information belonging to <company name> International. No use or disclosure of the information contained herein is permitted without the prior written consent of <company name> International. <company name> All rights reserved All trade names, trademarks, or registered trademarks are trade names, trademarks, or registered trademarks of their respectie companies. The computer file for this document is FacilitiesManagementPolicyDraft12.doc The owner of this document is . Document Review Review Milestone Date Comments !eer !reliminary Design "eiew #!D"$ %ritical Design "eiew Acceptance "eiew "elease Document Revisions Version Date Revisions Initial Draft &'()'** Initial Draft <company name> Table of %ontents 1 INTRODUCTION......................................................................................................................................................1 +.+ ,A%I-ITI./ 0ANA1.0.NT 23."3I.4...................................................................................................................+ +.( A5DI.N%.......................................................................................................................................................( 2 POLICY......................................................................................................................................................................3 (.+ "2-./ AND "./!2N/I6I-ITI./.............................................................................................................................7 3 PROCESS...................................................................................................................................................................6 7.+ D.3.-2!IN1 6A/.-IN. ".85I".0.NT/.................................................................................................................) 7.( 0ANA1IN1 "./25"%./.....................................................................................................................................9 7.7 %20!-IAN%. AND A5DITIN1...............................................................................................................................9 7.: %2"".%TI3. 0.A/5"./....................................................................................................................................; 4 PROCEDURES..........................................................................................................................................................9 :.+ D.3.-2!IN1 6A/.-IN. ".85I".0.NT/.................................................................................................................< :.( 0ANA1IN1 "./25"%./.....................................................................................................................................< :.7 %20!-IAN%. AND A5DITIN1.............................................................................................................................+* :.: %2"".%TI3. 0.A/5"./..................................................................................................................................+* 4.4.1 Risk and Impact nalysis..........................................................................................................................11 APPENDICES............................................................................................................................................................12 ".-IA6I-IT=, %2/T AND /."3I%. ,A%T2"/..............................................................................................................+( 0.AN>TI0.>6.T4..N ,AI-5". 0.T"I%/...............................................................................................................+( 0.AN>TI0.>T2>".!AI" 0.T"I%/.........................................................................................................................+( /."3I%. -.3.- A1"..0.NT ".85I".0.NT/............................................................................................................+7 4A""ANT= I//5./.............................................................................................................................................+& /."3I%. -.3.- 26?.%TI3./.................................................................................................................................+& .@!.%T.D /A3IN1/ AND %2/T'6.N.,IT..................................................................................................................+< 5. AUDITING CHECKLISTS...................................................................................................................................20 !A=/I%A- ,A%I-ITI./ %A.%B-I/T..........................................................................................................(+ ,I". DA0A1.....................................................................................................................................................(( AI" %2NDITI2NIN1...............................................................................................................................................(: A%%.// %2NT"2-...............................................................................................................................................(& Table of Contents i Process 1 Introduction ,acilities management addresses the maintenance and upkeep of physical facilities. This policy and procedures manual is focused on data center and eCuipment facilities. 1.1 Facilities Management Overview .ffectie facilities management is the foundation of meeting serice leel obDecties for operational support systems #2//$, telecommunications switching eCuipment and network infrastructure. These systems are the cornerstone of serices offered to <company name> customers and must be housed in facilities that safeguard their security and integrity. The following are critical success factors for facilities managementE !a"le 1 # Facilities Management $ritical %uccess Factors Critical Success Factor Consequence of Not Meeting te Critical Success Factor %ompliance with national, state and local building and fire codes ,acility is at risk of being shut down by local authorities, which will cause disruption of serices until all non>compliance items and discrepancies can be rectified. This eent has the potential to result in reenue loss or erosion of <company name>Fs customer base. Adherence to established standards for cabling, heating, entilation and air conditioning #A3A%$, electrical, and building characteristics #weight distribution, access, eCuipment placement, etc.$ Non>standard implementations or installations can result in diminished performance, safety haGards, fire haGards and risk to eCuipment due to insufficient resources with which to support the 2//, telecommunications switching eCuipment and network infrastructure. Additional risks include structural damage due to improper eCuipment weight distribution, oerheating due to insufficient A3A% resources, and inability to access key systems, subsystems and components in an emergency. /afety !otential for risks with conseCuences ranging from eCuipment damage to inDury or loss of human life. /afety is closely related to compliance with national, state and local building and fire code critical success factors. /upport for disaster recoery and business resumption planning, policy and procedures If facilities management is not aligned with disaster recoery and business resumption planning there could be either duplication of effort between the functions supporting facilities management and disaster recoery'business resumption planning, or gaps in <company name>Fs plans for both areas leaing eHposures. !hysical security There are a number of risks and eHposures to <company name>Fs facilities. /pecifically, all facilities supporting 2//, telecommunications switching eCuipment and network infrastructure are potential targets for andalism, theft and attacks motiated by political or special causes. 0oreoer, facilities hae the potential to be targets for industrial espionage. Initial Draft < Confidential Material Page 1 Facilities Management !olic" and !rocedures 1.# $udience The intended audiences for facilities management processes includeE ,acilities manager Data center manager Network and infrastructure manager#s$ /ecurity manager 2perations manager Disaster "ecoery'6usiness "esumption 0anager Internal auditors /pecific roles and responsibilities for the intended audience of this document is proided in /ection (.+, "oles and "esponsibilities. Confidential Material < Initial Draft Page 2 Process # !olic" The following is <company name> %ommunications policy for facilities managementE +. ,acilities housing data centers, switches, other operational support systems #2//$ or network infrastructure willE %omply with national, state and local building and fire codes. %omply with Americans with Disability Act #ADA$ public law with respect to facilities. Adhere to established standards for cabling, heating, entilation and air conditioning #A3A%$, electrical, and building characteristics #weight distribution, access, eCuipment placement, etc.$. 6e operated and maintained in accordance with best practices for safety. !roide support for disaster recoery and business resumption planning, policy and procedures. Aae in place access controls, inspections and audits that are in keeping with best practices for physical security. 6e routinely cleaned and maintained with respect to a clean, uncluttered and trash>free enironment. 6e proactiely managed using a planned maintenance program and effectie control oer A3A% and electrical resources. #.1 Roles and Res%onsi&ilities !a"le 2 # Facilities Management Roles and Responsi"ilities Role Res%onsi&ilit" Facilities manager +. 2erall maintenance of all physical facilities (. 0anaging planned maintenance for all physical facilities 7. 0aintaining a resource budget for all enironmental controls and electrical systems #i.e., total aailable power and enironmental resources minus eCuipment using these resources will proide a budget of aailable resources. ,or eHample, if a facility has the capability of handling +**,*** 6T5s of heat dissipation to keep the facilities at a constant 9*I, and eHisting eCuipment puts out 9*,*** 6T5s, then the resource budget is 7*,*** 6T5s :. .nsuring that all facilities comply with all applicable codes and laws #i.e., building and fire codes, ADA, etc.$ &. ,orecasting additional resource reCuirements based on inputs from the data center manager, /witch .ngineering, 2perations 0anager and other sources of information aailable from business units $ontinued on ne&t page Initial Draft < Confidential Material Page 3 Facilities Management !olic" and !rocedures !a"le 2 # Facilities Management Roles and Responsi"ilities 'continued( Role Res%onsi&ilit" Data center manager +. 0anages key access entry into the facilities, including ensuring that all isitors are escorted and sign a isitor log. In the case of isitors who hae been authoriGed to access the facilities unescorted #third>party endors on access lists, field engineers, etc.$ that there is a record of their isit. (. "esponsible for enforcing security policies and procedures, and assisting the <company name> /ecurity 0anager in identifying eHposures and risks with respect to data center operations,. ,or eHample, challenging unauthoriGed personnel who enter the operational premises in iolation of security policy. 7. Deelop, implement and manage an asset control process that proides for the identification and tracking of all physical assets under their area of cogniGance. This includes serial numbers, configuration baselines, asset identification, and physical operating characteristics. !hysical operating characteristics include power reCuirements #including stand>by power sources$, 6T5 reCuirements, weight and load distribution reCuirements, physical interfaces #network infrastructure$. :. !roiding the facilities manager with physical operating characteristics for planned hardware platforms #weight, power, A3A% and special installation reCuirements$. &. Assisting the Disaster "ecoery'6usiness "esumption 0anager with planning and systems tests and ealuation in support of disaster recoery and'or business resumption planning. ). !roiding the network and infrastructure managers with list of reCuired physical and logical interfaces #including protocols, T%!'I! port numbers, etc$ for connecting data center assets to the <company name> intranet, the Internet or other systems to which data center eCuipment needs to be interfaced #i.e., proisioning systems to switches, etc.$. Networ' and infrastructure manager(s) +. !roiding the facilities manager with physical operating characteristics for planned communications hardware #weight, power, A3A% and special installation reCuirements$ and cabling reCuirements. (. .nsuring that planned demarcations between <company name> networking and communications infrastructure and third part serice proiders comply with serice proider interface specifications and that the interface specifications are consistent with technical standards and JanyK applicable fire, safety and building codes. Securit" manager +. .stablishing policies and procedures for physical security. (. !roiding the facilities manager with a list of physical security deices that need to be installed and implemented. 7. !roiding the data center manager with reCuirements and procedures for maintaining physical security for the data center. :. %oordinating security inspections and audits with the operations manager. O%erations manager +. .nsuring that physical operating characteristics are proided to the facilities manager in accordance with mutually agreed upon lead times. (. .nforcing compliance with physical security policies and procedures that are established by the security manager. 7. .nsuring that disaster recoery'business resumption reCuirements are communicated to data center, network and infrastructure, and facilities managers. :. Assisting the disaster recoery'business resumption manager with coordinating system tests and ealuations that inole facilities and infrastructure. &. Assisting internal auditors by making facilities and personnel aailable for audits with respect to facilities. $ontinued on ne&t page Confidential Material < Initial Draft Page 4 Process !a"le 2 # Facilities Management Roles and Responsi"ilities 'continued( Disaster Recover"*+usiness Resum%tion Manager +. Deeloping physical facility reCuirements that support disaster recoery'business resumption obDecties #i.e., specifying reCuirements for redundant or secondary power sources, facilities emergency access, etc.$. (. !roiding reCuirements to #+$ operations manager and #($ facilities manager. Internal $uditors +. /cheduling any internal audits of facilities and'or facilities security with the operations manager. (. %onducting internal audits in accordance with <company name> corporate standards, methods and procedures for internal auditing of facilities and physical security. Initial Draft < Confidential Material Page 5 Facilities Management !olic" and !rocedures , !rocess ,acilities management consists of the following processesE +. Deeloping baseline reCuirements. (. 0anaging resources. 7. %ompliance and auditing. :. %orrectie 0easures ,.1 Develo%ing +aseline Requirements 6aseline reCuirements encompass all reCuirements for serices and resources #A3A%, power$, construction reCuirements, physical security deices and methods, and compliance with codes, regulations and standards. This process is depicted in the following diagramE Services and Resources -V$C !ower Source of Information. Manufacturer Manuals and s%ecifications Construction Requirements Floor /"%e Codes0 Regulations and Standards Fire Sur%ression Safet" Source of Information. National0 State and 1ocal Code Construction Standards Safet" Standards Manufacturer Manuals and s%ecifications !"sical Securit" $ccess Control Devices Monitoring and $uditing Devises $dministrative Metods Source of Information. !olicies and !rocedures Ris' Mitigation Measures +est !ractices and Industr" Standards +aseline Requirements Confidential Material < Initial Draft Page 6 Process ,.# Managing Resources This sub process begins with the baseline, which should be designed to accommodate initial reCuirements for construction, serices and resources, and physical security. As additional reCuirements emerge, such as adding serices, network infrastructure, modified security standards, etc., an impact analysis is performed to determine if the baseline can support the new reCuirements. If not, additional resources are ordered and implemented to support additional reCuirements. This is depicted in the following diagramE $d2ust +aseline Impact? Im%act $nal"sis Order and Im%lement $dditional Services and*or Resources Enough Resources? Im%lement Im%lement and $d2ust +udget S e r v i c e s
3 R e s o u r c e s Securit" +ring Into Com%liance Compliance? Resources Required? C o n s t r u c t i o n NO 45S 4 5 S
O R
N O Im%lement 45S N O New Requirements
,., Com%liance and $uditing This sub process is ongoing and is performed at interals to be determined by the following process ownersE +. ,acilities 0anager L audits for compliance with codes, regulations and standards and conducts safety inspections. (. /ecurity 0anager L audits for compliance with security policies and procedures. Initial Draft < Confidential Material Page 7 Facilities Management !olic" and !rocedures 7. Disaster "ecoery'6usiness "esumption 0anager L audits for compliance with disaster recoery and business resumption plans. :. Internal Auditor#s$ L audits for compliance with <company name> internal controls. &. 2perations 0anager L Audits data center manager operations, processes and procedures to ensure compliance with facilities management policy. ,.6 Corrective Measures Identification of discrepancies and out of compliance facilities, processes or procedures will come from one of fie sourcesE +. /ecurity 0anager. (. Disaster "ecoery'6usiness "esumption 0anager. 7. Internal Auditor#s$. :. 2utside regulatory agencies #local building inspectors, fire safety inspectors, etc.$. &. Internal reports from employees. "esponsibilities for correcting discrepancies or facilities, processes or procedures that are out of compliance with any goerning code, standard, regulation or policy are as followsE +. ,acilities 0anager L corrects any discrepancy or compliance issue regarding physical facilities #includes construction, serices and resources, and physical security deices. (. 2perations 0anager L delegates responsibility for correctie action to data center manager within the scope of security and facilities, processes and procedures. The 2perations 0anager will retain accountability for ensuring that the correctie action has been accomplished. Confidential Material < Initial Draft Page 8 Process 6 !rocedures The following are general procedures to be used to manage the four facilities management processes that are presented in the preceding section. 6.1 Develo%ing +aseline Requirements 4hen deeloping baseline reCuirements the process owners identified in /ection (.+need to take the following factors into accountE +. "eliability L facilities supporting <company name>Ms systems, 2// and network infrastructure need to be designed for maHimum reliability because these systems are the foundation of the serices that <company name> proides to customers. Note +
(. %ompliance with eHternal standards, laws, regulations and codes #fire, safety, building, Americans with Disabilities Act #ADA$ etc.$. 7. %ompliance with <company name> policies #security, internal controls, disaster recoery'business resumption plans, etc.$. :. "esources and serices reCuired to support eHisting and planned systems and eCuipment to be housed in the facilities #power, A3A%, fire suppression, etc.$.
&. %onstruction reCuirements #load ratings for floors, space reCuirements, electrostatic suppression, etc.$. NoteE %onstruction reCuirements are closely related to compliance with eHternal standards #list item ( aboe$ and resources and serices #list item : aboe$. ). A life cycle approach should be taken to the deelopment of the baseline. ,actors should include reliability, costs, and serice leel management. Note + /ee Appendices, ) * Relia"ility+ $ost and %ervice Factors. 6.# Managing Resources "esource 0anagement procedures inoles managing to budgets for power, A3A% and other resources that hae been established in the initial baseline. The initial baseline will determine the amount of power and A3A% resources reCuired. As new eCuipment is added resources will be consumed and the budget will decrease. The facilities manager is responsible for employing the following procedures in support of managing resourcesE Initial Draft < Confidential Material Page 9 Facilities Management !olic" and !rocedures +. .stablishing the resource baseline. (. Tracking resource consumption as new eCuipment is added. 7. /etting thresholds that will trigger ordering and implementing additional resources as new eCuipment is added. :. .nsuring that thresholds leae a safety margin to accommodate emergent reCuirements that are dictated by business imperaties. The data center and network and infrastructure managers are responsible for proiding resource reCuirements to the facilities manager as soon as those reCuirements are know. 6., Com%liance and $uditing "oles and responsibilities for compliance and auditing hae been identified in /ection 7.7. /pecific procedures for compliance and auditing will depend on the source of the audit. 1oernment and regulatory agencies, such as building inspectors and fire'safety inspectors will conduct audits in accordance with checklists and criteria deeloped and defined by their parent agencies. Internal audits will be performed in accordance with <company name> policies, methods and procedures for the type of audit being conducted. "efer to Appendices, ,# uditing $-ecklists for recommended internal auditing checkpoints. 6.6 Corrective Measures The procedures for effecting correctie measures will be specific to the discrepancy or out of compliance condition that needs to be corrected. ,actors includeE +. !riority L some discrepancies will be either minor in nature or not cost> effectie to perform. (. Time "eCuirements L typically, discrepancy and out of compliance conditions that iolate laws and regulations will hae a specific timeframe in which the discrepancy or condition must be corrected. ,ailure to meet these time reCuirements can result in fines or shutdown of facilities. 7. "isk and Impact L each maDor discrepancy needs to be ealuated based on its risk #probability of affecting <company name> business operations$ and impact #the cost associated if the risk occurs$. The risk and impact rating will determine the priority in which the discrepancy will be allocated resources and funds to correct. The neHt section proides more detail about risk and impact analysis. Confidential Material < Initial Draft Page 10 Process 6.6.1 Ris' and Im%act $nal"sis E4hen ealuating the risk and impact of discrepancies and out of compliance conditions the following factors need to be eHaminedE +. Identification of risks associated with the discrepancy or condition. (. Determination of probability and impact of risks #risk factor$. 7. !lan to eliminate or mitigate the risks by correcting the discrepancy or condition. A risk represents a condition that is subDect to causing a failure or uneHpected result. ,or eHample, if a critical piece of eCuipment serer has a single power source, it is e&posed to the possibility that if power fails business operations cease until power is restored. !reenting the risk associated with this particular eHposure could be accomplished by using uninterruptable power supplies or an emergency generator. 2ther sources of risks include #but are not limited to$E +. %hanges to building code. (. Natural disaster. 7. New standards. After risks hae been identified, the neHt step is to determine both the probability of it occurring, and the impact it will hae on the change implementation. Determining probability need not be an eHercise in mathematics > in many cases past eHperience will indicate whether the probability will be high, medium or low. In the matriH on the right, a low probability falls within the range of * to 7*NO medium, 7+>)&NO and high, from ))>+**N possibility of occurring. A high probability of occurrence does not necessarily mean that the risk is significant. The true significance of a risk, called the risk factor, is deried by multiplying the probability by the impact of the risk on the proDect. ,or eHample, if the risk of losing power to a non>critical system eery ) years is ;*N probable #high$, but the impact is ( #low$, then the risk factor is +.) #the product of multiplying .; by ($, which is also low. In this case the risk does not warrant much attention and would probably not rank high on a priority list. %onersely, if the same supported a mission>critical system and the impact was deemed to be < #high$, then the risk factor will be a probability of .; multiplied by <, which eCuals 9.( #high$. This risk would need to be addressed immediately. Initial Draft < Confidential Material Page 11 17 8 9 : ; < 6 , # 1 17 8 9 : ; < 6 , # 1 Im%act ! r o & a & i l i t " 1ow Medium -ig 1 o w M e d i u m - i g
Facilities Management !olic" and !rocedures
$%%endices Relia&ilit"0 Cost and Service Factors Mean=/ime=+etween Failure Metrics 0T6, is the e&pected elapsed time between failures, and is based on manufacturer data on failure rates. 0T6, is computed as followsE M/+F> O!5R$/IN? -O@RS F$I1@R5S This metric is an aerage, which means that ariations in actual failure rates can occur in actual operation. 0T6, metrics are either proided in manufacturer or endor specification sheets, or can be obtained from the endor upon reCuest. 0T6, metrics need to be compared in the same manner as features and cost. Aoweer, because 0T6, metrics are statistical there are misleading ways to present these metrics. The <company name> infrastructure is a collection of interrelated systems, subsystems and componentsO an 0T6, metric for any one part of the infrastructure must be iew within the conteHt of how it affects the infrastructure as a whole. To illustrate how misleading it is to interpret an 0T6, metric in isolation from the infrastructure itself, consider the following eHample. AssumeE +. 0T6, for a specific subsystem such a concentrator port at &**,*** hours #approHimately &9 years$ (. 9H(: aailability reCuired #;,9)* operating hours per year$ 7. The population of ports as a subsystem of the same manufacturer'model concentrators is +(**, each with identical 0T6, ratings %omputing the system 0T6, reCuires multiplying +(** #number of ports$ H ;,9&* operating hours to yield +*,&+(,*** cumulatie operating hours. This number diided by the rated 0T6, of &**,*** hours gies a failure rate of a little oer (+ failures per year. This is astly different from the perceied failure rate of once eery &9 years. Mean=/ime=/o=Re%air Metrics This is the aerage time to repair a system, subsystem or component. 0TT" metrics that are proided by manufacturers and endors are sometimes deried from data collected in a controlled enironment. ,or eHample, an 0TT" rating of & minutes Confidential Material < Initial Draft Page 12 Process may be based on the actual time it takes a technician to perform the repair task in a test enironment with all tools, spare parts and repair instructions pre>positioned. In practice, an on>site technician responding to the same repair reCuirement would need to gather these materials, then go the eCuipment location to effect the repair make take much longer. ,or eHample, while the actual repair may still take & minutes, preparation and trael time may take an additional 7*><* minutes, depending on factors such as tool aailability, parts proisioning and eCuipment location. These factors need to be taken into account when ealuating manufacturer and endor specifications for 0TT". A final note on 0TT" importanceE repair time will cost <company name> money in lost productiity #easy to measure$ and lost opportunity #difficult to measure, but is a alid piece of the cost>of>downtime eCuation$. Service 1evel $greement Requirements /erice leel agreements #/-A$ are guarantees that a certain leel of serice will be consistently maintained. /-As are between manufacturer or endors and customers, and between IT personnel managing the <company name> infrastructure and end users. The basis for any infrastructure serice leel agreement is availa"ility. The infrastructure should ideally be +**N aailable during normal hours of usage. Aoweer, because <company name> business obDecties will reCuire 9H(: aailability achieing the ideal is not possible. There are two conditions that will goern aailabilityE +. /cheduled downtime for maintenance (. 5nplanned eents #i.e., problems$ /cheduled downtime can be planned to occur when it will hae the least impact on business operations and infrastructure aailability. This period of unaailability can be negotiated between IT and the end user groups that will be affected by the temporary loss of serice. 5nplanned eents that deny serice to end users is a breach of the /-A. Depending on the eHtend of serice outage, an unplanned eent can cost <company name> tens of thousands of dollars per hour. ,or eHample, if an outage on the <company name> backbone preented (&* users + from doing their Dob, and the aerage fully loaded cost per user in salary was P+&.**, a problem that takes three hours to correct will cost <company name> P++,(&*.** in lost productiity. This does not take into account lost opportunities, oertime to make up necessary work, and the myriad of other factors that come into play when a necessary serice becomes unaailable. Assuming (&* users QP+&.**'hour, each minute of downtime would cost <company name> P)(.&* in lost productiity. Initial Draft < Confidential Material Page 13 Facilities Management !olic" and !rocedures + !-is e&le assumes t-at among t-e enterprise user population only 2). end users would depend on "ack"one availa"ility at any given point in time. ctual usage patterns may vary. /-As are also subDect to negotiation between <company name> and endors. ,or eCuipment that imposes a high cost of downtime to <company name> the negotiated /-As should specify the maHimum allowable time between the notification of a problem, and the time the endor responds by commencing correctie action. 2ther /-A elements that need to be addressed areE +. "esponsibility for materials (. -oaner eCuipment #especially when negotiating with endors$ in the eent that repairs cannot be effected within a specified timeframe. ,or mission>critical eCuipment the recommended cut>off time is : hours 7. !enalty clauses to be inoked if the serice leel agreement is not fulfilled. !enalty clauses normally apply to endors proiding sericesO howeer, if <company name> deelops charge>back policies in the future a penalty clause is also appropriate for internal serice leel agreements In deeloping and negotiating serice leel agreements the primary consideration is cost. !arts proisioning, 9H(: support aailability and minimum response times add to the cost of serice. /-As are one IT operations area where cost'benefit analysis can proe to be realistic because all factors are tangible. A cost benefit analysis to determine the true alue of a serice leel agreement will compare the cost of the serice leel obDecties to the cost associated with serice loss. The following simplistic formula summariGes /-A cost'benefitE %ost of serice loss H probability of occurrence > cost of /-A R alueO conersely, %ost of serice loss H probability of occurrence < cost of /-A R negatie alue. ,or eHample, if the cost of a three hour disruption of serice is P++,(&*.**, with a +*N probability of occurrence and the cost of the /-A is P&, **.** then the /-A has negatie alue because P++,(&*.** H .+ R P+,+(&.**. 6y paying P&,***.** for a serice leel agreement that protects against a three hour disruption in serice the cost eHceeds the potential loss by P7,;9&.**. The aboe eHample is proided to demonstrate a techniCue. It does not reflect the actual compleHities in the cost'benefit analysis phase of deeloping and negotiating a serice leel agreement. ,actors to be considered areE +. ,ailure mode effects analysis #,0.A$ of the infrastructure to determine failure points that will impact end users #both at the enterprise leel and at the workgroup or subnetwork leel$ (. "isk analysis of failure points, which will eHamineE threat Confidential Material < Initial Draft Page 14 Process probability of occurrence impact 7. /ensitiity to serice loss from each threat by user population #i.e., backbone users tend to be a composite of numerous workgroups and labor categoriesO some workgroup fully loaded salary costs are higher than others>>engineers s. administratie personnel$ :. %omposite cost for loss of serice for all failure points and probabilities The aboe information will proide a true basis for determining the actual alue of a serice leel agreement. Aarrant" Issues .Cuipment warranties should be carefully eHamined during the ealuation phase preceding acCuisition, endor selection or implementation of <company name> standards based on a particular manufacturer or endor. Bey points to consider areE +. 4arranty term #three years should be the minimum acceptable period$ (. "emedies proided by the warranty #i.e., cross>shipped replacement, neHt day repair, parts and materials to rectify problem, etc.$ 7. .Hclusions, limitations and restrictions #i.e., if <company name> performs preentie maintenance and minor repairs will the warranty be oidedS Are certain subsystems and components not coered by the warrantyS$ :. %ost to eHtend and'or upgrade the warrantyE eHtensions increase the term of the warranty coerage upgrades improe serice leel obDecties &. <company name> rights under the terms of the warranty #i.e., is the warranty enforceableS$ ). Does the warranty eHtend to software and firmwareS #0ost hardware depends to some eHtent on embedded firmware or eHternally loaded softwareO i.e., /N0! agents$ Service 1evel O&2ectives /erice leel agreements are defined by serice leel obDecties #/-2s$. Important obDecties that <company name> needs to consider includeE +. Aours of coerage, which are usually defined as either during the principal period of maintenance #!!0$ or outside of the principal period of maintenance Initial Draft < Confidential Material Page 15 Facilities Management !olic" and !rocedures (. "esponse to reCuests for serice, measured in the elapsed time between when a call is placed and the time that the call is acknowledged 7. 2n>site response, which is the elapsed time between when a call is placed and the time that a support person arries on site :. 0aHimum time allowed to rectify problemO options includeE reCuirement that functionally eCuialent loaner eCuipment be proided after a determined #or negotiated$ period of systems unaailability hot or cold standby eCuipment that can either be automatically switched into full operational serice #or manually brought on>line$ acceptance of partial operational capabilities until full system aailability is restored #i.e., interim use of &)B DD/ on a D/+ backbone segment$ The most important issue when deeloping /-2s is to use system aailability as the key performance indicator. /ystem aailability is a function of 0T6,, operational time, total serice time, and 0TT". The significance of 0T6,, discussed in aboe, is readily seen in the following series of formulae for systems aailability, measured in percent aailability. !ercent aailability, eHpressed as AN, can be computed two different waysE
$B> O%erational /ime /otal /ime C 177 Metod 1 Applied to the infrastructure as a whole, assume that of the ;,9)* hours of 9H(: operations per year, <company name> scheduled +) hours of planned maintenance, and eHperienced no outages due to system problems. 5sing the aboe formula system aailability would beE 2perational timeE ;,9)* > +) R ;,9:: Total timeE ;,9)* ;,9::';,9)* R *.<<;+97&+&<;+9 *.<<;+97&+&<;+9 H +** R <<.;+97&+&<;+9 or approHimately <<.;+N aailability $B> Mean=/ime=+etween=Failures M/+F D M//R C 177 Metod # AssumeE Confidential Material < Initial Draft Page 16 Process +. True 0T6, #cumulatie effect as discussed aboe$ rated at 7,*** hours using the 0T6, formulaE (. ;,9)* operating hours with 7 failures obsered 7. 0TT" of )* minutes to correct each failure Aailability would beE 0T6,R7,*** hours 0TT" R 7 hours #)* minutes H 7 incidents$ 7,***'7**7 R *.<<<***<<<**+ *.<<<***<<<**+ H +** R <<.<***<<<**+, or approHimately <<.<N aailability /ee table +.( for the relationship between percent aailability and downtime per year #broken out in minutes, hours, days and weeks$. The following formulae will assist personnel responsible for facilities management in deeloping life cycle costs. ,T. #maintenance$ R %00 T !00 %00 is correctie maintenance manhours, and is computed as followsE CMM=T 860 MTTR A M 4hereE T R Total failure rate as number of failures per hour. This includes all failures. #.Cuals+'0ean Time 6etween ,ailures$ ;9)* R Number of hours in a year 0TT" R 0ean Time To "epair. The time in hours it takes to restore a subsystem or component to operating condition #0TT" can sometimes be found in maintenance documentation or specifications that accompany systems, subsystems or componentsO this rating may also be aailable from the manufacturer$ A R The number of personnel reCuired to do the work. 0 R The manhour rate #for <company name> personnel use the fully loaded rateO for third>party endors use the hourly time and materials rate$. !00 is annual preentie maintenance manhours. This is based on all reCuired and recommended preentie maintenance for a system, subsystem or component. The maintenance actions are normally listed in the maintenance manuals that Initial Draft < Confidential Material Page 17 M/+F> O p e ra t in g Ho u rs Fa ilu re s Facilities Management !olic" and !rocedures accompany the eCuipment. This information may also be aailable from the manufacturer. It is computed as followsE PMM = N!"#$% &' ()"$* +$% ,$-% . M-/0&!%* . M 4hereE 0anhours R The number of manhours reCuired to perform each preentie maintenance action. 0 R The manhour rate #for <company name> personnel use the fully loaded rateO for third>party endors use the hourly time and materials rate$ ,T. #operations$ R .stimated number of ,T.s reCuired to operate system H (*;; H 0 4hereE ,T. R The number of full time eCuialents reCuired to operate the system. %onsideration the /-A that will be associated with the system, especially aailability #i.e., is 9H(: manning reCuiredS$. This number can be a fraction, such as .& ,T.. (*;; R Number of annual manhours per ,T.. 0 R The manhour rate #for <company name> personnel use the fully loaded rateO for third>party endors use the hourly time and materials rate$. ,T. #support$ R .stimated number of ,T.s reCuired to proide tier + support. This cost should be proided by the <company name> help desk. /pare !arts %onsumption R %0/! T !0/!. %0/! is /pare parts for correctie maintenance, and is computed as followsE CMSP = T . 860 . A1$%-2$ 3&%%$3()1$ *+-%$* 4hereE T R Total failure rate as number of failures per hour. This includes all failures. #.Cuals+'0ean Time 6etween ,ailures$ ;9)* R Number of hours in a year Aerage annual spares R Aerage spares needed for repair of the eCuipment > this information may be aailable from the manufacturer. !0/! is /pare parts for preentie maintenance, and is computed as followsE Confidential Material < Initial Draft Page 18 Process PMSP = N!"#$% &' ()"$* +$% ,$-% . A1$%-2$ *+-%$ +-%(* 3&/*!"+()&/ +$% +%$1$/()1$ "-)/($/-/3$ -3()&/ 4hereE Number of times per year is the freCuency of each preentie maintenance action recommended or reCuired by the manufacturer #this information is usually aailable in the maintenance manual that accompanies the eCuipment$. Aerage spare parts consumption per preentie maintenance action is the number of spare parts replaced #on aerage$ or consumables used #on aerage$ during each preentie maintenance action. 5E%ected Savings and Cost*+enefit .Hpected saings is eHpressed as followsE E.+$3($4 S-1)/2* = 5CE 6 CA7 8 55IC 6 5OC . LC77 4hereE %. is cost elimination oer the life of the system > for eHample if the proDect results in a system designed to be in place for & years, and it eliminates cost items totaling P+0'yr., then %. would be P&,***,***.**. The period used in computing total %. is eCual to the systemMs life cycle #see -% below$ %A is cost aoidance oer the life of the system > an eHample of cost aoidance is a system with automatic features that replaces #or reduces$ the number of operatorsO another eHample is a system with greatly reduced maintenance reCuirements, or a system that reCuires eHpensie proprietary parts being replaced with one that can be maintained and upgraded with commercial, off>the>shelf parts that are readily aailable on the open market #competition dries down prices, resulting in aoidance of premium prices$ I% is implementation costs, which is a one>time cost to implement the system #personnel and materials$ 2% is operational and support costs per year > see /ection 7.(.(.&.).( for a detailed description of typical operational and support cost line items -% is the life cycle of the system > how long the system is eHpected to be in serice #usually 7 to & years$ %ost'6enefit is the ratio of costs to eHpected saings and is eHpressed as followsE C9: = 55IC 6 5OC . LC779 5CE 6 CA7 /ee .Hpected /aings aboe for eHplanation of symbols. Initial Draft < Confidential Material Page 19 Facilities Management !olic" and !rocedures <. $uditing Cec'lists a. !hysical facilities b. !ersonnel with access c. Aardware d. /oftware e. /erice personnel f. ,iles g. Internal audit controls h. %ontingency plan#s$ Confidential Material < Initial Draft Page 20 Process !-4SIC$1 F$CI1I/I5S C-5CF1IS/ 4ater Damage .Hposure =./ N2 N'AU a. Aae all oerhead and underfloor steam or water pipes been eliminated #eHcept for fire sprinklers or machine room reCuirements$S b. Are all electrical outlets under raised floor water tightS c. Are all eHterior doors and windows waterproofS d. Do adDacent areas, restrooms, Danitor room, etc. hae adeCuate drainage to preent oerflow to computer roomS e. Is paper stock stored in a water resistant areaS f. If computer facilities are located below grade is a water detection system installedS g. Are large plastic sheets aailable to coer eCuipment for Cuick emergency water protectionS h. Are openings sealed from upper floor or roofS i. Is computer located under rooftop cooling towersS D. Do you hae drainage in computer roomS k. Is there a flood control pump for below gradeS %ommentsE UNot Applicable Initial Draft < Confidential Material Page 21 Facilities Management !olic" and !rocedures #!hysical ,acilities, contd.$ Fire Damage =./ N2 N'AU a. Is the building housing the computer constructed of fire resistant and noncombustible materialS b. Are combustible materials such as paper and other supplies stored outside of the computer areaS c. Are tapes and disks stored outside of the computer areaS d. Do you hae a rated fireproof safe in the computer room for critical file storageS e. Are fire drills practiced periodically and indiiduals assigned responsibilities in case of fireS f. Are emergency phone numbers posted for fire, police, doctor#s$, and hospitalS g. Are computer and tape library protected from fire by use of oerhead sprinklers, stand pipe hose, carbon dioHide, or halogenated agentS h. Are smoke detectors installed under the floor, in the ceiling and in the air ductsS i. Are smoke detectors sericed and tested on a scheduled basisS D. Do you hae enunciator panels to assist in Cuickly locating fire or smoke in eHposed areasS %ommentsE UNot Applicable Confidential Material < Initial Draft Page 22 Process #!hysical ,acilities, contd.$ #,ire Damage, contd.$ =./ N2 N'AU k. Are floor tile remoers readily aailable to eHpose fire or smoke under raised flooringS l. Are hand eHtinguishers strategically located around the area with location markers isible oer high computer eCuipmentS m. Aae employees been instructed on how to use hand eHtinguishersS n. Are employees allowed to smoke in computer or tape library areaS o. Do employees know the location of sprinkler shut> off aleS p. Are furniture and fiHture of noncombustible materialS C. Does emergency power>off also shut down the air conditioning or heating unitS r. Do you hae emergency lighting in the computer enironmentS s. Does fire alarm sound locally, at the guard station, or police and fire departmentS t. Are watchmen schooled as to what to do about a fire during non>working hoursS u. 4ould access to computer area, in case of fire, be restricted because of electrically controlled systemS . Do you hae fire dampers in the ductsS %ommentsE UNot Applicable Initial Draft < Confidential Material Page 23 Facilities Management !olic" and !rocedures #!hysical ,acilities, contd$ $ir conditioning =./ N2 N'AU a. Is system dedicated to the computer areaS b. Is remote air conditioning eCuipment securedS c. Are air intakes located aboe the street leel or protected from air contaminationS d. Is back>up air conditioning by use of a second compressor or chilled water aailableS e. Is the compressor and related air conditioning eCuipment sericed on a regular scheduleS f. Is air conditioning complete with humidity controlS g. Is air temperature and humidity recorded in computer operationsS h. Are building engineers sensitie to the Cuick response reCuired of computer operationsS i. Is air conditioning alarmed in the eent of failureS %ommentsE UNot Applicable Confidential Material < Initial Draft Page 24 Process #!hysical ,acilities, contd.$ $ccess Control =./ N2 N'AU a. Is computer area isible from the streetS b. If computer area is isible to the general public, are windows of non>breakable materialS c. If the latter is so, is the fire department aware that windows are non>breakable in eent of fireS d. Is the installation located in a high crime related areaS e. Do site personnel consider the installation ulnerable to andalism or a potential target because of the business conducted on the premisesS f. 4ould site personnel ealuate the installation as high, medium, or a low risk center for attackS g. Does the site hae (: hour guard sericeS #+$ ,or all entrancesS #($ ,or the computer area onlyS h. Are T3 cameras used in the computer areaS i. Is the location of the computer serices are displayed anywhere on the site, such as maps at entrance waysS D. Is a man trap for access used to get into the actual computer areaS k. Are the number of doors leading into the computer area kept to a minimumS l. 4ho monitors the status of emergency eHitsS UNot Applicable Initial Draft < Confidential Material Page 25 Facilities Management !olic" and !rocedures #!hysical ,acilities, contd.$ (. Access %ontrol =./ N2 N'AU a. Is computer area isible from the streetS b. If computer area is isible to the general public, are windows of non>breakable materialS c. If the latter is so, is the fire department aware that windows are non>breakable in eent of fireS d. Is the installation located in a high crime related areaS e. Do site personnel consider the installation ulnerable to andalism or a potential target because of the business conducted on the premisesS f. 4ould site personnel ealuate the installation as high, medium, or a low risk center for attackS g. Does the site hae (: hour guard sericeS #+$ ,or all entrancesS #($ ,or the computer area onlyS h. Are T3 cameras used in the computer areaS i. Is the location of the computer serices are displayed anywhere on the site, such as maps at entrance waysS D. Is a man trap for access used to get into the actual computer areaS k. Are the number of doors leading into the computer area kept to a minimumS l. 4ho monitors the status of emergency eHitsS UNot Applicable Confidential Material < Initial Draft Page 26 Process #!hysical ,acilities, contd.$ #Access %ontrol, contd$ =./ N2 N'AU m. Are doors to computer area locked at all timesS n. Is access to the computer area by use of key, magnetic card, or cipher lock controlledS o. Are access methods changed at regular interals or after termination of an employeeS p. Are dismissed employees of the computer enironment remoed immediately and guard personnel notified accordinglyS C. Is the computer itself alarmed so as to notify guards of intrusion attemptsS r. Is there stand>by power operated doors if normal power is offS s. Are security personnel notified of employees permitted access during non>working hoursS t. Are records maintained of personnel who utiliGe the facility after normal working hoursS u. Do site personnel Vbaby>sitV serice personnel during non>working hoursS . Are all isiting personnel identified by badge when isiting the data processing areaS w. Are operating personnel trained to challenge strangers without proper identification badgesS %ommentsE UNot Applicable Initial Draft < Confidential Material Page 27 Facilities Management !olic" and !rocedures #!hysical ,acilities, contd.$ .lectricity =./ N2 N'AU a. Is uninterrupted power reCuired at the site because of the nature of its actiitiesS b. If the system reCuires motor generators, is there a back>upS c. Aow reliable is the local power supplyO has reliability been checkedS d. Aae power sources been monitored with recorders to assure no electrical transientsS e. In eent of power failure, is there emergency lighting for remoal of personnelS f. Are cipher doors and fire alarm systems backed up with battery in eent of power failureS g. Is back>up power tested at regular interalsS h. Are lightning arrestors installedS i. Is there an emergency Vpower offV at all eHits and within the computer centerS D. Are emergency Vpower offsV protected against accidental actiationS %ommentsE UNot Applicable Confidential Material < Initial Draft Page 28 Process #!hysical ,acilities, contd.$ Aousekeeping =./ N2 N'AU a. Is the underfloor kept clean of dust and dirtS b. Are wastebaskets of metal material with closing topsS c. Are wastebaskets dumped often enough to preent oerflow in the computer roomS d. Is there a scheduled remoal of empty paper boHes and waste paperS e. Are serice personnel superised at all times by a site representatieS f. Is the computer room used to store stock or stationaryS g. Is eating allowed in the computer roomS h. Is smoking allowed in the computer roomS If so, are ashtrays the type that eHtinguish cigarettesS i. Are employees held responsible for a clean working enironmentS D. Does management or superision inspect areas for adherence to good housekeepingS k. Do site personnel themseles consider their computer area cleanS %ommentsE UNot Applicable Initial Draft < Confidential Material Page 29 Facilities Management !olic" and !rocedures %A.%B-I/T ,2" /."3I%. !."/2NN.- AND %2NT"A%T2"/ =./ N2 N'AU a. Are custodial personnel controlled when sericing the secure areaS b. Are unauthoriGed personnel reCuired to wear identification to assure their entry has been approedS c. Are unauthoriGed personnel escorted when working in the secure areaS d. Are secure area personnel instructed to challenge unidentified personnel in the secure areaS e. Is a list of unauthoriGed personnel #eHclusie of operations people on site$ maintainedS f. 4hen the computer center is closed, do guards make key runs inside the centerS g. Is there a rigid control center on keys to computer enironmentS h. Are computer room door locks changed from time to time to preent normal custodial master keys from gaining entranceS i. Is there a log of unauthoriGed personnel who are admitted, with a notation as to reason for entry, time in, time out, and signature of person authoriGing entryS D. Is identification with photo reCuired of serice personnelS k. Are endor serice personnel reCuired to hae background checksS l. Are custodial and maintenance personnel briefed on site security measuresS %ommentsE UNot Applicable Confidential Material < Initial Draft Page 30 Process %2NTIN1.N%= !-ANNIN1 %A.%B-I/T =./ N2 N'AU a. Aas top management, in conDunction with Data !rocessing management, set this contingency planning obDectiesS b. Does the contingency planning team consist of two or more permanent members such asE %omputer 2perations /taff ,acilities 0anagement 6uilding 0anagement c. Does the plan include participation on an Vas reCuiredV basis from the following departmentsE Data processing operations /ystems programming Applications programming Internal auditors -egal department /ecurity',ire'/afety staff !urchasing Insurance "eal estate %ommunications 2thers #list in comments$ d. Aas the responsibility for each member of the contingency plan been definedS !rimary action responsibility assignedS %oordination responsibility assignedS UNot Applicable Initial Draft < Confidential Material Page 31 Facilities Management !olic" and !rocedures #%ontingency !lanning, contd$ =./ N2 N'AU e. Does the plan categoriGe disasters and proide specific plans for each leel of potential disasterS %atastrophic 0aDor /erious -imited f. Aas an estimate of potential loss due to processing delay of critical reports been established in eent ofE %atastrophic disasterS 0aDor disasterS /erious disasterS -imited disasterS g. Aas a resource inentory been made to estimate the potential physical and'or process delay loss in each of the following areasE .Cuipment Data processing hardware 0aintenance eCuipment Alternate site hardware %omputer and components Terminal eCuipment 2ff>line eCuipment ,urniture 2ffice machines !reentatie maintenance schedule UNot Applicable Confidential Material < Initial Draft Page 32 Process #%ontingency !lanning, contd$ =./ N2 N'AU Alternate site software 0aintained to meet site configuration modifications "eiewed and tested /tored in a secure enironment /upplies !aper ,orms Tape'Disks %ards Alternate site storage forE Tapes Disks !aper and forms %ards .mergency site#s$ processing considerations atE 2ther owned'leased facilities under the installations control 2ther similar installations in the immediate area with whom contact could be authoriGed %omputer manufacturer facilities /erice bureaus in the immediate areas UNot Applicable Initial Draft < Confidential Material Page 33
Hacking With Kali Linux : A Comprehensive, Step-By-Step Beginner's Guide to Learn Ethical Hacking With Practical Examples to Computer Hacking, Wireless Network, Cybersecurity and Penetration Testing