Executive Summary : This document describes the disaster recovery plan for helpdesk operation, including helpdesk telephony system and ERP system.
Security Awareness for email & Internet usage
General Rules of using email from Corp IT policy:
l There should be a clear business objective and need to send a mass mail.
l The target group should be carefully selected so that the mail is relevant to all or most of the people receiving it.
l Don’t spend spam: such as advertising or anything that can be considered as junk mail. Read More
Availability Management
EXECUTIVE Summary: Description of the availability management process according to ITIL. This document contains the following terms: Reliability, serviceability, security, and exception report. Read More
IT Change Management
EXECUTIVE Summary: The objective of the Change Management process is to coordinate the implementation of necessary Changes to the ICT-Infrastructure while efficiency, transparent decision making and the agreed ICT Service Levels are secured. Read More
Problem Management
1 Scope
Problem Management describes all of the actions of the Problem Manager of the ICT-department of Company and of all operations and proceedings arising from these activities and all of the persons he has assigned to perform in relation to these actions in order to prevent downtime of services in the IT-infrastructure of Company Headquarters.
This procedure is valid for the whole Company ICT organization and applies from the moment of the analyzing Incidents until the moment the Problem is closed. Read More
Strategic ICT Plan
Goal: This strategic ICT Plan indicates the ICT direction and policy to enable and support the Company business needs and governance requirements. Read More
ICT Service Document
EXECUTIVE Summary: The primary objective of the APR-ICT Service is to support the ICT operation in Company office. In additional, APR-ICT will monitor the ICT operations in other branch offices within Asia Pacific, while the local-site ICT Staff (or delegated Staff) in each APR office is response to manage their routine ICT operation as well as their local out-source service. Global-ICT acts as a competency center to provide directive and also assist the operation in other regions. For the ERP Support model, APR-ICT will act as the first line support of any trouble shooting or software change request within APR region; those requests will be escalated to 2nd line support (i.e. Global-ICT or Consultancy Company) if necessary. Read More
Password Cracking Procedure
1 Introduction
1.1 Overview
Passwords are used in almost every interaction between users and information systems. Most forms of user authentication, as well as file and data protection, rely on user-supplied passwords. Since properly authenticated access is often not logged, or even if logged not likely to arouse suspicion, a compromised password is an opportunity to explore a system from the inside virtually undetected. As attacker would have complete access to any resources available to that user, and would be significantly closer to being able to access other accounts, nearby machines, and perhaps even administrative privileges. Despite this threat, accounts with bad or empty passwords remain extremely common and organizations with good password policy far too rare. The most common password vulnerabilities are that (a) user accounts have weak or non-existing passwords, (b) regardless of the strength of their passwords, users fail to protect it, and (c) the operating system or additional software creates administrative accounts with weak or non-existing passwords. Read More
Server Room Access Procedure
Scope
Define server room access procedure to have proper procedure for anyone. Server room is the place to host all our business critical and confidential information. This is applied to server rooms in all company sites. Read More
ERP System Survey Questionair
| Comment on ERP Usage related to your work | ||
| 1 | Which ERP module(s) you use currently: | |
| Inventory Control Module | yes/no | |
| Sales Module | yes/no | |
| Purchase Module | yes/no | |
| Manufacturing Module | yes/no | |
| MRP Planning Module | yes/no | |
| Accounting Module | yes/no | |
| 2 | How important of ERP system relative to your daily work | very important / less important / no comment |
| 3 | How important of ERP system affect your dept/whole company business operation | very important / less important / no comment |
| 4 | ERP can provide info to help better management decision-making | strongly agreed / not agreed / no comment |
| 5 | You can logon and use ERP anytime and anywhere, i.e. good system availability to users. | strongly agreed / not agreed / no comment |
| 6 | ERP can provide function to meet nowadays requirement as well as future business operation needs | strongly agreed / not agreed / no comment |
| Pls identify what system function need to be improved_______________________________ | ||
| Comment on Overall System Operation | ||
| 7 | ERP is easy for users to operate, i.e. very User-Friendly. | strongly agreed / not agreed / no comment |
| 8 | ERP response time for performing data update or report generation is acceptable. | strongly agreed / not agreed / no comment |
| 9 | ERP provides a very accurate management information, i.e. good data integrity. | strongly agreed / not agreed / no comment |
| 10 | ERP helps to decrease the workload of users significantly. | strongly agreed / not agreed / no comment |
| If you feel your productivity declined by using ERP, please give up to three reasons you feel this happened:
_______________________________________ |
||
| 11 | ERP user access right application is under well control, i.e. good authorization procedure. | strongly agreed / not agreed / no comment |
| 12 | Users aware their liability on the system usage, especially perform data update function, i.e. system increases users accountability. | |
| 13 | ERP provides sufficient logging report to check user action, i.e. good traceibiltiy function. | strongly agreed / not agreed / no comment |
| 14 | MFG/PRO system is protected from both internal and external hacker, i.e. high system security. | strongly agreed / not agreed / no comment |
| Comment on local/external consultant and training support: | ||
| 15 | Users clearly understand the ERP Helpdesk procedure to ask for support, e.g. who and how to request ERP support, | |
| 16 | Users clearly understand the ERP support organization, i.e. the responsibility of system owners, Dept expert/key users, the first and 2nd line technical support among HK, Shanghai and Shenzhen IT-Depts as well as external vendor consultant support. | |
| 17 | The function of ERP user group committee in Shanghai and Shenzhen factory is well recongized, i.e. each dept respesentatives activity participate the user group committee meeting to improve ERP operation and raise usefull request. | |
| 18 | Training document and operation manual for ERP are adequate and esay assessable. | strongly agreed / not agreed / no comment |
| Pls identify which missing operation document you need:_______ | ||
| 19 | Training or consultant support from your supervisor is adequate | strongly agreed / not agreed / no comment |
| 20 | Training or consultant support within users dept’s expert/key user is adequate | strongly agreed / not agreed / no comment |
| 21 | Training or consultant from IT dept is adequate | strongly agreed / not agreed / no comment |
| 22 | Training or consultant from external vendor consultant is adequate | strongly agreed / not agreed / no comment |
| Comment on Problem Handling | ||
| 23 | Users clearly understand the error handling procedure to solve any ERP error, i.e. who and how to report ERP error. | strongly agreed / not agreed / no comment |
| 24 | Users satisfy the software quality of MFG/PRO in term of mininal program bug and data update error. | strongly agreed / not agreed / no comment |
| 25 | Users satisfy the error handling procedure as well as the response time to error and fix. | strongly agreed / not agreed / no comment |
| 26 | IT Dept and external vendor consultant support are technical enough to solve error. | strongly agreed / not agreed / no comment |
| Comment on further System Development | ||
| 27 | IT Dept and vendor consultant support are technical enough to provide professional advice on system development. | strongly agreed / not agreed / no comment |
| 28 | ERP system is flexibility enough to build/enhance function to meet new requirement. | strongly agreed / not agreed / no comment |
| 29 | Company allocates sufficient internal IT man-power resource on ERP function enhancement | strongly agreed / not agreed / no comment |
| 30 | Company reserves sufficient funding for external vendor on ERP function enhancement | strongly agreed / not agreed / no comment |
| 31 | The development progress on function enhancement by IT Dept is under well control | strongly agreed / not agreed / no comment |
| 32 | The development progress on function enhancement by vendor consultant is under well control | strongly agreed / not agreed / no comment |
| 33 | The project management/monitor on function enhancement by IT Dept is well performed | strongly agreed / not agreed / no comment |
| 34 | Cost of function charge by external consultant is high | strongly agreed / not agreed / no comment |
| 35 | Your Overall rating to ERP System | Excellent / Not Acceptable / no comment |