Scope
Define server room access procedure to have proper procedure for anyone. Server room is the place to host all our business critical and confidential information. This is applied to server rooms in all company sites. Read More
ERP System Survey Questionair
| Comment on ERP Usage related to your work | ||
| 1 | Which ERP module(s) you use currently: | |
| Inventory Control Module | yes/no | |
| Sales Module | yes/no | |
| Purchase Module | yes/no | |
| Manufacturing Module | yes/no | |
| MRP Planning Module | yes/no | |
| Accounting Module | yes/no | |
| 2 | How important of ERP system relative to your daily work | very important / less important / no comment |
| 3 | How important of ERP system affect your dept/whole company business operation | very important / less important / no comment |
| 4 | ERP can provide info to help better management decision-making | strongly agreed / not agreed / no comment |
| 5 | You can logon and use ERP anytime and anywhere, i.e. good system availability to users. | strongly agreed / not agreed / no comment |
| 6 | ERP can provide function to meet nowadays requirement as well as future business operation needs | strongly agreed / not agreed / no comment |
| Pls identify what system function need to be improved_______________________________ | ||
| Comment on Overall System Operation | ||
| 7 | ERP is easy for users to operate, i.e. very User-Friendly. | strongly agreed / not agreed / no comment |
| 8 | ERP response time for performing data update or report generation is acceptable. | strongly agreed / not agreed / no comment |
| 9 | ERP provides a very accurate management information, i.e. good data integrity. | strongly agreed / not agreed / no comment |
| 10 | ERP helps to decrease the workload of users significantly. | strongly agreed / not agreed / no comment |
| If you feel your productivity declined by using ERP, please give up to three reasons you feel this happened:
_______________________________________ |
||
| 11 | ERP user access right application is under well control, i.e. good authorization procedure. | strongly agreed / not agreed / no comment |
| 12 | Users aware their liability on the system usage, especially perform data update function, i.e. system increases users accountability. | |
| 13 | ERP provides sufficient logging report to check user action, i.e. good traceibiltiy function. | strongly agreed / not agreed / no comment |
| 14 | MFG/PRO system is protected from both internal and external hacker, i.e. high system security. | strongly agreed / not agreed / no comment |
| Comment on local/external consultant and training support: | ||
| 15 | Users clearly understand the ERP Helpdesk procedure to ask for support, e.g. who and how to request ERP support, | |
| 16 | Users clearly understand the ERP support organization, i.e. the responsibility of system owners, Dept expert/key users, the first and 2nd line technical support among HK, Shanghai and Shenzhen IT-Depts as well as external vendor consultant support. | |
| 17 | The function of ERP user group committee in Shanghai and Shenzhen factory is well recongized, i.e. each dept respesentatives activity participate the user group committee meeting to improve ERP operation and raise usefull request. | |
| 18 | Training document and operation manual for ERP are adequate and esay assessable. | strongly agreed / not agreed / no comment |
| Pls identify which missing operation document you need:_______ | ||
| 19 | Training or consultant support from your supervisor is adequate | strongly agreed / not agreed / no comment |
| 20 | Training or consultant support within users dept’s expert/key user is adequate | strongly agreed / not agreed / no comment |
| 21 | Training or consultant from IT dept is adequate | strongly agreed / not agreed / no comment |
| 22 | Training or consultant from external vendor consultant is adequate | strongly agreed / not agreed / no comment |
| Comment on Problem Handling | ||
| 23 | Users clearly understand the error handling procedure to solve any ERP error, i.e. who and how to report ERP error. | strongly agreed / not agreed / no comment |
| 24 | Users satisfy the software quality of MFG/PRO in term of mininal program bug and data update error. | strongly agreed / not agreed / no comment |
| 25 | Users satisfy the error handling procedure as well as the response time to error and fix. | strongly agreed / not agreed / no comment |
| 26 | IT Dept and external vendor consultant support are technical enough to solve error. | strongly agreed / not agreed / no comment |
| Comment on further System Development | ||
| 27 | IT Dept and vendor consultant support are technical enough to provide professional advice on system development. | strongly agreed / not agreed / no comment |
| 28 | ERP system is flexibility enough to build/enhance function to meet new requirement. | strongly agreed / not agreed / no comment |
| 29 | Company allocates sufficient internal IT man-power resource on ERP function enhancement | strongly agreed / not agreed / no comment |
| 30 | Company reserves sufficient funding for external vendor on ERP function enhancement | strongly agreed / not agreed / no comment |
| 31 | The development progress on function enhancement by IT Dept is under well control | strongly agreed / not agreed / no comment |
| 32 | The development progress on function enhancement by vendor consultant is under well control | strongly agreed / not agreed / no comment |
| 33 | The project management/monitor on function enhancement by IT Dept is well performed | strongly agreed / not agreed / no comment |
| 34 | Cost of function charge by external consultant is high | strongly agreed / not agreed / no comment |
| 35 | Your Overall rating to ERP System | Excellent / Not Acceptable / no comment |
Incident Management
1 Scope
This document describes the Incident Management Process as implemented in Company ICT Department.
The Service Desk/Incident Management Process ensures a quick recovery of service degradations to the agreed service level for all Europe/Headquarters employees. The Service Desk carries out the first-line activities and provides a single point of contact for all these customers. Read More
IT Shared Service Center Document
A. General
1. Background
For cost saving and improve service quality, it is recommended to centralize several IT service supports by IT Shared Services Center (IT SCC), such as providing infrastructure support to all company sites. All services shall be provided under a Service Level Agreement between IT-SSC and the sites, and corresponding tariffs shall be imposed for the delivery of such services. Read More
Proposal of Firewall Implementation
1. Background
According to security improvement, our company decided to install a firewall within our computer network system in order to protect the network system from outside hacking. The firewall should be able to regulate outbound and inbound network traffic between the LAN and WAN network. Read More
IT Outsource Service Document
Introduction
This Statement of Work (“SOW”) defines the End User Care (“EUC”) Support Services to be performed by Outsource Subcontractor for the Client Company. The services and tasks as described in the SOW will be performed in either Client Company and/or Outsource Subcontractor. Read More
IT Security Operation Checklist
Objective:
The IT Security Operation Checklist provides guidelines for IT professionals to perform the daily, weekly, and monthly maintenance and administrative tasks required to keep your infrastructure components and application systems performing optimally. In addition, a checklist is available to help IT to prepare for disaster recovery efforts, and it helps to keep an IT system operation smoothly. The checklist divides into three sections: 1) IT Infrastructure Components Security Operation Schedule, 2) Servers Backup Operation Log, 3) MFGPRO ERP Operation Log. Take reference to the following checklists as a sample, or adapt them to suit your company’s specific needs. Read More
War-Dialing PROCEDURE
1. INTRODUCTION
The presence of unsecured or mis-configured modems attached to computers on the network can undermine a well thought-out security plan. Persons unaware of the risks may set up modems on their computers that can be accessed with either non password or an easily guessed password. These modems are then vulnerable to computer criminals who “war dial,” or call numbers systematically until they find a phone number that connects to an unsecured dialup.
If a computer with an unsecured modem is connected to our network, anyone with a little computer skill and malicious intent can use that unsecured modem as a “back door” into our network. Firewalls don’t protect a network against this type of attack because the intruder comes in over phone lines, rather than over the Internet, bypassing firewalls. Read More
Oracle Password Management Policy
1 Introduction
1.1 Purpose
Company guidelines for managing passwords define the password security policy. In so doing, all personnel are responsible for maintaining good password practices in their systems.
The purpose of this document is to describe how the password management policy can be introduced and maintained in an Oracle database environment. Read More
IDS Setup and Operations
1 Abstract
This document covers the operation of a distributed intrusion detection system.
This manual contains the following:
Chapter 2 Intrusion Detection Procedure
A short introduction to Intrusion detection technology, the procedure around the operations, and follow-up action regarding how to record and keep trace the incident.
Chapter 3 Intrusion Detection
This chapter describes the principles and working of an Intrusion Detection system.
Chapter 4 Component Description
This chapter describes the setup of the different components used in the secure setup.
The central management server will be responsible for the management of all the components.
Chapter 5 Network Setup
The network setup describes how the different components can be placed securely in a site’s network. This is done with centralized management, log consolidation and secure communications between the systems.
Chapter 6 Snort: -Installation, Configuration and Maintenance
This chapter describes the initial installation and configuration and the periodic maintenance.
Chapter 7 Analysis of the results
Analysis of the results obtained through the different IDS sensors have to be analyzed to be useful for the site. This chapter describes the usage of the Analysis Console for Intrusion Databases (ACID)
Chapter 8 Conclusion
This chapter contains the final conclusions of this paper. Read More