IT Standards and Procedures manual

Call Centres R Us has developed policies and procedures for many aspects of the organisation. All staff should be familiar with the procedures that apply to their area of operation.

Policy on standards and procedures

With the development of networks that promote the availability of data, software and hardware resources to staff throughout the organisation it is important that appropriate policies are in place to control such access. These are specific policies to ensure that the network performs adequately, is secure and provides user services.

Ad-hoc storage of data, poor file naming and maintenance, experimentation, attempts to breach security and deliberate flouting of the agreed policies and procedures will not be tolerated. Not only may there be a security risk but the network may not perform to expectations and require excessive administration.

Table of contents

IT Standards and Procedures manual

Policy on standards and procedures

Table of contents

Help Desk standards and procedures

Operating hours

Incident tracking

Support provided

IT service level agreements

Problem reporting and tracking

Escalation procedure

Responsibilities of users and departments

Liaison with departments

Measurement of compliance and usage reporting

Responsibility for specific services

Security and maintenance procedures

Disaster recovery planning

Backup

Virus checking

Maintenance

Maintenance register

Scheduled interruptions

Change control

Network performance and monitoring

User access

File and data control

Network hardware

Workstation performance and monitoring

Software

Register of software licences

Software user training

Software purchasing procedures

IT budgets

Project management documentation

Project reports

Assessing software requirements report

Client specification report

Feasibility report

Preliminary design report

Implementation design report

Project plan

Project progress reports

Quality assurance

Performing a QA process

Correspondence and documentation

Style manual

Electronic mail (e-mail)

Help Desk standards and procedures

Help Desk staff are the ‘face’ of the IT Department and it is important to show the right face to the client user. It can be a difficult job especially if the user is annoyed but at all times you must:

  • act with integrity and honestly. Tell the user what is happening with their problem. If everyone does their job there should be no reason to try to mislead a user or tell them an untruth.
  • communicate with the user in terms that they understand. Do not use technical terms or jargon unless you are sure that the user understands them. Explain things to the users if necessary.
  • handle conflict in a cool and collected manner, be tolerant and do not lose your temper. Remember that the user is our customer.
  • help the user. Identify critical issues and prioritise problems accordingly. See IT Service Level Agreement section.
  • be loyal to the company and your team. Do not blame equipment, suppliers, managers or other team members.

Operating hours

The Help Desk will respond to calls as per the following schedule:

Call Centre Systems: 24 hours a day

Head office: 7:00am to 7:00pm

During these periods there must be at least one person available to take calls. The use of an answering machine is not considered a valid response.

If a Head Office user needs assistance outside the standard call times then they may be provided support provided there are no Call Centre users with problems. At all times Call Centre systems take precedence over head office systems unless authorised by the IT Manager.

Incident tracking

We currently do not experience too many problems and so there is no need for a complex Help Desk system. All incidents will be recorded in a Microsoft Excel spreadsheet. It is imperative that all appropriate information is obtained from the user during the initial call.

Information to be gathered includes:

  • incident number
  • date and time of call
  • user's name, location, extension
  • type of equipment and asset number. The asset number will be on the front of the PC
  • description of the problem
  • problem area - PC hardware, software, network, application, etc.
  • severity of the problem–

High - system down user needs immediate fix as problem impacts cash flow

Medium - user can wait for a fix, no immediate impact on organisation

Low - there is a work around or problem not impacting user operations

  • name of support person assigned task
  • links to other similar problems.

Once the problem has been fixed then additional information needs to be completed including:

  • date and time fixed
  • resolution
  • actions to prevent recurrence
  • other comments.

Support provided

It will be up to Help Desk staff to identify critical systems and to prioritise the calls placed. Generally speaking any problem that stops the call centre operations has the highest priority. In the event of a user demanding immediate action then they should be referred to Chris White.

Many calls are not real problems but simply users who do not know how to perform a particular function on their computer. These will still be logged and where possible the person taking the call will try to talk the user through the process or refer them to the appropriate page in the manual or help system.

Calls may relate to performance, especially a perceived view that the network is slow. In many cases it is not the network that is slow but the PC that is under performing. These are to be followed through since a performance problem may be caused by an intermittent hardware fault, which could eventually lead to a total loss of service. Unless poor performance is leading to a delay in the provision of call centre services they will not be consider as a high priority but should be attended to within 24 hours of being notified. The user experiencing the problem should be contacted within two hours of logging the call.

IT service level agreements

This document sets out the main services provided by the IT Department of Call Centres R Us.

The levels of service described here, are those which the IT Department commits to meeting, given an agreed level of resources. The service levels are negotiated annually through consultation with the user community.

Problem reporting and tracking

When problems are reported to the Help Desk (by phone, e-mail or in person), they are entered into the Fault-Tracking system. A problem which cannot be solved immediately is forwarded to a specialist member of staff and tracked to ensure that it is dealt with and also that the person who reported it is kept informed of the outcome. Each forwarded problem is allocated a reference number, which is given to the person reporting the problem.

Users are encouraged to report non-urgent faults by e-mail. If Help Desk classifies a problem as urgent, all reasonable endeavours are made to have it fixed immediately. Help Desk may also categorise a problem (such as one preventing a number of people working) as serious, in which case an escalation procedure is operated (see Escalation Procedure).

Weekly reports are provided for the IT Manager, the Services Director, and the relevant departmental Manager(s), listing all outstanding faults. Priorities between outstanding problems may be adjusted at this stage.

Escalation procedure

If a problem prevents a number of people working, or puts users' information at risk, it is regarded as serious, and its progress towards resolution is monitored by an escalation procedure operated by the IT Department. The purpose of the procedure is to ensure that work on the problem is properly resourced and prioritised, and that any third parties involved respond properly.

The main aspects of the procedure are:

  • As soon as the problem is properly characterised by IT staff, following its observation, or a report by a user, Help Desk is informed. They publicise the situation as appropriate.
  • Support staff for the service are called in, and contact with the relevant supplier or maintenance company is made as soon as possible, where such action is appropriate.
  • If the problem remains one hour after identification, IT Staff member responsible for the service is informed.
  • If the problem persists for half a working day, the IT Manager and the Services Director are informed.
  • If the problem persists between half and one working day, an item for News Flash is produced detailing the problem and any possible 'workarounds'. Online contact may also be made to users.
  • If the IT Manager is dissatisfied with a maintenance company's response to a particular problem, escalation is performed with them in accord with the terms of the appropriate agreement.

Non-serious problems have a lower priority, but both types of problems are entered in the Fault-Tracking system, which tracks them to ensure a satisfactory outcome.

Responsibilities of users and departments

Self sufficiency

Users are expected to familiarise themselves with IT documentation and online information relevant to their work, as well as any Departmental support arrangements.

Suitability of software

Users are responsible for satisfying themselves that any given software product is suitable for the uses to which it will be put, and that the results derived from it are meaningful.

Departmental responsibilities

Departments are expected to appoint a User Representative and any extra contacts, if necessary. We send copies of documentation, our Newsletter and our News Flashes to User Representatives and expect them to act upon this information in a Departmental capacity. With the general rise in uptake of IT services, the User Representative has an increasingly important role, upon which we have to rely for the correct formulation and delivery of many services.

Liaison with departments

The IT Department is very keen to increase its customer-focus and to ensure its delivery capability keeps pace with our clients' needs. Increasingly we want to use our skills and wide experience to help departments and clients to use IT in a more strategic fashion. To do all of this, communication between the IT Department and our colleagues, clients and users is absolutely vital. There must be clear and efficient communication mechanisms based on common need.

During the period of this SLA, we will be exploring with you what mechanisms have worked well in the past and where improved mechanisms are needed. A key need is to have focal points to help develop our plans, assist on reconciling prioritisation issues and gain agreement on charging.

The IT Department also has a database containing details of departmental staff with a special interest in IT e.g. User Representatives. Anyone wishing to have their names added to this database should contact the IT Department.

Measurement of compliance and usage reporting

All the hardware platforms operated by IT have maintenance contracts with relevant hardware and software suppliers. The IT Department produces summaries, showing the serviceability and availability of the platforms it operates, together with summaries of notified problems, which are attributed to services where possible.

Summaries of the types of faults reported to the Help Desk are used within IT to spot general problem areas.

Compliance of applications software is measured by its record of availability upon its platform(s) and by its conformance to the specification laid down in its supplier's documentation. With modern commercial products, very high compliance is expected.

IT compares annually all measurements of service-level achievements with those stated in the Agreements.

Responsibility for specific services

At time of publication, the responsibility for specific services is under review and therefore may change during the lifetime of this document.

Any questions or problems should always be directed in the first instance to the Help Desk. Feedback about the level and provision of specific services may be addressed to the IT Manager. Alternatively, if a user is at any time wants to discuss the quality and level of service provision, or has any comment to make about IT and its services, please contact the Services Director.

Security and maintenance procedures

Disaster recovery planning

A risk analysis of the security needs of the network will be undertaken and reviewed regularly. Security and control shall be sufficient to prevent or recover from security breaches in accordance with this analysis. Risk assessment will review all the major systems and procedures on the LAN. The assessment will identify the threats and quantify the risks.

The result of the risk assessment will be a list of threats and quantified risks that are not acceptable to management. Cost effective measures will then be implemented to reduce or recover from those risks. This will be fully documented and agreed especially in those areas where management agrees to carry the risk.

Any significant changes to the system whether hardware or software will also need to undergo a risk analysis to gauge their impact on the business.

Backup

All data on the network should be backed up daily. The software selected for this task should be capable of backing up all of the volatile system files such as user password files and other system files. All backup media should be large enough to contain all data with out the need to change media during backup. Currently we use tapes as the backup media.

A system of tape rotation and control is to be implemented. The re-use of tapes is to be determined as part of the Risk Analysis.

The backup system must be able to retrieve a deleted or damaged file from the medium in a short time, say, ten minutes.

Tapes must be stored at an offsite backup location. The frequency of taken tapes off-site will again be determined by the risk analysis.

The master (original) copies of software are to be stored in a secure remote site.

Supervisors must have someone who can perform the common operations on the network while they are away. This person must be adequately trained and kept up to date by carrying out certain supervisory operations on a regular basis.

A system for archiving infrequently used, but required files will be instituted.

Users will need to be informed as to which files, if any, are not part of the daily back up routine and how to take responsibility for recovery of that data. For certain applications there may be a need to make copies or backups of files just prior to a period update. These copies may be made to another part of the hard disk and are there purely to recover from a software failure. However, users may wish to archive or backup files at the end of an accounting period and will need to inform the administrators of their requirements.

Procedures will need to be implemented to ensure that the backup log is checked each morning to confirm that the backups were successfully completed.

CCRU Backup Log

Date of backup / Tape number used / Type of backup / Files backup up / Errors or comments / Initials

At regular intervals the validity of the backups should be tested by attempting to reload a server using backup tapes only. A complete set of disaster recovery procedures should be developed and tested.

If a tape is used in a restore operation then this fact and the date of the restore should be identified in the Errors or comments column.

Virus checking

All software loaded on the network should have first been checked for virus contamination. This also applies to shrink-wrapped (brand new) software.

The virus-checking program selected should be regularly updated to cover new viruses.

No software should be downloaded from a bulletin board to the network. Computers used for file transfer from other sources shall be disconnected from the network during the transfer. All data thus transferred shall be screened for virus contamination before being released to the network.

Diagnostic, maintenance or utility programs should only be used by the supervisor under controlled conditions.

Maintenance

Performance problems may be due to poor maintenance. For example, old temporary files may fill a disk, which reduces the space for memory caching which may slow down performance. If this is the case then either the user or the support person should carry out a full maintenance of the computer. This will consist of:

  • deleting all temporary files
  • scanning the disk for errors
  • defragging the disk if necessary
  • ensuring that the latest service pack is loaded
  • removing any unwanted software
  • in some cases reloading the operating system on a newly formatted disk

If performance problems are due to capacity issues then recommended upgrades will be submitted to Chris White who will consider the hardware budget and plan.

Maintenance register

In order to provide a quality service to its customers, the IT Department keeps a Register which provides all the information needed to support the ongoing maintenance of systems and IT developed solutions.

All new systems and developments must establish entries in the Maintenance Register once the solutions are in production. The information will be recorded and filed separately for each Project. The following forms will be used: