Data Center Services Best Practices.doc
Upcoming SlideShare
Loading in...5
×
 

Data Center Services Best Practices.doc

on

  • 1,660 views

 

Statistics

Views

Total Views
1,660
Views on SlideShare
1,660
Embed Views
0

Actions

Likes
1
Downloads
132
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft Word

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Data Center Services Best Practices.doc Data Center Services Best Practices.doc Document Transcript

    • data-center-services-best-practicesdoc4120.doc Data Center Services Page 1 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc TABLE OF CONTENTS Data Center Services.................................................................................................3 Best Practices for Data Center Services............................................................................3 Data Center Service Levels..............................................................................................20 Data Center Services Pricing...........................................................................................30 Page 2 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Data Center Services The National Oceanic and Atmospheric Administration (NOAA) Data Center environment includes the administration and management of servers and storage such as: Mainframe, Unix- based, Windows-based systems and associated data storage and backup services and supporting systems software (e.g., operating systems, utilities, schedulers) from a centralized location. These environments support NOAA’s business applications/databases, file/print services, e-mail (including Blackberry) services, and other NOAA-specific infrastructure-related functions. Data Center Services include the following:  Business Continuity and Disaster Recovery: Process of planning and managing organizational preparation for future incidents that could jeopardize the organization’s core mission and long-term health.  Configuration Management: Process of managing change controls placed on hardware, software, documentation, testing and test documentation during the development and operational life of a system.  Database Management: Process of managing database systems to ensure optimal delivery for all aspects of the organizational data infrastructure.  Facilities Management: Process of managing data center facilities to ensure efficient operations, flexibility and scalability. Key management parameters include site location, building selection, floor layout, electrical system design, mechanical design and modularity.  Monitoring: Process of proactively managing and monitoring operational systems to identify underperforming systems and other incidents which affect IT service delivery.  Performance Management: Process of managing IT infrastructure and operations (network performance) as an integrated part of business-relevant performance metrics.  Task Management – Output Management: Process of managing middleware that drives the output process and supports the automated creation and delivery of business process and ad hoc documents.  Task Management – Job Scheduling: Process of managing enterprise software applications that execute unattended background activities through a single point of control overseeing integration of real-time activities with background processing requirements. Best Practices for Data Center Services Business Continuity and Disaster Recovery  Account for changing business environment, results of continuous service testing and best practices when conducting maintenance activities  Align IT and the business on a business continuity strategy and the process to follow in case of a disaster  Backward integrate tools from Application Service Providers (ASP) and Internet Service Providers (ISP) for recovery purposes  Base the escalation process on a classification of availability incidents Page 3 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Calculate cost of down time  Carry out business impact analysis to identify risks based on threats and vulnerabilities  Categorize, estimate and project workload (management by formula)  Classify all incidents that are considered under the business continuity plan and communicate resolution for each to all involved parties  Conduct automated data collection for analysis and planning from existing enterprise tools such as network monitoring, workload and performance tools, and incident tracking systems  Conduct global testing and feed test results back as part of the maintenance process  Conduct risk assessment and business impact analysis  Consider recovery options for people, systems, networks, critical services and critical assets  Contract stand-by arrangements for IT service continuity needs from vendors and major suppliers, and take into account changing business needs  Correlate IT recovery time objective (RTO) measures with lines of business (LOB) key performance indicators (KPI)  Create a required response team that is responsible for the completeness of the IT contingency plans (i.e., an executive team, a coordination team and a recovery team)  Analyze and document current workloads and infrastructure capacities  Define and document processes including the operating assumptions  Define Business Continuity Plan (BCP) guiding principles  Define corporate risk policies and attitudes  Define mission, objectives and scope of the Business Continuity Plan (BCP) process  Define project organization and management/control structure as part of the Business Continuity/Disaster Recovery Plan for both normal and invocation operations  Educate and make the organization aware of the Business Continuity and Disaster Recovery Plan and procedures  Ensure accurate and timely Business Continuity Plan reflects real-time integration with Capacity Planning, Security Management and Change Management  Establish clear accountability and track / trend compliance  Establish continuity patterns for the organization  Establish procedures for building and maintaining the Emergency Response Plan, Damage Assessment Plan, Salvage Plan, Vital Records Plan, Crisis Management Plan and Public Relations Plan as part of the Business Continuity process  Execute combined business impact analysis (BIA) and risks assessment rankings to identify key focus areas for BCP  Execute continuous audit and proactive management of the BCP/DRP plan  Focus recovery efforts on the business function Page 4 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Fully document the Business Continuity Management process, create work flows and implement across the enterprise  Fund and resource the development / implementation of a BCP  Identify and continuously monitor critical infrastructure components  Identify and eliminate single-source points of failure (single power source, single communication source)  Identify and implement technology and/or task hand-off points/relationships for all service management processes  Identify and test the communications required to inform stakeholders and media in the event of disaster  Identify, capture and report metrics across all dimensions (e.g., efficiency, effectiveness, risk)  Implement and optimize risk reduction measures to minimize risks to the continuity of IT services  Implement procedures to identify external influences that impact the BCP/DRP process  Include business and IT service continuity requirements in the BCP (office space, telephone and communications access, paper files and records)  Include BC and DR as part of the Change Management process to ensure that any changes in the infrastructure are reflected in the contingency arrangement provided by IT or third-party suppliers  Include details of activities to be undertaken when invocation is authorized under the BC/ DR Plan  Install a no-break power system and regularly test  Include sufficient details in the BC/DR to enable a technical person not familiar with the IT service or system to successfully follow the procedures  Integrate various management structures into the roles for BC, enabling appropriate coverage and visibility and these resemble the structure that controls and facilitates continuity/recovery  Integrate, align and routinely maintain the IT service continuity plan and BCP  Integrate with Configuration, Asset, Change, Security, Problem, Budget, Contract and Contractor Management processes to produce or receive the following:  Approved Changes  IT Finance Management  Incident Management  Problem Management  Business Continuity Impact Report  Configuration Reports  Configuration Verification and Audit Results  Contract Plan Page 5 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Contractor Plans  Contractual Impact To Business Continuity  Draft Business Continuity Plan  Final Business Continuity Plan  Problem Incident Reports  Required Changes  Upgraded Configuration Report  Maintain a checklist to cover specific actions required during all stages of recovery activities  Maintain a list of key contacts, suppliers and resources  Make BC/DR plans available both in the office and at home and issue to key members of the crisis management team a short process aid, which they must keep with them at all times  Make information relating to various databases and supporting documentation readily available to the stakeholders  Make operational and manage appropriate stand-by arrangements for all high-availability components.  Measure BCM process efficiency and effectiveness  Optimize cost justifiable countermeasures/risk mitigation strategies  Optimize costs through innovation and integration for continuity of IT services  Optimize, fully understand and regularly test invocation policies and procedures  Perform regular availability requirements analysis  Prepare and present cost/benefit analysis of various business continuity strategies  Proactively detect and address potential availability risks  Proactively manage single points of failure and provide organizational support for their remedy  Document and implement procedures for distribution of plans to ensure that copies are available to key staff members at all times and that the latest version is in circulation  Provide formal training for continuous service processes  Rigorously maintain an inventory of critical systems and components  Schedule point-in-time (event driven) audits and tests of the BCP plan  Specify and quantify the business costs of interrupted service  Take action on and incorporate the lessons learned from actual downtime incidents and test executions of the contingency plan  Understand potential impacts to business processes at a granular level resulting from system unavailability (i.e., metrics and reporting support)  Update the plan at least bi-annually Page 6 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Use a skill matrix to plan shift changes and handover to ensure that available facilities function in an optimal level  Use a test lab infrastructure to enable a high-degree of scenario planning and statistical analysis  Use Service level agreements to raise awareness and increase co-operation with suppliers for continuity needs Configuration Management  Align configuration data with vendor catalogues  Align vendor catalogues and configuration  Audit Configuration Management activities against the Configuration Management plans  Conduct audits before and after major IT changes, following recovery from disasters, at random intervals or in response to detection of unauthorized configuration items (CI)  Conduct regular audits to ensure only authorized CIs exist  Define configuration baselines and identify the minimum standard components and integration requirements, consistency and integration criteria  Ensure Configuration Management Plan covers the next 3 to 6 months in detail and outlines the following 12 months.  Ensure Configuration Management Plan includes details about the configuration management database (CMDB) and its relationships with other processes and third parties  Create a Configuration Management Plan that includes strategy, policy, scope and objectives  Consistently apply exception analysis, as well as physical verifications, and investigate root causes  Define a release management policy and deploy a system to enforce it  Define and document processes and operating assumptions  Define and implement a consistent process for documenting CIs across all technologies  Define and maintain configuration baselines that identify the minimum standard components and integration requirements, consistency and integration criteria  Define Enterprise Configuration Management guiding principles  Define Mission, Objectives and Scope (Charter) of the Configuration Management processes  Document, standardize and communicate procedures and working practices  Ensure procedures cover housekeeping, license management, and archiving and retention periods for CIs  Establish accountable parties / owners for all configuration elements with clear responsibility for maintaining the inventory and controlling change  Establish an appropriate software library structure, addressing the needs of development, testing and production environments Page 7 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Establish ‘zero tolerance’ for illegal software  Formally define the configuration process including the following:  Planning  Identification  Control  Tracking  Status accounting  Verification of CIs  Hold all details and relationship information about CIs in a single database which is not duplicated and is in a controlled environment  Identify key contacts, suppliers and resources  Implement an automatic distribution and upgrade process  Implement automated processes to load and update the CMDB where possible to reduce errors and costs  Maintain a single logical file store in a Definitive Software Library (DSL) for developed and purchased software  Maintain and make accessible configuration information based on up-to-date inventories and a comprehensive naming convention  Make available an automatic configuration detection and checking mechanism  Manage all infrastructure components within the configuration management system, which contains all necessary information about components and their interrelationships  Conduct management forecasts for repairs and upgrades that utilize analysis reports providing scheduled upgrades and technology refreshment capabilities  Obtain customer satisfaction feedback for each major configuration  Provide management with information concerning the achievement of targets and objectives set for Configuration Management and non-conformance to standards  Publish policy document to all department which contains at least the following key elements:  Scope  Definition  Roles and responsibilities  Lead times  Exception processing  Principles  Documentation  CI storage information  Review the Configuration Management Plan at least twice a year Page 8 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Segregate record keeping and physical custody duties Database Management  Consistently use metrics and trending analysis for process improvement feedback  Coordinate DB Management and the business on metrics (e.g., business unit growth to table size growth)  Coordinate technical design reviews as a prerequisite to any database changes that require modifications to Data Definition Language (DDL) or a Database Definition Modification (DBD Generation); involve representatives for Database Support, Application, Operations, and Architecture (Technical Services) during the design phase, not just on the Change Control Board  Define and document processes  Define and implement a process to manage coordination between database and application code changes  Define and report expense of each database object with variance analysis and year to year improvement  Define baselines and thresholds and enable a dynamic (i.e., real-time) reporting model  Enable procedures that support a rapid and efficient planning, approval and initiation process covering identification, categorization, impact assessment and prioritization  Identify, capture, and report metrics across all dimensions (e.g., efficiency, effectiveness, risk)  Implement an independent process for verification of the success or failure of database change  Make available complete and up-to-date application and configuration documentation  Publish policy and profile documents to all departments, containing at least the following key elements:  Definition, players, timing, lead times, exception processing, and risk assessment procedure  Defined mission, objectives and scope of the Database Management process  List of key database vendors/suppliers, contacts, and resources  Enterprise database guiding principles  All Database Management policies  Relate metrics to service-level agreements (SLAs) with appropriate reporting mechanisms  Understand and define business needs with regards to runtime, response time, etc. Facilities Management  Align facilities strategy and standards with IT services availability targets and information security policies, and integrate with business continuity planning and crisis management  Conduct analysis at an enterprise level to determine facilities more suited to accept various types of new workload Page 9 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Conduct routine analysis of problems:  Hot spot analysis  Surge analysis  Define a strategy and standards for all facilities, covering site selection, construction, guarding, personnel safety, mechanical and electrical systems, fire, lightning and flooding protection  Define and document facilities processes and operating assumptions  Define concise and up-to-date detection, inspection and escalation procedures and support through a training program  Define Facilities Management guiding principles  Define Facilities Management policies  Design the operational environment to support the following characteristics:  Continuous Access (24x7x365)  Dual power source equipment  Modularity and flexibility of base facility  Develop and maintain a long-term plan for the facilities required to support the organization’s computing environment  Develop plans for the entire organization, conduct regular and integrated testing and incorporate lessons learned into plan revisions  Document environmental and physical security requirements, and strictly control and monitor access  Document Facilities Management processes and workflows for the enterprise  Enforce preventive maintenance programs, including a strict adherence to schedules and regular tests for sensitive equipment.  Enforce strict adherence to preventive maintenance schedules and strict discipline in the housekeeping of facilities  Establish facility standards for IT use  Establish good relationships and information exchanges with law enforcement, fire and other local authorities  Implement and track a formal facilities and space forecasting sub-process with quarterly reviews based on changing priorities  Implement consistent processes for Facilities Management across all LOBs, technologies and locations  Include retrofit of business area planning efforts (e.g., business-owned resources) as part of plan formulation  Integrate IT Facilities management tightly with corporate facilities management  Integrate physical security as part of facilities management planning  Locate primary single-story facilities in suburban locations Page 10 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Mandate formal and required participation for all facility management process participants (including IT, facilities teams and business side)  Monitor and base physical access need-to-be and zoning principles, with identification authorization and exception procedures where needed  Monitor facilities using automated systems with clear tolerances and audit logs, closed- circuit television (CCTV) and intrusion detection systems where necessary, as well as through physical inspections and audits  Offer new options for provisioning of Facilities and Floor Space (e.g., on demand) to customers  Organizational structure and budget allocations evidence focus on maintaining a controlled computing environment  Plan, design and maintain data facilities to achieve the following performance and availability goals:  Facility redundancy  No single points of failure  Continuous maintenance/upgrade  Publish a policy document to all departments, containing at least the following key elements:  Scope, definition, players, timing, lead times, principles, and facilities plan/re-plan approach/methodology  Defined mission, objectives and scope of the Facilities Management process  List of key contacts, suppliers and resources  Routinely benchmark individual facilities against other sites  Support an “unmanned” monitoring and control environment for equipment rooms through specialized equipment Monitoring  Conduct audits before and after major IT changes, following recovery from disasters, and at random intervals.  Conduct audits to ensure only authorized monitoring tools exist  Define and document processes and operating assumptions  Define and implement Infrastructure and Applications Monitoring architecture and strategy  Define and use anticipated and analyzed event correlation documents  Formalize training tools and process plans for all the people responsible for this process  Identify and implement technology and/or task hand-off points/relationships for all service management processes.  Identify Infrastructure and Applications Monitoring Process definition and flow  Integrate process to process integration (including data-level integration) with all service management processes including formal integration with the following: Page 11 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Storage Management  IT Finance Management  Service Request Management  Release Management  Asset Management  Ensure a comprehensive skills matrix is in place and kept up to date  Publish a policy document to all departments containing at least the following key elements:  Scope, definition, roles and responsibilities, lead times, exception processing, principles, documentation and monitoring information storage  Mission, objectives and scope of the infrastructure and applications monitoring process  List of key contacts, suppliers and resources  Enterprise Infrastructure and Applications Monitoring Guiding Principles  All Infrastructure and Applications Monitoring Policies  Review and update job descriptions annually for all the people responsible for this process  Standardize process for documenting Infrastructure and Applications Monitoring items across all technologies  Use automated forensic filtering  Use automation to monitor Infrastructure and Application items  Use consolidated Infrastructure and Applications Monitoring and Configuration Management Repositories across the entire infrastructure Performance Management  Address performance issues at all appropriate stages in the system acquisition and deployment methodology  Agree to performance, reliability and maintainability targets for the IT infrastructure components that underpin the IT services  Agree to, measure and monitor required levels of performance to fully support Service- Level Management  Align performance plan with the capacity plan and publish with the capacity and business budgeting cycle  Apply Performance Management to internal and external suppliers that form the IT support organization  Business relationship management (BRM) and performance management process owners work closely to establish and communicate performance thresholds and expectations.  Capture consistent and repeatable metrics Page 12 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Carryout planned maintenance activities (e.g., preventative maintenance) to avoid failures, software/hardware upgrades to provide new functionality or additional capacity  Conduct "What if" analysis of higher performance levels in relation to cost  Conduct continuous improvement in performance processes  Conduct predictive performance problem identification  Conduct trend analysis showing imminent performance problems caused by increased business volumes, enable planning and avoidance of unexpected incidents  Customize and base communications for each audience on rich metrics not just events  Define and document processes and operating assumptions  Define and standardize procedures for incidents caused by capacity and performance failures  Define and understand the performance implications of IT service requirements for all critical business processes  Define policy-based objectives  Deploy performance technique details to provide additional infrastructure resilience to prevent or minimize the impact of component failure to the IT service  Develop and review a forward-looking schedule for the planned Service Outage Analysis (SOA) assignments  Document and demonstrate current service capability to users who request new and improved availability levels  Exchange information with Capacity Management to ensure that the performance plan takes into account trends in system usage  Exchange information with the service desk concerning end-user complaints or poor IT service performance  Identify defined roles at all levels with a process to update roles as organizational change occurs  Include performance requirements in all IT development and maintenance projects  Integrate with capacity planning management and production acceptance processes to produce or use the following:  Capacity Refinement  Capacity Report  Performance Results  Integrate with performance, problem, change and service request management processes to produce or use the following:  Change Management  Incident/Problem Management  Configuration Management  Capacity Management Page 13 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Monitoring  Business Continuity Management  Issue formal Requests for Change (RFC) to request service performance improvement measures  Make available performance, backup and recovery design criteria for each new or enhanced IT service  Map business systems to performance patterns:  Sub-second transaction response time  Collaborative  Decision support  Remote user  Batch  Perform dynamic (self-analyzing) tuning by application and cross-environments  Performance plan covers a period of 1 to 2 years with a more detailed view and information for the first six months.  Provide an end-to-end IT service delivery and end-user perspective  Provide real-time reporting primarily through the web portals or other forms of electronic viewing  Publish a policy document to all departments containing the following key elements:  Scope, definition, roles and responsibilities, lead times, exception processing, principles, and documentation  Mission, objectives and scope of the Performance Management process  List of key contacts, suppliers and resources  Performance Management guiding principles  All Performance Management policies  Review performance plan regularly with minor revisions every quarter and major revisions made every half year  Review performance, backup and recovery designs to provide additional resilience to prevent or minimize the impact on the business  Review technology infrastructure on a regular basis to take advantage of cost/performance ratios and enable the acquisition of resources providing maximum performance capability at the lowest price  Subject all IT components to a planned maintenance strategy to manage planned downtime  Synchronize performance plans with the business forecasts and the operational plans and objectives  Train personnel to define threshold rules of thumb (ROT) for optimal performance Page 14 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Translate business and user requirements of IT service performance into quantifiable performance terms and conditions to ensure that optimal usage and performance of IT infrastructure is achieved to deliver maximum benefit  Use a consistent Performance Management process to manage and maintain end-to- end performance for all workloads and environments  Use real-time IT performance metrics (balanced scorecards etc.) by BRM to gain end- user credibility Task Management: Output Management  Conduct continuous review of output management deliverables to determine possible cost and/or media savings  Conduct planning on a quarterly basis (digital planning) and use scenarios, value cases, and ROI models  Define and document Output Process and operating assumptions  Establish and formalize central ownership and accountability for the IT Output Management Process  Formalize output management process participants (including IT, Output teams and business side)  Identify and define roles at all levels including a process to update roles as organizational change occurs  Identify and implement technology and/or task hand-off points  Identify Output Management process definition and flow  Integrate process (including data-level integration) with other operational (or business) processes  Make the operational process consistent for Output Management across all LOBs, technologies and locations  Offer new options for provisioning of Output Management (e.g., on demand) to customers  Publish policy document published to all departments., containing at least the following key elements:  Scope, definition, players, timing, lead times, principles, and Output plan/re-plan approach/methodology  Defined mission, objectives and scope of the Output Management process  List of key contacts, suppliers and resources  Output Management guiding principles  All Output Management policies  Ensure responsible personnel for this process are capable of participating in the following activities:  Output evaluation (media and production)  Mailing integration Page 15 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Bundling and Distribution  Supply Management  Review Output Management plans semi-annually and published a new plan to executive management and customers  Update Output Management forecast and obtain validation from the business/IT areas on a quarterly basis  Utilize a proactive forecast process for determining Output media requirements Task Management: Job Scheduling  Analyze all problems and failures of the process to identify the root cause, and improve the process performance  Analyze all equipment jointly with the vendor for age and malfunction symptoms to make operational a preventative maintenance approach  Assigned resources responsible for this process are capable of participating in the following activities:  Output evaluation (media and production)  Mailing integration  Bundling and Distribution  Supply Management  Assigned resources responsible for this process have an Output Management background providing them with the expertise in:  Mailing integration technologies  Operating Distribution Software  Automate to a high degree operational tasks  Conduct formalized and ongoing training as part of career development and process improvement  Conduct retrofit of business area planning efforts (e.g., business-owned resources) as part of plan formulation  Confine input and output handling to the identified users  Control processes support an efficient approval of changes to job schedules  Define a formal Job Scheduling process including categorization, prioritization, emergency procedures, change authorization, and release management  Define and assign computer operations and support responsibilities  Define and document processes and operating assumptions  Define and enforce service support agreements with vendors  Define and implement job descriptions for:  Scheduling Coordinator  Workload Analyst Page 16 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Define and make operational a process to manage co-ordination between scheduling and monitoring processes  Define and make operational strict acceptance procedures for new job schedules, including documentation delivery  Define operations instructions according to agreed upon standards that include clear cut- off and restart points  Document and communicate schedules and tasks both internally to the IT function and to the business client  Establish and monitor formal maintenance and service agreements with vendors  Evaluate and optimize workload balancing options across all platforms on a consistent basis  Execute regular reviews of actual vs. scheduled run times (not just for crisis situations)  Formalize output management process participants (including IT, Output teams and business side)  Identify all regularly submitted critical jobs in a production schedule  Identify and implement technology and/or task hand-off points  Identify, define and document roles for the process at all levels including a process to update roles as organizational change occurs  Implement and make operations a single internal report bundling software solution across platforms  Implement and track a formal Output forecasting sub-process with quarterly reviews based on changing priorities  Implement rationalization and standardization of systems management tools  Integrate job scheduling processes at an Enterprise level with processes listed in Levels 3 and 4  Integrate job scheduling processes at the operating platform level with:  Performance Management  Capacity Management  Service-level Management (SLM)  Production Control  Production Acceptance  Monitoring  Problem and Incident Management  Business continuity  BRM and SLM for reporting  Integrate Output Management process with business planning process  Integrate Output Management with change management and service request management Page 17 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Integrate process (including data-level integration) with other operational (or business) processes  Make available complete and up-to-date application and configuration documentation  Make operational a consistent process for Output Management across all LOBs, technologies and locations  Make operational a rapid and efficient planning, approval, and initiation process for job schedule updates  Make operational preventive maintenance schemes  Make process consistent across all known platforms with all exceptions handled via a documented exception process including appropriate process review to identify root cause  Offer new options for provisioning of Output Management (e.g., on demand) to customers  Publish policy and profile documents to all departments, containing at least the following key elements:  Definition, players, timing, lead times, exception processing, and risk assessment procedure  Mission, objectives, and scope of the Output Management and Job Scheduling process  List of key contacts, suppliers and resources  Output Management and Job Scheduling guiding principles  Job Scheduling and Output Management Process policies  Record and report events and completed task results to management  Re-engineer operational processes to work effectively with automated tools  Resource expert-level scheduling co-coordinators and workload analysts well versed in the selected automated scheduling products and workload simulation tools at the enterprise level  Resource Job Scheduling process participants (schedulers and workload analysts) on each platform based on full-time equivalent (FTE) resource requirements  Review and update Job Scheduling Process on a regular basis to keep in line with best practices  Review Output Management plans semi-annually and publish new plan to executive management and customers  Schedule all production jobs in accordance with the defined process  Standardize each platform around the same basic set of scheduling processes to enable a higher degree of schedule integration  Submit special request or no fixed scheduling criteria jobs through production control either via user's request or by the users themselves  Support operations with resource budgets for capital expenditures and human resources  Understand and document the business needs with regards to runtime Page 18 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc  Update the forecast process and validate with the business areas on a quarterly basis Page 19 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Data Center Service Levels The following chart depicts the level of service provided for Data Center Services. These service-level targets are the basis for negotiated service-level agreements (SLAs) with the business units. Table 1. System Availability Service Level Description Objective Target Metric Mainframe OS and Per System Availability Sun.–Sat., 0000–2400 99.99% Subsystems Unix Production Servers Per Server Availability Sun.–Sat., 0000–2400 99.99% AS/400 Production Servers Per Server Availability Sun.–Sat., 0000–2400 99.99% Windows Production Servers Per Server Availability Sun.–Sat., 0000–2400 99.99% (Critical) Windows Production Servers Per Server Availability Mon.–Fri., 0400–1900 99.5% (Non-critical) QA/Test Systems and Servers Per Server Availability Mon.–Sat., 0400–1900 99.5% Development Servers Per Server Availability Mon.–Sat., 0400–1900 99.5% Page 20 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Table 2. Batch Processing Page 21 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Service Level Description Objective Target Metric Scheduled Production Batch Per Scheduled Time Complete core jobs per approved schedule 99.50% Demand Production Batch Response Time 20 minutes to initiation from receipt of request 95% Set up or modify job scheduler Response Time Next Business Day (all daily requests) 98% definition and dependencies Page 22 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Service Level Description Objective Target Metric One-time schedule change for Response Time 2 hours (all daily requests) 98% existing scheduled jobs Page 23 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Table 3. General Administrative Functions Page 24 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Service Level Description Objective Target Metric Objective: Response Time: Set Up/Modify End-User ID or  2 Business Days  1–5 User IDs Authorization changes.  3 Business Days 95%  6–10 User IDs  Per agreed-on time  >10 User IDs Page 25 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Table 4. System Administration Page 26 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Service Level Description Objective Target Metric Advise need to allocate additional processing Proactive monitoring and Sustained average daily CPU utilization approaches 70% resources based on reporting of need to of installed processor capacity—Inform within 1 Business 99% pre-defined parameters and increase capacity Day observed growth patterns On-Demand CPU Processing Increases/decreases of ± 20% of baseline CPU Elapsed Time 99% capability change requests processing capability within 2 days Advise need to allocate additional storage resources Proactive monitoring and Total monthly storage capacity utilization measured in based on pre-defined reporting of need to GBs used approaches 80% of installed capacity—Inform 99% parameters and observed increase capacity within 1 Business Day growth patterns Increases/decreases of ±10% of installed storage On-Demand disk storage capacity within 7 Business Days of request/approval Elapsed Time 99% capacity change requests If owns the assets, then metric is within 7 Business Days of delivery of equipment to data center System security requests Response Time Next Business Day 99% (RACF, ACF2) Deploy service/security patches/antivirus updates Same Business Day as signoff, subject to agreed-upon Response Time 99% necessary to fix/repair Change Management procedures environment vulnerabilities Page 27 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Service Level Description Objective Target Metric Restore of production datasets from on-site backups Time to initiate restore Initiated within 20 minutes of request 95% (non-DR) Table 5. Server Software and System Refresh Service Level Description Objective Target Metric Notification of vendor Software upgrades and new Response Time Within 30 days after Software vendor announcement 95% releases Completion of implementation Within 60 days following approval, or as otherwise of service packs and updates Response Time 95% mutually agreed to “dot” releases Completion of implementation Within 120 days after approval, or as otherwise of version or major release Response Time 95% mutually agreed updates Refresh for midrange servers Population age greater than 3 years old based on Response Time 95% (Windows) business unit approval Individual patches and Same Business Day as signoff, completed within requisite patches per Elapsed Time 95% Availability SLRs database Table 6. Restore Page 28 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Service Level Description Objective Target Metric Restore Requests for Commence restore within 3 hours from request Response Time production data (assumes data are being restored from copies of on- 100% Data 1 week old or less site backups) Restore Requests for recovery Commence restore within 8 hours from request Response Time of test data or data volume (assumes data are being restored from copies of on- 100% Data 1 week old or less backups site backups) Restore Requests for recovery of data or data volume >1 week old Commence restore within 3 Business Days 100% backups Page 29 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Data Center Services Pricing The following table describes the Data Center Services and the pricing for customary and premium services. Pricing for premium services will be on a case-by-case basis, based on business unit needs. Table 7. Mainframe Customary Mainframe Service Pricing Service Description Monthly Price Comment Disaster Recovery Services Regaining access to data, hardware and Fixed Monthly Charge software necessary to resume, at a minimum, critical business operations Mainframe CPU – MVS (z/OS) Maintaining operations in accordance with Per installed MIP defined service level Mainframe CPU – TPF Maintaining operations in accordance with Per installed MIP defined service level SAN Storage Maintaining operations of remote storage Per allocated terabyte devices in accordance with defined service level Tape Backup Maintaining backup operations in Physical mounts accordance with defined service level Tape Backup Maintaining backup operations in Per tape accordance with defined service level Table 8. Midrange Customary Midrange Service Pricing Service Description Monthly Price Comment Disaster Recovery Services Regaining access to data, hardware and Fixed Monthly Charge software necessary to resume, at a minimum, critical business operations Solaris Servers Maintaining operations in accordance with Price per Server defined service level Page 30 of 33 6/2/2010
    • data-center-services-best-practicesdoc4120.doc Customary Midrange Service Pricing Service Description Monthly Price Comment AIX Servers Maintaining operations in accordance with Price per Server defined service level WINTEL Servers Maintaining operations in accordance with Price per Server defined service level VMWare Maintaining operations in accordance with Price per Virtual Host defined service level AS400 Maintaining operations in accordance with Price per Server defined service level SAN Storage Maintaining operations of remote storage Per Allocated Terabyte devices in accordance with defined service level Tape Backup Maintaining backup operations in Physical Mounts accordance with defined service level Tape Backup Maintaining backup operations in Per Tape accordance with defined service level Page 31 of 33 6/2/2010