Proper Documentation

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

26 hours 10 minutes
Video Transcription
All right. Welcome back to this lecture and this lecture we're gonna be talking about and this lecture we're gonna be talking about proper documentation procedures. Uh, this is gonna be a quick one, just basically talking about
and the importance of documentation and different types of documentation that you should get familiar with because you will be seeing it in the workplace.
documentation is important regardless of whatever you're doing. If you're in law, it's important for you to have a good chain of custody. If you are an i T. It's good to have good documentations that you can keep up with what users air doing what employees they're doing.
Maybe with in the i t team, make sure that you're not done it Lee performing any test that were already performed
and you're able to move more officially
operating procedures is a really good way. Thio just kind of overall is an organization. Make sure that the every employee, every department is functioning as it should according to the businesses Ultimate goals documentation is always to the key to success
because you want to make sure that you know what to do that all your employees know what to do.
And whenever you have new hires, you can point them and train them according to the best standards. When it comes to I t. You know whatever you're doing with software upgrades and stuff like that, you want to make sure that you have a operating procedure on change requests and testing before the deployments to make sure that you don't break
anything or you don't prevent the service's of workflow
into flow. Ah, streamline and not have any major issues. Ultimately, the goal here is to meet the business objectives, and that's more than likely gonna be to be more profitable or being more efficient or to stay available to their clients. And so
if you don't have the appropriate change requests, you don't follow them or you're not testing deployment of new software things like that into an organization you could break or, you know, delay the business objectives, which would not be good for you or for your team. In the long run
Knowledge base is another method of documentation. Knowledge base is essentially especially within the I T department, essentially a place where all information is shared across team members.
For my experience. Sometimes I T team members can be a horde of knowledge. This is frowned upon in the organization. It's best to share that information with other users. That way, other users can be more experience. They can learn everybody can learn from each other's experiences in their knowledge
and stay more efficient and just overall, have a better
experienced all arounds. I've worked in both environments where people are a little bit more hostile and a little bit more selfish with the information that they know. And then you have the other users who like to share,
and they're more productive and personally speaking. Those, uh, those knowledge bases that were more full with people who were happy to share the information and teach they were more happy. All arounds. We had a lot more free time because the, you know,
ah, a lot of the problems that we're trying to solve. The tickets that were returning clothes were easier to close because we had all the information there as opposed to, and the other environments where people are more concerned about their job making sure that they were valuable in themselves.
It just didn't play well. They didn't play well with other users and and the team and other team members in the I T department,
and that was not efficient. It caused a lot of issues. There was a lot of butting of heads and things like that. Also regarding train New hires is easier to on board members onto a team that they have access to a knowledge base because they can just follow the documentation and ask questions as needed. If there's anything that they don't understand,
networked apology diagrams are another form of documentation that are going to be something you probably will come across when you're in the I T department. Basically, it's apology is basically a map or an overview of the different components within your network usually involves I P addresses, Mac addresses, port numbers, security controls, things like that.
And it's a go to for any engineer that's dealing with any network issues. If you're out on the field
or your network engineer, chances are you're gonna have. This is kind of your roadmap to troubleshooting issues out there on the field
and details and the network components are also involves which this will help with any, you know, break points and help speed the time of recovery, which ultimately goes back to the business objectives. You want to make sure that you're meeting this big business objectives in the long run.
Regulatory compliance is another form of documentation that should be mentioned is not really within the scope of the exam as faras, what type of regulatory information you need to know about the types of rules that are out there, laws and stuff that apply to your organization or two projects. But just keep in mind that having that documentation at hands
would be valuable,
at least for any technician or any I t. Guy who is trying to get acclimated to a project. Usually these wills layouts, the security, the data management storage, things like that that are going to be handled within the prod within the project or within the company.
And you want to make sure that you have a good overall rule
of what's going on and or what you need to go on in order for that project or for that company to stay successful, noncompliance with regulatory or laws or things like that can result in some pretty severe fines, so this is a, uh, pretty important document to keep
in and the flow of documentation if it does apply.
So just keep that in mind some of the regulatory compliance examples that I was talking about or like saw Sarbanes Oxley Act, which is socks that deals with public companies, publicly traded companies. They are required to follow the standard HIPPA, which is, you know, the Health Insurance Portability and Accountability Act.
Obviously, that's for
health organizations like hospitals and doctors and clinics. The Gramm Leach Bliley Act, which deals with the disclosure of private information from financial institutions. There are others out there. These air, the regulatory once that you could consider GDP ours, another one that deals with the
privacy of citizens and from the U
just a whole gamut of them out there. Like I said, probably not gonna be on this exam.
But it's worth noting that regulatory compliance documentation is a form of documentation with an I t. And it's something Thio still be knowledgeable about on the field. All right, that about wraps up this lecture. I'll see you guys in the next one
Up Next