2 hours 3 minutes

Video Description

This lesson covers operations management. Operations management is about making the every running of an organization as efficient as possible. To make an organization run as well as possible, the following are needed: - Effective leadership - Adequate staffing - Written procedures - Constant monitoring - Level of staff integration [toggle_content title="Transcript"] Alright, so let's talk about operations management. What does this really mean? It means that we're trying to find ways to think about how day-to-day, moment-to-moment operations of the organization is most optimized, is most efficient so that we can respond to the needs of the organization as quickly as possible, or to the needs of our users. So we want to think about those things that sustain our operations. We've got five main areas here to think about. Of course, at the top, is effective leadership. If that's missing, then some of the other components that provide an efficient, mature organization will start to fall apart. We also need to have adequate staff. That's a bigger challenge in recent years than it used to be. Everyone's trying to do more with less, which means that many people are wearing more than one hat. That can be an exciting position to be in, where you're doing multiple job roles, but it can be also very tiring and draining. So there's flipsides to that. And, of course, if your people are stretched too thin, then you're more likely to have mistakes and staff turnover because people are going to go find a job where they're treated better. Having written procedures. This can't be overlooked either. I know I've already mentioned an emphasis on documentation, but it really does matter when you can have your procedures written down, whether they're online or in paper format, or both, so that people can have them at a moment's notice when they need to do something. They can say, 'Ah, I remember there's a procedure for that. I'll flip through my book and I'll find it.' Or they know that they can go to the internal file server and go find some document that describes what they need to do. One of the worst things about written procedures, though, is that they're only accurate up until the day they were produced. After that, things might change and they might not be correct any longer. So there is a maintenance aspect that we can't overlook. Then we also have to think about constant monitoring, or continuous monitoring. So that we can keep an eye on what the processes are doing and be able to understand how the organization looks when it's healthy and when it's degrading. Then, last, is the level of staff integration. This means that we've got staff that can perhaps perform more than one job function. They have the ability to wear multiple hats and are well-versed in the requirements of their job and possibly some of their colleagues' jobs. Then we have to think about change control. I mentioned change control a couple of times earlier. This is a vital part of any organization that wants to become more mature and efficient and more resilient over time. The change control process, usually in my experience, that's a weekly meeting, a change control board, or CCB, or change acceptance board, CAB. It just depends on what acronym you like to use. This is where we get people, representatives from different parts of the organization to come together. Someone from the networking team, someone from the security team, someone from the firewall team, someone from the desktop support and they all come together, they discuss the change and decide whether the change is accepted or not. If it's not accepted, then they have to explain why. The process of reviewing the change control means that you've got a better chance of discovering problems before they occur. So if someone wants to do this, they want to upgrade that. 'Wait a minute, if we do this that's going to break this thing.' or it's going to break something else. So that's the whole idea of a proper early-managed change control process. All of your processes and procedures should also support that. [/toggle_content]

Up Next

IT Governance and Management

What does CISA Domain 2 cover? Domain 2 of the CISA surrounds the governance and management of IT, with included topics ranging from IT monitoring and assurance practices

Instructed By

Instructor Profile Image
Dean Pompilio
CEO of SteppingStone Solutions