This lessons discusses IT services and what's involved in their daily operations. Participants learn about IT Operations problems and ways organizations try to solve them. This lesson also discusses IT Leadership Objectives. [toggle_content title="Transcript"] Alright, so let's talk about our IT services and what's involved with understanding how this all fits together. One common approach that organizations use is buying more stuff. It's the concept of just continuing to throw money at the problem. Sometimes this works. Sometimes you can just buy new hardware or software and licenses and so on to fix a problem, but ultimately it's a poor strategy in the long-term. It might be a short-term fix, but what we really need to think about is examining the priorities of the organization so that we can understand the root cause of the various problems and challenges that the organization is facing. If we don't fix the root cause, then the problems are going to repeat. That's just the way it works out. So we don't want to take a Band-Aid approach where we just slap a Band-Aid on a problem and hope that it goes away. If we analyze the root cause carefully, then we should be able to adapt our policies and procedures and possibly even modify our standards so that we can raise the bar as far as what's expected by the IT department in its management of the information systems. We also need to think about how we deal with change control. Some organizations do an excellent job of change control, some do an average job. It should be our goal to always strive to have a good change control process that's effective and produces the desired results with very little to no surprises. So our IT leadership; they have some objectives that they need to think about. One of the first things to think about is defining the mission or defining the goals of the organization using simple language. This makes it easier for everybody to get on the same page and to understand what the organization's trying to do in a way that's approachable. If we get too bogged down in lengthy language or using a lot of esoteric words, then that can become a barrier for adoption of this clear vision that we're trying to project. We also need to have detailed directions for those people that are supporting the operation. We can't just tell people, 'You know what to do, go ahead and do it.' There needs to be some direction and ideally policies and procedures that are detailed enough so that even someone who's new to the position should be able to pick up the documentation and refer to that to do some tasks that are part of their job. [/toggle_content]
Certified Information System Auditor (CISA)
In order to face the dynamic requirements of meeting enterprise vulnerability management challenges, CISA course covers the auditing process to ensure that you have the ability to analyze the state of your organization and make changes where needed.