System Administration Documentation for Company Management

I'm the operations manager for a 40+ person marketing company, and I'm looking for a resource (book or website recommendations, or a document outline) to help me manage my company's IT department, the system administrator in particular.

The problem seems to be that I don't know what specific documentation I should be asking for. A few weeks ago I requested a document from our system administrator that would provide a detailed overview of the systems he manages, which includes about 24 Linux boxes for our website, intranet, client applications, and mail servers.

What he delivered was two skimpy pages that failed to document operating systems, system applications, details about unique scripts or configuration files.

My question is, what should go into a document of this nature, and where can I find a general outline that a system administrator could complete that will provide a solid overview of the systems he manages?

Thanks,
Bill
billaugerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Kamran ArshadIT AssociateCommented:
Hi,

You need to have these documentations:

1- Complete Inventory Document
2- Complete NOS and other applications Document.
3- Security Policy Document.
4- SOP (Standard Operation Manual)
5- Backup Plan.
6- DRP (Disaster Recovery Plan) and BCP (Business Continuity Plan)
0
billaugerAuthor Commented:
I was asking for something a little more in-depth.
0
AAckleyCommented:
Check out the SANS reading room for more info.

But I'd start here:

http://www.sans.org/resources/policies/#template

It lists a series of policy templates.  Before you can expect your Admin to submit documentation, you need a policy in place for him to know what he needs to know.  And by your question, you need to know the same thing.  :)

uetian1707 has the basics down quite nicely.  Your admin, should be able to provide the first 2 without a doubt.  The rest if not neccasarily in his domain.  

The security policy document is the first step for everything though.  It should outline what is expected of the admin, who is responsible for DRP and BCP, what is expected from the backup.

If that link doesn't give you enough info, just let me know and we can get more into the nuts and bolts but drafting a full security (and system) policy is a big time job.  You might want to think about getting an outside consultant to help with it.  Look for folks with GSEC or CISSP to help with that.  (I have both)  

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Server Hardware

From novice to tech pro — start learning today.