Solved

System Administration Documentation for Company Management

Posted on 2007-03-25
3
289 Views
Last Modified: 2010-04-19
I'm the operations manager for a 40+ person marketing company, and I'm looking for a resource (book or website recommendations, or a document outline) to help me manage my company's IT department, the system administrator in particular.

The problem seems to be that I don't know what specific documentation I should be asking for. A few weeks ago I requested a document from our system administrator that would provide a detailed overview of the systems he manages, which includes about 24 Linux boxes for our website, intranet, client applications, and mail servers.

What he delivered was two skimpy pages that failed to document operating systems, system applications, details about unique scripts or configuration files.

My question is, what should go into a document of this nature, and where can I find a general outline that a system administrator could complete that will provide a solid overview of the systems he manages?

Thanks,
Bill
0
Comment
Question by:billauger
3 Comments
 
LVL 32

Expert Comment

by:Kamran Arshad
ID: 18792305
Hi,

You need to have these documentations:

1- Complete Inventory Document
2- Complete NOS and other applications Document.
3- Security Policy Document.
4- SOP (Standard Operation Manual)
5- Backup Plan.
6- DRP (Disaster Recovery Plan) and BCP (Business Continuity Plan)
0
 

Author Comment

by:billauger
ID: 18800737
I was asking for something a little more in-depth.
0
 
LVL 1

Accepted Solution

by:
AAckley earned 125 total points
ID: 18803479
Check out the SANS reading room for more info.

But I'd start here:

http://www.sans.org/resources/policies/#template

It lists a series of policy templates.  Before you can expect your Admin to submit documentation, you need a policy in place for him to know what he needs to know.  And by your question, you need to know the same thing.  :)

uetian1707 has the basics down quite nicely.  Your admin, should be able to provide the first 2 without a doubt.  The rest if not neccasarily in his domain.  

The security policy document is the first step for everything though.  It should outline what is expected of the admin, who is responsible for DRP and BCP, what is expected from the backup.

If that link doesn't give you enough info, just let me know and we can get more into the nuts and bolts but drafting a full security (and system) policy is a big time job.  You might want to think about getting an outside consultant to help with it.  Look for folks with GSEC or CISSP to help with that.  (I have both)  

0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Requirements: root access via SSH, telnet, or other.. Alternately, access from the server administrator to run a counter-strike server, and the proper access rights to do so. Enough free disk space (and allowed to use this much, eg disk quota): 6…
Usually shares are where we want them for our users and we tend to take them for granted. There are times, however, when those shares may disappear causing difficulty for your users. One of the first things to try is searching for files that shou…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question