《IHG酒店管理集团IT标准.doc》由会员分享,可在线阅读,更多相关《IHG酒店管理集团IT标准.doc(130页珍藏版)》请在三一办公上搜索。
1、IHG Greater China HOTEL IT STANDARD, STANDARD OPERATING PROCEDURE AND BEST PRACTICES1. IHG Greater China Hotel IT SOPs Summary31.1 - How to use this Document 如何使用本文档41.2 - Introduction介绍52. IT Operations62.1 - Computer Room Access62.2 - IT Routines Lists82.3 - Change Management142.4 - Data and Syste
2、ms Backup strategy172.5 - IT Helpdesk Fault Logging212.6 - IT Logbooks222.7 - User Files Backup242.8 - IT After Office Hours On-Calls263. IT Maintenance283.1 - IT Asset Inventory Management283.2 - IT Hardware and Software Maintenance Contracts333.3 - User Hardware Maintenance353.4 - Hotel IT Server
3、Room Environmental Monitoring System374. IT Security & Audit404.1 - Updated user lists / permissions404.2 - IT Screensavers / Idle Passwords424.3 - Internet Usage454.4 - IT USB/CD/DVD Lockout474.5 -Server Room Fire Protection/Alarms/Sensors/Temperature/Humidity/EMS494.6 - Server Room Fire Hazards /
4、Combustible Materials534.7 - Server Room Fire Extinguishers554.8- IT Fire and Evacuation Sample574.9 - IT Emergency Service Recovery594.10 - Software License Compliance784.11 - IT Devices not Being Used / Confidential Documents to Be Destroyed824.12 - Protecting Files from Virus844.13 - New User (us
5、ername and password)864.14 - Resignation of Employee884.15 - IT Air-Conditioning & UPS Sample904.16 - Business Continuity Plan for PMS System934.17 - Business Continuity Plan for POS System1045. IT Standards1095.1 - Hotel IT Standard Network Setup1095.2- Hotel Firewall / Public IP Addresses1185.3 -
6、Anti-virus Standards1205.4 - IT Computer Hardware Specifications1235.5 Email Address Requests1275.6 - Point of Sales Item1291. IHG Greater China Hotel IT SOPs SummaryDocument InformationDocument Name:IHG Greater China Hotel IT Standard Operating ProcedureDocument Version No:V 1.0Prepared By:Jerry WA
7、NGDate: Feb. 1th, 2010Review By:WONG Kar HongDistribution ListFromDatePhone/Fax/EmailJojo CoronelDec. 8th, 2008Jojo.CoronelJojo CoronelJan. 5th, 2009Jojo.Coronel ToActionDue DatePhone/Fax/Email*AP Greater China Hotels InformationTechnology ManagerDistributeAction Types: Approve, Review, Inform, File
8、, Action Required, Attend Meeting, Distribute, Other(Please specify)Version HistoryVer. No.Ver. DateRevised ByDescriptionFilename0.1Jan. 19th, 2009Jerry Wang1st Chinese Edition Release0.2Mar. 12th, 2009Jerry Wang2nd Chinese Edition Release0.3Jun. 23rd, 2009Jerry Wang3rd Chinese Edition Release0.4Sep
9、. 2nd, 2009Jerry Wang4th Chinese Edition Release0.5Oct. 12th, 2009Jerry Wang5th Chinese Edition Release1.1 - How to use this Document 如何使用本文档This document can be viewed with Adobe Acrobat reader. There are 4 main menus categorized.本文档可以用Adobe Acrobat reader软件阅读。分成四类。IHG Hotel IT Best Practices & SOP
10、s - this document contains本文包括: IHG IT Best Practices and SOPs Summary - in this volume you can see the summary. 本章为摘要。 IT Operations - - the documents indicates the IHG Standard Operating procedures and Best practices in IT Operations. This document is focused on how the IT Department will manage t
11、he IT environment in an Operations point of view.本章指出IT运作方面的洲际集团标准操作程序和最佳实践。重点在于IT部门如何从运作的角度来管理IT环境。 IT Maintenance - this document is focused on how IT Department will manage and maintain the IT Department office, IT Server Room and how to operate and record essential IT things.本章重点在于IT部门如何管理和维护IT办
12、公室、服务器机房和如何操作和纪录必要的IT工作。 IT Security & Audit - the documents indicates the IHG Standard Operating procedures and Best practices in IT Security and Audit. This document is focused on how the IT Department will manage the IT environment in a Security and Audit point of view. 本章指出IT安全与审计方面的洲际集团标准操作程序和最
13、佳实践。重点在于IT部门如何从安全于审计的角度来管理IT环境。 IT Standards - you will see standards currently being used in hotel. 本章指出酒店使用的IT标准。When to use this document? 何时使用本文档?This document must be used as reference and guideline when complying to the IHG Hotel IT Best Practices and Standard Operating Procedures. This docume
14、ntation complies with the Chapter 15 of the IHG Financial IT Audit Standards.本文档必须做为IHG酒店标准操作程序和最佳练习的参考和指导。本文档符合洲际集团酒店财务项目第15章IT审计标准。1.2 - Introduction介绍1 POLICYTo serve as guidelines in order to improve the day to day operations in the Hotel IT Department.为提高酒店IT部门的日常操作而提供指导。2 PURPOSESTo maintain a
15、 healthy system environment and to ensure the hotel IT Department conforms to the IHG IT Audit Standards.维护一个健康的系统环境并且保证酒店IT部门符合洲际酒店集团IT审计标准。3 SCOPEThis applies to all Greater China hotels.所有大中华区酒店4 RESPONSIBILITIESThe hotel IT Manager has the full responsibilities in ensuring the hotel IT Departmen
16、t Best Practices and is being documented, implemented and exercised.酒店IT经理必须对IT部门的最佳实践的纪录、实施和联系负责。The hotels IT Department is responsible for complying with the hotel IT Department Best Practices.酒店IT部门负责遵从IT部门的最佳实践。The hotel IT Manager has the full responsibilities in following and tailor fitting t
17、he Hotel IT Policies and Procedures based on the hotel operations. It is his own responsibility in enforcing the P&Ps to the departments concerned.酒店IT经理必须负责遵从和适合建立在酒店运作基础上的IT政策和程序。将IT政策和程序执行到相关部门是IT经理的责任。2. IT Operations2.1 - Computer Room AccessSTANDARD OPERATING PROCEDUREDepartment:Information Te
18、chnologyP&P#:Subject:Computer Room AccessDate:Prepared by:_IT ManagerApproved by:_ _ General Manager Dir of Finance & Business SupportDistribution List:2.1.1 ObjectiveTo establish policies to limit access to the computer room and adjacent areas in order to maintain the best possible physical protect
19、ion for the area and equipment.制定政策限制对电脑机房以及相关区域的进入是为了对该区域和电脑设备进行最佳的保护。2.1.2 ScopeThis applies to all Greater China Hotels Information Technology Department.适用于所有大中华区酒店IT部。2.1.3 Definitions“Employee” refers to full-time or part-time employees, temporary employees/personnel, or consultants who are “r
20、esident” on the entitys site. A “visitor” is defined as a vendor, guest of an employee, service personnel, or anyone who needs to enter the facility for a short duration, usually not more than one day.“雇员”是指全职或兼职的雇员、临时雇员人员和顾问等“常驻”在实际场所内的人员。“访客”被界定为供应商、某个雇员的客人、服务人员,或者其它任何需要短期进入设施的人员,通常不超过一天。2.1.4 Pol
21、icy1) The computer room must be kept locked at all times with access controlled through individually assigned tokens or swipe cards.所有电脑机房区域的门都应始终保持锁闭状态,通过单独分配的密码或者刷卡控制访问。2) Access to the computer room shall be restricted to those that have a business need.只有业务需要时,才允许使用电脑机房。3) Access to the computer
22、 room will be granted to an employee only after the proper authorization has been gained.只有获得适当的授权后,雇员才被准许使用电脑机房。4) Access to the computer room will be removed from an employee once the business need has expired.当业务需求终止时,对雇员使用电脑机房的授权将会被取消。5) This policy is implemented to prevent the unauthorized use
23、, misuse, modification or denial of use of company Information assets. Any user found to be breaking this policy will be subject to disciplinary procedures.实施本政策的目的是为了防止盗用、滥用、修改或拒绝使用公司信息资产。任何被发现违反本政策的用户将接受相关处分2.1.5 Related Procedure1) Access to the computer room is limited to hotel personnel respons
24、ible for maintaining or operating the equipment or other business needs只有酒店内负责对设备进行维护和操作或者有其他业务需要的人员才能使用电脑机房。2) Visitors requiring access to the computer room will be escorted into the restricted area by a suitably authorized employee and required to sign the visitor book.访客对电脑机房受限区域的使用必须由一个合适的授权雇员陪
25、同,并且必须签署访客薄。3) The entrance should be recorded in Computer Room Access Log Book. All access to the computer room will be logged. The logs will be reviewed by IT manager on a regular basis with unauthorized access attempts being investigated. Logs should be kept for a minimum of three months unless o
26、therwise restricted by law.任何人进入电脑机房都必须在“电脑机房进出人员登记表”上签字。所有对电脑机房的使用都将被记录。记录将会被IT经理定期检查是否有未授权的使用企图。记录必须至少保持三个月或者遵从相关的法律规定。4) All doors to the areas are to be kept locked at all times even during normal office hours.所有电脑机房区域的门都应始终保持锁闭状态,即使是在上班时间也一样。5) Keys to the computer room areas will only be issue
27、d to personnel responsible. 电脑机房的钥匙只能发放给相关的责任人员。6) The Information System area must be regularly patrolled by hotel security staff.酒店保安部员工应对技术信息部区域进行周期性的巡逻。2.2 - IT Routines ListsBEST PRACTICESDepartment:Information TechnologyP&P#:Subject:IT Routines ListsDate:Prepared by:_IT ManagerApproved by:_ _
28、General Manager Dir of Finance & Business SupportDistribution List:2.2.1Daily Check List 每日检查清单IT Department must have a DAILY TASK LIST of what is needed to be checked and monitored. The checklist consists of what are needed to be done upon reaching office and before you leave office. The check lis
29、t should include of all servers, systems, interfaces and network equipments to ensure all IT Systems are in good-working condition.IT部门必须使用每日任务列表来记录日常的检查和监测。该清单由到达IT办公室和离开之前需要完成的检查和检测,包括服务器、系统、接口和网络设备,以确保所有的IT系统处于良好工作状态。2.2.1.1 IT Office and Server room checks IT办公室和服务器机房检查: a. Make sure the IT Serv
30、er Room Air-Conditioning System is running and maintain temperature at a range of 20 degrees Celsius to 22 degrees Celsius, humidity at a range of 50RH to 60RH. If temperature or humidity is out of this range, go to the Power Control Unit (PCU) and perform diagnostics and check ALARM History and do
31、a RESET. If found malfunctioning, call the Engineering for further assistance.确保机房空调工作正常,机房温度应维持在在20-22摄氏度之间,湿度在50-60RH之间。如果发现温度或湿度不在标准范围,请检测电力控制装置和警示灯,并且重新启动。如果发现故障,通知工程部做进一步检查。b. Make sure the IT Server Room main UPS is up and running on normal. Check that the charging level is 100%.确保服务器机房主UPS 启动
32、和运行正常,并且电池电量为100%。c. Make sure the LOCKS of IT office and server room work properly.确保IT办公室和服务器机房的门锁工作正常。d. Remove any obstructions, unnecessary or faulty devices on the floor of the IT Office at all times.IT办公室不能在地板上放置任何障碍物和不需要或者失效的设备。2.2.1.2 IT SERVERS Checks 服务器检查:a. Check all the SERVERS and sys
33、tem logs, make sure all servers are up and running.检查所有服务器和系统日志,确保所有服务器启动和工作正常。b. Check ALL INTERFACE PCs, make sure all the interfaces are up and running.检查所有的接口电脑,确保所有的接口都启动和工作正常。c. Check the internet is working and e-mail server is sending and receiving mails and there are no messages on long que
34、ue to be delivered.检查互联网访问正常;电子邮件服务器发送和接收电子邮件正常,并没有长时间不能发出的邮件。d. Check the PRINTSERVER for any problem on the printer queuing of all Departments.检查所有部门的打印服务器工作正常。e. Check the Anti-Virus Server and make sure it updates itself to the latest VIRUS DEFINITIONS and SCAN ENGINE. Run the Anti-virus report
35、to list down all the potential users with viruses and Trojans.检查防病毒服务器有最新的病毒定义库和病毒扫描引擎。检查防病毒报告中用户潜在的病毒和木马程序。f. Check the FAX Server and the modems if are active and ready.检查传真服务器和调制解调器工作正常。g. Check the FILE Servers for HARDDISK Space. If found running out of space, do an investigation on user folder
36、s.检查文件服务器磁盘空间。如果发现空间不足,对用户空间进行分析处理。h. Check all other servers, to record available diskspace.检查所有服务器,记录硬盘空间。i. Check two workstations at random to ensure that they are getting the latest updated virus definition from internal server or internet (Please Check the definition updated date)随机抽测两台工作站,确保可
37、以从互联网或者内部网络获得最新的病毒定义(请检查病毒定义库更新时间)。2.2.1.3Check Backup Status 备份检查:a. Check the BACKUP Server for the COMPLETION of all JOB Orders and to check any FAILED JOBS. Replace BACKUP TAPE or other BACKUP MEDIA.检查备份服务器确保所有的备份完成。检查的备份任务。更换备份磁带或备份介质。2.2.1.4IT NETWORKS Checks 网络检查:a. Check Holidex router is up
38、 and running and IHG network is accessible. By accessing the Holidex system at and checking OXI processor in PMS.通过访问Holidex系统 并检查PMS系统中的OXI进程来确认Holidex路由器是否启动和工作正常,IHG网络可以正常访问。b. Analyze unknown devices connected to the local network.分析连接在内部网络上的未知设备。c. Check the local ISP Router Traffic Grapher or
39、HSIA system to see the bandwidth utilization of the internet in the guest rooms and the admin office internet.通过本地ISP的路由流量记录器或者HSIA系统检查办公网络和客房网络的带宽使用率。d. Check Firewall logs for any attempts to break into the network.检查防火墙日志是否有网络安全攻击。e. Check the pattern of network switch lights to ensure no switch
40、hangs or looping detected.检查网络交换机指示灯确保没有交换机故障。2.2.1.5USER AND GUEST SERVICE Checks 用户和客人服务检查:a. Check both guest and hotel user call log registers.检查所有用户和客人要求记录。b. Communicate and share problems among hotel IT team.与整个酒店IT团队沟通并且分享问题。c. Escalate the calls to PMS, POS, other support vendors and region
41、al IT team if it could not resolve internally as soon as necessary.将不能内部解决的问题立刻反馈至PMS, POS等供应商和集团IT团队。d. Keep in touch with regional IT team if you are in doubt or undecided and ask for help and assistance.如有任何疑问,请与集团IT团队联系。2.2.2 Weekly Task 每周任务2.2.2.1Offsite Backup Tape 外部保存备份磁带Send one backup tap
42、e set outside the hotel. Before sending out, do a restore test (Restore data to a spare hard disk to ensure it can be restored successfully).每周将一份备份磁带送至酒店外部保存。在送出前,做一个简单恢复测试(即将磁带内容恢复到某个服务器的空余硬盘上保证磁带数据可以被成功读出)。2.2.3Monthly Task 每月任务2.2.3.1Backup before Month-end Process 月结前备份Backup Accounting, Check
43、EAM and other Month-End process system before the process in every month end.每月底对需要月结的系统,如财务、CheckEAM等系统进行月结前的备份。2.2.3.2Archive Interface Log Files 存档接口日志文件Interface log files are saved in D:microsifc*.log. Please zip and store these files monthly and remove from original folder.接口文件保存在接口电脑的D:micros
44、ifc*.log 中。每月将其压缩存档,并且在原始目录中删除。2.2.3.3Review Staff Entry & Departure List from HR 检查入职/离职员工帐号To check codes of new-entry staff whether it had been generated correctly. And codes of departure staff had been disabled/deleted.根据人事部的每月入职员工和离职员工清单,检查入职员工帐号是否被正确创建。并且确保离职员工帐号已经被禁用或删除。2.2.3.4Monthly Server
45、Maintenance 每月服务器维护a. Check Disk Capability 检查磁盘的容量b. Install Operating System (OS) and Software Patches 安装操作系统及其他软件补丁/升级包。c. Restart if necessary如有需要,重新启动服务器d. Archive Events Log存档服务器系统日志2.2.3.5IT Inventory Update 更新IT 清单Merlin-Applications-Hotel IT Systems Inventory (APAC)2.2.3.6Review & Renew MA (Maintenance Agreement) Contracts 检查和更新维护合同To review all contracts this will expire in 3 months. To renew or change contracts based on your needs.检查所有三个月内将过期的维护合同。并且根据需要延长或者修改维护合同。2.2.3.7Review System Cases and Last IT Monthly Report系统及上月IT管理报表回顾To
