I had produced at brief set of questions that I would take with me for my first visit to my organisation. These questions involved a description of the ICT systems, their software and hardware used and the approximate amount of staff and computers linked to their network.
Sources of Information
In order for me to complete this assignment I will need to visit my chosen organisation two times. I intend to gather information by means of an interview. I will be using this method and expect to receive all of the primary information I require. Prier to these interviews I will prepare my questions before hand, to assure that I am thoroughly prepared for the interview. As well as taking along a note pad to obtain the details, I will also purchase a tape recorder and if aloud I will record the interview. The tape recorder will allow the interview to run smoothly and capture the full details of the answers.
The following is a list of people, places and documents that I will be talking to, visiting and reading in order to accumulate the necessary information.
- The New Eltham Manager; I had telephoned the manager here at the beginning of the assignment in order to allocate the main office of the systems administrator. Here I established the systems administrators contact number and an appropriate time that I should phone.
- The Systems Administrator at Plumstead Library: Speaking to the systems administrator (John Morgan) I retrieved primary information in the form of answers to my questionnaires. The information I was looking for was, background knowledge on organisation and staff plus information on the network, operating systems, software, hardware, security, upgrading procedures and administrational procedures.
- End Users, Such as employees and staff at Plumstead library; Here I intended to gather primary information, around the suitability of the network, security and operating systems. Also using this opportunity to ask a few of the staff about the kind of jobs they perform and how the ICT systems benefit them.
- The Internet; I will use this facility in order to purchase secondary information on the organisation its self and on the current network and operating systems in place. This will help me understand the usefulness of the systems at place and in turn will provide me with more facts to add to my final report and conclusion.
- Books from my local library; These will be used along with the research off of the internet to gather secondary information on the systems at hand and the administrational procedures.
List of Intended Investigations
I have chosen to base my investigation on the following topics:
How security has been established.
- How security has been maintained.
- Discuss both physical and software security measures.
How security has been maintained.
- How has virus software been checked to assure it has the latest virus definitions?
- What is the procedure involved in checking the, physical protection of individual computers?
- What security procedures are in place to protect the organisation from a break in?
- Because of the information held on the computers about your customers, what security procedures are in place to protect the system?
How security has been established.
- What different levels of security are there?
- Is there another server located in another place that keeps a backup of the entire network?
- What are the security requirements relating to server backup?
- What is the frequency of backing up data that is considered valuable to the company?
- What threats are there to the system as a hole?
- How are these threats minimised or eliminated?
- Have the staff here been allocated a personal username and password for when they log in to the network.
- Are there different levels of access on the system, where different users have limited access to specific data?
Discuss both physical and software security.
- What physical forms of security are there for the IT systems?
- What software security is there in place to protect the system?
- Are there any extra security measures such as cameras (cctv) that restrict any unauthorized personal entering?
Propose Report Headings
This is an ordered list of headings that I will be using to organize and plan my report.
History of Information Gathering
07th OCT 02
Task 1 introduction. I have been introduced to my assignment and fully understand the requirements. Having being briefed of the deadlines I was able to begin preparations.
10th OCT 02
Taking a bit of time to think over the possible organisations I could chose from, I had chosen to do a library.
12th OCT 02
I have looked carefully at the advantages of choosing to use a library had felt sure that this decision would benefit my assignment. Proceeding with this decision I felt it was best to contact my local library and find out how to contact the systems administrator. Speaking to the manager there, I was told that he was situated at the Plumstead branch. Taking note of his contact number and the best possible time to contact him I was ready to arrange my 1st interview.
17th OCT 02
Having rang the Plumstead branch, in order to speak to the systems administrator I was notified that he was not available because of his tight schedule and would be able to contact him the following day.
18th OCT 02
Pursuing my previous phone call, I telephoned the systems administrator at around 1pm and spoke to a Mr. John Morgan. I explained my situation and notified him of the coursework objectives. He was very helpful and agreed to let me interview him. We came to a relevant time suitable for him and he gave me the address and a brief description of the libraries where abouts.
20th OCT 02
Having slight second thoughts about the adequacy of the systems administrator at the Plumstead library, I began to think of a few other organizations. On my list were post offices, banks, and possibly schools.
I felt that finding a back up company was appropriate.
21st OCT 02
I traveled down to the Eltham high street and spoke to a till worker in the post office. I asked if they had a systems administrator on sight that I could speak to and I was told that he would mot be available. Feeling this was not appropriate I left the post office and began finding the phone numbers of the other organizations on my list.
22nd OCT 02
I was not able to locate any of the other system administrators so I set about producing a questionnaire for my first interview. During my lesson at school I was told that a post office and a bank would mot be suitable anyway due to the fact security systems will not be spoken about.
30th OCT 02
I turned up at the Plumstead library for my interview and found out that the systems administrator was absent. I was still able to proceed due to another member of staff that had been recommended to me by John. I retrieved all of the necessary information I needed and was able to begin my plan.
01st Nov 02
Thinking thoroughly about the types of questions I was going to ask in my second interview I started to write up my questionnaire. After producing my questionnaire I handed it in to my teacher to assure that I have covered all the appropriate topics.
02nd Nov 02
As I was awaiting the approval of my questionnaire I set about arranging I date and time for my second interview.
Questions for Second visit
How security has been maintained.
- How has virus software been checked to assure it has the latest virus definitions?
- What is the procedure involved in checking the, physical protection of individual computers?
- What security procedures are in place to protect the organisation from a break in?
- Because of the information held on the computers about your customers, what security procedures are in place to protect the system?
How security has been established.
- What different levels of security are there?
- Is there another server located in another place that keeps a backup of the entire network?
- What are the security requirements relating to server backup?
- What is the frequency of backing up data that is considered valuable to the company?
- What threats are there to the system as a hole?
- How are these threats minimised or eliminated?
- Have the staff here been allocated a personal username and password for when they log in to the network.
- Are there different levels of access on the system, where different users have limited access to specific data?
Discuss both physical and software security.
- What physical forms of security are there for the IT systems?
- What software security is there in place to protect the system?
- Are there any extra security measures such as cameras (cctv) that restrict any unauthorized personal entering?