Version: 2.0 Date: 12/09/2014

Executive Summary

There are many forms of security for the Secure Data Network and one of the most important is the response around incidents that will arise in the course of its use. The SDN network is a segmented network that is designed to continue functioning if various part of the network fails. However, when such a failure occurs this document describes the roles, processes and responsibilities that should be followed.

Appendix A contains the processes that have been clearly defined that would be involved in correcting any disruption of service.

This document is to be used in conjunction with other SDN documents and in particular, the Secure Data Network Policy should be referred to for roles and responsibilities.

Ownership of Event and Incident Reporting

NetComms will be handling monitoring differently to the other groups. NetComms, will generally be concerned with switch performance and infrastructure capacity, they may decide to inform the IT service desk and the Estates maintenance service desk. They may also invoke change or problem management if they deem necessary.

The other groups will inform the Estates Help Desk and if out of hours, the shift team.

The Estates Help Desk will then own the incident and contact relevant personnel to determine the nature of the incident.

It is recommended that where possible the Building Management Systems (BMS) Manager is always contacted and that affected parties are notified. Security must be informed if the incident involves critical alarms.The BMS Manager is the overall person who decides when an incident is closed and the appropriate response to that incident. It is their guidance that the service desk should follow.

Should the incident been deemed within the realm of IT Services the Estates Help Desk shall contact the IT Service Desk and liaise to ensure the incident is resolved. The Estates Help Desk still however has ownership of the overall incident.

Responsibilities for Equipment

Regardless of incident type the owner of the incident is the Estates Help Desk and the following areas are responsible to the Help Desk for resolving incidents and problems.

  • Any BMS device – Estates Operations, their agents and contractors
  • Any critical alarm – The assigned owner of the alarm, their agents and contractors
  • Any network Beckoff Units – Cougar Automation Any Network Guardall Units – OCS
  • Any network cabling – Estates Operations, although advice should be sought fromrelevant parties
  • Any active networking equipment not mentioned above – IT services,NetcommsTeam
  • Any software problem or software configuration item, be it Iconics server side orOPC client side – Cougar Automation
  • Core server hardware – IT Services, Systems and Operations Team
  • Core firewall equipment – IT Services, NetComms
  • Edge server hardware - IT Services Systems and Operations Team
  • SDN connected PC`s – IT Services zonal teams

The Cougar Automation Maintenance Agreement and Service Level Agreements are located with the Senior Engineer, Estates Office.

The OCS Maintenance Agreement and Service Level Agreements are located with the Security Systems Administrator, Security Services.

All Third Party critical alarm maintenance agreements together with their Service Level Agreements should be located with the assigned owner of the Third Party equipment.

The IT Services Operation Level Agreements together with their under pinning contracts are located with Information Technology Services.

The Estates Office Operation Level Agreements together with their under pinning contracts are located with the Director of Estates.

Appendix A

A1 – Estates Help Desk Call Logging

A2 – Incident Management Flow chart for IT Services

A3 –Problem Management for IT Services

A4 – Change Management for IT Services

A5 – SDN Incident Event Workflow