AUDIT OF IT-INFRUSTRUCTURE AT THE ENTERPRISE

IT-infrastructure of the enterprise is a complex set of varied and promiscuous subsystems, interacting with each other. Each separate subsystem, in its turn, also consists of many interconnected components. Each component of the IT-subsystem is often a hardware-software complex, which performs several functions. In the process of IT-infrastructure development, even originally created and documented, as a single monolithic complex, can mutate and to become much more complicated. If after commissioning of such complex the mechanisms for monitoring and documenting of the changes were not implemented, further management or planning its modernization becomes an extremely difficult task. Furthermore, some subsystems of IT-infrastructure can use available resources inefficiently which may lead to undue financial losses.

For assessment of IT-infrastructure condition at the enterprise, engineers from NETWAVE company perform its audit. Audit process always consists of active collecting input information about the subject of the audit, followed by a detailed analysis and preparation of reporting documents.

During the first phase, we receive from the customer all the existing documentation (diagrams, journals, explanatory notes, etc.), prepare specific questionnaires and conduct interviews with technical experts. Together with the customer, we define the structure of the object, and then independently collect information about the status and settings of its individual units (journals of system messages, configuration files, screen shots, and so on.). If necessary, we perform automatic measurements of characteristics of audit object using specialized tools (for example via specialized software, various hardware sensors, cable analyzers etc.). Also at the first phase of the audit, our engineers certainly find out from the end-users about all detected problems or expectations of the subsystems.

DEPENDING ON THE SCALE OF THE RESEARCHED SYSTEM AND, CONSEQUENTLY, FROM THE NUMBER OF INPUT INFORMATION, WE DISTINGUISH SUCH TYPES OF WORK:
  • Full audit of the entire IT-infrastructure. In the process of such audit examines the entire IT-infrastructure of the enterprise or its several subsystems (for example computing subsystem with virtualization subsystem).
  • Partial audit of separate subsystem. In this case the object of research is one separate subsystem (for example, local wired network) or a single business service (for example, IP-telephony service).
  • Local audit of a single node. In this case, we analyze the work of one component of the infrastructure (for example, a cluster of firewalls and wireless access controllers).
THE PROCESS OF ANALYSIS OF RECEIVED DATA AND PREPARATION OF THE RESULTING REPORT MAY PASS THROUGH DIFFERENT SCENARIOS, DEPENDING ON THE CHARACTERISTICS OF THE AUDIT PURPOSE:
  • In the case of a general audit of the ultimate purpose is the formation of the documentation package, which describes the object of study in details, and also the detection of problems, mistakes and defects of subsystem’s work. In the structure of transmitted to the customer documentation must be included all important operational documentation, for example  inventory and / or cable journals, structural and functional subsystems schemes, describes of general principles of their operation and so on. In the process of conducting a general audit NETWAVE engineers describe founded errors and omissions, and necessarily form a list of recommendations how to remove them. As a standard for comparing used generally accepted branch standards, vendor’s recommendations and own practical experience of our engineers.
  • If the ultimate goal of the research is assessment of the readiness of the object for the implementation of specialized functional or to its modernization, we conduct a specialized audit. The examples of changes, before planning or implementation of which we recommend such audit, are the implementation of services of IP-telephony and video conferencing, construction of wireless access infrastructure, creation of a corporate data center, migration of corporate services from an instrument room on virtual, implementation of the planning system management of enterprise resources (ERP), and many other modifications of IT-infrastructure of different sizes. During the audit of this type, our engineers preparing a list of key technical and functional requirements for the researched subsystem, and measure their performance. As a standard for comparison used the customer’s requirements (in the form of technical specifications), and also the requirements from vendors and developers of specific functionality. For removing detected nonconformities necessarily formed a list of our recommendations. Subspecies of specialized audit is analysis of the quality of a particular functional after its implementation (for example, performance analysis of centralized storage system).
  • If the main purpose of system research is to determine the degree of its conformity to various standards, NETWAVE make compliance audit. In this case the main final document is the journal of conformity of the audit object criteria of the standard. For removing detected nonconformities also formed a list of our recommendations.

No matter what kind of audit by NETWAVE specialist was conducted, the result is necessarily to be useful for various target groups of employees of the customer. For example, a system administrator can obtain valuable concrete recommendations for optimization of separate subsystems or how to remove the critical failure, head of IT service can measure “weaknesses” of all IT-infrastructure, and manager will make a decision about the way of further development of the enterprise.