IHG酒店管理集团IT标准

- 1 - IHG Greater China IT Standard Operating Procedure IHG Greater China HOTEL IT STANDARD, STANDARD OPERATING PROCEDURE AND BEST PRACTICES - 2 - IHG Greater China IT Standard Operating Procedure 1. IHG Greater China Hotel IT SOPs Summary . 3 1.1 - How to use this Document 如何使用本文档 . 4 1.2 - Introduction 介绍 . 5 2. IT Operations. 6 2.1 - Computer Room Access . 6 2.2 - IT Routines Lists . 8 2.3 - Change Management . 14 2.4 - Data and Systems Backup strategy. 17 2.5 - IT Helpdesk Fault Logging . 21 2.6 - IT Logbooks . 22 2.7 - User Files Backup . 24 2.8 - IT After Office Hours On-Calls . 26 3. IT Maintenance . 28 3.1 - IT Asset Inventory Management . 28 3.2 - IT Hardware and Software Maintenance Contracts. 33 3.3 - User Hardware Maintenance . 35 3.4 - Hotel IT Server Room Environmental Monitoring System . 37 4. IT Security & Audit . 40 4.1 - Updated user lists / permissions . 40 4.2 - IT Screensavers / Idle Passwords . 42 4.3 - Internet Usage . 45 4.4 - IT USB/CD/DVD Lockout . 47 4.5 -Server Room Fire Protection/Alarms/Sensors/Temperature/Humidity/EMS. 49 4.6 - Server Room Fire Hazards / Combustible Materials . 53 4.7 - Server Room Fire Extinguishers . 55 4.8 - IT Fire and Evacuation Sample . 57 4.9 - IT Emergency Service Recovery. 59 4.10 - Software License Compliance . 78 4.11 - IT Devices not Being Used / Confidential Documents to Be Destroyed . 82 4.12 - Protecting Files from Virus . 84 4.13 - New User (username and password) . 86 4.14 - Resignation of Employee . 88 4.15 - IT Air-Conditioning & UPS Sample. 90 4.16 - Business Continuity Plan for PMS System . 93 4.17 - Business Continuity Plan for POS System.104 5. IT Standards .109 5.1 - Hotel IT Standard Network Setup .109 5.2 - Hotel Firewall / Public IP Addresses. 118 5.3 - Anti-virus Standards.120 5.4 - IT Computer Hardware Specifications .123 5.5 Email Address Requests.127 5.6 - Point of Sales Item.129 - 3 - IHG Greater China IT Standard Operating Procedure 1. IHG Greater China Hotel IT SOPs Summary Document Information Document Name: IHG Greater China Hotel IT Standard Operating Procedure Document Version No: V 1.0 Prepared By: Jerry WANG Date: Feb. 1th, 2010 Review By: WONG Kar Hong Distribution List From Date Phone/Fax/Email Jojo Coronel Dec. 8th, 2008 Jojo.C Jojo Coronel Jan. 5th, 2009 Jojo.C To Action Due Date Phone/Fax/Email *AP Greater China Hotels InformationTechnology Manager Distribute Action Types: Approve, Review, Inform, File, Action Required, Attend Meeting, Distribute, Other (Please specify) Version History Ver. No. Ver. Date Revised By Description Filename 0.1 Jan. 19th, 2009 Jerry Wang 1st Chinese Edition Release 0.2 Mar. 12th, 2009 Jerry Wang 2nd Chinese Edition Release 0.3 Jun. 23rd, 2009 Jerry Wang 3rd Chinese Edition Release 0.4 Sep. 2nd, 2009 Jerry Wang 4th Chinese Edition Release 0.5 Oct. 12th, 2009 Jerry Wang 5th Chinese Edition Release - 4 - IHG Greater China IT Standard Operating Procedure 1.1 - How to use this Document 如何使用本文档 This document can be viewed with Adobe Acrobat reader. There are 4 main menus categorized. 本文档可以用 Adobe Acrobat reader软件阅读。分成四类。 IHG Hotel IT Best Practices & SOPs - this document contains本 文包括： IHG IT Best Practices and SOPs Summary - in this volume you can see the summary. 本章为摘要。 IT Operations - - the documents indicates the IHG Standard Operating procedures and Best practices in IT Operations. This document is focused on how the IT Department will manage the IT environment in an Operations point of view. 本章指出 IT运作方面的洲际集团标准操作程序和最佳实践。重点在于 IT部门如何从运作的角度来管理 IT环境。 IT Maintenance - this document is focused on how IT Department will manage and maintain the IT Department office, IT Server Room and how to operate and record essential IT things. 本章重点在于 IT部门如何管理和维 护 IT办公室、服务器机房和如何操作和纪录必要的 IT工作。 IT Security & Audit - the documents indicates the IHG Standard Operating procedures and Best practices in IT Security and Audit. This document is focused on how the IT Department will manage the IT environment in a Security and Audit point of view. 本章指出 IT安全与审计方面的洲际集团标准操作程序和最佳实践。重点在于 IT部门如何从 安全于审计 的角度来管理 IT环境。 IT Standards - you will see standards currently being used in hotel. 本章指出酒店使用的 IT标准 。 When to use this document? 何时使用本文档？ This document must be used as reference and guideline when complying to the IHG Hotel IT Best Practices and Standard Operating Procedures. This documentation complies with the Chapter 15 of the IHG Financial IT Audit Standards. 本文档必须做为 IHG酒店标准操作程序和最佳练习的参考和指导。本文档符合洲际集团酒店财务项目第 15章 IT审计标准。 - 5 - IHG Greater China IT Standard Operating Procedure 1.2 - Introduction介绍 1 POLICY To serve as guidelines in order to improve the day to day operations in the Hotel IT Department. 为提高酒店 IT部门的日常操作 而提供指导。 2 PURPOSES To maintain a healthy system environment and to ensure the hotel IT Department conforms to the IHG IT Audit Standards. 维 护一个健康的系统环境并且保证酒店 IT部门符合洲际酒店集团 IT审计标准。 3 SCOPE This applies to all Greater China hotels. 所有大中华区酒店 4 RESPONSIBILITIES The hotel IT Manager has the full responsibilities in ensuring the hotel IT Department Best Practices and is being documented, implemented and exercised. 酒店 IT经理必须对 IT部门的最佳实践的纪录、实施和联系负责。 The hotels IT Department is responsible for complying with the hotel IT Department Best Practices. 酒店 IT部门 负责遵从 IT部门的 最佳实践。 The hotel IT Manager has the full responsibilities in following and tailor fitting the Hotel IT Policies and Procedures based on the hotel operations. It is his own responsibility in enforcing the P&Ps to the departments concerned. 酒店 IT 经理必须负责遵从和适合建立在酒店运作基础上的 IT 政策和程序。将 IT 政策和程序执行到相关部门是 IT 经理的责任。 - 6 - IHG Greater China IT Standard Operating Procedure 2. IT Operations 2.1 - Computer Room Access STANDARD OPERATING PROCEDURE Department: Information Technology P&P#: Subject: Computer Room Access Date: Prepared by: _ IT Manager Approved by: _ _ General Manager Dir of Finance & Business Support Distribution List: 2.1.1 Objective To establish policies to limit access to the computer room and adjacent areas in order to maintain the best possible physical protection for the area and equipment. 制定政策限制对电脑机房以及相关区域的进入是为了对该区域和电脑设备进行最佳的保护。 2.1.2 Scope This applies to all Greater China Hotels Information Technology Department. 适用于所有大中华区酒店 IT部。 2.1.3 Definitions “Employee” refers to full-time or part-time employees, temporary employees/personnel, or consultants who are “resident” on the entitys site. A “visitor” is defined as a vendor, guest of an employee, service personnel, or anyone who needs to enter the facility for a short duration, usually not more than one day. “ 雇员 ”是指全职或兼职的雇员、临时雇员人员和顾问等“常驻”在实际场所内的人员。“ 访客 ”被界定为供应商、某个雇员的客人、服务人员，或者其它任何需要短期进入设施的人员，通常不超过一天。 2.1.4 Policy 1) The computer room must be kept locked at all times with access controlled through individually assigned tokens or swipe cards. 所有电脑机房区域的门 都 应 始终 保持锁 闭状态， 通过单 独分配的 密码 或者刷卡控制访问 。 - 7 - IHG Greater China IT Standard Operating Procedure 2) Access to the computer room shall be restricted to those that have a business need. 只有业务需要时，才允许 使用 电脑机房。 3) Access to the computer room will be granted to an employee only after the proper authorization has been gained. 只有 获得 适当的授权后，雇员才被准许 使用 电脑机房 。 4) Access to the computer room will be removed from an employee once the business need has expired. 当业务需求终止时，对雇员 使用 电脑机房的授权将会被取消。 5) This policy is implemented to prevent the unauthorized use, misuse, modification or denial of use of company Information assets. Any user found to be breaking this policy will be subject to disciplinary procedures. 实施本政策的目的是为了防止盗用、滥用、修改 或 拒绝使用公司信息资产。任何被发现违反本政策的用户将接受相关处分 2.1.5 Related Procedure 1) Access to the computer room is limited to hotel personnel responsible for maintaining or operating the equipment or other business needs 只有酒店内负责对设备进行维护和操作 或者有其他业务需要的 人员才能 使用 电脑机房。 2) Visitors requiring access to the computer room will be escorted into the restricted area by a suitably authorized employee and required to sign the visitor book. 访客对电脑机 房受限区域的 使用 必须由一个合适的授权雇员陪同，并且必须签署访客薄。 3) The entrance should be recorded in Computer Room Access Log Book. All access to the computer room will be logged. The logs will be reviewed by IT manager on a regular basis with unauthorized access attempts being investigated. Logs should be kept for a minimum of three months unless otherwise restricted by law. 任何人进入电脑机房都必须在“电脑机房进出人员登记表”上签字。所有对电脑机房的 使用 都将被记录。记录将会被 IT经理定期检查是否有未授权的 使用 企图。记录必须至少保持三个月或者 遵从相关的法律规定。 4) All doors to the areas are to be kept locked at all times even during normal office hours. 所有电脑机房区域的门都应始终保持锁闭状态，即使是在上班时间也一样。 5) Keys to the computer room areas will only be issued to personnel responsible. 电脑机房的钥匙只能发放给相关的责 任 人 员 。 6) The Information System area must be regularly patrolled by hotel security staff. 酒店保安部员工应对技术信息部区域 进行周期性的巡逻。- 8 - IHG Greater China IT Standard Operating Procedure 2.2 - IT Routines Lists BEST PRACTICES Department: Information Technology P&P#: Subject: IT Routines Lists Date: Prepared by: _ IT Manager Approved by: _ _ General Manager Dir of Finance & Business Support Distribution List: 2.2.1 Daily Check List 每日 检查清单 IT Department must have a DAILY TASK LIST of what is needed to be checked and monitored. The checklist consists of what are needed to be done upon reaching office and before you leave office. The check list should include of all servers, systems, interfaces and network equipments to ensure all IT Systems are in good-working condition. IT 部门必须使用每日任务列表来记录日常的检查和监测。该清单 由 到达 IT 办公室和离开之前需要完成的检查和检测 ，包括 服务器、系统、接口和网络 设备 ，以确保所有的 IT 系统处于良好工作状态。 IT Office and Server room checks IT办公室和服务器机房检查 : a. Make sure the IT Server Room Air-Conditioning System is running and maintain temperature at a range of 20 degrees Celsius to 22 degrees Celsius, humidity at a range of 50RH to 60RH. If temperature or humidity is out of this range, go to the Power Control Unit (PCU) and perform diagnostics and check ALARM History and do a RESET. If found malfunctioning, call the Engineering for further assistance. 确保机房空调工作正常，机房温度 应维持在 在 20-22 摄氏度之间，湿度在 50-60RH 之间。如果发现温度或湿度不在标准范围，请检测电力控制装置和警示灯，并且重新启动。如果发现故障，通知工程部做进一步检查。 b. Make sure the IT Server Room main UPS is up and running on normal. Check that the charging level is 100%. 确保服务器机房主 UPS 启动和运行正常，并且电池电量为 100%。 c. Make sure the LOCKS of IT office and server room work properly. 确保 IT 办公室和服务器机房的门锁工作正常。 - 9 - IHG Greater China IT Standard Operating Procedure d. Remove any obstructions, unnecessary or faulty devices on the floor of the IT Office at all times. IT 办公室不能在地 板 上放置任何障碍物和不需要或者失效的设备。 IT SERVERS Checks 服务器检查 : a. Check all the SERVERS and system logs, make sure all servers are up and running. 检查所有服务器和系统日志 ，确保所有服务器启动和工作正常。 b. Check ALL INTERFACE PCs, make sure all the interfaces are up and running. 检查所有的接口电脑，确保所有的 接口都启动和工作正常 。 c. Check the internet is working and e-mail server is sending and receiving mails and there are no messages on long queue to be delivered. 检查互联网访问正常；电子邮件服务器发送和接收电子邮件正常， 并没有长时间不能发出的邮件 。 d. Check the PRINTSERVER for any problem on the printer queuing of all Departments. 检查所有部门的打印服务器工作正常。 e. Check the Anti-Virus Server and make sure it updates itself to the latest VIRUS DEFINITIONS and SCAN ENGINE. Run the Anti-virus report to list down all the potential users with viruses and Trojans. 检查防病毒服务器有最新的病毒定义库和病毒扫描引擎。检查防病毒报告中用户潜在的病毒和木马程序。 f. Check the FAX Server and the modems if are active and ready. 检查传真服务器和调制解调器工作正常。 g. Check the FILE Servers for HARDDISK Space. If found running out of space, do an investigation on user folders. 检查文件 服务器 磁盘空间 。如果发现空间不足，对用户空间进行分析 处理 。 h. Check all other servers, to record available diskspace. 检查 所有服务器， 记录 硬盘空间。 i. Check two workstations at random to ensure that they are getting the latest updated virus definition from internal server or internet (Please Check the definition updated date) 随 机 抽测两台工作站 ，确保可以从互联网或者内部网络获得最新的病毒定义（请检查病毒定义库更新时间）。 Check Backup Status 备份检 查 : a. Check the BACKUP Server for the COMPLETION of all JOB Orders and to check - 10 - IHG Greater China IT Standard Operating Procedure any FAILED JOBS. Replace BACKUP TAPE or other BACKUP MEDIA. 检查备份服务器确保所有的备份完成。检查的备份任务。更换备份磁带或备份介质。 IT NETWORKS Checks 网络检查 : a. Check Holidex router is up and running and IHG network is accessible. By accessing the Holidex system at /fixvlet/HolidexWebServlet and checking OXI processor in PMS. 通过访问 Holidex 系统 /fixvlet/HolidexWebServlet 并 检查 PMS 系统中的 OXI 进程来确认 Holidex 路由器是否启动和工作正常， IHG 网络可以正常访问。 b. Analyze unknown devices connected to the local network. 分析连接在内部网络上的 未知 设备。 c. Check the local ISP Router Traffic Grapher or HSIA system to see the bandwidth utilization of the internet in the guest rooms and the admin office internet. 通过本地 ISP 的路由 流量记录器 或者 HSIA 系统检查办公网络和客房网络的带宽使用率。 d. Check Firewall logs for any attempts to break into the network. 检查防火墙日志是否有网络安全攻击。 e. Check the pattern of network switch lights to ensure no switch hangs or looping detected. 检查网络交换机指示灯 确保没有交换机故障。 USER AND GUEST SERVICE Checks 用户和客人服务检查 : a. Check both guest and hotel user call log registers. 检查所有用户和客人要求记录。 b. Communicate and share problems among hotel IT team. 与整 个 酒店 IT 团队沟通并且分 享问题。 c. Escalate the calls to PMS, POS, other support vendors and regional IT team if it could not resolve internally as soon as necessary. 将不能内部解决的问题 立刻 反馈至 PMS, POS 等供应商和集团 IT 团队。 d. Keep in touch with regional IT team if you are in doubt or undecided and ask for help and assistance. 如有任何疑问，请与集团 IT 团队联系。 2.2.2 Weekly Task 每周任务 Offsite Backup Tape 外部保存备份磁带 Send one backup tape set outside the hotel. Before sending out, do a restore test - 11 - IHG Greater China IT Standard Operating Procedure (Restore data to a spare hard disk to ensure it can be restored successfully). 每周将一份备份磁带送至酒店外部保存。在送出前，做一个简单恢复测试 (即将磁带内容恢复到某个服务器的空余硬盘上保证磁带数据可以被成功读出 )。 2.2.3 Monthly Task 每月任务 Backup before Month-end Process 月结前备份 Backup Accounting, Check EAM and other Month-End process system before the process in every month end. 每月 底对需要月结的系统，如 财务、 CheckEAM 等系统 进行月结前的备份。 Archive Interface Log Files 存档接口日志文件 Interface log files are saved in D:microsifc*.log. Please zip and store these files monthly and remove from original folder. 接口文件保存在接口电脑的 D:microsifc*.log 中。每月将其压缩存档， 并且在原始目录中删除。 Review Staff Entry & Departure List from HR 检查入职 /离职员工帐号 To check codes of new-entry staff whether it had been generated correctly. And codes of departure staff had been disabled/deleted. 根据人事部的每月入职员工和离职员工清单，检查入职员工帐号是否被正确创建。并且确保离职员工帐号已经 被禁用或删除。 Monthly Server Maintenance 每月服务器维护 a. Check Disk Capability 检查磁盘的容量 b. Install Operating System (OS) and Software Patches 安装操作系统及其他软件补丁 /升级包。 c. Restart if necessary 如有需要，重新启动服务器 d. Archive Events Log 存档服务器系统日志 IT Inventory Update 更新 IT 清单 Merlin-Applications-Hotel IT Systems Inventory (APAC) Review & Renew MA (Maintenance Agreement) Contracts 检查和更新维护合同 To review all contracts this will expire in 3 months. To renew or change contracts based on your needs. 检查所有三个月内将过期的维护合同。并且根据需要延长或 者修改维护合同。 Review System Cases and Last IT Monthly Report 系统 及上月 IT 管理报表 回顾 To review all systems cases and projects of previous month. Analyze each and every - 12 - IHG Greater China IT Standard Operating Procedure guest and user calls to see the possibility to resolve it permanently. Consult with vendor or regional IT team. 回顾前一个月所有的系统问题和项目 。分析每个用户和客人的要求，与供应商或者集团 IT 共同找出解决方案。 Submit IT Monthly Report 递交 IT 月管理报表 Submit IT Monthly Management Report (APPENDIX 2.2.2 Hotel IT Monthly Management Report) to Cluster IT Manager or IHG China IT Team, DOFBS and GM. 递交 IT 月管理报表给区域 IT 经理 或者集团 IT以及酒店财务总监 和 总经理。 2.2.4 Quarterly Tasks 每季度任务 Review user accounts and access rights 检查所有系统的用户及权限 a. To check the availability of accounts 检查所有用户帐户的有效性 。 b. To check users rights whether is correct or not。 检查用户的权限是否正确。 c. To review the user accounts list in PMS, POS, Accounting, EAM, IBP, Hotel Domain, Hotel Email, IHG Email, Delphi, etc 检查酒店所有系统的用户帐户，包括 PMS, POS,财务 , EAM, IBP, 酒店域帐号 , 酒店电子邮件帐号 , IHG 邮件帐号 , 宴会销售 系统 等等 。 UPS Availability Testing UPS 可靠性检查 To test all hotels UPS Discharge/Charge, including server room UPS and PC UPS. Ask UPS supplier to assist if need. 对酒店所有的 UPS 进行 充 放电测试，包括机房的 UPS 和单独的 PC UPS。如果需要，可以要求 UPS 供应商协助。 Backup Restore Testing To restore backup media (tapes) to a dummy system to make sure that the backup data can be used. The systems include all hotel systems, PMS, POS, EAM, Accounting, IBP, EFPM, Delphi, etc. 将备份介质（磁带）的数据恢复到一个模拟系统，以确认所有的备份数据可以被使用。所有酒店的系统都需要进行测试，包括 PMS, POS, EAM, 财务 , IBP, EFPM, 宴会销售 系统 等等。 2.2.5 Annual Tasks 年度任务 IT Budget IT 预算 Prepare IT budget, guided by DOFBS. 在酒店财务总监的指导下完成 IT 预算。 Emergency Plan Dry Run 应急运营方案测试 To test hotel manual operation when PMS or other systems down. Please refer to the - 13 - IHG Greater China IT Standard Operating Procedure following chapters of this document. 4.16 - Business Continuity Plan for PMS System 4.17 - Business Continuity Plan for POS System 测试 PMS 等系统故障时相关的手工营运。 Disaster Recovery Testing 系统灾难恢复测试 IT must know how to recover the system when PMS or other systems down. Please refer to SOP 4.9 - IT Emergency Service Recovery IT 必须 知道在 PMS 等系统发生故障时， 如何 恢复系统和数据。 2.2.6 Appendices APPENDIX 2.2.1 IT Regular Working Tasks Guideline APPENDIX 2.2.2 Hotel IT Monthly Management Report - 14 - IHG Greater China IT Standard Operating Procedure 2.3 - Change Management STANDARD OPERATING PROCEDURE Department: Information Technology P&P#: Subject: Change Management Date: Prepared by: _ IT Manager Approved by: _ _ General Manager Dir of Finance & Business Support Distribution List: 2.3.1 Objective To standardize change management process 标准化变更管理过程 2.3.2 Scope All changes to the hotel information systems 酒店信息系统的所有变更 2.3.3 Definition “Changes” refers to change made to any item of hardware, software or data that is used to provide hotel systems. This includes operating software, utility software, application software as well as changes to data files and parameter/configuration files. It excludes any normal day to day operational changes such as rate codes and POS items. “变更 ”是 实施于酒店系统相关的硬件、软件和数据，包括对操作系统、工具软件、应用软件已经对数据文件、参数配置文件的更改；不包括日常的操作比如房价 代码和餐厅收银中的菜单项等。 “Major Systems” refer to the systems listed in the IHG Brand IT Standards Summary. “主要系统 ”是指在洲际集团各品牌 IT标准汇总 中列出的系统。 2.3.4 Policy Changes to operational systems and application software shall be controlled. Live data must not be used on development or test systems. 对操作系统和应用软件的变更 必须受到监控 ， 真实系统数据 绝对禁止 用于开发或者测试系统。 - 15 - IHG Greater China IT Standard Operating Procedure All changes must be approved by authorized person. IT manager must be one of approval and provide technical advice, such as change cost, feasibility, interruptions to hotel operations, etc. 所有的变更都必须得到适当的审批， IT 经理必须是审批的一环， 并 给出变更预算、变更的可行性 、实施变更对运营的影响 等专业性意见。 2.3.5 Related Procedure If user requires to do change, a change request form (APPENDIX 2.3.1 System Change Request Form) must be issued by user department head and get proper approval. The following changes must be informed to hotel General Manager and DOFBS (Director of Finance and Business Support) in advance. 如果 有用户需要对 IT系统进行变更， 用户部门经理填写 系统变更申请表并且 得到适当的审批 。 下列重要 变更 必须 提前 通知酒店总经理与财务总监 - IT System Replacement 更换系统 - System Vendor Replacement 更换系统供应商 - System Support Replacement 更换系统技术支持 - System Upgrade 系统升级 The IT Manager is responsible for managing all implementations of changes to the hotel information systems. IT 经理负责管理 酒店 所有 信息系统的变更 实施 。 No changes will be implemented to any hotel systems without the expressed authorization of the IT Manager. 没有 IT 经理的明确授权，不 准许 对酒店系统进行任何变更。 All changes will be documented and logged, highlighting the amendments made and the reason for the change (e.g. upgrade to system software). 所有的变更都必须被记录存档，尤其是变更的地方和理由 （比如：系统软件升级） 。 The followed major changes must be informed to Corporate IT Team in advance. 下列重要必须 提前 通知集团 IT部门 - IT System Replacement 更换系统 - Major System Vendor Replacement 更换主要系统供应商 - Major System Support Replacement 更换主要系统技术支持 - Major System Upgrade 主要系统升级 Changes will be made at a time that is of minimum disruption to users. Users will be given prior notice. 变更必须在一个对于用户最小干扰的时间进行。用户必须被提前告知。 System backup of existing software or parameter files will be made prior to any live changes to enable the system to be recovered in the event that a change is made - 16 - IHG Greater China IT Standard Operating Procedure inadvertently. 任何正式系统修改前必须对系统进行备份，以保证发生意外状况是可以进行恢复。 Where changes are required to be undertaken by third parties (e.g. software suppliers), the above procedures will still be followed. Requirements for remote access to perform such updates will be strictly controlled by the IT Manager including the granting of modem/vpn access. 如果变更需要第三方（比如软件供应商）实施，上述程序依然有效。 如需通过远程访问实施变更，必须有 IT 经理严格控制，包括通过调制解调器和 VPN 的访问。 2.3.6 Reference Documents Hotel Accounting Manual CHAPTER 15.6.1 Change Management 2.3.7 Appendices APPENDIX 2.3.1 System Change Request Form - 17 - IHG Greater China IT Standard Operating Procedure 2.4 - Data and Systems Backup strategy STANDARD OPERATING PROCEDURE Department: Information Technology P&P#: Subject: Data and Systems Backup strategy Date: Prepared by: _ IT Manager Approved by: _ _ General Manager Dir of Finance & Business Support Distribution List: 2.4.1 Objective 1. To ensure proper handling of the hotel data and IT backup strategies. 确保酒店 IT 数据有正确的备份策略。 2. To establish controls and procedures for storage, protection, access, IT storage media, and related software. 建立存储、保护、访问、备份介质和相关软件的控制和操作程序 3. To ensure data integrity and availability. 保证数据的完整性和可靠性。 4. It is mandatory to backup all the system data and source program in order for emergency recovery purposes and prevent the hotel from loss due to system break down. 为避免系统崩溃后数据丢失，并在紧急修复后恢复数据，强制对系统数据和源程序进行备份是极其重要的 2.4.2 Scope All Systems & Data 所有系统和数据 2.4.3 Definition N/A 2.4.4 Policy 1. All IT systems will be backed up to external media to allow recovery of those systems in the event of a disaster. Backup media shall be stored in a location - 18 - IHG Greater China IT Standard Operating Procedure remote from the information system that was backed up. All backup media shall be stored securely giving the same level of physical security as the main system. 所有 IT 系统使用外部介质备份以备出现系统问题时进行系统恢复。 备份介质需要存储在与所备份的系统不同的位置。 所有的备份介质的物理存储安全级别与主系统相同。 2. The IT Manager is responsible for ensuring that system backups is successful by checking the audit trails, system logs etc. Any errors encountered during the backup should be noted, investigated and resolved. IT 经理负责通过检查系统日志等保证系统备份完成。任何备份问题都必须被记录、检查和解决。 3. The IT Manager will regularly test backup procedures by reviewing log records to ensure completion, verifying that tapes are correctly labeled and stored correctly and by routinely restoring backup data from tape. IT 经理必须定期测试备份程序，检查记录，保证完成并且检查备份介质被正确标记和保存。并且安排磁带数据恢复测试。 2.4.5 Related Procedure 1. The IT Manager will strategize the backup cycle and which media to be used (full, incremental, daily/weekly/month-end/quarter-end/year-end etc.) and retention period. All hotel IT systems data will be backed up to external media (e.g. tape cartridge or hard drive) on at least a daily basis. There must have enough tapes for at least one week backup cycle. IT 经理制定备份循环、备份方式（完全、增量，日 /周 /月 /季 /年等）和保留期限等策略。 所有的酒店系统数据必须至少每天一次备份至外部介质（磁带或者硬盘） ，必须 准备至少足够一周备份工作所需的磁带。 2. All backup media will be clearly labeled identifying the contents of the tape and the cycle to which it refers (e.g. Monday, 1st backup). 所有的备份介质必须清晰标明内容、日期、周期等信 息 （例如：周一，第一次备份） 。 3. Backup media will be removed as soon as the backup process has been completed which may mean someone other than the IT Manager is given this responsibility. 备份完成后备份介质须尽快由 IT 经理授权的操作人员 取出。 4. The backup media should be transferred to a location remote from the equipment. The location for storing the backup media may be in the hotel but should be carefully chosen based on the likelihood of a fire or similar disaster affecting both it and the main system. Backup media is of no use if it is also damaged or destroyed in the same failure that affected the main system. - 19 - IHG Greater China IT Standard Operating Procedure 备份介质必须被转移到另外的地点保存。此地点可以在酒店内，但是必须仔细选择，在万一发生火灾等情况时，不会与主系统同时损坏。如果备份介质与其所备份的系统同时 损坏，那么备份就没有任何意义。 5. The Chief Accountant is responsible for the backup process and holds custodianship of the back office system on monthly basis prior to the close period. This backup database will be stored on the hard disk, after backup procedure was done properly, the IT department should move it to CD disks. 每月关帐前，由总会计师负责对后台系统进行一次备份，备份的数据库将会保存在服务器的硬盘上，当备份完成后信息技术部需要将这些数据刻录在光盘上。 6. OFF-SITE TAPES (WEEKLY) 定期异地存储备份磁带（每周） Hotel should keep one-set tapes with full backup data OFF-SITE. The OFF-SITE tape should be replaced weekly. 酒店必须保存一套有完整备份数据的磁带在酒店外部，每周更替循环。 OFF-SITE tapes are to be stored outside the hotel, maybe stored in a vault by your local vendor or if 2 clustered hotels you can exchange tapes. 外送磁带可以存在本地供应商处，如果本地有多个酒店，可以互相交换保存。 Adequate protection shall be given to the media whilst in transit and in storage to protect it from damage, theft or loss. 在送出和保存磁带时必须有充分的保护措施以避免磁带 失 效或者丢失。 7. SERVER IMAGES 服务器镜像 It is highly recommended to include the backup of server images, interface images and other devices. By means of using image backup software like Acronis Trueimage or other mirroring software. 高度 推荐酒店对服务器、接口电脑等进行硬盘镜像备份，可以使用 Trueimage等镜像备份软件。 8. The IT Manager will regularly test backup procedures by reviewing log records to ensure completion, verifying that tapes are correctly labeled and stored correctly and by routinely restoring backup data from tape. IT 经理需定期通过检查日志记录测试备份程序来保证其正确完成。核实磁带被正确的标签和存储并且进行从磁带恢复数据的测试。 9. Backup media will be replaced in line with manufacturer recommendations. Redundant backup media should be disposed of in a way that prevents the recovery of information from that media. 备份介质根据生产商的 建议定期更换。过期的磁带必须被销毁以防止被用来从中恢复信息。 - 20 - IHG Greater China IT Standard Operating Procedure 2.4.6 Reference Documents Hotel Accounting Manual CHAPTER 15.6.3 Data and Systems Backup 2.4.7 Appendices APPENDIX 2.4.1 Offsite Tape Record - 21 - IHG Greater China IT Standard Operating Procedure 2.5 - IT Helpdesk Fault Logging BEST PRACTICES Department: Information Technology P&P#: Subject: IT Helpdesk Fault Logging Date: Prepared by: _ IT Manager Approved by: _ _ General Manager Dir of Finance & Business Support Distribution List: 2.5.1 Objective To be able to report/document/track any systems errors or discrepancies that may arise due to program/computer bugs or user errors. 能够报告 /记录 /跟踪所有可能 由于 程序 /电脑 错误 或用户 失误产生 的系统错误或 差异 。 2.5.2 Scope This applies to all Greater China Hotels Information Technology Department. 适用于所有大中华区酒店 IT部。 2.5.3 Related Procedure 1) All system errors or discrepancies encountered by end users or the IT Department should be properly recorded in the IT Helpdesk System. 最终用户或者 IT 部门遇到的所有系统 错误 或差异 都 必须 被正确记录在 IT 服务系统内。 2) Details of errors shall be written and properly logged in the IT Helpdesk System. 错误的详细信息必须被记录并且正确输入 IT 服务系统。 3) IT Manager should review the records in the IT Helpdesk System on a daily basis to ensure proper solutions have been applied to the problems. IT 经理必须每日检查 IT 服务系统以 确保适当的解决方案 已经 被 应用到 对应 的 问题 。 4) On a monthly basis, IT Manager should review who are the few users experience more problems than others who may need special assistance. IT 经理每月 回顾 遭受问题比其他人 多的 少数用户 ，他们 可能需要特别 的 帮助。 - 22 - IHG Greater China IT Standard Operating Procedure 2.6 - IT Logbooks BEST PRACTICES Department: Information Technology P&P#: Subject: IT Logbooks Date: Prepared by: _ IT Manager Approved by: _ _ General Manager Dir of Finance & Business Support Distribution List: 2.6.1 Introduction IT Logbooks are essential to the IT Department operations. Logbooks are used to track down all the day to day transactions, events, faults and other important security incidents inside the IT Server Room and IT Department. IT部门运作 离不开 IT记录本 。 记录本 用于跟踪所有的日常处理、事件、故障和其他 IT服务器机房和 IT部门必要的关键安全 事故 。 2.6.2 Scope This applies to all Greater China Hotels Information Technology Department. 适用于所有大中华区酒店 IT部。 2.6.3 Logbooks Server Room entry/access logbook The intention of this logbook is for IT personnel to control access to the server room. Server room logbook shall contain the name, purpose of entering server room, date and time of entry, date and time of exit and signature. The logbook shall be kept in close proximity of the IT Server room. 服务器机房进入 /访问记录本 此记录本对于 IT员工 对 服务器机房 的使用 。服务器机房记录本必须包括姓名、进入服务器机房目的、进入日期和时间、离开日期和时间以及签名。此记录本必须保存在 IT服务器 机房极为贴近 的位置。 Main UPS Integrity Test logbook This logbook is used to record all the main UPS integrity tests that includes the duration of how long the test has been conducted, the available power capacity converted to hours or minutes, that the UPS can sustain power to all servers, network devices and other appliances in the server room and the date and time the test was conducted. This logbook is also used to record the logs of any UPS faults, batteries replacement, repair or maintenance from the UPS vendor. 主 UPS完整测试记录本 此记录本用于记录主 UPS所有的完整测试情况，包括：测试所用的时- 23 - IHG Greater China IT Standard Operating Procedure 间，有效电池工作时间（小时或分钟），服务器机房内 UPS能够维持 电源 的所有服务器 、 网络设备和其他设备 ，以及测试的日期和时间。此记录本也用于记录所有的 UPS故障、电池更换以及 UPS供应商的维修和保养等。 Server Breakdown/Changes logbook This logbook is used to record all server breakdowns, hangs and abnormal terminations. It is also used for recording patch upgrades, technical upgrades like changing of hard disk, adding of RAM, upgrading of OS, Windows updates and etc. It should contain the name of the Server, IP Address, date and time the event or fault happened. 服务器故障 /变更记录本 此记录本用于记录所有服务器的故障、死机和非正常中断等。也用于记录更换硬盘、增加内存、升级操作系统、微软视窗系统升级等的服务器补丁升级和技术升级。记录 还应该 包含服务器名称、 IP地址以及事件或者故障发生的日期和时间。 Equipment Items/Loan logbook This logbook is used to record all the borrowed and issued equipment items such as laptops, keyboards, mouse, hand phones, printers, power cords, CDs, DVDs and etc from the IT Department. The logbook should contain the name of the user, item description, date and time loaned or issued, date and time the items is returned, signature of the user. 设备清单 /借出记录本 此记录本用于记录 IT部门 所有借 出 或分配的设备清单，如笔记本电脑、键盘、鼠标、手机、打印机 、电源线、 CD/DVD等。此记录本记录包含用户名字、设备描述、借出或分配的日期和时间、设备返还的日期和时间、用户签名。 Off-site Backup Tapes/Backup Tests logbook This logbook is used to record the time and date when the off-site tapes are being brought to an off-site locations. The logbook can also contain the recorded date and time of the backup tests and restore tests of the tapes or any other backup media that the hotel uses. 外部存储备份磁带 /备份测试记录本 此经记录本用于外部存储磁带被送至酒店外部保存 的记录 。本记录本也可以记录 对磁带或者酒店使用的其他备份介质的备份测试和恢复测试的日期和时间。 - 24 - IHG Greater China IT Standard Operating Procedure 2.7 - User Files Backup BEST PRACTICES Department: Information Technology P&P#: Subject: User Files Backup Date: Prepared by: _ IT Manager Approved by: _ _ General Manager Dir of Finance & Business Support Distribution List: 2.7.1 Objective To safely backup user files and important data from their respective computers to the IT Department file server for archiving purposes. 将用户的文件和重要数据从他们各自的电脑安全备份到 IT部门的文件服务器进行存档。 2.7.2 Scope This applies to all Greater China Hotels Information Technology Department. 适用于所有大中华区酒店 IT部。 2.7.3 Related Procedures: 1) Only authorized users files and important data are to be backup to the IT Department file server. 只有授权用户的数据和重要文件才能备份到 IT部门的文件服务器。 2) Users are given the full rights to their individual personal folders and can be used as their personal storage of their confidential and important documents. 用户 将 被授予 充分的权限以访问作为个人机密和重要 文件存储的个人文件夹。 3) Users are responsible to housekeep their own personal folders not to exceed the allotted quota. 用户负责维护自己的个人文件夹不超过分派的容量。 4) Backup of user files are being done on a nightly basis to assure protection of classified and important files. Any restoration or retrieval of lost or missing files of users can be verified through IT Department. 每天晚上对用户的文件进行备份以保护机密和重要的文件。恢复或者取回丢失或失踪的用户文件由 IT部门核实后执行。 - 25 - IHG Greater China IT Standard Operating Procedure 5) In case of laptop or workstations crash or corruptions and in need of a hard disk restoration, only files saved in the users personal folder in file server will be restored. 如果笔记本电脑或者工作站崩溃或者损坏，需要做硬盘的复原，只有保存在文件服务器的用户个人文件夹内的文件才能被 确保 恢复。 - 26 - IHG Greater China IT Standard Operating Procedure 2.8 - IT After Office Hours On-Calls BEST PRACTICES Department: Information Technology P&P#: Subject: IT After Office Hours On-Calls Date: Prepared by: _ IT Manager Approved by: _ _ General Manager Dir of Finance & Business Support Distribution List: 2.7.1 Objective The purpose of this procedure is to streamline the calls to IT Department after office hours, thus preventing unnecessary calls during after office hours. 本文档的目的是提高对 IT部门 下班后呼叫 的效率，防止下班后不必要的 呼叫 。 2.7.2 Scope This applies to all Greater China Hotels Information Technology Department. 适用于所有大中华区酒店 IT部。 2.7.3 Related Procedures: IT Department on-site support starts at 提供现场支持，下班后开始待命。 IT Team accepts on-calls when major systems hangs or deemed faulty and the operations are paralyzed. IT团队接受 主 要 系统死机或者失效 以及 不能正常 运作 的 呼叫 。 Valid on-calls are to be strictly adhered to prevent unnecessary calls to IT Staff after office hours. 必须严格遵循呼叫的有效性，以防止对 IT员工下班后不 必要 的呼叫。 Any calls that are only inquiries (e.g. what is my password? How do I print in a different printer?) are not valid on-call problems. 任何只进行查询的呼叫（比如：我的密码是什么？如何从另外一个打印机进行打印？）不是有效的呼叫问题。 - 27 - IHG Greater China IT Standard Operating Procedure Below are the problems that are deemed valid after office hours: 下列是下班后视为有效的问题： - PMS not functional PMS不能操作 - POS not functional POS不能操作 - POS workstations are not functional POS工作站不能工作 - Network is down, guest room network is not functional 网络中断，客房网络不能工作 - Main power for computers and printers are down 电脑和打印机的主电源停电 - Duty Manager calls that the Server Room has problems (ups, temperature, humidity, fire.) 值班经理 反应服务器机房有问题（ UPS电源、温度、湿度、火情等） - Wireless Internet in Club Lounge not functional 行政楼层无线网络不能工作 - Guest laptops in the guest room cannot be fixed by Duty Manager or HSIA support 客房内的客人笔记本电脑不能由值班经理或者宽带供应商支持 人员 修复 - Guest computers in Business Center not functional 商务中心内的客用电脑不能工作 - ESCAP Database is corrupted ESCAP系统数据库出错 - ESCAP users cannot login ESCAP系统用户不能的登录 - Accounting System not functional month end only 财务系统不能工作仅限于月结。 - Other major problems 其他重要的问题 PMS passwords are deemed to be the responsibility of the users to change every 45-90 days. PMS系统的密码由各自用户负责每 45-90天更换。 Locked-out passwords cannot be rectified and reset until the following morning. 密码 被锁定的问题 必须到第二天早晨才能 得到纠正和复位。 Most of the problems deemed valid can be easily rectified by the IT Department remotely from their home computers. IT Team will go back to the hotel once the problem cannot be rectified via remote access. 大多数问题可以由 IT部门 通过远程接入 解决。如果不能通过远程访问解决问题， IT部门将 立刻 返回酒店处理。 - 28 - IHG Greater China IT Standard Operating Procedure 3. IT Maintenance 3.1 - IT Asset Inventory Management STANDARD OPERATING PROCEDURE Department: Information Technology P&P#: Subject: IT Asset Inventory Management Date: Prepared by: _ IT Manager Approved by: _ _ General Manager Dir of Finance & Business Support Distribution List: 3.1.1 Objective To establish proper procedures to manage hotel IT assets inventory. 建立酒店正确的 IT资产库存管理机制。 3.1.2 Scope This applies to all Greater China Hotels Information Technology Department. 适用于所有大中华区酒店 IT部。 3.1.3 Introduction Inventory Management 库存管理 It is important for the hotel to know the various IT assets they own and operate. IT Department must perform periodic inventory check of hardware and software assets.酒 店了解自己拥有和运营的各种 IT资产是非常 重要 的。 IT部门必须进行硬件和软件的定期 库存盘点 。 Managing the life cycle of data, from creation to archival begins with a thorough understanding of the IT assets that generates the data. Hardware and software asset inventories are essential for gaining this knowledge and for prioritizing the efforts required to protect important business systems and data. 库存数据的生命周期从对生成数据的 IT资产的彻底了解开始。 硬件和软件资产 盘点 对获得这方面的知识和并且优先保护 重要的业务系统和数据 是绝对必要的。 Another reason for IT asset inventory management is to discover areas of IT infrastructure that - 29 - IHG Greater China IT Standard Operating Procedure require attention. For example, an asset inventory might reveal that various servers in data center need upgrades. Without taking stock of what one already, buying new technology is a crapshoot that may result in wasted money, time, and effort. 建立 IT资产 库存 是为了发现 IT基础设施 中需要注意的 领域 。例如，某一资产库存 记录 可能会显示位于数据中心的一些服务器需要升级。没有对已经拥有资产的观察， 购买新的技术是 有 风险的，可能导致浪费金钱 、 时间和精力。 IT asset inventory and overall management are a crucial part of keeping hotel data center infrastructure humming along smoothly. The advent of new regulatory requirements that impose strict data control requirements on businesses will force many IT staff to improve the way they manage hardware and software assets. After all, IT manager cannot manage critical data if he does not even know what equipment and applications generate it, so compliance begins with good inventory and asset management controls. IT 资产库存和全面管理是使数据中心基础设施顺利运营的重要部分。对商业 数据 的严格 控制要求 将迫使 IT 经理改善对硬件和软件资产的管理。如果 IT经理不知道产生关键数据的环境和应用，将无法对其进行管理。服从管理需求从 良好的库存和资产管理控制 开始。 Finally, IT assets inventory is especially important to ensure that IT maintains compliance with the various software licenses business needs to operate. If IT does not know about a server that a particular department purchased that will suddenly puts hotel out of compliance with a software licensing agreement, hotel runs a risk of viol ating its licensing agreement. Also, conducting an inventory can help IT quickly ferret out illegally installed, unlicensed copies of software. 最后，资产 库存 对于 IT保持遵守各种 根据业务运作需求的 软件 的 许可是特别重要 的 。如果不知道的 某台 服务器 是由哪个部门购买的，可能将突然导致不遵守 软件许可协议， 使 酒店 承担运营风险 。此外，进行 库存盘点 可以帮助快速找出非法安装 的 盗版软件。 TIMING 时机 One of the first questions that come up regarding IT inventory audit is frequency. How often should IT manager inventory Hotel IT assets? IT盘点的一个首要问题是频率， IT经理 多久对于酒店 IT资产库存盘点一次 ？ While there is no definite rule for the timing of inventories, the frequency of change of IT infrastructure should be the determining factor here. If the hotel is frequently purchasing new hardware or soft ware, IT inventory should be updated more frequently, say, every quarter. If IT infrastructure does not change very often, then once a year may suffice. 对于盘 点 的时机没有明确的规则，但是决定性的因素应该基于 IT基础架构的变化频率。如果酒店不断 地 购买新的 硬件 或 软件 ， IT库存应该更频繁地更新。 比如 说， 每 季度 一次 。 如果 IT基础架构并 不经常 变 化， 那么可以 每年 更 新 一次。 WHAT TO TRACK? 跟踪 那些资产？ Items such as servers, desktops, laptops, and network equipment should be part of the inventory, especially for hardware under the terms of a contractual agreement, such as a lease or a maintenance service contract. - 30 - IHG Greater China IT Standard Operating Procedure 酒店的 硬件， 如服务器 、 台式机 、 笔记本电脑 、 网络设备 都应该是 库存 的一部分 。尤其是 有相关合同协议的 硬件 ，如租赁或维 护 服务合同。 Software companies take an active interest in protecting their intellectual property and in most cases have the financial resources to engage in a le