R&M Data Center Handbook

Recommendations

Info

www.datacenter.rdm.com • ISO/IEC 38500 The standard "Corporate Governance in Information Technology – ISO/IEC 38500” describes six key principles for corporate governance in IT: o o o o o o Responsibility: adequate consideration of IT interests by the top management Strategy: include IT potential and IT strategy in corporate strategy planning and align IT strategy with corporate principles Acquisition: rigorously demand-oriented IT budget plan, based on transparent decision making Performance: align IT services with the requirements of corporate areas and departments Conformance: IT systems compliance with applicable laws, regulations and internal and external standards Human Behavior: the needs of internal and external IT users are taken into account in the IT concept The standard assigns three functions to each of these principles: o o o • Cobit Assessment: continuous assessment of IT performance Control: controlling the business-specific focus of IT measures Monitoring: systematic monitoring of the IT compliance and the IT systems productivity To support management and IT departments in their responsibilities in connection with IT governance, the ISACA association (Information Systems Audit and Control Association) created Cobit (Control Objectives for Information and Related Technology), a comprehensive control system and framework encompassing all aspects of information technology use, from the planning to operation and finally disposal, all in all providing a comprehensive view of IT issues. • ITIL Here are the Cobit elements and their respective target groups: o Executive summary Senior executives such as the CEO, CIO o Governance and control framework Senior operational management o Implementation guide Middle management, directors o Management guidelines Middle management, directors o Control objectives Middle management o IT assurance guide Line management and auditors ITIL is a best practices reference model for IT service management (ITSM). The acronym ITIL originally derived from "IT Infrastructure Library", though the current third edition has a wider scope. The objective of ITIL is to shift the scope of the IT organization from the purely technological to include processes, services and customers needs. The ITIL V3 version improved the strategic planning process to dovetail IT service management with the corporate strategy and thus helped ensure compatibility with the IT service management standard ISO 20000. IT professionals can acquire ITIL certification. There are three levels: 1. Foundation 2. Intermediate 3. Advanced Companies can have their process management certified in accordance with the international standard ISO/IEC 20000 (formerly BS 15000). • IDW PS 330 (Germany) When performing an annual audit, an auditor is required by law to examine the (accounting-relevant) IT systems of the audited company. In accordance with articles 316 to 324 of the German Commercial Code (HGB), the auditor also assesses the regularity of the accounting system and thus compliance with principles of correct accounting (GoB) as stipulated in articles 238 ff., in article 257 of the HGB as well as in articles 145 to 147 of the Tax Code (AO). Furthermore, IT systems are audited according to principles of regular data-processing supported accounting systems (GoBS) and the accompanying letter of the Federal Ministry of Finance (BMF). The principles of data access and verification of digital documents (GDPdU) as stipulated in the BMF letter, containing regulations for the storing of documents, need also to be considered. R&M Data Center Handbook V2.0 © 08/2011 Reichle & De-Massari AG Page 31 of 156
www.datacenter.rdm.com Depending on the complexity of the IT systems in operation, comprehensive testing in accordance with the IDW Auditing Standard 330 (IDW PS 330) of the IT system or of selected units or subsystems of the IT system may be required. • SWISS GAAP FER (Switzerland) Regulations The Swiss GAAP FER focuses on the accounting system of small and medium-sized organizations and companies operating on a national level. Also included are non-profit organizations, pension funds, insurance companies and property and health insurers. These organizations are provided with an effective framework for authoritative accounting to provide a true and fair view of the company's net assets, financial position and earnings situation. Promoting communication with investors, banks and other interested parties is also a GAAP FER objective. Moreover, it increases comparability of annual financial reports across time and between organizations. • KonTraG (Germany) The KonTraG (Control and Transparency in Business Act) came into effect in 1998. It is not a law by itself but a so-called amending act (Artikelgesetz) meaning that amendments and changes must be incorporated by other economic laws such as the Stock Corporation Act, the Commercial Code or the Limited Liability Companies Act (GmbHG). The KonTraG is aimed at establishing business control and transparency in stock corporations and limited liability companies. This is achieved by setting up a monitoring system for the early identification of developments that threaten their existence and by requiring management to implement a corporate risk management policy. The act stipulates personal liability of members of the board of management, the board of directors and the managing director in the event of any infringement. • Accounting and Auditing Act (RRG, Switzerland) The comprehensive revision of Switzerland's audit legislation in 2008 made risk assessment compulsory. It is now subject to review by the auditing body. Overall responsibility and responsibility for monitoring lies with the highest decision-making and governing body of the company, e.g. the board of directors in a stock corporation. Responsibility for introduction and implementation lies with the board of managers. The revision of the auditing obligations is applicable to all corporate forms, i.e. stock corporations and companies in the form of limited partnerships, limited liability companies, collectives, and also foundations and associations. Publicly held companies and companies of economic significance in this respect need to subject their annual financial statements to proper auditing. • SOX (US) The Sarbanes-Oxley Act of 2002 (also called SOX, SarbOx or SOA) is a United States federal law enacted on July 30, 2002. The bill was enacted as a reaction to a number of major corporate and accounting scandals including those concerning Enron or WorldCom. Its objective is to improve the reliability of accurate financial reporting by those companies which dominate the nation's securities market. The bill defines responsibilities of management and external and internal auditors. The companies have to prove that they have a functional internal auditing system. The boards are responsible for the accuracy and validity of corporate financial reports. The bill's provisions apply to all companies worldwide that are listed on an American stock exchange, and, in certain cases, their subsidiaries as well. • EURO-SOX The 8th EU Directive, also known as EURO-SOX, came into effect in 2006. It is aimed at establishing an internationally recognized regulation for the auditing of financial statements in the European Union (EU). It closely resembles its American equivalent, the SOX act. But unlike SOX, EURO-SOX applies to all capital companies, not only to market-listed companies. Small and medium-sized companies are required to address issues such as risk management, IT security and security audits. In Germany, the EU directive was incorporated into the Accounting Law Modernization Act (BilMoG), turning it into an applicable national law, mandatory as of financial year 2010-1. Page 32 of 156 © 08/2011 Reichle & De-Massari AG R&M Data Center Handbook V2.0
Page 1 and 2: R&M Data Center Handbook
Page 3 and 4: www.datacenter.rdm.com Table of Con
Page 5 and 6: www.datacenter.rdm.com 4. Appendix
Page 7 and 8: www.datacenter.rdm.com File Server
Page 9 and 10: www.datacenter.rdm.com Storage Arch
Page 11 and 12: www.datacenter.rdm.com • Yahoo!:
Page 13 and 14: www.datacenter.rdm.com Cabinet syst
Page 15 and 16: www.datacenter.rdm.com 1.10. Energy
Page 17 and 18: www.datacenter.rdm.com 1.12. Securi
Page 19 and 20: www.datacenter.rdm.com In general,
Page 21 and 22: www.datacenter.rdm.com 2. Planning
Page 23 and 24: www.datacenter.rdm.com Typology bas
Page 25 and 26: www.datacenter.rdm.com 2.2.2. Class
Page 27 and 28: www.datacenter.rdm.com For cabling
Page 29 and 30: www.datacenter.rdm.com 2.3.2. IT Ri
Page 31: www.datacenter.rdm.com • IT Basel
Page 35 and 36: www.datacenter.rdm.com 2.3.6. Poten
Page 37 and 38: www.datacenter.rdm.com The followin
Page 39 and 40: www.datacenter.rdm.com Moreover, th
Page 41 and 42: www.datacenter.rdm.com 2.4.3. Expec
Page 43 and 44: www.datacenter.rdm.com There are se
Page 45 and 46: www.datacenter.rdm.com 2.5. Aspects
Page 47 and 48: www.datacenter.rdm.com 3. Data Cent
Page 49 and 50: www.datacenter.rdm.com ENI: Externa
Page 51 and 52: www.datacenter.rdm.com 3.1.4. TIA-9
Page 53 and 54: www.datacenter.rdm.com Individual a
Page 55 and 56: www.datacenter.rdm.com 3.3. Network
Page 57 and 58: www.datacenter.rdm.com Aggregation
Page 59 and 60: www.datacenter.rdm.com The differen
Page 61 and 62: www.datacenter.rdm.com 3.4.2. End o
Page 63 and 64: www.datacenter.rdm.com 3.4.4. Two R
Page 65 and 66: www.datacenter.rdm.com In contrast
Page 67 and 68: www.datacenter.rdm.com 3.5. Data Ce
Page 69 and 70: www.datacenter.rdm.com In buildings
Page 71 and 72: www.datacenter.rdm.com Higher tempe
Page 73 and 74: www.datacenter.rdm.com The server c
Page 75 and 76: www.datacenter.rdm.com Tray The adv
Page 77 and 78: www.datacenter.rdm.com Fire and Lig
Page 79 and 80: www.datacenter.rdm.com Vandalism, T
Page 81 and 82: www.datacenter.rdm.com Server (Sing
Page 83 and 84:
www.datacenter.rdm.com The key perf
Page 85 and 86:
www.datacenter.rdm.com Storage Solu
Page 87 and 88:
www.datacenter.rdm.com Router A rou
Page 89 and 90:
www.datacenter.rdm.com A GBIC modul
Page 91 and 92:
www.datacenter.rdm.com 3.6.6. Trend
Page 93 and 94:
www.datacenter.rdm.com Classic Stru
Page 95 and 96:
www.datacenter.rdm.com 3.7.3. Trend
Page 97 and 98:
www.datacenter.rdm.com Layer 1 - Ph
Page 99 and 100:
www.datacenter.rdm.com Although the
Page 101 and 102:
www.datacenter.rdm.com All optical
Page 103 and 104:
www.datacenter.rdm.com Trend Server
Page 105 and 106:
www.datacenter.rdm.com 3.8.4. Fibre
Page 107 and 108:
www.datacenter.rdm.com The InfiniBa
Page 109 and 110:
www.datacenter.rdm.com Shortest Pat
Page 111 and 112:
www.datacenter.rdm.com 3.9.1 Coax a
Page 113 and 114:
www.datacenter.rdm.com Since old ca
Page 115 and 116:
www.datacenter.rdm.com The closenes
Page 117 and 118:
www.datacenter.rdm.com R&M’s visu
Page 119 and 120:
www.datacenter.rdm.com The followin
Page 121 and 122:
www.datacenter.rdm.com As already m
Page 123 and 124:
www.datacenter.rdm.com According to
Page 125 and 126:
www.datacenter.rdm.com Summary Desp
Page 127 and 128:
www.datacenter.rdm.com Two examinat
Page 129 and 130:
www.datacenter.rdm.com The criteria
Page 131 and 132:
www.datacenter.rdm.com Adapters The
Page 133 and 134:
www.datacenter.rdm.com Method R Met
Page 135 and 136:
www.datacenter.rdm.com Methode B Re
Page 137 and 138:
www.datacenter.rdm.com PD Operation
Page 139 and 140:
www.datacenter.rdm.com The investig
Page 141 and 142:
www.datacenter.rdm.com Thanks to th
Page 143 and 144:
www.datacenter.rdm.com The permanen
Page 145 and 146:
www.datacenter.rdm.com The intersec
Page 147 and 148:
www.datacenter.rdm.com Alien crosst
Page 149 and 150:
www.datacenter.rdm.com The Cat. 7 A
Page 151 and 152:
www.datacenter.rdm.com With the “
Page 153 and 154:
www.datacenter.rdm.com Stress condi
Page 155 and 156:
www.datacenter.rdm.com Immunity aga
Page 157 and 158:
www.datacenter.rdm.com 4. Appendix
show all

R&M Data Center Handbook

Create successful ePaper yourself

Delete template?

Save as template?