IHG酒店管理集团IT标准

《IHG酒店管理集团IT标准》由会员分享，可在线阅读，更多相关《IHG酒店管理集团IT标准（130页珍藏版）》请在装配图网上搜索。

1、- 130 - IHG Greater China IT Standard Operating Procedure IHG Greater China HOTEL IT STANDARD, STANDARD OPERATING PROCEDURE AND BEST PRACTICES1. IHG Greater China Hotel IT SOPs Summary31.1 - How to use this Document 如何使用本文档41.2 - Introduction介绍52. IT Operations62.1 - Computer Room Access62.2 - IT Ro

2、utines Lists82.3 - Change Management142.4 - Data and Systems Backup strategy172.5 - IT Helpdesk Fault Logging212.6 - IT Logbooks222.7 - User Files Backup242.8 - IT After Office Hours On-Calls263. IT Maintenance283.1 - IT Asset Inventory Management283.2 - IT Hardware and Software Maintenance Contract

3、s333.3 - User Hardware Maintenance353.4 - Hotel IT Server Room Environmental Monitoring System374. IT Security & Audit404.1 - Updated user lists / permissions404.2 - IT Screensavers / Idle Passwords424.3 - Internet Usage454.4 - IT USB/CD/DVD Lockout474.5 -Server Room Fire Protection/Alarms/Sensors/T

4、emperature/Humidity/EMS494.6 - Server Room Fire Hazards / Combustible Materials534.7 - Server Room Fire Extinguishers554.8- IT Fire and Evacuation Sample574.9 - IT Emergency Service Recovery594.10 - Software License Compliance784.11 - IT Devices not Being Used / Confidential Documents to Be Destroye

5、d824.12 - Protecting Files from Virus844.13 - New User (username and password)864.14 - Resignation of Employee884.15 - IT Air-Conditioning & UPS Sample904.16 - Business Continuity Plan for PMS System934.17 - Business Continuity Plan for POS System1045. IT Standards1095.1 - Hotel IT Standard Network

6、Setup1095.2- Hotel Firewall / Public IP Addresses1185.3 - Anti-virus Standards1205.4 - IT Computer Hardware Specifications1235.5 Email Address Requests1275.6 - Point of Sales Item1291. IHG Greater China Hotel IT SOPs SummaryDocument InformationDocument Name:IHG Greater China Hotel IT Standard Operat

7、ing ProcedureDocument Version No:V 1.0Prepared By:Jerry WANGDate: Feb. 1th, 2010Review By:WONG Kar HongDistribution ListFromDatePhone/Fax/EmailJojo CoronelDec. 8th, 2008Jojo.CoronelJojo CoronelJan. 5th, 2009Jojo.Coronel ToActionDue DatePhone/Fax/Email*AP Greater China Hotels InformationTechnology Ma

8、nagerDistributeAction Types: Approve, Review, Inform, File, Action Required, Attend Meeting, Distribute, Other(Please specify)Version HistoryVer. No.Ver. DateRevised ByDescriptionFilename0.1Jan. 19th, 2009Jerry Wang1st Chinese Edition Release0.2Mar. 12th, 2009Jerry Wang2nd Chinese Edition Release0.3

9、Jun. 23rd, 2009Jerry Wang3rd Chinese Edition Release0.4Sep. 2nd, 2009Jerry Wang4th Chinese Edition Release0.5Oct. 12th, 2009Jerry Wang5th Chinese Edition Release1.1 - How to use this Document 如何使用本文档This document can be viewed with Adobe Acrobat reader. There are 4 main menus categorized.本文档可以用Adobe

10、 Acrobat reader软件阅读。分成四类。IHG Hotel IT Best Practices & SOPs - this document contains本文包括： IHG IT Best Practices and SOPs Summary - in this volume you can see the summary. 本章为摘要。 IT Operations - - the documents indicates the IHG Standard Operating procedures and Best practices in IT Operations. This

11、document is focused on how the IT Department will manage the IT environment in an Operations point of view.本章指出IT运作方面的洲际集团标准操作程序和最佳实践。重点在于IT部门如何从运作的角度来管理IT环境。 IT Maintenance - this document is focused on how IT Department will manage and maintain the IT Department office, IT Server Room and how to o

12、perate and record essential IT things.本章重点在于IT部门如何管理和维护IT办公室、服务器机房和如何操作和纪录必要的IT工作。 IT Security & Audit - the documents indicates the IHG Standard Operating procedures and Best practices in IT Security and Audit. This document is focused on how the IT Department will manage the IT environment in a Se

13、curity and Audit point of view. 本章指出IT安全与审计方面的洲际集团标准操作程序和最佳实践。重点在于IT部门如何从安全于审计的角度来管理IT环境。 IT Standards - you will see standards currently being used in hotel. 本章指出酒店使用的IT标准。When to use this document? 何时使用本文档？This document must be used as reference and guideline when complying to the IHG Hotel IT Bes

14、t Practices and Standard Operating Procedures. This documentation complies with the Chapter 15 of the IHG Financial IT Audit Standards.本文档必须做为IHG酒店标准操作程序和最佳练习的参考和指导。本文档符合洲际集团酒店财务项目第15章IT审计标准。1.2 - Introduction介绍1 POLICYTo serve as guidelines in order to improve the day to day operations in the Hotel

15、 IT Department.为提高酒店IT部门的日常操作而提供指导。2 PURPOSESTo maintain a healthy system environment and to ensure the hotel IT Department conforms to the IHG IT Audit Standards.维护一个健康的系统环境并且保证酒店IT部门符合洲际酒店集团IT审计标准。3 SCOPEThis applies to all Greater China hotels.所有大中华区酒店4 RESPONSIBILITIESThe hotel IT Manager has th

16、e full responsibilities in ensuring the hotel IT Department Best Practices and is being documented, implemented and exercised.酒店IT经理必须对IT部门的最佳实践的纪录、实施和联系负责。The hotels IT Department is responsible for complying with the hotel IT Department Best Practices.酒店IT部门负责遵从IT部门的最佳实践。The hotel IT Manager has t

17、he full responsibilities in following and tailor fitting the Hotel IT Policies and Procedures based on the hotel operations. It is his own responsibility in enforcing the P&Ps to the departments concerned.酒店IT经理必须负责遵从和适合建立在酒店运作基础上的IT政策和程序。将IT政策和程序执行到相关部门是IT经理的责任。2. IT Operations2.1 - Computer Room A

18、ccessSTANDARD OPERATING PROCEDUREDepartment:Information TechnologyP&P#:Subject:Computer Room AccessDate:Prepared by:_IT ManagerApproved by:_ _ General Manager Dir of Finance & Business SupportDistribution List:2.1.1 ObjectiveTo establish policies to limit access to the computer room and adjacent are

19、as in order to maintain the best possible physical protection for the area and equipment.制定政策限制对电脑机房以及相关区域的进入是为了对该区域和电脑设备进行最佳的保护。2.1.2 ScopeThis applies to all Greater China Hotels Information Technology Department.适用于所有大中华区酒店IT部。2.1.3 Definitions“Employee” refers to full-time or part-time employees

20、, temporary employees/personnel, or consultants who are “resident” on the entitys site. A “visitor” is defined as a vendor, guest of an employee, service personnel, or anyone who needs to enter the facility for a short duration, usually not more than one day.“雇员”是指全职或兼职的雇员、临时雇员人员和顾问等“常驻”在实际场所内的人员。“访

21、客”被界定为供应商、某个雇员的客人、服务人员，或者其它任何需要短期进入设施的人员，通常不超过一天。2.1.4 Policy1) The computer room must be kept locked at all times with access controlled through individually assigned tokens or swipe cards.所有电脑机房区域的门都应始终保持锁闭状态，通过单独分配的密码或者刷卡控制访问。2) Access to the computer room shall be restricted to those that have a

22、 business need.只有业务需要时，才允许使用电脑机房。3) Access to the computer room will be granted to an employee only after the proper authorization has been gained.只有获得适当的授权后，雇员才被准许使用电脑机房。4) Access to the computer room will be removed from an employee once the business need has expired.当业务需求终止时，对雇员使用电脑机房的授权将会被取消。5)

23、This policy is implemented to prevent the unauthorized use, misuse, modification or denial of use of company Information assets. Any user found to be breaking this policy will be subject to disciplinary procedures.实施本政策的目的是为了防止盗用、滥用、修改或拒绝使用公司信息资产。任何被发现违反本政策的用户将接受相关处分2.1.5 Related Procedure1) Access

24、to the computer room is limited to hotel personnel responsible for maintaining or operating the equipment or other business needs只有酒店内负责对设备进行维护和操作或者有其他业务需要的人员才能使用电脑机房。2) Visitors requiring access to the computer room will be escorted into the restricted area by a suitably authorized employee and req

25、uired to sign the visitor book.访客对电脑机房受限区域的使用必须由一个合适的授权雇员陪同，并且必须签署访客薄。3) The entrance should be recorded in Computer Room Access Log Book. All access to the computer room will be logged. The logs will be reviewed by IT manager on a regular basis with unauthorized access attempts being investigated.

26、Logs should be kept for a minimum of three months unless otherwise restricted by law.任何人进入电脑机房都必须在“电脑机房进出人员登记表”上签字。所有对电脑机房的使用都将被记录。记录将会被IT经理定期检查是否有未授权的使用企图。记录必须至少保持三个月或者遵从相关的法律规定。4) All doors to the areas are to be kept locked at all times even during normal office hours.所有电脑机房区域的门都应始终保持锁闭状态，即使是在上班时

27、间也一样。5) Keys to the computer room areas will only be issued to personnel responsible. 电脑机房的钥匙只能发放给相关的责任人员。6) The Information System area must be regularly patrolled by hotel security staff.酒店保安部员工应对技术信息部区域进行周期性的巡逻。2.2 - IT Routines ListsBEST PRACTICESDepartment:Information TechnologyP&P#:Subject:IT

28、Routines ListsDate:Prepared by:_IT ManagerApproved by:_ _ General Manager Dir of Finance & Business SupportDistribution List:2.2.1Daily Check List 每日检查清单IT Department must have a DAILY TASK LIST of what is needed to be checked and monitored. The checklist consists of what are needed to be done upon

29、reaching office and before you leave office. The check list should include of all servers, systems, interfaces and network equipments to ensure all IT Systems are in good-working condition.IT部门必须使用每日任务列表来记录日常的检查和监测。该清单由到达IT办公室和离开之前需要完成的检查和检测，包括服务器、系统、接口和网络设备，以确保所有的IT系统处于良好工作状态。2.2.1.1 IT Office and

30、Server room checks IT办公室和服务器机房检查: a. Make sure the IT Server Room Air-Conditioning System is running and maintain temperature at a range of 20 degrees Celsius to 22 degrees Celsius, humidity at a range of 50RH to 60RH. If temperature or humidity is out of this range, go to the Power Control Unit (PC

31、U) and perform diagnostics and check ALARM History and do a RESET. If found malfunctioning, call the Engineering for further assistance.确保机房空调工作正常，机房温度应维持在在20-22摄氏度之间，湿度在50-60RH之间。如果发现温度或湿度不在标准范围，请检测电力控制装置和警示灯，并且重新启动。如果发现故障，通知工程部做进一步检查。b. Make sure the IT Server Room main UPS is up and running on no

32、rmal. Check that the charging level is 100%.确保服务器机房主UPS 启动和运行正常，并且电池电量为100%。c. Make sure the LOCKS of IT office and server room work properly.确保IT办公室和服务器机房的门锁工作正常。d. Remove any obstructions, unnecessary or faulty devices on the floor of the IT Office at all times.IT办公室不能在地板上放置任何障碍物和不需要或者失效的设备。2.2.1.

33、2 IT SERVERS Checks 服务器检查:a. Check all the SERVERS and system logs, make sure all servers are up and running.检查所有服务器和系统日志，确保所有服务器启动和工作正常。b. Check ALL INTERFACE PCs, make sure all the interfaces are up and running.检查所有的接口电脑，确保所有的接口都启动和工作正常。c. Check the internet is working and e-mail server is sending

34、 and receiving mails and there are no messages on long queue to be delivered.检查互联网访问正常；电子邮件服务器发送和接收电子邮件正常，并没有长时间不能发出的邮件。d. Check the PRINTSERVER for any problem on the printer queuing of all Departments.检查所有部门的打印服务器工作正常。e. Check the Anti-Virus Server and make sure it updates itself to the latest VIR

35、US DEFINITIONS and SCAN ENGINE. Run the Anti-virus report to list down all the potential users with viruses and Trojans.检查防病毒服务器有最新的病毒定义库和病毒扫描引擎。检查防病毒报告中用户潜在的病毒和木马程序。f. Check the FAX Server and the modems if are active and ready.检查传真服务器和调制解调器工作正常。g. Check the FILE Servers for HARDDISK Space. If foun

36、d running out of space, do an investigation on user folders.检查文件服务器磁盘空间。如果发现空间不足，对用户空间进行分析处理。h. Check all other servers, to record available diskspace.检查所有服务器，记录硬盘空间。i. Check two workstations at random to ensure that they are getting the latest updated virus definition from internal server or intern

37、et (Please Check the definition updated date)随机抽测两台工作站，确保可以从互联网或者内部网络获得最新的病毒定义（请检查病毒定义库更新时间）。2.2.1.3Check Backup Status 备份检查:a. Check the BACKUP Server for the COMPLETION of all JOB Orders and to check any FAILED JOBS. Replace BACKUP TAPE or other BACKUP MEDIA.检查备份服务器确保所有的备份完成。检查的备份任务。更换备份磁带或备份介质。2.

38、2.1.4IT NETWORKS Checks 网络检查:a. Check Holidex router is up and running and IHG network is accessible. By accessing the Holidex system at and checking OXI processor in PMS.通过访问Holidex系统 并检查PMS系统中的OXI进程来确认Holidex路由器是否启动和工作正常，IHG网络可以正常访问。b. Analyze unknown devices connected to the local network.分析连接在内部

39、网络上的未知设备。c. Check the local ISP Router Traffic Grapher or HSIA system to see the bandwidth utilization of the internet in the guest rooms and the admin office internet.通过本地ISP的路由流量记录器或者HSIA系统检查办公网络和客房网络的带宽使用率。d. Check Firewall logs for any attempts to break into the network.检查防火墙日志是否有网络安全攻击。e. Check

40、 the pattern of network switch lights to ensure no switch hangs or looping detected.检查网络交换机指示灯确保没有交换机故障。2.2.1.5USER AND GUEST SERVICE Checks 用户和客人服务检查:a. Check both guest and hotel user call log registers.检查所有用户和客人要求记录。b. Communicate and share problems among hotel IT team.与整个酒店IT团队沟通并且分享问题。c. Escala

41、te the calls to PMS, POS, other support vendors and regional IT team if it could not resolve internally as soon as necessary.将不能内部解决的问题立刻反馈至PMS, POS等供应商和集团IT团队。d. Keep in touch with regional IT team if you are in doubt or undecided and ask for help and assistance.如有任何疑问，请与集团IT团队联系。2.2.2 Weekly Task

42、每周任务2.2.2.1Offsite Backup Tape 外部保存备份磁带Send one backup tape set outside the hotel. Before sending out, do a restore test (Restore data to a spare hard disk to ensure it can be restored successfully).每周将一份备份磁带送至酒店外部保存。在送出前，做一个简单恢复测试(即将磁带内容恢复到某个服务器的空余硬盘上保证磁带数据可以被成功读出)。2.2.3Monthly Task 每月任务2.2.3.1Back

43、up before Month-end Process 月结前备份Backup Accounting, Check EAM and other Month-End process system before the process in every month end.每月底对需要月结的系统，如财务、CheckEAM等系统进行月结前的备份。2.2.3.2Archive Interface Log Files 存档接口日志文件Interface log files are saved in D:microsifc*.log. Please zip and store these files mo

44、nthly and remove from original folder.接口文件保存在接口电脑的D:microsifc*.log 中。每月将其压缩存档，并且在原始目录中删除。2.2.3.3Review Staff Entry & Departure List from HR 检查入职/离职员工帐号To check codes of new-entry staff whether it had been generated correctly. And codes of departure staff had been disabled/deleted.根据人事部的每月入职员工和离职员工清单

45、，检查入职员工帐号是否被正确创建。并且确保离职员工帐号已经被禁用或删除。2.2.3.4Monthly Server Maintenance 每月服务器维护a. Check Disk Capability 检查磁盘的容量b. Install Operating System (OS) and Software Patches 安装操作系统及其他软件补丁/升级包。c. Restart if necessary如有需要，重新启动服务器d. Archive Events Log存档服务器系统日志2.2.3.5IT Inventory Update 更新IT 清单Merlin-Applications-

46、Hotel IT Systems Inventory (APAC)2.2.3.6Review & Renew MA (Maintenance Agreement) Contracts 检查和更新维护合同To review all contracts this will expire in 3 months. To renew or change contracts based on your needs.检查所有三个月内将过期的维护合同。并且根据需要延长或者修改维护合同。2.2.3.7Review System Cases and Last IT Monthly Report系统及上月IT管理

47、报表回顾To review all systems cases and projects of previous month. Analyze each and every guest and user calls to see the possibility to resolve it permanently. Consult with vendor or regional IT team.回顾前一个月所有的系统问题和项目。分析每个用户和客人的要求，与供应商或者集团IT共同找出解决方案。2.2.3.8Submit IT Monthly Report 递交IT月管理报表Submit IT Mo

48、nthly Management Report (APPENDIX 2.2.2 Hotel IT Monthly Management Report) to Cluster IT Manager or IHG China IT Team, DOFBS and GM.递交IT月管理报表给区域IT经理或者集团IT以及酒店财务总监和总经理。2.2.4Quarterly Tasks 每季度任务2.2.4.1 Review user accounts and access rights 检查所有系统的用户及权限a. To check the availability of accounts检查所有用户帐

49、户的有效性。b. To check users rights whether is correct or not。检查用户的权限是否正确。c. To review the user accounts list in PMS, POS, Accounting, EAM, IBP, Hotel Domain, Hotel Email, IHG Email, Delphi, etc检查酒店所有系统的用户帐户，包括PMS, POS,财务, EAM, IBP, 酒店域帐号, 酒店电子邮件帐号, IHG邮件帐号, 宴会销售系统等等。2.2.4.2UPS Availability Testing UPS可靠

50、性检查To test all hotels UPS Discharge/Charge, including server room UPS and PC UPS. Ask UPS supplier to assist if need. 对酒店所有的UPS进行充放电测试，包括机房的UPS和单独的PC UPS。如果需要，可以要求UPS供应商协助。2.2.4.3Backup Restore TestingTo restore backup media (tapes) to a dummy system to make sure that the backup data can be used. Th

51、e systems include all hotel systems, PMS, POS, EAM, Accounting, IBP, EFPM, Delphi, etc.将备份介质（磁带）的数据恢复到一个模拟系统，以确认所有的备份数据可以被使用。所有酒店的系统都需要进行测试，包括PMS, POS, EAM, 财务, IBP, EFPM, 宴会销售系统等等。2.2.5 Annual Tasks 年度任务2.2.5.1IT Budget IT预算Prepare IT budget, guided by DOFBS. 在酒店财务总监的指导下完成IT预算。2.2.5.2Emergency Plan

52、 Dry Run 应急运营方案测试To test hotel manual operation when PMS or other systems down. Please refer to the following chapters of this document.4.16 - Business Continuity Plan for PMS System 4.17 - Business Continuity Plan for POS System 测试PMS等系统故障时相关的手工营运。2.2.5.3Disaster Recovery Testing 系统灾难恢复测试IT must kn

53、ow how to recover the system when PMS or other systems down. Please refer to SOP 4.9 - IT Emergency Service RecoveryIT必须知道在PMS等系统发生故障时，如何恢复系统和数据。2.2.6AppendicesAPPENDIX 2.2.1 IT Regular Working Tasks GuidelineAPPENDIX 2.2.2 Hotel IT Monthly Management Report2.3 - Change ManagementSTANDARD OPERATING

54、PROCEDUREDepartment:Information TechnologyP&P#:Subject:Change ManagementDate:Prepared by:_IT ManagerApproved by:_ _ General Manager Dir of Finance & Business SupportDistribution List:2.3.1ObjectiveTo standardize change management process标准化变更管理过程2.3.2ScopeAll changes to the hotel information systems

55、酒店信息系统的所有变更2.3.3Definition“Changes” refers to change made to any item of hardware, software or data that is used to provide hotel systems. This includes operating software, utility software, application software as well as changes to data files and parameter/configuration files. It excludes any norm

56、al day to day operational changes such as rate codes and POS items.“变更”是实施于酒店系统相关的硬件、软件和数据，包括对操作系统、工具软件、应用软件已经对数据文件、参数配置文件的更改；不包括日常的操作比如房价代码和餐厅收银中的菜单项等。“Major Systems” refer to the systems listed in the IHG Brand IT Standards Summary.“主要系统”是指在洲际集团各品牌IT标准汇总中列出的系统。2.3.4PolicyChanges to operational sys

57、tems and application software shall be controlled. Live data must not be used on development or test systems.对操作系统和应用软件的变更必须受到监控，真实系统数据绝对禁止用于开发或者测试系统。All changes must be approved by authorized person. IT manager must be one of approval and provide technical advice, such as change cost, feasibility,

58、interruptions to hotel operations, etc. 所有的变更都必须得到适当的审批，IT经理必须是审批的一环，并给出变更预算、变更的可行性、实施变更对运营的影响等专业性意见。2.3.5Related ProcedureIf user requires to do change, a change request form (APPENDIX 2.3.1 System Change Request Form) must be issued by user department head and get proper approval. The following ch

59、anges must be informed to hotel General Manager and DOFBS (Director of Finance and Business Support) in advance.如果有用户需要对IT系统进行变更，用户部门经理填写系统变更申请表并且得到适当的审批。下列重要变更必须提前通知酒店总经理与财务总监- IT System Replacement 更换系统- System Vendor Replacement 更换系统供应商- System Support Replacement 更换系统技术支持- System Upgrade 系统升级The

60、 IT Manager is responsible for managing all implementations of changes to the hotel information systems.IT经理负责管理酒店所有信息系统的变更实施。No changes will be implemented to any hotel systems without the expressed authorization of the IT Manager.没有IT经理的明确授权，不准许对酒店系统进行任何变更。All changes will be documented and logged

61、, highlighting the amendments made and the reason for the change (e.g. upgrade to system software).所有的变更都必须被记录存档，尤其是变更的地方和理由（比如：系统软件升级）。The followed major changes must be informed to Corporate IT Team in advance.下列重要必须提前通知集团IT部门- IT System Replacement 更换系统- Major System Vendor Replacement 更换主要系统供应商- Major System Support R