Sarbanes-Oxley IT Compliance Using Open Source Tools, Second Edition

Service Level Agreements

While you might associate Service Level Agreements with a service you might provide to customers, you can also consider your IT group as a service organization to the company in general, end users of systems and applications being your "customers". The combination of Policies and Service Level Agreements is what defines and articulates the IT goals and the expected results of the delivery of those goals to the company. From the top down executive view you should ask the question "what am I paying for and what can I expect in return?" From the bottom up user perspective these define how they can expect to get their work done, and finally from a SOX perspective you now have a basis in which to establish how you will test your environment and demonstrate compliance. This will ultimately become a key area of focus when you actually undergo your audit. In the case study for NuStuff Electronics we provide some sample Service Level Agreements for you to consider, and while these examples are simple and will not completely satisfy the individual needs of your organization they do illustrate the sections that should address when writing your own SLAs.

Tip

The sample SLAs provide in part on the CD are based on the standard templates available from NextSLM.org, which provides information concerning the strategies and practices surrounding IT service level management. In addition to templates they provide tips, recommendations and guidelines for managing IT as a service organization. For more...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: Application Service Providers
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.