UNIT 12 ITTSM ASIGNMENT C March 26, 2024
Pearson BTEC Level 3
Diploma in
Information
Technology Pearson
BTEC Level 3
Extended Diploma in
Information
Technology
Unit 12: IT Technical Support and
Management
Learning aim C: Develop a plan to support and manage a new IT
system using industry standards and methods
Assessor: Issue date: 12th March 2024
Hand in deadline: 19th April 2024
STUDENT) 1
,UNIT 12 ITTSM ASIGNMENT C March 26, 2024
Student Name
Student Number:
STUDENT) 2
,UNIT 12 ITTSM ASIGNMENT C March 26, 2024
Table of Contents
Introduction............................................................................................................................. 3
P5............................................................................................................................................ 4
Incident Response Plan........................................................................................................ 4
Incident Recovery Plans................................................................................................... 5
Disaster recovery plan......................................................................................................... 7
Capacity planning................................................................................................................ 8
Sustainability, environmental waste planning......................................................................9
Why is it important?....................................................................................................... 10
Cybersecurity..................................................................................................................... 11
P6/M3.................................................................................................................................... 12
Feedback........................................................................................................................ 13
Justification........................................................................................................................ 15
The revived plans for the incident..................................................................................15
Revised disaster recovery plan.......................................................................................17
Ergonomics........................................................................................................................ 17
D3......................................................................................................................................... 18
Conclusion............................................................................................................................. 20
Purpose and scope............................................................................................................. 20
Client requirement............................................................................................................. 20
Constraints......................................................................................................................... 21
Bibliography.......................................................................................................................... 21
Introduction
My manager has requested me to create a support plan for a business that has opted for
outsourced assistance while I work as an IT technician for a PC repair company. An online
startup company's IT support and management plan will be presented in this report. The
organisation intends to employ between 25 and 30 people. All employees will have desktop
STUDENT) 3
,UNIT 12 ITTSM ASIGNMENT C March 26, 2024
PCs, and senior staff will have tablet computers that are Wi-Fi connected to the business
LAN (Local Area Network). Five printers will also be available; these will be shared. The
system is essential to the business's operations and needs to be accessible around-the-
clock, 365 days a year. For the organisation, I am creating an IT support and management
plan that addresses the following: capacity planning, environmental waste management,
incident response, and disaster recovery. At the conclusion of this report, I would have
demonstrated a clearly organised and easily comprehensible report for those who might not
be IT experts. In the report, I will accurately demonstrate proficient technical language
together with high standards of spelling and grammar.
P5
Incident Response Plan
The incident response plan of the new company describes how to find, evaluate, and handle
events. It also covers how to alert top management, outside service providers, and IT
support workers. In the event of a hardware malfunction or network disruption, the plan
attempts to promptly restore service, minimising downtime and guaranteeing business
continuity. IT personnel make up an incident recovery team, which gathers, stores, and
examines event-related data. To make sure legal requirements are fulfilled, the team
frequently collaborates with attorneys and communications specialists.
An incident response plan (IRP) is crucial for small online businesses with 25–30 employees,
constant system availability, and quick recovery in case of disruptions. A structured IRP
includes forming an incident response team, including role designations, training, monitoring
systems, employee reporting, classification and prioritization, and resolution plans. Incident
identification and reporting involve using monitoring tools to detect anomalies/errors,
security breaches, or system failures promptly. Incident categorization and priority are
crucial, with severity levels determined based on potential impact and urgency. The plan
also includes evaluating the business impact of each category to allocate resources
accordingly.
Incident response procedures include containment and mitigation, investigation and
analysis, and resolution. Communication protocols are established to keep stakeholders
informed about the incident's status and resolution, while external communication is
provided to relevant parties if the incident has potential implications beyond the
organisation. Backup and recovery are essential, with automated backup procedures and
regular testing to verify their effectiveness. A Business Continuity Plan (BCP) is developed,
which would outline procedures to maintain essential business functions during and after a
disruptive incident. Redundancy is identified as a critical system that requires redundancy to
minimise single points of failure and ensure continuous availability.
STUDENT) 4
, UNIT 12 ITTSM ASIGNMENT C March 26, 2024
The CIRT (Computer Incident Response Team) Team must react quickly to any occurrence
that compromises a proper operating system to manage incidents successfully. Essential
actions include keeping track of incident records, performing post-mortem examinations,
and holding employee training sessions. The plan's continuous efficacy in the face of
changing risks and business requirements is ensured by routine reviews and updates.
Here are the reasons why the company needs an incident response plan:
1. Minimizing Downtime: In the circumstances of a security breach, system failure, or
other disruptions, having an incident response plan in place allows the organisation
to respond quickly and effectively, reducing downtime and the impact on operations.
2. Protecting Assets: An incident response plan helps protect critical assets, including
data, systems, and infrastructure, by outlining procedures to detect, contain, and
reduce security incidents.
3. Reduce Risks: By identifying potential threats and vulnerabilities and developing
response procedures, an incident response plan helps reduce risks and prevent
incidents from escalating into larger problems.
4. Maintaining Customer Trust: Rapid and effective incident response demonstrates the
organisation's commitment to protecting their customers data and maintaining trust,
which is crucial for preserving the organisation's reputation and brand integrity.
5. Legal and Financial Protection: An incident response plan can help reduce legal and
financial risks associated with security breaches or data loss by providing a
structured approach to incident management and documentation.
Steps to consider when creating an incident recovery plan
1. Provide regular training sessions for employees to raise awareness of security best
practices, incident reporting procedures, and their roles during an incident
2. Test backup systems and recovery procedures regularly to verify their effectiveness
and identify any weaknesses.
3. Ensure clear lines of communication are established between the incident response
team, management, employees, customers, vendors, and authorities.
4. Document step-by-step instructions for each phase of the incident response process,
tailored to the organization's specific needs and environment.
5. Regularly review and update the incident response plan to incorporate lessons
learned from past incidents, changes in the organisation's environment.
6. Form an Incident Response Team
Incident Recovery Plans
Incident Recover plan Feedback
Cybersecurity breach 1. Immediately isolate 1. Were there any
affected systems and delays in identifying
and containing the
STUDENT) 5