Change Advisory Board Operating Proceedures



The District of Columbia Office of the Chief Technology Officer (OCTO) Network Operation CenterOCTO Data Center Building Access Procedure for Employees and Contractors Version 2.3January 11, 2018This page is intentionally left blankTable of Contents TOC \o "1-3" \h \z \u Overview PAGEREF _Toc406158261 \h 11.0Objective PAGEREF _Toc406158262 \h 32.0Scope PAGEREF _Toc406158263 \h 33.0Responsibilities PAGEREF _Toc406158264 \h 33.1Frequency PAGEREF _Toc406158265 \h 33.1.1Employees Permanently Located at ODC1 PAGEREF _Toc406158266 \h 33.1.2Commercial Visitors Entering and Exiting ODC1 PAGEREF _Toc406158267 \h 43.1.3Employees Forgetting His/hers Badge at ODC1 PAGEREF _Toc406158268 \h 43.1.4Employees Losing His/hers Badge at ODC1 PAGEREF _Toc406158269 \h 43.1.5Personal Visitors Entering and Exiting ODC1 PAGEREF _Toc406158270 \h 5Acronyms PAGEREF _Toc406158271 \h 6Points of Contact: NameRolePhone NumberE-mail AddressTroy EvansDirector202.724.2028evans.troy@Phil HakaData Center Engineering202.715.3729philip.haka@Ian GibsonData Center Operations Manager202.727.6353ian.gibson@NOCNetwork Operation Center202.724.2028NOC-ENG@Document Revision Table: VersionChange AuthorDate1.0ReleaseData Center02/14/20131.5UpdateData Center12/16/20132.0UpdateWilliam Olives05/01/20142.1UpdateWilliam Olives12/12/20142.2UpdateIan Gibson04/07/20162.3UpdateIan Gibson01/11/2018Overview Vital communication links, important servers and other key systems are physically secured at the OCTO Data Center (ODC) facilities, along with applications critical to the business of the DC Government. Procedures have been established and implemented to restrict and control access to ODC facilities at all times to prevent intruders from taking undesirable actions within the facilities. All persons entering the data centers must agree to follow all established procedures and accept the consequences that will include access restriction and/or eviction from the facility for violations.At ODC1, a Windows based access control system and security guards that are contracted through Protective Services are deployed to limit the access to the facility, control personnel flow and track government property in and out of the facility.Parking for DC employees and visitors to ODC1 are provided at the public parking lot surrounding the facility. Street parking is available.Supervisors will provide advance notice via the Data Center Access Request Form for any person requiring access to the facility to attend a meeting or training session. Supervisors shall provide the same notification for vendors requiring access to the facility. Supervisors will visit the link () and complete the Access Request during regular business hours not less than one business day in advance.ObjectiveThis document provides employees, contractors, visitors, and security personnel (provided by DC Protective Services (PSD)) with standard procedures to follow for access to ODC1 and ODC3. It also defines specific procedures to assist security personnel in maintaining a secure environment for persons, equipment, and the facility.ScopeThis document will explain the various roles and responsibilities of Data Center facility Personnel.ResponsibilitiesRoleResponsibilityGuards:Safeguard the facility and report security breaches to OCTO Network Operations Center and PSD. Ensure visitors check in and out and inspect personal baggage at the officer’s discretion. When personal or government equipment is bought into or removed from the facilities, property passes must be issued. Security Guards will verify the authenticity and accuracy of the property pass and log them accordingly. Guards will constantly monitor the system that surveys the premises.Management:Provide advance notification to the Network Operations Center and submit completed documentation when agency personnel’s level of access to the facility requirements change. E.g., when a new hire is scheduled to begin working in the building or an employee is rm employees of the appropriate procedures when entering or exiting the premises or removing equipment from the premises.Employees:Adhere to all procedures and report any violations to management.FrequencyThese procedures must be followed each and every time a DC government employee, contractor, maintenance staff member, or visitor requires access to the ODC facilities.Employees Permanently Located at ODC1All DC government employees, contractors, and maintenance staff assigned to work at either ODCs must be registered with card key access system and Digitus Biometrics system.All employees and contractors must sign the Contractor/Visitor logbook upon entering or exiting the premises. Full legible signatures and the date/time are required (showing government issued identification if requested by the security guard).(Note: Premises for ODC3 are defined as inside the gate. Premises for ODC1 are defined as right side of building all the way to the gate and the front of building but no further than the bus stop.) All employees/contractors will use their access card upon entering and exiting the building always. No tailgating is allowed.Upon exiting and re-‐entering the building, all personnel must document and sign their time in/out each time.Employees/contractors are forbidden to sign in or out for anyone other than themselves.Employees/contractors are forbidden to permit access to the ODC facilities to anyone without prior approval.Property passes are required to transport computer equipment and government property in and out of the mercial Visitors Entering and Exiting ODC1Commercial Visitors are defined as vendors, such as sales representatives and contractors who meet with employees to discuss their services.All visitors must be on the Security Guard’s Data Center Access Request screen in order to gain access to the facility. If the visitor is not on the list, the security guard will not permit access.All visitors must show government-‐issued identification along with job related identification if possible. (i.e. business card)All visitors, upon entering the building, must sign in the Contractor/Visitor logbook using their full signature with the time/date of arrival and identify the employee they will be meeting.All visitors are forbidden to sign in or out for anyone other than themselves.All visitors must wait in the lobby to be escorted to their destination.All visitors must be escorted at all times throughout the building and will have limited access to the Data Center.Visitors will be escorted back to the security office to be signed out.Employees Forgetting His/hers Badge at ODC1If the employee forgets his/hers badge, the security guard will contact the employee’s immediate supervisor or manager.The employee’s supervisor or manager will create a Data Center Access Request form to access the facility.After regular business hours, the security guard will contact the employee’s immediate supervisor or manager.Employees Losing His/hers Badge at ODC1If the employee loses his/hers badge, the security will contact the employee’s immediate supervisor or manager.The employee’s supervisor or manager will create a Data Center Access Request form to access the facility.The employee’s supervisor or manager will notify the Network Operations Center via email message about the lost badge.The appropriate form will be filled out to issue a new badge for the employee.The employee will go to PSD with the form and get issued a new badge.After regular business hours, the security guard will contact the employee’s immediate supervisor or manager.Personal Visitors Entering and Exiting ODC1All visitors must be on the visitor list in order to gain access to the facility.Visitors not on the list, the security guard will not permit access.Children are not allowed in the building at any time.All visitors will show current state issued identification when signing into the visitor’s logbook.Visitors must be accompanied by employees at all times.Visitors must be accompanied to the security area when exiting the facility.Failure to comply with any of these procedures will result in disciplinary actions.Acronyms AcronymDescriptionCABChange Advisory BoardCMChange ManagerCRChange RequestCTOChief Technology OfficerITCCInformation Technology Communication CenterNOCNetwork Operations CenterOCTOOffice of the Chief Technology OfficerODCOCTO DatacenterPSDDC Protective ServicesEnd of Document ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download