Your company sells second hand/used cars from a small showroom in a quiet rural location. There are three other branches varying from 20-300 miles away. You would like to make your branch (the largest and most central) the Head Office. Currently you use paper-based forms to track sales and part exchanges of vehicles. You are rapidly running out of storage space for paperwork and find it difficult to stay in touch with customers or follow the work of your sales team. Your company intends to implement the following:
• A networked solution to incorporate all the offices, which should be able to provide the following:
o A booking system for customers to book appointments for servicing vehicles and viewing cars
o A database for keeping/maintaining customer details
o A system at Head Office for keeping/maintaining details of the 300 staff members; including performance related data (e.g. number of sales made per month, average sales prices, profits etc.)
o A system to compare performance metrics between branches, sales staff and across the company as a whole
o A system for staff to view car stock details with customers in the showrooms
• Up to date security and backup systems, including CCTV • Staff training programme
• Staff training programme
Key Business Hours:
o Monday-Friday: 8am – 7pm
o Saturday: 10am – 5pm
o Sunday: 10am – 4pm
As a result of these planned changes you have been asked to manage the process (as the only ITIL expert in your company). You need to provide:
Part 1 – Risk Assessment
• Identify a range of risks based on these significant changes. Make use of a risk matrix and other categorisation methods you have learned.
• A description of mitigation methods covering the identified risks, including any recommendations you would make to your company.
• A brief reflection of how your previous experience of undertaking a risk assessment (walk) has enabled you to complete this task.
Part 2 – Service Level Agreement
A complete Service Level Agreement to be used between the Head Office IT department and outer branches to cover the new services. The SLA should aim to determine a standard minimum level of service delivery across all sites.
The SLA should include all aspects of delivery, and should include (in no particular order):
• Service Desk Operation
• Disaster Recovery
• Change Management
o Software Installation/updates
o Hardware installation/updates
o Change requests
• Operational hours
• Performance Metrics
• Staff responsibilities
o Reporting structure
• Some reference to policies relevant to the company (titles and short paragraph descriptions only)
• Any other aspects which you feel are relevant
Part 3 – Security Management Poster
An A4 poster (in landscape orientation) demonstrating a flow diagram of how to report a security issue – aimed at all staff within the company. This could be used as part of in-house mandatory information security training but should be self-explanatory and serve as a useful reminder to everyone. It should also incorporate relevant current legislation.
•For all tasks you are expected to include references where appropriate.
•You will also need to include a list of assumptions where you have made any, bearing in mind the business strategy and requirements.