Maintenance (What IT Does on Behalf of the Customer)

Definitions

Maintenance is defined as any activity performed at the discretion of IT, which invests in and preserves the value to the customer of an existing application and environment including:

• Defect correction — correction of critical defects found in a deployed application that inhibit [name of business unit] from meeting its production system availability or performance requirements. Examples of defect correction activities include responding to production calls for batch systems running over-night or installing system bug fixes.

• Retooling — any change required to a [name of business unit] business application due to an upgrade of an infrastructure product. An example would be maintenance necessitated by changes in the production version of PeopleSoft, Lotus Notes, etc.

• Asset protection — business application upgrades in keeping with the vendor releases. An example would be the release of a new version of Microsoft Office, PeopleSoft, PowerFAIDS, etc.

• Disaster recovery procedures — supporting the business unit in developing its disaster recovery plan and participating in any disaster recovery testing.

• Required by external agencies — activities required by external and internal audit, federal agencies, etc. For example, the process to move and maintain applications into a formal change management environment.

• Applied research and feasibility analysis — as part of both SLA and project work for the business unit, Information Services will conduct assessments of IT products, services, and processes to determine their appropriateness in line with business unit needs.

• Infrastructure and related production support — work associated with the implementation of business system applications and end-user desktops.

• System support — Tier 2 and 3 support associated with both the break/fix of existing business application systems and the problems encountered by end-user customers in using these business application systems.

• Information security — identification, assessment, management, and remediation of threats, vulnerabilities, and risks to the electronic information assets of the institution.