Developing an Information Security Knowledgebase

February 15, 2016 By
Download story as PDF

Challenge

Our client, a leading fashion specialty retailer with locations across the United States and Canada, lacked unified on-call and escalation procedures used when supporting the suite of security tools managed by the Security Engineering team. Little documentation was
available for standard troubleshooting and recovery efforts, resulting in poor knowledge transfer among employees, especially new team members, and the inability to properly assist internal customers.

Due to these challenges, it was determined that a centralized repository for information would be needed as well as the development of standard operating procedures (SOPs), recovery, and escalation documentation. The Security Engineering team was tasked with creating a knowledgebase and defining standard processes, and a Kalles Group consultant was recruited to lead the effort.

The Security Engineering team was tasked with creating a knowledgebase and defining standard processes, and a Kalles Group consultant was recruited to lead the effort.

Approach

The team determined that they would need to combine information from various sources and compile them into a comprehensive location for consumption by the organization. This would also involve developing new standardized processes that are consistent with industry best practices and experience by contractors, breaking items down into logical workflows, and annotating the information.

Furthermore, the team determined it would evaluate and identify the third party team collaboration software they would implement as its knowledgebase.

Solution

The team systematically defined tools and basic escalation paths. Key information was collected and reviewed to ensure materials were current and applicable. The team combined industry practices based on experience that loosely conformed to ITIL helpdesk and escalation procedures for the development of new technical documentation. In addition, customer education was developed and delivered using a hands-on introductory walk-through either upon request or when an individual was new.

Results

The new knowledgebase was successfully implemented and deployed and provides the organization with a centralized repository to locate and review information most critical for employees. Team members can quickly search for items and manage situations without affecting other team members, thus creating a self-service platform for 24/7 use.

For on-call employees, processes for handling on-call items and basic triage are now quickly accessible. Escalation procedures are easy to find as well as contact information for tool owners, allowing on-call employees to better assist customers. In addition, the knowledgebase contains information needed for escalating to vendors, making it easier for on-call team members to manage tools they are not familiar with and preventing team members from being called after
hours.

Finally, newly created materials within the knowledgebase provide a framework to springboard off of for developing additional SOPs and service level agreements (SLAs). New standardization and documentation is accelerating onboarding tasks and more effective transitions for new team members.

Team members can quickly search for items and manage situations without affecting other team members, thus creating a self-service platform for 24/7 use.