Documentation

From Socology.org - The Study of Security Operations
Revision as of 13:56, 17 October 2018 by Frankangiolelli (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Documentation covers key areas including the importance of documenting project decisions and knowledge management (Robin Kipke, 2014), which supports organization innovation and performance by amplifying enablers (Dan Paulin and Kaj Suneson, 2012). While Policy is not specifically called out in these dimensions, it can be included under “Documentation” and this grouping allows for better extensibility.

Documentation Guidelines

There are many parts of Security Operations that require documentation to achieve high performance and may need to be created serially versus simultaneously in parallel. These include

  • Procedures
  • Processes
  • Functions
  • Run Books
  • Contacts
  • Meeting Notes
  • Network Architecture
  • Asset Inventories
  • Business Impact Assessments
  • Data Governance, Elements and Storage Strategy
  • Automation Architecture

Evaluate what areas of documentation will provide the maximum value first, approach iteratively and utilize business partners in the organization.

Centralize & Standardize Location

Where will this documentation be stored? Who should have access to it? Who must have access to it to be successful? Can it be updated regularly?

Reducing tribal knowledge and Hero Syndrome helps everyone in the organization and the organization itself.

Citations

Robin Kipke. 2014. The Importance of Documenting Project Decisions Along the Way. Retrieved from http://tobaccoeval.ucdavis.edu/publications/documents/TheImportanceofDocumentingProject.pdf

Dan Paulin and Kaj Suneson. 2012. Knowledge Transfer, Knowledge Sharing and Knowledge Barriers – Three Blurry Terms in KM. Electronic Journal of Knowledge Management, Vol 10, Is , Art 32, Pg. 89