【數據中心設計】CDCP 學習筆記 - 數據中心 (Part 13) - Data Centre Design - Operational Considerations

Service Level Management

• The organization should maintain a service catalogue
• The service catalogue is a key component of service delivery and should describe:
• Unique identifier of the service
• Description of the service should include:
• Description of the service to be delivered
• Service hours and exceptions
• Availability requirements
• Support:
• Response times
• Escalation and contact points
• Cost

數據中心的運營是數據中心周期的一個重要部分。服務水平管理，是數據中心運營的一個重要方面。這要求運營者能夠關注客戶的需求和要求。由於服務通常是商業性質的，客戶了解如何支持和反饋服務也很重要。

• An SLA (Service Level Agreement) is a legal document which provides a mechanism where the cost of non-conformity will be accounted for
• An SLA should describe the service commitments at an appropriate level of detail
• Whatis to be provided
• What constitutes a violation of the SLA
• An SLA should be maintained by regular reviews
• Service levels should be monitored and reported against documented targets
• Non-conformance should be reported, reviewed, and where appropriate, escalated

服務水平協議（SLA）是一個總體性文件，一般描述服務目錄中的數據中心和IT服務的服務承諾。

Safety 安全措施

• The organization should have an occupational health and safety policy
• Policies, plans and procedures should be in place addressing emergency preparedness and response
• Plan, act, evaluate, take corrective actions
• Safety staff should be appointed which should have clearly defined roles, responsibilities and authorization levels, considering the following functions:
• Risk manager
• Safety manager
• First Aid officer
• Emergency warden
• The organization should conduct (regular) safety awareness training for all staff
• To protect individuals from exposure to workplace hazards and the risk of injury, staff should be familiar with the usage of Personal Protective Equipment (PPE), such as:
• Ear protection
• Safety glasses
• Hard hat
• Protection gloves/shoes
• Insulated tools

安全是最重要的，因此，數據中心運營者應該有一個職業健康和安全政策。應制定政策、計劃和程序來處理應急事件。作為安全的一部分，應該任命專職的安全人員。安全是每個人的責任，安全意識培訓不是一次性的，而是應該定期進行的。另外，強烈建議對首次來到現場的承建商進行安全介紹。除了一般的安全做法，工作人員還需要接受具體的安全事項培訓，包括個人防護等設備的使用。

Security 安保措施

• To manage entry control of individuals, a security matrix should be established using the following categories:
• Organization staff
• Contractors
• Vendors/suppliers
• Customers
• Visitors
• To manage entry control of incoming and outgoing goods, inspections (holding area) should take place for potential security risks as well as hazards
• Goods(equipment), parcels,letters, etc.
• Where applicable security controls need to be monitored
• Security patrol may be required for data centres where a higher level of security is required
• All individuals working at the data centre should attend a security awareness training
• The security awareness program should include the following:
• Overall security policies
• Specific security requirements of the department
• Behavioural considerations
• Security incident reporting structure

實施訪客進出控制，首先必須分類區域，確定可以進入區域的角色。下一步是確定角色，對不同角色進行分組，確定進出權限。通常情況下，具備監測出入和警報監測、CCTV監測。對於需要更高安全級別的大型數據中心設施，可能需要進行安全巡邏，由保安人員完成，接受適當的培訓。所有在數據中心工作的人都應參加職能安保意識培訓。此外，在現場工作的承建商和供應商應接受基本的安保意識簡報，以充分了解數據中心的安保規則。

Facilities Maintenance 設備維護

• Several types of maintenance activities may take place:
• Preventive / predictive / reactive (corrective)
• The organization should have appropriate maintenance agreements in place and should cover the following, not limited to:
• Legal entity name
• Start and end date
• Description services provided
• Qualifications and experience of personnel allocated
• Commercial terms
• Names and signatures by authorized officers

設備維護包括建築結構及其周圍環境的維護，數據中心的基礎設施，如機械、電氣和管道的維護也是其中重要一部分。

• A maintenance schedule should be created and maintained
• The schedule should be published on a need to know basis
• The organization should keep track of scheduled events and the actual date and time of execution
• Maintenance includes:
• Equipment
• Cleaning
• Labeling
• Documentation
• Etc.

  預防性維護 —— 即使在可能不需要的情況下，也要進行常規的維護。

  預測性維護 —— 實時維護，基於監測設備性能和狀態。

  反應性（或糾正性）維護 —— 發生故障，需要解除故障。

維護計劃需要跟相關部門協調。同時應該符合當地的法規，包括定期的強制性的檢測（如排放、污染、電力、消防設施的定期維護等）。

Governance - documentation

• The organization should ensure that the data centre establishes a fully functional document management system, addressing the following steps:
• Creation
• Classification
• Approval
• Creator / modifier / reviewer / approver
• Publishing
• Online (digital) / hard copy (paper)
• Maintenance
• Archiving
• Destruction

管理者應確保數據中心具備一個功能齊全的文件管理系統，以滿足法律、法規、監管、商業和運營要求。數據中心會產生大量的文件，要確定文件類別。

Governance - vendor management

• Vendors should be selected and managed in a controlled fashion, considering the following activities:
• Service requirements analysis
• Technical / financial / commercial / legal
• Request for Proposal (RFP)
• Contract management
• Vendor management
• Performance (SLA) reviews
• Retirement

供應商在實現數據中心對其客戶的服務承諾方面往往發揮著關鍵作用。因此，確保以可控的方式管理供應商是很重要的。第一步是服務需求分析階段，以確定對供應商的需求。下一步，將確定供應商。一旦收到供應商的競標，評估過程就開始了，如果一切順利的話，最後就是協議的簽署。