Additional Resources: Standardized to Rationalized Checklist
The following checklist outlines the requirements you must meet to move to the Rationalized level. After you have addressed each item under the main topics, you have successfully moved from the Standardized level to the Rationalized level.
On This Page
.gif "Capability: Identity and Access Management"){kind=icon}
Capability: Identity and Access Management
Capability: Desktop, Device and Server Management
Capability: Security and Networking
Capability: Data Protection and Recovery
Capability: Identity and Access Management
Requirement 1 |
Yes |
No |
|---|---|---|
Implemented a directory-based tool to centrally administer configurations and security on 80 percent or more of your desktops |
|
|
Attributes:
Identified which configurations should be monitored or enforced.
Selected tools for monitoring and enforcing configuration compliance.
Defined Group Policy objects for settings managed through Group Policy.
Implemented Group Policy Management Console to manage Group Policy objects.
Applied Group Policy to at least 80 percent of your desktops.
Capability: Desktop, Device and Server Management
Requirement 1 |
Yes |
No |
|---|---|---|
An automated software distribution solution for operating system deployment |
|
|
Attributes:
Identified tools and technologies required to enable automated operating system deployment.
Performed necessary pre-deployment tasks for application compatibility and packaging, infrastructure remediation, imaging, user-state migration, and desktop security.
Tested and validated Zero Touch Installation in a lab environment and pilot program.
Performed automated OS deployment to end users.
Requirement 2 |
Yes |
No |
|---|---|---|
Automated tracking of hardware and software assets of 80 percent or more of your desktops |
|
|
Attributes:
Deployed tools and procedures to automate desktop asset inventory.
Implemented procedures and technologies to automate application and operating system deployment
Implemented tools and procedures to perform and analyze software usage tracking reporting.
Implemented best practice automated software update management.
Deployed tools and procedures to monitor desktop system status, including product compliance and system status monitoring.
Requirement 3 |
Yes |
No |
|---|---|---|
Eighty percent or more of your desktops running one of the two most recent operating system versions |
|
|
Attributes:
Inventoried existing production operating systems.
Determined new computer and refresh strategies in order to phase out older operating systems.
Deployed two most recent operating system versions to at least 80 percent of all desktops.
Requirement 4 |
Yes |
No |
|---|---|---|
Eighty percent or more of your desktops running Microsoft Office 2003 or the 2007 Microsoft Office system |
|
|
Attributes:
Evaluated the latest versions of Office and defined plan to consolidate Office versions on production workstations.
Deployed latest versions of Office to desktops.
Defined plan for managing Office configurations.
Requirement 5 |
Yes |
No |
|---|---|---|
Tests and certifies application compatibility on 80 percent of new or updated applications before deploying them to desktops |
|
|
Attributes:
Collected and analyzed the application inventory in your organization to build your application portfolio.
Implemented standard testing of your mitigation strategies to create your application mitigation packages.
Implemented standard processes to resolve any outstanding compatibility issues to report compatibility mitigation to management.
Implemented automated deployment of all compatibility mitigation packages.
Requirement 6 |
Yes |
No |
|---|---|---|
Patch management solution for 80 percent or more of your servers |
|
|
Attributes:
Implemented process and tools to inventory hardware and software assets.
Implemented process and tools to scan servers for software updates.
Established a process to automatically identify available patches.
Established standard testing for every patch.
Implemented patch distribution software.
Requirement 7 |
Yes |
No |
|---|---|---|
Secured and guaranteed way to verify secure communications between your corporate network and mobile devices |
|
|
Attributes:
Inventoried mobile devices connecting to your network.
Determined a communication security strategy appropriate for your needs.
Implemented mobile device authentication to all connected devices.
Requirement 8 |
Yes |
No |
|---|---|---|
Access provided to Web applications via WAP or HTTP for mobile devices |
|
|
Attributes:
Inventoried mobile devices connecting to your network and Web applications currently consumed or potentially consumed by mobile device users.
Developed and implemented a strategy to optimize Web applications for mobile device users, update mobile device hardware, or both.
Requirement 9 |
Yes |
No |
|---|---|---|
Planning for server consolidation with virtualization |
|
|
Attributes:
Inventoried all IT services and LOB applications in your organization, including performance and traffic data.
Developed a plan to consolidate server infrastructure by implementing virtual machine technologies.
Requirement 10 |
Yes |
No |
|---|---|---|
Implemented a layered-image strategy for managing your desktop images |
|
|
Attributes:
Inventoried and rationalized the current set of managed desktop images in your organization.
Developed and implemented a strategy to consolidate desktop images by using thin or hybrid layered-imaging for desktop deployment.
Capability: Security and Networking
Requirement 1 |
Yes |
No |
|---|---|---|
Policy-managed firewall on 80 percent or more of your servers and desktops |
|
|
Attributes:
Inventoried your desktop and server computers to identify which hardware currently has host-based firewall technologies.
Deployed host-based firewall technology to hardware lacking firewall capabilities or updated servers to Windows Server 2003 SP1 or later.
Established policy enforcement to ensure host-based firewalls are always enabled and cannot be disabled.
Requirement 2 |
Yes |
No |
|---|---|---|
Secure remote access to internal resources and line-of-business applications beyond e-mail (that is , VPN and/or Terminal Services) |
|
|
Attributes:
Evaluated remote access requirements for remote clients and branch offices.
Designed and implemented secure virtual private network or similar services to remote clients and branch office.
Requirement 3 |
Yes |
No |
|---|---|---|
Secured and guaranteed way to verify communication between critical servers , such as domain controllers and e-mail servers |
|
|
Attributes:
Assessed the current state of network infrastructure affected by Internet Protocol Security (IPsec).
Identified organizational requirements to ensure secured and guaranteed communication between servers, including regulation and compliance impacts.
Developed and implemented a plan across the organization using Ipsec to meet defined requirements.
Requirement 4 |
Yes |
No |
|---|---|---|
Monitoring and service level reporting for 80 percent or more of your servers to ensure a consistent and reliable user experience |
|
|
Attributes:
Defined your organization’s IT services in a service catalog.
Determined the baseline or current service levels for defined services.
Defined service levels appropriate for your organization and determined a plan for automating service level monitoring.
Implemented an automated availability monitoring solution.
Requirement 5 |
Yes |
No |
|---|---|---|
Providing a secured communication mechanism for presence |
|
|
Attributes:
Assessed any current unmanaged methods used for presence and instant communication.
Created a requirements specification for presence and instant messaging, aligning to industry or local regulations and policies.
Evaluated presence and instant technology and created a plan to implement your selected solution.
Implemented presence at minimum through managed instant messaging and optionally through collaboration and e-mail infrastructure.
Requirement 6 |
Yes |
No |
|---|---|---|
Deployed a secure wireless network using Active Directory and IAS/RADIUS for authentication and authorization |
|
|
Attributes:
Identified current wireless access and related topologies.
Evaluated wireless technologies, protocols, and standards.
Developed and implemented plans for secure wireless authentication infrastructure.
Requirement 7 |
Yes |
No |
|---|---|---|
Centrally managed certificate services infrastructure (PKI) |
|
|
Attributes:
Performed a network discovery to inventory all components.
Identified people, process and technology design considerations for the certification authority and public key infrastructure.
Created a detailed deployment plan to enable the PKI.
Implemented PKI deployment plan.
Requirement 8 |
Yes |
No |
|---|---|---|
Proactively managing bandwidth to branch offices |
|
|
Attributes:
Identified and documented branch office topology.
Created requirement specification based on the needs of all branch office types.
Created a plan and architecture for branch office service consolidation and identified performance thresholds for reexamination of branch office WAN requirements.
Implemented plan to optimize branch office services against WAN link limitations.
Capability: Data Protection and Recovery
Requirement 1 |
Yes |
No |
|---|---|---|
Centrally managing data backup for your branch offices |
|
|
Attributes:
Created a centralized data backup plan and a recovery plan for branch offices in your organization.
Implemented a backup and recovery plan for centralized control of backup and recovery operations, either via network-centralized tools or operational guidelines for local backup and recovery, with defined service levels.
Requirement 2 |
Yes |
No |
|---|---|---|
Service level agreement (SLA) for system backup and restore , and defined recovery times for 80 percent of your servers |
|
|
Attributes:
Created a data backup plan and a recovery plan for 80 percent or more of all servers in your organization.
Used drills to test your plans and validate defined recovery times.
Capability: Security and ITIL/COBIT-based Management Process
Requirement 1 |
Yes |
No |
|---|---|---|
Established security processes for two-factor user authentication , standard security review for new software acquisitions , and data classification |
|
|
Attributes:
Developed and implemented two-factor identity and access management policies.
Developed a process to manage security requirement testing on all acquired or developed software.
Established a standard and repeatable procedure for classifying sensitive data.
Requirement 2 |
Yes |
No |
|---|---|---|
Implemented best practices for operating , optimizing , and change processes in your IT organization |
|
|
Attributes:
Implemented service level management across IT operations.
Implemented best practice release management.
Optimized network and system administration processes.
Implemented best practice job scheduling.