1.

1 OBJECTIVES OF THE DOCUMENT

The objective of this Operating Procedure is to define the work processes, roles and responsibilities and
the general criteria for the management and resolution of IT incidents.

1.2 AREA OF APPLICATION

This Operating Procedure applies to KIOS LLP and constitutes a benchmark best practice for all its direct
and indirect subsidiaries in KZ.

1.3 METHODS OF IMPLEMENTATION

This Operating Procedure is immediately applicable to KIOS LLP

1.4.2 External References

• ISO/IEC 27005:2013;

2. DEFINITIONS, ABBREVIATIONS AND ACRONYMS

IT Anomaly Event that could have an undesirable effect on the standard operation of an information
service, resulting in the loss, damage or unauthorised use of information.
IT Help Desk Group made up of IT personnel responsible for accepting reports of anomalies from users.
IT incident Any event that is not part of the standard operations of a computer service and
that causes, or may cause, an interruption or a reduction in the quality of service.
IT WS Workstation: computer equipment assigned to final users, such as desktops and
portable computers, for the performance of work tasks.
IT Focal Point Person chosen by the Head of IT Dept. as the Focal Point for the execution,
management and/or monitoring of activities in specific areas of IT subprocesses.
IT Department Information Technology& Telecommunication
VIP Users Users utilized by the Top Management and their assistants.

3. ROLES AND RESPONSIBILITIES

3.1 OPERATIONAL RESPONSIBILITIES
IT Focal Point
The IT Focal Point performs the following activities:
• supports the IT Help Desk in assigning the priority level to IT incidents;
• supports the IT Help Desk in in analyzing medium priority IT incidents;
• informs the Head of IT Dept. of any high priority incidents detected.
IT Help Desk
The IT Help Desk that detects the anomaly shall:
• analyze the reported IT anomaly and assess if other parties for support should be involved;
• in the event of an IT incident, working with the relevant IT Focal Point, assign the priority level of the
IT incident;
• analyze the IT incident, in case involving other parties for support, looking for appropriate solutions
for its resolution and activate the operations necessary for its management and resolution;
• file the documentation and evidence produced during the resolution of the IT incident.
Head of IT Dept.
The Head of IT Dept. is responsible for the following activities:
• working with the IT Focal Point, finding appropriate actions to resolve a high priority IT
incident;
• selecting the IT Focal Points involved in the process in question at least on an annual basis;

4.2 OPERATING METHODS

4.2.1 Reporting IT anomalies
All users shall report to their relevant IT Help Desk any event that in their opinion has had an undesired
effect on the operation of their company computer resources that they use.
IT anomalies may also be reported by IT personnel based on events detected by the monitoring tools in
use.
4.2.2 Impact analysis and assignment of IT incident
The IT Help Desk that reported the IT anomaly shall analyse and evaluate whether or not to involve other
IT Help Desks.
Should an IT anomaly be recognised as an IT incident, in cooperation with the relevant IT Focal Point, the
IT Help Desk shall assign a priority level to the IT incident.
The priority class shall be assigned by considering the following aspects:
 disruptions to the systems
- disruptions to network systems and services;
- application failures;
- hardware device failures;
 damage caused by the loss of availability, integrity and confidentiality of information.

With regard to this assessment, there are three priority levels:

Priority Types of IT incidents

LOW - malfunctions or damage to peripherals (for ex. network printers);

- malfunctions to the IT WS of a single user or to a restricted group of
users.

MEDIUM - with an impact on the operations of a single area/office.

HIGH - concerns VIP users;

- with an impact on security of information;
- compromising the geographic connectivity among KIOS offices;
- with an impact on a high number of users.

4.2.3 Management of IT incidents

A detected IT incident can be managed in various ways, depending on the priority level assigned.

Priority Actions
LOW The IT Help Desk analyses the IT incident researching appropriate actions
for its resolution, possibly involving other parties for support.
The IT Help Desk activates the necessary actions for the management
and resolution of the incident, keeping track of the actions taken for this
purpose.

MEDIUM The IT Help Desk analyses the IT incident, researching appropriate

actions for its resolution, involving the relevant IT Focal Point and in case
other parties for support. Subsequently the IT Help Desk activates he
necessary actions for the management and resolution of the incident,
keeping track of the actions taken for this purpose.

HIGH The relevant IT Focal Point informs the Head of IT Dept. of the detection
of a HIGH level priority IT incident.
The Head of IT Dept. researches appropriate actions for its resolution, in
collaboration with the IT Focal Point and possibly other parties for
supports
At a later stage, the person in charge of IT incident resolution proceeds
with the necessary operations for its management and resolution, keeping
track of all actions executed for this purpose.
In all cases, once the IT incident has been closed, the users impacted by the process are informed that
the incident has been closed and the IT Help Desk files the documentation and the evidence produced
during its resolution.
The Head of IT Dept. must identify the IT Focal Points involved in the activities described in the document
at least once a year.