What are SoX, GxP , Quality issue, Security issue?

Posted on

Sarbanes Oxley (SoX) issue – an identified weakness or deficiency in the design or operation of a control impacting an in-scope SOx system, and/or supporting infrastructure. A SOx issue is a failure to comply with the controls identified in the IS/IT Controls Framework. A system is considered to be in-scope for SOx if its functionality supports the operation of key business financial processes and controls.

GxP issue – a breach of GxP regulations and/or associated company standards impacting a GxP system, and/or supporting infrastructure. A GxP system may impact product quality, safety or efficacy and is therefore subject to GMP, GLP, GCP and GDP (GxP) regulations. For example, a GxP issue could result in any, or a combination of the following:-

  • ­Negative impact on a laboratory, clinical or manufacturing process
  • ­Loss, corruption or inability to restore GxP data
  • ­Unscheduled GxP system downtime outside of agreed SLAs
  • ­Regulatory agency notification
  • ­Compromise to validation status (e.g. uncontrolled changes to the systems or infrastructure).

Quality issue – a non-conformance to defined policy, related 3rd party policy, standard or procedure or ineffective IS/IT control impacting any computerised system, and/or supporting infrastructure which does not have a regulatory impact (GxP, SOx).

For example, a quality issue could result in any, or a combination of the following:-

  • ­Loss, corruption or inability to restore data
  • ­Unscheduled system downtime outside of agreed SLAs
  • ­Unauthorized changes to production systems or data
  • ­System interfaces to fail

Security issue – a breach of security policy, a failure of security controls or an uncontrolled security related event. Examples include:- ­Damage, theft or loss of infrastructure (including, but not limited to; laptops, PCs, servers, switches, printers, modems), software or data; Unauthorized access to and/or use of systems, networks or data; Malicious code (including, but not limited to; viruses, worms, trojans); Social engineering (obtaining confidential information through user manipulation); Employee or 3rd party computer misuse.


What is a Queue Manager? What are the responsibilities of a Queue Manager?

Posted on Updated on

A Queue Manager or a Dispatcher is a resource who primary task is to assign the incident tickets to resources as per their skill set. Their primary role is to meet the SLA targets for an incident ticket. Below are the responsibilities of a Queue Manager:

  • Monitoring the queues and assign the incidents before missing Response time SLA
  • Tickets to be assigned with respective Support Engineer according to required skills sets
  • Follow up with engineer for closing the tickets those are going to be SLA breached
  • Assigned the tickets which are out of scope to Service Desk/Other Teams.
  • Publishing Weekly Change Calendar
  • Daily Report on Incidents/Change/Problem tickets and SLA status
  • Daily Change schedule reminder to respective change assignee
  • Shift Handover to Next Queue Manager
  • Summary report on all Major incidents happen on that day
  • For high number of repeated incidents, you need to relate the incidents with Parent incident and cancel the duplicate incident by marking the parent ticket info.
  • Need to discuss with TL/Shift lead for taking action against bouncing tickets

The below are the knowledge or skills which a Queue Manager should possess in order to deliver their job.

  • SLA Metric
  • Process knowledge (IM/CM/PM/SR)
  • Support Scope
  • Inter team SPOC contact
  • Escalation Matrix & Entire team contacts
  • Incident Categorization
  • Entire team Skill set Matrix
  • Current Shift Roster & Oncall Resource
  • Technology specific SME for Tech assistance
  • Inter Supplier Support Scope & Queue Name
  • Inter Supplier Support SPOC & Contact Details
  • Application Owners Contact & Queue Name
  • Generating the reports from Ticketing Tool