IT Playbook

El Manual de TI de PAE es un documento estratégico que consolida las políticas, los procesos y los estándares de TI para garantizar la coherencia operativa, la seguridad y la excelencia en todas las operaciones tecnológicas de PAE. Proporciona orientación sobre la gestión tecnológica, el seguimiento de los indicadores clave de rendimiento y la mitigación de riesgos, con el objetivo de estandarizar los flujos de trabajo y alinear los esfuerzos de TI con los objetivos de la organización.

Describe cinco áreas fundamentales:

1. Objetivo y misión

The playbook defines the mission of the IT area: to ensure reliable, secure, and innovative technology solutions that support PAE’s growth and transformation. The IT team focuses on delivering efficiency, scalability, and protection of digital assets through best practices, user-centric solutions, and data-driven strategies.

2. Políticas

Core policies establish how IT plans, manages, and maintains systems, infrastructure, and security. Policies cover:

• Onboarding: Access provisioning, equipment delivery, and training for new collaborators.
• Security: Vulnerability assessments, penetration testing, incident management, and website maintenance.
• Optimization: Review of software, integrations, and licenses to maintain efficiency.
• Documentation: Standards for programming and proper recordkeeping of all developments.
• Zoho Projects Usage: Proper project management, sprint planning, and issue resolution using the 5 Whys methodology.
• Helpdesk & Customer Satisfaction: Ticketing system with SLAs and post-resolution surveys.
• Access Management: Equipment and system access based on role and security level.
  

3. Procesos

Clear procedures standardize IT workflows for onboarding, support, maintenance, and project management. Processes include:

• Onboarding and Training: Account setup, equipment assignment, and mentorship.
• Continuous Training: Security, software updates, and new tool adoption.
• License and Subscription Management: Renewal scheduling and cost optimization.
• Project Scheduling (Zoho): Task prioritization, sprint planning, and monthly evaluations.
• Helpdesk Management: Ticketing setup, SLA monitoring, and reporting.
• Website Updates: Weekly plugin/theme maintenance and rollback planning.
• Equipment Maintenance: Semi-annual or annual preventive diagnostics.
• Technical Debt Prevention: Code audits, refactoring, and standard enforcement.
• KPI Evaluation: Monthly tracking of IT performance and reporting to leadership.
  

4. Indicadores clave de rendimiento y seguimiento del desempeño

The playbook defines the primary IT KPIs tracked by the IT area:

• System Uptime/Downtime: Availability of critical platforms (goal: ≥99.9%).
• Support Resolution Time: Average time to resolve IT issues.
• Incident/Error Rate: Frequency of system failures or errors.
• Data Security Incidents: Threats detected and mitigated.
• Customer Satisfaction (CSAT): Internal and external user satisfaction.
• Project Success Rate: Adoption and completion of IT initiatives.
• Blocked Unauthorized Access Attempts: Security effectiveness against intrusions.
• Vulnerability Patch Compliance: Speed of resolving detected vulnerabilities.
  

5. Funciones y responsabilidades

The IT structure includes five primary positions, each with defined responsibilities:

• Chief Information Security Officer (CISO): Leads cybersecurity strategy, protects data, ensures compliance with standards.
• Chief Technology Officer (CTO): Oversees IT infrastructure, external and internal systems, and drives innovation.
• Programmer Full Stack: Develops, maintains, and integrates internal and external systems; manages APIs and programming standards.
• Cybersecurity Coordinator: Implements and monitors security protocols, mitigates risks, and handles incident response.
• Tech Support: Provides technical assistance, maintains tools, and supports internal teams.