Operations that deal with various activities in the organization, and specifically IT operations, need to follow certain established procedures. From an operational and security perspective, these procedures are documented as IT operations that require coordinated and consistent activities. These activities are known as documented operating procedures.
Examples of documented operating procedures include computer start-ups and close-downs, backup of critical information, system maintenance, media handling, facility management such as computer rooms and data centers, mail management, safety procedures such as fire safety, and so on.
The International Standard ISO/IEC 27002 lists the following specific instructions that need to be available in the operating procedures: