Data Centre Operations – Which Standards To Follow


The global release of the EPI-DCOS® has created a big wave in the industry. One of the questions often heard is ‘What are the data centre operations standards out there and how do we compare them’?  With this short article we attempt to provide an overview of standards and guidelines which can be considered for data centre operations and maintenance processes.

 

ISO

There are a number of ISO standards which can be applied to (parts of the) data centre operations and maintenance processes. To give a few examples, there is ISO-9000 for generic quality management, ISO-27001 for security and ISO-14000 for environmental aspects.  The bad news is that not all data centre processes are covered by ISO including financial management, equipment life cycle planning and many others. Furthermore, the ISO standards are very generic in nature and therefore require the data centre owner/operator to do a lot of work to implement them. For example, ISO-27001 provides generic descriptions on security requirements but it does not provide detailed guidance about how entry control for individuals and vehicles should be organised etc.  The ISO standards also do not provide guidelines on how to integrate all standards together. Last but not least, ISO standards are based on pass/fail which means there is no option for process maturity progression over time. The good news is that there is a wide choice of consultants and auditors.

 

Uptime® M&O Stamp of Approval

The M&O stamp of approval from the Uptime Institute is a guideline aimed at data centre operations and maintenance. A number of processes are not covered or not fully covered in great detail. There is also no full disclosure of all the audit criteria other than a few reasonably high-level checklists making it hard for organisations to understand the full requirements unless they are willing to engage Uptime consultants.  This in itself creates a conflict of interest based on ISO audit principles as the organisation providing consultancy is by right not allowed to also conduct the audit. The guideline is using a point based system to determine whether an organisation will pass or fail the audit. The exact structure and weight factors behind the point system are unknown to the outside world and therefore it is up to Uptime to determine who gets a pass or fail. The M&O audit can only be conducted by the Uptime Institute.

 

TIMS – Tiered Infrastructure Maintenance Standards

TIMS was originally developed by Lee Technologies which was acquired by Schneider Electric in 2011.  The focus is mainly on maintenance and operations resulting in many processes not fully covered such as business continuity, finance and others. TIMS defines four levels; TIMS-1: Run to Fail, TIMS-2: Unstructured Maintenance, TIMS-3: Structured Maintenance, and TIMS-4: Facilitated Maintenance, allowing for a progressive improvement over time, if and where desired by the organisation. Given the history, it appears that there is no, or at least very little, adoption outside of the US. There does not seem to be a formal audit process or structure in place and there is no public evidence for sites being “certified”.

 

EPI-DCOS® - Data Centre Operations Standard

EPI-DCOS® is covering the full spectrum of processes to operate and manage a data centre covering 11 disciplines and all processes within those disciplines. The standard is fully transparent as the requirements are described in the standard itself which can be downloaded from the website (http://www.epi-ap.com/dcos). The standard allows progressive improvement of the data centre based on the well-recognised and adopted ISO standard describing 5 levels of process maturity. Audits can be conducted on one, multiple or all disciplines allowing organisations to start “small” and add more disciplines as and when required. However, in order to achieve the maturity level of DCOS-5 one has to audit all processes as this maturity level requires all processes to be fully under management control and integrated. Audits can be conducted by accredited parties providing freedom of choice.

 

Comparison of Data Centre Operations And Maintenance Standards

 

ISO

DCOS

M&O Stamp of Approval

TIMS

Owner

ISO

EPI

Uptime Institute

Schneider Electric

Development process

ISO

ANSI/ISO

Proprietary

Proprietary

Criteria availability

Full details in downloadable standard

Full details in downloadable standard

Partial checklist and whitepaper

Partial checklist and whitepaper

Integrated document covering processes under scope

No

Yes

Yes but not covering all processes

Yes but not covering all processes

Main objective

General processes

Data Centre operations and maintenance

Data centre operations and maintenance

Data Centre operations and maintenance

Conformity levels

Pass/Fail

1-5

Pass/Fail (80 out of 100 points),

1-4

Conformity baseline

Shall/Should

ISO process maturity

Proprietary rating

Proprietary rating

Partial scope audit/certification

No

Yes

No

No

Certified data centres

Yes for individual standards

Yes

Yes

n/a

Auditors

Multiple organisations

Multiple organisations

Uptime Institute

n/a

 

 
Find classes near your location

EPI Data Center Framework

EPI Data Centre Operations Standard (DCOS)

EPI Data Centre Conpetence Framework

EPI Data Center Training Framework

IT Training Framework

Make enquiry
Send me updates
Copyright EPI Singapore 2018      | Privacy Policy | Terms & Conditions