Administrator's procedures

Introduction

Procedures typically performed by the Administrator are indicated below with references to their pertinent chapters.

Procedures
Preparing the RCS for use by other users

Following are the procedures typically performed to prepare RCS for use by others:

Step Action
1

In the Accounting section, Users set the people who will have access to RCS.

See "User management"

2

In the Accounting section, Groups create the user group (usually composed of system administrators and not linked to any operation) that will receive the system alarm e-mail notifications

See "Group management"

3

In the Monitor section, select the group that will receive the system alarm e-mail notifications.

See "System monitoring (Monitor)"

 

Opening an investigation

Procedures typically performed to open an investigation are indicated below:

Step Action
1

In the Accounting section, Users set the people who will belong to the investigation team and their roles.

See "User management"

2

In the Accounting section, Groups set the team enabled to view investigation data and receive system alarms.

See "Group management"

3

In the Operations section, open the investigation and link one or more groups.

See "Operation management" and "Operation page"

4 Inform the RCS Technician of the types of evidence to be collected.
5

In the Audit section, monitor system access by the team and check their actions.

See "User monitoring (Audit)"

 

Closing an investigation

The typical procedure performed to close an investigation is indicated below:

Step Action
1

In the Operations section, close the investigation.

See "Operation management"

2

If necessary, ask the System administrator to save evidence in a Backup file.

 

Monitoring the system

The typical procedures performed to monitor RCS use are indicated below:

Step Action
1

In the Monitor section, monitor system messages and licenses used.

See "System monitoring (Monitor)"

2

In the Audit section, monitor actions performed by Technicians, Analysts and other Administrators.

See "User monitoring (Audit)"