Information Technology for Water and Wastewater Utilities
MOP 33
Published on 26. June 2022
243 pages
978-1-57278-427-7 (ISBN)
Description
The manual presents an overview of the information technology (IT) systems, practices, and applications most relevant to utilities. This resource covers strategic planning, IT program development, project management, infrastructure, security, organizational issues, success factors, and challenges.
More details
Content
- Intro
- Title Page
- Copyright
- Contents
- List of Figures
- List of Tables
- Preface
- Chapter 1. Introduction
- 1.0. Evolution of Information Technology
- 2.0. Intent and Target Audience
- 3.0. Utility Structure and Information Technology
- 4.0. Opportunities
- 5.0. References
- 6.0. Suggested Readings
- Chapter 2. Where Is the Value? Understanding the Business Context for Information Technology
- 1.0. Summary of Key Things to Know
- 2.0. Business Context
- 2.1. Customer Service
- 2.2. Accessing Information
- 2.3. Resilience
- 2.4. Governmental Incentives and Requirements
- 2.5. Sustainability and Social Justice
- 2.6. Aging Workforce and Changing Demographics
- 2.7. Transparency
- 3.0. Overview of Information Technology Systems for Utilities
- 4.0. Business Systems
- 4.1. Running the Utility Business
- 4.2. Managing and Paying Staff
- 4.3. Finance and Accounting
- 4.4. Customer Service
- 4.5. Managing Knowledge and Collaboration
- 5.0. Utility Management Systems
- 5.1. Metering
- 5.2. Maintenance and Asset Management
- 5.2.1. Asset Management
- 5.2.2. Maintenance
- 5.2.3. Inventory Management
- 5.2.4. Job Cost Accounting
- 5.3. Compliance Monitoring and Reporting
- 5.4. Project and Program Management
- 5.5. Construction Management
- 6.0. Operations
- 6.1. Collecting Operational Data
- 6.2. Water Quality Testing
- 6.3. Operational Control
- 7.0. Planning and Decision Support
- 7.1. Planning
- 7.2. Modeling
- 7.2.1. Water Distribution Models
- 7.2.2. Hydrology and Hydraulics Models
- 7.2.3. Process Models
- 7.3. Deciding
- 8.0. References
- 9.0. Suggested Readings
- Chapter 3. The Importance of Data
- 1.0. Summary of Key Things to Know
- 2.0. Why Data Matters
- 3.0. Data Quality
- 4.0. Data Sources
- 5.0. Data Collection
- 6.0. Integrating Data Sets
- 7.0. Data Governance
- 8.0. Potential for the Utility of the Future
- 8.1. The Internet of Things
- 8.2. Digital Twins
- 8.3. Artificial Intelligence
- 9.0. References
- 10.0. Suggested Readings
- Chapter 4. Planning and Implementing Information Technology Projects and Programs
- 1.0. Summary of Key Things to Know
- 2.0. Alignment With Utility Priorities
- 2.1. Relationship Between Information Technology and Utility Strategic Priorities
- 2.2. Do You Need an Information Technology Strategic Plan?
- 3.0. Steps to Understand Your Information Technology Needs
- 3.1. Identify and Convene Key Stakeholders
- 3.1.1. Executive Steering Team
- 3.1.2. Planning Team
- 3.2. Articulate Current Conditions
- 3.2.1. Business Process Modeling
- 3.2.2. Strengths, Weaknesses, Opportunities, and Threats Analysis
- 3.2.3. Perspective Gathering
- 3.3. Identify Desired State
- 3.4. Prioritize Needs and Opportunities
- 4.0. Document the Strategic Information Technology Plan
- 4.1. Business Context
- 4.1.1. Vision
- 4.1.2. Goals
- 4.1.3. Objectives
- 4.2. Program and Project Recommendations
- 4.3. Timing and Resources
- 5.0. Critical Success Factors and Key Performance Indicators
- 5.1. Business Metrics
- 5.2. Executive Involvement
- 5.3. Focus on Implementation of the Plan
- 6.0. Strategic Information Technology Plan Optional Content
- 6.1. Disaster Recovery and Business Continuity
- 6.2. Service Catalogs and Service-Level Agreements
- 6.3. Select Business Process Mapping
- 6.4. Skills Mapping
- 6.5. After the Plan
- 7.0. Implementing the Plan
- 7.1. Executive Support
- 7.2. User Involvement
- 7.3. Objectives and Requirements
- 7.4. Strong Program and Project Management
- 7.5. Scope Control
- 7.6. Drivers and Constraints
- 7.7. Change Expectations
- 7.8. Business Environment
- 7.9. Stakeholder Engagement
- 7.10. Navigating Change
- 8.0. References
- 9.0. Suggested Readings
- Chapter 5. Organizational Aspects of Information Technology
- 1.0. Summary of Key Things to Know
- 2.0. Roles and Responsibilities for Information Technology in a Utility
- 2.1. Users
- 2.2. Data Stewards
- 2.3. System Availability
- 2.4. Hardware and Networks
- 2.5. Maintenance and Updates
- 2.6. Selection of Digital Tools
- 3.0. Organization and Governance Models
- 3.1. Organizational Considerations for Utility Information Technology
- 3.1.1. Municipal Utilities
- 3.1.2. National Utilities
- 3.1.3. Publicly Owned and Privately Operated Utilities in North America
- 3.1.4. Privately Owned and Operated Utilities
- 3.2. Governance
- 4.0. Organizational Maturity Model
- 4.1. Define and Characterize the Current State
- 4.2. Identify, Discuss, and Inculcate the Future State
- 4.3. Develop Strategies That Leverage Workforce and Technical Trends
- 4.3.1. Widening Generation Gap
- 4.3.2. Ubiquitous Technology
- 4.3.3. Changing Workforce
- 4.4. Select Your Organizational Structure
- 4.5. Fill New Positions and Build Better Connections
- 4.6. Get Strategic and Raise the Profile
- 4.7. Decide Who Does What
- 4.8. Manage the Change
- 5.0. Culture and Trust
- 6.0. References
- 7.0. Suggested Readings
- Chapter 6. Information Technology Capital Project Management
- 1.0. Summary of Key Things to Know
- 2.0. Introduction to Information Technology Project Management
- 2.1. Project Management Challenge
- 2.2. Information Technology Design Challenges
- 2.3. Obsolescence Challenge
- 3.0. Overview of Project Management Methodologies for Information Technology
- 3.1. Program Versus Project Management
- 3.2. System Development Life-Cycle Model
- 3.2.1. Definition
- 3.2.2. Design
- 3.2.3. Configuration and Development
- 3.2.4. Release
- 3.3. Why Structure Is Necessary
- 3.4. Other Methodologies
- 4.0. Guidelines for Managing Water and Wastewater Utility Information Technology Projects
- 4.1. Understanding Multirational Organizations
- 4.1.1. Managing Sponsors
- 4.1.2. Managing Users
- 4.1.3. Managing Technical Experts
- 4.1.4. Managing Vendors
- 5.0. Structure of Information Technology Projects
- 5.1. Define, Design, Configure/Develop, and Release Phases
- 5.2. System Development Life Cycle
- 5.3. User Participation
- 5.4. Testing and Acceptance
- 5.5. Governance
- 5.6. Training
- 5.7. Upgrades and Enhancements
- 5.8. Version Control
- 6.0. Program Management: A Portfolio of Projects
- 6.1. Organizational Aspects
- 6.2. Methodology
- 6.2.1. Governance
- 6.2.2. Evaluation
- 7.0. Project Management Checklist
- 8.0. References
- Chapter 7. Understanding Information Technology Processes and Practices
- 1.0. Introduction
- 2.0. Aligning Business Information Technology Perspectives With Facility Operational Technology-Information Technology and Operational Technology
- 2.1. Confidentiality, Integrity, and Availability Triad
- 2.2. Information Technology/Operational Technology Convergence
- 2.3. Alignment
- 3.0. Information Technology Architecture Basics
- 3.1. Hardware
- 3.2. Software
- 3.3. Networks
- 3.4. Redundancy
- 3.5. Data
- 3.6. Internet of Things
- 3.7. Network Segmentation
- 3.8. Resilience
- 4.0. Ownership, Management, and Control
- 4.1. Cloud Versus On-Premises
- 4.2. Maintenance
- 4.3. Risk Considerations
- 5.0. Defining Requirements
- 5.1. Hardware
- 5.2. Software
- 6.0. Procuring and Financing Software and Hardware
- 7.0. References
- 8.0. Suggested Reading
- Chapter 8. Keeping Your Systems Safe: What You Need to Know About Cybersecurity
- 1.0. Introduction
- 1.1. Overview of the Threat Environment
- 1.1.1. Cybercrime As a Growth Industry
- 1.1.2. Soft Targets
- 1.2. The Need for Critical Infrastructure Cybersecurity
- 1.3. Cybersecurity and Cyberhygiene
- 1.4. Chapter Summary
- 2.0. Means and Methods of Cyberattacks
- 2.1. The Cyber Kill Chain
- 2.2. The Human Cyber Kill Chain
- 2.3. Technical Attacks
- 2.3.1. Malware
- 2.3.2. Trojan Horses
- 2.3.3. Viruses and Worms
- 2.3.4. Bots and Botnets
- 2.3.5. Spyware
- 2.3.6. Ransomware
- 2.3.7. Zero-Day Vulnerabilities
- 2.4. Social Attacks
- 2.4.1. Phishing
- 2.4.2. Spear Phishing
- 2.4.3. Whaling
- 2.4.4. Smishing
- 2.4.5. Vishing
- 2.4.6. Distributed Denial of Service
- 2.4.7. Pretexting
- 2.4.8. Reverse Social Engineering
- 2.4.9. Water Holing
- 2.4.10. Baiting
- 2.4.11. Quid Pro Quo
- 2.5. Physical Attacks
- 2.5.1. Dumpster Diving
- 2.5.2. Shoulder Surfing
- 2.5.3. Theft
- 2.5.4. Tailgating
- 2.5.5. The Long and Short Con
- 2.5.6. Side Channel Attacks
- 3.0. Social Engineering
- 3.1. Definition
- 3.2. Intelligence Gathering
- 3.3. Managing the Human Asset
- 3.3.1. Cognitive Biases
- 3.3.2. Promoting Ownership
- 3.4. Role-Based Access Control
- 3.4.1. Principle of Least Privilege
- 3.4.2. Background Checks
- 3.5. Social Media and Cybercrime
- 4.0. Prevention Techniques
- 4.1. Defense in Depth
- 4.1.1. Definition
- 4.1.2. Implementation
- 4.2. Security Controls
- 4.2.1. Physical Controls
- 4.2.2. Logical Controls
- 4.2.3. Administrative Controls
- 4.3. Zero Trust Architecture
- 4.4. Reducing the Attack Surface
- 4.4.1. What Is the Attack Surface?
- 4.4.2. Reducing Online Presence
- 4.4.3. Methods of Reducing the Attack Surface
- 4.4.3.1. Deception, Misdirection, and Honeypots
- 4.4.3.2. Network Obfuscation
- 4.4.3.3. Demilitarized Zone
- 4.4.3.4. Closing Open Ports
- 4.5. Penetration Testing
- 4.6. Red/Blue Team Exercises
- 4.7. Network Segmentation
- 4.7.1. Office Versus Process
- 4.7.2. Firewalls
- 4.7.3. Virtual Private Networks
- 4.8. Virtualization
- 4.9. Password Policy and Enforcement
- 4.9.1. Establishing Policies
- 4.9.2. Enforcing Policies
- 4.9.3. Password Best Practices
- 4.9.4. Password Blacklists
- 4.10. Multifactor Authentication
- 4.11. Updates and Patches
- 5.0. References
- 6.0. Suggested Readings
- Chapter 9. Case Studies
- 1.0. Case Study 1: Information Technology for Industrial Pretreatment Reporting
- 1.1. Introduction and Business Context
- 1.2. Technology Description
- 1.3. Stakeholder Involvement
- 1.4. Role of Data
- 1.5. Timeline, Cost, and Approach
- 1.6. Outcomes
- 1.7. Lessons Learned
- 2.0. Case Study 2: Information Technology for Asset Management
- 2.1. Introduction and Business Context
- 2.2. Technology Description
- 2.3. Stakeholder Involvement
- 2.4. Role of Data
- 2.5. Timeline, Cost, and Approach
- 2.6. Outcomes
- 2.7. Lessons Learned
- 3.0. Case Study 3: Cybersecurity
- 3.1. Dam Control Vulnerability: Stuxnet-A Game Changer
- 3.1.1. The Attack
- 3.1.2. The Counterattack
- 3.2. The "NotPetya" Attack: A Lesson in Global Vulnerability
- 3.3. The Disgruntled Employee: The Maroochy Shire Incident
- 3.4. New Awareness in the United States: The Oldsmar, Florida, Hack 2021
- 3.5. Infrastructure Billing and Customer Service in the Colonial Pipeline Ransomware Attack 2021
- 4.0. Reference
