IBM Support

TechZone Content Audits

General Page

This comprehensive audit focuses on identifying low usage content, outdated resources, broken links, and the presence of Personally Identifiable Information (PII) or sensitive information within the platform.

The goal is to align all TZ content with IBM's BISO security standards, thereby maintaining the integrity, reliability, and security of the platform. Collections that fail to meet these standards will be transitioned to draft status and their associated resources disabled. The audit not only aims to enhance the overall quality and security of TZ but also to streamline content management practices among authors and collaborators. Through this initiative, IBM seeks to uphold its commitment to data security and operational excellence. The deadline for authors to update their collections is September 12th, 6 pm EST.
 
This comprehensive audit focuses on identifying low usage content, outdated resources, broken links, the presence of Personally Identifiable Information (PII) or sensitive information, as well as issues such as no reservation environments and duplicate author and collaborator names within the platform.

 

Email Reminders:

  • Reminders will be sent to content authors and collaborators each week until the September 12th deadline.
  • Two additional email reminders will be sent in the last week prior to the deadline.
  • Content authors and collaborators who own multiple collections may receive multiple emails.
  • Take action on the content audit criteria by September 12th, 2024, at 6 pm EST, or the content will be disabled.
  • Use the below runbook for guidance on actions to resolve issues and remove content from further emails.

                   

    Table of Contents
 

  • Introduction to BISO Standards Audit for TechZone
  • Content Audit Overview
  • Actions for Low Usage Content
  • Actions for Security Issues
  • Actions for Outdated Content
  • Actions for Broken Links
  • Actions for No Reservation Environments Available
  • Actions for Duplicate Collaborator and Owner
  • Support Strategy
  • FAQs

     


                                         BISO Standards
 

Environment Review Standards

To ensure the security and reliability of your environments, a comprehensive review is required every 90 days. This review includes:

1. Software & Maintenance

  • Verify that all software is current
  • Confirm that any necessary maintenance has been performed

2. Security Patches

  • Confirm that the latest security patches have been applied to safeguard against vulnerabilities


Additionally, whenever images are updated or validated, it is mandatory to review and update the associated content in TechZone. Follow the Content Guidelines for more information.



 

                                                                     TechZone Standards
 

Content Review Standards

To ensure the accuracy and reliability of your content, please adhere to the following review standards:

1. Accuracy

  • Verify that all content is up-to-date and accurately reflects the current state of the environment and associated resources.
  • Check for and resolve any broken links within the content.
  • Ensure that all hyperlinks direct users to the correct and intended destinations.

3. Appropriate Access

  • Confirm that content is accessible only to the intended users.
  • Review permissions and access levels to ensure that sensitive information is protected, and that access is granted appropriately.



                                      Content Update Process

  • Image Updates: Whenever images within your content are updated or validated, review the associated documentation and content to ensure consistency and accuracy.
  • Validation Checks: Conduct periodic validations to ensure that content remains relevant and correct. This includes reviewing for outdated information or any discrepancies.
     

By following these standards, you help maintain high-quality and reliable content across your platform.



 

                                                     Audits

The following section is to help content authors and collaborators act on their content in TechZone based on the issue that was identified with their content.

Outdated

  • Review Content: Ensure your content is current and relevant. Update your content and click save on the resource, environment, and/or collection to ensure the changes are recorded. If no updates are made, the content status will be changed to draft on September 12th.

    For example:
     
    • If content is still current, save the collection in "Active" status.
    • If content is not current and can be removed, change status to "Retired" and you will be removed from further emails.

      image-20240813202117-1

       

    • Verify the Need for Updates

    • Determine if the outdated content still has relevance or if it should be retired.
    • Assess the impact of the outdated information on the user experience and accuracy.

  • Update the Content

    • Revise the content to reflect the most current information.
    • Ensure the updated content maintains clarity, accuracy, and relevance.
       

  • Check for Consistency

    • Ensure that updates are consistent across all related content and documentation.
    • Cross-reference with other materials to maintain uniformity.
    • Save and Publish Changes
      • After reviewing all fields, click 'Save' on the published collection. image-20240813202448-4
      • This action updates the version of the collection on the site with any changes or even if no changes were made, pushing the date change.

         
  • Review Content: Update broken links in resources, environments, and/or collections and click "save". If links are not addressed by the September 12th deadline, the resources, environments, and/or collections will be set to draft or disabled status on September 12th.

    For example:
  • Check collection fields and resources for broken links as one was identified on your collection that is hindering users from being able to use your content.
    • Verify the URLs - Ensure that the URLs are correct and still valid and check if the website or resource is still available.
    • Update Links - Replace broken URLs with updated, valid ones and ensure the new links point to the correct and intended resources.
    • Remove Irrelevant Links - If the resource is no longer relevant, remove the link entirely.
    • Save - Ensure to save the resource and the collection with the updated link. image-20240813202440-3
    • Test Updated Links:- After updating, click through the links to verify they work correctly.
    • Ensure - that the links direct to the intended content without errors.
       

PII or Sensitive Information Found

  • Review Content: Your collections, resources, or environments were identified for having PII or sensitive information that needs to be removed. Reminder: Do not include emails in other fields that are not the support field, author, or collaborator field. As well as usernames and passwords should not be captured anywhere within the collection or in a resources or environment fields.

    For example:
     
    • Remove any PII or sensitive information and save the resource, environment, and/or collection. If the PII or sensitive information is not removed by the September 12th deadline, the resource, environment, and/or collection where it was found will be set to draft or disabled.
       

    • Verify the Data - 

    • Confirm that the identified information is indeed PII or sensitive.
    • Determine the context and necessity of the data within the content

       

    • Remove or Redact

    • Remove any unnecessary PII or sensitive information.
    • If the information is essential, redact it properly to anonymize individuals (e.g., replace names with initials or use generic terms).

       

    • Update Content

    • Ensure the updated content is still accurate and comprehensible without the sensitive information.
    • Modify surrounding text as necessary to maintain coherence.
    • Save the changes to be removed from the list in this audit. image-20240813202423-2

       

    •   Test for Compliance

    • Re-check the content to ensure no PII or sensitive information remains.

       

Low Usage

  • Action: Retire the collection by the specified deadline. Deadline is September 12th.
  • Consequence: If the action is not taken, we will proceed with the retirement on September 12th.
  • Escalation: Content authors must escalate a support case to inquire and provide a business justification for keeping their collection by the September 12th deadline. If no justification is provided, the content will be retired on September 12th at 6 pm EST.
     

     
Collection With No Reservable environments
  The collection currently has no environments available for reservation.
  
How to Fix: Review the collection and identify if environments should be made reservable.

For example:
  •   If reservable environments are necessary, update the collection by linking it to the appropriate environments. (For details on how to add an environment, visit our Certified Base Images to see the vast selection of environments available to choose from).
  •  Ensure that the environments are correctly configured and set as reservable within the platform.
  • Once the updates are made, click "Save" to apply the changes. If the issue is not resolved by the September 12th deadline, the collection may be set to draft status.



Collection has the same collaborator and owner

The collection currently lists the same individual as both the collaborator and the owner.

  How to Fix:  - Review the roles within the collection to determine if they are appropriately assigned.
  • If the same person is listed as both the collaborator and the owner, consider reassigning one of the roles to another individual.
  • Update the collection with the correct roles and ensure that both collaborator and owner fields reflect different team members.
  •  Save the changes to update the collection. If this issue is not addressed by the September 12th deadline, the collection may be flagged for further review or set to draft status image-20240819193239-1





                                     Support

Log Cases: For any issues or assistance, please log a case via our support portal.

To help escalate your support request or message more efficiently, consider using the following subject line suggestions:
image-20240813093412-1
 

Remember to include the relevant information in the subject line, such as the collection/resource name and its link, to help the support team quickly identify the issue and prioritize your request.




 

                                   FAQs and Actions Required

 
  1. Question: What happens to my content if I do not update it by the September 12th deadline?

    Answer: If an issue is identified with your content, it will either be moved to draft status or retired. Content with low usage is the only scenario where a collection will be retired. However, both draft and retired content can be reinstated at any time if needed.

     
  2. Question: How do I know what issue was found with my content?

    Answer: You received an email detailing the issue with your content, including the collection name and a link to the collection, along with the specific reason for the issue. Possible reasons include broken links, outdated content, PII or sensitive information, or low usage. These emails are sent to both authors and collaborators once a week, with additional reminders twice during the final week of the audit, which will conclude on September 12th.

     
  3. Question: What should I do if I believe my content is updated and compliant, but I am still receiving emails?

    Answer: If you believe your content is updated and compliant but are still receiving emails, please contact support for assistance. They can help verify the compliance status of your content and resolve any issues with the notifications.

     
  4. Question: Who can I contact for questions or clarification regarding the audit process?

    Answer: For any questions or clarification regarding the audit process, please contact support. They will be able to assist you with any concerns or provide additional information.

     
  5. Question: Can I get an extension if I’m unable to update my content by the given date?

    Answer: No, extensions are not available. Given the ample notice provided and the importance of meeting compliance, all updates must be completed by the specified deadline.

     
  6. Question: Once I complete fixing my audited content, what else do I need to do, and how do I know if I have fixed my audit violation?

    Answer: We conduct weekly audits to detect if violations have been resolved. If you receive an email, it means the issue wasn't fully addressed; if you don't, the issue was successfully resolved. However, if our audit identifies other violations apart from PII, you will still receive audit emails notifying you of the new issues.

[{"Type":"MASTER","Line of Business":{"code":"","label":""},"Business Unit":{"code":"","label":""},"Product":{"code":"SSNR6KN","label":"IBM Technology Zone"},"ARM Category":[{"code":"a8mKe0000004CW4IAM","label":"Support-\u003EGeneral"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":""}]

Document Information

Modified date:
31 July 2025

UID

ibm17165377

Page Feedback