IT KORR Knowledge Center
IT Documentation Standards Guide
A guide covering what should be documented, documentation quality standards, where documentation should live, and review cadence.
What Should Be Documented
- Network diagrams — current topology, key devices, and connectivity between sites and environments.
- System configurations — settings, versions, and dependencies for critical systems, not just default installation notes.
- Credentials and access procedures — how access is requested, granted, and reviewed (never plaintext credentials themselves — reference the secure vault or system of record).
- Recovery procedures — step-by-step restoration steps for critical systems, written for someone other than the original engineer.
- Vendor contacts — support contacts, account numbers, and escalation paths for critical vendors and service providers.
Documentation Quality Standards
- Specific and testable — a recovery step should be precise enough to execute without guessing (e.g., exact commands or menu paths), not a vague description of intent.
- Dated and versioned — every document shows when it was last updated and by whom, so staleness is visible rather than assumed away.
- Named owner — every document has a person or role accountable for keeping it current, not "IT" in general.
- Reviewed for accuracy against the live environment, not just written once and left untouched.
Where Documentation Should Live
- Centralized in a single system of record accessible to everyone who needs it, rather than scattered across individual inboxes, desktops, or personal notes.
- Access-controlled appropriately — sensitive procedures restricted to those who need them, while general documentation remains broadly accessible.
- Searchable and organized by system or function, so information can be found under time pressure during an incident.
Review Cadence
- Critical system documentation (recovery procedures, network diagrams) reviewed at least twice per year.
- Documentation reviewed immediately after any significant change to the system it describes.
- A recurring audit compares documentation against the live environment to catch drift, not just a scheduled read-through.
Related Resources
- IT Documentation Best Practices — /knowledge-center/it-operations/it-operations-service-management/it-documentation-best-practices
- IT Operations Fundamentals — /knowledge-center/it-operations/it-operations-service-management/it-operations-fundamentals