The technical skills get you into IT; the operational and people skills determine where you go from there. This lesson covers the procedural and professional knowledge every technician is expected to bring.
Safety
Electrostatic discharge (ESD)
The single most common cause of damaged components during repair. A static spark imperceptible to you destroys an IC.
- Wear an anti-static wrist strap clipped to a grounded surface (the metal chassis works)
- Use an anti-static mat for the work area
- Hold components by edges; avoid touching gold contacts and pins
- Keep components in anti-static bags when not installed
- Avoid carpet and synthetic clothing when handling boards
Electrical safety
- Unplug equipment before opening — even unplugged, PSUs and CRT monitors hold dangerous charge in capacitors; do not open them
- Use a UPS (uninterruptible power supply) for critical equipment; surge protectors for the rest
- Don't overload outlets / power strips; chained power strips ("daisy chaining") is a fire risk
- Replace damaged cables immediately
Lifting and ergonomics
- Lift with the legs; servers and UPS units can weigh 25+ kg
- Use a cart for racks of equipment
- Two-person lift for rack-mount servers
Fire safety
- Class C extinguishers for electrical fires (CO2 or dry chemical)
- Never use water on electrical equipment
- Server rooms typically use clean-agent systems (FM-200, Novec 1230)
Hazardous materials
- Toner and battery dust irritate lungs; clean spills with damp cloth, not vacuum
- Lithium batteries can ignite if punctured — handle with care, ship via approved channels
- Follow the Safety Data Sheet (SDS) for any chemical (compressed air dusters, cleaning solvents)
- Dispose of electronics, batteries, and toner per local e-waste regulations — never general trash
Change Management
In any environment beyond a personal laptop, a "small change" can take down dozens of users. Change management formalises the discipline:
- Request — what, why, when, who
- Risk and impact assessment — what could go wrong
- Approval — CAB (Change Advisory Board) for significant changes
- Backout plan — how do we undo this
- Communication — affected users informed
- Implementation in the change window
- Verification
- Documentation of what was done
Change types: standard (pre-approved, low-risk, e.g., adding a user to a group), normal (assessed and approved), emergency (rapid path for outages).
Incident, Problem, and Change (ITIL)
The ITIL framework is the dominant language in enterprise IT:
| Process | Purpose |
|---|---|
| Incident | Restore service ASAP (the user can't print) |
| Problem | Find root cause to prevent recurrence (why has every printer in this office gone down twice this month?) |
| Change | Implement modifications safely (replace the printer fleet) |
| Request | Routine fulfilment (please give me access to X) |
The same ticket might span all four: an incident is opened, a workaround applied, a problem record opened to investigate, a change implemented for the fix, and a request later for the rollout.
Documentation
What to document:
- Asset inventory: Who has what (laptop serial, monitor model, license, location)
- Network diagrams: Switches, VLANs, firewalls, links
- Standard configurations: Workstation build, default group policies
- Knowledge base: Common issues and resolutions, end-user how-tos
- Runbooks: Step-by-step procedures for recurring tasks
- Disaster recovery plan: What to do when systems fail catastrophically
- Account and access policies
- Change history: What changed, when, by whom, why
Common tools: Confluence, Notion, SharePoint, IT Glue, Hudu, Lansweeper for asset.
Privacy and Data Protection
You will handle personal data. Know the obligations:
- GDPR (EU/UK): Personal data must be collected for a lawful purpose; users can request access, correction, deletion. Breaches notifiable to authorities within 72 hours.
- HIPAA (US healthcare): Protects health information; specific access logging and encryption requirements.
- PCI-DSS: Anyone handling payment cards. Strict separation and encryption.
- CCPA / CPRA: California consumer privacy.
- SOC 2 / ISO 27001: Voluntary standards customers often require — drive a lot of internal IT process.
Practical rules: only access data needed for your task; never copy sensitive data to personal devices or email; report suspected data exposure immediately.
Licensing
- Proprietary licences: EULA defines what you can do (number of installs, transferability)
- Volume / site licences: Bulk for organisations (Microsoft Open Value, Adobe VIP)
- Subscription: Microsoft 365, Adobe Creative Cloud — per-user monthly/annual
- Open-source: Permissive (MIT, Apache) vs copyleft (GPL); always read for embedded products
- Per-device vs per-user vs concurrent: Audit risk is real — track licences against deployments
Professional Communication
Most of the user-impact you have is in how you communicate, not what you fix.
Tone
- Be calm and patient — users are often frustrated when they reach you
- Acknowledge the frustration: "I understand this is blocking your day"
- Avoid jargon; translate technical to plain English
- Avoid blame even when the user caused the issue ("I see how that happened — let me show you a quick way to avoid it next time")
- Confirm understanding: "Can you try X and let me know what happens?"
Status updates
Users tolerate slow resolutions; they don't tolerate silence. For longer tickets, send updates even when there's nothing new ("Still investigating; I'll have more by 4pm").
Saying no
Sometimes the answer is "policy forbids that" or "we can't support that". Soften it: explain the why, offer an alternative if there is one, escalate if the user disagrees.
Cultural awareness
Idioms, humour, and assumptions don't translate. Default to professional, neutral language; mirror the user's formality.
Privacy in Practice
- Lock the screen any time you leave it (Win+L / Ctrl+Cmd+Q)
- Don't read user emails / files beyond what your task requires
- Cover the screen / shoulder-surf protection in public
- Encrypt thumb drives if you must use them
- Shred printed sensitive documents
- Never share another user's data without authorisation
Career Path
This course aligns with CompTIA A+ — the most widely held entry-level IT credential. From here, common paths include:
| Direction | Next cert |
|---|---|
| Networking | CompTIA Network+, then Cisco CCNA |
| Security | CompTIA Security+, then CySA+, Pentest+, or vendor certs |
| Cloud | AWS / Azure / GCP foundational certs |
| Linux / DevOps | Linux+ / LFCS, then Docker / Kubernetes / Terraform |
| Windows administration | Microsoft 365 Administrator, Azure Administrator |
| Service desk / management | ITIL 4 Foundation, HDI certifications |
| ServiceNow | Certified System Administrator (see CertQnA's ServiceNow course) |
The Mindset
Great technicians share three habits:
- Curious: They follow up after the fix to understand the why
- Communicative: They keep users in the loop and document everything
- Calm under pressure: They troubleshoot methodically while phones light up
Skill comes from doing this for thousands of tickets. The methodology and respect for the work outlast any specific technology.
Congratulations on completing IT Fundamentals. You're equipped to step into a service desk, help desk, or junior administrator role — and to pass the CompTIA A+ exams that formalise this foundation.