|
Security Management
ITIL is a relatively new process in its own right. Security in ITIL
version 1 was one of the key concepts of Availability Management,
now it is seen as an umbrella process which has responsibilities
right across the board.
Business processes can
no longer operate without a supply of information. In fact, more and
more business processes consist purely of one or more information
systems.
Information Security
Management ITIL
Information Security
Management ITIL is an important activity, which aims to control the
provision of information, and to prevent unauthorized use of
information. For many years, Information Security Management ITIL
was largely ignored.
However, this is
changing. Security is now considered as one of the main management
challenges for the coming years. The interest in this discipline is
increasing because of the growing use of the Internet and e-commerce
in particular.
Dealing with
Risks
More and more
businesses are opening electronic gateways into their business. This
introduces the risk of intrusion. What risks do we want to cover,
and what measures should we take now and in the next budgeting
round?
Senior Management has
to take decisions and these decisions can only be taken if a
thorough risk analysis is undertaken. This analysis should provide
input to Security Management to determine the security requirements.
These requirements affect IT service providers and should be laid
down in Service Level Agreements.
Security Management
ITIL Aims
Security Management
ITIL aims to ensure that the security aspects of services are
provided at the level agreed with the customer at all times.
Security is now an essential quality aspect of management.
Security Management
integrates security in the IT organisation from the service
provider’s point of view. The Code of Practice for Information
Security Management (BS 7799) provides guidance for the development,
introduction and evaluation of security measures.
Want to find out more
about ITIL:
| 
