ITIL Security management works best as a built-in feature of a company's Security management since it is far broader in scope than what a standard IT-Service Provider can offer.
ITIL V3 assigns Information Security management as Service Design process, therefore achieving better integration with the rest of the service life cycle stages. In former publications, Security Information used to have its own publication. This process has also been adapted to fit into the new findings and requirements of IT security. ITIL offers an overview of the most important activities involved therein and offers suggestions on how to integrate it with other service management stages.
ITIL Security management comprises the following aspects:
Design of Security Control - design of suitable technical and organisational measures to ensure that assets, information, data and IT-services retain theirreliability, integrity and availability according to the company's needs.
Security tests - ensure that every security mechanism goes through regular checks.
Recovery from security Incidents - find out and learn about attacks and the ensuing damage on business systems and how to minimise damage in light of a successful attack attempt, besides ensuring that
Security Review - go over security measures and procedures to make sure they are in harmony with the perception of risk from the business' point of view.
No comments:
Post a Comment