Home | ITIL Training
Home | ITIL training material and exam preparation guides
Copyright © Accelerated Ideas 2005-2017

Service Design - Information Security Management



We use information security processes as a means of protecting information and information systems from unauthorized access, use, disclosure, disruption, modification and destruction.

Information Security Management required input from:

  • Business strategy and plans
  • Security policies or guidelines
  • Risk Analysis
  • Change Management information


Information Security
With an increasing amount of data stored electronically, businesses amass a great deal of confidential information about their employees, customers, products, research, and financial status. Most information these days is now collected, processed and stored on electronic computers and transmitted across networks to other computers. Organisations such as military, governments, financial institutions and hospitals hold a wealth of information which must be protected.

Should confidential information about customers or finances fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business

The focus on information security varies from organisation to organisation; some companies have extremely strong information security plans. Other customers are challenged with coming up with a program. ITIL covers only a part of the information security scene. In any case, you would follow the ISO 20701 standards. Governmental departments such as The Ministry of Defence will certainly have their own standards, which are extremely very well documented and very rigorous. We cover some elements of security during the Service Design phase. Information Security may consist of vulnerability scanning, particular standards for services, hardening of desktops and servers among others.

Information Security Management aims to deliver:

  • Information Security Management Policy
  • Security Management Information System (SMIS)
  • Security controls
  • Security reports and audits


See also:

  • Information Security Management System (ISMS)
  • Plan-Do-Check-Act (PDCA)


Related
service design management security iso data storage policies breach of security security plans standards documents






Search

Popular

Take a free ITIL Practice Exam and test your knowledge of ITIL principles. Sample ITIL questions for the foundation and intermediate exams.

ITIL Practice Test





English English  |  Portuguese Portuguese