Home | ITIL Training
Home | ITIL training material and exam preparation guides
Copyright © Accelerated Ideas 2005-2024

Service Design - Information Security Management

We use information security processes as a means of protecting information and information systems from unauthorized access, use, disclosure, disruption, modification and destruction.

Information Security Management required input from:

  • Business strategy and plans
  • Security policies or guidelines
  • Risk Analysis
  • Change Management information

Information Security
With an increasing amount of data stored electronically, businesses amass a great deal of confidential information about their employees, customers, products, research, and financial status. Most information these days is now collected, processed and stored on electronic computers and transmitted across networks to other computers. Organisations such as military, governments, financial institutions and hospitals hold a wealth of information which must be protected.

Should confidential information about customers or finances fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business

The focus on information security varies from organisation to organisation; some companies have extremely strong information security plans. Other customers are challenged with coming up with a program. ITIL covers only a part of the information security scene. In any case, you would follow the ISO 20701 standards. Governmental departments such as The Ministry of Defence will certainly have their own standards, which are extremely very well documented and very rigorous. We cover some elements of security during the Service Design phase. Information Security may consist of vulnerability scanning, particular standards for services, hardening of desktops and servers among others.

Information Security Management aims to deliver:

  • Information Security Management Policy
  • Security Management Information System (SMIS)
  • Security controls
  • Security reports and audits

See also:

  • Information Security Management System (ISMS)
  • Plan-Do-Check-Act (PDCA)

service design management security iso data storage policies breach of security security plans standards documents



Take a free ITIL Practice Exam and test your knowledge of ITIL principles. Sample ITIL questions for the foundation and intermediate exams.

ITIL Practice Test

English English  |  Portuguese Portuguese