Security Management - Information Technology Infrastructure Library Concept - Itil
Essay by people • November 12, 2011 • Essay • 665 Words (3 Pages) • 2,063 Views
Essay Preview: Security Management - Information Technology Infrastructure Library Concept - Itil
Security management - Information Technology Infrastructure Library Concept
Objectives and Basic concepts -
Security Management: Protection of any IT function or data from unauthorized access, minimize security exposure or vulnerability, reduce impact of security breaches, and develop security policies that can be implemented by Availability Management.
Security management: Important terms include Confidentiality, Availability and Integrity of data.
Confidentiality: protection of data against unauthorized use and access.
Integrity: completeness and accuracy of data, meaning no compromise on the data used by the business.
Availability: Information should be readily available at any agreed time.
Security mgmt focuses on:
Meeting security requirements as per the SLA, external security requirements and regulations
Providing a basic level of internal security in an organization
Benefits of Security management in industry
By implementing security mgmt, an organization can achieve internal security which could further help in effectively performing the operations
Providing external security will enable higher customer satisfaction
Help in continuity of an organization
Activities in the Security mgmt process that you should know
Planning (defining objectives of security mgmt in consultation with SLM)--> Implement (classifying IT resources, access control etc) -->Evaluate (evaluating the implemented plan, verifying compliance) -->Maintenance (maintaining the security plan in accordance with the SLA) -->Reporting (to provide information about achieved security performance and informing customers about the security issues)
Costs and problems associated with implementing effective security management in a company
Personnel, hardware, software and operational costs
Lack of commitment from senior management and its employees
Lack of awareness and training among the personnel of the company to perform under the guidelines of effective security management
Incident Management
Again, here we review the important aspects of Incident management which is yet another important aspect of ITSM. Please bear in mind that these days more and more case type questions are being asked about Incident, problem and Change management in the ITIL certification exams. These three areas are completely different though sometimes a person can confuse between the three. Please check other processes too for better explanation and clarification.
Objectives and Basic concepts
Incident: Any event which is not a pert of standard operation of a service and which causes
...
...