ITIL security management (original) (raw)
ITIL security management describes the structured fitting of security into an organization. ITIL security management is based on the ISO 27001 standard. "ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect
| Property | Value |
|---|---|
| dbo:abstract | ITIL security management describes the structured fitting of security into an organization. ITIL security management is based on the ISO 27001 standard. "ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties." A basic concept of security management is information security. The primary goal of information security is to control access to information. The value of the information is what must be protected. These values include confidentiality, integrity and availability. Inferred aspects are privacy, anonymity and verifiability. The goal of security management comes in two parts: * Security requirements defined in service level agreements (SLA) and other external requirements that are specified in underpinning contracts, legislation and possible internal or external imposed policies. * Basic security that guarantees management continuity. This is necessary to achieve simplified service-level management for information security. SLAs define security requirements, along with legislation (if applicable) and other contracts. These requirements can act as key performance indicators (KPIs) that can be used for process management and for interpreting the results of the security management process. The security management process relates to other ITIL-processes. However, in this particular section the most obvious relations are the relations to the service level management, incident management and change management processes. (en) |
| dbo:thumbnail | wiki-commons:Special:FilePath/Control_Process_model.jpg?width=300 |
| dbo:wikiPageExternalLink | http://www.microsoft.com/technet/itsolutions/cits/mo/smf/mofsmsmf.mspx |
| dbo:wikiPageID | 4695455 (xsd:integer) |
| dbo:wikiPageLength | 23772 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID | 1010081364 (xsd:integer) |
| dbo:wikiPageWikiLink | dbr:Information_security dbr:Integrity dbr:Confidentiality dbr:File:Evaluation_process_data_model.jpg dbr:PDCA dbr:Activity_diagram dbr:W._Edwards_Deming dbr:File:Implementation_process_data_model.jpg dbr:File:Maintenance_process_data_model.jpg dbr:Unified_Modeling_Language dbr:File:Control_Data_model.JPG dbr:File:Control_Process_data_model.JPG dbr:File:Control_Process_model.jpg dbr:Process-data_diagram dbc:Computer_security dbr:ITIL_v3 dbr:Availability dbc:ITIL dbr:COBIT dbr:Class_diagram dbr:Incident_management dbr:Capability_Maturity_Model dbr:Change_management dbr:File:Plan_process_data_model.jpg dbr:File:Process_data_model_security_management.jpg dbr:Information_security_management_system dbr:Microsoft_Operations_Framework dbr:Security dbr:ITIL dbr:IT_infrastructure dbr:Key_performance_indicator dbr:Change_Management_(ITSM) dbr:Service_Level_Management dbr:Service_level_management dbr:Release_Management dbr:Service_level_agreement dbr:Request_for_Change dbr:ISPL dbr:Infrastructure_Management_Services |
| dbp:wikiPageUsesTemplate | dbt:Refimprove dbt:Reflist |
| dct:subject | dbc:Computer_security dbc:ITIL |
| rdfs:comment | ITIL security management describes the structured fitting of security into an organization. ITIL security management is based on the ISO 27001 standard. "ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect (en) |
| rdfs:label | ITIL security management (en) |
| owl:sameAs | freebase:ITIL security management wikidata:ITIL security management https://global.dbpedia.org/id/4mzRQ |
| prov:wasDerivedFrom | wikipedia-en:ITIL_security_management?oldid=1010081364&ns=0 |
| foaf:depiction | wiki-commons:Special:FilePath/Control_Data_model.jpg wiki-commons:Special:FilePath/Control_Process_data_model.jpg wiki-commons:Special:FilePath/Control_Process_model.jpg wiki-commons:Special:FilePath/Evaluation_process_data_model.jpg wiki-commons:Special:FilePath/Implementation_process_data_model.jpg wiki-commons:Special:FilePath/Maintenance_process_data_model.jpg wiki-commons:Special:FilePath/Plan_process_data_model.jpg wiki-commons:Special:FilePath/Process_data_model_security_management.jpg wiki-commons:Special:FilePath/evaluation_process_data_model.jpg |
| foaf:isPrimaryTopicOf | wikipedia-en:ITIL_security_management |
| is dbo:wikiPageRedirects of | dbr:ITIL_Security_Management |
| is dbo:wikiPageWikiLink of | dbr:Security_management dbr:Information_security dbr:ITIL_Security_Management |
| is foaf:primaryTopic of | wikipedia-en:ITIL_security_management |
