IT Security Management: Difference between revisions

From IT Process Wiki
mNo edit summary
No edit summary
 
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
<seo metakeywords="it security management, itil security management, security management itil, itil security management process, security management process" metadescription="IT Security Management: ITIL process definition - subprocesses - Additional information on IT Security Management." />
<itpmch><title>Information Security Management | IT Process Wiki</title>
<meta name="keywords" content="information security management, itil security management, security management itil, itil security management process, security management process" />
<meta name="description" content="Information Security Management aims to ensure the confidentiality, integrity and availability of an organization's information, data and IT services. ITIL Security Management usually forms part of an organizational approach to security management which has a wider scope than the IT Service Provider." />
<meta property="og:url" content="https://wiki.en.it-processmaps.com/index.php/IT_Security_Management" />
<meta property="og:title" content="Information Security Management | IT Process Wiki" />
<meta property="og:description" content="Information Security Management aims to ensure the confidentiality, integrity and availability of an organization's information, data and IT services. ITIL Security Management usually forms part of an organizational approach to security management which has a wider scope than the IT Service Provider." />
<meta property="og:site_name" content="IT Process Wiki - the ITIL&#174; Wiki">
<meta property="og:type" content="article" />
<meta property="article:publisher" content="https://www.facebook.com/itprocessmaps" />
<meta property="fb:admins" content="100002035253209" />
<meta property="fb:admins" content="100002592864414" />
<meta property="og:image" content="https://wiki.en.it-processmaps.com/images/e/e7/Itil-security-management.jpg" />
<meta property="og:image:width" content="1200" />
<meta property="og:image:height" content="1200" />
<link href="https://plus.google.com/108613479011811316823/posts" rel="publisher" />
</itpmch>
<imagemap>
<imagemap>
Image:ITIL-Wiki-de-es.jpg|DE - ES - IT Security Management|100px
Image:ITIL-Wiki-de-es.jpg|right|DE - ES - Information Security Management|163px
rect 0 0 50 30 [https://wiki.de.it-processmaps.com/index.php/IT_Security_Management diese Seite auf Deutsch]
rect 81 0 114 36 [https://wiki.de.it-processmaps.com/index.php/IT_Security_Management diese Seite auf Deutsch]
rect 50 0 100 30 [https://wiki.es.it-processmaps.com/index.php/ITIL_Gestion_de_la_Seguridad_de_TI esta página en español]
rect 115 0 163 36 [https://wiki.es.it-processmaps.com/index.php/ITIL_Gestion_de_la_Seguridad_de_TI esta página en español]
desc none
desc none
</imagemap>
</imagemap>
<br style="clear:both;"/>
<br style="clear:both;"/>


== ITIL IT Security Management: Overview ==
'''<span id="Overview">Objective:</span>''' <html><span id="md-webpage-description" itemprop="description"><i>Information Security Management</i> aims to ensure the confidentiality, integrity and availability of an organization's information, data and IT services. ITIL Security Management usually forms part of an organizational approach to security management which has a wider scope than the IT Service Provider.</span></p>
<p><b>Part of</b>: <a href="https://wiki.en.it-processmaps.com/index.php/ITIL_Service_Design" title="ITIL Service Design">Service Design</a></html>


'''Process Objective''': To ensure the confidentiality, integrity and availability of an organisation's information, data and IT services. Information Security Management usually forms part of an organisational approach to security management which has a wider scope than the IT Service Provider.
'''Process Owner''': [[IT Security Management#Information Security Manager|Information Security Manager]]


'''Part of''': [[ITIL V3 Service Design|Service Design]]
<p>&nbsp;</p>


'''Process Owner''': [[IT Security Management#ITIL Roles in IT Security Management|IT Security Manager]]
==Process Description==


ITIL V3 treats Information Security Management as part of the Service Design core volume, resulting in a better integration of this process into the Service Lifecycle (the previous ITIL version provided guidance on Security Management in a separate book).
[[Image:Itil-security-management.jpg|right|thumb|500px|alt=Information Security Management ITIL|link=https://wiki.en.it-processmaps.com/index.php/File:Itil-security-management.jpg|[https://wiki.en.it-processmaps.com/images/pdf/process_overview_it_security_management_itilv3.pdf ITIL Security Management]]]


== IT Security Management: Process Definition ==
The process has been updated to account for new information security concerns.


[[Image:Itil-security-management.jpg|thumb=overview_it_security_management_itilv3_thumb.jpg|left|[https://wiki.en.it-processmaps.com/images/pdf/process_overview_it_security_management_itilv3.pdf IT Security Management ITIL]]]
ITIL does not provide a detailed explanation of all aspects of Information Security Management, as there are dedicated and more detailed standards available (see, for example, ISO 27001). Rather, ITIL highlights the most important activities and assists in identifying interfaces with other Service Management processes.


ITIL V2 provided guidance on IT Security Management in a separate book. ITIL V3 treats IT Security Management as part of the Service Design core volume, resulting in a better integration of this process into the Service Lifecycle. The process was updated to account for new security concerns.
Following the introduction of Design Coordination in ITIL 2011 the information flows have been adapted. The process overview of [[Media:Itil-security-management.jpg|ITIL Security Management (.JPG)]] shows the key information flows (see fig. 1).


The following sub-processes are part of [[IT Security Management|ITIL Security Management]]:
[[ITIL 4]] refers to 'Information Security Management' as a [[ITIL_4#General_management_practices|general management practice]].
<br style="clear:both;"/>
<p style="clear:both;">&nbsp;</p>
 
=== Sub-Processes ===
 
;Design of Security Controls
: Process Objective: To design appropriate technical and organizational measures in order to ensure the confidentiality, integrity, security and availability of an organization's assets, information, data and services.
 
;Security Testing
:Process Objective: To make sure that all security mechanisms are subject to regular testing.
 
;Management of Security Incidents
:Process Objective: To detect and fight attacks and intrusions, and to minimize the damage incurred by security breaches.
 
;Security Review
:Process Objective: To review if security measures and procedures are still in line with risk perceptions from the business side, and to verify if those measures and procedures are regularly maintained and tested.
 
 
===== Downloads =====
 
Use the following links to open the process overview of IT Security Management showing the most important interfaces:


* [[Media:Itil-security-management.jpg|ITIL Security Management (.JPG)]]
==Sub-Processes==
* [https://wiki.en.it-processmaps.com/images/pdf/process_overview_it_security_management_itilv3.pdf ITIL Security Management (.PDF)]''


<html><div itemscope="itemscope" itemtype="https://schema.org/ItemList"><!-- define schema.org/ItemList -->
<meta itemprop="itemListOrder" content="Ascending" />
<p><span itemprop="name" content="Security Management sub-processes:">These are the <strong class="selflink">Information Management</strong> sub-processes and their process objectives:</span>
</p>
<p><b><span id="ITIL_Security_Management_Controls" itemprop="itemListElement">Design of Security Controls</span></b>
</p>
<ul><li itemprop="description">Process Objective: To design appropriate technical and organizational measures in order to ensure the confidentiality, integrity, security and availability of an organization's assets, information, data and services.
</li></ul>
<p><b><span id="ITIL_Security_Management_Testing" itemprop="itemListElement">Security Testing</span></b>
</p>
<ul><li itemprop="description">Process Objective: To make sure that all security mechanisms are subject to regular <a href="/index.php/IT_Security_Management#Test_Report" title="IT Security Management">testing</a>.
</li></ul>
<p><b><span id="ITIL_Security_Management_Incidents" itemprop="itemListElement">Management of Security Incidents</span></b>
</p>
<ul><li itemprop="description">Process Objective: To detect and fight attacks and intrusions, and to minimize the damage incurred by security breaches.
</li></ul>
<p><b><span id="ITIL_Security_Management_Review" itemprop="itemListElement">Security Review</span></b>
</p>
<ul><li itemprop="description">Process Objective: To review if security measures and procedures are still in line with risk perceptions from the business side, and to verify if those measures and procedures are regularly maintained and tested.
</li></ul>
</div><!-- end of schema.org/ItemList --><p></html>


=== ITIL Terms: IT Security Management ===
==Definitions==


;<span id="Availability ITSCM Security Testing Schedule">Availability/ ITSCM/ Security Testing Schedule</span>
<html><div itemscope="itemscope" itemtype="https://schema.org/ItemList"><!-- define schema.org/ItemList -->
:A schedule for the regular testing of all availability, continuity and security mechanisms, jointly maintained by Availability, IT Service Continuity and IT Security Management.
<meta itemprop="itemListOrder" content="Ascending" />
<p><span itemprop="name">The following <a href="/index.php/ITIL_Glossary#ITIL_Glossary_A-Z" title="ITIL Glossary">ITIL terms and acronyms</a> (<i>information objects</i>) are used in the Security Management process to represent process outputs and inputs:</span>
</p>
<p><b><span id="Availability-ITSCM-Security-Testing-Schedule" itemprop="itemListElement">Availability/ ITSCM/ Security Testing Schedule</span></b>
</p>
<ul><li itemprop="description">A schedule for the <a href="/index.php/IT_Security_Management#ITIL_Security_Management_Testing" title="IT Security Management">regular testing</a> of all availability, continuity and security mechanisms, jointly maintained by <a href="/index.php/Availability_Management" title="Availability Management">Availability</a>, <a href="/index.php/IT_Service_Continuity_Management" title="IT Service Continuity Management">IT Service Continuity</a> and <strong class="selflink">Information Security Management</strong>.
</li></ul>
<p><b><span id="ITIL_Security_Management_Rules" itemprop="itemListElement">Event Filtering and Correlation Rules</span></b>
</p>
<ul><li itemprop="description">Rules and criteria used to determine if an Event is significant and to decide upon an appropriate response. Event Filtering and Correlation Rules are typically used by Event Monitoring systems. Some of those rules are defined during the Service Design stage, for example to ensure that Events are triggered when the required service availability is endangered.
</li><li><i>Note: The output "Event Filtering and Correlation Rules" has been added in ITIL 2011, to emphasize that (some) Event filtering and correlation rules should be designed by Information Security Management to support the detection of security issues.</i>
</li></ul>
<p><b><span id="ITIL_Security_Policy" itemprop="itemListElement">Information Security Policy</span></b>
</p>
<ul><li itemprop="description">The Information Security Management Policy describes and communicates the organization's approach to managing information security. It includes references to more specific <a href="/index.php/IT_Security_Management#Underpinning-Information-Security-Policy" title="IT Security Management">Underpinning Information Security Policies</a> which, for example, set binding rules for the use of systems and information.
</li></ul>
<p><b><span id="ITIL_Security_Report" itemprop="itemListElement">Information Security Report</span></b>
</p>
<ul><li itemprop="description">The Information Security Report provides other Service Management processes and IT Management with information related to Information Security issues.
</li></ul>
<p><b><span id="Security-Advisories" itemprop="itemListElement">Security Advisories</span></b>
</p>
<ul><li itemprop="description">A list of known security vulnerabilities compiled from input by third-party product suppliers. The list contains instructions for preventive measures and for the handling of security breaches once they occur.
</li></ul>
<p><b><span id="Security_Alert" itemprop="itemListElement">Security Alert</span></b>
</p>
<ul><li itemprop="description">A warning produced by Information Security Management, typically released when outbreaks of security threats are foreseeable or already under way. The aim is to make sure that users and IT staff are able to identify any attacks and take appropriate precautions.
</li></ul>
<p><b><span id="Security-Management-Information-System" itemprop="itemListElement">Security Management Information System (SMIS)</span></b>
</p>
<ul><li itemprop="description">A virtual repository of all Information Security Management data, usually stored in multiple physical locations.
</li></ul>
<p><b><span id="Test_Report" itemprop="itemListElement">Test Report</span></b>
</p>
<ul><li itemprop="description">A Test Report provides a summary of testing and assessment activities. A Test Report is created for example during Release tests in the Service Transition stage or during tests carried out by <a href="/index.php/Availability_Management" title="Availability Management">Availability</a>, <a href="/index.php/IT_Service_Continuity_Management" title="IT Service Continuity Management">IT Service Continuity</a> or <strong class="selflink">Information Security Management</strong>.
</li></ul>
<p><b><span id="Underpinning-Information-Security-Policy" itemprop="itemListElement">Underpinning Information Security Policy</span></b>
</p>
<ul><li itemprop="description">Underpinning Information Security Policies are specific policies complementing the <a href="/index.php/IT_Security_Management#ITIL_Security_Policy" title="IT Security Management">main Information Security Policy</a> by setting binding rules for the use of systems and information as well as for the use and delivery of services, with the aim of improving information security.
</li></ul>
</div><!-- end of schema.org/ItemList --><p></html>


;<span id="IT Security Policy">IT Security Policy</span>
==KPIs==
:IT Security Policies set binding rules for the use of services and systems with the aim of improving IT security.


;<span id="IT Security Report">IT Security Report</span>
<html><ul><li><a href="https://wiki.en.it-processmaps.com/index.php/ITIL_KPIs_Service_Design#ITIL_KPIs_Information_Security_Management" title="ITIL KPIs Security Management">Key Performance Indicators (KPIs) Information Security Management</a></li></ul>
:The IT Security Report provides other Service Management processes and IT Management with information related to IT Security issues.
<p></html>


;<span id="IT Security Strategy">IT Security Strategy</span>
==Roles | Responsibilities==
:The IT Security Strategy contains an outline of the approach to ensure the security of IT services and systems. It includes a list of security-related risks and existing or planned Security Controls to address those risks.


;<span id="Security Advisories">Security Advisories</span>
'''<span id="Information Security Manager">Information Security Manager - Process Owner</span>
:A list of known security vulnerabilities compiled from input by third-party product suppliers. The list contains instructions for preventive measures and for the handling of security breaches once they occur.  
*The Information Security Manager is responsible for ensuring the confidentiality, integrity and availability of an organization’s assets, information, data and IT services. He is usually involved in an organizational approach to Security Management which has a wider scope than the IT service provider, and includes handling of paper, building access, phone calls etc., for the entire organization.


;<span id="Security Alert">Security Alert</span>
<p>&nbsp;</p>
:A warning produced by IT Security Management, typically released when outbreaks of security threats are foreseeable or already under way. The aim is to make sure that users and IT staff are able to identify any attacks and take appropriate precautions.


;<span id="Security Management Information System">Security Management Information System</span>
{| class="wikitable" style="background: white;"
:A virtual repository of all IT Security Management data, usually stored in multiple physical locations.
|-
|+ style="background:#013b5e; color:#ffffff; font-size: 120%" colspan="7"|'''Responsibility Matrix: ITIL Security Management'''
|-
!style="background:#ffffee; width: 50%; text-align:center" | ITIL Role / Sub-Process
! style="background:#eeeeee;" | [[IT Security Management#Information Security Manager|Information Security Manager]]
! style="background:#eeeeee;" | Service Owner[[#ITIL Security Roles|<small>[3]</small>]]
! style="background:#eeeeee;" | Applications Analyst[[#ITIL Security Roles|<small>[3]</small>]]
! style="background:#eeeeee;" | Technical Analyst[[#ITIL Security Roles|<small>[3]</small>]]
! style="background:#eeeeee;" | IT Operator[[#ITIL Security Roles|<small>[3]</small>]]
! style="background:#eeeeee;" | Facilities Manager[[#ITIL Security Roles|<small>[3]</small>]]
|-
|style="text-align:left;" |[[#ITIL Security Management Controls|Design of Security Controls]]
| A[[IT Security Management#Accountable|<small>[1]</small>]]R[[IT Security Management#Responsible|<small>[2]</small>]]
| R
| R
| R
| -
| -
|-
|style="text-align:left;" |[[#ITIL Security Management Testing|Security Testing]]
| AR
| -
| -
| -
| R
| R
|-
|style="text-align:left;" |[[#ITIL Security Management Incidents|Management of Security Incidents]]
| AR
| -
| -
| -
| -
| -
|-
|style="text-align:left;" |[[#ITIL Security Management Review|Security Review]]
| AR
| -
| -
| -
| -
| -
|-
|}


;<span id="Test Report">Test Report</span>
'''Remarks'''
:A report of the preparation, progress and evaluation of a test, created for example during the various tests carried out by Availability, IT Service Continuity or IT Security Management.


== Additional Information on IT Security Management ==
<span id="Accountable">[1] ''A: Accountable'' according to the RACI Model: Those who are ultimately accountable for the correct and thorough completion of the Information Security Management process.</span>


==== ITIL KPIs ====
<span id="Responsible">[2] ''R: Responsible'' according to the RACI Model: Those who do the work to achieve a task within ITIL Security Management.</span>
* [[ITIL KPIs Service Design#ITIL KPIs IT Security Management|KPIs IT Security Management]]


<span id="ITIL Security Roles">[3] siehe [[ITIL Roles|&#8594; Role descriptions ...]]</span>


==== ITIL Roles in IT Security Management ====
==Notes==


;IT Security Manager - Process Owner
<html>By:&#160;&#160;Stefan Kempter&#160;<a rel="author" href="https://www.linkedin.com/in/stefankempter"><img style="margin:0px 0px 0px 0px;" src="/images/bookmarking/linkedin.png" width="16" height="16" title="By: Stefan Kempter | Profile on LinkedIn" alt="Author: Stefan Kempter, IT Process Maps GbR" /></a>, IT Process Maps.</p>
:The IT Security Manager is responsible for ensuring the confidentiality, integrity and availability of an organization’s assets, information, data and IT services.
:He is usually involved in an organizational approach to Security Management which has a wider scope than the IT service provider, and includes handling of paper, building access, phone calls etc., for the entire organization.


<p>&nbsp;</p>


<p><small>
<span itemprop="breadcrumb" itemscope itemtype="http://schema.org/BreadcrumbList">
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://wiki.en.it-processmaps.com/index.php/IT_Security_Management#Process_Description">
<span itemprop="name">Process Description</span></a>
<meta itemprop="position" content="1"></span> ›
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://wiki.en.it-processmaps.com/index.php/IT_Security_Management#Sub-Processes">
<span itemprop="name">Sub-Processes</span></a>
<meta itemprop="position" content="2"></span> ›
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://wiki.en.it-processmaps.com/index.php/IT_Security_Management#Definitions">
<span itemprop="name">Definitions</span></a>
<meta itemprop="position" content="3"></span> ›
<span itemprop="itemListElement" itemscope itemtype="http://schema.org/ListItem">
<a itemprop="item" href="https://wiki.en.it-processmaps.com/index.php/IT_Security_Management#Roles_.7C_Responsibilities">
<span itemprop="name">Roles</span></a>
<meta itemprop="position" content="4" /></span>
</span>
</small></p>


<i><small>[[Main Page|Home]] > [[ITIL Processes]] > [[ITIL V3 Service Design|Service Design]] > [[IT Security Management|IT Security Management]]</small></i>
<!-- define schema.org/WebPage --> <span itemscope itemtype="https://schema.org/WebPage" itemref="md-webpage-description">
  <meta itemprop="name" content="Information Security Management" />
  <meta itemprop="alternativeHeadline" content="ITIL Security Management" />
  <meta itemprop="significantLinks" content="https://wiki.en.it-processmaps.com/index.php/ITIL_KPIs_Service_Design#ITIL_KPIs_Information_Security_Management" />
  <link itemprop="url" href="https://wiki.en.it-processmaps.com/index.php/IT_Security_Management" />
  <meta itemprop="inLanguage" content="en" />
  <link itemprop="citation" href="https://wiki.de.it-processmaps.com/index.php/IT_Security_Management" />
  <link itemprop="citation" href="https://wiki.es.it-processmaps.com/index.php/ITIL_Gestion_de_la_Seguridad_de_TI" />
  <meta itemprop="Headline" content="Information Security Management" />
  <link itemprop="isPartOf" href="https://wiki.en.it-processmaps.com/index.php/ITIL_Service_Design" />
  <link itemprop="primaryImageOfPage" href="https://wiki.en.it-processmaps.com/images/e/e7/Itil-security-management.jpg" />
  <span id="https://wiki.en.it-processmaps.com/images/e/e7/Itil-security-management.jpg" itemprop="image" itemscope itemtype="https://schema.org/ImageObject">
  <meta itemprop="caption" content="Information Security Management">
  <meta itemprop="contentUrl" content="https://wiki.en.it-processmaps.com/images/e/e7/Itil-security-management.jpg" />
  <meta itemprop="width" content="1200" />
  <meta itemprop="height" content="1200" />
  <meta itemprop="representativeOfPage" content="true"/>
  <meta itemprop="dateCreated" content="2011-09-19" />
  <meta itemprop="dateModified" content="2020-06-20" />
  <span itemprop="thumbnail" itemscope itemtype="https://schema.org/ImageObject">
    <meta itemprop="url" content="https://wiki.en.it-processmaps.com/images/thumb/e/e7/Itil-security-management.jpg/600px-Itil-security-management.jpg" />
    <meta itemprop="width" content="600" />
    <meta itemprop="height" content="600" />
  </span>
  <meta itemprop="keywords" content="Information Security Management" />
  <meta itemprop="keywords" content="ITIL Security Management" />
  </span>
  <link itemprop="author" href="https://www.linkedin.com/in/stefankempter" />
  <meta itemprop="author" content="Stefan Kempter" />
  <meta itemprop="creator copyrightHolder publisher" content="IT Process Maps" />
</span><p></html>


<!-- This page is assigned to the following categories: -->
<!-- This page is assigned to the following categories: -->
[[Category:ITIL V3]][[Category:ITIL process]][[Category:Service Design|IT Security Management]][[Category:IT Security Management|!]]
[[Category:ITIL 4]][[Category:ITIL 2011]][[Category:ITIL V3]][[Category:ITIL practice]][[Category:ITIL process]][[Category:Service Design|Information Security Management]][[Category:Information Security Management|!]]
<!-- --- -->
<!-- --- -->

Latest revision as of 11:53, 31 December 2023

DE - ES - Information Security Managementdiese Seite auf Deutschesta página en español
DE - ES - Information Security Management


Objective: Information Security Management aims to ensure the confidentiality, integrity and availability of an organization's information, data and IT services. ITIL Security Management usually forms part of an organizational approach to security management which has a wider scope than the IT Service Provider.

Part of: Service Design

Process Owner: Information Security Manager

 

Process Description

ITIL V3 treats Information Security Management as part of the Service Design core volume, resulting in a better integration of this process into the Service Lifecycle (the previous ITIL version provided guidance on Security Management in a separate book).

Information Security Management ITIL
ITIL Security Management

The process has been updated to account for new information security concerns.

ITIL does not provide a detailed explanation of all aspects of Information Security Management, as there are dedicated and more detailed standards available (see, for example, ISO 27001). Rather, ITIL highlights the most important activities and assists in identifying interfaces with other Service Management processes.

Following the introduction of Design Coordination in ITIL 2011 the information flows have been adapted. The process overview of ITIL Security Management (.JPG) shows the key information flows (see fig. 1).

ITIL 4 refers to 'Information Security Management' as a general management practice.

 

Sub-Processes

These are the Information Management sub-processes and their process objectives:

Design of Security Controls

  • Process Objective: To design appropriate technical and organizational measures in order to ensure the confidentiality, integrity, security and availability of an organization's assets, information, data and services.

Security Testing

  • Process Objective: To make sure that all security mechanisms are subject to regular testing.

Management of Security Incidents

  • Process Objective: To detect and fight attacks and intrusions, and to minimize the damage incurred by security breaches.

Security Review

  • Process Objective: To review if security measures and procedures are still in line with risk perceptions from the business side, and to verify if those measures and procedures are regularly maintained and tested.

Definitions

The following ITIL terms and acronyms (information objects) are used in the Security Management process to represent process outputs and inputs:

Availability/ ITSCM/ Security Testing Schedule

Event Filtering and Correlation Rules

  • Rules and criteria used to determine if an Event is significant and to decide upon an appropriate response. Event Filtering and Correlation Rules are typically used by Event Monitoring systems. Some of those rules are defined during the Service Design stage, for example to ensure that Events are triggered when the required service availability is endangered.
  • Note: The output "Event Filtering and Correlation Rules" has been added in ITIL 2011, to emphasize that (some) Event filtering and correlation rules should be designed by Information Security Management to support the detection of security issues.

Information Security Policy

  • The Information Security Management Policy describes and communicates the organization's approach to managing information security. It includes references to more specific Underpinning Information Security Policies which, for example, set binding rules for the use of systems and information.

Information Security Report

  • The Information Security Report provides other Service Management processes and IT Management with information related to Information Security issues.

Security Advisories

  • A list of known security vulnerabilities compiled from input by third-party product suppliers. The list contains instructions for preventive measures and for the handling of security breaches once they occur.

Security Alert

  • A warning produced by Information Security Management, typically released when outbreaks of security threats are foreseeable or already under way. The aim is to make sure that users and IT staff are able to identify any attacks and take appropriate precautions.

Security Management Information System (SMIS)

  • A virtual repository of all Information Security Management data, usually stored in multiple physical locations.

Test Report

  • A Test Report provides a summary of testing and assessment activities. A Test Report is created for example during Release tests in the Service Transition stage or during tests carried out by Availability, IT Service Continuity or Information Security Management.

Underpinning Information Security Policy

  • Underpinning Information Security Policies are specific policies complementing the main Information Security Policy by setting binding rules for the use of systems and information as well as for the use and delivery of services, with the aim of improving information security.

KPIs

Roles | Responsibilities

Information Security Manager - Process Owner

  • The Information Security Manager is responsible for ensuring the confidentiality, integrity and availability of an organization’s assets, information, data and IT services. He is usually involved in an organizational approach to Security Management which has a wider scope than the IT service provider, and includes handling of paper, building access, phone calls etc., for the entire organization.

 

Responsibility Matrix: ITIL Security Management
ITIL Role / Sub-Process Information Security Manager Service Owner[3] Applications Analyst[3] Technical Analyst[3] IT Operator[3] Facilities Manager[3]
Design of Security Controls A[1]R[2] R R R - -
Security Testing AR - - - R R
Management of Security Incidents AR - - - - -
Security Review AR - - - - -

Remarks

[1] A: Accountable according to the RACI Model: Those who are ultimately accountable for the correct and thorough completion of the Information Security Management process.

[2] R: Responsible according to the RACI Model: Those who do the work to achieve a task within ITIL Security Management.

[3] siehe → Role descriptions ...

Notes

By:  Stefan Kempter , IT Process Maps.

 

Process Description  › Sub-Processes  › Definitions  › Roles