Episode 2656 ITIL security management Sun, 2024-Aug-11 00:22 UTC Length - 2:56
Direct Link Welcome to Random Wiki of the Day, your journey through Wikipedia’s vast and varied content, one random article at a time.
The random article for Sunday, 11 August 2024 is ITIL security management.
ITIL security management describes the structured fitting of security into an organization. ITIL security management is based on the ISO 27001 standard. "ISO/IEC 27001:2005 covers all types of organizations (e.g. commercial enterprises, government agencies, not-for profit organizations). ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties."
A basic concept of security management is information security. The primary goal of information security is to control access to information. The value of the information is what must be protected. These values include confidentiality, integrity and availability. Inferred aspects are privacy, anonymity and verifiability.
The goal of security management comes in two parts:
Security requirements defined in service level agreements (SLA) and other external requirements that are specified in underpinning contracts, legislation and possible internal or external imposed policies.
Basic security that guarantees management continuity. This is necessary to achieve simplified service-level management for information security.
SLAs define security requirements, along with legislation (if applicable) and other contracts. These requirements can act as key performance indicators (KPIs) that can be used for process management and for interpreting the results of the security management process.
The security management process relates to other ITIL-processes. However, in this particular section the most obvious relations are the relations to the service level management, incident management and change management processes.
This recording reflects the Wikipedia text as of 00:22 UTC on Sunday, 11 August 2024.
For the full current version of the article, see ITIL security management on Wikipedia.
This podcast uses content from Wikipedia under the Creative Commons Attribution-ShareAlike License.
Visit our archives at wikioftheday.com and subscribe to stay updated on new episodes.
Follow us on Mastodon at @wikioftheday@masto.ai.
Also check out Curmudgeon's Corner, a current events podcast.
Until next time, I'm standard Joanna.
|
|