| View previous topic :: View next topic |
| Author |
Message |
kuntul
Newbie
Joined: Oct 06, 2010
Posts: 3
|
 Posted: Thu Oct 07, 2010 10:35 am Post subject: ITIL security management |
 |
|
| I am writing a paper about ITIL security management. I am having a hard time to find resources that discuss about these issue. What are some sub-topics that can be discussed about ITIL security management and what are good resources for ITIL security management? |
|
| Back to top |
|
 |
swansong
Senior Itiler
Joined: Nov 14, 2007
Posts: 109
|
| Posted: Thu Oct 07, 2010 5:02 pm Post subject: |
|
|
| can you elaborate somewhat? What is the purpose of this paper? Who are the audience? What business problems do you want to address by writing this paper? |
|
| Back to top |
|
|
UKVIKING
Senior Itiler
Joined: Sep 16, 2006
Posts: 3115
Location: London, UK
|
| Posted: Thu Oct 07, 2010 5:17 pm Post subject: |
|
|
ISO27001 is the std for Security Management
Not ITIL.. While ITIL may have some sections on security, it leans heavily on ISO27001
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)
Change Management is POWER & CONTROL. /....evil laughter |
|
| Back to top |
|
|
kuntul
Newbie
Joined: Oct 06, 2010
Posts: 3
|
| Posted: Fri Oct 08, 2010 12:27 am Post subject: |
|
|
| It is mainly just a research paper for informational purpose to explain what ITIL does in terms of security management. Audience are mainly those who are new to ITIL. |
|
| Back to top |
|
|
swansong
Senior Itiler
Joined: Nov 14, 2007
Posts: 109
|
| Posted: Fri Oct 08, 2010 4:39 am Post subject: |
|
|
| Sorry, can I ask another question? What is your starting point? What do you know about security management at the moment? |
|
| Back to top |
|
|
kuntul
Newbie
Joined: Oct 06, 2010
Posts: 3
|
| Posted: Fri Oct 08, 2010 4:53 am Post subject: |
|
|
| I plan to start of with explaining what information security is in ITIL and SLA in ITIL. I know that security management is protecting a company information by controlling it's data access, privacy, and confidentiality from risk and unauthorized access. That is to throw off the definition of security management in a nut shell. |
|
| Back to top |
|
|
Diarmid
Senior Itiler
Joined: Mar 04, 2008
Posts: 1883
Location: Newcastle-under-Lyme
|
| Posted: Fri Oct 08, 2010 6:30 pm Post subject: |
|
|
kuntul,
do you have access to the ITIL books? This is where to start.
You will probably find some relevant discussions on LinkedIn discussion groups. There is a website called infosecisland which may have some relevant material.
Why do you mention SLA? Is that a separate paper? it would not be a beginner subject to link the SLAs to the security requirements except in the most general sense.
By the by, for me, information security is also about the integrity of the data in the sense that it is correct, not corrupted and with documented and traceable authenticated sources.
When your paper has been fully developed, I might expect it to come to the conclusion that ITIL is neither substantial nor comprehensive on the subject as it leaves much of the detail to other bodies of knowledge and standards as John pointed out, and as it does in many other areas also.
_________________
"Method goes far to prevent trouble in business: for it makes the task easy, hinders confusion, saves abundance of time, and instructs those that have business depending, both what to do and what to hope."
William Penn 1644-1718 |
|
| Back to top |
|
|
|
Forum FAQ
Search
Usergroups
Profile
Log in to check your private messages
Log in
