Terminology Confidentiality – Protecting information against unauthorized access and use. Integrity – Accuracy, completeness and timeliness of the information. Availability – The information should be accessible at any agreed time.
This depends on the continuity provided by the information processing systems. Security Baseline – The security level adopted by the IT organization for its own security and from the point of view of good ‘due diligence’. Security Incident -Any incident that may interfere with achieving the SLA security requirements; materialisation of a threat Verifiability – Ability to verify that information is used correctly and that security measures are effective Security Baseline – The security level adopted by the IT organization for its own security and from the point of view of good ‘due diligence’. Relationship with other ITIL processes Information Security Management sets policy for all other processes Availability Management performs risk assessment for Confidentiality, Integrity and Availability (CIA) on Data.
Security Management uses this information for IT Security Change Management and Release Management implement changes regarding security measures and security policy Service Level Management has security measures as part of a Service Catalogue, SLA’s and other SLM-documents Access Management helps to protect the confidentiality, integrity and availability (CIA) of assets; therefore it is the execution of policies and actions defined in Information Security and Availability Management. Cost Awareness Production of the security plan Measures taken regarding security management Maintain the plan Testing and reviewing the plan Educate staff
Read more about ITIL : Relationship with other ITIL processes Information Security Management sets policy….: