ITIL & Security Management

The roles of risk and security are key elements within responsible service management. They interlink across the whole of the service management discipline.

How do you ensure therefore that security is appropriate for your needs? How do you apply a security baseline throughout your operation? Essentially, how do your ensure that your services are secure?

As with contingency planning, the solution may not be as complex as it appears. Indeed, the products identified below are selected because they address security management in a straight forward and efficient manner. They are designed to make your job easier, rather than introducing unnecessary challenges and barriers.

When first launched, COBRA introduced a revolution to the risk management arena. It is a self contained software product which is designed to measure risk and identify appropriate solutions right across the IT service board.

The key principles of COBRA are ease of use, flixibility and top class reporting. These qualities ensure that the product can be installed and used without specialist security training.

More information on COBRA, including a downloadable evaluation copy, can be found here

Security policies are the foundation, the bottom line, of information security within an organization. Whereas risk analysis strives to ensure that security matches need, policies define the baseline - the minimum acceptable security level.

With such a fundamental role within the organization, it is essential to ensure that the security policies are comprehensive, complete, up to date and of course of the highest quality.

The RUsecure Information Security Policies meet all these demands. They were created by experienced security consultants, and importantly, are fully compliant with published standards, like ISO17799.

More information on these policies, including a downloadable evaluation copy, can be found here

Return To Main ITIL Page

Any organization concerned about its short and long term well being will have assigned responsibility for security to one or more suitable individuals.... often given the title of Information Security Officer or Security Manager. This is of course an extremely demanding role, whether taken on full time or part time.

The role, like many others, can be made easier via the provision of the right supporting tools. The Information Security Officer's Online Manual is a prime example.

The ISO Interactive Manual gives practical advice on how to establish a formal Information Security process. It discusses the responsibilities of the Information Security Officer, and how to manage and administrate security properly. It can be navigated (online) with ease, and provides guidence and reference for the security professional and the novice.

As with the other tools in this segment, it is designed to make security management far easier and indeed, far more effective.

More information on this guide, including a downloadable evaluation copy, can be found here



You can order the ITIL Service Support CD-ROM from here


Service Management Resources

Disaster Recovery World provides for contingency management & planning

BS15000 can now be purchased online from the Electronic Shop

A comprehensive set of security policies can be obtained from the Information Security Policies Group

Security risk analysis is also essential to top quality IT service management

The FTC is the main consumer protection agency in the US.