Cazemier / Overbeek / Peters Information Security Management with ITIL V3
1. Auflage 2010
ISBN: 978-90-8753-553-7
Verlag: Van Haren Publishing
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
E-Book, Englisch, 146 Seiten
Reihe: Best Practice
ISBN: 978-90-8753-553-7
Verlag: Van Haren Publishing
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
This groundbreaking new title looks at Information Security from defining what security measures positively support the business, to implementation to maintaining the required level and anticipating required changes. It covers:
Fundamentals of information security – providing readers insight and give background about what is going to be managed. Topics covered include: types of security controls, business benefits and the perspectives of business, customers, partners, service providers, and auditors.
Fundamentals of management of information security - explains what information security management is about and its objectives. Details are also given on implementing the process and the continuous effort required to maintain its quality.
ITIL V3 and Information Security Management - shows the links with the other ITIL processes. Shows how integrating the Information Security Management activities into existing processes and activities not only supports efficiencies but ultimately is the key way to achieve effective Information Security Management.
Implementing Information Security Management - gives practical advice how to put Information Security Management into practice. From awareness in the organization via documentation required to maturity models; this guidance describes best practices for realizing Information Security Management.
Autoren/Hrsg.
Weitere Infos & Material
1;About the authors;7
2;Acknowledgements;7
3;Executive summary;9
4;1Introduction;12
4.1;1.1This book;12
5;2Fundamentals of information security;20
5.1;2.1Perspectives on information security ;20
5.2;2.2Security architectures;31
6;3Fundamentals of management of information security ;38
6.1;3.1Information Security Management – the continuous effort;39
6.2;3.2Information Security Management as a PDCA cycle;39
7;4ITIL version 3 and information security;48
7.1;4.1Service Strategy;52
7.2;4.2Service Design;65
7.3;4.3Service Transition;70
7.4;4.4Continual Service Improvement;79
7.5;4.5Service Operation;88
7.6;4.6Brief reflection on ITIL v3;101
8;5Guidelines for implementing Information Security Management;102
8.1;5.1Implementing or improving ITIL Information Security Management;102
8.2;5.2Awareness;105
8.3;5.3Organization of Information Security Management;107
8.4;5.4Documentation;113
8.5;5.5Natural growth path through maturity levels;115
8.6;5.6Pitfalls and success factors;124
8.7;5.7Partnerships and outsourcing;125
9;Annex A: Information Security Management and standardization;128
9.1;A.1 ISO/IEC 27000 series;127
9.2;A.2 ISO/IEC 13335:2004 – Management of information andcommunications technology security;129
9.3;A.3 ISO 7498-2 – OSI Security Architecture;129
9.4;A.4 ISO/IEC 20000:2005 – Service Management;131
9.5;A.5 ISF: The standard of Good Practice for InformationSecurity;133
9.6;A.6 SABSA;133
9.7;A.7 COBIT;135
9.8;A.8 PCI/DSS;137
9.9;A.9 Information Security Management and certification;139
10;Annex B: Cross-references for ISO/IEC 27002 and ITIL Information Security Management;140
11;Annex C: Literature and links;142
