Parent Process Reference Framework: ITIL
Parent Lifecycle: Service Design
Information Security Management
The purpose of the information security management process is to align IT security with business security and ensure that the confidentiality, integrity and availability of the organisation’s assets, information, data and IT services always matches the agreed needs of the business.
The objectives of Information Security Management are to ensure that:
- Information is observed by or disclosed to only those who have a right to know (confidentiality)
- Information is complete, accurate, and protected against unauthorized modification (integrity)
- Information is available and usable when required, and the systems that provide it can appropriately resist attacks and recover from or prevent failures (availability)
- Business transactions, as well as information exchanges between enterprises or with partners, can be trusted (authenticity and non-repudiation
SFIA Information Security skill:
Certification and Training
Information Security is a specialised area with different specialisations.
Be the first to leave a review.