Save 65% - ITIL Foundation Online Training - $70 Description: 14+ Hours, 200+ Practice Questions, Lifetime Access, 100% Online, Self-paced Click Here
Friday, March 16, 2012
Goals, Purpose and Objectives of Information Security Management
In the previous chapter, we learnt what the Information Security Management process is. In this chapter, let’s learn about the goals, purpose and objectives of this process.
Goal of Information Security Management
The goal of the Information Security Management process is to make sure that IT security is consistent with business security, ensuring that information security is effectively managed in all service and Service Management activities and that information resources have effective stewardship and are properly used. This includes the identification and management of information security risks.
Purpose of Information Security Management
The purpose of Information Security Management is primarily to be a focal point for the management of all activities concerned with information security. This is not just about protecting information resources today. It is about putting in place, maintaining and enforcing an effective Information Security Policy. It is about understanding how the business will develop, anticipating the risks it will face, articulating how legislation and regulation will affect security requirements and making sure that Information Security Management is able to meet these challenges of the future.
Objective of Information Security Management
The objective of Information Security Management is to ensure an effective Information Security Policy is in place and enforced through effective, documented security controls that apply not only to in-house employees, but also to suppliers and others who have business/contact with the organization. It must ensure that any security breaches are managed promptly and effectively, and that risks are identified and documented and lessons are learned accordingly.
Prev: Information Security Management Introduction
Next: Important Concepts
© 2013 by www.learnitilv3.blogspot.com. All rights reserved. No part of this blog or its contents may be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the Author.
The Incident Management process flow includes the following steps: 1) Inputs to the process : Incidents can be detected and reported in v...
Questions: Question 1 Which of the following is NOT an objective of Release and Deployment Management? A. To ensure there are comprehe...
Questions: Question 1 Which of the following describes the main way in which the Service Strategy publication can assist an organisation...
The Problem Management process flow is the sequence of steps that are followed to handle a problem. 1. Inputs to the process - The inputs...
Questions Question 1 Demand Management interfaces very closely with, and has a dependency on, which other process? A. Capacity Manage...
Questions: Question 1 The ability for Service Operation to perform effective operational monitoring and control depends on data and inf...
There are a number of measures used to assess and report the performance of a service or component in respect of it being available. Avai...
ITIL formally recognizes five separate aspects of Service Design that together describe the Service Design Process: • The introduction of ...
Questions: Question 1 Which of the following most accurately identifies the two aspects of a Service Catalogue? A. Operational Service...
The Design Stage takes a set of new or changed business requirements and develops a solution to meet them. The developed solution is passed...