IT service process
Security Management
ITIL
Description
Referenced process
Description
Security Management deals with structural security integration in IT organisation from the service provider point of view.
The aim of Security Management can be divided into 2 aspects:

* meeting security requirements from SLAs and other external requirements, which are included in agreements, law and if necessary in security policies of a company.
* Creation of "security base".
Comment
The term security means security against all known risks and prevention against unknown risks.
That is why it should be estimated how valuable information determined by aspects of confidentiality, integrity and availability is:

*Confidentiality: protection of information against unauthorised use
* Integrity: accuracy, completeness and right moment in time of information
* Availability: Information availability in any moment and within defined period of time.