IT service process
Security Management and information security
IT Security Management
Description
Description
The process concentrates on control and organisation of Security Management:

* Delegation of responsibilities in the range of information security
* Method how to prepare security plans
* Method how to implement security plans
* Method how to evaluate security plans
* Method how to take into consideration results of security plans (plans what measures to take)
* Method of reporting to customers (together with Service Level Management).

Comment
Implementation of security policies:

* Regulation and implementation of policies taking into consideration additional company policies
* Definition of roles and responsibilities
* Interfaces to the ITIL-Processes
* Methods of reaction to security breakdowns (together with Incident Management).