ITIL V3 to Include Security Management

ITIL (IT Infrastructure Library) provides a framework for IT service management (here). Organizations that are moving from reactive, element and operations management to service management, and business alignment, in their quest to mature IT often leverage ITIL principles and concepts. Although there has been tremendous demand for ITIL in the security space, there has been a lack of guidance for security management. Most organizations that look to frameworks, guidelines or best pratices typically use ISO17799/BS27001, NIST 800-53 (government) COBIT, or COSO and try to map these to other IT domains.

ITIL will be release version 3 of the ITIL framework in the spring and according to an article in computerworld it will include a greater emphasis on security management (here) this is more evidence of the maturation and evolution of security, its convergence with operations, and the need for the business to embrace security as a critical function of the business (here), (here), and (here). I have not seen the modifications but will review them shortly, but it is a good thing when security is elevated as part of IT best practices – of course they have to actually execute it properly


3 thoughts on “ITIL V3 to Include Security Management

  1. Pingback: ITIL V3 Will Inlcude Security Management «

  2. Hey Amrit,

    I had heard really, um, interesting war stories from large F.I.’s about ITIL. Notably, what a horrible failure it was/is. Now I’ve got a small sample size, but I’d love to hear an analysis on ITIL w/regards to security & risk.

  3. Good questions Alex – in a nutshell ITIL is inappropriate for IT Security, although many organizations are tossing the four letter acronym around like a drunken sailor on shore-leave, most are barely able to use it effectively to mature IT, let alone security. That being said there are opportunities here and you gave me a great idea for a series of posts. Which I will get to as soon as I return to the Bay Area after my 3 weeks on the road.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s