This site has been retired. It is now a static archive. Some links may not work. Find Rob at TealUnicorn.com

Is ITIL a security standard?

Submitted by Visitor on Tue, 2009-09-29 21:32

Share this post with

Dear Mr Wizard

Our auditors have expressed concern about the lack of security controls in our computing environment. Is ITIL a security standard we should apply?

Thanks
Lisa G.

Dear Lisa

No. ITIL is THE security standard. With ITIL V3, Information Security Management is now a rigorous set of processes you can apply to lock down your data.

As Service Operations says (5.13, p101) ITIL's Information Security Management is there to "ensure the protection of the organisation's assets, data , information and IT Services".

Even the US military use ITIL for security management - can't get a better validation than that!

Good luck
The ITIL Wizard

Published in The Skeptical Informer, September 2009, Volume 3, No. 7

Previous story: ITSM Portal
Next story: Be cautious about artificial intelligence

"The IT Skeptic™", "The Skeptical Informer™", "The IT Swami™", "Chokey the Chimp™" and "BOKKED™" are trademarks of Two Hills Ltd.
ITIL® is a Registered Trade Mark of AXELOS Limited
PRINCE2® is a Registered Trade Mark of AXELOS Limited
M_o_R® is a Registered Trade Mark of AXELOS Limited
P3O® is a Registered Trade Mark of AXELOS Limited
MSP® is a Registered Trade Mark of AXELOS Limited
P3M3® is a Registered Trade Mark of AXELOS Limited
MoV® is a Registered Trade Mark of AXELOS Limited
MoP® is a Registered Trade Mark of AXELOS Limited
ITIL® is registered in the U.S. Patent and Trademark Office.
ITIL Live™ is a trademark of TSO, The Stationery Office.
prISM® is a registered trademark of itSMF International Inc.
COBIT® is a Registered Trade Mark of the Information Systems Audit and Control Association and the IT Governance Institute.
Microsoft® is a Registered Trade Mark of Microsoft Corp. in the United States and/or other countries.
USMBOK™ is a trademarks of the SM101.
CMM® and CMMI® are Registered Trade Marks of Carnegie Mellon University.
ISO® is a Registered Trade Mark of the International Organisation for Standardisation.
KCS was developed by the Consortium for Service Innovation™, www.serviceinnovation.org The KCS Academy, KCS and Adaptive Organization are service marks of the Consortium for Service Innovation™.
DevOps isn't a trademark of anyone.
Except where indicated otherwise, all contents of this site are © Copyright Two Hills Ltd www.twohills.co.nz.

Except where indicated otherwise, the text on this page by Two Hills Ltd is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Content must be attributed to "© Copyright Two Hills Ltd www.twohills.co.nz by Rob England, The IT Skeptic" plus the URL of the source material.
RSS feeds may be used without permission. Permission is granted for anyone to link to this site.
By accessing or viewing this site, you are deemed to have agreed to the Terms and Conditions and to our Privacy Policy.
The contents of this site are unmoderated submissions from authenticated and unauthenticated users. As such they cannot and do not represent the views of Two Hills Ltd.
Use of any trademarks on this website is not intended in any way to infringe on the rights of the trademark holder.
This site is developed, maintained and hosted by Two Hills Ltd

Made in New Zealand by Rob England