This groundbreaking new title looks at Information Security from defining what security measures positively support the business, to implementation to maintaining the required level and anticipating required changes. It covers:
Fundamentals of information security providing readers insight and give background about what is going to be managed. Topics covered include: types of security controls, business benefits and the perspectives of business, customers, partners, service providers, and auditors.
Fundamentals of management of information security - explains what information security management is about and its objectives. Details are also given on implementing the process and the continuous effort required to maintain its quality.
ITIL V3 and Information Security Management - shows the links with the other ITIL processes. Shows how integrating the Information Security Management activities into existing processes and activities not only supports efficiencies but ultimately is the key way to achieve effective Information Security Management.
Implementing Information Security Management - gives practical advice how to put Information Security Management into practice. From awareness in the organization via documentation required to maturity models; this guidance describes best practices for realizing Information Security Management.