<div>
Thanks bbao, so from that do you align your security management with ITIL's framework?
</div>


Thanks bbao, so from that do you align your security management with ITIL's framework?

<div>
basically, YES.<br />
<br />
however, for specific business or customer, as mentioned above, it depends.
</div>


basically, YES.

however, for specific business or customer, as mentioned above, it depends.

<div>
&gt;&gt;it is always recommended to map the practices defined in ITIL framework with your actual practices <br />
<br />
Would you be willing to share these, do they include tools used to manage certain practices?
</div>


>>it is always recommended to map the practices defined in ITIL framework with your actual practices

Would you be willing to share these, do they include tools used to manage certain practices?

<div>
<div class="content wysiwyg-content">
Do any of your companies adhere to ITIL's principles of security management? I know its just a framework and technology neutral, but does it help with security in your organisation or is it just a framework that anyone adhereing to security good practice would adhere to anyway? I.e. if you arent following ITIL's security management framework, but you know what you are doing, is it theoretical that by not adhering to ITIL SM that you will be causing security loopholes in your organisation..... ?
</div>
</div>


Do any of your companies adhere to ITIL's principles of security management? I know its just a framework and technology neutral, but does it help with security in your organisation or is it just a framework that anyone adhereing to security good practice would adhere to anyway? I.e. if you arent following ITIL's security management framework, but you know what you are doing, is it theoretical that by not adhering to ITIL SM that you will be causing security loopholes in your organisation..... ?

ITIL and security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.

Networking

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.