IT Security Management (ITSM)

Definition - What does IT Security Management (ITSM) mean?

IT security management (ITSM) intends to guarantee the availability, integrity and confidentiality of an organization's data, information and IT services. IT Infrastructure Library (ITIL) security management generally forms part of an organizational strategy to security management that has a broader scope compared to an IT service provider.

ITIL v3 considers IT security management as part of their service design core volume, which results in a more effective integration of this process into the service life cycle. An information security manager is the process owner of IT security management.

Techopedia explains IT Security Management (ITSM)

The following are information management sub-processes and process objectives:

Designing security controls: To design suitable organizational and technical measures to guarantee the availability, integrity and confidentiality of an organization's data, information and IT services
Security testing: To ensure that all security mechanisms are subjected to regular testing
Managing security incidents: To identify and fight intrusions and attacks and also to minimize damages incurred due to security breaches
Security review: To review whether the safety measures and processes are still in accordance with risk perceptions from the business side, and also to validate whether these safety measures and processes are consistently managed and tested

The ITIL terms and information objects that are widely used in the security management process in order to signify process inputs and outputs are as follows:

Availability/IT service continuity management (ITSCM)/security testing schedule
Correlation rules and event filtering
Information security policy
Information security report
Security management information system (SMIS)
Test report
Underpinning Information security policy
Security advisories
Security alert

Tech moves fast! Stay ahead of the curve with Techopedia!

Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.

Related Articles

3 Defenses Against Cyberattack That No Longer Work

Money Laundering, the Internet Way

PowerLocker: How Hackers Can Hold Your Files for Ransom

INFOGRAPHIC: Artificial Intelligence vs Machine Learning vs Deep Learning

5 Common Questions About Website Accessibility

9 Reasons to Go for a Data Science Course

Featured Q&A

More of your questions answered by our Experts

Resources

FREE WEBINAR - March 12, 2019 11:00am EST | Managing Multiple Database Roles: How Many Hats Do You Wear? REGISTER TODAY

FREE WEBINAR - March 12, 2019 11:00am EST | Managing Multiple Database Roles: How Many Hats Do You Wear? REGISTER TODAY:

FREE WEBINAR | How to Continuously Monitor and Analyze MySQL and MariaDB with IDERA's SQL Diagnostic Manager

FREE WEBINAR | How to Continuously Monitor and Analyze MySQL and MariaDB with IDERA's SQL Diagnostic Manager:

Techopedia Resources | Browse Industry Leading Software Used by Techopedia Staff and Users Daily.

Techopedia Resources | Browse Industry Leading Software Used by Techopedia Staff and Users Daily.:

New Whitepaper: Best Ways to Extend Endpoint Management and Security to Mobile Devices

New Whitepaper: Best Ways to Extend Endpoint Management and Security to Mobile Devices:

Complimentary Webinar - Getting Control of Your BYOD Program with UEM

Complimentary Webinar - Getting Control of Your BYOD Program with UEM:

Systems Monitoring for Dummies

Systems Monitoring for Dummies:

What's really going on in that Cisco ASA of yours?

What's really going on in that Cisco ASA of yours?:

E-Book: Compliance is Not Enough: Planning a Complete Security Strategy

E-Book: Compliance is Not Enough: Planning a Complete Security Strategy:

Latest Articles

INFOGRAPHIC: Artificial Intelligence vs Machine Learning vs Deep Learning

5 Common Questions About Website Accessibility

9 Reasons to Go for a Data Science Course

Debunking the Top 4 Myths About Machine Learning

7 Autonomous Vehicle Myths Debunked