Search results for "ITIL security management"

showing 7 items of 7 documents

Aligning Two Specifications for Controlling Information Security

2014

Assuring information security is a necessity in modern organizations. Many recommendations for information security management exist, which can be used to define a baseline of information security requirements. ISO/ IEC 27001 prescribes a process for an information security management system, and guidance to implement security controls is provided in ISO/IEC 27002. Finnish National Security Auditing Criteria (KATAKRI) has been developed by the national authorities in Finland as a tool to verify maturity of information security practices. KATAKRI defines both security control objectives and security controls to meet an objective. Here the authors compare and align these two specifications in…

Information Systems and ManagementComputer Networks and Communicationsinformation securitysecurity specification alignmentComputer securitycomputer.software_genreSecurity information and event managementInformation security auditKATAKRIsecurity managementSafety Risk Reliability and Qualitysecurity audit criteriaInformation security management systemta113Certified Information Security ManagerInformation securitySecurity controlsISO/IEC 27001ISO/IEC 27002ITIL security managementRisk analysis (engineering)Security servicesecurity cerificationHardware and ArchitectureBusinessSafety ResearchcomputerSoftwaresecurity controls
researchProduct

Exploring the Relationship between Information Technology Infrastructure Library and Process Management: Theory Development and Empirical Testing

2014

This paper investigates whether information technology (IT) departments that implement the IT Infrastructure Library (ITIL) processes also employ process management. This is a pertinent issue, as ITIL not only implies a time-limited program for redesigning vital IT processes according to best practices but a complete transformation to ITIL also implies that processes are managed on a daily basis. Without process management, ITIL will not be a success beyond its initial implementation. A survey of 444 Nordic ITIL experts was conducted to examine if there is a correlation between the implementation of ITIL processes and process management. The results are unambiguous and promising for sustain…

Information Technology Infrastructure LibraryConfiguration managementITIL security managementProcess managementFinancial management for IT servicesComputer scienceManagement of Technology and InnovationStrategy and ManagementIncident management (ITSM)IT portfolio managementCapacity managementChange management (ITSM)Knowledge and Process Management
researchProduct

Enabling a culture for IT services; the role of the IT infrastructure library

2016

Building on process management and service climate theories, this paper investigates the pertinent issues of whether firms that implement ITIL best practices for IT service management will also experience growth in their process management activities and IT service climate. First, ITIL practices imply that processes in the IT department should be managed on a daily basis; without process management, ITIL will fail beyond its initial implementation. Second, two of the main reasons for adopting ITIL are to become a service-oriented organisation and to deliver IT services that meet business needs. Thus, we hypothesise that as the implementation status of ITIL increases, process management and …

Knowledge managementComputer Networks and Communicationsbusiness.industry05 social sciencesIT service managementIT portfolio managementCapacity managementChange management (ITSM)Computer Science ApplicationsInformation Technology Infrastructure LibraryITIL security managementHardware and ArchitectureFinancial management for IT services0502 economics and businessIncident management (ITSM)050211 marketingBusiness050203 business & managementSoftwareInternational Journal of Information Technology and Management
researchProduct

Using the ITIL Process Reference Model for Realizing IT Governance: An Empirical Investigation

2014

Information Technology Infrastructure Library ITIL is a popular framework for IT governance, but little academic research on ITIL exists. The authors investigate the overlap between ITIL and IT governance practices to illustrate ITIL's potential to stimulate IT governance. A field study shows that IT implementation success is particularly influenced by group efficacy and organizational resources, and, to a lesser extent, senior-management involvement. Findings show that ITIL, as expected, is a framework that contributes to IT governance by stimulating process management practices.

Knowledge managementbusiness.industryCorporate governanceIT service managementInformation technologyIT portfolio managementLibrary and Information SciencesCapacity managementComputer Science ApplicationsInformation Technology Infrastructure LibraryITIL security managementFinancial management for IT servicesbusinessInformation Systems
researchProduct

Strategising IT service management through ITIL implementation: model and empirical test

2015

Research on the Information Technology Infrastructure Library (ITIL) lacks appropriate theories and models that capture the distinct characteristics and implications of the ITIL implementation practice. The purpose of this study is to close this gap. Based on a literature review, we develop and empirically validate a theoretical model: the ITIL Implementation Project Model. The model includes significant antecedents, which provide a foundation upon which an effective ITIL implementation project can be built, as well as the pertinent effects of implementing ITIL. The results contribute to the current research stream on the strategising of IT service management as well as to an improved under…

Process managementComputer sciencebusiness.industry05 social sciencesIT service managementIT portfolio management02 engineering and technologyGeneral Business Management and AccountingCapacity managementInformation Technology Infrastructure LibraryITIL security managementEmpirical researchFinancial management for IT services020204 information systems0502 economics and business0202 electrical engineering electronic engineering information engineeringIncident management (ITSM)business050203 business & managementTotal Quality Management & Business Excellence
researchProduct

ITIL Implementation: The Role of ITIL Software and Project Quality

2012

This research will investigate the implementation status of the Information Technology Infrastructure Library (ITIL) reference processes and the influence of ITIL software quality and ITIL project quality on implementation status. The paper analyzes data from a survey of 160 Nordic companies.

business.industryComputer sciencemedia_common.quotation_subjectIT portfolio managementCapacity managementSoftware qualityInformation Technology Infrastructure LibraryEngineering managementSoftwareITIL security managementFinancial management for IT servicesQuality (business)businessmedia_common2012 23rd International Workshop on Database and Expert Systems Applications
researchProduct

Supporting Cyber Resilience with Semantic Wiki

2016

Cyber resilient organizations, their functions and computing infrastructures, should be tolerant towards rapid and unexpected changes in the environment. Information security is an organization-wide common mission; whose success strongly depends on efficient knowledge sharing. For this purpose, semantic wikis have proved their strength as a flexible collaboration and knowledge sharing platforms. However, there has not been notable academic research on how semantic wikis could be used as information security management platform in organizations for improved cyber resilience. In this paper, we propose to use semantic wiki as an agile information security management platform. More precisely, t…

ta113021110 strategic defence & security studiesEngineeringKnowledge managementCloud computing securitybusiness.industryStandard of Good Practiceinformation security management0211 other engineering and technologies02 engineering and technologyInformation securitycyber resiliencesemantic wikiSecurity information and event managementrisk managementSecurity controlsResilience (organizational)World Wide WebITIL security managementInformation security management020204 information systems0202 electrical engineering electronic engineering information engineeringbusiness
researchProduct