Proposals for Postgraduate Students to Reinforce Information Security Management Inside ITIL®

Proposals for Postgraduate Students to Reinforce Information Security Management Inside ITIL®

Elena Ruiz Larrocha (Spanish University for Distance Education, Spain), Jesús M. Minguet (Spanish University for Distance Education, Spain), Gabriel Díaz (Spanish University for Distance Education, Spain), Manuel Castro (Spanish University for Distance Education, Spain), Alfonso Vara (Spanish University for Distance Education, Spain), Sergio Martín (Spanish University for Distance Education, Spain) and Elio San Cristobal (Spanish University for Distance Education, Spain)
DOI: 10.4018/jhcitp.2011040102
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

This paper is complementary to the previous work published and awarded as Best Student Paper at the International Conference EDUCON 2010 (sponsored by the IEEE Education Society): “Filling the gap of Information Security Management inside ITIL®: proposals for postgraduate students”. This paper reviews and updates those different proposals made at UNED, for post-graduate students, at the area of IT Services Management and tries to fill the gap of the treatment due in ITIL® (Information Technology Infrastructure Library) to Information Security Management. The treatment given to Information Security Management in ITIL, both versions 2 and 3, are analyzed. The different post-graduate courses offered that fill these methodologies and the opinions and evaluations of the students are discussed.
Article Preview

Itil® Version 2

ITIL (Information Technology Infrastructure Library), nowadays the most widely accepted IT service management framework in the world. ITIL arose in the ‘80s developed by the Office of Commerce of the British Government (Office of Government Commerce - OGC UK). It provides a set of best practices detailed description, grouped in books, offering an extensive list of roles, threats, procedures and responsibilities that can be adapted to almost any kind of IT organization. The enormous amount of topics that those publications cover makes ITIL a reference, more essential day by day, to establish new improvement goals inside an IT organization.

ITIL Version 2 (which appeared at the end of the ’90s) has two main areas related to Service Management as you can see in Figure 1: Service Support and Service Delivery. ITIL provides a set of best practices for the ITSM, promoting a quality approach to obtain effectiveness and efficiency in the use of Information Systems.

Figure 1.

ITIL version 2 core books (OGC source)

The other four ITIL version 2 core books (Planning to Implement Service Management, The Business Perspective, ICT Infrastructure Management and Application Management) are out of our research, because they do not have processes so they have not the same importance than Service Support and Service Delivery have.

Inside Service Support book we can find the following six parts (which are five processes and a function): Incident Management, Problem Management, Configuration Management, Change Management, Release Management and a very important function: Service Desk.

Inside Service Delivery we can find also six parts (which are processes too): Service Level Management, IT Financial Management for IT Service, Capability Management, Availability Management, IT Service Continuity Management and Security Management.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing