Information Security Management
From Boosting Performance
What is Information Security Management?
The process that ensures customer security requirements are reflected in IT Services offered
What does good look like?
Based on ISO 27001
- Control - Organize the framework
- Plan - Design policies
- Implement - Create awareness
- Evaluate - Perform audits
- Maintain - Learn and improve
Video of ITIL Information Security Management
Orientation workshop for your organisation
- Who is the Information Security Manager? Several?
- Where is an overview of the Information Security policies?
- How/Where am I involved in this area of work?
- What deviations do I know about?
- What can be improved?
Simple as possible work description for a Service Portfolio Manager
- Plan preventive measures (eg. Access Management)
- Plan reductive measures (how to limit the impact)
- Plan detective measures (monitoring)
- Plan repressive measures (blocking)
- Plan corrective measures (Rollback and learning)