Security Management
published 20 April 1999


This book builds on that basis and explains how to organise and maintain the management of security of the IT infrastructure, from the IT managerís point of view. Security measures are defined and implemented, to address changing status Secutiry incidents are managed. Security audits are produced and followed up.

The Security process covers
  • policy setting
  • initial risk analysis
  • planning an implementation
  • operation
  • evaluation and audit
The Security process has close links to the IT Service Continuity Management and Availabilty Management processes. Also it is frequently reflected in the SLAs.