Difference between revisions of "Information security management practice"

From CNM Wiki
Jump to: navigation, search
(Created page with "Information security management practice is the practice of protecting an organization by understanding and managing risks to the confidentiality, integrity, and availabil...")
 
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[Information security management practice]] is the practice of protecting an organization by understanding and managing risks to the confidentiality, integrity, and availability of information.
+
[[Information security management practice]] (hereinafter, the ''Practice'') is the [[practice]] to protect an organization by understanding and managing risks to the confidentiality, integrity, and availability of information. The ''Practice'' relates to [[information security]] and [[service management]]. This ''Practice'' is a part of the [[ITIL practices]].
  
  
Line 5: Line 5:
 
According to the [[ITIL Foundation 4e by Axelos]],
 
According to the [[ITIL Foundation 4e by Axelos]],
 
:[[Information security management practice]]. The practice of protecting an organization by understanding and managing risks to the confidentiality, integrity, and availability of information.
 
:[[Information security management practice]]. The practice of protecting an organization by understanding and managing risks to the confidentiality, integrity, and availability of information.
 +
 +
==Purpose==
 +
The purpose of the ''Practice'' is to protect the information needed by the organization to conduct its business.
 +
 +
==Parts==
 +
The ''Practice'' includes understanding and managing risks to:
 +
*Confidentiality
 +
*Integrity
 +
*Availability
 +
*Authentication
 +
*Non-repudiation
  
 
[[Category: Articles]][[Category: Information Technology]]
 
[[Category: Articles]][[Category: Information Technology]]

Latest revision as of 04:34, 29 December 2020

Information security management practice (hereinafter, the Practice) is the practice to protect an organization by understanding and managing risks to the confidentiality, integrity, and availability of information. The Practice relates to information security and service management. This Practice is a part of the ITIL practices.


Definitions

According to the ITIL Foundation 4e by Axelos,

Information security management practice. The practice of protecting an organization by understanding and managing risks to the confidentiality, integrity, and availability of information.

Purpose

The purpose of the Practice is to protect the information needed by the organization to conduct its business.

Parts

The Practice includes understanding and managing risks to:

  • Confidentiality
  • Integrity
  • Availability
  • Authentication
  • Non-repudiation