Information security management practice

From CNM Wiki
Revision as of 18:03, 28 December 2020 by Gary (talk | contribs)
Jump to: navigation, search

Information security management practice (hereinafter, the Practice) is the practice to protect an organization by understanding and managing risks to the confidentiality, integrity, and availability of information. This Practice is a part of the ITIL practices.


Definitions

According to the ITIL Foundation 4e by Axelos,

Information security management practice. The practice of protecting an organization by understanding and managing risks to the confidentiality, integrity, and availability of information.

Purpose

The purpose of the Practice is to protect the information needed by the organization to conduct its business.

Parts

The Practice includes understanding and managing risks to:

  • Confidentiality
  • Integrity
  • Availability
  • Authentication
  • Non-repudiation
Retrieved from "https://pravka.bskol.com/w/index.php?title=Information_security_management_practice&oldid=68701"