Computer Science Information Technology Infrastructure

Computer Science Information Technology Infrastructure Library (ITIL) framework and ISO/IEC 27002 ITIL is the most extensively accepted approach to it service management in the world. Providing a unified set of best practice guidance drawn from the public and private sectors around the world, it has of late undergone a major and important refresh project. It Service Management (ITSM) derives huge benefits from a best practice approach.

Since ITSM is driven both by technology and the enormous range of organizational environments in which it functions, it is in a state of regular evolution. Best practice, based on expert advice and contribution from ITIL users is both present and practical, combining the latest thinking with sound, common sense leadership. ITIL provides a methodical and professional advance to the management of it service provision.

Adopting its leadership offers users a huge range of benefits that include: decreased costs; enhanced it services through the use of proven best practice processes; improved customer contentment through a more professional approach to service delivery; standards and guidance; improved efficiency; enhanced use of skills and experience; and better delivery of third party services through the specification of ITIL or ISO 20000 as the standard for service delivery in services procurements (Service Management -- ITIL, n.d.).

SO/IEC 27002 is a code of practice, a general, advice-giving document, not truly a standard or formal requirement. It lays out a prudently well structured set of recommended controls to address information security risks, covering confidentiality, integrity and availability aspects. Organizations that adopt ISO/IEC 27002 must examine their own information security risks and apply fitting controls, utilizing the standard for guidance.

In reality, none of the controls are obligatory but if an organization chooses not to accept something as common as, say, antivirus controls, they should definitely be prepared to show that this conclusion was reached by way of a rational risk management decision process, not just a failure to notice, if they foresee being certified compliant to ISO/IEC 27001 (ISO/IEC 27002:2005 Information technology -- Security techniques -- Code of practice for information security management, n.d.). The functions of risk and security are key fundamentals within accountable service management.

They interconnect across the whole of the service management discipline. "ITIL addresses six topics: Service Support; Service Delivery; Planning to Implement Service Management; ICT Infrastructure Management; Applications Management; the Business Perspective" (ITIL & Security Management, 2001). In general, it is fundamentally a depiction of best practice for it service management, including a series of books and information which offer guidance on the quality provision of it services.

The growing implementation of it best practices has been driven by a necessity for the it industry to better administer the superiority and dependability of it in business and respond to a growing amount of regulatory and contractual requirements. There is a hazard, however, that implementation of these potentially helpful best practices can be expensive and unfocused if they are treated as merely technical guidance.

To be most effectual, best practices should be applied inside the business circumstance, focusing on where their use would provide the most advantage to the organization. Top management, business administration, auditors, conformity officers and it managers should work together to make sure it best practices lead to gainful and well-controlled it delivery (Aligning CobiT® 4.1, ITIL® V3 and ISO/IEC 27002 for Business Benefit, 2008). References Aligning CobiT® 4.1, ITIL® V3 and ISO/IEC 27002 for Business Benefit. (2008).

Retrieved from http://www.isaca.org/Knowledge-Center/Research/Documents/Aligning- COBIT,ITILV3,ISO27002-Bus-Benefit-12Nov08-Research.pdf ISO/IEC 27002:2005 Information technology -- Security techniques -- Code of practice for information security management. (n.d.). Retrieved from http://www.iso27001security.com/html/27002.html#Introduction ITIL & Security Management. (2001). Retreived from http://itil-service-management- shop.com/security.htm Service Management -- ITIL. (n.d.).

Retrieved from http://www.best-management- practice.com/Knowledge-Centre/Best-Practice-Guidance/ITIL/ Part 2 ITIL - the Information Technology Infrastructure Library - is a set of best practices and guidelines that characterize an incorporated, process-based approach for managing information technology services. ITIL can be applied across almost every type of it environment (Weil, 2010). Developed in the late 1980s, the Information Technologies Infrastructure Library (ITIL) has become in effect global standard for information technology systems management.

Having started life as a guide for the UK government, the fundamental structure has established itself useful for organizations in all sectors and it has been implemented by numerous companies as the foundation for consulting, education and software tool support. Today, ITIL is known and used around the world (What.