ITIL is the most extensively accepted approach to IT service management in the world. Providing a unified set of best practice guidance drawn from the public and private sectors around the world, it has of late undergone a major and important refresh project. IT Service Management (ITSM) derives huge benefits from a best practice approach.
Computer Science
Information Technology Infrastructure Library (ITIL) framework and ISO/IEC 27002
ITIL is the most extensively accepted approach to it service management in the world. Providing a unified set of best practice guidance drawn from the public and private sectors around the world, it has of late undergone a major and important refresh project. It Service Management (ITSM) derives huge benefits from a best practice approach. Since ITSM is driven both by technology and the enormous range of organizational environments in which it functions, it is in a state of regular evolution. Best practice, based on expert advice and contribution from ITIL users is both present and practical, combining the latest thinking with sound, common sense leadership. ITIL provides a methodical and professional advance to the management of it service provision. Adopting its leadership offers users a huge range of benefits that include:
decreased costs;
enhanced it services through the use of proven best practice processes;
improved customer contentment through a more professional approach to service delivery;
standards and guidance;
improved efficiency;
enhanced use of skills and experience; and better delivery of third party services through the specification of ITIL or ISO 20000 as the standard for service delivery in services procurements (Service Management -- ITIL, n.d.).
SO/IEC 27002 is a code of practice, a general, advice-giving document, not truly a standard or formal requirement. It lays out a prudently well structured set of recommended controls to address information security risks, covering confidentiality, integrity and availability aspects. Organizations that adopt ISO/IEC 27002 must examine their own information security risks and apply fitting controls, utilizing the standard for guidance. In reality, none of the controls are obligatory but if an organization chooses not to accept something as common as, say, antivirus controls, they should definitely be prepared to show that this conclusion was reached by way of a rational risk management decision process, not just a failure to notice, if they foresee being certified compliant to ISO/IEC 27001 (ISO/IEC 27002:2005 Information technology -- Security techniques -- Code of practice for information security management, n.d.).
The functions of risk and security are key fundamentals within accountable service management. They interconnect across the whole of the service management discipline. "ITIL addresses six topics: Service Support; Service Delivery; Planning to Implement Service Management; ICT Infrastructure Management; Applications Management; the Business Perspective" (ITIL & Security Management, 2001). In general, it is fundamentally a depiction of best practice for it service management, including a series of books and information which offer guidance on the quality provision of it services.
You’re 77% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.