Solving the ITIL® Security Problem - Course Description

 

 

Presented by David Lynas

 

 

When it comes to the key elements of security and risk, ITIL has both a problem and a bad reputation. The problem is that ITIL is descriptive not prescriptive – it tells us what to do, not how to do it.

 

This two-day course, created by the SABSA Institute especially for ITIL professionals facing the considerable challenges of providing Security Service Management in an ITIL environment, provides the long-awaited solution using SABSA, the global best-practice security architecture framework with a service management matrix built especially to solve the ITIL security problem.

The Top 10 Issues

In a recent survey of prominent ITIL practitioners and thoughtleaders regarding Information Security, the issues considered the most pressing for the ITIL community to solve were:

 

  1. 1. ITIL focuses on the process of meeting business requirements as identified in SLAs. But what exactly are the business requirements for security and how do you capture them in meaningful service-level terms?
  2. How does the security management function interface with the other ITIL processes?
  3. ITIL refers to external security standards such as the ISO27000 series but, like ITIL, these too are descriptive not prescriptive. So how do I actually do security management?
  4. Who has the roles and responsibilities for security policy, compliance and performance reporting?
  5. How do you resolve the conflict between supplier and customer security and risk policies?
  6. Where and how should security fit within ITIL v3?
  7. What does “security management” really mean in practice?
  8. How do you make your security services easy, fast, agile and reliable?
  9. When do your services have enough security, how do you know and how do you report it?
  10. What is the service management interface with governance, assurance & risk?

Course Objectives

This 2-day course has been specially developed to deliver the knowledge and skill to deliver through-life security in an ITIL environment. Using SABSA, the global best-practice framework for security architecture, the course addresses all of the relevant issues within a single, holistic methodology designed especially for that purpose.

 

Find out why organisations and professionals everywhere are now turning to SABSA, the world’s most successful enterprise security architecture framework, to provide the methodology that delivers the best possible solution for their needs.

Learning Outcomes

On completion of this Master Class each participant will be able to:

 

  • Solve the ITIL security problem
  • Identify and integrate the functions, activities and processes required to:
    - Create and deliver a Security Services strategy
    - Design Security Services
    - Operate Security Services
    - Continually improve Security Service Management

Who Should Attend?

This SABSA Master Class is appropriate for all IT professionals but brings particular value to the:

 

  • IT Manager
  • CIO
  • IT Line Managers
  • Process Stakeholders
  • Service Delivery Managers
  • Security, Audit & Compliance Managers
  • All staff involved in Security Service Strategy, Design, Transition & Operation