Sign In
SecureState home
SecureState
Skip navigation links
About Us
Audit & Compliance
Profiling
e.Discovery
Risk Management
Government
Skip Navigation LinksSecureState > Audit & Compliance > ITIL Security


Skip navigation links
Audit & Compliance
Audit & Compliance
INFOSEC
Payment Card Industry
NERC CIP
ISO 27001
ITIL Security
HIPAA
TG-3
SAS 70
SOX
GLBA
External CPA Support
Control Framework Review
Cross Compliance Mapping
Continual Compliance
AC Training
Contact Us
Careers
Clients By Industry
Competitive Landscape
Media Center
Free Tools
Events
FAQ
Blog

ITIL Security 


As with most business and IT processes, security doesn’t quite fit the IT Services mold.  Security encompasses information, not simply information technology.  A business may be slowed by IT’s shortcomings (the very problem ITIL seeks to overcome), but hackers/malcontents are spurred on by them. The business must wait, but hackers wait for no one.  While security processes and procedures need to be aligned with business goals, there are extra “stakeholders” that need to be accounted for. 

 SecureState’s premise is that of a principled approach toward driving a policy-driven security program (based on a Check-Act-Plan-Do model) is an essential first step.  It is a risk-based approach that includes policy definition, implementation and enforcement. As such, SecureState believes the goals of ITIL can be put to proper use as a supplement to a security program (such as that found in the ISO 27001 standard). However, the service management process espoused by ITIL is only a part of the ideal of developing a security program.

Why we’re the best

• SecureState has more certified ISO Auditors on staff than any other non-certifying body in the United States
• SecureState serves as the CISO for eight major corporations
• Utilize the Check-Act-Plan-Do methodology
• No other company matches the technical expertise with the ability to think through what’s right for the business
• Our focus is on the end result, not the simply the menial tasks required to achieve it.

What we do

1. Assess current state risks

2. Establish goals (SLA’s), strategies and tactics

3. Identify Gaps in accordance to ISO 27001 Guidelines

4. Build the Security Program

5. Manage and Metric the Service Level Agreements for the business in support of ITIL

What you get

1. High Value Business Matrix

2. Security Program Management

3. SecureState Compliance Deliverables (For more info click here)

4. Metrics of goals (SLA), deficiencies in programs and implementations of your programs

 
For more information about ITIL Security... Please contact a SecureState representative 800-903-6264


What is ITIL?

The Information Technology Infrastructure Library (ITIL) security management guidelines are designed to help mature security organization’s measure how their security processes are managed.  The ultimate goal of ITIL is to transform an organization’s technology “administrative” processes into true service provider roles in support of the organization.  This process improves the ability to manage and metric the Service Level Agreements (SLA’s) provided by IT. 


A short list of extra "stakeholders" includes not only groups looking at theft, corporate espionage, fraud, and the various regulations, but also the regulations your customer’s face.  Thus ITIL can be a part of security, but unlike IT, the role of security is not simply that of a service provider, and must protect, as well as service the business. 

SecureState will utilize its proprietary tool, the Virtual Compliance Officer, to develop a GAP analysis for the requirements.  This will help to identify the gaps between your company’s current state and desired state



Chat Live with SecureState

Website designed and developed by SecureState, © 2008 SecureState LLC. All rights reserved. | Privacy Policy | Report discrepancy