5.3 Control Frameworks
Once the preliminary and foundational steps have been taken to develop strategies and determine applicable regulatory and governance criteria, we need a framework, or set of frameworks, to help guide the activities throughout the ISML. There is an abundance of control frameworks; we will introduce a few of the more common ones here. Some of the prominent control framework acronyms that we will expand on as we go along are ITIL, ITSM, BS15000, and ISO2000x. For example, the IT Infrastructure Library (ITIL) is a set of management best practices that was developed in the United Kingdom for information systems technology and has broad support throughout Europe and Canada. Information Technology Service Management (ITSM) is ...
Get Information Security Management, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
