Chapter 3

Information Technology Security Management

Rahul Bhaskar and Bhushan Kapoor,    California State University

Information technology security management can be defined as processes that supported enabling organizational structure and technology to protect an organization’s IT operations and assets against internal and external threats, intentional or otherwise. The principle purpose of IT security management is to ensure confidentiality, integrity, and availability (CIA) of IT systems. Fundamentally, security management is a part of the risk management process and business continuity strategy in an organization.


information technology; information security management; international standards; security policies; procedures; ...

Get Managing Information Security, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.