Professional Documents
Culture Documents
Ashraf Khaza'aleh
Department of Information technology, People's Friendship University of Russia, Moscow, Russia
ashrafchek@gmail.com
Abstract
in this paper I started overviewing exploring ITIL as an IT service managment, in brief I
talked about ITIL's components, and the ISMS, that created by using circle of Deming.
Key words – ITIL, ISMS, best practice, meta-model, circle of Deming, OGC.
Introduction:
Information technologies (IT) are a very important for developing and ensuring activity
of the modern industrial enterprises and organizations of various levels. Information
security plays an important role in protecting the data and asset of an organization.
Organization needs to be fully aware of the needs to devote more resources to the
protection of information assets. The paper describes the need for an appropriate,
business-based approach to ISM, and how that relates to standards, certification and best
practices, particularly ITIL. It will explore the alignment of ITIL with the wider ISM
best practice captured in the ISO ISM standards, indicating ISM areas that are and are
not addressed by the published ITIL guidance.
Overview of ITIL:
IT infrastructure is shown in a standard called Information Technology Infrastructure
library (ITIL V3) as a combined set of hardware, software, networks, facilities, etc.
(including all of the information technology). In order to develop, test, deliver, monitor,
control, control or support IT services. The information technology Infrastructure library
(ITIL) is a combined of services in IT sector which labeled as a (IT service
management). ITIL present a broad set of management procedures, apply to all aspects
of IT Infrastructure, with which an organization can manage it's IT operations.
ITIL is considered as a best practice of IT service management, because of ITIL has
shown results superior to those achieved with other means, and a continual process
improvement. ITIL V3 has five services:
I. service strategy.
II. Service design.
III.Service transition.
IV. Service operation.
V. Continual service improvement.
the following (figure.3.1) is the process-data model of the control sub-process. This
picture shows the integration of the two models. The dotted arrows indicate which
concepts are created or adjusted in the corresponding activities.
Conclusion:
Information security describes activities that relate to the protection of information and
information infrastructure assets against the risks of loss, misuse, disclosure or damage.
There is a need for a set of benchmarks or standards to help ensure an adequate
level of security is attained, resources are used efficiently, and the best security practices
are adopted. Systems such as ITIL can be used as a foundation for the development of a
sound information security process. In this paper I wrote an overview of ITIL and a little
focus on service design which evaluated as a core of information security management
to describe the construction of ITIL services. ITIL considered as a best practice of IT
service Management. Service design is a phase of the ITIL service life-cycle. Since the
security of information is one of the most important services which needed in data's life.
№ Reference
1 ITIL Service design – ISBN 978-0-11-3310470
2 Best practice for integration and ISO/IEC 27001 services for information
security management,vol 5,No.2(Feb 2012), ISSN: 0974-6846
3 Bon van, J.(2004). IT-services management: een introductie op basis van
ITIL. Van Haren publishing.
4 A revised model for the Implementation of the ITIL Incident management
process in Broadcast technology operations
5 OGC(2007b).” service Management – ITIL”- http://www.best-management-
practice.com/IT-service-management-ITIL/
6 Perceived benefits for customer services of ITIL IT control use, Markus
Egeler, Reutlingen University,Germany)
7 http://www.best-managment-practice.com/portfolio-library/IT-services-
Management-ITIL/version-3/?trackid=002094&DI=582733