Security Management

ITIL offers a framework of structured, scalable, best practices and processes that organizations can adopt and adapt to fit their own operations. 

What is ITIL Security Management (ISM)?


Security Management is an integral part of the other IT disciplines. It has both a business and service focus. Through the execution of the processes, the organization will meet regulatory agency requirements, such as Sarbanes-Oxley, FDIC, GDPR, SEC and/or HIPAA.

Using the ITIL Security Management process framework provides common, well-understood concepts and terminology so people clearly understand the reasons behind the security policies and procedures, as well as potential risk to the organization if they are not observed and followed. All organizational information is evaluated, risks assessed, and appropriate policies to control access and dissemination put in place.

Process Components

The ITIL Security Management process includes these components:



Which includes: 

  • Policies

  • Organization

  • Reporting

Getting Started

Take the Next Step

Read the guide: 

Getting Started with Capacity Management
Learn what you need to get started with a capacity management practice and how to choose tools to support this aspect of ITIL. 



Explore the software:

Vityl Capacity Management Software
See how Vityl Capacity Management helps with capacity planning, performance monitoring, IT analytics, and more.  
Watch a Demo >      Product Info >


       Continue Learning

            Version 2   |    Version 3

            ITIL Components:
            Business Relationship Management
            ICT Infrastructure Management
            Application Management
            Security Management (current)
            Service Delivery
                  - Service Level Management
                  - Financial Management
                  - Capacity Management
                  - Availability Management 
                  - Continuity Management
            Service Support
                  - Incident Management
                  - Problem Management
                  - Configuration Management