Skip to main content

Part of Data Security Standard 9 - IT protection

IT Infrastructure Library (ITIL)

Previous Chapter

Frameworks that can help

Current Chapter

Current chapter – IT Infrastructure Library (ITIL)

View all

IT Infrastructure Library (ITIL) is used by millions of professionals globally. Businesses are built on ITIL.

ITIL supports organisations and individuals to gain optimal value from IT and digital services. It helps define the direction of the service provider with a clear capability model and aligns them to the business strategy and customer needs.

ITIL, a professionally recognised certification scheme, provides comprehensive, practical and proven guidance for establishing a service management system, providing a common glossary of terms for businesses using IT enabled services.

About ITIL

ITIL is a widely accepted approach to IT service management (ITSM), which has been adopted by individuals and organisations across the world. It provides a cohesive set of best practice, drawn from the public and private sectors internationally.

Every year, organisations invest heavily in adopting and adapting ITIL into their business practices and upskilling their workforce with ITIL qualifications.

Extensive research by AXELOS, involving a diverse group of stakeholders ( in excess of 2,000), has consistently shown that ITIL is fundamental to businesses, enables transformation and helps organisations realise value.

ITIL advocates that IT services are aligned to the needs of the business and support its core processes.

The ITIL approach provides guidance to organisations and individuals on how to use IT as a tool to facilitate business change, transformation and growth. ITIL is mapped in ISO 20000

Part 11 Mapping

This recognises the way that ITIL can be used to meet the requirements set out for ISO 20000 certification and the interdependent nature with ITIL. This is the first such mapping that ISO (the International Organisation for Standardisation) has allowed to be part of their standards. The ITIL ITSM best practice is supported by a certification scheme that enables practitioners to demonstrate their abilities in adopting and adapting the framework to address their specific needs.

Unlike CE+ and ISO 27001, ITIL is not security centric but does help with assets management, change control and managing incidents. Another difference is that organisations are not ITIL certified but individuals are.

Last edited: 27 September 2022 3:13 pm

Chapters

  1. Data Security Standard 9 - IT protection
  2. Network components (9.1.1 - 9.1.2)
  3. Password strength, remote locations and managed estates (9.1.1 - 9.1.2)
  4. Penetration testing (9.2.1 - 9.2.2)
  5. Know your boundaries (9.2.1 - 9.2.2)
  6. Risks
  7. Remediation post-testing (9.2.3)
  8. OWASP Top 10 vulnerabilities (9.3.1, 9.3.3, 9.3.7)
  9. Domain Name System (DNS) and IP Ranges (9.3.3 - 9.3.5)
  10. Connected Medical Devices (9.3.8 - 9.3.9)
  11. Perimeter defence (9.3.6, 9.4.1)
  12. Assurance (9.4.4 - 9.4.5)
  13. Secure configuration (9.5.1 - 9.5.10)
  14. Firewalls (9.6.1 - 9.6.6)
  15. Frameworks that can help
  16. IT Infrastructure Library (ITIL)