Search
Topics
  Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· FAQ
· Feedback
· News
· Search
· Statistics
· Surveys
· Top
· Topics
· Web Links
· Your_Account

THE ITIL BOOKS

The five ITIL books can be obtained directly from the publisher's website:
HERE

Or as downloadable PDFs: HERE

Current Membership

Latest: oworavoz
New Today: 73
New Yesterday: 127
Overall: 210025

People Online:
Visitors: 171
Members: 1
Total: 172 .

Login
Nickname

Password

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Related Resources

Service related resources
Service Level Agreement
Outsourcing

Note: ITIL is a registered trademark of OGC. This portal is totally independent and is in no way related to them. See our Feedback Page for more information.


Search



Languages
Select Interface Language:


Advertising
Please contact us via the feedback page to discuss advertising rates.

The Itil Community Forum: Forums

ITIL :: View topic - auditing Information Security Management in ITIL
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

auditing Information Security Management in ITIL

 
Post new topic   Reply to topic    ITIL Forum Index -> Miscellaneous
View previous topic :: View next topic  
Author Message
apn888
Newbie
Newbie


Joined: Jun 06, 2017
Posts: 3

PostPosted: Tue Jun 06, 2017 5:48 pm    Post subject: auditing Information Security Management in ITIL Reply with quote

Information Security Management is one of the process areas in ITIL (Service Design phase). We are about to conduct a mini-assessment or audit on a client. And on this process area ONLY. Could someone shed some light on any template we can use? What are the generic high-level steps you would undertake to perform the mini audit?
Back to top
View user's profile
UKVIKING
Senior Itiler


Joined: Sep 16, 2006
Posts: 3553
Location: London, UK

PostPosted: Wed Jun 07, 2017 5:02 am    Post subject: Reply with quote

So you want a complete stranger to tell you how to do your job ?
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
apn888
Newbie
Newbie


Joined: Jun 06, 2017
Posts: 3

PostPosted: Thu Jun 08, 2017 7:57 pm    Post subject: Reply with quote

UKVIKING wrote:
So you want a complete stranger to tell you how to do your job ?


You need to read the post carefully before jumping the gun Smile
Back to top
View user's profile
UKVIKING
Senior Itiler


Joined: Sep 16, 2006
Posts: 3553
Location: London, UK

PostPosted: Thu Jun 08, 2017 9:00 pm    Post subject: Reply with quote

I did read it... In fact multiple times

You state that you are doing a assessment of ISO27001 which is Information Security management

You ask for the forum members to provide you templates

You ask for the forum members to identify the generic high level steps that make up the audit

Hence my question

if you don't know how to do the audit - wtf is your organisation being paid to do something it does not know how to do

If you want people in the forum to assist you - are you going to pay them ?

Are you subcontracting this work to the ITIL Community Forum. I am sure the owners wouldn't mind that

My advice - look at ISO 27001 requirements and audit against that.
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
apn888
Newbie
Newbie


Joined: Jun 06, 2017
Posts: 3

PostPosted: Wed Jun 14, 2017 1:17 pm    Post subject: Reply with quote

UKVIKING wrote:
I did read it... In fact multiple times

You state that you are doing a assessment of ISO27001 which is Information Security management

You ask for the forum members to provide you templates

You ask for the forum members to identify the generic high level steps that make up the audit

Hence my question

if you don't know how to do the audit - wtf is your organisation being paid to do something it does not know how to do

If you want people in the forum to assist you - are you going to pay them ?

Are you subcontracting this work to the ITIL Community Forum. I am sure the owners wouldn't mind that

My advice - look at ISO 27001 requirements and audit against that.


Again, jumping the gun.

When I said 'shed some light on template' it could also mean providing references to articles or sections from ISO documents or diagrams found on the web.

You got temper mate. Thats not a characteristic of a good auditor or any professional and you will never succeed with your clients if you respond to people the way you do.
Back to top
View user's profile
UKVIKING
Senior Itiler


Joined: Sep 16, 2006
Posts: 3553
Location: London, UK

PostPosted: Thu Jun 15, 2017 4:48 pm    Post subject: Reply with quote

Apn888

Since there are no globally recognised templates for doing ISo27001, how can any one shed light on what template you should use without providing you the template - thereby doing your work for you ?

Second, we donot know what your customer has in regards to IT, IT Service Management, IT Data Manageemnt, IT Estate - Domain management - AD or what,. We also do not know which part of the world the company is located and how the country's local data protection are or are not.

In addition, you should know what to do as the high level steps for assessing a company's adherence to ISO27001 and what is missing and what is to be done next.

There -- you have the generic high level steps

Finally, I am not angry. I am embarrassed for your client. They have hired what was suppose to be a professional organisation capable of doing the ISO27001 assessment; however, they get you instead.

Oh. And I am not a consultant - neither are you by the way
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic    ITIL Forum Index -> Miscellaneous All times are GMT + 10 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.8 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem,
sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops 2003 http://www.nukecops.com

Forums ©

 

Logos/trademarks property of respective owner. Comments property of poster. Rest 2004 Itil Community for Service Management & Foundation Certification. SV
Site source copyright (c)2003, and is Free Software under the GNU / GPL licence. All Rights Are Reserved.