information security management (ISM)

information security management (ISM)

Definition: (ITIL Service Design) The process
responsible for ensuring that the
confidentiality, integrity and availability of an
organization’s assets, information, data and
IT services match the agreed needs of the
business. Information security management
supports business security and has a wider
scope than that of the IT service provider,
and includes handling of paper, building
access, phone calls etc. for the entire
organization. See also security management
information system.