Re: ITIL in Higher Ed

[Tom Duszynski <tduszyn () WAYNE EDU>]

There is not a lot in the VisibleOps handbook about Security Mgmt per se, but it does provide an excellent overview of 
ITIL.  BTW, you can get free copies of the handbook by watching a webcast and talking to a salesman a few days later:

http://visibleops.tripwire.com/


=======================
Tom Duszynski, Director
C&IT Customer Services
Wayne State University
voice: 313.577.5638
fax:   313.577.8787
email: tduszyn () wayne edu





-----Original Message-----
From: Michael S Hines [mailto:mshines () PURDUE EDU]
Sent: Thursday, June 01, 2006 9:40 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] ITIL in Higher Ed

Security Management fits under the Service Level Management aspect of ITIL.  The aspects
of Security addressed relate to meeting service level agreements (confidentiality,
reliability, availability).

ITIL documents are proprietary - which hinders the adoption of ITIL principles in my
opinion.

Some say that ITIL is documentation of good business practices - which may already be in
place in some organizations.

In the realm of change management - mainframe systems people have used change management
principles for years - because of the size of the impact of making a change that affects
availability (taking all users out of service).

A good and economical introduction to ITIL is the book "The Visible Ops Handbook:
Implementing ITIL in 4 Practical and Auditable Steps" by Kevin Behr, Gene Kim, and George
Spafford.  It's interesting that they introduce the idea of change management in terms of
medical triage "first, do no harm".

We're adopting ITIL here in IT@P (IT at Purdue) various forms.

-----------------------------------
Michael S Hines
Purdue University
mshines () purdue edu