White paper. Secure Cloud Services: An Integrated Approach

Size: px
Start display at page:

Download "White paper. Secure Cloud Services: An Integrated Approach"

Transcription

1 White paper Secure Cloud Services: An Integrated Approach Edition October 2013

2 Whitepaper Information Management Secure Cloud Services: An Integrated Approach Edition October 2013 Copyright 2013 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing system or circulated in any form by print, photo print, microfilm or any other means without written permission by EXIN. ITIL is a Registered Trade Mark of AXELOS Limited. 2

3 Introduction Cloud Computing is changing the way IT services are developed, procured and delivered. Amidst all the hype about Cloud, this much is as clear as a bell. Many IT roles will change radically, or even may be eliminated completely, but new opportunities will also arise for professionals with business expertise, a broad understanding of IT developments and the skills necessary to integrate specializations and bring specialists together. For professionals willing to seize these opportunities, there are many courses and certifications available to provide them with knowledge in one of the relevant fields or prepare them for a specific role in the development and delivery of Secure Cloud Services. What has been missing is training and a certification based on the integration of the main subjects related to selecting and delivering Secure Cloud Services, a program based on the most important principles that is focused on their interconnection. In this White Paper, EXIN presents such a program: the EXIN Certified Integrator in Secure Cloud Services. 3

4 The EXIN Certified Integrator in Secure Cloud Services Cloud Computing is an example of a clear trend where organizations are regaining control over their information management, supported (and no longer being led) by IT. This is creating a new wave of professionalism, as was elucidated in the EXIN White Paper on Information Management, Building great organizations through Information Management: The People Factor. The future lies in developing individuals and providing them with the skills and the essential mindset for building great organizations. The next generation of professionals in Information Management, including those defining their roles as IT experts, will need a non-it-centric approach and a capacity to exploit the opportunities offered by IT. They will need the right knowledge, skills and attitude to ensure a more efficient and effective performance by their organization, to explore possibilities of new ways of conducting business, and to establish new businesses. Looking at the skillset of this EXIN Certified Integrator in Secure Cloud Services, there is a quite generic starting point: knowledge and understanding of how IT can support and transform the business. It is important that such knowledge and understanding is not confined to a specific job role or framework, but shared amongst a large group of professionals, on the business side, in the IT department and in IT service provider organizations. This requires a common understanding of the most essential principles, practices and techniques, the basis for professional cooperation and communication. There is a need for an integrated approach, starting at a foundational level, where business challenges, IT practices and new technological developments are brought together. The EXIN Certified Integrator in Secure Cloud Services meets exactly this need, combining business concerns (Information Security), with new technological developments (Cloud) and best practices (Service Management). As Prakash MS, Vice-president of HP s IT Infrastructure Services stated in a recent interview: Cloud, Information Management and Security will have a big role to play in the next 5 to 7 years, and the binding factor for all of this will continue to be Service Management. 4

5 Secure Cloud Service Cloud Computing, providing IT related services through the Internet, allows flexible IT solutions to support the business, based on clear service arrangements. Technically speaking, Cloud Computing is more an evolution than a revolution. It is a combination of technical developments that has led to a new way of dealing with data, applications and services that is making fundamental changes to the relationship between IT and business. Such changes tend to generate hype, blurring the difference between promises and reality. But companies no longer need to own their hardware and software. People have access to their workplace or personal documents, music and photos wherever they are: this is the reality of today. Cloud Computing is the state-of-the-art way to provide and use IT services. Cloud-based services involve a lot more than just contracting the use of an application hosted in a datacenter connected to the web. As with all other services, they need management, monitoring and support. Most of all, they need clear arrangements between customers and suppliers. When considering Cloud Services, two major issues stand out: information security and service quality. Security and reliability have been identified as the main reason organizations are reluctant to turn to Cloud-based IT services. To address these issues, a wealth of best practices and standards can be mobilized, but application of these practices and standards requires an understanding of both their essentials and the principles of Cloud Computing. 5

6 Service Management Whereas understanding Cloud Computing is based on the knowledge of how IT services are built and delivered, knowledge of Service Management is necessary for understanding the processes required to manage availability, security and continuity of these services. In dealing with Cloud Services provided by third parties, Service Level Agreements play a major role, especially in ensuring that changes, incidents and problems are dealt with appropriately. Without going into too much technical detail, the international standard for IT Service Management, ISO/IEC 20000, is an excellent starting point for getting a grip on these often-complex issues. IT Service Providers can also leverage their certification against this standard to reassure their customers that they are in control of their Service Management and that their Service Management System is being independently audited on a regular basis. The ISO standard for IT Service Management can be used to identify the core of good Service Management, without diluting principles to textbook recipes. For Cloud Services in particular, it is important to remember that services are based on agreements with customers and hence on alignment of service provision with business needs. To deliver such services, other agreements with suppliers have to be in place in order to underpin the service levels agreed with the customer. Deployment of the service should be controlled, e.g., using the change management process, and services must be supported as well. The ISO/IEC guidance for IT Service Management focuses on the support and control of all these necessary steps in the design and delivery of services by the management system. This quality approach enables organizations to learn from their experience, adjust and improve in ever changing circumstances. This approach changes Service Management into a journey toward success as opposed to becoming the next failing project. One thing is for sure, in implementing Cloud Services as well: there will be mistakes and failures, so you need to be prepared to learn from them. 6

7 Information Security Management A recurring nightmare for many CIOs is sensitive data and software being stolen or corrupted by hackers. Introducing Cloud Computing does not seem to automatically ensure that they can sleep. Securing Cloud Services requires a combination of understanding Cloud Computing and the principles of Information Security Management. Such principles can be found in the international standard for Information Security Management, ISO/IEC Certification of the service provider against ISO/IEC should be a major consideration in the selection of a Cloud Service supplier. Information Security and Service Management are tightly interlinked and Cloud Computing makes a seamless integration even more urgent. The approach of the ISO standards for Information Security Management and Service Management, both based on the continual improvement cycle of Plan, Do, Check and Act, greatly facilitate such an integration. Migrating services into the Cloud and thus outside the company s security perimeter, raises many new security and privacy issues. Extensions of the ISO/IEC series to address Cloud security and privacy are in preparation, showing how to best apply the principles of the ISO/IEC standard to the latest technology for service provision. One lesson learned from Cloud Service deployment in recent years is that information security professionals need to be involved. In one study on the security of server virtualization, Gartner found that in 60% of the cases, the virtualized servers were less secure than the original ones; 40% of the organizations had not bothered to involve security specialists in their projects. Not that Cloud Computing is inherently insecure but, as Neil MacDonald, Gartner fellow and vice president, put it: "Most virtualized workloads are being deployed insecurely. The latter is a result of the immaturity of tools and processes and the limited training of staff, resellers and consultants." 7

8 The People Factor Bringing Cloud Computing, Information Security and Service Management together in processes and tools is one thing, but it is people that make it all happen. At every conference on Service Management, Information Security or Cloud Computing, practitioners presenting their experience warn the audience that getting people on board was the most important and most difficult aspect of their initiative. Getting people on board, getting the organization to benefit from their experience, professionalism and creativity is often defined as communication. But communication without a shared understanding and common language is bound to fail. The EXIN Certified Integrator in secure Cloud Services is designed to overcome the barriers of misunderstanding between professionals, especially where new technologies or process innovations need to be implemented. It provides a foundation of common knowledge and mutual understanding of vocabulary. Each of the EXIN Foundation programs has been developed and kept up to date in cooperation with international experts in their specific field. The Foundation programs cover the essential principles and basic concepts, while paying extra attention to the relationship with peripheral subjects. Foundation training accredited by EXIN is interactive, contains practical examples, and pays attention to the issues brought up by the attendees. The EXIN Certificates ensure that the intended learning outcomes have been thoroughly tested and achieved. If you want to have your organization certified, you definitively want to have your staff certified. 8

9 The EXIN Certified Integrator in Secure Cloud Services For the EXIN Certified Integrator in Secure Cloud Services, EXIN has developed a program around the foundations of Cloud Computing, Information Security and Service Management which covers the building, management and securing of modern IT services. Combining these three foundation modules offers a range of advantages: Combined training offers an opportunity to bring together representatives from all three disciplines Cloud Computing is a rich source of excellent state-of-the-art examples of Information Security and Service Management issues In-depth review of the interconnection between the three subjects The combination of certificates for each of the three subjects adds value to each individual subject. The target audience for the EXIN Certified Integrator in Secure Cloud Services includes business and IT managers, project/program managers, service designers, IT architects and/or planners, IT consultants, IT auditors and IT security staff. 9

10 The EXIN Cloud Computing Foundation The syllabus of EXIN s Cloud Computing Foundation covers: The Concept of Cloud Computing Including the technical evolution toward Cloud Computing, the main delivery and service models and architectures and the drivers and limitations of Cloud Computing Implementing and Managing Cloud Computing Including the main components of Cloud Services, their relationships and the Service Management principles that apply for Cloud Computing Using the Cloud Including the different ways users access the Cloud, how Cloud Services can be used by the business and how service providers can use the Cloud Information Security and Compliance Including risk management and managing identity and privacy in the Cloud Evaluation of Cloud Computing Including the business case for Cloud Computing and evaluating Cloud Computing implementations The subjects of Implementing and Managing Cloud Computing and Information Security and Compliance have a clear link to the other two modules in the EXIN Certified Integrator in Secure Cloud Services: Information Security and Service Management. In combination with the EXIN Cloud Computing Foundation, these modules help to provide a deeper understanding of the Service Management and Information Security issues in delivering Cloud Services. 10

11 The EXIN It Service Management Foundation The IT Service Management Foundation syllabus describes the key information and concepts for IT Service Management based on ISO/IEC as well as its relationships with other areas of information management. This course builds the fundamental skills and knowledge enabling one to participate in organizational teams working within Service Management. Emphasis is on the Service Management System (SMS) and Service Management processes, specifically the core concepts and basic terminology of IT Service Management based on ISO/IEC 20000:2011. The syllabus of the IT Service Management Foundation module includes: Core concepts of Service Management and quality frameworks Including the principles of process-based Service Management and the role of quality frameworks The Service Management System (SMS) and the value and application of the PDCA cycle Including the objectives, roles and governance principles associated with the management system and the application of continual improvement principles to Service Management High-level concepts around service design and transition Including the planning, design and transition of new or changed services Including the objectives, quality requirements, activities and practical application of the main IT Service Management processes The focus on the quality approach and the Service Management System provides a natural link to Information Security based on ISO/IEC Both modules can be used in combination to increase quality awareness, provide a better understanding of the quality approach and emphasize the commonalities in managing services and Information Security. The subject of the Service Management processes is ideal for using real world practical examples illustrating how quality requirements and activities of the Service Management processes will be affected by implementing Cloud Computing and Information Security measures. The EXIN IT Service Management Foundation is also part of the EXIN IT Service Management certification program based on ISO/IEC The EXIN IT Service Management Foundation certificate provides the basic knowledge required in the rest of the program (e.g., the Auditor, Manager and Executive Consultant certificates). For more details please refer to our website 11

12 The EXIN Information Security Foundation One of the objectives of the EXIN Information Security Foundation is to raise the awareness that information is valuable and vulnerable, and to learn which measures are necessary to protect information. This module provides the basic concepts and principles of Information Security and the organizational arrangements (the management system) that should be in place to secure the confidentiality, integrity and availability of an organization s information. The syllabus of the EXIN Information Security Management Foundation includes: Information and security Including basic concepts of information and its value Threats and risks Including the relationship between threats, risks and the reliability of information Security policy and the set-up of Information Security Including the components of security policy, security organization and the management of (security) incidents Security measures Including physical, technical and organizational measures Legislation and regulations Including examples of legislation, regulations and possible security measures Several subjects in this syllabus offer opportunities to discuss Cloud Computing-related issues and point out the relationship with IT Service Management processes. The EXIN Information Security Foundation is also part of the EXIN Information Security certification program based on ISO/IEC The EXIN Information Security Foundation certificate provides the basic knowledge required in the rest of the program (e.g., the Advanced and Expert certificates). For more details please refer to our website 12

13 An Integrated Approach Each of the three EXIN Foundation modules will contribute to the better understanding of how to provide Secure Cloud Services, however an integrated approach will also exploit the full potential of the EXIN Certified Integrator in Secure Cloud Services. In studying Cloud Computing, Service Management and Information Security in their shared context, students get a better understanding of their relationships. Using the links and suggestions described in this White Paper, students and trainers will be able to provide examples and real world case studies to illustrate how the emerging technologies in Cloud Computing can be utilized to achieve secure and reliable service to the benefit of their organization. Acknowledgements EXIN would like to thank its customers, partners and champions for their input, which has helped form EXIN s overall vision on the EXIN Certified Integrator in Secure Cloud Services. In particular EXIN would like to thank the following people for their contribution to this White Paper: Lynda Cooper, Director, Service Ltd. Pierre Bernard, CTDP, ITIL Expert 13

14 Contact EXIN Website: 14

EXIN Foundation in IT Service Management based on ISO/IEC 20000

EXIN Foundation in IT Service Management based on ISO/IEC 20000 Preparation Guide EXIN Foundation in IT Service Management based on ISO/IEC 20000 Edition June 2015 Copyright 2015 EXIN All rights reserved. No part of this publication may be published, reproduced, copied

More information

Agile Service Projects

Agile Service Projects Agile Service Projects An Integrated Approach by Maarten Bordewijk and Rik Teuben Agile Service Projects An Integrated Approach Introduction 3 Agile approach is succesful 4 Scrum, PRINCE2 & IT Service

More information

Preparation Guide. Side entry to the EXIN Expert in IT Service Management based on ISO/IEC 20000

Preparation Guide. Side entry to the EXIN Expert in IT Service Management based on ISO/IEC 20000 Preparation Guide Side entry to the EXIN Expert in IT Service Management based on ISO/IEC 20000 Edition June 2015 Copyright 2015 EXIN All rights reserved. No part of this publication may be published,

More information

Preparation Guide. EXIN IT Service Management Associate Bridge based on ISO/IEC 20000

Preparation Guide. EXIN IT Service Management Associate Bridge based on ISO/IEC 20000 Preparation Guide EXIN IT Service Management Associate Bridge based on ISO/IEC 20000 Edition January 2014 Copyright 2014 EXIN All rights reserved. No part of this publication may be published, reproduced,

More information

Preparation Guide. EXIN IT Service Management Associate based on ISO/IEC 20000

Preparation Guide. EXIN IT Service Management Associate based on ISO/IEC 20000 Preparation Guide EXIN IT Service Management Associate based on ISO/IEC 20000 Edition January 2014 Copyright 2014 EXIN All rights reserved. No part of this publication may be published, reproduced, copied

More information

EXIN Information Security Management Advanced

EXIN Information Security Management Advanced Preparation Guide EXIN Information Security Management Advanced based on ISO/IEC 27002 Edition 201601 Copyright 2016 EXIN All rights reserved. No part of this publication may be published, reproduced,

More information

-Blue Print- The Quality Approach towards IT Service Management

-Blue Print- The Quality Approach towards IT Service Management -Blue Print- The Quality Approach towards IT Service Management The Qualification and Certification Program in IT Service Management according to ISO/IEC 20000 TÜV SÜD Akademie GmbH Certification Body

More information

EXIN WORKFORCE READINESS professional

EXIN WORKFORCE READINESS professional EXIN WORKFORCE READINESS professional IT ALL COMES DOWN TO EXPERIENCE ICT is everywhere. It has become an integral part of our lives. In a world How can professionals continue to grow in order to be ready

More information

EXIN IT Service Management Foundation based on ISO/IEC 20000

EXIN IT Service Management Foundation based on ISO/IEC 20000 Sample Exam EXIN IT Service Management Foundation Edition October 2013 Copyright 2013 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing

More information

Procuring Penetration Testing Services

Procuring Penetration Testing Services Procuring Penetration Testing Services Introduction Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives. The threat

More information

Foundation Bridge in IT Service Management (ITSM) according to ISO/IEC 20000. Specification Sheet. ISO/IEC 20000 Foundation Bridge TÜV SÜD Akademie

Foundation Bridge in IT Service Management (ITSM) according to ISO/IEC 20000. Specification Sheet. ISO/IEC 20000 Foundation Bridge TÜV SÜD Akademie Foundation Bridge in IT Service Management (ITSM) according to ISO/IEC 20000 Specification Sheet TÜV SÜD Akademie Issue: 2.0 Date: 25 October 2012 Table of Contents 1 Reading aid... 4 2 ISO/IEC 20000 -

More information

ISO/IEC 21827 INTERNATIONAL STANDARD. Information technology Security techniques Systems Security Engineering Capability Maturity Model (SSE-CMM )

ISO/IEC 21827 INTERNATIONAL STANDARD. Information technology Security techniques Systems Security Engineering Capability Maturity Model (SSE-CMM ) INTERNATIONAL STANDARD ISO/IEC 21827 Second edition 2008-10-15 Information technology Security techniques Systems Security Engineering Capability Maturity Model (SSE-CMM ) Technologies de l'information

More information

Preparation Guide Content. EXIN Cloud. 1. Overview 4 2. Exam Requirements 6 3. List of Basic Concepts 9 4. Exam Literature 13. Computing Foundation

Preparation Guide Content. EXIN Cloud. 1. Overview 4 2. Exam Requirements 6 3. List of Basic Concepts 9 4. Exam Literature 13. Computing Foundation Preparation Guide Content EXIN Cloud 1. Overview 4 2. Exam Requirements 6 3. List of Basic Concepts 9 4. Exam Literature 13 Computing Foundation Edition December 2015 Copyright 2015 EXIN All rights reserved.

More information

ISO/IEC 20000 Part 1 the next edition. Lynda Cooper project editor for ISO20000 part 1

ISO/IEC 20000 Part 1 the next edition. Lynda Cooper project editor for ISO20000 part 1 ISO/IEC 20000 Part 1 the next edition Lynda Cooper project editor for ISO20000 part 1 Agenda The ISO20000 series Why has it changed Changes ITIL3 impact New requirements Changed requirements How to prepare

More information

Information Security Management Expert based on ISO/IEC 27002

Information Security Management Expert based on ISO/IEC 27002 Preparation Guide Information Security Management Expert based on ISO/IEC 27002 Edition April 2014 Content 1. Overview 3 2. Exam requirements 7 3. List of basic concepts 15 4. Literature 16 Copyright 2014

More information

Preparation Guide. EXIN Cloud Computing Foundation

Preparation Guide. EXIN Cloud Computing Foundation Preparation Guide EXIN Cloud Computing Foundation Edition June 2012 Copyright 2012 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing

More information

EXIN Cloud Computing Foundation

EXIN Cloud Computing Foundation Sample Questions EXIN Cloud Computing Foundation Edition April 2013 Copyright 2013 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing

More information

Fujitsu Cloud IaaS Trusted Public S5. shaping tomorrow with you

Fujitsu Cloud IaaS Trusted Public S5. shaping tomorrow with you Fujitsu Cloud IaaS Trusted Public S5 shaping tomorrow with you Realizing the cloud opportunity: Fujitsu Cloud iaas trusted Public s5 All the benefits of the public cloud, with enterprise-grade performance

More information

Preparation Guide. IT Service Management Foundation Bridge based on ISO/IEC 20000

Preparation Guide. IT Service Management Foundation Bridge based on ISO/IEC 20000 Preparation Guide IT Service Management Foundation Bridge based on ISO/IEC 20000 Edition April 2011 Copyright 2011 EXIN All rights reserved. No part of this publication may be published, reproduced, copied

More information

ITIL Service Lifecycle Design

ITIL Service Lifecycle Design ITIL Service Lifecycle Design Course Details Course Code: Duration: Notes: ITILSL-Des 5 days This course syllabus should be used to determine whether the course is appropriate for the students, based on

More information

ISO/IEC 20000-2 INTERNATIONAL STANDARD. Information technology Service management Part 2: Guidance on the application of service management systems

ISO/IEC 20000-2 INTERNATIONAL STANDARD. Information technology Service management Part 2: Guidance on the application of service management systems INTERNATIONAL STANDARD ISO/IEC 20000-2 Second edition 2012-02-15 Information technology Service management Part 2: Guidance on the application of service management systems Technologies de l'information

More information

Name: Lynda Cooper Date: November 24th. Revising ISO/IEC 20000 to fit the future of service management

Name: Lynda Cooper Date: November 24th. Revising ISO/IEC 20000 to fit the future of service management Name: Lynda Cooper Date: November 24th Revising ISO/IEC 20000 to fit the future of service management Agenda Brief overview of ISO20000 Changes Why and How What Your views and how you can influence the

More information

International Workshop Agreement 2 Quality Management Systems Guidelines for the application of ISO 9001:2000 on education.

International Workshop Agreement 2 Quality Management Systems Guidelines for the application of ISO 9001:2000 on education. ISO 2002 All rights reserved ISO / IWA 2 / WD1 N5 Date: 2002-10-25 Secretariat: SEP-MÉXICO International Workshop Agreement 2 Quality Management Systems Guidelines for the application of ISO 9001:2000

More information

Brochure Service Strategy SPO

Brochure Service Strategy SPO Brochure Service Strategy SPO About Pink Elephant Company History Pink Elephant started life some 30 years ago in Delft University in the Netherlands. A beer and peanuts company managed and staffed by

More information

Information Security Risk Management

Information Security Risk Management Information Security Risk Management Based on ISO/IEC 17799 Houman Sadeghi Kaji Spread Spectrum Communication System PhD., Cisco Certified Network Professional Security Specialist BS7799 LA info@houmankaji.net

More information

TERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) 1. Reporting Function. The Applications Consultant reports directly to the CIO

TERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) 1. Reporting Function. The Applications Consultant reports directly to the CIO TERMS OF REFERENCE (TORs) OF CONSULTANTS - (EAG) Consultant - Enterprise Systems & Applications 1. Reporting Function. The Applications Consultant reports directly to the CIO 2. Qualification and Experience

More information

COBIT Helps Organizations Meet Performance and Compliance Requirements

COBIT Helps Organizations Meet Performance and Compliance Requirements DISCUSS THIS ARTICLE COBIT Helps Organizations Meet Performance and Compliance Requirements By Sreechith Radhakrishnan, COBIT Certified Assessor, ISO/IEC 20000 LA, ISO/IEC 27001 LA, ISO22301 LA, ITIL Expert,

More information

ISO/IEC 20000 Part 1 the next edition

ISO/IEC 20000 Part 1 the next edition ISO/IEC 20000 Part 1 the next edition Lynda Cooper Independent Consultant UK representative to ISO and project editor for ISO20000 part 1 Synopsis ISO/IEC 20000 part 1 was published in 2005. Since then,

More information

The ITIL Story. Pink Elephant. The contents of this document are protected by copyright and cannot be reproduced in any manner.

The ITIL Story. Pink Elephant. The contents of this document are protected by copyright and cannot be reproduced in any manner. 1. ITIL Defined The Information Technology Infrastructure Library (ITIL) is a set of guidance developed by the United Kingdom s Office Of Government Commerce (OGC). The guidance, documented in a set of

More information

Certified Big Data Science Professional (CBDSP)

Certified Big Data Science Professional (CBDSP) Certified Big Data Science Professional (CBDSP) Training Preparation Program Quality & Organizational Excellence Division KnowLogic Professional Certifications Big Data Science Professional KnowLogic Professional

More information

ITIL Asset and Configuration. Management in the Cloud

ITIL Asset and Configuration. Management in the Cloud ITIL Asset and Configuration Management in the Cloud An AWS Cloud Adoption Framework Addendum September 2015 A Joint Whitepaper with Minjar Cloud Solutions 2015, Amazon Web Services, Inc. or its affiliates.

More information

Cloud Computing in a GxP Environment: The Promise, the Reality and the Path to Clarity

Cloud Computing in a GxP Environment: The Promise, the Reality and the Path to Clarity Reprinted from PHARMACEUTICAL ENGINEERING THE OFFICIAL TECHNICAL MAGAZINE OF ISPE JANUARY/FEBRUARY 2014, VOL 34, NO 1 Copyright ISPE 2014 www.pharmaceuticalengineering.org information systems in a GxP

More information

Frameworks for IT Management

Frameworks for IT Management Frameworks for IT Management Copyright protected. Use is for Single Users only via a VHP Approved License. For information and printed versions please see www.vanharen.net 18 ITIL - the IT Infrastructure

More information

SC7-ISO20000 Alignment issues Aligning ITIL to existing ISO JTC1- SC7 Software Engineering Standards

SC7-ISO20000 Alignment issues Aligning ITIL to existing ISO JTC1- SC7 Software Engineering Standards SC7-ISO20000 Alignment issues Aligning ITIL to existing ISO JTC1- SC7 Software Engineering Standards Dr. A.April ETS University Table of Contents Objectives Audience Current clash An ITIL overview ISO

More information

HOSTING. Managed Security Solutions. Managed Security. ECSC Solutions

HOSTING. Managed Security Solutions. Managed Security. ECSC Solutions Managed Security Managed Security MANAGED SECURITY SOLUTIONS I would highly recommend for your company s network review... were by far the best company IT Manager, Credit Management Agency Presenting IT

More information

The ITIL Story White Paper

The ITIL Story White Paper The ITIL Story White Paper Produced By: Pink Elephant Version: 3.3 Date of Publication: September, 2004 Table of Contents 1. ITIL Defined... 3 2. Non-Proprietary... 4 3. Concepts Behind The Library...

More information

Brochure Service Design SPO

Brochure Service Design SPO Brochure Service Design SPO About Pink Elephant Company History Pink Elephant started life some 30 years ago in Delft University in the Netherlands. A beer and peanuts company managed and staffed by students

More information

ITIL Service Lifecycle Operation

ITIL Service Lifecycle Operation ITIL Service Lifecycle Operation Course Details Course Code: Duration: Notes: ITILSL-Oper 5 days This course syllabus should be used to determine whether the course is appropriate for the students, based

More information

ITIL V3 Service Operation Certification Program

ITIL V3 Service Operation Certification Program ITIL V3 Service Operation Certification Program 3 Days Program Overview The ITIL Intermediate Qualification: Service Operation (SO) Certificate, although a stand alone qualification, yet is also part of

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com WHITE PAPER Network Consulting Services Lead Enterprise Transformation Sponsored by: HP Leslie Rosenberg February 2011 Curtis Price Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200

More information

HYBRID CLOUDS DEFINING A SUSTAINABLE STRATEGY DR. RAGHU P. PUSHPAKATH KRISHNAKUMAR GOPINATHAN SACHIN KANOTH MADAKKARA

HYBRID CLOUDS DEFINING A SUSTAINABLE STRATEGY DR. RAGHU P. PUSHPAKATH KRISHNAKUMAR GOPINATHAN SACHIN KANOTH MADAKKARA HYBRID CLOUDS DEFINING A SUSTAINABLE STRATEGY DR. RAGHU P. PUSHPAKATH KRISHNAKUMAR GOPINATHAN SACHIN KANOTH MADAKKARA Executive Summary While a number of organizations are gaining experience and increased

More information

Whitepaper Information Management. Building great organizations through Information Management: The People Factor

Whitepaper Information Management. Building great organizations through Information Management: The People Factor Whitepaper Information Management Building great organizations through Information Management: The People Factor Edition December 2011 Introduction Information Technology (IT) has changed both our private

More information

Preparation Guide. EXIN IT Service Management Executive Consultant/Manager based on ISO/IEC 20000

Preparation Guide. EXIN IT Service Management Executive Consultant/Manager based on ISO/IEC 20000 Preparation Guide EXIN IT Service Management Executive Consultant/Manager based on ISO/IEC 20000 Edition March 2014 Copyright 2014 EXIN All rights reserved. No part of this publication may be published,

More information

Consultants Alliance LLC. Professional Development Programs

Consultants Alliance LLC. Professional Development Programs Consultants Alliance LLC Professional Development Programs About CA: Consultants Alliance (CA) is a local organization dedicated to promote the culture of Service Excellence in public and private sectors.

More information

Information Security Specialist Training on the Basis of ISO/IEC 27002

Information Security Specialist Training on the Basis of ISO/IEC 27002 Information Security Specialist Training on the Basis of ISO/IEC 27002 Natalia Miloslavskaya, Alexander Tolstoy Moscow Engineering Physics Institute (State University), Russia, {milmur, ait}@mephi.edu

More information

ERP. Key Initiative Overview

ERP. Key Initiative Overview Jeff Woods Research Managing Vice President This overview provides a high-level description of the ERP Key Initiative. IT leaders can use this overview to better understand what they need to do to prepare

More information

Sample Exam. IT Service Management Foundation based on ISO/IEC 20000

Sample Exam. IT Service Management Foundation based on ISO/IEC 20000 Sample Exam IT Service Management Foundation based on ISO/IEC 20000 Edition April 2011 Copyright 2011 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored

More information

Cloud Computing. Key Initiative Overview

Cloud Computing. Key Initiative Overview David W. Cearley Research Vice President and Gartner Fellow This overview provides a high-level description of the Cloud Computing Key Initiative. IT leaders can use this guide to understand what they

More information

ITIL Event Management in the Cloud

ITIL Event Management in the Cloud ITIL Event Management in the Cloud An AWS Cloud Adoption Framework Addendum July 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational

More information

The Information Security Management System According ISO 27.001 The Value for Services

The Information Security Management System According ISO 27.001 The Value for Services I T S e r v i c e M a n a g e m e n t W h i t e P a p e r The Information Security Management System According ISO 27.001 The Value for Services Author: Julio José Ballesteros Garcia Introduction Evolution

More information

ITIL Service Lifecycle Transition

ITIL Service Lifecycle Transition ITIL Service Lifecycle Transition Course Details Course Code: Duration: Notes: ITILSL-Tran 5 days This course syllabus should be used to determine whether the course is appropriate for the students, based

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

Why SAAS makes sense: The benefits of Cloud Computing for Email Archiving

Why SAAS makes sense: The benefits of Cloud Computing for Email Archiving Why SAAS makes sense: The benefits of Cloud Computing for Email Archiving Confidentiality This document contains confidential material that is proprietary to Gradian Systems Ltd. The material, ideas, and

More information

This document is a preview generated by EVS

This document is a preview generated by EVS TECHNICAL REPORT ISO/IEC TR 20000-9 First edition 2015-02-15 Information technology Service management Part 9: Guidance on the application of ISO/IEC 20000-1 to cloud services Technologies de l information

More information

Information Security Officer (# 1773) Salary: Grade 25 ($81,808-$102,167) / Grade 27 ($90,595 to $113,141) Summary of Duties. Minimum Qualifications

Information Security Officer (# 1773) Salary: Grade 25 ($81,808-$102,167) / Grade 27 ($90,595 to $113,141) Summary of Duties. Minimum Qualifications Thomas K. Lee, Executive Director/CIO Human Resources Department (518) 447-2906 Information Security Officer (# 1773) Salary: Grade 25 ($81,808-$102,167) / Grade 27 ($90,595 to $113,141) The New York State

More information

Global Strategic Sourcing Services

Global Strategic Sourcing Services where experience counts Global Strategic Sourcing Services Capabilities Overview Prepared For: Our Current and Future Valued Clients Our Strategic Sourcing Capabilities Sourcing Strategy Deciding whether

More information

In the first three installments of our series on Information Security

In the first three installments of our series on Information Security Information Security Management Programs: Assessment Analysis Lessons Learned and Best Practices Revealed JUSTIN SOMAINI AND ALAN HAZLETON This article, the fourth in a series, expands on the overlooked

More information

Building on these core skills, customers can work on advanced concepts, such as:

Building on these core skills, customers can work on advanced concepts, such as: OpenStack Training OVERVIEW OnX s OpenStack training courses provide a deep and practical understanding of all aspects of today s most popular cloud platform. Unlike other training providers, OnX offerings

More information

Interview with Douglas J. King on The Impact of Virtualization and Cloud Computing on IT Service Management

Interview with Douglas J. King on The Impact of Virtualization and Cloud Computing on IT Service Management BISE PROFILE Interview with Douglas J. King on The Impact of Virtualization and Cloud Computing on IT Service Management Douglas King is an IBM Vice President and Transition & Transformation Executive

More information

CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST618 Designing and Implementing Cloud Security CAST

CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST618 Designing and Implementing Cloud Security CAST CENTER FOR ADVANCED SECURITY TRAINING 618 Designing and Implementing Cloud Security About EC-Council Center of Advanced Security Training () The rapidly evolving information security landscape now requires

More information

Project Management and ITIL Transitions

Project Management and ITIL Transitions Project Management and ITIL Transitions April 30 th 2012 Linda Budiman Director CSC 1 Agenda Thought Leadership: Linda Budiman What is ITIL & Project Management: Applied to Transitions Challenges & Successes:

More information

Hence to overcome these challenges, it has become imperative to learn these topics and create awareness amongst the employees.

Hence to overcome these challenges, it has become imperative to learn these topics and create awareness amongst the employees. IT Service Management Trainings for Bank Konark Solutions and Services (KS&S) is an organization with Industry expert trainers and consultants. KS&S provides a wide range of Industry specific trainings

More information

White Paper. Comparison of ISO/IEC 20000 with ASL and BiSL

White Paper. Comparison of ISO/IEC 20000 with ASL and BiSL White Paper Comparison of ISO/IEC 20000 with ASL and BiSL Both ISO/IEC 20000 and ASL offer guidance for IT Service Providers, ISO/IEC 20000 giving broad guidance for IT Service Management and ASL focusing

More information

The Clear Path to ITIL Certification

The Clear Path to ITIL Certification THE CLEAR PATH TO IT SERVICE MANAGEMENT The Clear Path to ITIL Certification Understanding the clear path to business value ITIL is a registered trade mark of AXELOS CONTENTS 1 1 2 2 3 4 4 Executive Summary

More information

THE IT LEADER'S GUIDE TO HYBRID CLOUD

THE IT LEADER'S GUIDE TO HYBRID CLOUD THE IT LEADER'S GUIDE TO HYBRID CLOUD ENTER, THE DIGITAL EXECUTIVE IT is dead. Long live digital. This guide discusses one of the foundational steps on the journey to the digital Enterprise - adopting

More information

Brochure Service Design ILO

Brochure Service Design ILO Brochure Service Design ILO About Pink Elephant Company History Pink Elephant started life some 30 years ago in Delft University in the Netherlands. A beer and peanuts company managed and staffed by students

More information

Appendix B. Syllabus. Syllabus

Appendix B. Syllabus. Syllabus Appendix B Syllabus Syllabus Syllabus for the certification course Service Manager leading to the CCC Professional Cloud Service Manager certification 279 Professional Cloud Service Manager List of contributors

More information

Hyper-V Private Cloud Virtualization & Optimization

Hyper-V Private Cloud Virtualization & Optimization Hyper-V Private Cloud Virtualization & Optimization Formerly known as Windows Server Virtualization, Hyper-V Server Virtualization enables increased availability, support for host clustering, and deep

More information

SESSION 108 Wednesday, March 25, 10:15 AM - 11:15 AM Track: Industry Insights

SESSION 108 Wednesday, March 25, 10:15 AM - 11:15 AM Track: Industry Insights SESSION 108 Wednesday, March 25, 10:15 AM - 11:15 AM Track: Industry Insights Control Shift: How Cloud Computing Is Changing Everything Hank Marquis Practice Director, Cloud, Global Knowledge hank.marquis@globalknowledge.com

More information

10964C: Cloud & Datacenter Monitoring with System Center Operations Manager

10964C: Cloud & Datacenter Monitoring with System Center Operations Manager 10964C: Cloud & Datacenter Monitoring with System Center Course Details Course Code: Duration: Notes: 10964C 5 days Elements of this syllabus are subject to change. About this course This course equips

More information

IBM Hosted Application Scanning

IBM Hosted Application Scanning IBM Hosted Application Scanning Service Definition IBM Hosted Application Scanning 1 1. Summary 1.1 Service Description IBM Hosted Application Security Services Production Application Scanning Service

More information

Certified Identity and Security Technologist (CIST) Overview & Curriculum

Certified Identity and Security Technologist (CIST) Overview & Curriculum Overview Identity management and security technologies are increasingly needed to address the growing needs of businesses to counter threats, meet requirements, and mitigate risks. According to recent

More information

Hybrid IT A Low-Risk Path from On-Premise to ITaaS

Hybrid IT A Low-Risk Path from On-Premise to ITaaS SOLUTION WHITE PAPER Hybrid IT A Low-Risk Path from On-Premise to ITaaS Increase your options by finding the right mix of on-demand and on-premise IT management tools Bruce Campbell, Principal Solutions

More information

DEVELOPING AN IT SERVICE MANAGEMENT TRAINING STRATEGY & PLAN. Version : 1.0 Date : April 2009 : Pink Elephant

DEVELOPING AN IT SERVICE MANAGEMENT TRAINING STRATEGY & PLAN. Version : 1.0 Date : April 2009 : Pink Elephant DEVELOPING AN IT SERVICE MANAGEMENT TRAINING STRATEGY & PLAN Version : 1.0 Date : April 2009 Author : Pink Elephant Table of Contents 1 Executive Overview... 3 2 Manager Responsibilities... 4 2.1 Before

More information

Guideline for Roles & Responsibilities in Information Asset Management

Guideline for Roles & Responsibilities in Information Asset Management ISO 27001 Implementer s Forum Guideline for Roles & Responsibilities in Information Asset Management Document ID ISMS/GL/ 003 Classification Internal Use Only Version Number Initial Owner Issue Date 07-08-2009

More information

ISO/IEC Information & ICT Security and Governance Standards in practice. Charles Provencher, Nurun Inc; Chair CAC-SC27 & CAC-CGIT

ISO/IEC Information & ICT Security and Governance Standards in practice. Charles Provencher, Nurun Inc; Chair CAC-SC27 & CAC-CGIT ISO/IEC Information & ICT Security and Governance Standards in practice Charles Provencher, Nurun Inc; Chair CAC-SC27 & CAC-CGIT June 4, 2009 ISO and IEC ISO (the International Organization for Standardization)

More information

Integrated service management and cloud computing:

Integrated service management and cloud computing: IBM Global Technology Services Thought Leadership White Paper September 2010 Integrated service management and cloud computing: More than just technology best friends 2 Integrated service management and

More information

List of courses offered by Marc Taillefer

List of courses offered by Marc Taillefer ISO/IEC 20000 Foundation (IS20F.EN) List of courses offered by Marc Taillefer Designed to provide knowledge of what an IT service management system is and the minimum requirements that service providers

More information

Document management concerns the whole board. Implementing document management - recommended practices and lessons learned

Document management concerns the whole board. Implementing document management - recommended practices and lessons learned Document management concerns the whole board Implementing document management - recommended practices and lessons learned Contents Introduction 03 Introducing a document management solution 04 where one

More information

Information Management

Information Management G i Information Management Information Management Planning March 2005 Produced by Information Management Branch Open Government Service Alberta 3 rd Floor, Commerce Place 10155 102 Street Edmonton, Alberta,

More information

IBM and the IT Infrastructure Library.

IBM and the IT Infrastructure Library. IBM Global Services September 2004 IBM and the IT Infrastructure Library. How IBM supports ITIL and provides ITIL-based capabilities and solutions Page No. 2 Contents ITIL Planning for Service 2 Executive

More information

A common core ITIL Version 3.0 and CMMi-SVC

A common core ITIL Version 3.0 and CMMi-SVC A common core ITIL Version 3.0 and CMMi-SVC WHITE PAPER Authors: Nikhil P Desai Vyjayanthi Bharadwaj Uday Nagarkatti Bipin Paracha Abstract The objective of this paper is to establish an analogy between

More information

Seamless Mobile Security for Network Operators. Build a secure foundation for winning new wireless services revenue.

Seamless Mobile Security for Network Operators. Build a secure foundation for winning new wireless services revenue. Seamless Mobile Security for Network Operators Build a secure foundation for winning new wireless services revenue. New wireless services drive revenues. Faced with the dual challenges of increasing revenues

More information

Developing SAP Enterprise Cloud Computing Strategy

Developing SAP Enterprise Cloud Computing Strategy White Paper WFT Cloud Technology SAP Cloud Integration Service Provider Developing SAP Enterprise Cloud Computing Strategy SAP Cloud Computing is a significant IT paradigm change with the potential to

More information

Cloud Adoption. The definitive guide to a business technology revolution. shaping tomorrow with you

Cloud Adoption. The definitive guide to a business technology revolution. shaping tomorrow with you Cloud Adoption The definitive guide to a business technology revolution shaping tomorrow with you THE WHITE BOOK OF Cloud Adoption Contents Acknowledgments 4 Preface 5 1: What is Cloud? 6 2: What Cloud

More information

This is a sample chapter from A Manager's Guide to Service Management. To read more and buy, visit http://shop.bsigroup.com/bip0005 BSI British

This is a sample chapter from A Manager's Guide to Service Management. To read more and buy, visit http://shop.bsigroup.com/bip0005 BSI British A Manager s Guide to Service Management A Manager s Guide to Service Management Jenny Dugmore Shirley Lacy First published in the UK in 1995 by BSI, 389 Chiswick High Road, London W4 4AL Second edition

More information

ITIL Intermediate: Service Design. Lesson Plan. Mock Exam: Duration: Language:

ITIL Intermediate: Service Design. Lesson Plan. Mock Exam: Duration: Language: ITIL Intermediate: Service Design Lesson Plan Delivery: e-learning Certificate: Examination (included) Accredited By: EXIN Mock Exam: Duration: Language: Included in Course (x2) 20 hours, self-paced English

More information

The HP OpenView Approach to Change and Configuration Management. White Paper. Change is good, but you go first

The HP OpenView Approach to Change and Configuration Management. White Paper. Change is good, but you go first The HP OpenView Approach to Change and Configuration Management White Paper Change is good, but you go first 1 Table of Contents Introduction 3 Organizational Issues 3 The Service Management approach 4

More information

Datacenter Management and Virtualization. Microsoft Corporation

Datacenter Management and Virtualization. Microsoft Corporation Datacenter Management and Virtualization Microsoft Corporation June 2010 The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the

More information

Jenny Obee, Head of Information Management jenny.obee@barnet.gov.uk, Tel: 020 8359 4859. Micailah Fleming, IT Director micailah.fleming@capita.co.

Jenny Obee, Head of Information Management jenny.obee@barnet.gov.uk, Tel: 020 8359 4859. Micailah Fleming, IT Director micailah.fleming@capita.co. Performance and Contract Management Committee 7 January 2016 Title Report of Wards Status ICT Operations ITIL Methodology Assessment Chief Operating Officer All Public Urgent Key No No Enclosures None

More information

ITIL V3 and ASL Sound Guidance for Application Management and Application Development

ITIL V3 and ASL Sound Guidance for Application Management and Application Development For IT V3 and Sound Guidance for Application and Application Development Machteld Meijer, Mark Smalley & Sharon Taylor Alignment White Paper January 2008 V3 & : A Comparison Abstract In May 2007, the Office

More information

MSc Cyber Security UKPASS P052286. Course 1 Year Full-Time, 2-3 Years Part-Time

MSc Cyber Security UKPASS P052286. Course 1 Year Full-Time, 2-3 Years Part-Time MSc Cyber Security International Students Can Apply UKPASS P052286 Code: Course 1 Year Full-Time, 2-3 Years Part-Time Length: Start Dates: September 2015, January 2016, September 2016, January 2017 Department:Department

More information

White Paper: AlfaPeople ITSM 2013. This whitepaper discusses how ITIL 3.0 can benefit your business.

White Paper: AlfaPeople ITSM 2013. This whitepaper discusses how ITIL 3.0 can benefit your business. White Paper: AlfaPeople ITSM 2013 This whitepaper discusses how ITIL 3.0 can benefit your business. Executive Summary Imagine trying to run a manufacturing business without a comprehensive and detailed

More information

ISO/IEC TS 15504-8 TECHNICAL SPECIFICATION

ISO/IEC TS 15504-8 TECHNICAL SPECIFICATION TECHNICAL SPECIFICATION ISO/IEC TS 15504-8 First edition 2012-09-15 Information technology Process assessment Part 8: An exemplar process assessment model for IT service management Technologies de l'information

More information

ISO/IEC 27002. Information technology Security techniques Code of practice for information security controls

ISO/IEC 27002. Information technology Security techniques Code of practice for information security controls INTERNATIONAL STANDARD ISO/IEC 27002 Second edition 2013-10-01 Information technology Security techniques Code of practice for information security controls Technologies de l information Techniques de

More information

ISO20000: What it is and how it relates to ITIL v3

ISO20000: What it is and how it relates to ITIL v3 ISO20000: What it is and how it relates to ITIL v3 John DiMaria; Certified Six Sigma BB, HISP BSI Product Manager; ICT (ISMS,ITSM,BCM) Objectives and Agenda To raise awareness, to inform and to enthuse

More information

Bridging the IT Business Gap The Role of an Enterprise Architect

Bridging the IT Business Gap The Role of an Enterprise Architect Whitepaper Bridging the IT Business Gap The Role of an Enterprise Architect Today s enterprises understand the value that Information Technology (IT) can bring to their business. IT supports day-to-day

More information