IT Operations
IRM has provided expert advice to operational Information Technology teams in large enterprise environments including those that are implementing the ITIL IT service Management Framework. In fact, aligning ITIL with both ISO 27001 controls and a formal risk management framework is now a core expertise of IRM. This service includes:
- ITIL Service Catalogue Review
- ITIL Service Management Processes
- Security Specific Processes
- Security Metrics Definition
IRM has helped clients review existing ITIL implementations including evaluating the service definitions that constitute the service catalogue to ensure that the appropriate security service level agreements have been agreed. The next step is then examining the tactical service management processes that underlie the service management catalogue to ensure that the security service level agreements can be met.
On some occasions IRM has been able to engage with a client at the early phases of an ITIL adoption and has been able to contribute directly to the creation of both the service catalogue and the service management processes.
IRM also has much experience reviewing security specific IT Operational processes such as incident readiness, incident response and forensics analysis capabilities as well as firewall management and account management. IRM is able to benchmark existing processes against best practices as deployed across a wide variety of industries.
IRM also has many years of experience helping enterprise clients choose appropriate security metrics by which to measure tactical and strategic IT security performance, from low level team performance to board level dashboard approaches. IRM have designed systems such as Security Information Management systems to automate the delivery of these metrics to appropriate management views.
