Integration of Information Security Essential Controls into Information Technology Infrastructure Library – A Proposed Framework
Syed Mubashir Ali, Tariq Rahim Soomro

Abstract
The use of information technology (IT) has risen exponentially over the past few decades and has become a necessity for enterprises. Organizations are realizing that IT resources are important strategic organizational asset. This rapid increase in the use of IT has urged organizations into implementing IT standards. There are a number of IT standards and technology frameworks which are supporting organization independently. Information technology infrastructure library (ITIL) is the de-facto IT management framework and one of the most widely used IT standards. Although, ITIL is a comprehensive IT framework but lacks information security management which needs to be catered for effective IT service management. This study will discuss some of the information security standards and the essential controls of information security and propose a modified ITIL framework that will incorporate all the essential controls of information security within ITIL.

Full Text: PDF