ITIL-FOUNDATION · Question #354
Ensuring that the confidentiality, integrity and availability of the services are maintained to the levels agreed on the Service Level Agreement (SLA) is the responsibility of which role?
The correct answer is D. The Information Security Manager. In ITIL, the Information Security Manager is responsible for ensuring that confidentiality, integrity, and availability (CIA) of services are maintained at the levels defined in the SLA.
Question
Ensuring that the confidentiality, integrity and availability of the services are maintained to the levels agreed on the Service Level Agreement (SLA) is the responsibility of which role?
Options
- AThe Service Level Manager
- BThe Configuration Manager
- CThe Change Manager
- DThe Information Security Manager
How the community answered
(55 responses)- A2% (1)
- B2% (1)
- C4% (2)
- D93% (51)
Why each option
In ITIL, the Information Security Manager is responsible for ensuring that confidentiality, integrity, and availability (CIA) of services are maintained at the levels defined in the SLA.
The Service Level Manager negotiates and manages SLAs but is responsible for coordinating agreed service levels across all service attributes broadly, not specifically for enforcing CIA security properties.
The Configuration Manager maintains the Configuration Management System and accurate records of configuration items, which has no direct ownership over information security properties of services.
The Change Manager controls the change management process to ensure changes are assessed and approved, but does not own or enforce CIA properties across live services.
The Information Security Manager owns the Information Security Management process, whose primary objective is to align IT security with business security and ensure the CIA triad is protected at the levels agreed in service level agreements. This role defines and maintains the information security policy and manages all security aspects across IT services, making it the correct owner of this CIA responsibility.
Concept tested: ITIL Information Security Management role and CIA responsibility
Source: https://www.axelos.com/certifications/itil-service-management
Topics
Community Discussion
No community discussion yet for this question.