IT Service Management and Infosec: Collaborate for Mutual Success

Collaboration between information security and IT is critical to the success of both teams. Information security frameworks and IT service management methodologies share a foundation in asset management, configuration management, and change management. This research describes the nexus between information security and IT service management by mapping ITIL version 4 management practices to the CIS Critical Security Controls. It shows that in many cases, information security controls and IT service management practices can be implemented and audited using the same steps.