Five areas of the ISO Network Management Model

Fault management: This includes finding faults in information systems as well as the security policy that governs those systems. This covers not only systems, but people as well. Fault detection and modification of the faults is a large part of this. This would include remediation, which is evaluation of vulnerability through penetration testing. A large part of fault management is collecting and analyzing reports from users, as this point is often the first point in which a problem is noticed. This is done through the help desk, which can document and archive the support cases for determining a route to resolution and for creating a database (knowledge base) of issues and their solutions for future reference. Fault management is important as it is the groundwork for discovery of faults within security systems, policy, and compliance.

Configuration and change management: Change within organization and its information systems is a constant; so policy that outlines procedure to control that change must be implemented to ensure meeting the latest defined security standards. This includes the management of changes within “strategy, operation, or components of the information security program” (Whitman & Mattord, 2005).

Accounting management: This includes tracking of the use of select information systems to determine the charge for use of an asset. It also means the tracking of usage to measure the need for supplementary assets to information systems. Through auditing access logs, one can determine the percent of utilization of that asset and determine if additional systems are needed to keep up with the system demand to ensure quality of service.

Performance management: Management of systems through benchmarking, configuration analysis, and logging is an important aspect of information systems policy. Through properly monitoring systems through their system logs an administrator is able to determine if an upgrade is in order for memory, disk storage, clustering, or network media upgrade such as copper to fiber. For example, as discovered by monitoring, a server that has extended CPU utilization would be a candidate for an upgrade to a faster server, or load balancing with other servers.

Security management: Manages the security policy by overseeing the various areas of the policy to ensure proper implementation and compliance. Also involved is the improvement of the policy. Steps to security management include risk analysis of vulnerabilities, applying controls to manage that risk, review of effectiveness of those controls, and development of incident response.

References:
Whitman, M., Mattord, H. (2005). Configuration and change management. Principles of Information Security. p.495. Thomson.

Advertisements