This book is about managing the security of IT services in terms of organization, orchestration, and optimization. It compresses the complex subject matter into individual terms and their definition, and it exploits systematics and terminology to create order, illuminate relationships, and provide concrete support for implementing IT service security successfully and with an eye for the essentials.

The book describes a management system called ESARIS (Enterprise Security Architecture for Reliable ICT Services) with field-proven methods and recipes. This metasystem or security architecture builds on more than a decade of day-to-day experience in the IT industry with multi-national customers. To enable the reader to fully exploit the guidance given, explicit definitions are provided for about 75 terms that can be used to look up a topic. Numerous figures and tables further support orientation and understanding, together with detailed introductions and explanations they offer acomprehensive presentation of IT service security issues and solutions.

This book is written for professionals with IT service providers (including IT departments), user organizations (including business units) or manufacturers, vendors, and suppliers.