A new framework for bridging the gap between IT Service Management and IT Governance from a security perspective

With COBIT and ITIL at the forefront of IT governance and IT service management, respectively, there is a need to establish if ITIL Security Management complies with COBIT DS5. This paper investigates the possible compliance and any related issues by comparing the requirements of COBIT DS5 against the measures of ITIL Security Management. Results indicate that ITIL Security Management is unable to fully comply with COBIT DS5. An attempt is made to offer a possible solution through the use of an additional framework that may be integrated into ITIL so that compliance with COBIT DS5 can be achieved.