In this age of high technology, every transaction and process that we perform using the computer systems is open and vulnerable to potential attacks by malicious users.  Security is one prominent aspect that a lot of computer enthusiasts and experts are deeply looking at.  When a system is open to potential attacks and is not secure for possible fraudulence, then the system is not worth maintaining. 

Even in the early days, the need to protect any information being passed thru from one point to another that has been exposed from any potential modification and tampering created greater impact.  It is for this reason that even in the early days, government and organizations have been looking for ways on how they can secure the information that they need.

Information Systems Security refers to protecting and securing your information and the system itself for potential malicious access, or unauthorized use, or information destruction and modification.  The term IS Security is correlated to assuring that the system is protected to maintain its confidentiality, relevance – that which remains free from any modification, and in-tact for possible use. 

A lot of institutions are exerting too much effort and money just to make sure that the system that they have remains secure and that all information stored and maintained on it remain in-tact and usable.  Due to the massive and frequent system attacks that have been experienced by many organizations, the security of information systems has greatly evolved and changed.  In the recent years, the security measures being undertaken by each company has grown more powerful and robust. 

Configuration management is a great tool to manage change in documentation, hardware, software, firmware, measurements and many more. Change is expected to have an initial state and next state. The indication of this vital state in a series of various changes is very important. Identifying these states in the revision history in configuration item is the main objective of baseline identification.

Normally, these vital states are the ones that receive an official approval status, sometimes implicitly and explicitly. The approval status can be indicated separately and individually, when the marking is identified, or signified simply by relationship or association to a particular baseline. However, this approval or authorization status is known publicly. Hence, the baseline may also be marked and indicate an approved configuration item. On the other hand, the configuration in a project may also involve more than one baseline. This includes the metrics and the status of the configuration. A baseline may focus on a specific baseline. Examples of it include the following: 1. Allocated Baseline: these are state of work items and products when conditions and requirements are approved. 2. Functional Baseline: this is where the initial specifications are established. 3. Product Baseline: this baseline holds the releasable contents of the item/product. Baselines may also be created to simply imply the progress of work through time. In the development of implementing configuration management and configuration items may be baselined to determine a particular status to interested parties. With this, the baseline work may need particular changes to work products to make sure it agrees with the baseline reference.

The standard configuration is applied to the different media configurations and protocols. It is also applied to commands for global configuration. Cisco uses the standard configuration for its device classification like the router, ATM switch, LAN and WAN switch. Each of the standard configurations should contain the commands for protocol configuration that are needed to maintain the consistency of the network. Media configuration consists of the frame relay, ATM and Fast Ethernet configurations. The configuration of the protocol includes the configuration parameters of standard IP routing protocol, the Quality of Service configurations, access list that are common and all the other protocol configurations required.

Standard configuration parameters are recommended in a configuration file and also in downloading the file to each of the devices prior to the interface and protocol configuration. The standard configuration file should also be documented containing an explanation for each parameter of the global configuration and state its importance. The resource manager essentials of Cisco may be used to manage some standard configuration file, descriptors and protocol configuration.

There are also upgrade procedures done to ensure that the upgrade of the software and hardware occur with minimal down time. The procedures for upgrade include vendor installation, vendor verification, guidelines and testing requirements. The procedures for upgrade differ depending on the type of the network and the type of the device that will be used. Some of the other upgrades may not be tested easily like the one that involves the whole network. When the procedure for upgrade is verified and defined, the upgrade procedures must be updated with all the documentations for change.

Not at all. The processes covered in V2 are the basics of V3. The main difference is that they are going to be
clearer and the relationships between them will be better defined.

A good V2 training course will cover all the aspects that you will need for successful implementation of IT Service Management.

In addition, as soon as ITIL® V3 is finalized, The Art of Service plans to incorporate a short ITIL® V3 primer into existing courses, even before any new exams are made available, to help introduce students to what is contained in ITIL® V3.

Control is one of the major elements that make Prince2 a reliable project management methodology.  The systems of Prince2 seek to minimize the level of risk for a given project.  Because risk is a natural feature of any type of projects, correctly identifying and applying mitigating solutions to it should be addressed by project managers.  It is therefore imperative for every project managers to institute effective risk management using Prince2 control systems.

Risk management is a whole set of processes within Prince2 project management paradigm.  The project manager should determine and identify actual and potential risks and it must be included in the planning stages.  After this, the project manager should ensure that corrective action plans or contingency plans are in place for each identified risks.  Responsibilities must also be assigned to the appropriate project teams who are capable of monitoring and evaluating the occurrence of risks.  These mechanisms are good safeguards in order to anticipate risks and avoid slippage during the course of the project.  All these measures show how Prince2 control systems contain risks and good project managers must implement these systems to ensure the success of the project.

Stakeholders should also be involved in the management of risks.  During review processes, the project manager must inform stakeholders about the level of risks at every stage of the project and what mechanisms are in place to mitigate those.  Full disclosure is important to properly assess risk levels and to determine if control mechanisms are sufficient.  In doing this, everyone who is involved in the project can have a comprehensive view of the whole management process.