The ITIL Security Management Process describes the structured fitting of security in the management organization. The objectives are as follows:
The determination of the security requirements defined in the SLA and other external requirements.
The achieving of a basic level of security.

The mission statement for Security Management is: To prevent the occurrence of security related incidents by managing the confidentiality, integrity and availability of IT services and data in line with business requirements at an acceptable cost.