부산대학교 도서관

Modern organizations face increasing challenges in managing IT services while maintaining robust information security. This study explores the potential of combining two established frameworks, ITIL and NIST CSF, to optimize IT service management and strengthen cybersecurity practices. The analysis commences with an individual examination of the characteristics and benefits of both frameworks. ITIL, a set of best practices for IT service management, and NIST CSF, a cybersecurity framework, offer valuable insights when used independently. However, their combined potential is particularly promising. By employing a methodical approach, we establish a clear correlation between ITIL practices and NIST CSF subcategories, revealing significant similarities and complementary aspects. This analysis highlights how their combined application fosters a more integrated and effective approach to managing IT services and enhancing security. By leveraging the strengths of both frameworks, organizations can achieve a dual benefit: improved quality and efficiency of IT services, alongside strengthened cyber defenses. This study emphasizes the value of a holistic perspective in IT service management and cybersecurity. It suggests that through the strategic integration of practices from both fields, organizations can achieve sustainable operational excellence and robust protection against cyber threats.