Services The Manager View
Building and operating a SOC it’s a high demanding mission, to accomplish this challenging task many best practice, frameworks and standards might prove to be useful (e.g.: ITIL and COBIT) and others could be mandatory to comply with (e.g.: PCI DSS and ISO/IEC 27001:2013). ITIL deserves special mention as a potentially unparalleled source of advice and guidance talking about service strategy and design, service level management and in creating an interface between organization’s incident/problem management processes and SOC specific processes. On the other hand, COBIT – and specifically COBIT MM (Maturity Model) – could be taken as a paramount guideline for measuring the maturity of the CSOC. Generally speaking, the performance of the CSOC must be carefully measured in all its aspects, the clear definition of KPIs is mandatory and a wise application of continual service improvement could give to the SOC the best results in being successful and being perceived as a value for the organization.