摘要:In an environment in which organizations increasingly depend on the quality of their information systems to provide services and produce goods in an appropriate manner, it is vital to adopt tools to ensure this quality. One of the most used tools for this purpose is the Information Technology Infrastructure Library (ITIL), in which the module that deals with security management is one of the most important. The objective of this study was to understand how ITIL is used in the process of security management in a large industrial organization, as this understanding may bring useful knowledge to people who are faced with similar situations. This case study was done through semi-structured interviews that allowed the comparison between the ITIL principles to the subject and the practices adopted by the organization object of study.