Information, like other economic assets, is a precious asset for an enterprise so it must be properly protected. The basic solution to protect is to provide "information security". To understand information technology security, it is fundamental to understand the importance of IT management and governance concepts. In this study, the most widely practised and popular information technology security, management and governance standards, ISO 27001 standard, COBIT (Control Objectives for Information Technology) and ITIL (Information Technologies Infrastructure Library), will be investigated and compared.