Despite all progress on the scientific foundations of information system security, human factor attacks are still not sufficiently researched. This is mostly due to the multidimensional attack vector that spans organizational, technical and human aspects. These multidimensional attack vectors require equally multifaceted counter measures. This paper evaluates security measures according to ITIL for their potential to serve as such a multidimensional counter measure. ITIL measures will be classified according to their application area in preventing or counter acting attacks, thus providing a management catalogue of security measures against social engineering attacks.