Posted: Wed Jan 25, 2006 5:30 pm Post subject: ITIL and business risk
I am doing a research on how ITIL can reduce business risk related to IT services. I have read quite a few literature on both ITIL and risk and I cannot find any evidence to prove the relationship between ITIL and risk. There are of course theories made, but no substantial evidence to prove the theories.
Has anyone come across any article or paper on the relationship between ITIL and business risk?
Hmm, I've not come across any papers myself. You may want to dig through past conference papers of the itSMF.
I think it's fair to say that any process methodology (ITIL included) will help reduce/mitigate risk because they force a level of control over changes and forethought of what may go wrong, backout plans etc. where previously there may have been none.
In terms of ITIL I think that Change, Release, and Service Continuity are the main processes that will indeed reduce/mitigate risk.
If I come across anything that backs up my personal view (or otherwise) I'll let you know.
Posted: Fri Jan 27, 2006 12:08 pm Post subject: Risky Business
Risk management and Risk Analysis make up a significant part of the Availability Management function.
It comprises of 2 component parts -
Risk Analysis - Identification and Assesment (Threats, Assets, Vunerabilities)
Risk Management - Identifying and using countermeasures to assist in reducing risks to a manageable (acceptable) level.
ITSCM also bases it's recomendations upon risk analysis carried out both by the Business in order to identify the VBF (Vital business Functions) and by ITSCM during the second stage of ITSCM implementation (Requirements and Strategy)
ITSCM essentially uses the as availability (Analysis and Management) but for some reason calls it Requirements and strategy instead.
Use the ITIL Risk assesment model and the Risk Measurement Table for visual representations of Vunerabilities and risks.
And remember Risk and Vunerability assesments should be an iterative process, as the business grows (or shrinks) risk assesments should be carried out to cater for the ever changing business requirements. _________________ Humor is a rubber sword - it allows you to make a point without drawing blood.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum