Skip to main content
SpringerLink
Log in

Risk Management Model in ITIL

  • Conference paper
ENTERprise Information Systems (CENTERIS 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 220))

Included in the following conference series:

Abstract

ITIL is considered a framework of Best Practice guidance for IT Service Management and it is widely used in the business world. In spite of this, ITIL has some gaps in Risk Management specification. This paper approaches this problem in ITIL and compares IT risk management in ITIL to other IT Governance Frameworks. Despite ITIL stating that risk should be identified, measured and mitigated, it is not clear on how to proceed (no concrete process is defined on how to deal with risk). To solve this, we propose to map the M_o_R risk management framework in ITIL, mapping every M_o_R process in ITIL, therefore adopting a strong risk management in ITIL, based on concrete guidelines, without changing the framework. Here in this paper we will summarize the necessary guidelines. Finally, we will show a planning for future work.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Crouhy, M., Galai, D., Mark, R.: The Essentials of Risk Management. McGraw-Hill, New York (2005)

    Google Scholar 

  2. Office of Government Commerce: ITIL - Service Strategy. TSO, London (2007)

    Google Scholar 

  3. Office of Government Commerce: ITIL - Service Operation. TSO, London (2007)

    Google Scholar 

  4. Office of Government Commerce: ITIL - Continual Service Improvement. OGC, London (2007)

    Google Scholar 

  5. Kouns, J., Minoli, D.: Information Technology Risk Managemen In Enterprise Environments. Willey, Canada (2010)

    Google Scholar 

  6. Sahibudin, S., Sharifi, M., Ayat, M.: Combining ITIL, COBIT and ISO/IEC 27002 in Order to Design a Comprehensive IT Framework in Organizations, pp. 749–753. University Teknologi Malaysia 81310 UTM, skudai (2008)

    Google Scholar 

  7. Faber, M., Faber, R.: ITIL® and Corporate Risk Alignment Guide An introduction to corporate risk and ITIL, and how ITIL supports and is assisted by Management of Risk (M_o_R®). Whitepaper, The Stationery Office (TSO), London (2010)

    Google Scholar 

  8. Feglar, T.: ITIL based Service Level Management if SLAs Cover Security, pp. 61–71. Czech Republic (2004)

    Google Scholar 

  9. Wickboldt, J., Machado, G., da Costa Cordeiro, W., Lunardi, R., dos Santos, A., Andreis, F., Both, C., Granville, L., Paschoal Gaspary, L.: A Solution to Support Risk Analysis on IT Change Management, Piscataway, NJ, USA, pp. 445–452 (2009)

    Google Scholar 

  10. OGC. In: M_o_R - Management of Risk. http://www.mor-officialsite.com/

  11. OGC: Management of risk: Guidance for Practitioners, 3rd edn. TSO, United Kingdom (2010)

    Google Scholar 

  12. Office of Government Commerce: ITIL - Service Transition. TSO, London (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Instituto Superior Técnico, Av. Rovisco Pais, 1, 1049-001, Lisbon, Portugal

    Sarah Vilarinho & Miguel Mira da Silva

Authors
  1. Sarah Vilarinho
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Miguel Mira da Silva
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Polytechnic Institute of Cávado e Ave, 4750-810, Vila Frescainha S. Martinho, BCL, Portugal

    Maria Manuela Cruz-Cunha

  2. University of Trás-os-Montes e Alto Douro, 5001-801, Vila Real, Portugal

    João Varajão

  3. Birkbeck, University of London, WC1E 7HX, London, UK

    Philip Powell

  4. School of Technology and Management, Polytechnic Institute of Leiria, 2411-901, Leiria, Portugal

    Ricardo Martinho

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Vilarinho, S., da Silva, M.M. (2011). Risk Management Model in ITIL. In: Cruz-Cunha, M.M., Varajão, J., Powell, P., Martinho, R. (eds) ENTERprise Information Systems. CENTERIS 2011. Communications in Computer and Information Science, vol 220. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24355-4_31

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-24355-4_31

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-24354-7

  • Online ISBN: 978-3-642-24355-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation