Risk Management Model in ITIL
ITIL is considered a framework of Best Practice guidance for IT Service Management, and it is widely used in the business world. In spite of this, ITIL has some gaps in Risk Management specification. This chapter approaches this problem in ITIL and compares IT risk management in ITIL to other IT Governance Frameworks. Despite ITIL stating that risk should be identified, measured, and mitigated, it is not clear on how to proceed (no concrete process is defined on how to deal with risk). To solve this, the authors propose to map the M_o_R risk management framework in ITIL, mapping every M_o_R process in ITIL, therefore adopting a strong risk management in ITIL, based on concrete guidelines, without changing the framework. In this chapter, the authors summarize the necessary guidelines and show a planning for future work.