Free ITIL training material, exam preperation and real world ITIL advice all in one place
ITIL Articles

ITIL

ITIL

Stages and Processes
Service Lifecycle
Value
Measures
What is ITIL
What is a Service
Warranty
Alignment
Efficiency Gains
Resources and Capabilities
Continual Service Approach
Partnering with the business
Roles
Service Experience
Interview Questions
Benefits
Assets
Performance metrics
Best Service Desk Software
Salaries

Service Strategy

Service Strategy

Economic Climate
Addressing the Barriers
Silos and Reducing Barriers
Service Portfolio
Overview
Demand Management
Strategy Generation
Proactive Not Reactive
Financial Management
Continual Service Improvement
Organisational Health
Service Provider

Service Design

Service Design

Information Security Management
Operational Level Agreement (OLA)
Delivery Models
Availability Management
Design Challenges
Capacity Management
Service Level Agreement (SLA)
Supplier Management
Design Risks
Service Design Package
ITSCM
Service Level Management
Service Catalogue
Architecture and Standards Documents (Design Deliverable)
Starting Design
Plans

Service Transition

Service Transition

Overview
Knowledge Management
Configuration Item
Measurements and Monitoring
Release Management
Validation and Testing
Asset and Configuration Management
Change Management
Release Policy
Knowledge Transfer
Evaluation
Roles
Stakeholder Management
Control and Discipline
Planning and Support

ITIL Exam

ITIL Exam

Where can you take an ITIL Exam
Which Type of ITIL Training
List of Accredited ITIL Training Organizations in US
Which Languages is the ITIL Exam Available
How Much Does the ITIL Foundation Cost?
Braindumps and Torrents
How Many Questions on the ITIL v3 Foundation Exam
ITIL Test Centres in London
ITIL Test Centres in Italy
ITIL Test Centres in Brazil
ITIL Test Centres in US
ITIL Test Centres in Netherlands (Nederland)
ITIL Test Centres in Canada

Service Design - Design Risks





ISO 31000 defines risk as the effect of uncertainty on objectives, which can be either positive or negative. We use risk management to identify, assess, and prioritize the risks and follow those up with a corresponding and efficient application of resources to minimize, monitor, and control the probability or impact of unfortunate events in the future.

Silo Mentality
Risks in IT can come from a variety of sources including; uncertainty in financial markets, failures with IT or business projects, legal liabilities, credit risk, accidents and mistakes, natural causes and disasters as well as deliberate attacks from an adversary such as hacking.

During the design phase we would want to:

  • 1. Identify, characterise and assess threats/risks
  • 2. Assess the vulnerability of certain assets (usually the critical ones first) to specific threats. Such as an online payment processes vulnerability to hacking or fraud.
  • 3. Establish the particular risk (i.e. map risks to particular assets)
  • 4. Identify ways to reduce risk and include them in design
  • 5. Prioritize risk reduction measures and again include in design


The ISO standard outlines the principles of risk management, but more generally risk management should aim to create value or improve it. It should be an integral part of design and processes, and specifically address uncertainty. Risk management should be a structured and methodical approach, taking into account human factors.

Once risks have been identified, they must then be assessed as to their potential severity of loss and to the probability of occurrence. These quantities can sometimes be simple to measure, e.g. the value of a lost building, or in other cases they can be impossible to know for sure. Such as the probability of a freak event occurring, which may never have occurred in the past.

One of the most difficult parts of risk assessment is determining the rate of occurrence. Since statistical information is not always available on all kinds of past incidents and events which have a very low probability but drastic results are of course hard to weigh up.

There have been several theories and attempts to quantify risks. In actual fact, numerous different risk formulae exist, but probably the most broadly accepted formula for risk quantification is:


Rate of occurrence multiplied by the impact of the event equals risk

Coming back to ITIL a little, risk management is one of those things that's a little bit underemphasized. ITIL Service design doesn't prescribe any particular designs that you should use for this. However, we would normally follow the ISO standard and add risk assessment as one of the core items of a design review. We want to mitigate risks so they don't flow down stream to the production phase where it's much harder to fix these things. A good example of a risk would be; we won't be able to fund the depth of monitoring for this design. Another good example is compatibility; we may be running an app on an older version of windows server which is not compatible. This would be identified as a risk.

Cost recovering structures are also another thing that needs to be considered in the Service Design phase. The point about Service Design is that you should at least consider all of the aspect of design whether it is big or small. If something can't be addressed then that's considered a risk.

Risk Analysis

Is used to identify and quantify risks and appropriate countermeasures to safe guard availability of systems. We specifically undertake RA at the design phase to ensnare all possible risks, vulnerabilities and threats.

Related
service design cost risk financial failure loss assessment theories quantify risks iso





Latest - itil


Download ITIL 2011 PDF eBooks
Download ITIL 2011 PDF eBooks
The PDF ebooks for the new ITIL 2011 (v4) publications are now available to download. Viewable on any PDF reader software such as Adobe Acrobat for Windows, Kindle for Amazon readers or any mobile device including iPhone, iPad and Android mobiles.

ITIL 2011 - Whats new
ITIL 2011 - Whats new
After the initial launch of ITIL v3 we expected ITIL 4 to make an appearance sometime in 2011. Come the summer of 2011 and there's no ITIL 4 but instead we have ITIL 2011 - a major update to the ITIL framework that addresses errors..

ITIL v2 Practitioner exam retires in December 2011
ITIL v2 Practitioner exam retires in December 2011
As the transition from v2 to v3 continues, OGC confirmed that the ITIL v2 Practitioner exam and the v3 Foundation Bridge exams will be withdrawn from the marketplace as of 31st December 2011. The exam will remain available only for results until June








Additional

Search

Search

Search ITIL Info
e.g. ITIL training
 

Search

Popular

Take a free ITIL Practice Exam and test your knowledge of ITIL principles. Sample ITIL questions for the foundation and intermediate exams.

Tags

service design cost risk financial failure loss assessment theories quantify risks iso

Latest Diagrams


Service Lifecycle
Service Lifecycle (cog/wheel)

Service Design Snapshot
Service Design Snapshot

Service Design to Operation
Service Design to Operation

You might also like

ITIL Exam Questions



The names ITIL and IT Infrastructure Library are registered trademarks of the United Kingdom's Office of Government Commerce (OGC). We are not associated with OGC and our material is unofficial but unique. If you have an concerns or would like to use our material please contact us first.

English English  |  Portuguese Portuguese



Contact Us | PrivacyPolicy | RS 		Home  Link to Us
Copyright © Accelerated Ideas 2005-2013
All rights reserved