Risk Management for IT-Service Lifecycle Management is not always performed in a transparent, repeatable and consistent way. In consequence its potential to be used as a key element for successful decision taking is not fully utilized.
This thesis considers applied standards, models and practices in the IT-Service Management to establish a methodology which enables improvement of Risk Management within the IT-Service Lifecycle. The developed methodology determines stages in the Lifecycle where risk assessments should be
performed. It also defines the required information and their sources.
Being based on already existing processes within a service providing organization, this methodology can easily be applied to improve the service quality.
Motivation:
Since one major business sector of Merck is the production of pharmaceutical products the organization is subject to very strict regulations for development and production of their life science products and the business supporting ITServices
therefore underlie a strong IT-Governance. This IT-Governance as
part of the corporate Governance is highly influential on how IT-Services are operated and carried out over their whole lifecycle. In addition, business processes and the management of risks are highly important factors. The provided IT-Services have to be on track with business needs of the respective
customers. To ensure this alignment strategic decisions need to be based on relevant information. To improve this decision making process various types of information on IT-Services are needed.
The author’s professional background served as a foundation for addressing this corporate need of Merck. Having obtained basic knowledge on IT-Services, related organizations and processes, the author took this opportunity to pursue his growing interest within this field of research.
Inhaltsverzeichnis (Table of Contents)
- 1 Introduction
- 2 The Service Lifecycle
- 2.1 Lifecycle concepts
- 2.2 ITIL Service Lifecycle
- 2.3 Merck IT-Service Lifecycle
- 3 Management of Risk
- 3.1 Definition of Risk
- 3.2 Risk Management principles
- 3.3 Risk Management process
- 3.4 Risk Management relevant process roles
- 4 Risk Priorities
- 4.1 Legal and regulatory Risk Priorities
- 4.2 Project Initiation Risk Priorities
- 4.3 Risk Priorities derived from ITIL
- 5 Risk Management Methods
- 5.1 Determination of Risk Priorities
- 5.2 Risk Tolerance for IT-Services
- 5.3 Risk Review Checkpoints
- 5.4 Risk Priority Checkpoints
- 6 Management of Risk Priority Checkpoints
- 7 Visualization for Service Review
- 8 Results
Zielsetzung und Themenschwerpunkte (Objectives and Key Themes)
This bachelor thesis examines the integration of risk management within the IT-service lifecycle. It aims to analyze the different phases of the service lifecycle and identify relevant risk factors at each stage. The study explores the application of ITIL frameworks and best practices for managing risks, particularly in the context of the Merck IT-service lifecycle. By examining specific risk priorities and developing methods for their assessment and mitigation, this thesis contributes to a more comprehensive and proactive approach to risk management in IT service delivery.
- Risk Management within the IT-Service Lifecycle
- Integration of ITIL Frameworks and Best Practices
- Risk Identification and Prioritization
- Risk Assessment and Mitigation Strategies
- Visualization and Communication of Risk Information
Zusammenfassung der Kapitel (Chapter Summaries)
The thesis begins with an introduction to the topic of risk management within the IT-service lifecycle. Chapter 2 provides an overview of different service lifecycle concepts, including ITIL and the Merck IT-service lifecycle. Chapter 3 delves into the definition of risk, risk management principles, and the risk management process. Chapter 4 explores various risk priorities, including legal and regulatory risks, project initiation risks, and risks derived from ITIL. Chapter 5 focuses on risk management methods, such as determining risk priorities, setting risk tolerance levels, and establishing risk review checkpoints. Chapter 6 discusses the management of risk priority checkpoints, including risk treatment and risk communication. Chapter 7 explores visualization techniques for service review, while Chapter 8 presents the results of the study. The thesis concludes with a summary of the key findings and recommendations for future research.
Schlüsselwörter (Keywords)
The core concepts explored in this thesis include risk management, IT-service lifecycle, ITIL, risk identification, risk prioritization, risk assessment, risk mitigation, service review, and visualization. The study also focuses on the practical application of these concepts within the Merck IT-service lifecycle, drawing upon real-world case studies and examples.
- Quote paper
- Jan Kussowski (Author), 2014, Risk Management within the IT-Service Lifecycle, Munich, GRIN Verlag, https://www.grin.com/document/299681