dc.description.abstract | The complexity of managing IT Service delivery has led to growth of IT Service management (ITSM) as an
important area of focus in the IT industry. Organizations are therefore investing in IT service management best
practices to manage their IT services. ITIL is considered as one of best framework for IT Service Management and it
is widely used in the business world. This framework is strong on delivery and support processes in that it describes
how to structure operational processes but is weak on risk management processes.
The broad objective of this research was to come up with a framework of ICT service management that improves the
current ITIL service delivery framework to incorporate Risk Management. Specifically the research sought to
identify risk management attributes that could be applicable to ICT services, determine what needs to be
incorporated in the ITIL service management framework to address risk management gaps and further to develop a
conceptual ITIL Service management framework that incorporates Risk management. Both quantitative and
qualitative research approaches were used to complement each other. The research used questionnaires, data from
the ITSM tool, focused group discussions, targeted interviews, as well as independent observation of processes.
From the findings, there were Gaps in Disaster preparedness and they only came to the light once disaster struck. It
was also noted that once a risk item was identified, mitigation were put in place urgently. However, there were no
post implementation reviews. Precisely, ITIL processes that had not integrated risk management adequately include
Strategy management, IT financial management, Service portfolio management, demand management and service
catalogue process. Significant findings emanating from this research were that, apart from driving change through
continual improvement, the organization must be prepared for rapid transitions and transformations driven by
changes in an organization environment or internal situation while managing potential risks. Changes may be driven
by sourcing decisions, actions of competitors, technology innovations and shifts in customer preferences hence IT
Service management should respond effectively and efficiently.
In conclusion, it is apparent that the value of ITIL to organizations is undeniable as it helps reduce IT costs, increase
IT performance and improve business performance through IT-business alignment. However ITIL service
management framework does not provide a clear concept on how to treat risk yet risk management is essential to all
organizations. It is therefore important to ensure that organizations Integrate or adapt a risk management framework,
embedded it into ITIL, document the methodology, processes and create key risk indicators, link them to strategic
responses and develop metrics to measure compliance as well as ensure effective communication | en_US |