Defining your risk appetite
How to create simple definitions of risk appetite levels, and then assign these to each of your organization’s projects, services, business units or any other clearly identifiable part of your work.
Blogs that appear below are published on the Optimal Service Management web site.
All blogs published on this site are licenced under CC BY-SA 4.0
It’s easy to assume you know who you’re talking to, but it’s just as easy to make a mistake. Every time you answer the phone, or phone someone else, make sure you really do know who you’re talking to.
Shiny new tools and processes aren't the only way to make improvements. And they won't be be of much use unless you've thought long and hard about what it is you are actually trying to achieve.
There are three very different approaches you can take to configuration management. Each of them has benefits and disadvantages, and you need to blend aspects of all three to get the best value in your context.
I will be delivering a webinar on information security and the service desk on Wednesday 10th October. Here's a preview to whet your appetite...
Major incidents and security breaches are different. Learning from experience can turn out to be hugely expensive, or even result in the organization concerned going out of business. So how can you make sure that you handle these incidents correctly first time?
At the Service Desk and IT support show, there was a panel discussion titled "Which framework is right for your business". I was pleasantly surprised by the sensible conclusions reached...
I often hear people who work in IT operations complain that DevOps is just about development. If we want DevOps to work for everyone then we shouldn’t wait to be invited to join in and complain when we aren’t. We should actively adopt ideas from DevOps into how we run IT operations and seek out our development colleagues to foster collaboration.
I delivered a presentation on Metrics and measurement at the Service Desk Institute conference in the UK. To my surprise, the most lively discussion topics were more about how well the service desk communicates with end users, than about metrics.
If you define an incident as "... interruption to an IT service..." then you're not really focussing on customers. One of my clients has a much more business-focussed definition, and this drives completely different behaviours...
Many IT organizations think that defining a vision is too abstract, they don’t see the point, and they just want to get on with it. So they jump straight into the important work. The results are as predictable as they are sad. IT staff work very hard, but fail to arrive anywhere helpful, with results that are not nearly as good as they could have been.