Skip to Main Content
Initial ideas are presented concerning the application of risk to IT service management. Focus is on the process of testing changes to a service where risk considerations are paramount. In particular, the decision problem of which tests to perform after a change is discussed. Several approaches to formalizing this decision problem are presented with particular reference to the numerical representation of risk metrics and of risk appetite. The paper offers no final results but a rich set of alternatives for discussion by the research community.