2011
Juliano Araujo Wickboldt, Luís Armando Bianchin, Roben Castagna Lunardi, Lisandro Zambenedetti Granville, Luciano Paschoal Gaspary, Claudio Bartolini
A framework for risk assessment based on analysis of historical information of workflow execution in IT systems Journal Article
In: Elsevier Computer Networks, 55 (13), pp. 2954–2975, 2011, ISSN: 1389-1286.
Abstract Links BibTeX Tags: Change Management COBIT ITIL Project Management Risk Management
@article{DBLP:journals/cn/WickboldtBLGGB11,
title = {A framework for risk assessment based on analysis of historical information of workflow execution in IT systems},
author = {Juliano Araujo Wickboldt and Luís Armando Bianchin and Roben Castagna Lunardi and Lisandro Zambenedetti Granville and Luciano Paschoal Gaspary and Claudio Bartolini},
url = {https://doi.org/10.1016/j.comnet.2011.05.025},
doi = {10.1016/j.comnet.2011.05.025},
issn = {1389-1286},
year = {2011},
date = {2011-01-01},
journal = {Elsevier Computer Networks},
volume = {55},
number = {13},
pages = {2954--2975},
abstract = {Services provided by modern organizations are usually designed, deployed, and supported by large-scale IT infrastructures. In order to obtain the best performance out of these services, it is essential that organizations enforce rational practices for the management of the resources that compose their infrastructures. A common point in most guides and libraries of best practices for IT management – such as ITIL or COBIT – is the explicit concern with the risks related to IT activities. Proactively dealing with adverse and favorable events that may arise during everyday operations might prevent, for example: delay on deployment of services, cost overrun in activities, predictable failures of handled resources, and, consequently, waste of money. Although important, risk management in practice usually lacks in automation and standardization in IT environments. Therefore, in this article, we introduce a framework to support the automation of some key steps of risk management. Our goal is to organize risk information related to IT activities providing support for decision making thus turning risk response planning simpler, faster, and more accurate. The proposed framework is targeted to workflow-based IT management systems. The fundamental approach is to learn from problems reported in the history of previously conducted workflows in order to estimate risks for future executions. We evaluated the applicability of the framework in two case studies both in IT related areas, namely: IT change management and IT project management. The results show how the framework is not only useful to speed up the risk assessment process, but also to assist the decision making of project managers and IT operators by organizing risk detailed information in a comprehensive way.},
keywords = {Change Management, COBIT, ITIL, Project Management, Risk Management},
pubstate = {published},
tppubtype = {article}
}
Services provided by modern organizations are usually designed, deployed, and supported by large-scale IT infrastructures. In order to obtain the best performance out of these services, it is essential that organizations enforce rational practices for the management of the resources that compose their infrastructures. A common point in most guides and libraries of best practices for IT management – such as ITIL or COBIT – is the explicit concern with the risks related to IT activities. Proactively dealing with adverse and favorable events that may arise during everyday operations might prevent, for example: delay on deployment of services, cost overrun in activities, predictable failures of handled resources, and, consequently, waste of money. Although important, risk management in practice usually lacks in automation and standardization in IT environments. Therefore, in this article, we introduce a framework to support the automation of some key steps of risk management. Our goal is to organize risk information related to IT activities providing support for decision making thus turning risk response planning simpler, faster, and more accurate. The proposed framework is targeted to workflow-based IT management systems. The fundamental approach is to learn from problems reported in the history of previously conducted workflows in order to estimate risks for future executions. We evaluated the applicability of the framework in two case studies both in IT related areas, namely: IT change management and IT project management. The results show how the framework is not only useful to speed up the risk assessment process, but also to assist the decision making of project managers and IT operators by organizing risk detailed information in a comprehensive way.
Juliano Araujo Wickboldt
A framework for risk assessment based on analysis of historical information of workflow execution in IT systems Masters Thesis
Universidade Federal do Rio Grande do Sul, Porto Alegre, Brazil, 2011.
Abstract Links BibTeX Tags: Change Management COBIT ITIL Project Management Risk Management
@mastersthesis{msc/ndltd/Wickboldt11,
title = {A framework for risk assessment based on analysis of historical information of workflow execution in IT systems},
author = {Juliano Araujo Wickboldt},
url = {http://hdl.handle.net/10183/31121},
year = {2011},
date = {2011-01-01},
school = {Universidade Federal do Rio Grande do Sul, Porto Alegre, Brazil},
abstract = {Products and services provided by modern organizations are usually designed, deployed, and supported by large-scale Information Technology (IT) infrastructures. In order to obtain the best performance out of provided products and services, it is essential that these organizations enforce rational practices for the management of resources that compose their infrastructures. For this purpose, in recent years a few standards and libraries of best practices for IT infrastructures and services management have been proposed. Among the most widely accepted proposals, in both academy and industry, is worth mentioning the Information Technology Infrastructure Library (ITIL). A common point in most of those standards and libraries is the explicit concern with the risks related to IT activities. Proactively dealing with adverse and favorable events that may arise during everyday operations might prevent, for example: delay on deployment of services, cost overrun in activities, predictable failures of handled resources, and, consequently waste of money. Although important, risk management in practice usually lacks in automation and standardization in IT environments. Generally, it is performed by stakeholders in interviews and brainstorms, which may be a very time/resource-consuming task and sometimes too imprecise to guide risk related decisions. Therefore, in this dissertation, a framework to support the automation of some key phases of risk management is proposed, aiming to make it simpler, faster, and more accurate. The proposed framework is targeted to work ow-based IT management systems. The main approach is to learn from problems reported in the history of previously conducted work ows in order to estimate risks for future executions. Furthermore, comprehensive and interactive risk reports are proposed aiming to ease the analysis of assessed risks by involved humans. The proposed framework had its applicability evaluated in two case studies both in IT related areas, namely: IT Change Management and IT Project Management. The results show how the framework is not only useful to speed up the risk assessment process, but also to assist the decision making of project managers and IT operators by organizing risk detailed information in a comprehensive way. In addition, the modular approach employed in the design of the proposed framework allows it to be generic enough to t in di erent contexts (changes and projects) and still customizable to adapt to more speci c requirements.},
keywords = {Change Management, COBIT, ITIL, Project Management, Risk Management},
pubstate = {published},
tppubtype = {mastersthesis}
}
Products and services provided by modern organizations are usually designed, deployed, and supported by large-scale Information Technology (IT) infrastructures. In order to obtain the best performance out of provided products and services, it is essential that these organizations enforce rational practices for the management of resources that compose their infrastructures. For this purpose, in recent years a few standards and libraries of best practices for IT infrastructures and services management have been proposed. Among the most widely accepted proposals, in both academy and industry, is worth mentioning the Information Technology Infrastructure Library (ITIL). A common point in most of those standards and libraries is the explicit concern with the risks related to IT activities. Proactively dealing with adverse and favorable events that may arise during everyday operations might prevent, for example: delay on deployment of services, cost overrun in activities, predictable failures of handled resources, and, consequently waste of money. Although important, risk management in practice usually lacks in automation and standardization in IT environments. Generally, it is performed by stakeholders in interviews and brainstorms, which may be a very time/resource-consuming task and sometimes too imprecise to guide risk related decisions. Therefore, in this dissertation, a framework to support the automation of some key phases of risk management is proposed, aiming to make it simpler, faster, and more accurate. The proposed framework is targeted to work ow-based IT management systems. The main approach is to learn from problems reported in the history of previously conducted work ows in order to estimate risks for future executions. Furthermore, comprehensive and interactive risk reports are proposed aiming to ease the analysis of assessed risks by involved humans. The proposed framework had its applicability evaluated in two case studies both in IT related areas, namely: IT Change Management and IT Project Management. The results show how the framework is not only useful to speed up the risk assessment process, but also to assist the decision making of project managers and IT operators by organizing risk detailed information in a comprehensive way. In addition, the modular approach employed in the design of the proposed framework allows it to be generic enough to t in di erent contexts (changes and projects) and still customizable to adapt to more speci c requirements.
2010
Luís Armando Bianchin, Juliano Araujo Wickboldt, Lisandro Zambenedetti Granville, Luciano Paschoal Gaspary, Claudio Bartolini, Maher Rahmouni
Similarity metric for risk assessment in IT change plans Inproceedings
In: 6th International Conference on Network and Service Management, CNSM 2010, Niagara Falls, Canada, October 25-29, 2010, pp. 25–32, IEEE, 2010.
Abstract Links BibTeX Tags: Change Management ITIL Risk Management Workflow Similarity
@inproceedings{DBLP:conf/cnsm/BianchinWGGBR10,
title = {Similarity metric for risk assessment in IT change plans},
author = {Luís Armando Bianchin and Juliano Araujo Wickboldt and Lisandro Zambenedetti Granville and Luciano Paschoal Gaspary and Claudio Bartolini and Maher Rahmouni},
url = {https://doi.org/10.1109/CNSM.2010.5691340},
doi = {10.1109/CNSM.2010.5691340},
year = {2010},
date = {2010-01-01},
booktitle = {6th International Conference on Network and Service Management, CNSM 2010, Niagara Falls, Canada, October 25-29, 2010},
pages = {25--32},
publisher = {IEEE},
abstract = {The proper management of IT infrastructures is essential for organizations that aim to deliver high quality services. Given the dynamics of these infrastructures, changes become imminent. In some cases, these changes might raise failures, causing disruption to provided services and consequently affecting the business continuity. Therefore, it is strongly recommended to evaluate the risks associated with changes before their actual execution. Learning from information of past deployed changes it is possible to estimate the risks for recently planned ones. Thereby, in this paper, we propose a solution to weigh the information available from past executed plans by the similarity calculated in relation with the analyzed change plan. A prototype system has been developed in order to evaluate the effectiveness of the solution over an emulated IT infrastructure. The results obtained show that the solution is capable of capturing similarity among activities in change plans, improving the accuracy of risk assessment for IT change planning.},
keywords = {Change Management, ITIL, Risk Management, Workflow Similarity},
pubstate = {published},
tppubtype = {inproceedings}
}
The proper management of IT infrastructures is essential for organizations that aim to deliver high quality services. Given the dynamics of these infrastructures, changes become imminent. In some cases, these changes might raise failures, causing disruption to provided services and consequently affecting the business continuity. Therefore, it is strongly recommended to evaluate the risks associated with changes before their actual execution. Learning from information of past deployed changes it is possible to estimate the risks for recently planned ones. Thereby, in this paper, we propose a solution to weigh the information available from past executed plans by the similarity calculated in relation with the analyzed change plan. A prototype system has been developed in order to evaluate the effectiveness of the solution over an emulated IT infrastructure. The results obtained show that the solution is capable of capturing similarity among activities in change plans, improving the accuracy of risk assessment for IT change planning.
Juliano Araujo Wickboldt, Luís Armando Bianchin, Roben Castagna Lunardi, Fabrício Girardi Andreis, Ricardo Luis dos Santos, Bruno Lopes Dalmazo, Weverton Luis da Costa Cordeiro, Abraham Lincoln Rabelo de Sousa, Lisandro Zambenedetti Granville, Luciano Paschoal Gaspary, Claudio Bartolini
Computer-generated comprehensive risk assessment for IT project management Inproceedings
In: 12th IEEE/IFIP Network Operations and Management Symposium, NOMS 2010, 19-23 April 2010, Osaka, Japan, pp. 400–407, IEEE, 2010, ISSN: 1542-1201.
Abstract Links BibTeX Tags: COBIT ITIL Project Management Risk Management
@inproceedings{DBLP:conf/noms/WickboldtBLASDCSGGB10,
title = {Computer-generated comprehensive risk assessment for IT project management},
author = {Juliano Araujo Wickboldt and Luís Armando Bianchin and Roben Castagna Lunardi and Fabrício Girardi Andreis and Ricardo Luis dos Santos and Bruno Lopes Dalmazo and Weverton Luis da Costa Cordeiro and Abraham Lincoln Rabelo de Sousa and Lisandro Zambenedetti Granville and Luciano Paschoal Gaspary and Claudio Bartolini},
url = {https://doi.org/10.1109/NOMS.2010.5488498},
doi = {10.1109/NOMS.2010.5488498},
issn = {1542-1201},
year = {2010},
date = {2010-01-01},
booktitle = {12th IEEE/IFIP Network Operations and Management Symposium, NOMS 2010, 19-23 April 2010, Osaka, Japan},
pages = {400--407},
publisher = {IEEE},
abstract = {Information Technology (IT) products and services provided by modern organizations are designed in projects that often involve large amount of resources (e.g., humans, hardware, and software). It is essential that organizations enforce rational practices for project management, in order to successfully conclude projects and avoid waste of substantial resources. In this context, Risk Management is fundamental to guarantee the accomplishment of project's objectives by dealing with adverse and favorable events. Although important, risk assessment in IT projects is usually performed by stakeholders in interviews and brainstorms which may be a very time/resource-consuming task. Therefore, in this paper, we introduce a solution to automate the risk assessment process, based on the history of previously conducted projects. Furthermore, comprehensive and interactive risk reports are proposed in order to ease the analysis of automatically generated reports. The results show that our solution is not only useful to speed the risk assessment process, but also to assist the decision making of project managers by organizing risk information according to the project structure.},
keywords = {COBIT, ITIL, Project Management, Risk Management},
pubstate = {published},
tppubtype = {inproceedings}
}
Information Technology (IT) products and services provided by modern organizations are designed in projects that often involve large amount of resources (e.g., humans, hardware, and software). It is essential that organizations enforce rational practices for project management, in order to successfully conclude projects and avoid waste of substantial resources. In this context, Risk Management is fundamental to guarantee the accomplishment of project's objectives by dealing with adverse and favorable events. Although important, risk assessment in IT projects is usually performed by stakeholders in interviews and brainstorms which may be a very time/resource-consuming task. Therefore, in this paper, we introduce a solution to automate the risk assessment process, based on the history of previously conducted projects. Furthermore, comprehensive and interactive risk reports are proposed in order to ease the analysis of automatically generated reports. The results show that our solution is not only useful to speed the risk assessment process, but also to assist the decision making of project managers by organizing risk information according to the project structure.
Luís Armando Bianchin, Juliano Araujo Wickboldt, Ricardo Luis dos Santos, Roben Castagna Lunardi, Bruno Lopes Dalmazo, Fabrício Girardi Andreis, Weverton Luis da Costa Cordeiro, Abraham Lincoln Rabelo de Sousa, Lisandro Zambenedetti Granville, Luciano Paschoal Gaspary
Similaridade para Avaliação de Riscos em Planos de Mudança de TI Inproceedings
In: 15º Workshop de Gerência e Operação de Redes e Serviços, WGRS 2010, Gramado, Brazil, May 24-28, 2010, pp. 103–116, SBC, 2010, ISSN: 2177-496X, (In portuguese).
Abstract Links BibTeX Tags: Change Management ITIL Risk Management Workflow Similarity
@inproceedings{conf/wgrs/Bianchin10,
title = {Similaridade para Avaliação de Riscos em Planos de Mudança de TI},
author = {Luís Armando Bianchin and Juliano Araujo Wickboldt and Ricardo Luis dos Santos and Roben Castagna Lunardi and Bruno Lopes Dalmazo and Fabrício Girardi Andreis and Weverton Luis da Costa Cordeiro and Abraham Lincoln Rabelo de Sousa and Lisandro Zambenedetti Granville and Luciano Paschoal Gaspary},
url = {http://www.inf.ufrgs.br/~jwickboldt/wp-content/uploads/wgrs2010_similaridade.pdf},
issn = {2177-496X},
year = {2010},
date = {2010-01-01},
booktitle = {15º Workshop de Gerência e Operação de Redes e Serviços, WGRS 2010, Gramado, Brazil, May 24-28, 2010},
pages = {103--116},
publisher = {SBC},
abstract = {The proper management of IT infrastructures is essential for organizations that aim to deliver high quality services. Given the dynamics of these environments, changes become imminent. In some cases these changes might raise failures that may cause disruption to services affecting the business continuity, which makes necessary the evaluation of the risks associated with changes before their actual execution. Taking advantage of information from past deployed changes it’s possible to estimate the risks for recently planned ones. Thereby, in this paper, we propose a solution to weigh the information available from past executed changes by the similarity calculated in relation with the analyzed change. A prototype system was developed in order to evaluate the efficacy of the solution in an emulated IT infrastructure. The results show that the solution is capable of capturing similarity among changes, improving the accuracy of risk assessment for IT change planning.},
note = {In portuguese},
keywords = {Change Management, ITIL, Risk Management, Workflow Similarity},
pubstate = {published},
tppubtype = {inproceedings}
}
The proper management of IT infrastructures is essential for organizations that aim to deliver high quality services. Given the dynamics of these environments, changes become imminent. In some cases these changes might raise failures that may cause disruption to services affecting the business continuity, which makes necessary the evaluation of the risks associated with changes before their actual execution. Taking advantage of information from past deployed changes it’s possible to estimate the risks for recently planned ones. Thereby, in this paper, we propose a solution to weigh the information available from past executed changes by the similarity calculated in relation with the analyzed change. A prototype system was developed in order to evaluate the efficacy of the solution in an emulated IT infrastructure. The results show that the solution is capable of capturing similarity among changes, improving the accuracy of risk assessment for IT change planning.
2009
Juliano Araujo Wickboldt, Luís Armando Bianchin, Roben Castagna Lunardi, Fabricio Girardi Andreis, Weverton Luis da Costa Cordeiro, Cristiano Bonato Both, Lisandro Zambenedetti Granville, Luciano Paschoal Gaspary, David Trastour, Claudio Bartolini
Improving IT Change Management Processes with Automated Risk Assessment Inproceedings
In: 20th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management, DSOM 2009, Integrated Management of Systems, Services, Processes and People in IT, Venice, Italy, October 27-28, 2009, pp. 71–84, Springer, Venice, Italy, 2009.
Abstract Links BibTeX Tags: Change Management ITIL Risk Management
@inproceedings{DBLP:conf/dsom/WickboldtBLACBGGTB09,
title = {Improving IT Change Management Processes with Automated Risk Assessment},
author = {Juliano Araujo Wickboldt and Luís Armando Bianchin and Roben Castagna Lunardi and Fabricio Girardi Andreis and Weverton Luis da Costa Cordeiro and Cristiano Bonato Both and Lisandro Zambenedetti Granville and Luciano Paschoal Gaspary and David Trastour and Claudio Bartolini},
url = {https://doi.org/10.1007/978-3-642-04989-7_6},
doi = {10.1007/978-3-642-04989-7_6},
year = {2009},
date = {2009-01-01},
booktitle = {20th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management, DSOM 2009, Integrated Management of Systems, Services, Processes and People in IT, Venice, Italy, October 27-28, 2009},
volume = {5841},
pages = {71--84},
publisher = {Springer},
address = {Venice, Italy},
series = {Lecture Notes in Computer Science},
abstract = {The rational management of IT infrastructures is a goal of modern organizations that aim to deliver high quality services to their customers in an affordable way. Since changes are imminent in such a dynamic environment, failures during this process may directly affect business continuity. Hence, risk assessment is a key process in IT change management. Despite its importance, risks are usually assessed by humans based on empirical knowledge, leading to inaccurate basis for decision making. In this paper, we present a solution for automating the risk assessment process, which combines historical data from previous changes and analyzes impact of changes over affected elements. A prototypical system was developed to evaluate the solution on an emulated IT infrastructure. The results achieved show how the automated solution is capable of raising the quality of changes, therefore reducing service disruption caused by changes.},
keywords = {Change Management, ITIL, Risk Management},
pubstate = {published},
tppubtype = {inproceedings}
}
The rational management of IT infrastructures is a goal of modern organizations that aim to deliver high quality services to their customers in an affordable way. Since changes are imminent in such a dynamic environment, failures during this process may directly affect business continuity. Hence, risk assessment is a key process in IT change management. Despite its importance, risks are usually assessed by humans based on empirical knowledge, leading to inaccurate basis for decision making. In this paper, we present a solution for automating the risk assessment process, which combines historical data from previous changes and analyzes impact of changes over affected elements. A prototypical system was developed to evaluate the solution on an emulated IT infrastructure. The results achieved show how the automated solution is capable of raising the quality of changes, therefore reducing service disruption caused by changes.
Juliano Araujo Wickboldt, Guilherme Sperb Machado, Weverton Luis da Costa Cordeiro, Roben Castagna Lunardi, Alan Diego dos Santos, Fabrício Girardi Andreis, Cristiano Bonato Both, Lisandro Zambenedetti Granville, Luciano Paschoal Gaspary, Claudio Bartolini, David Trastour
A solution to support risk analysis on IT Change Management Inproceedings
In: 11th IFIP/IEEE International Symposium on Integrated Network Management, IM 2009, Hofstra University, Long Island, NY, USA, June 1-5, 2009, pp. 445–452, IEEE, 2009, (Mini conference paper).
Abstract Links BibTeX Tags: Change Management ITIL Risk Management
@inproceedings{DBLP:conf/im/WickboldtMCLSABGGBT09,
title = {A solution to support risk analysis on IT Change Management},
author = {Juliano Araujo Wickboldt and Guilherme Sperb Machado and Weverton Luis da Costa Cordeiro and Roben Castagna Lunardi and Alan Diego dos Santos and Fabrício Girardi Andreis and Cristiano Bonato Both and Lisandro Zambenedetti Granville and Luciano Paschoal Gaspary and Claudio Bartolini and David Trastour},
url = {https://doi.org/10.1109/INM.2009.5188847},
doi = {10.1109/INM.2009.5188847},
year = {2009},
date = {2009-01-01},
booktitle = {11th IFIP/IEEE International Symposium on Integrated Network Management, IM 2009, Hofstra University, Long Island, NY, USA, June 1-5, 2009},
pages = {445--452},
publisher = {IEEE},
abstract = {The growing necessity of organizations in using technologies to support to their operations implies that managing IT resources became a mission-critical issue for the health of the primary companies' businesses. Thus, in order to minimize problems in the IT infrastructure, possibly affecting the daily business operations, risks intrinsic to the change process have to be analyzed and assessed. Risk management is a widely discussed subject in several areas, although for IT change management it is quite a new discipline. The information technology infrastructure library (ITIL) introduces a set of best practices to conduct the management of IT infrastructures. According to ITIL, risks should be investigated, measured, and mitigated before any change is approved. Even with these guidelines, there is no default automatic method for risk assessment in IT change management. In this paper we introduce a risk analysis method based on the execution history of past changes. In addition, we propose a failure representation model to capture the feedback of the execution of changes over IT infrastructures.},
note = {Mini conference paper},
keywords = {Change Management, ITIL, Risk Management},
pubstate = {published},
tppubtype = {inproceedings}
}
The growing necessity of organizations in using technologies to support to their operations implies that managing IT resources became a mission-critical issue for the health of the primary companies' businesses. Thus, in order to minimize problems in the IT infrastructure, possibly affecting the daily business operations, risks intrinsic to the change process have to be analyzed and assessed. Risk management is a widely discussed subject in several areas, although for IT change management it is quite a new discipline. The information technology infrastructure library (ITIL) introduces a set of best practices to conduct the management of IT infrastructures. According to ITIL, risks should be investigated, measured, and mitigated before any change is approved. Even with these guidelines, there is no default automatic method for risk assessment in IT change management. In this paper we introduce a risk analysis method based on the execution history of past changes. In addition, we propose a failure representation model to capture the feedback of the execution of changes over IT infrastructures.
Juliano Araujo Wickboldt, Roben Castagna Lunardi, Guilherme Sperb Machado, Weverton Luis da Costa Cordeiro, Alan Diego dos Santos, Fabrício Girardi Andreis, Cristiano Bonato Both, Lisandro Zambenedetti Granville, Luciano Paschoal Gaspary
Automatizando a Estimativa de Riscos em Sistemas de Gerenciamento de Mudanças em TI Inproceedings
In: 27º Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, SBRC 2009, Recife, Brazil, May 25-29, 2009, pp. 437-450, SBC, 2009, ISBN: 978-85-7669-226-3, (In portuguese).
Abstract Links BibTeX Tags: Change Management ITIL Risk Management
@inproceedings{conf/sbrc/Wickboldt09,
title = {Automatizando a Estimativa de Riscos em Sistemas de Gerenciamento de Mudanças em TI},
author = {Juliano Araujo Wickboldt and Roben Castagna Lunardi and Guilherme Sperb Machado and Weverton Luis da Costa Cordeiro and Alan Diego dos Santos and Fabrício Girardi Andreis and Cristiano Bonato Both and Lisandro Zambenedetti Granville and Luciano Paschoal Gaspary},
url = {https://www.inf.ufrgs.br/~jwickboldt/wp-content/uploads/SBRC-2009-Automatizando_a_Estimativa_de_Riscos.pdf},
isbn = {978-85-7669-226-3},
year = {2009},
date = {2009-01-01},
booktitle = {27º Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos, SBRC 2009, Recife, Brazil, May 25-29, 2009},
pages = {437-450},
publisher = {SBC},
abstract = {Modern organizations take advantage of complex IT infrastructures in order to support their daily operations. Since these environments require special care, whenever changes become necessary, risks associated to them should be investigated. Usually, risk assessment is made by humans based only on their empirical knowledge, which is a very prohibitive task to do, that might lead to inaccurate or incomplete conclusions about risks associated to changes. In this paper, we present a solution for automating the process of risk assessment, based on data collected from past changes in order to identify possible problems for subsequent ones. A prototypical system was developed to evaluate the solution on an emulated IT infrastructure. The results achieved show how the automated solution is capable of raising the quality of the change planning as well as the organization of the managed infrastructure, in this way reducing the chances of disrupting the services delivered by the organization.},
note = {In portuguese},
keywords = {Change Management, ITIL, Risk Management},
pubstate = {published},
tppubtype = {inproceedings}
}
Modern organizations take advantage of complex IT infrastructures in order to support their daily operations. Since these environments require special care, whenever changes become necessary, risks associated to them should be investigated. Usually, risk assessment is made by humans based only on their empirical knowledge, which is a very prohibitive task to do, that might lead to inaccurate or incomplete conclusions about risks associated to changes. In this paper, we present a solution for automating the process of risk assessment, based on data collected from past changes in order to identify possible problems for subsequent ones. A prototypical system was developed to evaluate the solution on an emulated IT infrastructure. The results achieved show how the automated solution is capable of raising the quality of the change planning as well as the organization of the managed infrastructure, in this way reducing the chances of disrupting the services delivered by the organization.