IT operates in dynamic environments with the need always to change and adapt. There is a need to improve performance. Many gaps were found when we conduct the IT audit and we tried to seek to close gaps in capabilities. One way to the close these gaps is the adoption of good practices in wide industry use. There are several sources for good practices including public frameworks and standards su...

Service management organizations and processes increasingly become standardized and even certified according to ISO/IEC 20000-1, creating detailed knowledge of the IT services rendered. The description of the services in a service catalogue needs to be enhanced beyond the components of IT services to include all contributing organizational units and business processes. An integrated model of th...

Continual Service Improvement (CSI) is part of ITIL® and its framework of best practices under IT Service Management (ITSM).1 CSI promotes the use of quality management methodologies to measure, analyze and learn from past successes and failures to improve service desk results. Its objective: the sustainment of operational excellence through continual improvement of the effectiveness and effici...

In the past few years, many frameworks and standards have been developed to cover different aspects of IT to provide best practices, such as COBIT, ITIL, CMMI, ISO/IEC 20000, ISO/IEC 38500 and ISO/ IEC 27000, and improve IT governance and IT service management in organizations. This research presents how self-assessments for IT standards improve significantly the strategic and tactical evaluati...

Nowadays, the successful implementation of ICTs is vital for almost any kind of organization. Good governance and ICT management are essential for delivering value, managing technological risks, managing resources and performance measurement. In addition, outsourcing is a strategic IT service solution which complements IT services provided internally in organizations. This paper proposes the me...

This article brings a novel approach for optimized risk management in IT service information security. The new method is based on widely used international standards – best practices – for IT service management (ISO/IEC 20000) and Information security management system (ISO/IEC 27000). Firstly, the IT service information security approach is developed (based on a Service level management extens...