
ITIL’s guidance on Risk Management has changed through the years. In ITIL v2, it was based on C.C.T.A.’s Risk Analysis Management Methodology (the acronym is CRAMM, I kid you not). It looked at the combination of Assets, Vulnerabilities, and Threats to derive a Risk score to which Countermeasures were applied. ITIL v3 2011 defers Risk …
Read more