Due to the intangible nature of services, classical control approaches might not provide the relevant safeguards to enable the service company to reach its objectives. Typically, services results from an experience whose value and quality are complex to measure. Additional difficulties arise when the monitoring of risks is implemented in management information systems. Indeed, assuming that most prominent risks encountered in the service industries is the consequence of "invisible threats", appropriate approaches need to be built. We must also take into account the typical chain of risks that leads to the major damage. To tackle these specific service-type risks, we have designed a qualitative control system that enables auditors to allocate their resources and monitor the sequences of risks. We believe that if properly replaced in the corporate governance context, it could represent a useful tool to manage important categories of service risks. We adopt an internal auditing perspective.