SlideShare a Scribd company logo

IS Project Risk Management: Risk Factors in IS Project Management

Eashani Rodrigo
Eashani Rodrigo

IS project risk management research essay - Research on academic risk identification frameworks and industry practices on adoption and use of risk identification frameworks.

Technology
1 of 14
Download to read offline
Research Essay IS Project Risk Management: Risk Factors in IS Project Management Author: Eashani Rodrigo 5/9/2017
Copyright © Eashani Rodrigo 1 Contents Introduction..........................................................................................................................2 Literature review..................................................................................................................4 Risk Management Process..................................................................................................4 Risk Identification – IS project risk factors........................................................................5 Case Study Analysis .............................................................................................................7 Case A – Deploying IT/IS Projects in Omani Government Organizations........................7 Case B – Identifying software project risks in Nigeria: an International Comparative Study...................................................................................................................................8 Discussion............................................................................................................................10 Conclusion...........................................................................................................................12 References ...........................................................................................................................13
Copyright © Eashani Rodrigo 2 Introduction The success of a project depends on how it is being managed. Organizations across different industries use formal project management methodologies and best practices for the successful management of their various projects. One of the most critical project management functions is the „Project Risk Management‟. Every project comes with inevitable risk factors that impact the success of the project. In any project management environment, either it is construction, information technology, telecommunications and financial services etc., proper project risk management should be followed in order to reduce and eliminate possible unexpected project risks and to help resolving problems if they occurred. According to Schwalbe (2009), risks are “uncertain events that may occur to the detriment or enhance of the project”, therefore the project risk management is aimed at “minimizing negative risk events and maximizing positive events”. In recent years, with the increasing complexity of the projects and changing business environments, the uncertainty of the project outcomes is in continual increase. This has resulted in making the risk management an important function in project management. Many researchers have found that process of risk management is a critical function for the success of the projects and it is essential to the development of profitability, especially in large-scale projects (Cadle & Yeates, 2008; Mohtashami et al, 2006). To achieve success in IT projects, the IT (Information Technology) industry is increasingly adopting risk management processes in their IS (Information Systems) project management practices. In IS project management, risk management involves all processes concerned with risk identification, risk analysis, and response to project risks (Schwalbe, 2009). From these processes, most critical process is considered as the „risk identification‟ or identifying the risk factors; which is the first step in managing successful IS development risks. Even though there are considerable attempts of academics to identify, classify, and compare IS project risk factors, there are not enough evidence to support the idea that industry practices use these frameworks in practical project management. Industry experts argue that these IS project risk factors identified by academics are not always applicable in the practical scenarios and there are other aspects to be considered when identifying IS project risks (Mursu et al., 2003). Therefore, this research focuses on identifying IS project risk factors in practical IS project management practices. Based on this research focus, this research aims to find answers for two questions:
Copyright © Eashani Rodrigo 3 (1) What are the IS projects‟ risk factors identified by scholars (risk identification frameworks)? (2) Are those risk factors being similarly identified in practical scenario, if not what are the risk factors that can be newly identified in practical IS project management? In order to find answers to those questions, this study will survey through academic literature to find IS projects‟ risk factors identified by academics, and it will analyse few industry case studies and systematic industry studies on IS project risk management to find answers for the practical identification of IS project risk factors. With the intention of providing knowledge in identifying IS project risk factors for practical IS project management practices, this research wishes to benefit IT organizations who follow risk management processes for successful IS project management. The next section of this essay highlights the literature review on the existing research on selected area, which will be followed by the evidence drawn case studies on practical scenario. Finally, it will discuss the research findings, which will be followed by the research conclusion.
Copyright © Eashani Rodrigo 4 Literature review Risk Management Process According to Mohtashami et al. (2006), IS project risk management deals with “anticipating, preventing, and mitigating problems arising in the software product, project or process”. In their research paper, they discuss a risk management framework, which comprise of major functions such as: “identifying and categorizing risk types, planning to avoid possible risk, and otherwise detect, mitigate, and recover from risks when they occur”. James Cadle and Donald Yeates (2008) in their book, “Project Management for Information Systems”, have discussed a risk management process with five sub-processes. These sub processes include: plan risk management approach, identifying risks, assess risks, plan risk responses and carry out risk reductions actions (Figure 1). Figure 1: The Risk Management Process (Cadle & Yeates, 2008)
Copyright © Eashani Rodrigo 5 All these risk processes which have been introduced by different academics, have three sub- processes in common, and these are: risk identification, risk analysis and risk responses. Risk identification is the first step of any risk management process and this involves in discovering what the risks are. Once the various risks are identified and described, the next - step risk analysis is involved with assessing risks based on their impact and likelihood. As the final step, after the risks were identified and the effects are being quantified, necessary actions should be taken. There are four main responses (actions) to a risk: risk acceptance, risk avoidance, risk mitigation and risk transfer (Cadle & Yeates, 2008). Risk Identification – IS project risk factors Risk identification is the first and the most critical step of the risk identification process. This initial process provides the input to entire risk management function and the outcome of the risk management function depends on the accurate identification of the project‟s risks. Therefore, it is important to identify all the possible risks of the project, also it is important to identify possible risks at the early stages of the project in order to minimize the costs of the risks. One of the well-known initial risk identification framework was introduced by Ward and Griffiths in 1996. This framework included the major risk identification categories as: project size, project complexity, people issues, project control, novelty and requirements stability. In recent decade, risk identification has become a difficult task due to the complexity of the projects; nevertheless, each project is unique and its risks can arise from the interdependencies of the factors that might not have been considered before. Considering these complexities, academics and researchers currently have identified IS project risk factors in broader areas that could potentially arise in IS projects. Cadle & Yeates ( 2008) have introduced a risk break down structure that comprises of six sub categories (risk factors): commercial risks, relationship risks, requirements risks, planning and resource risks, technical risks, subcontract risks (Figure 2).
Copyright © Eashani Rodrigo 6 Figure 2: Risk breakdown structure (Cadle & Yeates, 2008) Similarly, Bocij, Greasley and Hickie (2015) have discussed seven major risk identification categories or risk factors identified by Baccarini, Salm and Love (2004). Namely, they are: “Commercial and legal relationships, Economic circumstances, Political circumstances, Human behaviour, Technology and technical issues, Management activities and controls and Individual activities”. These major seven risk categories included 27 common IT risks factors. For an example: commercial and legal relationships category includes risk factors such as: inadequate third part performance, resistance between clients and contractors; economic circumstances category includes risks factors such as: changing market conditions, harmful competitive actions and etc.; human behaviour factors include insufficient staff, poor quality and etc.; political circumstances includes factors such as: unsupportive organizational culture, parties within the organisation, lack of executive support; technology and technical issues include the factors such as: inadequate user documentation, technical limitations of the software solution and poor production etc.; management activities and controls category includes the risk factors such as an unreasonable project schedule and budget; and individual activities category includes over-specification and unrealistic expectations etc.
Copyright © Eashani Rodrigo 7 Case Study Analysis Case A – Deploying IT/IS Projects in Omani Government Organizations In a research case study presented by Al-Wohaibi, Masoud & Edwards (2002) have discussed the cultural/organizational risk factors involved in implementing IT projects in Oman. They also have discussed the strategies needed to deal with those identified risks. In their case study, the researchers have compared the risk factors arising in the context Omani culture with the risk factors reported in previous literature. Through this analysis they have found that the most techniques being adopted in software development were mostly focused on technical aspects of the problem; people aspect were seen as secondary. As result the IS projects have continued to fail. Therefore, they suggest in practical scenario it is essential to consider information systems as social system instead of purely technical system. They have also highlighted that cultural and organizational dimensions majorly effect on IS project success and therefore these aspects should be considered when identifying risk factors. As the framework for the data observation, they have used three risk categories: human resource deficiency, organisational inefficiencies and immaturity of the IT business culture. Using Delphi method as data collection, based on this framework the expert discussion groups have identified more risk factors that are specific to the Omani government organizations. Table 1 presents the their observation on identified risk factors that affects IT/IS deployment in government organizations in Oman and have indicated whether those factors have been discussed in previous literature.
Copyright © Eashani Rodrigo 8 Table 1: Summary of Risk Factors Observed in Oman (Al-Wohaibi, Masoud & Edwards, 2002) Their observation shows that some of the risk factors that have observed are already been discussed in academic literature. However, they have identified some unique risk factors (non-technical IT management, lack of unified IT strategy, lack of collaboration and lack of public oversights) that impact the success of their government organizations‟ IS projects. The researchers believe that these are unique risk factors to their context and these factors impact Oman IS projects in greater extend due to Omani organizations‟ low familiarity with complex IT systems. Case B – Identifying software project risks in Nigeria: an International Comparative Study In this research case study, presented by Anja Mursu, Kalle Lyytinen, HA Soriyan & Mikko Korpela (2003), is aimed at identifying software project risks and risk rankings in Nigeria comparing to similar international study carried out to rank common IS project risk factors in three countries: US, Finland and Hong Kong. The researchers have used Delphi method to collect data for this case study, repeating the research design used in the international Delphi study carried out by Schmidt et al. (2001) on identifying and ranking IS projects risk factors in US, Finland and Hong Kong. As for the data collection framework, initially the common risk factors were organized based on the
Copyright © Eashani Rodrigo 9 same classification as the Schmidt et al. (2001) international study. Then, a panel of Nigerian software development experts was questioned on most common risk factors in Nigeria and the comparative importance of each factor. Even though the researchers initially used Schmidt et al. (2001) risk factor categories such as corporate environment, political environment, they identified that the risk factors in Schmidt et al. (2001) did not include focus on the socio-economic context. In contrast, the research team - Mursu et al. (2003), identified several risk factors that are considerably different from the factors included in the earlier international study, and they found these the risk factors identified in their list was mainly focused on socio-economic context rather than corporate environment. Therefore, the research team had to add one additional category for the existing risk factor to the framework as: socio-economic context. Under this category, they identified six risk factors that are unique to the Nigerian context; these unique IS project risk factors are: “Under funding of development, Import of foreign packages, Energy supply, IT awareness in the country, Huge capital requirements and Erratic and unreliable data network”. By analysing these risk factors, researchers found that the rankings they obtained indicate the importance of the infrastructure related socio-economic IS project risks in countries like Nigeria; which are developing countries. Therefore, they have highlighted the importance of understanding broader socio-economic context when identifying risk factors in managing IS projects. They also have highlighted in practical context, which different countries‟ may have different rankings to the common the risk factors identified by literature; therefore, all these aspects needs to be considered when identifying risk factors in IS projects.
Copyright © Eashani Rodrigo 10 Discussion This research was aimed at finding answers to two research question (1) What are the IS projects‟ risk factors identified by scholars (risk identification frameworks) and (2) Are those risk factors being similarly identified in practical scenario, if not what are the risk factors that can be newly identified in practical IS project management. In the process of finding answers to the first question, the study reviewed previous literature and analysed current risk identification frameworks and risk factors in IS projects management identified by academics. In this analysis, the study found several frameworks that are popular in risk identification literature. One of those frameworks is Ward and Griffiths (1996) „major risk identification categories‟ which mainly focussed on the technical aspects and the resources of the project such as: project size, project complexity, people issues, project control and etc. The literature, which have been published in recent decade shows broader risk identification categories, which the previous risk identification frameworks has been updated with additional aspects for risk identification categories. Therefore, it was evident that risk identification frameworks have been updated periodically due to the increasing complexity of the projects. Initially the risk factors‟ was on the project resources such as people, process and technology and the internal factors of organizations that can affect the project. However, as the complexity and the interdependencies of factors have increased, the researchers have attempted to identify framework and structures that present all possible risk factors in IS projects. These factors have focussed not only internal factors but also external factors such as Commercial and legal relationships, Economic circumstances and Political circumstances (i.e. as shown in risk breakdown structure (Figure 1) introduced by Cadle & Yeates ( 2008) ). Therefore, it was evident that due to complexity of the project the academic frameworks continued on updating on the risk identification categories to support the practical adoption of these frame works in to the different industry contexts. The second question of this research was aimed at finding whether these academic frameworks or IS project risk factors are adoptable for the practical usage and are there any risk identification categories that needs to be focussed when identifying risks in practical scenario is IS project risk management. To find answers to this question a detailed analysis was carried out on two distinct systematic industry case studies.
Copyright © Eashani Rodrigo 11 In Case A – Fundamental Risk Factors in Deploying IT/IS Projects in Omani Government Organizations, the researchers Al-Wohaibi, Masoud & Edwards (2002) have studied the risk factors affecting Omani government organizations. In their study they identified, there are common risk factors that affect their context that have been reported literature, however they also identified unique risk factors that can have a major impact to the success of their projects that needs to be considered in the Omani government organizations‟ IS project management. Therefore, it is evident that the projects risk factors can change depending on the cultural and organizational factors. Each country may have additional unique set of risk factors that needs to be considered in cultural and organizational aspects. They have also identified that in practical IS project risk management, most organizations focus mainly on the technical issues of the project and tend to neglect people aspects when identifying risk factors, which leads to IS project failure. Therefore, in practical context it is evident that the organizations should focus on all aspects of risk identification categorizations without solely focusing on technical aspects. In Case B - Identifying software project risks in Nigeria: an International Comparative Study, the researchers Anja Mursu, Kalle Lyytinen, HA Soriyan & Mikko Korpela (2003), have studied the risk factors and risk rankings of the IS project management risk in Nigerian context. In their study, they have compared common risk factors from international study conducted on three countries: US, Finland and Hon Kong and used their common risk factors as the framework. The study found that the rankings of the risk factors majorly differed from the other countries common risk factor rankings and they identified additional risk factors that are unique to the Nigerian context. As a result, they added a new risk factor category to their list as socio-economic context. Therefore, it is evident that even though there are common risk factors or frameworks that can be adopted by practitioners, still there are unique risk factors to different countries based on their socio-economic context. Therefore, all these aspects should be considered when identifying risk factors in different IT project in practical context. Moreover, the common risks factors may have different impact on various countries and various projects, therefore the risk identification should be carried out individually for each project considering all the possible aspects depending on the context. These case studies findings shows that even there are common risk factors that can be adapted by academic frameworks, there are unique risk factors for each project that can impact the success of the IS project. Therefore in practical scenario there are new aspects that
Copyright © Eashani Rodrigo 12 should be considered for risk identification (i.e. cultural and organizational aspect, socio- economic aspects); moreover, the relatedness of common risk factors will differ depending on the context (i.e. the country, culture, organization type) of the IT project. Conclusion In conclusion, based on these case study findings on practical scenario, it was evident that current industry practices adopt common risk identification frameworks for their IS project risk management practices and there are common risk factors that are similar to the industry identified risk factors. However, the success of adoption of these frameworks are questionable as there are unique risk factors that can majorly impact the IS project. Therefore, in practical IS project risk identification practices, the project managers should consider the common risk factors as well the unique risk factors that can impact the specific project. However, there can be implications when identifying unique risk factors in practical IS project management in different context. The complexity of the project and lack of knowledge in every aspect of the project or the context may limit the successful identification of accurate risk factors. Another implication is the time limitation. The risk identification is the time consuming process, the project stakeholder involvement in project risk identification and the requirement to consider many aspects of the project may not be practical with the project time-frames.
Copyright © Eashani Rodrigo 13 References Bocij, P., Greasley, A. & Hickie, S. (2015) Business Information Systems: Technology, Development and Management for the E-Business. 5th edn. London: Pearson. Cadle, J. & Yeates, D. (2008) Project Management for Information Systems, 5th edn. London: Pearson. Ward, J., & Griffiths, P.M. (1996) Strategic Planning for Information Systems. New York: John Wiley and Sons Schwalbe, K. (2009) Introduction to Project Management, 2nd edn. Boston, Mass.: Course Technology. Mohtashami, M., Marlowe, T., Kirova, V., & Deek, F.P. (2006) „Risk Management for Collaborative Software Development‟, Information Systems Management, 23 (4), pp. 20-30. Al-Wohaibi, M. A., Masoud, F. A., & Edwards, H. M. (2002) „Fundamental Risk Factors in Deploying IT/IS Projects in Omani Government Organizations‟, Journal of Global Information Management, 10(4), pp. 1-22. Mursu,A., Lyytinen, K., Soriyan, H.A. & Korpela, M. (2003) „Identifying software project risks in Nigeria: an International Comparative Study‟, European Journal of Information Systems, 12, pp. 182-194. Schmidt, R., Lyytinen. K., Keil, M. & Cule, P. (2001) „Identifying Software Project Risks: An International Delphi Study‟, Journal of Management, 17(4), pp.5–36.

Recommended

5 joseph injodey final paper
5 joseph injodey final paper5 joseph injodey final paper
5 joseph injodey final paperAlexander Decker
 
F0343033037
F0343033037F0343033037
F0343033037inventionjournals
 
Audit risk assessment and detection of misstatements in annual reports
Audit risk assessment and detection of misstatements in annual reportsAudit risk assessment and detection of misstatements in annual reports
Audit risk assessment and detection of misstatements in annual reportsAlexander Decker
 
Relative risk benchmarking enabling better decision making for managing infor...
Relative risk benchmarking enabling better decision making for managing infor...Relative risk benchmarking enabling better decision making for managing infor...
Relative risk benchmarking enabling better decision making for managing infor...IAEME Publication
 
IRJET- Risk Management in Construction: A Literature Review
IRJET- Risk Management in Construction: A Literature ReviewIRJET- Risk Management in Construction: A Literature Review
IRJET- Risk Management in Construction: A Literature ReviewIRJET Journal
 
ASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESS
ASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESSASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESS
ASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESSRobin Beregovska
 
1 Contemporary Approaches in Management of Risk in .docx
1 Contemporary Approaches in Management of Risk in .docx1 Contemporary Approaches in Management of Risk in .docx
1 Contemporary Approaches in Management of Risk in .docxoswald1horne84988
 
PORM: Predictive Optimization of Risk Management to Control Uncertainty Probl...
PORM: Predictive Optimization of Risk Management to Control Uncertainty Probl...PORM: Predictive Optimization of Risk Management to Control Uncertainty Probl...
PORM: Predictive Optimization of Risk Management to Control Uncertainty Probl...IJECEIAES
 

Recommended

5 joseph injodey final paper
5 joseph injodey final paper5 joseph injodey final paper
5 joseph injodey final paperAlexander Decker
 
F0343033037
F0343033037F0343033037
F0343033037inventionjournals
 
Audit risk assessment and detection of misstatements in annual reports
Audit risk assessment and detection of misstatements in annual reportsAudit risk assessment and detection of misstatements in annual reports
Audit risk assessment and detection of misstatements in annual reportsAlexander Decker
 
Relative risk benchmarking enabling better decision making for managing infor...
Relative risk benchmarking enabling better decision making for managing infor...Relative risk benchmarking enabling better decision making for managing infor...
Relative risk benchmarking enabling better decision making for managing infor...IAEME Publication
 
IRJET- Risk Management in Construction: A Literature Review
IRJET- Risk Management in Construction: A Literature ReviewIRJET- Risk Management in Construction: A Literature Review
IRJET- Risk Management in Construction: A Literature ReviewIRJET Journal
 
ASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESS
ASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESSASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESS
ASSESSING THE RELATIONSHIP EFFECTIVE RISK ANALYSIS HAVE ON BUSINESS SUCCESSRobin Beregovska
 
1 Contemporary Approaches in Management of Risk in .docx
1 Contemporary Approaches in Management of Risk in .docx1 Contemporary Approaches in Management of Risk in .docx
1 Contemporary Approaches in Management of Risk in .docxoswald1horne84988
 
PORM: Predictive Optimization of Risk Management to Control Uncertainty Probl...
PORM: Predictive Optimization of Risk Management to Control Uncertainty Probl...PORM: Predictive Optimization of Risk Management to Control Uncertainty Probl...
PORM: Predictive Optimization of Risk Management to Control Uncertainty Probl...IJECEIAES
 
Carry out a systematic literature review on the application of mac
Carry out a systematic literature review on the application of macCarry out a systematic literature review on the application of mac
Carry out a systematic literature review on the application of macTawnaDelatorrejs
 
Running Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docx
Running Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docxRunning Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docx
Running Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docxhealdkathaleen
 
RISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITY
RISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITYRISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITY
RISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITYAshim Sharma
 
10120140506004 2
10120140506004 210120140506004 2
10120140506004 2IAEME Publication
 
10120140506004 2
10120140506004 210120140506004 2
10120140506004 2IAEME Publication
 
Establishing risk management factors for construction projects in iraq
Establishing risk management factors for construction projects in iraqEstablishing risk management factors for construction projects in iraq
Establishing risk management factors for construction projects in iraqIAEME Publication
 
ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ
ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ
ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ IAEME Publication
 
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTSRISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTSIRJET Journal
 
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTSRISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTSIRJET Journal
 
1729-4874-1-PB (1).pdf
1729-4874-1-PB (1).pdf1729-4874-1-PB (1).pdf
1729-4874-1-PB (1).pdfadisutsagaye
 
Risk management Phase 1-5 Individual Project.docx
Risk management Phase 1-5 Individual Project.docxRisk management Phase 1-5 Individual Project.docx
Risk management Phase 1-5 Individual Project.docxjoellemurphey
 
Essay On Risk Management
Essay On Risk ManagementEssay On Risk Management
Essay On Risk ManagementCustom Paper Services Swainsboro
 
Security Risk Management Essay
Security Risk Management EssaySecurity Risk Management Essay
Security Risk Management EssayApa Papers For Sale Trinity
 
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docxINTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docxMargenePurnell14
 
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docxINTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docxbagotjesusa
 
2020) Comparison Of Risk Management Analysis Between Pmbok
2020) Comparison Of Risk Management Analysis Between Pmbok2020) Comparison Of Risk Management Analysis Between Pmbok
2020) Comparison Of Risk Management Analysis Between PmbokAnna Landers
 
IRJET- Risk Management in the Construction Project: Review
IRJET- Risk Management in the Construction Project: ReviewIRJET- Risk Management in the Construction Project: Review
IRJET- Risk Management in the Construction Project: ReviewIRJET Journal
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk managementkris489049
 
Project risk management model based on prince2 and scrum frameworks
Project risk management model based on prince2 and scrum frameworksProject risk management model based on prince2 and scrum frameworks
Project risk management model based on prince2 and scrum frameworksijseajournal
 
MBA 6941, Managing Project Teams 1 Course Learning Ou.docx
MBA 6941, Managing Project Teams 1 Course Learning Ou.docx MBA 6941, Managing Project Teams 1 Course Learning Ou.docx
MBA 6941, Managing Project Teams 1 Course Learning Ou.docxaryan532920
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 

More Related Content

Similar to IS Project Risk Management: Risk Factors in IS Project Management

Carry out a systematic literature review on the application of mac
Carry out a systematic literature review on the application of macCarry out a systematic literature review on the application of mac
Carry out a systematic literature review on the application of macTawnaDelatorrejs
 
Running Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docx
Running Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docxRunning Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docx
Running Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docxhealdkathaleen
 
RISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITY
RISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITYRISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITY
RISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITYAshim Sharma
 
Establishing risk management factors for construction projects in iraq
Establishing risk management factors for construction projects in iraqEstablishing risk management factors for construction projects in iraq
Establishing risk management factors for construction projects in iraqIAEME Publication
 
ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ
ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ
ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ IAEME Publication
 
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTSRISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTSIRJET Journal
 
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTSRISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTSIRJET Journal
 
1729-4874-1-PB (1).pdf
1729-4874-1-PB (1).pdf1729-4874-1-PB (1).pdf
1729-4874-1-PB (1).pdfadisutsagaye
 
Risk management Phase 1-5 Individual Project.docx
Risk management Phase 1-5 Individual Project.docxRisk management Phase 1-5 Individual Project.docx
Risk management Phase 1-5 Individual Project.docxjoellemurphey
 
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docxINTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docxMargenePurnell14
 
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docxINTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docxbagotjesusa
 
2020) Comparison Of Risk Management Analysis Between Pmbok
2020) Comparison Of Risk Management Analysis Between Pmbok2020) Comparison Of Risk Management Analysis Between Pmbok
2020) Comparison Of Risk Management Analysis Between PmbokAnna Landers
 
IRJET- Risk Management in the Construction Project: Review
IRJET- Risk Management in the Construction Project: ReviewIRJET- Risk Management in the Construction Project: Review
IRJET- Risk Management in the Construction Project: ReviewIRJET Journal
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk managementkris489049
 
Project risk management model based on prince2 and scrum frameworks
Project risk management model based on prince2 and scrum frameworksProject risk management model based on prince2 and scrum frameworks
Project risk management model based on prince2 and scrum frameworksijseajournal
 
MBA 6941, Managing Project Teams 1 Course Learning Ou.docx
MBA 6941, Managing Project Teams 1 Course Learning Ou.docx MBA 6941, Managing Project Teams 1 Course Learning Ou.docx
MBA 6941, Managing Project Teams 1 Course Learning Ou.docxaryan532920
 

Similar to IS Project Risk Management: Risk Factors in IS Project Management (20)

Carry out a systematic literature review on the application of mac
Carry out a systematic literature review on the application of macCarry out a systematic literature review on the application of mac
Carry out a systematic literature review on the application of mac
 
Running Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docx
Running Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docxRunning Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docx
Running Head CURRENT TECHNIQUES IMPLEMENTED IN CONSTRUCTION INDUS.docx
 
RISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITY
RISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITYRISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITY
RISK MANAGEMENT: ISSUES, CHALLENGES AND OPPORTUNITY
 
10120140506004 2
10120140506004 210120140506004 2
10120140506004 2
 
10120140506004 2
10120140506004 210120140506004 2
10120140506004 2
 
Establishing risk management factors for construction projects in iraq
Establishing risk management factors for construction projects in iraqEstablishing risk management factors for construction projects in iraq
Establishing risk management factors for construction projects in iraq
 
ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ
ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ
ESTABLISHING RISK MANAGEMENT FACTORS FOR CONSTRUCTION PROJECTS IN IRAQ
 
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTSRISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
 
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTSRISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
RISK ASSESSMENT OF CONSTRUCTION BUILDING PROJECTS
 
1729-4874-1-PB (1).pdf
1729-4874-1-PB (1).pdf1729-4874-1-PB (1).pdf
1729-4874-1-PB (1).pdf
 
Risk management Phase 1-5 Individual Project.docx
Risk management Phase 1-5 Individual Project.docxRisk management Phase 1-5 Individual Project.docx
Risk management Phase 1-5 Individual Project.docx
 
Essay On Risk Management
Essay On Risk ManagementEssay On Risk Management
Essay On Risk Management
 
Security Risk Management Essay
Security Risk Management EssaySecurity Risk Management Essay
Security Risk Management Essay
 
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docxINTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
 
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docxINTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
INTERNATIONAL JOURNAL OF INFORMATION SECURITY SCIENCE Walid.docx
 
2020) Comparison Of Risk Management Analysis Between Pmbok
2020) Comparison Of Risk Management Analysis Between Pmbok2020) Comparison Of Risk Management Analysis Between Pmbok
2020) Comparison Of Risk Management Analysis Between Pmbok
 
IRJET- Risk Management in the Construction Project: Review
IRJET- Risk Management in the Construction Project: ReviewIRJET- Risk Management in the Construction Project: Review
IRJET- Risk Management in the Construction Project: Review
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
 
Project risk management model based on prince2 and scrum frameworks
Project risk management model based on prince2 and scrum frameworksProject risk management model based on prince2 and scrum frameworks
Project risk management model based on prince2 and scrum frameworks
 
MBA 6941, Managing Project Teams 1 Course Learning Ou.docx
MBA 6941, Managing Project Teams 1 Course Learning Ou.docx MBA 6941, Managing Project Teams 1 Course Learning Ou.docx
MBA 6941, Managing Project Teams 1 Course Learning Ou.docx
 

Recently uploaded

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

IS Project Risk Management: Risk Factors in IS Project Management

  • 1. Research Essay IS Project Risk Management: Risk Factors in IS Project Management Author: Eashani Rodrigo 5/9/2017
  • 2. Copyright © Eashani Rodrigo 1 Contents Introduction..........................................................................................................................2 Literature review..................................................................................................................4 Risk Management Process..................................................................................................4 Risk Identification – IS project risk factors........................................................................5 Case Study Analysis .............................................................................................................7 Case A – Deploying IT/IS Projects in Omani Government Organizations........................7 Case B – Identifying software project risks in Nigeria: an International Comparative Study...................................................................................................................................8 Discussion............................................................................................................................10 Conclusion...........................................................................................................................12 References ...........................................................................................................................13
  • 3. Copyright © Eashani Rodrigo 2 Introduction The success of a project depends on how it is being managed. Organizations across different industries use formal project management methodologies and best practices for the successful management of their various projects. One of the most critical project management functions is the „Project Risk Management‟. Every project comes with inevitable risk factors that impact the success of the project. In any project management environment, either it is construction, information technology, telecommunications and financial services etc., proper project risk management should be followed in order to reduce and eliminate possible unexpected project risks and to help resolving problems if they occurred. According to Schwalbe (2009), risks are “uncertain events that may occur to the detriment or enhance of the project”, therefore the project risk management is aimed at “minimizing negative risk events and maximizing positive events”. In recent years, with the increasing complexity of the projects and changing business environments, the uncertainty of the project outcomes is in continual increase. This has resulted in making the risk management an important function in project management. Many researchers have found that process of risk management is a critical function for the success of the projects and it is essential to the development of profitability, especially in large-scale projects (Cadle & Yeates, 2008; Mohtashami et al, 2006). To achieve success in IT projects, the IT (Information Technology) industry is increasingly adopting risk management processes in their IS (Information Systems) project management practices. In IS project management, risk management involves all processes concerned with risk identification, risk analysis, and response to project risks (Schwalbe, 2009). From these processes, most critical process is considered as the „risk identification‟ or identifying the risk factors; which is the first step in managing successful IS development risks. Even though there are considerable attempts of academics to identify, classify, and compare IS project risk factors, there are not enough evidence to support the idea that industry practices use these frameworks in practical project management. Industry experts argue that these IS project risk factors identified by academics are not always applicable in the practical scenarios and there are other aspects to be considered when identifying IS project risks (Mursu et al., 2003). Therefore, this research focuses on identifying IS project risk factors in practical IS project management practices. Based on this research focus, this research aims to find answers for two questions:
  • 4. Copyright © Eashani Rodrigo 3 (1) What are the IS projects‟ risk factors identified by scholars (risk identification frameworks)? (2) Are those risk factors being similarly identified in practical scenario, if not what are the risk factors that can be newly identified in practical IS project management? In order to find answers to those questions, this study will survey through academic literature to find IS projects‟ risk factors identified by academics, and it will analyse few industry case studies and systematic industry studies on IS project risk management to find answers for the practical identification of IS project risk factors. With the intention of providing knowledge in identifying IS project risk factors for practical IS project management practices, this research wishes to benefit IT organizations who follow risk management processes for successful IS project management. The next section of this essay highlights the literature review on the existing research on selected area, which will be followed by the evidence drawn case studies on practical scenario. Finally, it will discuss the research findings, which will be followed by the research conclusion.
  • 5. Copyright © Eashani Rodrigo 4 Literature review Risk Management Process According to Mohtashami et al. (2006), IS project risk management deals with “anticipating, preventing, and mitigating problems arising in the software product, project or process”. In their research paper, they discuss a risk management framework, which comprise of major functions such as: “identifying and categorizing risk types, planning to avoid possible risk, and otherwise detect, mitigate, and recover from risks when they occur”. James Cadle and Donald Yeates (2008) in their book, “Project Management for Information Systems”, have discussed a risk management process with five sub-processes. These sub processes include: plan risk management approach, identifying risks, assess risks, plan risk responses and carry out risk reductions actions (Figure 1). Figure 1: The Risk Management Process (Cadle & Yeates, 2008)
  • 6. Copyright © Eashani Rodrigo 5 All these risk processes which have been introduced by different academics, have three sub- processes in common, and these are: risk identification, risk analysis and risk responses. Risk identification is the first step of any risk management process and this involves in discovering what the risks are. Once the various risks are identified and described, the next - step risk analysis is involved with assessing risks based on their impact and likelihood. As the final step, after the risks were identified and the effects are being quantified, necessary actions should be taken. There are four main responses (actions) to a risk: risk acceptance, risk avoidance, risk mitigation and risk transfer (Cadle & Yeates, 2008). Risk Identification – IS project risk factors Risk identification is the first and the most critical step of the risk identification process. This initial process provides the input to entire risk management function and the outcome of the risk management function depends on the accurate identification of the project‟s risks. Therefore, it is important to identify all the possible risks of the project, also it is important to identify possible risks at the early stages of the project in order to minimize the costs of the risks. One of the well-known initial risk identification framework was introduced by Ward and Griffiths in 1996. This framework included the major risk identification categories as: project size, project complexity, people issues, project control, novelty and requirements stability. In recent decade, risk identification has become a difficult task due to the complexity of the projects; nevertheless, each project is unique and its risks can arise from the interdependencies of the factors that might not have been considered before. Considering these complexities, academics and researchers currently have identified IS project risk factors in broader areas that could potentially arise in IS projects. Cadle & Yeates ( 2008) have introduced a risk break down structure that comprises of six sub categories (risk factors): commercial risks, relationship risks, requirements risks, planning and resource risks, technical risks, subcontract risks (Figure 2).
  • 7. Copyright © Eashani Rodrigo 6 Figure 2: Risk breakdown structure (Cadle & Yeates, 2008) Similarly, Bocij, Greasley and Hickie (2015) have discussed seven major risk identification categories or risk factors identified by Baccarini, Salm and Love (2004). Namely, they are: “Commercial and legal relationships, Economic circumstances, Political circumstances, Human behaviour, Technology and technical issues, Management activities and controls and Individual activities”. These major seven risk categories included 27 common IT risks factors. For an example: commercial and legal relationships category includes risk factors such as: inadequate third part performance, resistance between clients and contractors; economic circumstances category includes risks factors such as: changing market conditions, harmful competitive actions and etc.; human behaviour factors include insufficient staff, poor quality and etc.; political circumstances includes factors such as: unsupportive organizational culture, parties within the organisation, lack of executive support; technology and technical issues include the factors such as: inadequate user documentation, technical limitations of the software solution and poor production etc.; management activities and controls category includes the risk factors such as an unreasonable project schedule and budget; and individual activities category includes over-specification and unrealistic expectations etc.
  • 8. Copyright © Eashani Rodrigo 7 Case Study Analysis Case A – Deploying IT/IS Projects in Omani Government Organizations In a research case study presented by Al-Wohaibi, Masoud & Edwards (2002) have discussed the cultural/organizational risk factors involved in implementing IT projects in Oman. They also have discussed the strategies needed to deal with those identified risks. In their case study, the researchers have compared the risk factors arising in the context Omani culture with the risk factors reported in previous literature. Through this analysis they have found that the most techniques being adopted in software development were mostly focused on technical aspects of the problem; people aspect were seen as secondary. As result the IS projects have continued to fail. Therefore, they suggest in practical scenario it is essential to consider information systems as social system instead of purely technical system. They have also highlighted that cultural and organizational dimensions majorly effect on IS project success and therefore these aspects should be considered when identifying risk factors. As the framework for the data observation, they have used three risk categories: human resource deficiency, organisational inefficiencies and immaturity of the IT business culture. Using Delphi method as data collection, based on this framework the expert discussion groups have identified more risk factors that are specific to the Omani government organizations. Table 1 presents the their observation on identified risk factors that affects IT/IS deployment in government organizations in Oman and have indicated whether those factors have been discussed in previous literature.
  • 9. Copyright © Eashani Rodrigo 8 Table 1: Summary of Risk Factors Observed in Oman (Al-Wohaibi, Masoud & Edwards, 2002) Their observation shows that some of the risk factors that have observed are already been discussed in academic literature. However, they have identified some unique risk factors (non-technical IT management, lack of unified IT strategy, lack of collaboration and lack of public oversights) that impact the success of their government organizations‟ IS projects. The researchers believe that these are unique risk factors to their context and these factors impact Oman IS projects in greater extend due to Omani organizations‟ low familiarity with complex IT systems. Case B – Identifying software project risks in Nigeria: an International Comparative Study In this research case study, presented by Anja Mursu, Kalle Lyytinen, HA Soriyan & Mikko Korpela (2003), is aimed at identifying software project risks and risk rankings in Nigeria comparing to similar international study carried out to rank common IS project risk factors in three countries: US, Finland and Hong Kong. The researchers have used Delphi method to collect data for this case study, repeating the research design used in the international Delphi study carried out by Schmidt et al. (2001) on identifying and ranking IS projects risk factors in US, Finland and Hong Kong. As for the data collection framework, initially the common risk factors were organized based on the
  • 10. Copyright © Eashani Rodrigo 9 same classification as the Schmidt et al. (2001) international study. Then, a panel of Nigerian software development experts was questioned on most common risk factors in Nigeria and the comparative importance of each factor. Even though the researchers initially used Schmidt et al. (2001) risk factor categories such as corporate environment, political environment, they identified that the risk factors in Schmidt et al. (2001) did not include focus on the socio-economic context. In contrast, the research team - Mursu et al. (2003), identified several risk factors that are considerably different from the factors included in the earlier international study, and they found these the risk factors identified in their list was mainly focused on socio-economic context rather than corporate environment. Therefore, the research team had to add one additional category for the existing risk factor to the framework as: socio-economic context. Under this category, they identified six risk factors that are unique to the Nigerian context; these unique IS project risk factors are: “Under funding of development, Import of foreign packages, Energy supply, IT awareness in the country, Huge capital requirements and Erratic and unreliable data network”. By analysing these risk factors, researchers found that the rankings they obtained indicate the importance of the infrastructure related socio-economic IS project risks in countries like Nigeria; which are developing countries. Therefore, they have highlighted the importance of understanding broader socio-economic context when identifying risk factors in managing IS projects. They also have highlighted in practical context, which different countries‟ may have different rankings to the common the risk factors identified by literature; therefore, all these aspects needs to be considered when identifying risk factors in IS projects.
  • 11. Copyright © Eashani Rodrigo 10 Discussion This research was aimed at finding answers to two research question (1) What are the IS projects‟ risk factors identified by scholars (risk identification frameworks) and (2) Are those risk factors being similarly identified in practical scenario, if not what are the risk factors that can be newly identified in practical IS project management. In the process of finding answers to the first question, the study reviewed previous literature and analysed current risk identification frameworks and risk factors in IS projects management identified by academics. In this analysis, the study found several frameworks that are popular in risk identification literature. One of those frameworks is Ward and Griffiths (1996) „major risk identification categories‟ which mainly focussed on the technical aspects and the resources of the project such as: project size, project complexity, people issues, project control and etc. The literature, which have been published in recent decade shows broader risk identification categories, which the previous risk identification frameworks has been updated with additional aspects for risk identification categories. Therefore, it was evident that risk identification frameworks have been updated periodically due to the increasing complexity of the projects. Initially the risk factors‟ was on the project resources such as people, process and technology and the internal factors of organizations that can affect the project. However, as the complexity and the interdependencies of factors have increased, the researchers have attempted to identify framework and structures that present all possible risk factors in IS projects. These factors have focussed not only internal factors but also external factors such as Commercial and legal relationships, Economic circumstances and Political circumstances (i.e. as shown in risk breakdown structure (Figure 1) introduced by Cadle & Yeates ( 2008) ). Therefore, it was evident that due to complexity of the project the academic frameworks continued on updating on the risk identification categories to support the practical adoption of these frame works in to the different industry contexts. The second question of this research was aimed at finding whether these academic frameworks or IS project risk factors are adoptable for the practical usage and are there any risk identification categories that needs to be focussed when identifying risks in practical scenario is IS project risk management. To find answers to this question a detailed analysis was carried out on two distinct systematic industry case studies.
  • 12. Copyright © Eashani Rodrigo 11 In Case A – Fundamental Risk Factors in Deploying IT/IS Projects in Omani Government Organizations, the researchers Al-Wohaibi, Masoud & Edwards (2002) have studied the risk factors affecting Omani government organizations. In their study they identified, there are common risk factors that affect their context that have been reported literature, however they also identified unique risk factors that can have a major impact to the success of their projects that needs to be considered in the Omani government organizations‟ IS project management. Therefore, it is evident that the projects risk factors can change depending on the cultural and organizational factors. Each country may have additional unique set of risk factors that needs to be considered in cultural and organizational aspects. They have also identified that in practical IS project risk management, most organizations focus mainly on the technical issues of the project and tend to neglect people aspects when identifying risk factors, which leads to IS project failure. Therefore, in practical context it is evident that the organizations should focus on all aspects of risk identification categorizations without solely focusing on technical aspects. In Case B - Identifying software project risks in Nigeria: an International Comparative Study, the researchers Anja Mursu, Kalle Lyytinen, HA Soriyan & Mikko Korpela (2003), have studied the risk factors and risk rankings of the IS project management risk in Nigerian context. In their study, they have compared common risk factors from international study conducted on three countries: US, Finland and Hon Kong and used their common risk factors as the framework. The study found that the rankings of the risk factors majorly differed from the other countries common risk factor rankings and they identified additional risk factors that are unique to the Nigerian context. As a result, they added a new risk factor category to their list as socio-economic context. Therefore, it is evident that even though there are common risk factors or frameworks that can be adopted by practitioners, still there are unique risk factors to different countries based on their socio-economic context. Therefore, all these aspects should be considered when identifying risk factors in different IT project in practical context. Moreover, the common risks factors may have different impact on various countries and various projects, therefore the risk identification should be carried out individually for each project considering all the possible aspects depending on the context. These case studies findings shows that even there are common risk factors that can be adapted by academic frameworks, there are unique risk factors for each project that can impact the success of the IS project. Therefore in practical scenario there are new aspects that
  • 13. Copyright © Eashani Rodrigo 12 should be considered for risk identification (i.e. cultural and organizational aspect, socio- economic aspects); moreover, the relatedness of common risk factors will differ depending on the context (i.e. the country, culture, organization type) of the IT project. Conclusion In conclusion, based on these case study findings on practical scenario, it was evident that current industry practices adopt common risk identification frameworks for their IS project risk management practices and there are common risk factors that are similar to the industry identified risk factors. However, the success of adoption of these frameworks are questionable as there are unique risk factors that can majorly impact the IS project. Therefore, in practical IS project risk identification practices, the project managers should consider the common risk factors as well the unique risk factors that can impact the specific project. However, there can be implications when identifying unique risk factors in practical IS project management in different context. The complexity of the project and lack of knowledge in every aspect of the project or the context may limit the successful identification of accurate risk factors. Another implication is the time limitation. The risk identification is the time consuming process, the project stakeholder involvement in project risk identification and the requirement to consider many aspects of the project may not be practical with the project time-frames.
  • 14. Copyright © Eashani Rodrigo 13 References Bocij, P., Greasley, A. & Hickie, S. (2015) Business Information Systems: Technology, Development and Management for the E-Business. 5th edn. London: Pearson. Cadle, J. & Yeates, D. (2008) Project Management for Information Systems, 5th edn. London: Pearson. Ward, J., & Griffiths, P.M. (1996) Strategic Planning for Information Systems. New York: John Wiley and Sons Schwalbe, K. (2009) Introduction to Project Management, 2nd edn. Boston, Mass.: Course Technology. Mohtashami, M., Marlowe, T., Kirova, V., & Deek, F.P. (2006) „Risk Management for Collaborative Software Development‟, Information Systems Management, 23 (4), pp. 20-30. Al-Wohaibi, M. A., Masoud, F. A., & Edwards, H. M. (2002) „Fundamental Risk Factors in Deploying IT/IS Projects in Omani Government Organizations‟, Journal of Global Information Management, 10(4), pp. 1-22. Mursu,A., Lyytinen, K., Soriyan, H.A. & Korpela, M. (2003) „Identifying software project risks in Nigeria: an International Comparative Study‟, European Journal of Information Systems, 12, pp. 182-194. Schmidt, R., Lyytinen. K., Keil, M. & Cule, P. (2001) „Identifying Software Project Risks: An International Delphi Study‟, Journal of Management, 17(4), pp.5–36.