Risk identification and project approval: an importance-performance analysis of taxonomy-based risks in Information Technology projects

Da Silva, Tiago Ferreira

01 December 2010

The dissemination of project management practices is consolidating project as a great mean of achieving an organization's strategic plan (PMI, 2008, p. 10). But there are no resources and funds available to all, and competition among alternative projects is increasing. Funding institutions, government agencies, and credit rating organizations started considering project risk in project evaluation, instead of only using financial metrics such as ROI (Return on Investment) or NPV (Net Present Value). In order to obtain resources needed to implement projects, and thus contribute to an organization's objectives, it is necessary to identify the risks that have greater influence on project approval. This study applied the Importance-Performance Analysis (Martilla & James, 1977) to identify the main risk identification deficiencies for Information Technology (IT) project managers who apply for resources or funding approval. The identification was made possible by measuring IT project managers' perceptions of (1) the level of importance, or positive influence, which different risk categories have in project approval; (2) the level of performance they believe to have in the identification of these risks, meaning prior detection and registering; and (3) the gap between the measured levels of importance and performance. A survey listing 28 risk categories belonging to a validated risk taxonomy and 5-point Likert scales with different levels of importance and performance were presented to IT project managers from the central Illinois area. A total of 38 professionals answered the survey instrument, and verification of exclusion criteria resulted in an adjusted sample of 32 subjects. Descriptive statistics were used to compare mean values for each category, determining the gap between importance and performance levels for every category. The risk categories that presented the top three scores for importance were Scope uncertainty, Legal/regulatory, and Financial. The risk categories that represented the three greatest deficiencies or gaps (importance versus performance) for IT project approval were Contractual, Complexity, and Scope uncertainty.

Importance-Performance Analysis

IT Projects

Project Approval

Project Management

Risk Identification

Risk Management

Information Security Risk Assessment in Cloud

Faizi, Ana

January 2019

This research addresses the issue of information security risk assessment (ISRA) on cloud solutions implemented for large companies. Four companies were studied, of which three used cloud services and conducted ISRA, while one provided cloud services and consultancy to customers on ISRA. Data were gathered qualitatively to (1) analyze the cloud using companies’ practices and (2) to identify regularities observed by the cloud providing company. The COAT-hanger model, which focuses on theorizing the practices, was used to study the practices. The results showed that the companies aimed to follow the guidelines, in the form of frameworks or their own experience, to conduct ISRA; furthermore, the frameworks were altered to fit the companies’ needs. The results further indicated that one of the main concerns with the cloud ISRA was the absence of a culture that integrates risk management. In addition, the companies’ boards lacked interest in and/or awareness of risks associated with the cloud solutions. Finally, the finding also stressed the importance of a good understanding and a well written legal contract between the cloud providers and the companies utilizing the cloud services.

Information Security

Risk Assessment

Cloud Security

Risk Analysis

Risk Identification

Risk Evaluation

Practical Security

Computer Sciences

Datavetenskap (datalogi)

Supply Risk Management of Automotive Suppliers : Development in a Fluctuating Environment

Staudinger, Maximilian, Günl, Marius

January 2012

Background: The implementation of procurement concepts such as JIT or singlesourcing have resulted in the emergence of new supply risks forautomotive suppliers. The economic crisis in 2008 and volatiledemand in recent years had enormous impact on the sector.Consequently, in association with lean purchasing models, newdimensions of supply risks have emerged. This creates the need forautomotive suppliers to adapt and improve their supply riskmanagement in response to the increased risk potential. There hasbeen no research on how automotive suppliers have furtherdeveloped their supply risk management recently. Purpose: The purpose is to examine how automotive suppliers have adaptedtheir supply risk management in response to the fluctuatingeconomy since 2008. Frame of reference: In this section the Kraljic matrix and the risk management processare presented. The theories lead to a synthesis including the researchquestions for fulfilling the purpose. Method: This research is based on a qualitative multiple case study. In orderto gather the necessary in-depth data, four automotive suppliersfrom Germany and Northern Europe were interviewed by theauthors. Conclusions: Automotive suppliers have clearly reacted on increasedconsequences of supply risks. The general grown awareness andsensitivity have lead to the implementation of new managementtools. Particularly the cooperation between supply chain membershas considerably intensified and contributed to a better riskreduction. Moreover, the financial stability of vendors has risen inimportance and is considered more thoroughly. All the instrumentsand methods may, however, be more powerful and efficient ifautomotive suppliers had standardized and linked them into aconsecutive process.

supply risk management

automotive suppliers

risk management process

risk identification

risk assessment

risk management

risk monitoring

Kraljic matrix

fluctuating demand

Securing an ERP Implementation

Andersson, Mari-Louise

January 2008

An implementation project of an ERP system results in large changes. Organizations that face an ERP implementation project have several risks to consider in order to avoid problems that cause failures. The purpose of this research is to extend existing models and create a method for implementation of ERP systems. The method has then been employed to an ongoing project at the department of Procurement and Supply at Ericsson Mobile Platforms in Lund. Objectives for the research are to consider which implementation strategy can be used and how an organization can minimize risks. The research approach and methodology is influenced by the qualitative research method since it was necessary to gather qualitative facts instead of quantitative facts. Included is also a case study due to the research is executed within Ericsson Mobile Platforms in Lund. There are two main opposite implementation strategies, Big Bang and Step-by-Step. The choice of implementation strategy depends on number of factors like the size of the organizations, complexity and resources. A method of ERP implementation has been put forward as a result of the integrated models. The method includes an overall model and a check list. Risk identification is a problem that many implementation project faces, a way to solve this is to make a careful risk analysis, a risk matirx with several identified risks are putted forward throughout this study.

ERP implementation project

choice of implementation strategy

Risk identification

Method for implantation

Pre-study

Information Systems

Experimenteller Ansatz zu Effekten subjektiven Erlebens in VR-basierter Risikobeurteilung

Puschmann, Patrick, Horlitz, Tina, Wittstock, Volker, Schütz, Astrid

19 July 2017

Aus der Einleitung: "Die Anreicherung von digitalen geometrischen Modellen von Maschinen mit nichtgeometrischen technischen Informationen in einer frühen Phase der Produktentwicklung ist Stand der Technik. Für Testzwecke werden virtuelle Modelle, sogenannte Digital Mock-ups, eingesetzt. Diese werden durch Kombination der geometrischen Darstellung mit bestimmten Funktionalitäten (z. B. Multiphysik-Simulationen) zu sogenannten Functional Digital Mockups (FDMU) zielgerichtet weiterentwickelt (Eigner et al. 2011). Auf Basis spezifischer Kriterien und quantitativer Analysen dienen diese Tests vor allem der Vermeidung von Fehlern beim späteren Produkt. Virtual Reality (VR) Modelle können auch als eine Art FDMU angesehen werden, wenn z. B. durch Verbesserung der Vorstellbarkeit ergonomisch relevante Größenverhältnisse besser eingeschätzt werden. Ein hoher Immersionsgrad, der in der Regel mit zunehmender Anzahl von Projektionsflächen steigt (Dörner et al. 2013), und die Darstellung des VR-Modells im Maßstab 1:1 tragen dazu entscheidend bei. ..."

Produktentwicklung

Functional Digital Mockups (FDMU)

Anwendungsmöglichkeit

Risikoidentifizierung

Product Development

Functional Digital Mockups (FDMU)

Application

Risk Identification

ddc:620

rvk:ZG 9148

Identifikace rizik podnikatelského subjektu v oblasti marketingových služeb pomocí vybraných metod ekonomické a strategické analýzy / Business entity´s risks identification in the field of marketing services using selected methods of economic and strategic analysis

Presse, Michal

January 2017

This master’s thesis is focused on business entity’s risk identification in the field of marketing services by using selected methods of economic and strategic analysis. The selected methods are theoretically described in the first part of the thesis. Then, in the following part, we executed these selected methods and, based on the outcomes of these methods, risks are identified and evaluated. Further, three risks of the highest score were chosen and dealt with. Measures to decrease the value of each risk are formulated. At the very end, each of three risks, after the measures were implemented, is evaluated again to prove the suitability of the recommended solution.

Řízení rizik podnikatelského subjektu / Risk Management of a Business Entity

Zámečník, Josef

January 2017

The thesis deals with the risk management in Motortec s.r.o., a company that operates in the field of sales and maintenance service of passenger and commercial vehicles. The thesis is divided into the theoretical part, in which all the essential terms are defined that relate to the thesis itself, and an analytical part that employs the process of risk management. The process includes identification, analysis and subsequent remedies to risks identified. The identification of risks has been carried out using Porter's five forces analysis, SLEPT analysis and McKinsey 7S Framework. SWOT analysis has been carried out subsequently. The risks defined have been assessed using a scoring method and grouped into categories based on their severity. The last part includes measures to reduce the major risks that threaten the examined company.

Řízení rizik ve společnosti AT CAR, s.r.o. / Risk Management in the company AT CAR, s.r.o.

Kumstát, Petr

January 2017

Risk management in company AT CAR, s.r.o. with focus on its branch Brno is the main topic of this thesis. As for the risk management itself, the most important tasks are identification, analysis and reducing the possible risks. These processes are described and discussed in the theoretical part of the thesis, while it also introduces all important terms related to this topic. In the analytical part, the risks are identified using appropriate methods such as SLEPTE analysis, Porter’s Five Forces and 7S model. The risks identified are thereafter evaluated using the scoring method. In the last part, recommendations and measures for reducing the risk are presented.

Provoz dopravně spedičních firem a jeho rizika / Operation of transportation and haulage firms and its risks

Kůstková, Eliška

January 2017

The diploma thesis deals with risk management in a selected company, which is ČSAD LOGISTIK Ostrava, a. s. This thesis is divided into two parts, where the first part deals with the analysis of the current situation, which is the transport sector in the Czech Republic and its relevant legislation. Subsequently also deals with the terms related to the identification, analysis and elimination of risks. In the second part is the theoretical knowledge is applied in such a way, that from the results obtained with What IF and FMEA analyzes is later created a suggested plan for risk prevention and its elimination.

Riziková analýza v projektech dopravních staveb / Risk Analysis in Transport Infrastructure Projects

Hašek, Jiří

January 2019

The subject of the master’s thesis is a risk analysis in transport infrastructure projects. In the theoretical part, I deal with public sector, life cycle of the project, evaluation of public projects, conception of risk, clasification of risk, risk analysis and valuation of the risk. In the practical section I process risk analysis of the project in transport infrastucture.