Improving IT Risk Management Process by an Embedded Dynamic Verifier Core: Towards Reducing IT Projects Failure

Distributed IT projects exhibit certain features that make them fundamentally different from traditional co-located projects, not only involving additional steps and decisions, but also impacting the risk management process. The goal of this paper is to discuss these impacts and to suggest the development of an integrated risk management process taking into account site dispersion, time zone difference, and cultural boundaries not only at the operational, but also at the tactical and strategic level. We also report results of an exploratory case study conducted in a software development center (a Brazilian subsidiary of a U.S. corporation) in support of such a model, and conclude with a discussion of theoretical and practical implications of our work.

Download Full-text

Risk Management in Distributed IT Projects

E-Collaboration ◽

10.4018/978-1-60566-652-5.ch094 ◽

2009 ◽

pp. 1243-1257

Author(s):

Rafael Prikladnicki ◽

Roberto Evaristo ◽

Jorge Luis Nicolas Audy ◽

Marcelo Hideki Yamaguti

Keyword(s):

Risk Management ◽

Management Process ◽

Time Zone ◽

It Projects ◽

Cultural Boundaries ◽

Integrated Risk ◽

Risk Management Process ◽

Development Center ◽

Practical Implications

Distributed IT projects exhibit certain features that make them fundamentally different from traditional co-located projects, not only involving additional steps and decisions, but also impacting the risk management process. The goal of this paper is to discuss these impacts and to suggest the development of an integrated risk management process taking into account site dispersion, time zone difference, and cultural boundaries not only at the operational, but also at the tactical and strategic level. We also report results of an exploratory case study conducted in a software development center (a Brazilian subsidiary of a U.S. corporation) in support of such a model, and conclude with a discussion of theoretical and practical implications of our work.

Download Full-text

IT RISK IDENTIFICATION PROCESS ANALYSIS / IT RIZIKOS IDENTIFIKAVIMO PROCESO ANALIZĖ

Mokslas - Lietuvos ateitis ◽

10.3846/mla.2013.07 ◽

2013 ◽

Vol 5 (1) ◽

pp. 46-52

Author(s):

Rasma Janeliūnienė ◽

Vida Davidavičienė

Keyword(s):

Risk Management ◽

Business Processes ◽

Process Analysis ◽

Risk Identification ◽

Business Success ◽

Success Factor ◽

It Risk Management ◽

Risk Management Process ◽

Process Risk ◽

It Risk

Business processes and business success that depends on information technology (IT) is now closely associated with IT risks, which is influenced by growing IT risk management and control needs. It is vitally important to identify, analyse and reduce systemic risk in order to avoid undesirable consequences, such as information loss, data leaks or damage. A critical success factor in this situation is the systematic and continuous IT risk management. This paper aims to analyse one part of the IT risk management process –risk identification. The article invoked the methods of literature analysis, synthesis, comparison, and generalization.Article in Lithuanian Santrauka Išaugusi verslo procesų, kartu ir verslo sėkmės, priklausomybė nuo informacinių technologijų (IT) šiuo metu yra glaudžiai susijusi su IT rizika. Tai daro įtaką augančiam IT rizikos valdymo ir kontrolės poreikiui. Nepaneigtina tai, kad identifikuota, išanalizuota ir sumažinta sistemos rizika leidžia išvengti nepageidaujamų pasekmių, tokių kaip informacijos praradimas, nutekėjimas ar duomenų sugadinimas. Pagrindinis sėkmės veiksnys siekiant užtikrinti organizacijos sėkmę valdant IT yra sistemingas ir tęstinis IT rizikos valdymas. Straipsnyje keliamas tikslas išanalizuoti vieną iš IT rizikos valdymo proceso etapų – rizikų identifikavimą. Straipsnyje pasitelkiami tokie metodai, kaip mokslinės literatūros analizė, sisteminimas, apibendrinimas.

Download Full-text

The Mechanics of Managing it Risk

Journal of Information Technology ◽

10.1177/026839629601100410 ◽

1996 ◽

Vol 11 (4) ◽

pp. 373-378 ◽

Cited By ~ 6

Author(s):

Robert N. Charette

Keyword(s):

Risk Management ◽

It Projects ◽

It Risk Management ◽

It Project ◽

The Subject ◽

It Risk

The application of formal risk management to IT projects is rapidly growing in popularity. Numerous books and articles on the subject of IT-oriented risk management have appeared, where a decade ago there were virtually none. In this paper, a short tutorial on the general processes and activities involved in performing IT risk management is presented. Some of the practical issues that require attention when putting IT risk management into practice are also discussed. Effectively applied, risk management is a powerful tool for making an IT project proactive. However, poorly applied, risk management can just as easily lead an IT project into ruin.

Download Full-text

Risk Management in Distributed IT Projects

IT Outsourcing ◽

10.4018/978-1-60566-770-6.ch109 ◽

2010 ◽

pp. 1723-1738 ◽

Cited By ~ 1

Author(s):

Rafael Prikladnicki ◽

Roberto Evaristo ◽

Jorge Luis Nicolas Audy ◽

Marcelo Hideki Yamaguti

Keyword(s):

Risk Management ◽

Management Process ◽

Time Zone ◽

It Projects ◽

Cultural Boundaries ◽

Integrated Risk ◽

Risk Management Process ◽

Development Center ◽

Practical Implications

Distributed IT projects exhibit certain features that make them fundamentally different from traditional co-located projects, not only involving additional steps and decisions, but also impacting the risk management process. The goal of this paper is to discuss these impacts and to suggest the development of an integrated risk management process taking into account site dispersion, time zone difference, and cultural boundaries not only at the operational, but also at the tactical and strategic level. We also report results of an exploratory case study conducted in a software development center (a Brazilian subsidiary of a U.S. corporation) in support of such a model, and conclude with a discussion of theoretical and practical implications of our work.

Download Full-text

Risk Management in Global CRM IT Projects

Business Perspectives and Research ◽

10.1177/2278533719887005 ◽

2020 ◽

Vol 8 (2) ◽

pp. 156-172

Author(s):

G. K. Deshmukh ◽

Hory Sankar Mukerjee ◽

U. Devi Prasad

Keyword(s):

Information Technology ◽

Risk Management ◽

Project Managers ◽

Final Outcome ◽

Customer Relationship ◽

Management Process ◽

It Projects ◽

Technical Performance ◽

Risk Management Process ◽

It Project

Global information technology projects are risky with failure rates for customer relationship management information technology (CRM IT) projects estimated to 70 percent. These failures are often due to multiplicity of factors including poor risk management. The project management literature points out four broad types of risks: technical, external, organizational, and other risk factors. Project manager’s basic job, therefore, becomes to manage the risks and ensure that an IT project is steered to completion while meeting the objectives. Unmanaged risks run into chances of failure and ultimately impacting the CRM project and the reputation of the consultant. Payne and Frow’s (2005) advocates the need for a structured study on the information technology implementations of these projects. The objectives of the study are to investigate: how project risks in CRM- IT implementations impact the final outcome and how the risk management process adopted by the IT project manager impacts the final outcome of the project. The research was conducted administering questionnaire to 135 project managers. It was found that project risk impact cost, time, and technical performance and risk management process impacts planning, support of customers as well as top management.

Download Full-text

Analisis IT Risk Management di Universitas Bina Darma Menggunakan ISO31000

Jurnal Ilmiah Informatika Global ◽

10.36982/jig.v11i1.1073 ◽

2020 ◽

Vol 11 (1) ◽

Author(s):

Yeni Erlika ◽

Muhammad Izman Herdiansyah ◽

A. Haidar Mirza

Keyword(s):

Risk Management ◽

Disaster Recovery ◽

Management Practices ◽

Current System ◽

It Management ◽

It Risk Management ◽

Risk Management Process ◽

Iso 31000 ◽

The University ◽

It Risk

AbstractThe application of IT management needs to be evaluated to measure the level of IT risk management that occurs. This study aims to analyze and know the IT risk management process adopted at the University of Bina Darma Palembang using the ISO 31000 approach, and focus on evaluating IT management practices which include three stages; identification, analysis, and risk treatment. Bina Darma University is a university that has applied the use of information technology to support its business processes and in accordance with its vision and mission. The implementation of the entire system can be used to support the performance of employees, lecturers and to provide services to students, system managers namely the Directorate of Technology Systems, hereinafter referred to as DSTI. Risks that have occurred at the University of Bina Darma in terms of security standards for security, disaster recovery, to previously be able to cope with problems that occur, but there is no standard, manual, for example data backup using a hard disk. By using the risk assessment stage within the ISO 31000 framework, researchers found that Bina Darma University currently has not implemented ISO standards in dealing with their IT risk management. University management is in the process of designing to implement ISO. From interviews with IT staff and observations, researchers found that Bina Darma University had the ability to apply ISO 31000 in managing their risk. This research produces IT risk reports on current system applications.Keywords : IT Risk Management, ISO 31000, Assessment, MitigationAbstrakPenerapan manajemen IT perlu dilakukan evaluasi untuk mengukur tingkat penanganan risiko IT yang terjadi. Penelitian ini bertujuan untuk menganalisis dan mengetahui proses manajemen risiko IT yang diadopsi di Universitas Bina Darma Palembang menggunakan pendekatan ISO 31000, dan berfokus pada evaluasi praktik manajemen IT yang mencakup tiga tahapan; identifikasi, analisis, dan perlakuan risiko. Universitas Bina Darma merupakan perguruan tinggi yang telah mengaplikasikan penggunaan teknologi informasi sebagai pendukung proses bisnisnya dan sesuai dengan visi dan misi nya. Penerapan seluruh sistem yang ada dapat digunakan untuk mendukung kinerja pegawai, dosen maupun untuk layanan kepada mahasiswa/i, pengelola sistem yaitu Direktorat sistem teknologi selanjutnya di sebut dengan DSTI. Risiko yang pernah terjadi pada Universitas Bina Darma dari segi keamanan standart untuk keamanan, disaster recovery, untuk sebelumnya bisa menanggulangi masalah yang terjadi, tetapi tidak ada standarnya, manual, misal backup data dengan menggunakan hardisk. Dengan menggunakan tahap penilaian risiko dalam kerangka kerja ISO 31000, peneliti menemukan bahwa Universitas Bina Darma saat ini masih belum menerapkan standar ISO dalam menangani manajemen risiko IT mereka. Manajemen universitas sedang dalam proses perancangan untuk mengimplementasikan ISO. Hasil wawancara dengan staf IT dan pengamatan, peneliti menemukan bahwa Universitas Bina Darma memiliki kemampuan untuk menerapkan ISO 31000 dalam mengelola risiko mereka. Penelitian ini menghasilkan laporan risiko TI pada aplikasi sistem saat ini.Kata kunci : IT Risk Management, ISO 31000, Penilaian, Mitigasi

Download Full-text

An Overview of the IT Risk Management Methodologies for Securing Information Assets

10.4018/978-1-7998-7943-5.ch002 ◽

2022 ◽

pp. 30-47

Author(s):

Sayan Mercan Dursun ◽

Meltem Mutluturk ◽

Nazim Taskin ◽

Bilgin Metin

Keyword(s):

Risk Management ◽

Asset Management ◽

Risk Assessments ◽

Management Approach ◽

It Risk Management ◽

Risk Management Process ◽

Asset Values ◽

Information Assets ◽

Executive Managers ◽

It Risk

Effective information asset management is the basis of information security as well as many other issues. IT risk assessments work well with the proper handling of asset values, and also it is for effectively securing information assets. There is also a wide variety of risk assessment methodologies. This chapter presents information about the overall IT risk management process and methodologies. Best practices are mentioned and occasionally compared based on the requirements of the information technology (IT) sector in practice. This chapter will provide deep knowledge about the IT risk management approach and construction to implementers, risk owners, IT auditors, executive managers, and other IT staff.

Download Full-text

Minimizing the Challenges of Risk Management in Distributed IT Projects

Advances in E-Collaboration - E-Collaboration in Modern Organizations ◽

10.4018/978-1-59904-825-3.ch009 ◽

2008 ◽

pp. 126-141

Author(s):

Rafael Prikladnicki ◽

J. Roberto Evaristo ◽

Jorge L.N. Audy ◽

Marcelo H. Yamaguti

Keyword(s):

Risk Management ◽

Management Process ◽

Time Zone ◽

It Projects ◽

Cultural Boundaries ◽

Integrated Risk ◽

Risk Management Process ◽

Development Center ◽

Practical Implications

Distributed IT projects exhibit certain features that make them fundamentally different from traditional colocated projects, not only involving additional steps and decisions, but also impacting the risk management process. The goal of this chapter is to discuss these impacts and to suggest the development of an integrated risk management process taking into account site dispersion, time-zone difference, and cultural boundaries not only at the operational but also at the tactical and strategic level. We also report results of an exploratory case study conducted in a software development center (a Brazilian subsidiary of a U.S. corporation) in support of such a model, and conclude with a discussion of theoretical and practical implications of our work.

Download Full-text