Loading 
Bonanza Offer FLAT 20% off & $20 sign up bonus Order Now
Discuss about the Information Technology Risk Management.
IT (information technology) is an industry that is growing fast in developed nations. Information technology projects can effect a wide variety of services, applications, equipment, and technologies which are fundamental and offer data to support the executive, decision-making, operation and analysis functions within a company (Kessler, 2012). The global study of 7,400 projects of IT conducted by Standish Group uncovered that 34% were over budget or late, 31% were scaled back, abandoned or changed and only 24 % were done on budget and on time. High profile project such as AMRIS (American Airline Corporation ARM Information Services), Human Resource System of Mandata, London Ambulance System, SACSS (Californian State Automated Child System) and FoxMeyer Drug Co. are some of the examples of Information Technology Project failures.
One constant factor affecting the results of the project are the different risks connected with implementing and initiating Information Technology Projects. In specific, 30% of the firms used risk management in their project management and IT investment processes as discovered by OTR Group. Similarly, it was discovered that companies performed little risk evaluation, except when conducting financial calculations. Proof shows that information technology projects risks are not managed efectively and as such, their lack of management and identification during the lifecycle of a project can result in failure (Kirkland, 2011). Given the high rates of failure linked to Information Technology Projects, it is advisable for companies to boost their ability to control Information Technology risks. In the context, those risks of Information Technology Projects considered essential in their consequences and likelihood and particular treatment strategies of risks that can be applied to manage risks of Information Technology Project are recognized. The findings will allow managers of Information Technology Projects to understand the main project risks and suitable treatment strategies of risks to control these risks.
Every human undertaking contains risks. Projects are special operations which are risky and contain a degree of uncertainty. Project risks can be described as the likelihood of an event happening that can cause a negative effect on objectives of a project and is measured by consequence and likelihood. Risk management is an important practice in bringing a project to successful conclusion. It comprises the following processes:
Companies regularly expand the project risk management scope to include sectors outside the direct control of the project team (Akram, Ihsan, Zafar & Hayat, 2018). Asking project teams to control risks that are not within their scope causes wasted effort and confusion and shows the need for a PMO (project or program management office). As such, the project risk management context should be restricted to the projects schedule, mission accomplishment, budget, and quality.
Risks should be identified regarding budget impact, ability to meet objectives, schedule impact, and quality impact. If schedule impact is managed efficiently, then the event or condition that impacts the schedule, for instance, personnel turnover, hurricane or network outage, becomes irrelevant.
To efficiently manage risk, its effect on the project must be justly specified. For instance, two-weeks schedule delay. Overrun of $10,000 in a budget, 200 hours of redo, among others. Decreased quality, considerable delays and significant budget overrun cause problems when defining risks (Bubevski, 2013). For instance, significant budget overrun to one individual could mean thousands of dollars while to another person it could mean hundreds of dollars.
After identifying and quantifying risks, the next step is prioritizing risks. A simple three-tier order of high, medium and low can be used (Hopkin, 2014). It is called the 9-box model. It helps to prioritize risks with high probability or impact followed by medium impact or probability and so on. The risks with the highest probability should be managed first.
Risk treatment involves determining the most suitable strategies for handling its occurrence. There exist for major techniques for reacting to risks associated with the project:
Avoiding- not engaging in operations that cause risks
Transfer- transferring risk in part or whole to another party
Reduction-minimize the likelihood of a risk event taking place and the effect of that activity. Minimization of risk is the most frequent of all strategies of risk management (Dalcher, 2014).
Retention- incase risks events do occur, accept them and assess the impact it has on the project.
Risk monitoring is divided into two categories:
Tactical monitoring-occurs daily and is carried out by the project team. It takes into account trigger points, performance measures and actual performance (Harris & Younggren, 2011).
Strategic monitoring- carried out as part of management evaluation, during external or internal audits. It concentrates on long-term improvement of the process.
Failure in projects happen due to collective risks of projects portfolio, lack of concentration to individual project risks and the acknowledgment that various types of projects need distinct types of management. However, most companies fail to undertake Information Technology risk management or perform it poorly (Lindholm, 2015). The reason for disregarding risk management is the view that concentrating on possible problems is negative. Nevertheless, management wants to introduce a positive approach towards IT implementation, as it is regularly regarded as the chief for progressive process enhancement and change within companies.
Determining the risks connected to IT implementation can be a challenge for managers, as there exist many ways to categorize and describe it. Risks differ in severity, nature, and impact, as such, it is essential to understand, identify and manage those perceived as high-level risks. Some of the common Information Technology risks are structured and described in the following categories;
Insufficient performance of the third party- the contractor chosen is unsuitable for the project purpose. The contractor fails to offer a solution that meets cost, performance, time, quality and objectives.
Litigation in safeguarding intellectual assets-insufficient software protection at the beginning of the projects lead to rivals taking advantage through imitating, causing loss of potential market and a high cost of litigation.
Disagreements between contractors and clients-personal enmity and antagonism between software contractors and clients can occur as a result of unexpected changes in the contract scope, misunderstandings, delayed or missed delivery, or other kinds of conflicts that cause division between contractors and clients (Gefen, Gefen & Carmel, 2016).
Destructive competitive actions- rivals may create solutions of software more rapidly with high-level of functionality at a lower price and actively set out the finished product within similar market space.
Loss of interest in a software- development of software is prematurely stopped because its impact or value surpass what management can absorb.
Inadequate personnel- inability to finish job allocated due to personnel shortfalls.
Poor staff quality- poor work standard due to lack of training, experience, ability, and motivation of staff. Lack of experience can go on to operating systems, hardware, management of the database, among others.
Lack of supportive corporate culture-corporate culture may conflict with the project due to other unknown agendas, change threat or continuous change in organizational culture, conflict within the firm and other internal priorities. Thus, it results in weak project management support and considerable failure for failing to meet objectives.
Lack of support from the executive- a project is hindered from meeting its objectives due to executives playing politics between and within external agents or departments. Besides, consumers may disapprove the project if they find out that the top-level management is not supportive.
Collection of inapplicable requirements motivated by politics. Due to political force within the company, many inapplicable requirements are assembled in an all-inclusive project which becomes challenging to meet objectives and manage.
Lack of enough user documentation- users are unable to wholly use new IT as planned due to inadequate user documentation.
Unsuitable application software- users may think that the software offered fails to assist them in achieving daily tasks. It can result in low user satisfaction.
Poor development of the system- the chosen software platform fails to meet the intended purpose, delivering a system that is slow or that contains major operational issues.
Technical solution limitations exceeded or reached- a technical limitation is experienced during the development of the software causing time problems to the project while determining a workaround solution. In severe scenarios, a solution may be undetermined (Dubey, 2011). The result is revocation or reestablishing the project with a more reasonable technical solution.
Insufficient requirements-inadequate data has been acquired in the assessment phase, resulting in solution construction that fails to meet objectives of a project.
Unsuitable user interface- the user interface of software developed or selected fails to meet the requirements of the user.
Unreasonable project budget and schedule- the project may fail to achieve its objectives due to unreasonable restrictions exerted on projects schedule, level of performance budget or quality.
Constant requirements changes by a client- shareholders constantly make changes to the functionality of software throughout the lifecycle of a project (Mancas, 2014).
Failure to examine daily advancement- managers fail to examine daily achievements causing a project to stumble.
Poor leadership- the steering committee and project manager are not dedicated to offering direction and handling issues of the project.
Lack of formal management process to change -project continuity is prevented due to specific changes to the specification of a system without a formal examination of a project and technical impact Kaplan & Mikes, 2012).
Over specification- the team is aiming attention at generating and analyzing excessive detail levels losing focus on the objectives of a project.
Unreasonable expectations- products promised by the vendor for delivery to people may be unrealistic and oversold.
A diverse and wide range of risks of Information Technology Projects has been determined. Nevertheless, it is important to rank them as the most serious risk to help in managing them if they occur (Marle, 2014). Besides, types of options for risk treatment are required by managers of Information Technology Project to manage risks that could prevent project performance. There exist two processes in a project;
Processes of project management- these organize, describe and complete project work. The processes of project management can be applied to many projects and include management of cost, quality, human resources, scope, time, risk communications and procurement.
Product processes- they are the technical processes that create and specify the product of the project and differ in project nature, for instance, information systems, new product development, construction and events (Borkowski, Fdhila, Nardelli, Rinderle-Ma & Schulte, 2017). Technical management needs a comprehensive understanding of the technical product processes and requires an expert to assist the technical team and comprehensive quality guarantee of the technical results. The risks identified above can influence both the project management and product processes.
Conclusion
There are several risks in Information Technology Projects. They are grouped in seven categories: economic circumstances, technological and technical issues, legal associations, human behavior, commercial associations, Management controls and activities, political circumstances, and individual activities. Information Technology Projects risks are not efficiently managed and as such, their lack of management and identification during the lifecycle of a project can result in failure. Given the high rates of failure linked to Information Technology Projects, it is advisable for companies to boost their ability to control Information Technology risks. Risk management is an important practice in bringing a project to successful conclusion. It comprises several processes: context establishment, risks identification, quantification of risk impact, prioritizing risks, risks treatment, and risk monitoring.
References
Akram, R., Ihsan, S., Zafar, S., & Hayat, B. (2018). Survey Paper for Software Project Team, Staffing, Scheduling and Budgeting Problem. International Journal Of Advanced Computer Science And Applications, 9(1). doi: 10.14569/ijacsa.2018.090166
Borkowski, M., Fdhila, W., Nardelli, M., Rinderle-Ma, S., & Schulte, S. (2017). Event-based failure prediction in distributed business processes. Information Systems. doi: 10.1016/j.is.2017.12.005
Bubevski, V. (2013). A novel approach to software quality risk management. Software Testing, Verification And Reliability, 24(2), 124-154. doi: 10.1002/stvr.1488
Dalcher, D. (2014). Mastering Information Technology Project Management: Best Practices, Tools and Techniques. Project Management Journal, 45(3), e2-e2. doi: 10.1002/pmj.21414
Dubey, S. (2011). Key Success Factors in Software Development Projects. SSRN Electronic Journal. doi: 10.2139/ssrn.1952935
Gefen, D., Gefen, G., & Carmel, E. (2016). How project description length and expected duration affect bidding and project success in crowdsourcing software development. Journal Of Systems And Software, 116, 75-84. doi: 10.1016/j.jss.2015.03.039
Harris, E., & Younggren, J. N. (2011). Risk management in the digital world. Professional Psychology: Research and Practice, 42(6), 412.
Hopkin, P. (2014). Fundamentals of risk management: understanding, evaluating and implementing effective risk management. Kogan Page Publishers.
Kaplan, R. S., & Mikes, A. (2012). Managing risks: a new framework. Harvard Business School
Kessler, D. P. (2012). How should risk adjustment data be collected?. INQUIRY: The Journal of Health Care Organization, Provision, and Financing, 49(2), 127-140.
Kirkland, C. (2011). Mastering software project management: Best practices, tools and techniques. Project Management Journal, 42(6), 92-92. doi: 10.1002/pmj.20276
Lindholm, C. (2015). Involving user perspective in a software risk management process. Journal Of Software: Evolution And Process, 27(12), 953-975. doi: 10.1002/smr.1753
Mancas, C. (2014). Will Software Development Projects Always Risk Delays?. Journal Of Information Technology & Software Engineering, 04(01). doi: 10.4172/2165-7866.1000e123
Marle, F. (2014). A structured process to managing complex interactions between project risks. International Journal Of Project Organisation And Management, 6(1/2), 4. doi: 10.1504/ijpom.2014.059742
Upload your Assignment and improve Your Grade
Boost Grades
