Popis: |
Risk management can be an extremely powerful approach to dealing with the complexities and uncertainties that increasingly surround technological change and its management. Conventionally in information technology (IT) projects, risks have been narrowly defined. Today, with IT becoming integral to a company’s existence, the stakes are considerably higher and broader in scope. However, risk is sometimes seen a negative concept in information systems (IS) organizations because it implies that something could go wrong with an IT project. To understand effective risk management in IS, the authors convened a focus group of senior IS managers from a number of organizations in a variety of industries. The results of this discussion, the managers’ presentations, and a review of the current research on risk management, were integrated and are presented in this paper. The nature of risk, identifying risk in IT initiatives, determining appropriate levels of risk, and dealing with unacceptable types and levels of risk are discussed. The following conclusions were reached. Risk management is a means to an end – whether it is a successful IS project; stable, secure technical |