Information technology project risk management

Information technology project risk management

Need Help Writing an Essay?

Tell us about your assignment and we will find the best writer for your paper.

Write My Essay For Me

Information technology project risk managementPaper instructions:Information technology project risk management: bridging the gap between research and practiceAuthor: Taylor, Hazel; Artman, Edward; Woelfer, Jill PalzkillPublication info: Journal of Information Technology 27.1 (Mar 2012): 17-34.the task is the same as last one.it needs to be done in MLA format correctly, i lost few points on the last one.ThanksE[.QQi?2??.FReport Information from ProQuestOctober 07 2013 09:427 October 2013 ProQuestDownloadGoogle TranslateBing TranslatorEdit Online______________________________________________________________________________________________________________________________Report Information from ProQuestOctober 07 2013 09:42_______________________________________________________________07 October 2013 ProQuestTable of contents1. Information technology project risk management: bridging the gap between research and practice???.. 107 October 2013 ii ProQuestDocument 1 of 1Information technology project risk management: bridging the gap between research and practiceAuthor: Taylor, Hazel; Artman, Edward; Woelfer, Jill PalzkillPublication info: Journal of Information Technology 27.1 (Mar 2012): 17-34.ProQuest document linkAbstract: The gap between research and practice is strikingly evident in the area of information technology (IT)project risk management. In spite of extensive research for over 30 years into IT project risk factors resulting innormative guidance on IT project risk management, adoption of these risk management methods in practice isinconsistent. Managing risk in IT projects remains a key challenge for many organizations. We discuss barriersto the application of normative prescriptions, such as assessments of probability and impact of risk, and suggesta contingency approach, which addresses the uncertainties, complexities, and ambiguities of IT projects andenables early identification of high-risk projects. Specifically, in a case study, we examine how the projectmanagement office (PMO) at one organization has bridged the gap between research and practice, developinga contingency-based risk assessment process well founded on research knowledge of project dimensionsrelated to project performance, while also being practical in its implementation. The PMO?s risk assessmentprocess, and the risk spider chart that is the primary tool in this assessment, has proven to be effective forsurfacing inherent risk at the early stages of IT projects, thereby enabling the recommendation of appropriatemanagement strategies. The PMO?s project risk assessment process is a model for other organizations strivingto engage in effective and collaborative practices in order to improve project outcomes. The case illustrates theimportance of considering the practical constraints of the context of application in order to transform researchfindings into practices that promote attainment of desired outcomes. [PUBLICATION ABSTRACT]Links: Find full textFull text: IntroductionAs members of an applied, or professional, discipline, Information Systems (IS) scholars seek to advance bothacademic and practical knowledge in their field. A key challenge, however, is to bridge the gap betweenresearch and practice and to ensure that practice is well founded on empirical findings. Even when a researchfocus is profoundly applied, such as in the information technology (IT) project management arena, the goal ofadvancing practice with the benefits of research findings has often been difficult to achieve. This paperdemonstrates the successful transfer of research to practice in the area of IT project risk assessment.In spite of extensive research for over 30 years into IT project risk factors resulting in normative guidance on ITproject risk management, adoption of these risk management methods in practice is inconsistent (Bannerman,2008) and delivery of IT projects to required performance standards remains an elusive target (Standish Group,2005; Sauer et al. , 2007). One key area that can drive improvements in IT project performance is the earlyidentification of high-risk projects (Pennington and Tuttle, 2007). If high-risk projects are identified early, thenappropriate risk management and oversight mechanisms can be implemented to mitigate the threats, and toensure early and decisive action on problems that arise. However, early identification of high-risk projects posesmany questions. What determines a high-risk project? Which risk factors should be considered? How can theybest be evaluated? How can the organization get a holistic picture of the risk profile of the project? What is thebest way to manage risk on high-risk projects? Given the extensive body of research on IT project risk factorsand risk management approaches (see, e.g., Bannerman, 2008, for a detailed review of recent IT project riskmanagement research; and Schmidt et al. , 2001, for one of the most extensive surveys of IT risk factors), itmight be assumed that these questions would be easily answered. It is somewhat surprising, then, that there isvery little evidence that research knowledge on IT risk factors and risk management has actually been applied07 October 2013 Page 1 of 19 ProQuestin the workplace (Bannerman, 2008; de Bakker et al. , 2010). One of the biggest challenges still in the IT projectdomain is to convert our research understanding of IT risks and risk management into practical, usable toolsthat are easy to implement and effective in practice (Bannerman, 2008; de Bakker et al. , 2010).Our goal in this paper is to examine a successful instance of the transformation of research knowledge on ITproject risk management into a solution that takes into account the day-to-day exigencies of the practicalsituation. In particular, we show how the Project Management Office (PMO) at a municipal governmentorganization, CityOrg, tasked with improving the success rate of key IT projects across the organization,developed a risk assessment tool, well founded in research and also practical in its application. The riskassessment tool incorporates the extensive body of research knowledge on IT risk and uncertainty, whileavoiding the practical implementation problems of traditional risk management approaches by building on thecontingency approach to risk management (McFarlan, 1981; Barki et al. , 2001).Our presentation of an interpretive revelatory or enlightening case study (Marcus, 1997; Yin, 2009) enables usto make contributions to both practice and research. In the practice arena, the case study reported heredemonstrates a substantial advance in addressing the research-practice gap in the IT project risk managementarea, by providing a practical implementation of the contingency approach to risk management whoseeffectiveness in practice has been demonstrated. From the research perspective, by exploring how and why thisorganization has successfully utilized research knowledge on IT project risk management, we provide insightinto what is required if research findings are to be transformed into practices that promote attainment of desiredoutcomes.We begin with a brief review of the literature on IT project risk to set the scene for the case study. We thenpresent our method for examining the case study, and describe the development of the risk assessment toolover a period of 5 years. Finally, we discuss the significance of the case findings for application of research onIT project risk management in practice, and draw on research utilization and knowledge transfer literature toexplore reasons why research utilization was successful in this case.Literature review: IT project riskThe body of research examining risk in IT projects spans over 30 years, with Alter and Ginzberg (1978), Boehm(1973, 1983), Brooks (1974), McFarlan (1981) and Zmud (1980) being among the early contributorsestablishing a foundation of research knowledge in the area. In subsequent years, research interest in IT projectrisk developed primarily in two directions, risk management and risk factors, with a smaller group of researchersbuilding on McFarlan?s (1981) work to develop contingency approaches to project risk management.In spite of this extensive and comprehensive body of research on IT risk, there is considerable evidence that theresearch findings and recommendations are not being applied in practice (Pfleeger, 2000; Addison and Vallabh,2002; Kutsch and Hall, 2005; Taylor, 2005; Bannerman, 2008; de Bakker et al. , 2010). Both the risk factor andthe risk management directions draw on models of decision making based on probability and expected utility(Charette, 1996; Pender, 2001; Ward and Chapman, 2003; Kutsch and Hall, 2005), which are founded onassumptions that risks are discrete potential events and that their impact and probability can be assessed with areasonable degree of confidence. As we will explain, these decision-making assumptions are key tounderstanding why prescriptions from the risk management and risk factor strands of research appear to be sodifficult to apply in IT projects.Risk management researchRisk management researchers have focused on the examination of process models that provide prescriptionsfor risk management (see, e.g., Boehm, 1991; Fairley, 1994; Charette, 1996; Heemstra and Kusters, 1996;Powell and Klein, 1996; Keil et al. , 1998; Barki et al. , 2001; Simister, 2004), typically including variations on thefour processes of risk identification, assessment, response planning, and monitoring, as shown in Figure 1 ?See PDF,. Similar process models also underpin the best practice recommendations of practitionerorganizations such as the Project Management Institute?s PMBOK guide (2004) and the Association for Project07 October 2013 Page 2 of 19 ProQuestManagement?s APM Body of Knowledge (2006). As noted above, these models are based on a characterizationof risk as a potential discrete event, with a non-zero probability of occurrence and a quantifiable impact on theproject. It is assumed that specific risks to a project can be identified, and that their probability and impact canbe quantified. The recommendations also assume that project managers will, indeed, evaluate the probabilityand impact of each risk in ord