An Assessment of risk response strategies practiced in software projects
01 Nov 2014-Australasian Journal of Information Systems (Australian Computer Society)-Vol. 18, Iss: 3, pp 161-191
TL;DR: The paper attempts to address the risk response factors that lead to successful achievement of project scope & quality, schedule and cost targets, by using a series of regressions followed with Seemingly Unrelated Regression Equations (SURE) modelling.
Abstract: Risk management and success in projects are highly intertwined – better approaches to project risk management tend to increase chances of project success in terms of achieving scope & quality, schedule and cost targets. The process of responding to risk factors during a project’s life cycle is a crucial aspect of risk management referred to as risk response strategies, in this paper. The current research explores the status of risk response strategies applied in the software development projects in India. India provides a young IT-savvy English-speaking population, which is also cost effective. Other than the workforce, the environment for implementation of software projects in India is different from the matured economies. Risk management process is a commonly discussed theme, though its implementation in practice has a huge scope for improvement in India. The paper talks about four fundamental treatments to risk response – Avoidance, Transference, Mitigation and Acceptance (ATMA). From a primary data of 302 project managers, the paper attempts to address the risk response factors that lead to successful achievement of project scope & quality, schedule and cost targets, by using a series of regressions followed with Seemingly Unrelated Regression Equations (SURE) modelling. Mitigation emerged as the most significant risk response strategy to achieve project targets. Acceptance, transference, and avoidance of risk were mostly manifested in the forms of transparency in communication across stakeholders, careful study of the nature of risks and close coordination between project team, customers/end-users and top management.
Citations
More filters
Journal Article•
TL;DR: Project Management: A Systems Approach to Planning, Scheduling, and Controlling as discussed by the authors is a system approach to planning, scheduling, and controlling, which is based on Project Manager.
Abstract: PROJECT MA NA GEMENT: A SYSTEMS A PPROA CH TO PLA NNING, SCHEDULING, A ND CONTROLLING To download Project Manag ement: A Systems A pproach to Planning , Scheduling , and Controlling PDF, please access the link under and save the file or gain access to additional information which might be have conjunction with Project Management: A Systems Approach to Planning, Scheduling, and Controlling ebook.
714 citations
TL;DR: In this article, the authors represent various risk categories and barriers to risk management in domestic and international projects through literature survey and feedback from project professionals, and analyze interactions among the barriers and prioritize them.
Abstract: In the context of the scope, time, cost, and quality constraints, failure is not uncommon in project management. While small projects have 70% chances of success, large projects virtually have no chance of meeting the quadruple constraints. While there is no dearth of research on project risk management, the manifestation of barriers to project risk management is a less dwelt topic. The success of project management is oftentimes based on the understanding of barriers to effective risk management, application of appropriate risk management methodology, proactive leadership to avoid barriers, workers’ attitude, adequate resources, organizational culture, and involvement of top management. This paper represents various risk categories and barriers to risk management in domestic and international projects through literature survey and feedback from project professionals. After analysing the various modelling methods used in project risk management literature, interpretive structural modelling (ISM) and MICMAC analysis have been used to analyse interactions among the barriers and prioritize them. The analysis indicates that lack of top management support, lack of formal training, and lack of addressing cultural differences are the high priority barriers, among many others.
49 citations
Cites background from "An Assessment of risk response stra..."
...(x) Failure to clearly define risks: Bhoola et al. (2014) stress on the significance of risk identification....
[...]
...(x) Failure to clearly define risks: Bhoola et al. (2014) stress on the significance of risk identification. The authors divide risks into four categories—avoidance, transference, mitigation, and acceptance—and discuss the impact of each on project success. Vaisblat (2014) discusses the need for clarity in defining risks precisely and proposes a system of project risk indicators....
[...]
...(x) Failure to clearly define risks: Bhoola et al. (2014) stress on the significance of risk identification....
[...]
...(ii) Avoidance of talking about risk: Bhoola et al. (2014) mention that poor communication between top management and project team leads to risk avoidance, due to fear of transferring bad news....
[...]
01 Jan 2018
TL;DR: This study studied how disaster recovery controls and processes can be modified to improve response to a computer crime caused business interruption to understand what factors emerge relative to the ability to respond to disasters caused by computer crimes.
Abstract: The Effects of Computer Crimes on the Management of Disaster Recovery by Timothy Gene Proffitt MS, SANS Technology Institute, 2010 BS, Sam Houston State University, 1998 Dissertation in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy Management Walden University May 2018 Abstract The effects of a technology disaster on an organization can include a prolonged disruption, loss of reputation, monetary damages, and the inability to remain in business. Although much is known about disaster recovery and business continuance, not much research has been produced on how businesses can leverage other technology frameworks to assist information technology disaster recovery. The problem was the lack of organizational knowledge to recover from computer crime interruptions given the maturity level of existing disaster recovery programs. The purpose of this Delphi study was to understand how disaster recovery controls and processes can be modified to improve response to a computer crime caused business interruption. The overarching research question in this study was to understand what factors emerge relative to the ability of disaster recovery programs to respond to disasters caused by computer crimes. The conceptual framework included a maturity model to look at how programs might be improved to respond to the computer crimes threat. Research data were collected from a 3 round Delphi study of 22 disaster recovery experts in the fields of disaster recovery and information security. Results from the Delphi encompass a consensus by the panel. Key findings included the need for planning for cyber security, aligning disaster recovery withThe effects of a technology disaster on an organization can include a prolonged disruption, loss of reputation, monetary damages, and the inability to remain in business. Although much is known about disaster recovery and business continuance, not much research has been produced on how businesses can leverage other technology frameworks to assist information technology disaster recovery. The problem was the lack of organizational knowledge to recover from computer crime interruptions given the maturity level of existing disaster recovery programs. The purpose of this Delphi study was to understand how disaster recovery controls and processes can be modified to improve response to a computer crime caused business interruption. The overarching research question in this study was to understand what factors emerge relative to the ability of disaster recovery programs to respond to disasters caused by computer crimes. The conceptual framework included a maturity model to look at how programs might be improved to respond to the computer crimes threat. Research data were collected from a 3 round Delphi study of 22 disaster recovery experts in the fields of disaster recovery and information security. Results from the Delphi encompass a consensus by the panel. Key findings included the need for planning for cyber security, aligning disaster recovery with cyber security, providing cyber security training for managers and staff, and applying lessons learned from experience. Implications for positive social change include the ability for organizations to return to an acceptable level of operation and continue their service benefiting employees, customers, and other stakeholders. The Effects of Computer Crimes on the Management of Disaster Recovery by Timothy Gene Proffitt MS, SANS Technology Institute, 2010 BS, Sam Houston State University, 1998 Dissertation Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy Management Walden University May 2018 Dedication First and foremost, I would like to give thanks to my wife Crystal and two children, Charley and Samuel, who have given me strength and their precious time to get me through this challenge. I would also like to acknowledge my father and mother who believed in me even when I doubted myself. They encouraged me to stay in college which ultimately led me to the completion of this doctoral journey. Acknowledgments I would like to acknowledge and thank the Walden University faculty who took the time to provide valuable feedback and encouragement. Each class was a step in the direction of completing this dissertation, and the faculty made the program enjoyable. I want to give special thanks to my committee of Dr. David Gould and Dr. Howard Schechter who took my project and guided my writing into the dissertation it is today. I want to thank my URR. Dr. Richard Schuttler for his invaluable contributions. I would also like to thank Robert Armstrong and the management team of my company for allowing me to take the time away from work when I needed to stay on track with this program.
17 citations
Cites background from "An Assessment of risk response stra..."
...Avoidance is often leveraged in a manner that has the project being implemented in a way that the identified risk will not be encountered because of changes to the plan eliminate the probability of the risk (Bhoola et al., 2014; Lam, 2014)....
[...]
...Risk mitigation reduces the risk by applying a solution to reduce the vulnerability or threat (Bhoola et al., 2014)....
[...]
Dissertation•
01 Jun 2017
TL;DR: In this article, the authors investigated the current project risk management practices in the oil and gas industry in Libya and concluded that these practices contribute to project success within the Libyan oil and natural gas industry.
Abstract: The continued increase in the world’s population means increasing global energy demands. According to the best estimates available, hydrocarbons will be the main contributor to meet these energy needs. However, oil and gas projects pose significant risks, as they are large, complex and involve a considerable number of stakeholders and technologically difficult. The literature shows that many projects in the industry fail as a result of improper risk management practices. The literature also shows that although some scholars doubt the effectiveness of these practices, according to others, a positive relationship exists between applying these practices and project success. This research focuses on Libya, an important player in fulfilling the world’s energy demands, where the oil and gas industry is crucial to the national economy. Given the conditions existing in Libya, appropriate project risk management for the oil and gas industry needs is important. The aim of this research is to investigate the current project risk management practices in the oil and gas industry in Libya. This research follows a single case study approach. The data collection method adopted for this study was qualitative. Thirteen semi-structured interviews with top managers, project engineers and advisors were undertaken to achieve the aim of the study. Documents were also reviewed to support the findings from the interviews. Results show that awareness of the concept of project risk management is still very low in Libya and there is a lack of project management culture and risk management in particular. This research also demonstrates that although these practices are already being applied to some extent, this relies on the prior knowledge and experience of specific individuals, rather than on a systematic, documented procedure. The lack of financial resources and the shortage of experienced and qualified personnel due to the country’s current situation and as well as a lack of clear organisational vision within the oil and gas industry in Libya, all limit the implementation of effective project risk management. However, results also show that even though there is no written procedure for project risk management practices within the Libyan oil and gas industry, participants believe that applying these practices can increase overall project performance. This research contributes to theory and practice by implementing set of recommendations for developing an effective project risk management practices within the Libyan oil and gas industry. The researcher concludes that project risk management practices contributes to project success within the Libyan oil and gas industry.
13 citations
Cites background from "An Assessment of risk response stra..."
...8) Avoidance of talking about risk: individuals and project team members usually try to emphasise good news about projects and fear transferring bad news; this creates poor communication between them and top management (Bhoola et al., 2014; Dandage et al., 2017)....
[...]
30 Sep 2021
TL;DR: In this paper, a survey was conducted among two groups using quantitative as well as qualitative methods to evaluate and identify the risk management strategies and procedures and assess the efficiency of risk management tools in the Oil and Gas Company in the Kingdom of Bahrain.
Abstract: Oil and gas projects are at high risk and the reasons can be the adoption of complex technology, participation of different parties, etc. Oil and gas industries are often vulnerable to risks and hazards, but they overcome these problems by following tools and techniques of risk management, which results in employee and organizations safety. Based on the facts, this research report aims to evaluate and identify the risk management strategies and procedures and assess the efficiency of risk management tools in the Oil and Gas Company in the Kingdom of Bahrain. The survey was conducted among two groups using quantitative as well as qualitative methods. One hundred twenty-four participants comprising of Engineers, Superintendents, Fire and Safety Officers, HR Managers, Health and Safety Environment Officers were among the respondents of the Survey Questionnaire. For the semi-structured interview, managers from supply and marine, Operation Specialist, Acting Manager of Health, Safety and Environment (HSE), Managers of Operational Plant Department were selected. The data collected through the survey question was analyzed using statistical analysis. The data collected through the survey questions were later imported to IBM SPSS (Statistical Package for Social Science) version 23.0 and performed descriptive analysis to explain the participants’ characteristics, discrete variables expressed as frequencies and percentages and continuous variables expressed as mean and SD. The reliability of the instrument was assessed using Cronbach’s alpha. This research indicated that around 56 % of the engineers and majority of the participating managers agree and strongly agree that the company has the Oil and Gas Company in the Kingdom of Bahrain have has implemented several safety precautions, training, and appropriate risk management tools to ensure the safety of the employees and work to eliminate any risk which could be hazardous to life and property.
12 citations
References
More filters
TL;DR: In this paper, a method of estimating the parameters of a set of regression equations is reported which involves application of Aitken's generalized least-squares to the whole system of equations.
Abstract: In this paper a method of estimating the parameters of a set of regression equations is reported which involves application of Aitken's generalized least-squares [1] to the whole system of equations. Under conditions generally encountered in practice, it is found that the regression coefficient estimators so obtained are at least asymptotically more efficient than those obtained by an equation-by-equation application of least squares. This gain in efficiency can be quite large if “independent” variables in different equations are not highly correlated and if disturbance terms in different equations are highly correlated. Further, tests of the hypothesis that all regression equation coefficient vectors are equal, based on “micro” and “macro” data, are described. If this hypothesis is accepted, there will be no aggregation bias. Finally, the estimation procedure and the “micro-test” for aggregation bias are applied in the analysis of annual investment data, 1935–1954, for two firms.
7,637 citations
"An Assessment of risk response stra..." refers methods in this paper
...The appropriate joint estimation technique is often known as Seemingly Unrelated Regression Estimation (SURE) (Zellner, 1962)....
[...]
TL;DR: This article explored the relation between decision theoretic conceptions of risk and the conceptions held by executives, and identified three major ways in which managers are quite insensitive to estimates of the probabilities of possible outcomes; their decisions are particularly affected by the way their attention is focused on critical performance targets; and they...
Abstract: This paper explores the relation between decision theoretic conceptions of risk and the conceptions held by executives. It considers recent studies of risk attitudes and behavior among managers against the background of conceptions of risk derived from theories of choice. We conclude that managers take risks and exhibit risk preferences, but the processes that generate those observables are somewhat removed from the classical processes of choosing from among alternative actions in terms of the mean (expected value) and variance (risk) of the probability distributions over possible outcomes. We identify three major ways in which the conceptions of risk and risk taking held by these managers lead to orientations to risk that are different from what might be expected from a decision theory perspective: Managers are quite insensitive to estimates of the probabilities of possible outcomes; their decisions are particularly affected by the way their attention is focused on critical performance targets; and they ...
3,062 citations
"An Assessment of risk response stra..." refers background in this paper
...March & Shapira (1987) study the variability in the outcome of project success in the context of decision makers’ attitudes to risk aversion....
[...]
Book•
25 Dec 1995
TL;DR: In this article, the authors give students and professionals a profound understanding of project management with insights from one of the best-known and respected authorities on the subject, including case studies, discussion and multiple-choice questions.
Abstract: With plenty of case studies, as well as discussion and multiple-choice questions, this book gives students and professionals a profound understanding of project management with insights from one of the best-known and respected authorities on the subject.
2,895 citations
TL;DR: The emerging discipline of software risk management is described, it is defined as an attempt to formalize the risk-oriented correlates of success into a readily applicable set of principles and practices.
Abstract: The emerging discipline of software risk management is described. It is defined as an attempt to formalize the risk-oriented correlates of success into a readily applicable set of principles and practices. Its objectives are to identify, address, and eliminate risk items before they become either threats to successful software operation or major sources of software rework. The basic concepts are set forth, and the major steps and techniques involved in software risk management are explained. Suggestions for implementing risk management are provided. >
1,635 citations
Proceedings Article•
01 Jan 1996
1,172 citations