The Process of Identification, Assessment and Prioritization of Risk in the Organization - Research Paper Example

? Financial Risk Management in IT In recent years, the growth in technology has increased technological innovation; this has influenced the information and technology sector in a positive way. There have been many mega projects in existence, which need care for them to complete well; in this sense, many issues have to be put into justified, to realize an elegant and comprehensive scheme. A complete project means more in relation to both parties involved, this comes in terms of dependent factors, and this may be risks associated with the completion of any project in this area. This paper will consider how risks, especially financial risks management contribute to the success of projects in the information and technology industry. Financial Risk Management in IT Introduction Risks management is in many ways the process of identification, assessment and prioritization of risks, which is then followed by the coordination of all economic resources necessary for the elimination or minimization, monitoring, and control of the probable impacts of uncertain events. It has been found that, risk can come from uncertainties in financial markets, legal liabilities, project failures, accidents, credit risks (Macomber 2003, p. 2). Studies indicate that, there are various project management standards, which have been under development in the project management institute, actuarial societies, ISO standards, and the national institute of standards and technology (Hodgson 2003, p.1). The approaches and objectives of hazard supervision vary greatly dependent on the hazard administration technique applied in the setting of a scheme administration.. In other studies however, hazard administration includes the ranking of the essential developments; hazards with the extreme loss are handled first and then the other hazard are handled in a descendent mode in order of precedence. It is pointed out that intangible management usually identifies new types of risks that have about a hundred percent probability but the management ignores because most organizations lack identification capabilities to handle such cases (King 2003, p. 2). It is recorded that relationship risk emanate when inefficient ways of collaboration is experienced. This type of hazard is known to reduce the efficiency of information workforces, effectiveness, service, excellence, product value, and excellence of earnings at the end. Thus, risk management is a subject or process that needs all manner of care to be successful. Literature review From organizational perspective, risks arise most often when businesses pursue opportunities in face of uncertainties, while being compelled by capabilities and cost. In most cases, a challenge comes when it comes to the process of finding a position based on the two dimensions, as it represents in essence itself a risk profile that may be appropriate for the initiative; acceptable to both internal and external stakeholders of the business in question. Studies affirm that, hazard and hazard administration are premeditated in nature. Regarding, information and technology studies show that, software projects have been recognized to be high-risk ventures, which are prone to many failures. Some studies argue that there are mainly two classes of risks; generic risks that are common to all projects, and project specific risks. In many cases, some of these hazards are easy to recognize and regulate or accomplish. However, in some cases, other risks are less obvious and thus very difficult to make predictions on their likelihood to occur and the impact they may cause at that time (Levine 2004, p. 32). The complication and difficulty in predictions comes because of numerous project proportions; structure, size, complexity, composition, novelty, long planning, and execution horizons. All these have a common influence on the modest of the scheme at the end; hus, any indeterminate discrepancy in this has fiscal implications. Therefore, risk management in information technology, especially software projects is essential, as it helps to limit disasters by avoiding reworking, in the end focus, and balance efforts that stimulate a successful; project. This is essence, limits the financial risks that may have occurred in the process of a poorly managed project together with anticipated project and financial risks as well (Elenbass 2000, p.40). It is evident from studies that, risk and risk management are important in the sense that information technology projects, software projects included, are essential vehicles for delivering information technology enabled organizational changes. This helps industries to attain their critical corporate goals, and hence the apparent achievement. It is important to understand how risks are conceived and what management practices can be employed to improve the outcome of most projects (Tesch and Kloppenborg 2006, p. 34). Hazards in software development are in terms of the disclosure to certain issues, which present a menace to the attaining of the predictable results of the scheme. Concerning information technology and especially software projects, risks are regarded as the probability impact of events on a project. In classical decision theory concerning risks, a risk is viewed as the reflection of variations in the probability coverage of probable aftermaths, whether positive or negative. Other studies show that seventy-five percent of managers consider only the negative outcomes as part of a risk. It was also found that the positive outcomes of a risk might only found consideration only when assessing alternatives of the probable choices. In a different scenario, risks are viewed as a danger, threat or even a hazard associated with a poor outcome. In software projects, to reduce the likelihood of any adverse project outcome, all potential risk factors need to be identified at the beginning of the project. This allows the estimation of the risk factor and allows prioritization of exposures in a bit to identify the risks, which are perceived to present the greatest threats to the project. This allows the development administrators to narrow down on the high hazard issues and curtail the probability of their happening together with the extent of their influence (Jiang 2006, p. 50). This is realized through the application of control measures; mitigation of strategies and contingency plans. In this state, risk factors get monitored in a progressive way that allows the detection of any risk as early as they materialize. Studies affirm that, the realization process of a risk is most often recognized through the onset of a predetermined risk trigger; here the contingency plans are triggered are then activated to mitigate or minimize the impact. However, it has been found that in real life and in practice, the likelihood of outcomes and their perceived impacts to enter into managers` calculations of risk come independently, rather than as the product of the two. Thus, project managers perceive risk in a less precise way. In this sense, managers seem to be more considerate with the magnitude of the potential loss than the real probability of its occurrence. This leads majority of them to verbal characterization of risks than the probabilistic representation, as they are more skeptical about the dimensions. They think that the dimensionality of risk can be reduced to a single number (Karlsen and Gottschalk 2004, p. 115). Such kind of executives believes that hazards can be reduced or thawed by using administrative abilities in monitoring hazards. This means that project managers seek options that can be easily managed to satisfy the perceived targets, rather than assessing or accepting risks. According studies, the other thing that makes it difficult to estimate and mitigates risk in software projects is that, it is difficult to have an estimate of the probability of the impact regarding any risk factors; this comes because it has been found that probabilities can only be meaningfully determined when activities get repeated many times, under controlled circumstances (Barki, Rivard and Talbot 2007, p. 204). It is also known that the unique nature of numerous software development happenings assuage against precisely reckoning chances. However, from the fact that, software projects are often about the process of enabling change by employing new applications through the embracing of new technologies in the dynamic environments. On the other hand, scheme hazards controlling is usually a set of philosophies and rehearses that aim at the identification, investigation, and treatment of hazard issues; in order to advance probabilities of attaining an efficacious scheme result while avoiding scheme fiasco. To achieve nay variation, principles and practices have to be altered in the process of applying risk management practices to mitigate risks. In practice, the list of top risks or success factors in software projects is beneficial as an approach risk management. This is because this offers a swift and easy way of recognizing and gauging the hazard experience of a scheme against key issues found to be vital in preceding cases can be applied in shaping the result many software schemes, in line with information technology (IT). Furthermore, research shows that there exist perceptions of risk software projects varies between stakeholder groups; this comes in terms of time, life cycle stages, and cut rural different risk management groups or rather stakeholder groups (Vemor and Evanco 2005, p. 56). The other problem show that many stakeholder groups regard or rank highly such risk perceived to be outside their own control. This means that stakeholder groups of this kind tend to identify risks in concern realm of other stakeholders, rather than pointing to factors relating to risks within their own are of responsibility. It is also evident that casual ambiguity of controlling individual risk factors seem more of unproductive than mutual risk factors. In this sense, it is found that risk factors do cluster into categories according to themes. Thus, individual control measures can be applied in an effective way to the categories of risks, rather than the process of treating each factor alone (Cleland and Ireland 2004, p. 48). Several studies suggest that, high-level sources of risk come from technology, and the requirements can account for each account for multiple related risk factors. In this regard, risk categories, risk dimensions, and risk drivers can provide a broader framework for reviewing the type of risk that is likely to bring threats to a particular project. In addition, categories represent target areas for the application of risk control strategies. Methods In this study, the most fitting technique applicable is the use of questionnaires. This is was perfect because it streamlines the specific questions or data that the research needs to collect about the failures that face many software related projects. In this sense, the questionnaires contained varied categories of risk factors that the participants were asked to examine and give their responses to the various categories of risks; the response allowed critical analysis to take place. This study intends to shade more light on various risks that affect information technology industry, and in essence software projects. This happens because software projects are occasional in relation to other information technology projects. Thus, many hazards are ubiquitous in this segment of ‘IT industry’. Therefore, this study intends to look critically at the risk factors, especially the financial risk factors that may hinder project success in the information technology industry. Data collection and analysis To better gain insight about risk factors associated with information technology projects, a number of risk factors were categorically looked at in form of questionnaires. Here statistics was gathered from PMP experts contributing in a figures gathering and debate session. The participants involved were about twenty-three and they had a considerable level of experience in relation to the information technology projects and project management in general. The contributors were asked to scrutinize hazard issues existing in several sorts; business setting risks, capital (monetary) and arrangement, patronage, and scheme controlling. It so followed that, contributors were allotted at haphazardly to scrutinize the hazard classes. They began independently by ranking the hazards as from top to bottom. Then followed the ranging of the risk as highest and lowest, and the consideration of the probability of the risk event happening and the impacts to a project if it happened. The table shows the risk in terms of rating priority as suggested by participants Hazard Type Prioritized hazards Sponsorship/ ownership Scheme has insufficient upper administration commitment. Funding and scheduling Entire project must be budgeted at the onset Personnel and staffing Project lacks enough staff or those with the right skills scope Requirements are ignored for the sake of technology Requirements Project changes are managed poorly Relationship management Project fails tom satisfy end-user expectations By narrowing down to funding and scheduling risks, it is found that, this particular risk category presents serious implications on the overall project performance. The implications may come because of the fact that a project is budgeted for at the onset, which leads to underfunding in later years. There are issues that emerge also because of artificial deadlines, maintenance underfunding, budget deviation, and allowing the user to lead the project (Wixom 2001, p.20). This table shows the ways of avoiding the risks and the possible mitigation processes should the risk be experienced. Elimination approaches Strategize the scheme in levels, give details of one level at a time, ensure that the policies are in places progressively, make budget estimates of each level at a time, link funding to the planning horizon, and have an understanding of the previous fiscal forecast. Vindication approaches Re-assessment of project cost is relevant, review of financing should be done to determine the next level`s needs, approval of extra funds is backed through change management procedure, evaluate risk and hand over results to stakeholders, give information and schedule of the funding, elucidate underperformances to the benefactor and client and the need for supplementary backing. It was noted that many of the issues presented in the table above are the responses of the participants in the data collection carried out. It was found that most of the strategies aired out for avoidance or mitigation of risks deals with the process of establishing a project management system within the concerned organization. As suggested by the participants, three project management systems were put forward; a project sponsor, steering team, and chief projects officer (Hoffman 2003, p.98). It is also categorically includes the selection system and stage gate approach to planning and project management to ensure the success of every project in the information and technology industry. The steering team comprises of the general manger and other executives are responsible for the approval of the choice of project sponsors and offer the general support and guidance. They also approve the project movement through various stages. On the other hand, chief project officer is responsible for the selection and coordination of all project activities within the organization. The official evaluates the competence of an association to handle chief developments. In conclusion, a regimented scheme calls for enough efforts in terms of the capitals and the administration team concomitant with the scheme. Good resource fund allocation requires careful planning to be able to follow up the mitigation procedure and the avoidance process well. A well-organized and managed project will under every development stage under the guidance of the senior management group. This will guarantee that numerous necessities and any improbability about the scheme are supervised to the last segment. References Oz, E and Sosik, J 2000, "Why information systems projects are abandoned: a leadership and communication theory and exploratory study," Journal of Computer Information Systems,(41)1, 66-78. Levine, R 2004, "Risk management systems: understanding the need," Information Systems Management, 31-37. Tesch, D and Kloppenborg, T 2006, “Investigation of ISAT Research for Project Management Learning," Project Management Journal, (34)4, 33-39. Karlsen, J and Gottschalk, P 2004, "An Empirical Investigation of Knowledge Transfer Mechanisms for IT Projects," Journal of Computer Information Systems, (44)1,112-119. Vemor, J and Evanco, W 2005, "In-House Software Development: What Project Management Practices Lead to Success?" IEEE Software, (22)1, 86-92. Cleland, D and Ireland, R 2004, Project Management Strategic Design and Implementation, New York, NY: McGraw-Hill. Barki, H, Rivard, S., and Talbot, J 2007, "Toward an assessment of software development risk," Journal of Management Information Systems, (10) 2, 203-225. Wixom, H 2001, “Am Empirical Investigation of the Factors Affecting Data Warehouse Success,” MIS Quarterly, (25).1, 17 – 41. Hoffman, T, “Value of Project Management Offices Questioned,” Computerworld, July 21, 2003. http://www.computerworld.com/printthis/2003.0,4814,82345,00.html. King, J, “Survey shows common IT woes”, Computerworld, June 23, 2003, http://www.computerworld.com/managementtopics/management/story/0,10801,82404,00.html. Elenbass, B 2000, “Staging a Project – Are You Setting Your Project Up for Success?”, Proceedings of the Project Management Institute Annual Seminars & Symposiums, Houston, TX: Springer. Jiang, J 2006, “Ranking of System Implementation Success Factors”, Project Management Journal, 49 – 53. Hodgson, I, “Keeping Your Head Above Water”, Dec 15 2003, http://www/conspectus.com/2002/november/article19.asp Macomber, H, “Reforming Project Management”, Dec 15 2003, http://weblog.halmacomber.com// Read More