Font Size: a A A

Research On Theory And Methods Of IT Project Risk Management

Posted on:2004-11-13Degree:DoctorType:Dissertation
Country:ChinaCandidate:D Y FangFull Text:PDF
GTID:1116360122982181Subject:Management Science and Engineering
Abstract/Summary:PDF Full Text Request
The discipline of IT project risk management is still at its initial stage either in academia or in practice in China today, while it has been investigated for over a decade abroad. The academic aims of this paper include lessons learned from all available results, and exploring for a framework of IT project risk management according to Chinese situation. Furthermore, the application of this research can be evaluated from high-risk characteristic and various ongoing needs of IT projects.The main contents of this paper are as follows: Firstly, in chapter 1, the history and state-of-the-art of this subject are reviewed both domestically and abroad, and seven study goals are set. Then, in chapter 2, it is given that the relations and differences among the subject and other three subjects - risk management, project management, and software engineering, on which the subject is based. Concepts of both risk and risk management are defined systematically. After four familiar risk management systems are compared and analyzed, their advantages and disadvantages are discussed. Based on methodologies proposed in this paper, and with respect to the equilibrium among comprehensive, particular, and implementation cost, an overall framework of IT project risk management is presented. Thirdly, in chapter 3, methods of identifying risk are remarked again from both intension and extension perspectives. Base on systematic way to management risk, a concept of risk entity is pointed out, following with discussion of the entity's attributes, architecture, and its relationship with environment. By the comparison of several tools to describe complex system, objective-driven Influence Diagrams (ID) is selected as an general approach to identify IT project risks, which will also facilitate the solution of combined risks identification. Three sets of processes are developed individually for low-maturity companies, Web-based applications, and enterprise-wide applications, with the view of practical applicability. Fourthly, in chapter 4, a general process is designed to estimate IT project risks. Beginning with summary and analysis of available estimation methods, an objective-driven ID risk estimation approach is given, so as to fit into ID identification method in chapter 3. As for action-oriented methods to estimate IT project risk, some examples of both PERT and Bayer's Belief Nets (BBNs) are illustrated. And GERT is improved to adapt for estimating IT action-risks. At the end of this chapter, there is an estimation method that match to small or medium size companies because of its facility and lower cost, as well as its efficiency justification. Fifthly, in chapter 5, how to plan higher-level and lower-level programs for management IT risk are demonstrated. The mechanism and institution for monitoring risk are developed. Strategic analysis for risk controlling is made mainly by applying real options theory, which can be used to control risk consequences. Sixthly, in chapter 6, the framework of risk management is elaborated to express the relationships among elements in the framework. The knowledge, technology, and techniques, what the elements need, are expatiated in terms of organizational, institutional, and mechanism supports individually, including risk-oriented metrics by project developing phases, and the great effectiveness of third-party intendance mechanism for IT project risk management. At last, after summarizing main content discussed in this paper, some potential research directions are given.
Keywords/Search Tags:IT project, project management, risk management framework, risk identification, risk estimation, risk monitoring and controlling, risk administration assurance system
PDF Full Text Request
Related items