Skip to main content
SpringerLink
Log in

Information Technology Risks: An Interdisciplinary Challenge

  • Chapter
Risk - A Multidisciplinary Introduction

  • 3640 Accesses

Abstract

This chapter introduces students to general concepts and theoretical foundations of managing risks induced by developing and using information technology (IT risks). This chapter first provides an overview of the broad nature of IT risks. We introduce categories of IT risks to illustrate its diverse and heterogeneous causes and consequences as well as possible strategies required to balance the risks and benefits of information systems. Second, we illustrate the interdisciplinary challenges that come with managing IT risks on the most researched form of IT risk, namely IT project risks. We discuss the subjectivity of IT risks, various IT risk assessment techniques, outline the process of managing IT project risks, and introduce the dynamics of IT project risks. Third, we present five perspectives on IT risks as a fruitful lens to structure the variety of topics in IT risk research. Using these five perspectives as a framework, we present the most frequently cited IT risk research papers and theories. We conclude with an IT risk research agenda that posits worthwhile avenues for advancing the understanding and control of IT risks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Selected Bibliography

  1. S. Alter, S. Sherer, A general, but readily adaptable model of information system risk. Commun. AIS 2004(14), 1–28 (2004)

    Google Scholar 

  2. H. Barki, S. Rivard, J. Talbot, Toward an assessment of software development risk. J. Manag. Inf. Syst. 10(2), 203–225 (1993)

    Google Scholar 

  3. R. Charette, Software Engineering Risk Analysis and Management (Multiscience Press, New York, 1989)

    Google Scholar 

  4. R.K. Rainer Jr., C.A. Snyder, H.H. Carr, Risk analysis for information technology. J. Manag. Inf. Syst. 8(1), 129–147 (1991)

    Google Scholar 

  5. D.W. Straub, R.J. Welke, Coping with systems risk: security planning models for management decision making. MIS Q. 22(4), 441–469 (1998)

    Article  Google Scholar 

  6. L. Wallace, M. Keil, A. Rai, How software project risk affects project performance: an investigation of the dimensions of risk and an exploratory model. Decis. Sci. 35(2), 289–321 (2004)

    Article  Google Scholar 

Additional Literature

  1. M. Wiesche et al., Classifying information systems risks: what have we learned so far? in 46th Hawaii International Conference on Systems Science (HICSS 2013), Maui, HI, USA (2013)

    Google Scholar 

  2. S. Alter, M. Ginzberg, Managing uncertainty in MIS implementation. Sloan Manag. Rev. 20(1), 23–31 (1978)

    Google Scholar 

  3. R. Schmidt et al., Identifying software project risks: an international Delphi study. J. Manag. Inf. Syst. 17, 5–36 (2001)

    Google Scholar 

  4. J.R.K. Rainer, C.A. Snyder, H.H. Carr, Risk analysis for information technology. J. Manag. Inf. Syst. 8(1), 129–147 (1991)

    Google Scholar 

  5. P.A. Pavlou, D. Gefen, Psychological contract violation in online marketplaces: antecedents, consequences, and moderating role. Inf. Syst. Res. 16(4), 372–399 (2005)

    Article  Google Scholar 

  6. M. Junginger, Wertorientierte Steuerung von Risiken im Informationsmanagement (Universität Hohenheim, Stuttgart, 2004)

    Google Scholar 

  7. C.L. Iacovou, R. Nakatsu, A risk profile of offshore-outsourced development projects. Commun. ACM 51(6), 89–94 (2008)

    Article  Google Scholar 

  8. M. Benaroch, Y. Lichtenstein, K. Robinson, Real options in information technology risk management: an empirical validation of risk-option relationships. MIS Q. 30(4), 827–864 (2006)

    Google Scholar 

  9. D.W. Straub, R.J. Welke, Coping with systems risk: security planning models for management decision making. MIS Q. 22(4), 441–469 (1998)

    Article  Google Scholar 

  10. K. Lyytinen, L. Mathiassen, J. Ropponen, A framework for software risk management. J. Inf. Technol. 11(4), 275–285 (1996)

    Article  Google Scholar 

  11. J. Ropponen, K. Lyytinen, Can software risk management improve system development: an exploratory study. Eur. J. Inf. Syst. 6(1), 41 (1997)

    Article  Google Scholar 

  12. J. Adams, Risk (Routledge, Oxford, 1995)

    Google Scholar 

  13. F.H. Knight, Risk, Uncertainty and Profit (BeardBooks, Washington, 2002)

    Google Scholar 

  14. S. Alter, S. Sherer, A general, but readily adaptable model of information system risk. Commun. AIS 2004(14), 1–28 (2004)

    Google Scholar 

  15. B. Boehm, Software risk management: principles and practices. IEEE Softw. 8(1), 32–41 (1991)

    Article  Google Scholar 

  16. R. Charette, Software Engineering Risk Analysis and Management (Multiscience Press, New York, 1989)

    Google Scholar 

  17. H. Barki, S. Rivard, J. Talbot, Toward an assessment of software development risk. J. Manag. Inf. Syst. 10(2), 203–225 (1993)

    Google Scholar 

  18. S. Nidumolu, The effect of coordination and uncertainty on software project performance: residual performance risk as an intervening variable. Inf. Syst. Res. 6(3), 191 (1995)

    Article  Google Scholar 

  19. M. Schermann, Risk Service Engineering: Informationsmodelle für das Risikomanagement (Gabler, Wiesbaden, 2011)

    Book  Google Scholar 

  20. The Standish Group, CHAOS Summary for 2010 (The Standish Group, Boston, 2010)

    Google Scholar 

  21. C. Sauer, A. Gemino, B. Reich, The impact of size and volatility on IT project performance. Commun. ACM 50(11), 79–84 (2007)

    Article  Google Scholar 

  22. A. Shenhar et al., Project success: a multidimensional strategic concept. Long Range Plan. 34(6), 699–725 (2001)

    Article  Google Scholar 

  23. L. Kappelman, R. McKeeman, L. Zhang, Early warning signs of IT project failure: the dominant dozen. Int. J. Proj. Manag. 23, 31–37 (2006)

    Google Scholar 

  24. S. Hoermann, M. Schermann, H. Krcmar, Towards understanding the relative importance of risk factors in IS projects. A quantitative perspective, in 18th European Conference on Information Systems, Pretoria, South Africa (2010)

    Google Scholar 

  25. L. Wallace, M. Keil, A. Rai, How software project risk affects project performance: an investigation of the dimensions of risk and an exploratory model. Decis. Sci. 35(2), 289–321 (2004)

    Article  Google Scholar 

  26. A. Gemino, B. Reich, C. Sauer, A temporal model of information technology project performance. J. Manag. Inf. Syst. 24(3), 9–44 (2007)

    Article  Google Scholar 

  27. K. de Bakker, A. Boonstra, H. Wortmann, Does risk management contribute to IT project success? A meta-analysis of empirical evidence. Int. J. Proj. Manag. 28(5), 493–503 (2010)

    Article  Google Scholar 

  28. H. Barki, S. Rivard, J. Talbot, An integrative contingency model of software project risk management. J. Manag. Inf. Syst. 17(4), 37–69 (2001)

    Google Scholar 

  29. R. Baskerville, J. Stage, Controlling prototype development through risk analysis. MIS Q. 20(4), 481–504 (1996)

    Article  Google Scholar 

  30. F.W. McFarlan, Portfolio approach to information systems. Harv. Bus. Rev. 59(5), 142–151 (1981)

    Google Scholar 

  31. M. Keil et al., A framework for identifying software project risks. Commun. ACM 41(11), 76–83 (1998)

    Article  Google Scholar 

  32. S.L. Jarvenpaa, N. Tractinsky, M. Vitale, Consumer trust in an Internet store. Inf. Technol. Manag. 1(1–2), 45–71 (2000)

    Article  Google Scholar 

  33. P.A. Pavlou, Consumer acceptance of electronic commerce: integrating trust and risk with the technology acceptance model. Int. J. Electron. Commer. 7(3), 101–134 (2003)

    Google Scholar 

  34. D.H. McKnight, V. Choudhury, C. Kacmar, Developing and validating trust measures for e-commerce: an integrative typology. Inf. Syst. Res. 13(3), 334–359 (2003)

    Article  Google Scholar 

  35. O.E. Williamson, Transaction-cost economics: the governance of contractual relations. J. Law Econ. 22(2), 1–30 (1979)

    Article  Google Scholar 

  36. W.H. DeLone, E.R. McLean, Information systems success: the quest for the dependent variable. Inf. Syst. Res. 3(1), 60–95 (1992)

    Article  Google Scholar 

  37. V. Grover, M.J. Cheon, J.T.C. Teng, The effect of service quality and partnership on the outsourcing of information systems functions. J. Manag. Inf. Syst. 12(4), 89–116 (1996)

    Google Scholar 

  38. R.C. Mayer, J.H. Davis, F.D. Schoorman, An integrative model of organizational trust. Acad. Manag. Rev. 20(3), 709–734 (1995)

    Google Scholar 

  39. B.W. Boehm, A spiral model of software development and enhancement. IEEE Comput. 21(5), 61–72 (1988)

    Article  Google Scholar 

  40. G.B. Davis, Strategies for information requirements determination. IBM Syst. J. 21(1), 4–30 (1982)

    Article  Google Scholar 

  41. S. Ang, D. Straub, Production and transaction economies and IS outsourcing: a study of the US banking industry. MIS Q. 22(4), 535–552 (1998)

    Article  Google Scholar 

  42. S. Ganesan, Determinants of long-term orientation in buyer-seller relationships. J. Mark. 58(2), 1–19 (1994)

    Article  Google Scholar 

  43. L.G. Zucker, Production of trust: institutional sources of economic structure, 1840–1920. Res. Organ. Behav. 8, 53–111 (1986)

    Google Scholar 

  44. R. Zmud, Management of large software development efforts. MIS Q. 4(2), 45–55 (1980)

    Article  Google Scholar 

  45. G.A. Akerlof, The market for “lemons”: quality uncertainty and the market mechanism. Q. J. Econ. 84(3), 488–500 (1970)

    Article  Google Scholar 

  46. J. March, H. Simon, Organizations (Wiley, New York, 1958)

    Google Scholar 

  47. D. Kahneman, A. Tversky, Prospect theory: an analysis of decision under risk. Econom., J. Econom. Soc. 47(2), 263–291 (1979)

    MATH  Google Scholar 

  48. U. Beck, Risk Society: Towards a New Modernity (Sage, Frankfurt am Main, 1992)

    Google Scholar 

  49. P. Artzner et al., Coherent measures of risk. Math. Finance 9(3), 203–228 (1999)

    Article  MATH  MathSciNet  Google Scholar 

  50. W.F. Sharpe, Capital asset prices: a theory of market equilibrium under conditions of risk. J. Finance 19(3), 425–442 (1964)

    MathSciNet  Google Scholar 

  51. P. Slovic, Perception of risk. Science 236(4799), 280 (1987)

    Article  Google Scholar 

  52. D.B. Parker, Risks of risk-based security. Commun. ACM 50(3), 120 (2007)

    Article  Google Scholar 

  53. R.J. Kauffman, R. Sougstad, Risk management of contract portfolios in IT services: the profit-at-risk approach. J. Manag. Inf. Syst. 25(1), 17–48 (2008)

    Article  Google Scholar 

  54. P. Jorion, Value at Risk: The New Benchmark for Managing Financial Risk, vol. 2 (McGraw-Hill, New York, 2007)

    Google Scholar 

  55. M. Sutter et al., Calculating the conditional value at risk in IS projects: towards a single measure of project risk, in 19th European Conference on Information Systems (ECIS), Helsinki, Finland (2011)

    Google Scholar 

  56. M. Douglas, Risk and Blame: Essays in Cultural Theory (Routledge, New York, 2002)

    Google Scholar 

  57. M. Zuckerman, Sensation Seeking and Risk (American Psychological Association, Washington, 2007)

    Book  Google Scholar 

  58. U. Beck, World Risk Society (Polity Press, Cambridge, 1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Chair for Information Systems, Department of Informatics, Technische Universität München, Boltzmannstr. 3, 85748, Garching bei München, Germany

    Michael Schermann, Manuel Wiesche, Stefan Hoermann & Helmut Krcmar

Authors
  1. Michael Schermann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manuel Wiesche
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stefan Hoermann
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Helmut Krcmar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michael Schermann .

Editor information

Editors and Affiliations

  1. Department of Mathematics, Munich University of Technology, Munich, Germany

    Claudia Klüppelberg

  2. Faculty of Civil, Geo and Environmental Engineering, Munich University of Technology, Munich, Germany

    Daniel Straub

  3. TUM School of Management, Munich University of Technology, Munich, Germany

    Isabell M. Welpe

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Schermann, M., Wiesche, M., Hoermann, S., Krcmar, H. (2014). Information Technology Risks: An Interdisciplinary Challenge. In: Klüppelberg, C., Straub, D., Welpe, I. (eds) Risk - A Multidisciplinary Introduction. Springer, Cham. https://doi.org/10.1007/978-3-319-04486-6_14

Download citation

Publish with us

Policies and ethics

Search

Navigation