Title: Reviewing the Past Research Papers on Risk Management
Abstract
Risk Management is nowadays the important research topic in the many critical business areas and industrial areas. Project teams do not achieve their projects goals of reducing cost and gaining much profit without assessing risks and managing risks. This term paper analyzes research papers done by many researches in the field of the Risk Management within 2000 and 2007 and describes the results of the analysis of those research papers. Our goal of this paper is to inference and to justify the trend of the Risk management in research areas and business areas. There are many topics in the Risk Management such as Risk Analysis, Risk Assessment, Risk Control and others. This paper’s analysis path is starting from the project risk identification and end with the risk control topic. This paper provides the results what the gaps between researches are. Furthermore, this paper learns briefly what the problems and trends before year 2000 are.
Introduction
This paper examines the results of the past research papers published from 2000 through 2007. We focus on Risk Management and their related topics. In addition, we also examine the trends of the Risk Management within this period. We analyze which topic had been researched most in a particular year and which methods were used in that year. This paper learns publications issued by year by year and group them in each year. In addition, we analyze the topics which are relating to the specified topic. We found trends of the research in a year while we were learning them. According to the past results came from publications, we can make sense of mind for future of the Risk Management. This paper examines the situation which can become in future according to the study.
Background
Many project managers and strategic management are concerning about risks in long term strategic basic. So, we need to learn the risks. Risk is the uncertainty in the life cycle of the project. In 2003, Webster’s New Explorer College Dictionary defines the risk as “the possibility of danger and sufferance of harm or injury”. Risk cannot be seen without any emphasize upon it. In addition, risks can also give hopes to the successful project. So, if risks which cannot be seen before could be found and assessed then the proposed project will be successful. But risks found and assessed can never be avoided. It can be reduced by using the some techniques or adjustments. Some risks can be ignored without any executing. Risk may terrify to some persons related to the project because if it could not be uncovered, the team may incompetent in managing the project. According to the problems, risk management was critical issue of the project management. Researchers were doing researches to reduce and manage the risks which can be encountered in a project. People in the business areas were also finding the ways how to ignore the encountered risks. Some are finding how to control the risks. In addition, they were finding what risks can violate the project management unless they did not control the risks encountered. A risk which encounters in a year is not the same as the problem in another year. Because of the nature of project which depends on the World’s business. As changing the nature of the business, the nature of the risks is becoming change. Furthermore, research area is also changing according to the nature of the risk. So, the research trend for a year may not same as the trend of another year. To learn the research trend turmoil, we need to learn publications issued from 2000 through 2007. The next section will explain the importance of our paper.
Situation of the paper
There are many researches for the project management. Past research (Timothy & Warrren, 2002) had done a research for the whole project management. It covered research published in English from 1960 through 1999. This paper covered within the period of 2000 and 2007 learned the topics of the risk management. We separated the research areas according to the Project Management Body of Knowledge (PMBOK). These are Risk Identification and Assessment, Risk Qualification, Risk Response Development and Risk Control.
Objectives of the paper
The objective of this paper is to learn the trend of the Risk Management in past research publication. We restricted the period to be learned for each topic. This paper is intended to learn that how the risks emerged during the project time, is handled using which tools and methods. This paper intended to find the gaps between researches in each year and whole period of year 2000 and 2007. The paper learned only risk management out of topics of project management for the period. So, the other topics can be learned like our paper. These are Communication, Cost, Procurement, Human Resource, Outsourcing, Integration, Quality, Scope and Time Management.
Literature review
In this era, many companies conduct a great portion of their jobs in project form. Traditionally projects were mainly found in the construction industry and sections of the military, but the competitiveness of the markets of today with fast-changing technology encourages almost all companies to adopt project management (Burke 2003). Project management is the application of knowledge, skill, tools and techniques to project activities to meet project requirement. Project management is accomplished through the use of the processes such as: initiating, planning, executing, controlling, and closing (PMBOK guide 2000). Because of global economical pressures, turbulence in the corporate environment and market forces leading to the increasing demands and tougher competition projects have to be implemented at lesser time, cost and with better functionalities. This causes growing demands on the management’s ability to forecast and react to unforeseeable events- risks. Risk is an abstract concept whose measurement is very difficult (Raftery, 1994). The Oxford Advanced Learner’s Dictionary – 5th Edition defines risk as “The possibility or chance of meeting danger, suffering loss or injury”. The British Standard BS 4778 defines risk as “A combination of the probability, or frequency, of occurrence of a defined hazard and the magnitude of the consequences of the occurrence”. Risk may be expressed in a mathematical form as follows: Risk = (Probability of the occurrence of a defined event) x (Consequences of the occurrence of that event) Therefore, risk management is nowadays a critical factor to successful project management.
Overview of Risk Management
Project risk management is the art and science of identifying, analyzing, and responding to risk throughout the life of a project and in the best interests of meeting project objectives. (Schwalbe, 2006) Risk management has been practiced informally by everyone, with or without conscious of it, since the dawn of time. Modern risk management, which had become a widely accepted management function during the period from 1955-1964 (Snider, 1991) has its roots in insurance to which it has been closely aligned for more than three centuries (Ibid). The story of risk management has not all been positive and supports the argument that it is currently ineffective at managing surprise. In the 1960’s project management was under heavy criticism for project failures due to technical uncertainty, contact strategy, community opposition and project environmental impacts (Morris, 1997). A project manager may still today argue that the last two are external project factors and outside the immediate project environment under their control (Ibid) and it may be often assumed that these will be passed up the line to higher management levels (Chapman & Ward, 1997). The main objectives of risk management include (Yee et al., 2001):
To enable decision-making to be more systematic and less subjective.
To provide an improved understanding of the risks facing a project by identifying risks and response scenarios.
To assist in deciding which risks require urgent attention and which can be addressed later.
To force management to realize that there are many possible outcomes for a project, and appropriate measures should be planned for any adverse consequences.
Flanagan and Norman (1993) proposed a risk management framework as shown in Fig.3.1 which depicts the elements of the risk management system – risk identification, risk classification, risk analysis, risk attitude and risk response. Risk Identification Risk Classification Risk Analysis Risk Response Risk Attitude Figure 2.1 Risk management Framework (Source: Flanagan & Norman, 1993) According to (PMBOK, PMI 2000) and (Schwalbe 2006), Project Risk Management has following processes
Risk Management Planning
Risk Identification
Qualitative Risk Analysis
Quantitative Risk Analysis
Risk Response Planning
Risk Monitoring and Control
The following Fig.3.2 depicts how risk management processes involved in each of the project management process
Initiation
Planning
Executing
Controlling
Closing
Risk Identification
Risk Identification
Risk Response Control
Risk Quantification
Risk Response Development
Fig 2.2 Risk Management Processes in each Project Management Process (Source: Dan Brandon, 2006) Risk management will not eradicate all the risks. It will enable decision to be made explicitly which will reduce the potential effect of certain risks. It will also assist in rational, defensible decisions regarding the allocation of risk among the parties to the project. Risk analysis is not a substitute for professional judgments and experience. On the other hand, it helps professionals to make use of the full extent of their experience and knowledge by liberating them from the necessity of making simplifying assumptions in order to produce deterministic plans and forecasts. Risk analysis is supplement to, not a substitute for professional judgments.
Recent Approaches to Risk Management
Project risk management is a topic of major current interest. It is being actively addressed by many government agencies and most of the professional project management associations around the world, and many relevant standards are extant or being developed. Some examples from the many approaches in use include: (Cooper D., Grey S., Raymond G., Walker P., 2005)
• Project Management Institute (PMI), USA (2003), Project Management Body of Knowledge, Chapter 11 on risk management;
• Association for Project Management, UK (1997), PRAM Guide;
• AS/NZS 4360 (2004), Risk Management, Standards Association of Australia;
• Office of Government Commerce (OGC), UK (2002), Management of Risk; and
• Treasury Board of Canada (2001), Integrated Risk Management Framework
We fill the research gap in risk management field from year 2000 to 2007.
Methodology
We conduct a quantitative bibliographic study on pass papers published from year 2000 to 2007. We collected papers and journals from electronic databases– ACM, IEEE and ProQuest. Our objective of this paper is to find the current research trend on Risk Management by analyzing and categorizing those research papers.
Project Risk Management Research
It is the process of finding what current researchers are emphasizing in. It includes defining the current works on project management, particularly on Risk Management articles and papers. Then make generalized conclusion based on collected and analyzed works. This conclusion or judgment is made based on project risk management processes– risk management planning, risk identification, qualitative risk analysis, quantitative risk analysis, risk response planning, risk monitoring and control (PMBOK 2000, Schwalbe 2006).
Sources of data
We collected articles and papers published in years 2000 to 2007 from these databases which are known to be rich information about project management.
ACM Digital Library
ACM digital library includes magazines, journals, transactions, publications by affiliated Organizations, SIG news letters, Conference Proceeding Series. ACM digital library provides service for individual, universities, libraries and corporations. We find that risk management is one of the research fields in many businesses and industries. ACM includes diversity of business and industrial processes which enables us to inference the future trend in different fields.
IEEE Explore
To support our conclusion and get strong analytical results, we also collect articles and papers from IEEE explore which has more technical articles and papers than ACM digital library. It includes 1,682,970 online documents to be referenced.
ProQuest
Another supporting database which we extracted articles and papers is ProQuest. That includes ABI/INFORM databases, dissertation and theses, etc. Data analysis from that database will be icy on our research cake
Data selection from the databases
We conduct full text search in above databases using author, title, keywords based on year. Then tasks are separated among us based on years and combined later. Papers and articles are found based on the following criteria: Keywords: Risk Management, Risk Identification, Risk Analysis, Risk Transfer, Risk Control, Risk Response Years: 2000 to 2007
Output format and research data representation
Output format will be as the following:
Researchers
Title
Database
Risk Category
Year
Business Category
Sub Category
Method
The papers and articles are attached in the appendix B. We classified each paper into specific risk management processes (PMBOK 2000, Schwalbe 2006). We also analyzed which business category that each paper falls into and which specific method do they use in conducting the specified risk management Process. To get the consistent taxonomy in risk management, we identified the papers and articles into the categories guided by (PMBOK 2000, Schwalbe 2006). They are: Risk Management Planning: This is how businesses and industries plan and handle for risk. Risk Identification: This is how businesses and industries emphasize on identification of risk throughout their organizational processes. Risk Analysis: This involves how organizations conduct quantitative and qualitative risk analysis based on sampling and probability/impact matrixes. Risk Response Planning: This shows how organizations develop risk response strategies like how to avoid, how to have tolerance, how to mitigate risk, how to transfer risk etc. Risk Monitoring and Control: This involves how organizations monitor the identified risks, new risks through out the execution of the projects. Business and industrial categories are identified as follow:
Construction
Education
Finance
Healthcare
Insurance
Information Technology
Disaster
E-commerce
E-banking
Internet Business
Information Security
Software development
Maritime
Marketing
Organizational Process
Pure General Research
Terrorism
We also found that information technology risk management plays a great role in modern businesses and industries because of wider usage of internet and web technologies. Our analyzed data will be represented in pie chart, bar chart and line chart by comparing different categories, different risk manage processes, different years etc.
Data Collection and Analysis
Data Collection
We used digital databases web site – ACM, IEEE and ProQuest for scholar paper and articles and the existing search engines – google and yahoo. But we are not unable to get some papers from the search engines. So, we used these to get only information which papers are located in which databases. Using information returned from the search engines, we search the desired papers in the databases. The following chart, Fig 1 shows the state of the materials found in the three sources – ACM, IEEE and ProQuest. Figure 1 Distribution of papers There are 113 papers found in those databases. We summarized the papers found in the three sources. We categorized by the papers by using PMBOK guide. We provided the Risk Analysis, Risk Assessment, Risk Control, Risk Response and Risk Identification. The following diagrams show the results. We learned that ACM database has more papers related to the risk management as in Fig 2. Other two databases have papers. But some papers are general for risk management. So, we discarded the papers and then we collected the more specified papers which are related to the above titles. We prepared the results with some charts as shown in below figures. Figure 2 Research papers found in ACM database by category Figure 3 Research papers found in IEEE database by category Figure 4 Research papers found in ProQuest database by category The above figures, Fig 2, Fig 3, Fig 4 show that the papers found in the ACM, IEEE, ProQuest database are shown by categories. Risk analysis is mostly conducted by majority of researchers. It was conducted mostly in year 2005 and 2006. Risk assessment and risk response research areas are fewer than other risk management process areas. Research for risk response is very rare, not fairly distributed and found in certain year.
Data Analysis
The trends of the risk analysis for the year 2000-2007 are shown in graph, Fig 5. We learned that IT project management was highest in recent 7 years. Figure 5 Trends in different business and industries within year 2000-2007
Information Technology
We learned that there are varieties of IT projects. We categorized it as follow.
Software Development
E-Banking
Disaster
Information Security
E-Commerce
Internet Business
When we categorized these topics, we found that some fields are ambiguous to group them. Some fields are software performance testing and fields emerged after the development phase. We grouped these fields were in the Software Development part. We grouped Networking security and other Internet security fields into the Information Security part. We formed a group for the Internet Banking as a E-Banking. In the Disaster group, we put the some disasters in the Disaster parts. These disasters sometime can be seen when processing some tasks in IT such as software error, hardware crash, and wrong information usages. We collected the potential security risks and group them into the Information Security group. Internet Business can be confused with E-Commerce and E-Banking. We intended the Internet Business to group the fields of the some businesses which are using Internet and make transactions via internet such as Online Registration. We found that Software Development risk analysis is most famous. In 2006, Software Development trend is the more than year 2005 and 2007. But year 2007 is not ended. So we can’t make any decision for that year. Figure 6 Risk management processes in different information technology fields Internet Business is the second thing to be learned. But Information security is down in 2006. Internet Business is coming up.
Construction
Construction group has the fields of which are architectural fields and construction works. We learned that in 2000 and 2001, there are some interests upon that field. In 2001, the construction field can be seen as a hottest field.
Education
We grouped the some fields in to Education group that fields are Education fields, learning methods in Education. The research related with the Education can be seen in the year 2004 only.
Finance
Finance group is wide. We formed the Finance group for some fields that are Cost Estimation, Accounting, Management Accounting and Banking. The finance is most famous in 2004. In the subsequence year, trend for the finance is running down to bottom.
Healthcare
We collected the data for the healthcare. But it is difficult to collect for the healthcare. We learned that in 2005, healthcare was appropriate level. But later, we cannot see it until 2007.
Marketing
In 2002 and 2005, marketing was in regular level. In 2003 and 2006, it was high up to 2. So, we learned that marketing was the regular level.
Organization
In the organization group, we combine the Oil Field, NASA, and some other organization-oriented fields. There are some researches for the organization in every year. There are some researches in the organization group within 2002 and 2006.
Terrorism
Terrorism was the new emerging fields after 9/11 problem. But later, we were not available for that field later years. This group is an exception for the risk management. But it is one thing to be considered later.
Maritime
Maritime was the individual fields. We did not combine any fields to that group. This category can be seen in only 2001.
Insurance
Insurance is the same as the Maritime. We learned that that group is only one field. We learned that the field was in the 2004 and 2005. But Insurance can become an interesting topic in future.
General
In General group, we combine other fields such as some theory approves and lecture views. Before conclusion section, we intended to present the findings as summary of data collection and analysis. Risk management is the sub-set of Project management. In academic field, risk management researches are becoming increasingly. According to our analysis, risk management researches related to Information Technology are highest topic of the research filed. But one of our exceptional cases is that we need to learn many research papers from many databases. We studied only three databases and 113 research papers. If we learned more papers, we can get more perfect result. In this paper, we categorized only 11 fields. It is general for the risk management. To get the better result, we also need to categorize the exact fields out of many fields. We can also categorize the risk management fields more according to the PMBOK guide.
Conclusion and recommendation
Business organization and industries suffer from lost and harm because of poor handling in risk management. They have been enduring the agonizing outcomes of failure in the form of unusual delays in project completion, with cost surpassing the budgeted cost and sometimes failed to meet quality standards and functional requirements. Competition among rivals makes the companies to deliver projects in less time and cost with better functionality. Risk management is a predefined and structured approach for identifying and analyzing potential risks associated with a project so that effective risk treatment can be done at the lowest cost. It is not impossible to eliminate all risk and costly to overdo risk management, but it is also unwise to think of eliminating risk. There will be, sometimes, positive risks those will lead to profit if properly analyzed and identified. Our term paper provides an analysis on papers and articles and conduct bibliographic study by particular risk management process and business category. Risk management researches are mostly done in mission critical environments and risky projects. As internet booms, information security and e-business issues are associated with a lot of risks. We found that majority of research papers are related to information technology in last decade. Risk in credit portfolio management, supply chain, pricing and insurance fields are also researched as they are related to financial lost and harm. Though risk management can offer significant benefits to a project in order to reduce nasty surprises and identify and act upon opportunities, it is, however, not a ‘panacea’ for the problems and surprises which befall many projects and should not be seen as the ‘silver bullet of project management’ (Pavyer, 2004) as Murphy’s Law is the governing law of project management: if something can go wrong, will go wrong. As we collected from three databases, mainly from ACM, our result can be a little affected by other finding and papers. Results will be slightly different as we go though several databases. Even thought we titled to 2007, we believe that other findings and papers will come out during this year. But based on our analysis, some inferences and emerging trends can be seen.
Recommendations
As people and management are aware of the importance of risk management processes, it would be more affective and appropriate to put more emphasis on formal and or informal education and training to further enhance their awareness of risk management. Formal education could be graduate studies in financial project management, software project management and construction project management etc. Informal education and training could be in the form of career development programs or workshops within organization or organized by academic institutions or professional seminars. Each organization should have own risk management plan, risk response plan, and human risk factors plan. Risk management team should be formed according to project manager’s guidelines and organizational goals. Project manager must aware of current risk management trends and technological trends for long term strategic planning. Researchers on risk management should cooperate and conduct on research areas which have been done less like autonomous agent systems, spacecraft systems, information security management.
Appendix A. Reference
Burke, R. (2003). “Product Management.” Biddles Ltd, Guildford. Brandon, D. (2006) “Project Management for Modern Information Systems” IRM Press Cooper D., Grey S., Raymond G., Walker P., (2005) Managing Risk in Large Projects and Complex Procurements. Chapman, R. J., and Ward, S. (1997). “Project Risk Management Processes, Techniques and Insights” John Wiley & Sons, Chichester, UK. Flanagan, R., and Norman, G. (1993). Risk Management and Construction, Blackwell, Oxford, UK. Pavyer, E. (2004). “Evaluating Project Risk.” Strategic Risk Management, Auguest 2004, 24-25 Project management institute (2000). “A Gide to Project Management Body of Knowledge” Project management institute, 6 Raftery, J. (1994). Risk Analysis in Project Management, E & FN SPON, London, UK. Snider, H. W. (1991). “Risk Management: A Retrospective View.” Risk Management April, 47-54 Schwalbe, K. (2006). “Information Technology Project Management.” Thomson Course Technology, 425 Yee, C. W., Chan, P., and Hu, G. (2001). Construction Insurance and Risk Management- A Practical Guide for Construction Professionals, The Singapore Contractors Association Ltd., Singapore.
Appendix B. List of papers
Researchers
Title
Database
Risk Category
Year
Business Category
Sub Category
Steven L. Cornford, Martin S. Feather,John C. Kelly, Timothy W. Larson, Burton Sigal,James D. Kiper
Design and Development Assessment
ACM
Risk Assessment
2000
IT
Mary Sumner
Enterprise Wide Information Management Systems Projects
RISK MANAGEMENT IN SUPPLY NETWORKS USING MONTE-CARLO SIMULATION
ACM
Risk Analysis
2005
Organization
Supply Chain
Douglas A. Bodner, William B. Rouse, Michael J. Pennock
USING SIMULATION TO ANALYZE R&D VALUE CREATION
ACM
Risk Analysis
2005
Organization
R & D
Ye Yang,Barry Boehm,Betsy Clark
Assessing COTS Integration Risk Using Cost Estimation Inputs
ACM
Risk Analysis
2006
Finance
Vadim Lesnevski, Barry L. Nelson, Jeremy Staum
AN ADAPTIVE PROCEDURE FOR ESTIMATING COHERENT RISK MEASURES BASED ON GENERALIZED SCENARIOS
IEEE
Risk Analysis
2006
Finance
Michael Gordy,Sandeep Juneja
EFFICIENT SIMULATION FOR RISK MEASUREMENT IN PORTFOLIO OF CDOS
IEEE
Risk Analysis
2006
Finance
Dalton F. Andrade,Pedro A. Barbetta,Paulo J. de Freitas Filho,Ney A. de Mello Zunino
USING COPULAS IN RISK ANALYSIS
IEEE
Risk Analysis
2006
General
Jamie L. Smith Shawn A. Bohner D. Scott McCrickard
Project Management for the 21st Century: Supporting Collaborative Design through Risk Analysis
ACM
Risk Analysis
2005
IT
Software Development
Peter Hearty,Norman Fenton and Martin Neil,Patrick Cates
Automated Population of Causal Models for Improved Software Risk Assessment
ACM
Risk Assessment
2005
IT
Software Development
John Burton,Fergal Mc Caffery,Ita Richardson
A Risk Management Capability Model for use in Medical Device Companies
ACM
Risk Analysis
2006
IT
Software Development
Blair Taylor,Shiva Azadegan
Threading Secure Coding Principles and Risk Analysis into the Undergraduate Computer Science and Information Systems Curriculum
ACM
Risk Identification, Risk Response
2006
IT
Software Development
Hazel Taylor
CRITICAL RISKS IN OUTSOURCED IT PROJECTS:THE INTRACTABLE AND THE UNFORESEEN
ACM
Risk Control
2006
IT
Software Development
Robert J. Walker, Reid Holmes, Ian Hedgeland, Puneet Kapur, Andrew Smith
A Lightweight Approach to Technical Risk Estimation via Probabilistic Impact Analysis
ACM
Risk Analysis
2006
IT
Software Development
John C. Beachboard,Alma Cole,Mike Mellor, Steven Hernandez,Kregg Aytes,Nelson Massad
A Tentative Proposal: Improving Information Assurance Risk Analysis Models for Small- and Medium-Sized Enterprises Through Adoption of an Open Development
ACM
Risk Analysis
2006
IT
Software Development
Paul Luo Li, James Herbsleb, Mary Shaw,Brian Robinson
Experiences and Results from Initiating Field Defect Prediction and Product Test Prioritization Efforts at ABB Inc.
ACM
Risk Analysis
2006
IT
Software Development
Mingshu Li, Meng Huang, Fengdi Shu, and Juan Li
A Risk-Driven Method for eXtreme Programming Release Planning
ACM
Risk Analysis
2006
IT
Software Development
Gang Zhao,Yakun Zhou,Pirooz Vakili
A NEW EFFICIENT SIMULATION STRATEGY FOR PRICING PATH-DEPENDENT OPTIONS
ACM
Risk Analysis
2006
Marketing
Achal Bassamboo,Sachin Jain
EFFICIENT IMPORTANCE SAMPLING FOR REDUCED FORM MODELS IN CREDIT RISK
IEEE
Risk Analysis
2006
Marketing
Matthias Heindl, Stefan Biffl
Risk Management with Enhanced Tracing of Requirements Rationale in Highly Distributed Projects
ACM
Risk Identification
2006
Organization
Communication
wade h. baker, loren paul rees, and peter s. tippett
NECESSARY MEASURES metric-driven information security risk assessment and decision making
Switch or Struggle: Risk Assessment for Late Integration of COTS Components
IEEE
Risk Assessment
2007
General
Stephen P. Masticola
A Simple Estimate of the Cost of Software Project Failures and the Breakeven Effectiveness of Project Risk Management
IEEE
Risk Analysis
2007
IT
Software Development
Martin Höst, Christin Lindholm
Different Conceptions in Software Project Risk Assessment
ACM
Risk Assessment
2007
IT
Software Development
Did you like this example?
Cite this page
Risk Management Business | Information Systems Dissertations. (2017, Jun 26).
Retrieved November 21, 2024 , from https://studydriver.com/risk-management-business-information-systems-dissertations/
Save time with Studydriver!
Get in touch with our top writers for a non-plagiarized essays written to satisfy your needs
Get custom essay
//= get_calc_single_post(); ?>
Stuck on ideas? Struggling with a concept?
A professional writer will make a clear, mistake-free paper for you!
Get help with your assignment
Leave your email and we will send a sample to you.