Identifying Software Project Risks: An International Delphi Study

Advocates of software risk management claim that by identifying and analyzing threats to success (i.e., risks) action can be taken to reduce the chance of failure of a project. The first step in the risk management process is to identify the risk itself, so that appropriate countermeasures can be taken. One problem in this task, however, is that no validated lists are available to help the project manager understand the nature and types of risks typically faced in a software project. This paper represents a first step toward alleviating this problem by developing an authoritative list of common risk factors. We deploy a rigorous data collection method called a "ranking-type" Delphi survey to produce a rank-order list of risk factors. This data collection method is designed to elicit and organize opinions of a panel of experts through iterative, controlled feedback. Three simultaneous surveys were conducted in three different settings: Hong Kong, Finland, and the United States. This was done to broaden our view of the types of risks, rather than relying on the view of a single culture-an aspect that has been ignored in past risk management research. In forming the three panels, we recruited experienced project managers in each country. The paper presents the obtained risk factor list, compares it with other published risk factor lists for completeness and variation, and analyzes common features and differences in risk factor rankings in the three countries. We conclude by discussing implications of our findings for both research and improving risk management practice.

[1]  Helga Drummond,et al.  The politics of risk: trials and tribulations of the Taurus project , 1996, J. Inf. Technol..

[2]  G. Hofstede,et al.  Culture′s Consequences: International Differences in Work-Related Values , 1980 .

[3]  R. Zmud INDIVIDUAL DIFFERENCES AND MIS SUCCESS: A REVIEW OF THE EMPIRICAL LITERATURE* , 1979 .

[4]  Barry W. Boehm,et al.  Theory-W Software Project Management: Principles and Examples , 1989, IEEE Trans. Software Eng..

[5]  Peter G. W. Keen,et al.  Decision support systems : an organizational perspective , 1978 .

[6]  T. Moynihan,et al.  How Experienced Project Managers Assess Risk , 1997, IEEE Softw..

[7]  Chris Sauer,et al.  Understanding Support - lessons from a case study , 1993, Australas. J. Inf. Syst..

[8]  Marjolein van Offenbeek,et al.  Scenarios for system development: Matching context and strategy , 1996, Behav. Inf. Technol..

[9]  Robert N. Charette,et al.  Software Engineering Risk Analysis and Management , 1989 .

[10]  Sarma R. Nidumolu The Effect of Coordination and Uncertainty on Software Project Performance: Residual Performance Risk as an Intervening Variable , 1995, Inf. Syst. Res..

[11]  Watts S. Humphrey,et al.  Managing the software process , 1989, The SEI series in software engineering.

[12]  S. Siegel,et al.  Nonparametric Statistics for the Behavioral Sciences , 2022, The SAGE Encyclopedia of Research Design.

[13]  Kalle Lyytinen,et al.  A framework for identifying software project risks , 1998, CACM.

[14]  F. W. McFarlan,et al.  Portfolio approach to information systems , 1989 .

[15]  B. Boehm Software risk management: principles and practices , 1991, IEEE Software.

[16]  G. Hofstede,et al.  Cultures and Organizations: Software of the Mind , 1991 .

[17]  Roy C. Schmidt,et al.  MANAGING DELPHI SURVEYS USING NONPARAMETRIC STATISTICAL TECHNIQUES , 1997 .

[18]  W. Wayt Gibbs,et al.  Software's Chronic Crisis , 1994 .

[19]  Dale Karolak,et al.  Software engineering risk management , 1995 .

[20]  Rob J. Kusters,et al.  Dealing with Risk: A Practical Approach , 1996 .

[21]  Suzanne Rivard,et al.  Toward an Assessment of Software Development Risk , 1993, J. Manag. Inf. Syst..

[22]  T. H. Kwon,et al.  Unifying the fragmented models of information systems implementation , 1987 .

[23]  Peter G. W. Keen Every Manager's Guide to Information Technology: A Glossary of Key Terms and Concepts for Today's Business Leader , 1991 .

[24]  Michiel van Genuchten,et al.  Why is Software Late? An Empirical Study of Reasons For Delay in Software Development , 1991, IEEE Trans. Software Eng..

[25]  J. March,et al.  Managerial perspectives on risk and risk taking , 1987 .

[26]  Henry C. Lucas,et al.  Implementation: The Key to Successful Information Systems , 1981 .

[27]  Rob J. Kusters,et al.  Dealing with risk: a practical approach , 1996, J. Inf. Technol..

[28]  Mark Keil,et al.  Pulling the Plug: Software Project Management and the Problem of Project Escalation , 1995, MIS Q..

[29]  Gordon B. Davis,et al.  Strategies for Information Requirements Determination , 1982, IBM Syst. J..

[30]  Kalle Lyytinen,et al.  Information systems failures—a survey and classification of the empirical literature , 1988 .

[31]  Kalle Lyytinen,et al.  Attention Shaping and Software Risk - A Categorical Analysis of Four Classical Risk Management Approaches , 1998, Inf. Syst. Res..