What Is Meant by Risk

Before proceeding any further in this exploration it is necessary to discuss what is meant by risk in the context of this chapter. In the management domain, risk is defined as negative outcome and the size of the risk is the loss incurred if the outcome should occur. Positive outcomes are not seen as risk. Thus, in management terms, there are upside potential and downside risk. Furthermore, managers differentiate between risk-taking and gambling. Gambling is seen as accepting the odds — passive management — whereas risk-taking is seen as managing the odds to achieve a favorable outcome.[5] This chapter uses this management definition of risk, and all of the following discussions are framed by this definition.

That a risk may have a low probability of occurrence does not negate the need to manage it at some level. If an event occurs that causes the derailment of a project, that event is a risk prior to its occurrence. Such an event is frequently unforeseen — an unrecognized risk. Had it been foreseen, it would have been treated as a risk to be managed. An unforeseen risk is like an invisible "sword of Damocles" waiting to fall upon the unwary, hence the literature's emphasis on the identification of risk. Identifying the risk and then managing it does not make this sword go away, it merely postpones its falling, preferably forever. From this perspective, the purpose of managing a given risk is to defer indefinitely the occurrence of the undesired outcome. Thus, management of a risk is continuous.

For example, obtaining top management commitment to a project, a condition regarded as essential by many, even beyond IS project literature, may not be sufficient. The risk always exists that the project manager will lose that top management support for one reason or another. To manage this risk requires that the project manager work actively to maintain the support. The risk outcome is defined as occurring if the project manager loses that support. Once the project manager has reestablished top management support, the potential of losing it becomes a risk once again. This is but one risk of many to be managed.

In getting to the roots of IS project risk, new dimensions of risks are disclosed beyond those usually considered to be the responsibility of the project manager. These new dimensions also impinge upon the responsibilities of the investing executive. Although some project risks are under the control of the IS project manager, others are only partially, or not at all, under his or her control. If the investment is to be adequately protected and the expected outcomes achieved, management of these shared risks must be a joint responsibility of the investing manager, user management, and the IS management. Thus, even though the proposals in this chapter are derived from a study of IS project managers, the implications are as important to non-IS managers as they are to the IS community.

Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook

Post a comment