Under the system of e-commerce, organisations leave themselves open to attack which can have catastrophic consequences. Recent well-publicised business disruptions to firms such as Northwest Airlines and Ebay have had significant business impacts. The chapter identifies the differences in risk management approaches for older information technology systems and those required for e-commerce. The benefits and the critical success factors for an e-commerce risk management methodology are identified and discussed. A literature survey revealed the existence of only two methodologies with potential suitability for e-commerce risk management. They are evaluated against the critical success factors. The chapter recommends a program of research to make risk management more dynamic and interactive particularly for the operational aspects of e-commerce.