Building IT Risk Management Approaches: An Action Research Method

Building IT Risk Management Approaches: An Action Research Method

Jakob Holden Iversen (University of Wisconsin Oshkosh, USA), Lars Mathiassen (Georgia State University, USA) and Peter Axel Nielsen (Aalborg University, Denmark)
DOI: 10.4018/978-1-60566-092-9.ch006
OnDemand PDF Download:
No Current Special Offers


This chapter shows how action research can help practitioners develop IT risk management approaches that are tailored to their organization and the specific issues they face. Based on literature and practical experience, the authors present a method for developing risk management approaches to use in real-world innovation projects. The chapter illustrates the method by presenting the results of developing a risk management approach for software process improvement projects in a software organization.
Chapter Preview

Risk Management Literature

A number of different approaches to IT risk management have been proposed. In this section, we provide an overview and categorization of the different approaches (risk list, risk-action list, risk-strategy model, risk-strategy analysis). We offer, in this way, a framework to help select an appropriate risk approach suited to particular organizational contexts and needs. An overview of the framework is shown in Figure 1.

Figure 1.

Table showing four types of approaches to IT risk management


Complete Chapter List

Search this Book: