|Title:||A risk management methodology with risk dependencies|
|Subject:||Hong Kong Polytechnic University -- Dissertations|
Information technology -- Security measures
|Department:||Department of Computing|
|Pages:||xiii, 115 leaves : ill. ; 30 cm.|
|Abstract:||Due to the dynamic changes of business environments and the advancements of technologies, information technology (IT) projects are facing lots of challenges, and there is a need of applying systematic approaches to deal with the risks to ensure the project's success. A common characteristic of current risk management approaches is that they consider risks as independent events. In fact, risks are not always independent. As current practices do not clearly manage dependencies between risks, project managers may inappropriately estimate risks and thereby leave risk effectively unmanaged. We believe that explicitly identifying and managing risk dependencies would be important in both initial and ongoing risk analysis and prioritization, and help to develop better risk management strategies and make more effective risk planning decisions. This research formally models the risk dependency and proposes a management methodology to address risk dependencies. The essence of this effort is that we propose methods to re-estimate each identified risk by taking account of risk dependency effects, and we enhance a set of risk management practices to manage the re-estimated risk (named Posterior Risk). As the risk dependency effects can either increase (i.e. non-favorable effect) or reduce (i.e. favorable effect) the probabilities of those affected risks, we further propose a set of novel practices to evaluate, react, monitor and control the risk dependencies. In addition, we develop a set of metrics to measure the risk levels from both project and program perspectives with due considerations of the dependencies between risks. From the case studies of three IT projects, we confirm that risk dependencies do exist in projects and programs, and can be identified and systematically managed. We also observed that, as project teams needed to deal with risk dependency issues, communications between projects were improved, and there were synergetic effects in managing risks and risk dependencies among projects.|
|Rights:||All rights reserved|
As a bona fide Library user, I declare that:
- I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
- I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
- I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.
By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.
Please use this identifier to cite or link to this item: