A MULTI-CRITERIAL DECISION SUPPORT SYSTEM FOR IT PROJECTS RISK MANAGEMENT

8/21/2019 A MULTI-CRITERIAL DECISION SUPPORT SYSTEM FOR IT PROJECTS RISK MANAGEMENT

1/6

Proceedings of the IE 2013 International Conference

www.conferenceie.ase.ro

425

A MULTI-CRITERIAL DECISION SUPPORT SYSTEM FOR IT

PROJECTS RISK MANAGEMENT

Claudiu BRANDAS

West University of [email protected]

Otniel DIDRAGA

West University of Timisoara

[email protected]

Abstract. IT projects are exposed to various risk factors that have a significant impact on

project deliverables and outcome of the project. Risk manifestation occurs throughout the

cycle of design, development and maintenance of the IT project. Most times these risks may

negatively affect the financial stability of the projects, the schedule and quality of the

implementation of the project requirements. Theory and practice of IT project management

classifies risks into several criteria such as: users, project requirements, project complexity,

project planning and control, team, and organizational environment in which the project

takes place. To ensure effective risk management of IT projects, project managers need to

formalize the identification and monitoring of the risk factors. Thus, we considered

appropriate to develop a tool to provide support for IT managers in project risk management.

Through this support tool, IT managers can make decisions in real time regarding the

occurrence and manifestation of risk factors so that the risk impact would be minimized by

appropriate control measures. In this paper we present a multi-criteria Decision Support

System to assist project managers in IT project risk management in the planning and

execution phases of projects.

Keywords: Risks, Project Management, IT Projects, Decision Support Systems, Risk

Management

JEL classification:M15, L86, D81

1. Introduction

IT projects are complex structures of organized activities and resources (human, material,

financial and informational resources), based on the methodologies and frameworks for the

development and implementation of Information Systems. The diversity and complexity ofusing these resources in an IT project results in the manifestation of risk factors [1], [2].

These factors significantly influence the planning, execution and completion of IT projects.

In this context, IT projects require rigorous managers capable to perform efficient risk

management. In theory and practice of IT project management, risks are discussed from two

perspectives: risk identification and analysis of the relationship between threats and risks.

Risks are classified into several categories (criteria) depending on the factors and risks

generating areas: user, project requirements, project complexity, project planning and control,

team and organizational environment in which the project takes place.

According to an empirical study conducted by Wallace in 2004, there are 6 dimensions of

risks in software projects [3]: user risks, project requirements risks, project complexity risks,

project planning and control risks, team risks and organizational environment risks.


2/6



426

According to Huang and Han [4], project managers can adopt attitudes, skills and practices

regarding the risk areas identified in real time within an IT project.

To ensure an effective risk management in IT project, it is necessary to formalize the

recording and monitoring of the risk factors.

In existing literature, there are two points of view regarding risk management. The first one[5], [6], [7] believes it is necessary for the project managers to use a framework in a form of a

risk checklist. The other [8], [9], states that it is necessary for the project managers to create

certain patterns for software risks that are affected by the project characteristics in order to

develop appropriate risk management strategies.

Considering the six dimensions of the risk, the decision is multi-criterial for IT project

managers. In this context, we consider appropriate to apply a multi-criteria decision analysis

to assist IT managers for the selection of the best alternative in IT project risk management.

For an effective risk management we considered appropriate to develop a tool to provide

support for IT managers in project risk management. The tool assists managers in making

real time decisions regarding the occurrence and manifestation of risk factors so that their

impact would be minimized by appropriate control measures.In this paper we present a multi-criterial Decision Support System to assist project managers

in IT project risk management in the planning and execution phases of projects.

The system is based on the risk dimensions identified by Wallace [1] and Huang [2]. These

dimensions are considered as decision criteria in the risk areas of IT projects.

2. Research Methodology

Research problems

We propose a multi-criterial Decision Support System to assist project managers in IT project

risk management in the planning and execution phases of projects.

Research designThe research is quantitative based on experimental development, testing and validating the

proposed prototype.

Risk modeling was performed on six criteria with a qualitative approach based on the scoring

method and Risk Breakdown Matrix (RBM). Risk assessment for each dimension was

achieved by summing up the values of the risks elements of each risk dimension (1).

Quantifying the risk elements of each dimension was achieved by the multiplying the

probability of the risks and their potential impact (2). Risk values for each dimension

(criterion) were associated with a set of alternatives that managers can follow (3). The

probability of occurrence level and the impact level were quantified on a scale from 1 to 3

(4).

= , (1)

Ri Risk value for the i;

Ri,j Risk value for the j element of the i dimension;

= , , (2)

Pj,k k risks probability of occurrence for the j element;

Pj,k k risks potential impact for the j element;


3/6

Proceedi

Aj,k k alternative for the ri

{Low,

The sample consists of five

(ERP) implementation.

The system was developed

technologies, and distributed

3. Results and Discussions

Next, we describe the system

an IT project. The obtained sy

Defining the questi Defining the risk as

Defining the rules f

Interface to answer

activities: planning

The report generato

Figure

In figure 1, we present the ris

side, there is important inf

manager, client and industry)

risks, project complexity r

organizational environment rapplicable or not in the pla

gs of the IE 2013 International Conference


427

{ Ri}{Ai,k} (3)

sk of the i dimension;

Medium, High} {1, 2, 3} (4)

rojects of software development and three

using Yii framework [10] based on

n the Apache Web Server.

functions and the results obtained by process

stem has the following functions:

nnaires base for assessing risks in the six di sessment model.

or analysis and interpretation of risk values.

the questionnaire (Figure 1 and Figure 2) f

and execution.

r.

1. Risk estimation form - project planning phase

k estimation form for the project planning p

rmation about the project (project ID, p

. The risks are listed by their category: user

isks, planning and control risks, projec

isks. The first estimation column refers toning phase. The second column refers to

rojects of software

HP and MySQL

ing data entered on

ensions.

or the two types of

hase. On the upper

oject title, project

risks, requirements

t team risks and

whether the risk isthe probability of


4/6

Proceedi

occurrence of the certain ri

manifestation of the risk.

In figure 2, we present the ri

similar to the previous one

applicability, risk probabilityIn figure 3, we present the pr

in the risk estimation for the

Figure

In figure 4, we present the ri

values in the project risk mat

risk is the highest in the plann

requirements is higher.

gs of the IE 2013 International Conference


428

sk. The third column refers to the impa

k estimation form for the project execution

and it also has three columns for risk val

of occurrence and risk impact.ject risk matrix report. The report sums up

lanning and execution phase.

. Risk estimation form - project execution phase

Figure 3. Project risk matrix report

sk value graph for the current project. It is

rix report. We observe that the value of the

ing phase, while in the execution phase, the

ct of the possible

phase. The form is

ue estimation: risk

he values recorded

correlated with the

project complexity

value of the project


5/6



429

Figure 4. Risk value graph

Depending on the outcome of the risk assessment on the six dimensions, IT project managers

can take action to minimize the impact of risks on project elements. The generated reports

regarding the magnitude of the risk on the six criteria provide a set of alternatives to

managers for decision making and necessary actions to ensure IT project success.

4. Conclusions

IT project risk management is an area of great interest in current research. The number of IT

projects has grown exponentially in recent years. In the same time, the risks associated with

these projects have had a significant impact on their success. Through our research, we have

shown that the risk management approach is multi-criterial in IT project management. We

also emphasized the need for a tool to assist IT managers in risk management in the planning

and execution stages. We focused on these steps in order to be proactive and preventive, but

also, reactive in choosing the risk management strategy. Thus, the impact of risk is identified

in the early stages of the development projects, and managers can react quickly andefficiently. The most important result of this research is the development of a multi-criteria

DSS to assist IT managers in risk management in the planning and execution phases of IT

projects.

Through this work we have added valuable results in the practice and theory of risk

management in IT projects.

As future research directions we intend to integrate the analysis and centralized monitoring of

project risk groups according to managers, industry and customer. We will also redesign the

system based on an ontological approach of risk in IT projects.

References

[1] C. Brandas, O. Didraga and N. Bibu, Study on Risk Approaches in Software

Development Projects, Informatica EconomicJournal, vol. 16, no. 3, pp. 148-157, 2012.

[2] O. Didraga, IT Project Risk Management Tools and Techniques Applied in Romanian IT

Companies, Journal of Applied Business Information Systems, vol. 2, no. 3, pp. 51-58,

2012.

[3] L. Wallace, M. Keil and A. Rai, Understanding software project risk: a cluster analysis,

Information & Management, vol. 42, no. 1, pp. 115125, 2004.


6/6



430

[4] S.-J. Huang and W.-M. Han, Exploring the relationship between software project

duration and risk exposure: A cluster analysis, Information & Management vol. 45, no.1,

pp. 175182, 2008.

[5] T. Addison, E-commerce project development risks: Evidence from a Delphi survey,International Journal of Information Management, vol. 23, no. 1, pp. 2540, 2003.

[6] D. Aloini et al., Risk management in ERP project introduction: review of the literature,

Information & Management, vol. 44, no. 6, pp. 547567, 2007.

[7] M. Keil, et al., A framework for identifying software project risks, Communications of

the ACM, vol. 41, no. 11, pp. 7683, 1998.

[8] J.J. Jiang and G. Klein, Software development risks to project effectiveness, The

Journal of Systems and Software, vol. 52, no. 1, pp. 310, 2000.

[9] S.R. Nidumolu, Standardization, requirements uncertainty and software project

performance, Information & Management, vol. 31, no. 3, pp. 135150, 1996.

[10] ***, Yii Framework, http://www.yiiframework.com/

Documents

A MULTI-CRITERIAL DECISION SUPPORT SYSTEM FOR IT PROJECTS RISK MANAGEMENT