Suzanne Rivard

Toward an assessment of software development risk

Despite the introduction and use of a wide variety of system development methods and tools, software projects are still plagued by time and cost overruns, and unmet user requirements. To avoid these problems, it is frequently recommended that the risk associated with a software project be managed. A task that is critical to the proper management of software development risk is the assessment of the risks facing the project. Based on previous research, this paper proposes a definition and a measure of software development risk. Subsequently, data collected in a survey of 120 projects is used to assess the reliability and validity of the instrument.

An Integrative Contingency Model of Software Project Risk Management

Drawing both from the IS literature on software project risk management and the contingency research in Organization Theory literature, the present study develops an integrative contingency model of software project risk management. Adopting a profile deviation perspective of fit, the outcome of a software development project (Performance) is hypothesized to be influenced by the fit between the projects risk (Risk Exposure) and how project risk is managed (Risk Management Profile). The research model was tested with longitudinal data obtained from project leaders and key users of 75 software projects. The results support the contingency model proposed and suggest that in order to increase project performance a projects risk management profile needs to vary according to the projects risk exposure. Specifically, high-risk projects were found to call for high information processing capacity approaches in their management. However, the most appropriate management approach was found to depend on the performance criterion used. When meeting project budgets was the performance criterion, successful high-risk projects had high levels of internal integration, as well as high levels of formal planning. When system quality was the performance criterion, successful high-risk projects had high levels of user participation.

Factors of success for end-user computing

A two-phase study concerned with the factors of success associated with the development of computer applications by end users was conducted in 10 large organizations. During the first phase, in-depth interviews were used to refine a preliminary model of the factors of success for user development of computer applications (UDA). In the second phase, a questionnaire was administered to 272 end users experienced in developing applications. Statistical tests of the relationships in the model indicated that all but one of the derived hypotheses were substantiated. The result of this study is a field-verified model of the factors of success of UDA that provides a basis for implementation of UDA practices and policies in organizations, as well as for further research in end-user computing.

A transaction cost model of IT outsourcing

This paper proposes and tests an explanatory model of information technology (IT) outsourcing behavior. Relying on transaction costs and incomplete contracts theories, the model hypothesizes that characteristics of IT operation activities--asset specificity, uncertainty, business skills, and technical skills required to perform the activities--will influence the level of their outsourcing. The model was tested using data from a survey of 335 firms. Results indicate that uncertainty is the major deterrent to outsourcing, while the level of technical skills is the most important reason to outsource. Business skills do not seem to play a significant role. Finally, asset specificity, which is always presented as a constraint to outsourcing, showed inconsistent effects.

A transaction cost approach to outsourcing behavior: some empirical evidence

Abstract Outsourcing of information services is a fast growing trend and is receiving much attention in the IS community. This paper presents the results of a study of the outsourcing behavior of ten large organizations. The analysis used the transaction cost framework to explain outsourcing behavior at two different levels. At the first level of analysis, the role of asset specificity, measurement problem, and frequency in explaining the choice of the outsourced activities is investigated. The second level of analysis focuses on the influence of asset specificity and measurement problem on the terms and on the management of the contract between a firm and its outsourcer. The results presented here support the basic principles of transaction cost and incomplete contract theories.

The information technology outsourcing risk: a transaction cost and agency theory-based perspective

Many firms have adopted outsourcing in recent years as a means of governing their information technology (IT) operations. While outsourcing is associated with significant benefits, it can also be a risky endeavour. This paper proposes a scenario-based conceptualization of the IT outsourcing risk, wherein risk is defined as a quadruplet comprising a scenario, the likelihood of that scenario, its consequences and the risk mitigation mechanisms that can attenuate or help avoid the occurrence of a scenario. This definition draws on and extends a risk assessment framework that is widely used in engineering. The proposed conceptualization of risk is then applied to the specific context of IT outsourcing using previous research on IT outsourcing as well as transaction cost and agency theory as a point of departure.

Assessing the risk of IT outsourcing

Outsourcing decisions and contractual arrangements of the type required by an IT outsourcing deal entail risks. This is not to say that outsourcing is bad in itself. It only means that, as in other risky business ventures, such as new product development, capital investments and IS projects, risk assessment and risk management are important contributors to the success of an IT outsourcing venture. This paper focuses on risk assessment. After providing a brief conceptual definition of risk, the paper reviews the empirical literature in order to identify the main undesirable outcomes that may result from an IT outsourcing deal. It then uses transaction cost and agency theory as a primary theoretical basis, and proposes a framework for categorizing risk factors which have been identified in the literature. Finally, the paper discusses the dynamics of risk by examining how the various risk factors are linked to the undesirable outcomes.

A Keyword Classification Scheme for IS Research Literature: An Update

In June 1988 MIS Quarterly published a classification scheme of IS keywords. The development of this scheme was intended to provide a description of the discipline, introduce a common language, and enable research of the fields development. The scheme has been recently updated in order to incorporate the new research topics and methods, hence better reflecting the evolution of the IS discipline.

Positioning the institutional perspective in information systems research

In recent years, a number of studies have adopted institutional theory as a perspective for examining Information Systems (IS)/Information Technology (IT)-related phenomena such as IT innovation, IS development and implementation, and IT adoption and use. The objective of this paper is to take stock of how institutional theory is being used in IS research. To this end, it first proposes a conceptual framework to encapsulate the main concepts of institutional theory. Second, it synthesizes the findings of 53 articles that adopted an institutional perspective to study IS/IT phenomena. Finally, it identifies conceptual and methodological issues that researchers need to address when adopting an institutional perspective.

A framework for information technology outsourcing risk management

This paper takes stock from several studies on Information Technology outsourcing risk. A definition of risk is offered, and an illustration from five case studies is used to show how risk can be managed. Results show that an active risk management approach can reduce risk exposure substantially while enabling the organizations to still reap the benefits associated with outsourcing.