Please use this identifier to cite or link to this item:
Title: A risk management methodology with risk dependencies
Authors: Kwan, Tak-wah
Degree: Ph.D.
Issue Date: 2010
Abstract: Due to the dynamic changes of business environments and the advancements of technologies, information technology (IT) projects are facing lots of challenges, and there is a need of applying systematic approaches to deal with the risks to ensure the project's success. A common characteristic of current risk management approaches is that they consider risks as independent events. In fact, risks are not always independent. As current practices do not clearly manage dependencies between risks, project managers may inappropriately estimate risks and thereby leave risk effectively unmanaged. We believe that explicitly identifying and managing risk dependencies would be important in both initial and ongoing risk analysis and prioritization, and help to develop better risk management strategies and make more effective risk planning decisions. This research formally models the risk dependency and proposes a management methodology to address risk dependencies. The essence of this effort is that we propose methods to re-estimate each identified risk by taking account of risk dependency effects, and we enhance a set of risk management practices to manage the re-estimated risk (named Posterior Risk). As the risk dependency effects can either increase (i.e. non-favorable effect) or reduce (i.e. favorable effect) the probabilities of those affected risks, we further propose a set of novel practices to evaluate, react, monitor and control the risk dependencies. In addition, we develop a set of metrics to measure the risk levels from both project and program perspectives with due considerations of the dependencies between risks. From the case studies of three IT projects, we confirm that risk dependencies do exist in projects and programs, and can be identified and systematically managed. We also observed that, as project teams needed to deal with risk dependency issues, communications between projects were improved, and there were synergetic effects in managing risks and risk dependencies among projects.
Subjects: Hong Kong Polytechnic University -- Dissertations
Information technology -- Security measures
Risk management
Project management
Pages: xiii, 115 leaves : ill. ; 30 cm.
Appears in Collections:Thesis

Show full item record

Page views

Last Week
Last month
Citations as of May 28, 2023

Google ScholarTM


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.