Análisis de los riesgos en proyectos SI/TI basado en el enfoque IPA

  1. López Vargas, Cristina
  2. Salmerón, José L.
  3. Mena Nieto, Ángel Isidro
Economía industrial

ISSN: 0422-2784

Year of publication: 2014

Issue Title: Innovación y creación de valor

Issue: 392

Pages: 145-154

Type: Article

More publications in: Economía industrial


Information systems support the business activity. Companies develop projects to incorporate new technologies and systems. However, their results are not usually successful. This is due to the numerous risk factors that threaten these projects and the achievement of its objectives. So, professionals must continuously manage projects risks. To help them, we have identified and analyzed the risks that threaten the outcome of these projects. To do so, we applied the technique IPA. The results will help practitioners to select the strategy to manage risks more efficiently. Specifically, the findings of this study reveal that 39.1% of risks are considered critical. Moreover, these show that two of the most critical risks are the poor management of user expectations and the lack of team leaders with the skills required for the job.

Bibliographic References

  • ABALO, J., VARELA, J. Y MANZANO V. (2007): «Importance values for Importance–Performance Analysis: A formula for spreading out values derived from preference rankings», Journal of Business Research, vol. 60, nº 2, pp. 115-121.
  • ADDISON, T. (2003): «E-commerce project development risks: evidence from a Delphi survey», International Journal of Infor mation Management, vol. 23, nº 1, pp. 25-40.
  • ASCIERTO, R. (2010): «IT Spending will Rise, yet 2010 will be a Year of Reckoning for CIOs», Ovum. http://about.datamonitor. com/media/archives/3826.
  • BANNERMAN, P.L. (2008): «Risk and risk management in software projects: A reassessment», Journal of Systems and Software, vol. 81, nº 12, pp. 2118-2133.
  • BARKI, H.; RIVARD, S. y TALBOT, J. (2001): «An integrative contingency model of software project risk management», Journal of Management Information Systems, vol. 17, nº 4, pp. 37-69.
  • BARROS, M.O.; WERNER, C.M.L. y TRAVASSOS, G.H. (2004): «Su pporting risks in software project management», Journal of Systems and Software, vol. 70, nº. 1-2, pp. 21-35.
  • BOEHM, B.W. (1991): «Software risk management: principles and practices», IEEE Software, vol. 8, nº 1, pp. 32-41.
  • CHARETTE, R.N. (2005): «Why software fails», IEEE Spectrum, vol. 42, nº 9, pp. 42-49.
  • CHEN, J.C. y HUANG, S.-J. (2009): «An empirical analysis of the impact of software development problem factors on software maintainability», The Journal of Systems and Software, vol. 82, nº 6, pp. 981-992.
  • CLAYTON, M. (1997): «Delphi: a technique to harness expert opinion for critical decision-making tasks in education”, Edu cational Psychology, vol. 17, nº 4, pp. 373-387.
  • CULE, P.; SCHMIDT, R.; LYYTINEN, K. y KEIL, M. (2000): «Strategies for Heading Off is Project Failure», Information systems management, vol. 17, nº 2, pp. 1-9.
  • DENG, W. (2007): «Using a revised importance–performance analysis approach: The case of Taiwanese hot springs tourism», Tourism Management, vol. 28, nº 5, pp. 1274-1284.
  • DOROFEE, A.J.; WALKER, J. A.; ALBERTS, C. J.; HIGUERA, R. P. y MURPHY, R. L. (1996): Continuous Risk management guidebook, SEI, Carnegie Mellon University.
  • EMAM, K.E. y KORU, A.G. (2008): «A Replicated Survey of IT Software Project Failures», IEEE Software, vol. 25, nº 5, pp. 84-90.
  • FAIRLEY, R. (1994): «Risk management for software projects», IEEE Software, vol. 11, nº 3, pp.57-67.
  • FORD, J.B. y JOSEPH, M.J.B. (1999): «Importance-performance analysis as a strategic tool for service marketers: the case of service quality perceptions of business students in New Zealand and the USA», Journal of services marketing, vol. 13, nº 2, pp.171-186.
  • GOMOLSKI, G. (2009): Gartner Report IT Spending 2010, Gartner Group. 2010.
  • HALL, E.M. (1998): Managing Risk: Methods for Software Systems Development, The SEI Series in Software Engineering, Hardcover.
  • HAN, W.M. y HUANG, S.J. (2007): «An empirical analysis of risk components and performance on software projects», Journal of Systems and Software, vol. 80, pp. 42-50.
  • HEEMSTRA, F.J. y KUSTERS, R.J. (1996): «Dealing with risk: a practical approach», Journal of Information Technology, vol. 11, pp. 333-346.
  • HEVNER, A.R.; MARCH, S.T.; PARK, J. y RAM, S. (2004): «Design science in information systems research», MIS Quarterly, vol. 28, nº 1, pp. 75-105.
  • HILLSON, D. y SIMON, P. (2007): Practical Project Risk Mana gement: The ATOM Methodology, Management Concepts.
  • HUANG, S.J. y HAN, W.M. (2008): «Exploring the relationship between software project duration and risk exposure: A cluster analysis», Information & Management, vol. 45, pp. 175-182.
  • IEEEIISO/IEC Standard for Software Life Cycle Processes – Risk Management, IEEE/ISO/IEC std. 16085, 2006.
  • IEEE Standard for Developing a Software Project Life Cycle Process, Software Engineering Standards Committee of the IEEE Computer Society, IEEE std 1074, 2006.
  • IEEE Standard for Software Life Cycle Processes-Risk Mana gement, Software Engineering Standards Committee of the IEEE Computer Society,IEEE Std 1540, 2001.
  • KALAKOTA, R. y ROBINSON, M. (2001): E-Business 2.0: Roadmap for Sucess, Addison Wesley.
  • KEIL, M.; CULE, P.; LYYTIMEN, K. y SCHMIDT, R. (1998): «A framework for identifying software project risk», Communications of the ACM, vol. 41, nº 11, pp. 76-83.
  • KONTIO, J. (2001): Software engineering risk management, a method, improvement framework and empirical evaluation, Suomen Laatukeskus.
  • KWAK, Y. H. y STODDARD, J. (2004): «Project risk management: lessons learned from software development environment», Technovation, vol. 24, nº. 11, pp. 915-920.
  • LAUDON, K.C. y LAUDON, J.P. (2008): Sistemas de Información Gerencial. Administración de la empresa digital, Pearson educación, México, p. 14.
  • LIU, K. F.R. y YU, C.W. (2009): «Integrating case-based and fuzzy reasoning to qualitatively predict risk in an environmental impact assessment review», Environmental modelling & software, vol. 24, nº 10, pp. 1241-1251
  • LU, X.N. y MA, Q.C. (2004): «Risk analysis in software development project with owners and contractors», Engineering management conference, pp. 789-793.
  • LUKUMON O.; KWOK, O. y THAM, W. (2007): «Clients’ assessment of architects’ performance in building delivery process: Evidence from Nigeria», Building and environment, vol. 42, nº 5, pp. 2090-2099.
  • MAGAL, S.R. y LEVENBURG, N.M. (2005): «Using ImportancePerformance Analysis to Evaluate E-Business Strategies among Small Businesses», 38th Annual hawaii international conference on system sciences.
  • MAGERIT (Metodología de Análisis y Gestión de Riesgos de los Sistemas de Información) Versión 2, Catálogo general de publicaciones oficiales, Ministerio de Administraciones Públicas (MAP), Madrid, 2006.
  • MARTILLA, J.A. y JAMES, J.C. (1977): «Importance-Performance Analysis», The Journal of Marketing, vol. 41, no. 1, pp. 77-79.
  • MCCONNELL, S. (1997): Desarrollo y gestión de proyectos informáticos, Mc Graw Hill, Madrid, pp. 145-167.
  • MCFARLAN, F.W. (1981): «Portfolio approach to information systems», Harvard Business Review, vol. 59, nº 5, pp. 142-150.
  • MOYNIHAN, T. (1997): «How Experienced Project Managers Assess Risk», IEEE software, pp. 35-41.
  • MURSU, A.; LYYTINEN, K.; SORIYAN, H.A. y KORPELA, M. (2003): «Identifying software project risks in Nigeria: an International Com parative Study», European Journal of Information Systems, vol. 12, nº 3, pp. 182-194.
  • NAKATSU, R.T. y IACOVOU, C.L. (2009): «A comparative study of important risk factors involved in offshore and domestic outsourcing of software development projects: A two-panel Delphi study», Information & Management, vol. 46, nº 1, pp. 57-68
  • O’ BRIEN, J.A. y MARAKAS, G.M. (2009): Introduction to Informa tion Systems, McGraw-Hill, Inc..
  • Guía de los Fundamentos para la Dirección de Proyectos (2008), 4ª edición, Project Management Institute (PMI), Pennsylvania, EE.UU.
  • RAVINDRANATH, C. (2007): Applied software risk management, Auerbach Publications, Taylor & Francis Group LLC, New York.
  • Risk management guide for doc adquisition (2006) Departa ment of Defense (DoD).
  • ROPPONEN, J. y LYYTINEN, K. (2000): «Components of Software Development Risk: How to Address Them? A Project Manager Survey», IEEE Transactions on software engineering, Vol. 26, nº 2, pp. 88-112.
  • SALMERON, J.L. y LÓPEZ, C. (2012): «Forecasting Risk Impact on ERP Maintenance with Augmented Fuzzy Cognitive Maps», IEEE Transactions on Software Engineering, en prensa, pp. 1-16.
  • SAMAD, J. y IKRAM, N. (2006): «Managing the Risk: An Evaluation of Risk Management Process», Multitopic Conference INMIC ‘06, pp.281-287.
  • FARAJ, S. y SAMBAMURTHY, V. (2006): «Leadership of Information Systems Development Projects», IEEE Transactions on engineering management, vol. 53, nº 2, pp. 238-249.
  • SHERER, S.A. (1995): «The three dimensions of software risk: technical, organizational, and environmental», 28th Hawaii International Conference, pp. 369-378.
  • STEWART, R.A. (2008): «A framework for the life cycle management of information technology projects: ProjectIT», International journal of project management, vol. 26, nº 2, pp. 203-212.
  • The Standish group report chaos, Standish Group International, 2009.
  • VAN LOON, H. (2007): «A management methodology to reduce risk and improve quality», IT Professional, vol. 9, nº 6, pp.30-35.
  • WALLACE, L.; KEIL, M. y RAI, A. (2004a): «Understanding software project risk: a cluster analysis», Information & Management, vol. 42, nº 1, pp. 115-125.
  • WALLACE, L.; KEIL, M. y RAI, A. (2004b): «How software project risk affects project performance: an investigation of the dimensions of risk and an exploratory model», Decision sciences, vol. 35, nº 2, pp. 289-321.
  • YEO, A.Y.C. (2003): «Examining a Singapore bank’s competitive superiority using importance-performance analysis», Journal of American academy of business, vol. 3. nº 1/2, pp. 155-161.
  • ZHANG, M.J. y LADO, A.A. (2001): «Information systems and competitive advantage: a competency-based view», Techno vation, vol. 21, pp. 147-156.
  • ZHOU, L.; VASCONCELOS, A. y NUNES, M. (2008): «Supporting decision making in risk Management through an evidence-based information systems project risk checklist», Information management & computer security, vol. 6, nº 2, pp. 166-186.