Work Study

Risk evaluation and its importance to project implementation

Alison MobeyDavid Parker
Article information:
To cite this document:
Alison MobeyDavid Parker, (2002),"Risk evaluation and its importance to project implementation", Work Study, Vol. 51 Iss 4
pp. 202 - 208
Permanent link to this document:
http://dx.doi.org/10.1108/00438020210430760
Downloaded on: 31 January 2016, At: 07:24 (PT)
References: this document contains references to 28 other documents.
To copy this document: permissions@emeraldinsight.com
The fulltext of this document has been downloaded 6064 times since 2006*
Users who downloaded this article also downloaded:
H. Frank Cervone, (2006),"Project risk management", OCLC Systems & Services: International digital library
perspectives, Vol. 22 Iss 4 pp. 256-262 http://dx.doi.org/10.1108/10650750610706970
Rolf Olsson, (2008),"Risk management in a multi-project environment: An approach to manage portfolio risks", International
Downloaded by La Trobe University At 07:24 31 January 2016 (PT)

Journal of Quality & Reliability Management, Vol. 25 Iss 1 pp. 60-71 http://dx.doi.org/10.1108/02656710810843586
Ammar Ahmed, Berman Kayis, Sataporn Amornsawadwatana, (2007),"A review of techniques for risk management in
projects", Benchmarking: An International Journal, Vol. 14 Iss 1 pp. 22-36 http://dx.doi.org/10.1108/14635770710730919

Access to this document was granted through an Emerald subscription provided by emerald-srm:566188 []
For Authors
If you would like to write for this, or any other Emerald publication, then please use our Emerald for Authors service
information about how to choose which publication to write for and submission guidelines are available for all. Please
visit www.emeraldinsight.com/authors for more information.
About Emerald www.emeraldinsight.com
Emerald is a global publisher linking research and practice to the benefit of society. The company manages a portfolio of
more than 290 journals and over 2,350 books and book series volumes, as well as providing an extensive range of online
products and additional customer resources and services.
Emerald is both COUNTER 4 and TRANSFER compliant. The organization is a partner of the Committee on Publication
Ethics (COPE) and also works with Portico and the LOCKSS initiative for digital archive preservation.

*Related content and download information correct at time of download.


Risk evaluation and its
importance to project
implementation
Alison Mobey and
David Parker
The authors
Alison Mobey is a Postgraduate Student undertaking
research and David Parker is Reader in Operations
Downloaded by La Trobe University At 07:24 31 January 2016 (PT)
Management, both at the Centre for Organisational
Effectiveness, Bournemouth University, Bournemouth, UK.
Keywords
Risk, Risk management, Project management
Abstract
An extensive case study has recently started within a
major UK company that undertakes engineering process
solutions, operating on a project management basis with
multi-disciplinary teams of professional engineers. The
organisation recently piloted the introduction of an
electronic document management system, that resulted in
considerable implementation problems for the company.
The consequence of such problems may be such that the
system fails to achieve its original objectives. This
highlighted the clear need for risk evaluation prior to
implementation. The purpose of this current work was to
understand management's view of risk, identify methods
adopted to highlight potential risk, and explore possible
risk assessment in project management. The research is
nearing completion and final results will soon be
published.
Electronic access
The research register for this journal is available at
http://www.emeraldinsight.com/researchregisters
The current issue and full text archive of this journal is
available at
http://www.emeraldinsight.com/0043-8022.htm
Work Study
Volume 51 . Number 4 . 2002 . pp. 202206
# MCB UP Limited . ISSN 0043-8022
DOI 10.1108/00438020210430760
202
Introduction
Jarvenpaa and Ives (1994) argue that one
drawback of project teams is that employee
empowerment and information
decentralisation often result in organisational
knowledge fragmentation and loss of
organisational learning. Weiser and Morrison
(1998) state that formal project
documentation, such as reports, minutes of
meetings and correspondence, usually exist as
disjointed documents stored in files with
informal e-mails and personal notes often not
being retained at all. Much of the post-
contract work involved in delivering the end
product is heavily dependent on the exchange
and management of information in the form
of documents, drawings, schedules, etc. With
no in-house manufacturing, the company's
principal outputs are drawings and
specifications; and, especially, effective
project change control over large collections
of specifications, plans and drawings to
ensure success.
To increase the chances of a proposed
system succeeding it is necessary for the
organisation to have an understanding of
potential risks, to systematically and
quantitatively assess these risks, anticipating
possible causes and effects, and then choose
appropriate methods of dealing with them.
Once identified, these risks can be reduced,
removed, avoided or accepted.
The organisation also needed to adopt a
more proactive approach to risk,
understanding how effective evaluation and
analysis could be used to anticipate potential
risks when implementing new systems, and
thereby minimise those risks. To ensure that
any potential risks are managed effectively,
the risk process needs to be explicitly built
into the decision-making process.
The aim of this case study was to evaluate
how effective risk analysis prior to
implementation could have prevented the
problems that occurred. Identifying and
evaluating potential risks will also enable
better management and control of these risks
in the future.
Managing risk in change
Considerable literature exists on potential
software implementation failure; this has been
written predominantly within the context of
 Risk evaluation and its importance
Alison Mobey and David Parker
introducing technology, covering areas such
as task-technology fit, knowledge-technology
fit, training and user support. The second
category of literature draws on organisational
change theory and models, considering
human aspects such as barriers to change,
user perceptions and participation.
Risk originated as a concept as early as the
seventeenth century and was initially
associated with gambling (Frosdick, 1997).
Its development through subsequent
centuries saw its emergence in many fields,
such as insurance and economics and more
recently in engineering and science. Mosca
et al. (2001) state that risk analysis is
proposed to deal with the problems involving
uncertainty by identifying, evaluating and
monitoring the risks. Moreover:
risk analysis gives the decision maker a clear
Downloaded by La Trobe University At 07:24 31 January 2016 (PT)
presentation and evaluation of the currently
identified major risks, with consideration of the
various decision options available (Buchan,
1994).
However, Jablonowoski (2000) highlights that
managers rarely use formal risk analysis when
making important decisions. Tah and Carr
(2000) advocate that often risk management
is ad hoc and dependent on the particular
skills, experience and risk orientation of
individual key project participants. Yet
identifying potential risks, estimating the
probability of occurrence and the magnitude
of consequences and thus the acceptability of
the risk can provide senior managers with
valuable information on which to base their
decisions. So why is risk assessment not an
integral management activity? March and
Shapira, cited in Bandyopadhyay et al.
(1999), conclude that most managers are
unable to conceive risk from a decision theory
perspective. Smallman (1996), who explored
the link between risk management strategy
and organizational behaviour, described
organisations as either proactive or reactive in
their approaches.
Protocols for risk assessment
The Association of Project Managers (APM,
2000) has developed a nine-step procedure
entitled Project Risk Analysis and
Management (PRAM) for the risk process:
(1) define;
(2) focus;
(3) identify;
203
Work Study
Volume 51 . Number 4 . 2002 . 202206
(4) structure;
(5) ownership;
(6) estimate;
(7) evaluate;
(8) plan; and
(9) manage.
Other risk assessments have been identified
by Buchan (1994), Kahkonen (1997),
Software Engineering Institute (SEI), White
(1995), to name but a few. These approaches
emphasise the need to identify risk sources at
the outset.
Literature highlights numerous tools for
risk identification. Such tools may be based
on intuitive, inductive or deductive
techniques. Traditionally the focus has been
on inductive methods with quantitative risk
analysis based on estimating probabilities and
probability distributions for time and cost
analysis (Tah and Carr, 2000). Other
techniques, such as sensitivity analysis,
probability analysis, Monte Carlo simulation,
multiple regression, decision tree analysis, etc.
are based on quantitative assessment
(Frosdick, 1997). Conversely, there are
qualitative methods such as scenario and
contingency planning and Delphi techniques
(Smallman, 1996).
It may be concluded, therefore, that risk
analysis can be condensed into three distinct
phases:
(1) Identification, where all the potential risks
affecting a project are identified;
(2) Estimation, where the identified risks are
assessed and their importance, likelihood,
severity and impact are determined; and
(3) Analysis and evaluation, where the
acceptability of the risk is determined and
the actions that can be taken to make the
risk more acceptable are evaluated.
Technological risks
As organisations become increasingly
technology-dependent, they become highly
vulnerable to risks of IT failure
(Bandyopadhyay et al., 1999). The most
obvious risk during system implementation is
technology failure in terms of performance or
reliability. Lassila and Brancheau (1999)
highlight problems in predicting performance
and simulating the proposed operating
environment during trials. System complexity
can also hinder success (Cannon, 1994;
 Risk evaluation and its importance
Alison Mobey and David Parker
Lassila and Brancheau, 1999; Lin and Shao,
2000), compounding poor
knowledge-technology fit, i.e. the gap
between the knowledge level of potential
users and complexity of the system. This
highlights the need for prototypes and pilot
tests (Cannon, 1994).
The task-technology fit model offered by
Goodhue and Thompson (1995) focuses on
matching technology capabilities of a system
to the demands of the task. It proposes that
IT will be used, if the functions available fit
the activities of the user. Therefore, arguably,
it follows that the greater the degree of user
participation and involvement during
development and implementation of a system,
the more likely it is that the system will
succeed (Lin and Shao, 2000; Hwang and
Thorn, 1999; Van Offenbeck and Koopman,
Downloaded by La Trobe University At 07:24 31 January 2016 (PT)
1996).
Greater participation can also improve
perception and attitudes; and highlights the
importance of users' understanding of the
systems' functional and technical features
(Lin and Shao, 2000; Gottschalk, 1999). This
can also be as a result of adequate training
(Lassila and Brancheau, 1999), where it can
be argued that the degree of system-related
training is an important factor in successful
implementation. Lassila and Brancheau
(1999) state that the tendency to cut training
and implementation costs can often result in
negative user attitudes and limited usage of
software with the usefulness and potential
contribution of the software not being
realised. Such work emphasises the
importance of creating a positive initial
experience during implementation rather than
accepting ``initial teething problems'' that can
cause dysfunctional system integration.
The review of literature has identified a
number of avenues for the development of
this case research. This leads to the following
questions to be included in the primary
research to explore system utilisation and user
resistance:
. What was the degree of user participation
and involvement during decision making,
development, planning and
implementation?
. What is the task-technology fit (TTF) and
technology-acceptance model (TAM)?
. Were the system capabilities suitable for
the task and how did users perceive the
ease of use and usefulness of the system?
204
Work Study
Volume 51 . Number 4 . 2002 . 202206
. Was the system over-complicated? What
was the knowledge level required of
potential user is? Was there a gap between
users' knowledge and system complexity?
. Did users feel that they had sufficient
training and sufficient time and resource
to explore the system?
Human risks
Increasingly, emphasis is being placed on
human factors when assessing risk during
implementation (Clark and Stoddard, 1996;
Clemons et al., 1995; Lynne and Benjamin,
1997; Tushaman and Romanelli, 1985).
Lynne and Benjamin (1997) argue that,
whilst good design of systems is important,
successful change requires implementation
planning, execution and improvisation to deal
with resistance and unforeseen events. Many
organisations devote significant resources to
managing financial risks, whilst ignoring the
human aspects.
The technology acceptance model (TAM)
of Davis cited in Dishaw and Strong (1999) is
a conceptual model of ITC utilization
behaviour. It focuses on users' attitudes of
ITC based on perceived usefulness and ease
of use. Lassila and Brancheau (1999) tested
whether users perceive the technology to be a
suitable tool and have sufficient time and
resource to fully explore the new system.
The discussion of ``human risk'' leads to the
following research questions:
. Did the implementation, planning and
execution of the new system consider
change management to encourage
flexibility and human behaviour?
. Did user resistance contribute to the
system failure?
. Did the users feel threatened by the new
system? For example, may this be due to
change in job content, loss of
status/power, uncertainty or unfamiliarity
or job insecurity?
Organisational risks
Clark and Stoddard (1996) argue that project
managers ignore or minimise the
organisational or process changes required to
take advantage of technological capabilities.
Lynne and Benjamin (1997) highlight that,
whilst change management techniques can
 Risk evaluation and its importance
Alison Mobey and David Parker
substantially increase the chance of success,
many organisations neglect this aspect and
mistakenly believe that ITC itself has the
power to create organisational change.
Clemons et al. (1995) attribute the high
failure rate of re-engineering projects to
cognitive, motivational and obligation-based
barriers to change. They categorise the risk of
failure due to organisational resistance or lack
of commitment as political risk, and argue
that this and functional risk are the dominant
risks in innovating firms.
Organisational barriers to change could
undoubtedly offer insights into the human
risk factors when implementing new systems.
Case studies of various system
implementation in a range of sectors
highlights the influence of internal resistance
to change and its role in implementation
Downloaded by La Trobe University At 07:24 31 January 2016 (PT)
failure or system under-utilisation (Clark and
Stoddard, 1996; Clemons et al., 1995; Jiang
et al., 2000; Tushman and Romanelli, 1985).
Tushman and Romanelli (1985) argue that
ITC projects, in particular, fail due to
resistance, if they are inconsistent with
existing culture and competencies.
Lassila and Brancheau (1999) argue that
the full advantages of information technology
are not likely to be realized, unless both
technology and organizational context are
adapted during implementation. They use
action research to corroborate their theory of
avoidance, resistance and adaptation by users
regardless of features and whether the
technology functions as planned. They claim
that the initial implementation of new
technology often marks the beginning of a
new revolutionary period but that ultimately
subsequent change processes result in a new
equilibrium state.
Company case study: action research
The review of literature has identified a
number of possible avenues for the
development of this case research. In
particular the relationship between
implementing new technology and
``organisation'' is highly complex and
non-trivial, potentially involving factors
outside the scope of this research. Intuitively,
however, it is anticipated that this aspect of
project implementation will identify insightful
information and benefits for the organisation.
205
Work Study
Volume 51 . Number 4 . 2002 . 202206
The organisation in this instance uses
quantitative risk analysis in a rudimentary
manner during project planning, assigning
cost implications to various risks. This is
conducted by project managers and reviewed
by senior management. The majority of these
people originate from an engineering
background, and it has been noted that
analytical are favoured over qualitative
methods.
This work will incorporate qualitative
research in the form of focus groups
consisting of key personnel involved in the
decision-making process, planning and
implementation. Focus groups will allow
insight into potential risks identified prior to
decision making and implementation.
Representatives of each business process will
be involved, i.e. operations management, IT,
project management, engineering and
administration.
Semi-structured interviews with key
individuals will then be used to draw on lived
experiences. This will identify people's
attitudes and beliefs. The interviewees will
represent varying seniority within the
organisation so as to gain different
perspectives. Additional interviews will be
conducted for project managers, engineers
and administrators.
Issues surrounding behavioural attitudes
and user resistance, as identified during the
literature review, will also be incorporated.
Transcripts will then be analysed by content.
It is anticipated that the emergent themes
will be linked to literature, both similar and
conflicting, to increase the validity of any
generic framework developed for the
organisation. Weighting of these key factors
has been contemplated but this may be
dependent on analysis of the research.
References
Dixon, M. (Ed.) (2000), Project management, Body of
Knowledge, 4th ed., APM, High Wycombe.
Bandyopadhyay, K., Myktyn, P. and Myktyn, K. (1999), ``A
framework for integrated risk management in
information technology'', Management Decision,
Vol. 37 No. 5, pp. 437-44.
Buchan, D. (1994), ``Risk analysis some practical
suggestions'', Cost Engineering, Vol. 36 No. 1, p. 29.
Cannon (1994), ``Why IT applications succeed or fail: the
interaction of technical and organizational factors'',
Industrial and Commercial Training, Vol. 26 No. 1,
pp. 10-15.
 Risk evaluation and its importance
Alison Mobey and David Parker
Clark, T. and Stoddard, D. (1996), ``Interorganizational
business process redesign: merging technological
and process innovation'', Journal of Management
Information Systems, Vol. 13 No. 2, pp. 9-28.
Clemons, E., Thatcher, M. and Row, M. (1995),
``Identifying sources of reengineering failure: a study
of behavioural factors contributing to reengineering
risks'', Journal of Management Information Systems,
Vol. 12 No. 2, pp. 9-36.
Dishaw, M. and Strong, D. (1999), ``Extending the
technology acceptance model with task-technology
fit constructs'', Information and Management,
Vol. 36 No. 1, pp. 9-21.
Frosdick, S. (1997), ``The techniques of risk analysis are
insufficient in themselves'', Disaster Prevention and
Management, Vol. 6 No. 3, pp. 165-77.
Goodhue, D. and Thompson, R. (1995), ``Task-technology
fit and individual performance'', Management
Information Systems Quarterly, Vol. 19 No. 2,
pp. 213-36.
Gottschalk, P. (1999), ``Implementation predictors of
strategic information systems plans'', Information
Downloaded by La Trobe University At 07:24 31 January 2016 (PT)
and Management, Vol. 36 No. 2, pp. 77-91.
Hwang, M. and Thorn, R. (1999), ``The effect of user
engagement on system success: a metaphysical
integration of research findings'', Information and
Management, Vol. 35 No. 4, pp. 229-36.
Jablonowoski, M. (2000), ``Why risk analyses fail'' CPCU
Journal, Vol. 53 No. 4, Winter, pp. 223-30.
Jarvenpaa, S. and Ives, B. (1994), ``The global network
organization of the future: information management
opportunities and challenges'', Journal of
Management Information Systems, Vol. 10 No. 4,
pp. 25-57.
Jiang, J., Muhanna, W. and Klein, G. (2000), ``User
resistance and strategies for promoting acceptance
across system types'', Information and
Management, Vol. 37 No. 1, pp. 25-36.
Kahkonen, K. (1997), ``Implementation of systematic
project risk management in companies from
immediate needs to prospects for the future'', in
Kahkonen, K. and Artto, K.A. (Eds), Managing Risks
in Projects, E&N Spon, London, pp. 265-74.
Lassila, K. and Brancheau (1999), ``Adoption and
utilization of commercial software packages:
exploring, utilization, equilibria, transitions, triggers
and tracks'', Journal of Management Information
Systems, Vol. 16 No. 2, pp. 63-90.
206
Work Study
Volume 51 . Number 4 . 2002 . 202206
Lin, W. and Shao, B. (2000), ``The relationship between
user participation and system success: a
simultaneous contingency approach'', Information
and Management, Vol. 37 No. 6, pp. 283-95.
Lynne, M. and Benjamin, R. (1997), ``The magic bullet
theory in IT-enabled transformation'', Sloan
Management Review, Vol. 38 No. 2, pp. 55-68.
Mosca, R. et al. (2001), ``Risk analysis in the evaluation of
plant investments: the contribution of a
non-deterministic approach'', Project Management
Journal, Vol. 32 No. 3 pp. 4-11.
Smallman, C. (1996), ``Risk and organizational behaviour:
a research model'', Disaster Prevention and
Management, Vol. 5 No. 2, pp. 12-26.
Tah, J. and Carr, V. (2000), ``Information modelling for a
construction project risk management system'',
Engineering, Construction & Architectural
Management, Vol. 7 No. 2, pp. 107-19.
Van Offenbeck and Koopman (1996), ``Information
systems development: from user participation to
contingent interaction among involved parties'',
European Journal of Work and Organizational
Psychology, Vol. 5 No. 3.
Weiser, M. and Morrison, J. (1998), ``Project memory:
information management for project teams'',
Journal of Management Information Systems,
Vol. 14 No. 4, pp. 149-66.
White, D. (1995), ``Application of systems thinking to risk
management: a review of the literature'',
Management Decision, Vol. 33 No. 10, pp. 35-45.
Further reading
Chapman, C. (1997), ``Project risk analysis and
management the PRAM generic process'',
International Journal of Project Management,
Vol. 15, pp. 273-81.
Hamel, G. and Prahalad, C.K. (1994), Competing for the
Future, Harvard Business School, Boston, MA.
Shrivastava et al. (1988), ``Understanding industrial
crises'', The Journal of Management Studies, Vol. 25
No. 4, pp. 285-304.
Tushaman, M. and Romanelli, E. (1985), ``Organizational
evolution: a metamorphosis model of convergence
and reorientation'', in Cummings, L.L. and Staw,
B.M. (Eds), Research in Organizational Behavior,
Vol. 7, JAI Press, Greenwich, CT, pp. 171-222.
 This article has been cited by:

1. Nipon Parinyavuttichai, Angela LinReexamination of the Information Systems Project Escalation Concept: An Investigation
from Risk Perspectives 179-202. [CrossRef]
2. Gholamreza Jandaghi, Mahbube Hosseini. 2015. Evaluating the Risk of Projects Implementation in Various Situations using
Generalized TOPSIS Model and Business Plan. Trends in Applied Sciences Research 10, 245-258. [CrossRef]
3. Kathryn Cormican. 2014. Integrated Enterprise Risk Management: From Process to Best Practice. Modern Economy 05,
401-413. [CrossRef]
4. Kaizer Boikanyo Ratsiepe, Rashad YazdanifardPoor Risk Management as One of the Major Reasons Causing Failure of Project
Management 1-5. [CrossRef]
5. Dawei Tang, Jian-Bo Yang, Kwai-Sang Chin, Zoie S.Y. Wong, Xinbao Liu. 2011. A methodology to generate a belief rule base
for customer perception risk analysis in new product development. Expert Systems with Applications 38, 5373-5383. [CrossRef]
6. Hua Wang, Li-ming Zhao, Yong LiInvest project risk assessment based on joint entropy model 222-226. [CrossRef]
7. Zhang Mei, Wen JinghuaThe decision model of investment selection in family financing V9-415-V9-417. [CrossRef]
8. Shui Yee Wong, Kwai Sang Chin, Dawei Tang. 2010. Strengthening Risk Evaluation in Existing Risk Diagnosis Method.
Industrial Engineering and Management Systems 9, 41-53. [CrossRef]
9. Kwai-Sang Chin, Da-Wei Tang, Jian-Bo Yang, Shui Yee Wong, Hongwei Wang. 2009. Assessing new product development
project risk by Bayesian network with a systematic probability generation methodology. Expert Systems with Applications 36,
9879-9890. [CrossRef]
Downloaded by La Trobe University At 07:24 31 January 2016 (PT)

10. Encon Y.Y. Hui, Albert H.C. Tsang. 2006. The interorganizational relationship in a multicontractor business network.
Journal of Quality in Maintenance Engineering 12:3, 252-266. [Abstract] [Full Text] [PDF]
11. Fraser Dalgleish, Barry J. Cooper. 2005. Risk management: developing a framework for a water authority. Management of
Environmental Quality: An International Journal 16:3, 235-249. [Abstract] [Full Text] [PDF]