A Conceptual Investigation: Towards an Integrative Perspective of Risks in Information Systems Development & Usage

Abstract

A review of existing literature in academia and in profession, along with real cases, reveals a fragmented approach to risk identification and management in information systems development and usage (ISDU). Such a disjointed approach to risk management fails to consider critical threat components and under evaluates the maximum potential risks involved in a situation. The present study argues that ISDU Risks need to be expansively identified and perceived in an integrative manner. The views generally exercised by IS researcher's, within the limited attention provided to risk, are segmented and microscopic with no defined risk ecosystem to place them in . So also, practitioner groups have been individualistically producing IS artifacts for risk mitigation with a primary purpose of creating significant ROI, adding to fragmented perspectives on ISDU risks. We observe significantly high failure rates for IS projects, in spite of the claims of the application of highly advanced risk management models. In any domain, the presence of an abnormally high rate of failure would imply an absence of successful risk management and imply that not all significant risks have been accounted for. The present study identifies various cross-domain risk measures and risk constructs with macro-level relevance to the ISDU ecosystem. Based on literature review and observational reflections, a taxonomy for the classification of types of risks is presented. The present paper is an attempt at expanding the portfolio of risk concepts associated with ISDU and posits an early stage high-level integrative risk perception framework that will represent various cross-domain measures and dimensions of risk in an integrative manner. This theoretical contribution and its continued development is expected to initiate additional scholarly work on integrative perspectives on risks and new dimensions of risks associated with IS, open up a new stream of risk-related research in IS and lead to the development of enhanced risk management models.