Study On Risk Management Of Company A's IT Governance Project

IT project risk management is a hot topic in recent years.There are a lot of excellent research papers on this field.But most of these researches are focused on IT technology development projects,especially the software development projects,the work on IT governance project is needed.With the development of informatization,IT governances for most companies are becoming more and more important.However,the research of traditional IT governance is on the making rules,seldom on the risking factors in general.IT governance is the future of the informatization of every company,Company A is also set an IT strategy in which IT governance is the most important part.This paper will identify and evaluate the main risks of Company A's IT governance project based on a plan framework,then mechanisms and methods to avoid these risks will be discussed in detail,which will improve the governance capability of the whole company,and meet the company's strategic goal.This paper integrates IT governance and risk management to do research,which is an innovative way in theory.This research is based on literature review both of IT governance and project risk management,and combining the practice of Company A's IT governance project,an IT governance framework is proposed as the basis of the risk identification and evaluation.After risk identification and evaluation using quality and quantity research method,following risk avoiding and controlling policies are proposed to improve the IT governance abilities.Our research is based on the investigation of Company A's current IT level and IT governance practice.An IT governance framework is proposed according to literature review and other best practices in the industry.Then a deep face to face review is done with relative experts for about one and half months.Based on these reviews,the risk factors of Company A's IT governance project are identified and evaluated by the same experts.The risk factors include two levels,the first level has 4 factors,the second has 12 factors.Then we use AHP and Fuzzy Evaluation methods to analyze these factors quantitatively,and their relative importance are calculated and used to make some risk avoidance and controlling policies,which are very important for Company A's strategic goal and will significantly improve its IT governance capability.With the lack of real data collection of the IT governance risk events,the results of our research are needed to be further validated.In the future,with the help of regular record of each IT governance project risk event,we can improve our results significantly.