题名

Development of a Risk Management Mechanism for Enterprise Resource Planning Systems based on Work System Method

并列篇名

以工作系統方法建構ERP系統風險管理評估機制

DOI

10.6186/IJIMS.2014.25.3.2

作者

張碩毅(She-I Chang);李幸蓉(Hsing-Jung Li);鄭夙涵(Su-Han Cheng);賴琬云(Wan-Yun Lai)

关键词

企業資源規劃系統 ; 風險管理 ; 工作系統方法 ; Enterprise resource planning (ERP) system ; risk management ; work system method

期刊名称

International Journal of Information and Management Sciences

卷期/出版年月

25卷Special Issue(2014 / 09 / 01)

页次

ii+215 - 232

内容语文

英文
中文摘要

本研究蒐集2000至2010年風險管理相關文獻24篇,經由紮根理論及專家問卷內容效度分析歸納出49項ERP系統風險因子,並透過工作系統方法的工作系統架構與工作系統生命週期模型,以有意義的方式組織與建構ERP系統風險管理機制,以利協助管理者辨識與消除風險;最後輔以個案研究實證此風險管理機制之可用性。此風險管理機制可協助管理階層制定風險管理策略及建構辨認、分析、評估、回應風險,研究結果提供企業與資訊人員一個便利、迅速、正確的風險管理工具。
英文摘要

The study collects 24 risk management-relevant research papers published between 2000 and 2010 to elicit significant risk factors in an attempt to develop a risk management mechanism for enterprise resource planning (ERP) systems. The study reports on its findings on 49 risk factors by using grounded theory and conducting expert questionnaires. The identified factors are further classified into nine categories based on work system method, and a risk management mechanism is developed thereafter. Finally, two cases are selected to examine the feasibility of the mechanism. The developed mechanism is found to be a practical and proper ERP system risk management tool that can assist enterprises in identifying, analyzing, assessing, and responding to potential risks.
主题分类 基礎與應用科學 > 資訊科學
社會科學 > 管理學
参考文献
  1. Su, C. H.(2012).An Integrated Inventory Model with Default Risk under Two Stage Trade Credit Financing.International Journal of Information and Management Sciences,23,19-40.
    連結:
  2. COSO. (2004). The committee of sponsoring organizations of the Treadway Commission, Retrieved February 9, 2013, from http://www.coso.org/.
  3. COSO. (2004). Enterprise Risk Management-Integrated Framework. Retrieved February 6, 2013, from http://www.coso.org/documents/COSO ERM ExecutiveSummary Chinese Unsimplified.pdf
  4. Wailgum, T. (2009). ERP investments still top the list for corporate IT spending, Forrester research. Retrieved February 6, 2013, from http://www.cio.com/article/507663/ERP_Investments_Still_Top_the_List_for_Corporate_IT_Spending
  5. IRM, AIRMIC and ALARM. (2002). translation copyright FERMA: 2003. A Risk Management Standard. Retrieved July 10, 2014, from http://www.ferma.eu/app/uploads/2011/11/a-riskmanagement-standard-english-version.pdf
  6. Magalhães, R. and Silva, A. R. (2009). Organizational Design and Engineering (ODE), Working Paper No. 1, Version #2, Centre for Organization Design and Engineering, Lisboa, Portugal
  7. Abu-Musa, A. A.(2006).Perceived Security Threats of Computerized Accounting Information Systems in the Egyptian Banking Industry.Journal of Information Systems,2,187-203.
  8. Aloini, D.,Dulmin, R.,Mininno, V.(2007).Risk management in ERP project introduction: Review of the literature.Information & Management,44,547-567.
  9. Alter, S.(2006).The Work System Method: Connecting People, Processes, and IT for Business Results.Larkspur, CA:Work System Press.
  10. Alter, S.(2004).A work system view of DSS in its fourth decade.Decision Support Systems and Electronic Commerce,38,319-327.
  11. Alter, S.(2010).Work systems as the core of the design space for organizational design and engineering.International Journal of organizational Design and Engineering,1,5-28.
  12. Alter, S.(2008).Defining information systems as work systems: Implications for the IS field.European Journal of Information Systems,17,448-469.
  13. Alter, S.(2002).The work system method for understanding information systems and information system research.Communications of the Association for Information Systems,9,90-104.
  14. Babbie, E.(1989).The Practice of Social Research.Belmont, CA:Wadsworth Publishing Company.
  15. Baccarini, D.,Salm, G. S.,Love, P. E. D.(2004).Management of risk in information technology projects.Industrial Management & Data Systems,104,286-295.
  16. Bannerman, P. L.(2008).Risk and risk management in software projects: A reassessment.The Journal of Systems and Software,81,2118-2133.
  17. Barki, H.,Rivard, S.,Talbot, J.(2001).An Integrative Contingency Model of Software Project Risk Management.Journal of Management Information Systems,17,37-69.
  18. Benaroch, M.(2002).Managing information technology investment risk: a real options perspective.Journal of Management Information Systems,19,43-84.
  19. Bongiorno, J.(2001).Use FMEAs to improve your product development process.PM Network,15,47-51.
  20. Carbone, T. A.,Tippett, D. D.(2004).Project risk management using the project risk FMEA.Engineering Management Journal,16,28-35.
  21. Comptroller and Auditor General(2000).Supporting innovation: Managing risk in government departments.
  22. Deng, J. J.(2005).Risk Management.Taipei:Hwa Tai Publishing.
  23. Dezdar, S.,Sulaiman, A.(2009).Successful enterprise resource planning implementation: taxonomy of critical factors.Industrial Management & Data Systems,109,1035-1052.
  24. Eisenhardt, K. M.(1989).Building theories from case study research.Academy of Management Review,14,532-550.
  25. Gibson, C. F.(2003).IT-enabled business change: An approach to understanding and managing risk.MIS Quarterly Executive,2,104-115.
  26. Glaser, B.,Strauss, A.(1967).The discovery of grounded theory: Strategies for qualitative research.Chicago:Aldine.
  27. Grabski, S. V.,Leech, S. A.,Lu, B.(2001).Risks and controls in the implementation of ERP systems.The international Journal of Digital Accounting Research,1,48-68.
  28. Hakim, A.,Hakim, H.(2010).A practical model on controlling the ERP implementation risks.Information systems,35,204-214.
  29. Han, W. M.,Huang, S. J.(2007).An empirical analysis of risk components and performance on software projects.Journal of systems and software,80,42-50.
  30. Herriott, R. E.,Firestine, W. A.(1983).Multisite qualitative policy research: Optimizing description and generalizability.Educational Researcher,12,14-19.
  31. Huang, S. M.,Chang, I. C.,Li, S. H.,Lin, M. T.(2004).Assessing risk in ERP projects: identify and prioritize the factors.Industrial Management & Data Systems,104,681-688.
  32. Jiang, J. J.,Klein, G.(2001).Information System Success as Impacted by Risks and Development Strategies.IEEE Transactions on Engineering Management,48,46-55.
  33. Lawshe, C. H.(1975).A quantitative approach to content validity.Personnel Psychology,28,563-575.
  34. Maguire, S.(2002).Identifying risks during information system development.Information Management & Computer Security,10,126-134.
  35. Markus, M. L.,Axline, S.,Petrie, D.,Tanis, C.(2000).Learning from adopters' experiences with ERP: problems encountered and success achieved.Journal of Information Technology,15,245-265.
  36. Novak, J. D.,Gowin, D. B.(1984).Learning How to Learn.Cambridge:Cambridge University Press.
  37. Ojala, M.,Vilpola, I.,Kouri, I.(2006).Risks in ERP project - A case study of IS/ICT management capability maturity level and risk assessment.Frontiers of e-Business Research 2006,:
  38. Peng, G. C.,Nunes, M.(2009).Surfacing ERP exploitation risks through a risk ontology.Industrial Management and Data Systems,109,926-942.
  39. Pritchard, C. L.(2000).Advanced Risk- How Big is Your Crystal Ball?.Proceedings Project Management Institute Annual Seminars and Symposium
  40. Research, Development and Evaluation Commission, Executive Yuan(2009).Risk management and crisis management operations manual.
  41. Schmidt, R.,Lyytinen, K.,Keil, M.,Cule, P.(2001).Identifying Software Project Risks: An International Delphi Study.Journal of Management Information Systems,17,5-36.
  42. Sherer, S. A.,Alter, S.(2004).Information system risks and risk factors: Are they mostly about information systems?.Communications of Association for Information Systems,14,29-64.
  43. Siau, K.,Messersmith, J.(2003).Analyzing ERP implementation at a public university using the innovation strategy model.International Journal of Human Computer Interaction,16,57-80.
  44. Siau, K.,Messersmith, J.(2002).Enabling technologies for E-Commerce and ERP integration.Quarterly Journal of Electronic Commerce,3,43-52.
  45. Singla, A. R.,Goyal, D. P.(2006).Managing risk factors in ERP implementation and design: an empirical investigation of the Indian industry.Journal of Advances in Management Research,33,59-67.
  46. Strauss, P. A.,Corbin, J.(1990).Basics of qualitative research: Grounded theory procedures and techniques.Thousand Oaks, CA:Sage.
  47. Sumner, M.(2000).Risk factors in enterprise wide information management systems projects.Journal of Information Technology,180-187.
  48. Tiwana, A.,Keil, M.(2006).Functionality Risk in Information Systems Development: An Empirical Investigation.IEEE Transactions on Engineering Management,53,412-425.
  49. Uwadia, C. O.,Ifinedo, P. E.,Nwamarah, G. M.,Eseyin, E. G.,Sawyerr, A.(2006).Risk factors in the collaborative development of management information systems for Nigerian universities.Information Technology for Development,12,91-111.
  50. Wallace, L.,Keil, M.,Rai, A.(2004).Understanding software project risk: A cluster analysis.Information & Management,42,115-125.
  51. Warkentin, M.,Moore, R. S.,Bekkering, E.,Johnston, A. C.(2009).Analysis of systems development project risks: an integrative framework.ACM SIGMIS Database,40,8-27.
  52. Wright, S.,Wright, A. M.(2002).Information system assure for enterprise resource planning: unique risk considerations.Journal of Information Systems,16,99-113.
  53. Yin, R. K.(1994).Case Study Research: Design and Methods.London, CA:Sage.
  54. Zafiropoulos, I.,Metaxiotis, K.,Askounis, D.(2005).Dynamic risk management system for the modeling, optimal adaptation and implementation of an ERP system.Information Management & Computer Security,13,212- 234.
print cancel