Risk Analysis Objectives Discuss the importance of Risk Analysis Define the relationship between the critical success factors and risk analysis Define the risk analysis method Explain the approach of risk analysis Discuss the techniques followed to mitigate the identified risks on ERP implementation
Significance of Risk Analysis Fact: ERP implementation is risky Risks: Complete failure, failing to achieve some of the objectives, prolonged implementation or over budget Critical Success Factor (CSF): A condition to achieve objective Risk : A potential occurrence of an event that will have a negative impact on achieving objectives. Failing to attain one of the CSFs puts the ERP implementation at risk
Identified Risks Cost overruns Partial or no realization of projected benefits No improvement in financial performance: Unhealthy small companies Healthy large companies Operational problems in go-live phase
Risk Analysis Method Risk analysis steps: Risk identification Risks are always there. Identification of risks and proper planning to mitigate its effects leads to the successful achievement of organizational goals Risk analysis steps: Risk identification Risk assessment Design of controls
Risk Identification Risks List Create a list of events that could negatively impact the attainment of the objectives of ERP implementation Risks List Cost overruns Partial or no realization of projected benefits No improvement in financial performance Operational problems in go-live phase Other project or company - specific potential events
Risk Assessment Risk Severity Determine to which extent each of the identified risks is a threat to the attainment of the objectives of ERP implementation Risk Severity
Design of Control Measures ( Controls) Controlled Risk Severity Reduce the severity of the identified risk Controlled Risk Severity
Controls classes Evasion Reduction Transfer Acceptance
Risk Analysis Approach Make a distinction between the analysis CSFs and Risks CSFs Analysis: Top Management Support: Endorsement and approval Ownership: Top management team appointment in implementation team Users Involvement: rigorous communication strategy and integration of ERP objectives into organizational strategy.
Risk Analysis Approach Risk identification Severity determination Design control measures
Risk Analysis Approach
Risk Analysis Team Team knowledge and composition: Risk manager(s) Risk analysis is treated as a subproject of ex ante phase Team knowledge and composition: Risk manager(s) Project manager(s) Organizational processes experts Internal, operational and IT auditors
Risk Analysis Tools and Techniques Risk identification: Interviews Workshops Reviewing project evaluation and audit reports. Risk Assessment: Scenario and what-if analysis Benchmarking Sensitivity analysis Statistical methods, example : Value-at-risk and flow-at-risk Risk analysis results are never complete !! Why?