Skip to main content
SpringerLink
Log in
Book cover

International Conference on Business Process Management

BPM 2005: Business Process Management Workshops pp 454–466Cite as

Risk Management in the BPM Lifecycle

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3812))

Abstract

Business Process Management is considered an essential strategy to create and maintain competitive advantage by streamlining and monitoring corporate processes. While the identification of critical success factors for the management of business process related projects has been addressed by some research projects, the risks associated with these projects have received considerably less attention. This is a concern: Although BPM projects contain phases that relate to traditional software development and deployment projects, the application of risk mitigation strategies found in software engineering ignores the subsequent process management phases that follow upon the implementation and automation of processes. This paper provides an overview of risks associated with BPM projects along the phases of the BPM lifecycle. After a classification of the risks identified with individual lifecycle phases and transitions we discuss four strategies to deal with these risks: avoidance, mitigation, transfer, and acceptance. The outlook of this paper discusses how assessment frameworks such as CobIT and COSO can be applied to risk management in the context of BPM.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Grover, V.: From Business Reengineering to Business Process Change Management: A Longitudinal Study of Trends and Practices. IEEE Transactions on Engineering Management 46, 36–46 (1999)

    Article  Google Scholar 

  2. Clemons, E.K., Thatcher, M.E., Row, M.C.: Identifying Sources of Reengineering Failures: A Study of the Behavioral Factors Contributing to Reengineering Risks. Journal of Management Information Systems 12, 9–36 (1995)

    Article  Google Scholar 

  3. Kliem, R.L.: Risk Management for Business Process Reengineering Projects. Information Systems Management 17, 71–73 (2000)

    Article  Google Scholar 

  4. Smith, H., Fingar, P.: Business Process Management - The Third Wave. Meghan Kiffer Press, Tampa (2003)

    Google Scholar 

  5. Zairi, M., Sinclair, D.: Business Process re-engineering and process management. Business Process Re-engineering & Management Journal 1, 8–30 (1995)

    Article  Google Scholar 

  6. Elzinga, D.J., Horak, T., Lee, C.-Y., Bruner, C.: Business Process Management: Survey and Methodology. IEEE Transactions on Engineering Management 42, 119–128 (1995)

    Article  Google Scholar 

  7. Harmon, P.: Evaluating an Organization’s Business Process Maturity. Business Process Trends 2 (2004)

    Google Scholar 

  8. March, J.G., Shapira, Z.: Managerial Perspectives on Risk and Risk Taking. Management Science 33, 1404–1418 (1987)

    Article  Google Scholar 

  9. Wiegers, K.: Knowing your enemy: software risk management. Software Development 6 (1998)

    Google Scholar 

  10. Charette, R.: Applications Strategies for Risk Management. McGraw-Hill, New York (1990)

    Google Scholar 

  11. COSO: Enterprise Risk Management - Integrated Framework. Executive Summary. Committee of Sponsoring Organizations of the Threadway Commission (2004)

    Google Scholar 

  12. Gemmer, A.: Risk management: moving beyond process. Computer 30, 33–43 (1997)

    Article  Google Scholar 

  13. Adler, T.R., Leonard, J.G., Nordgren, R.K.: Improving Risk Management: Moving from Risk elimination to Risk Avoidance. Information and Software Technology 41, 29–34 (1999)

    Article  Google Scholar 

  14. Peltier, T.R.: Risk Analysis and Risk Management. The EDP Audit, Control, and Security Newsletter 32 (2004)

    Google Scholar 

  15. Davenport, T.H.: Process Innovation. Harvard Business School Press, Boston (1993)

    Google Scholar 

  16. Scott, J.E., Vessey, I.: Managing Risks in Enterprise Systems Implementations. Communications of the ACM 45, 74–81 (2000)

    Article  Google Scholar 

  17. Sumner, M.: Risk Factors in Enterprise-wide/ERP projects. Journal of Information Technology 15, 317–327 (2000)

    Article  Google Scholar 

  18. Somers, T.M., Nelson, K.G.: A Taxonomy of Players and Activities across the ERP Project Life Cycle. Information and Management 41, 257–278 (2002)

    Article  Google Scholar 

  19. IT Governance Institute (ITGI): IT Control objectives for Sarbanes-Oxley, http://www.itgi.org/template_ITGI.cfm?template=/ContentManagement/ContentDisplay.cfm&ContentID=14133

  20. Jaafari, A.: Management of Risks, Uncertainties and Opportunities on Projects: Time for a Fundamental Shift. International Journal of Project Management 19-2, 89–101 (2001)

    Article  Google Scholar 

  21. Miller, R., Lessard, D.: Understanding and Managing Risks in Large Engineering Projects. International Journal of Project Management 19, 437–443 (2001)

    Article  Google Scholar 

  22. Ward, S., Chapman, C.: Transforming Project Risk Management into Project Uncertainty Management. International Journal of Project Management 21 21-2, 97–105 (1994)

    Google Scholar 

  23. Project Management Institute: A Guide to the Project Management Body of Knowledge (PMBOK Guide), edition. Project Management Institute (2000)

    Google Scholar 

  24. Levin, H.S.: Office Work and Automation. John Wiley & Sons, New York (1956)

    Google Scholar 

  25. Zur Muehlen, M., Rosemann, M.: Integrating Risks in Business Process Models. In: Proceedings of the 2005 Australasian Conference on Information Systems (ACIS 2005), Manly, Sydney, Australia, November 30-December 2 (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Howe School of Technology Management, Stevens Institute of Technology, Castle Point on the Hudson, Hoboken, NJ, 07030, USA

    Michael zur Muehlen & Danny Ting-Yi Ho

Authors
  1. Michael zur Muehlen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Danny Ting-Yi Ho
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Cisco Systems, Inc., 95134, San Jose, CA, USA

    Christoph J. Bussler

  2. DERI – National University of Ireland, IDA Business Park, Galway, Ireland

    Armin Haller

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Muehlen, M.z., Ho, D.TY. (2006). Risk Management in the BPM Lifecycle. In: Bussler, C.J., Haller, A. (eds) Business Process Management Workshops. BPM 2005. Lecture Notes in Computer Science, vol 3812. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11678564_42

Download citation

  • DOI: https://doi.org/10.1007/11678564_42

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-32595-6

  • Online ISBN: 978-3-540-32596-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation