Abstract
Business Process Management is considered an essential strategy to create and maintain competitive advantage by streamlining and monitoring corporate processes. While the identification of critical success factors for the management of business process related projects has been addressed by some research projects, the risks associated with these projects have received considerably less attention. This is a concern: Although BPM projects contain phases that relate to traditional software development and deployment projects, the application of risk mitigation strategies found in software engineering ignores the subsequent process management phases that follow upon the implementation and automation of processes. This paper provides an overview of risks associated with BPM projects along the phases of the BPM lifecycle. After a classification of the risks identified with individual lifecycle phases and transitions we discuss four strategies to deal with these risks: avoidance, mitigation, transfer, and acceptance. The outlook of this paper discusses how assessment frameworks such as CobIT and COSO can be applied to risk management in the context of BPM.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Grover, V.: From Business Reengineering to Business Process Change Management: A Longitudinal Study of Trends and Practices. IEEE Transactions on Engineering Management 46, 36–46 (1999)
Clemons, E.K., Thatcher, M.E., Row, M.C.: Identifying Sources of Reengineering Failures: A Study of the Behavioral Factors Contributing to Reengineering Risks. Journal of Management Information Systems 12, 9–36 (1995)
Kliem, R.L.: Risk Management for Business Process Reengineering Projects. Information Systems Management 17, 71–73 (2000)
Smith, H., Fingar, P.: Business Process Management - The Third Wave. Meghan Kiffer Press, Tampa (2003)
Zairi, M., Sinclair, D.: Business Process re-engineering and process management. Business Process Re-engineering & Management Journal 1, 8–30 (1995)
Elzinga, D.J., Horak, T., Lee, C.-Y., Bruner, C.: Business Process Management: Survey and Methodology. IEEE Transactions on Engineering Management 42, 119–128 (1995)
Harmon, P.: Evaluating an Organization’s Business Process Maturity. Business Process Trends 2 (2004)
March, J.G., Shapira, Z.: Managerial Perspectives on Risk and Risk Taking. Management Science 33, 1404–1418 (1987)
Wiegers, K.: Knowing your enemy: software risk management. Software Development 6 (1998)
Charette, R.: Applications Strategies for Risk Management. McGraw-Hill, New York (1990)
COSO: Enterprise Risk Management - Integrated Framework. Executive Summary. Committee of Sponsoring Organizations of the Threadway Commission (2004)
Gemmer, A.: Risk management: moving beyond process. Computer 30, 33–43 (1997)
Adler, T.R., Leonard, J.G., Nordgren, R.K.: Improving Risk Management: Moving from Risk elimination to Risk Avoidance. Information and Software Technology 41, 29–34 (1999)
Peltier, T.R.: Risk Analysis and Risk Management. The EDP Audit, Control, and Security Newsletter 32 (2004)
Davenport, T.H.: Process Innovation. Harvard Business School Press, Boston (1993)
Scott, J.E., Vessey, I.: Managing Risks in Enterprise Systems Implementations. Communications of the ACM 45, 74–81 (2000)
Sumner, M.: Risk Factors in Enterprise-wide/ERP projects. Journal of Information Technology 15, 317–327 (2000)
Somers, T.M., Nelson, K.G.: A Taxonomy of Players and Activities across the ERP Project Life Cycle. Information and Management 41, 257–278 (2002)
IT Governance Institute (ITGI): IT Control objectives for Sarbanes-Oxley, http://www.itgi.org/template_ITGI.cfm?template=/ContentManagement/ContentDisplay.cfm&ContentID=14133
Jaafari, A.: Management of Risks, Uncertainties and Opportunities on Projects: Time for a Fundamental Shift. International Journal of Project Management 19-2, 89–101 (2001)
Miller, R., Lessard, D.: Understanding and Managing Risks in Large Engineering Projects. International Journal of Project Management 19, 437–443 (2001)
Ward, S., Chapman, C.: Transforming Project Risk Management into Project Uncertainty Management. International Journal of Project Management 21 21-2, 97–105 (1994)
Project Management Institute: A Guide to the Project Management Body of Knowledge (PMBOK Guide), edition. Project Management Institute (2000)
Levin, H.S.: Office Work and Automation. John Wiley & Sons, New York (1956)
Zur Muehlen, M., Rosemann, M.: Integrating Risks in Business Process Models. In: Proceedings of the 2005 Australasian Conference on Information Systems (ACIS 2005), Manly, Sydney, Australia, November 30-December 2 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Muehlen, M.z., Ho, D.TY. (2006). Risk Management in the BPM Lifecycle. In: Bussler, C.J., Haller, A. (eds) Business Process Management Workshops. BPM 2005. Lecture Notes in Computer Science, vol 3812. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11678564_42
Download citation
DOI: https://doi.org/10.1007/11678564_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-32595-6
Online ISBN: 978-3-540-32596-3
eBook Packages: Computer ScienceComputer Science (R0)