SlideShare una empresa de Scribd logo

Trial lecture - Risk Management and Open Source Software Adoption - Øyvind Hauge

Descargar como PPTX, PDF
Ø
Øyvind Hauge

The trial lecture from my PhD defense with the original topic: Present and discuss relevant conceptualizations of risk and control in business organizations relevant to the process of OSS adoption

TecnologíaEmpresariales
1 de 32
Conceptualizations of risk and control in business organizations relevant to the process of OSS adoption Trial lecture Øyvind Hauge oyvind.hauge@idi.ntnu.no
53.3% of the respondents thought computer breakdowns was a major concern (Coleman, 2006) The local hospital was in 2006 a full day without ICT support and a week without wireless phone Denver Airport, Computerized Baggage Handling fails, 1995 -> costs up to 1$ million per day Therac-25, 1985-1987, overdoses of radiation leading to three deaths
Table of content The scope of this presentation Risk and control Ways of controlling risk Risk and control related to OSS adoption
Present and discuss relevant conceptualizations of risk and control in business organizationsrelevant to the process of OSS adoption SE & IS
Business organization Is a legal entity (private or public) Has a Mission to provide either goods or services Owner Budget Variations in Size Domain Country Organization form Geographical distribution …
Table of content The scope of this presentation Risk and control Ways of controlling risk Risk and control related to OSS adoption
Risk The effect of uncertainty on objectives The effect may be positive or negative Risk=Probability*Cost Involves uncertainty Event Causes/threats Consequences ISO Guide 73:2009, Aven (2009)
Types of risk ,[object Object]
Cost
Schedule
Organizational environment
User
Team
Requirement
Project complexity
Planning and controlScott and Vessey (2002), Wallace et al. (2004), Karolak (1996)
”Typical” software risks Baccarini et al. (2004) – IT projects Personnel shortfall Unreasonable schedule and budget Unrealistic expectations Incomplete requirements Diminishing window of opportunity Boehm (1991) – Software risks Personnel shortfall Unreasonable schedule and budget Developing the wrong functions and properties Developing the wrong user interface Gold-plating Changing requirements Shortfall in externally furnished components Shortfall in externally performed task Real-time performance shortfalls Straining computer science capabilities Aloini et al. (2007) – ERP systems Inadequate product selection Ineffective strategic thinking and planning Ineffective project management techniques Bad managerial conduct Inadequate change management Inadequate training and instruction Poor project team skills Inadequate Business Process Re-engineering Low top management involvement Low key user involvement Chatzoglou and Diamantidis (2009) – IT/IS implementation Management ability Information integrity Controllability Exclusivity
Few risks are technical Baccarini et al. (2004) – IT projects Personnel shortfall Unreasonable schedule and budget Unrealistic expectations Incomplete requirements Diminishing window of opportunity Boehm (1991) – Software risks Personnel shortfall Unreasonable schedule and budget Developing the wrong functions and properties Developing the wrong user interface Gold-plating Changing requirements Shortfall in externally furnished components Shortfall in externally performed task Real-time performance shortfalls Straining computer science capabilities Aloini et al. (2007) – ERP systems Inadequate product selection Ineffective strategic thinking and planning Ineffective project management techniques Bad managerial conduct Inadequate change management Inadequate training and instruction Poor project team skills Inadequate Business Process Re-engineering Low top management involvement Low key user involvement Chatzoglou and Diamantidis (2009) – IT/IS implementation Management ability Information integrity Controllability Exclusivity
Risks Negative impact on objectives May come from a number of sources The most important risks are not related to the technology
Control Measures that are modifying risk Prevent Reduce consequences Event Causes/threats Consequences ISO Guide 73:2009
Table of content The scope of this presentation Risk and control Ways of controlling risk Risk management Real Option Theory Processes and standardization Risk and control related to OSS adoption
1. Risk management Coordinated activities to direct and control an organization with regard to risk Aven (2008), ISO Guide 73:2009
Not all risk can be controlled Hanseth and Ciborra (2007), Forester (1989)
The norm of risk management GALE (Globally At Least Equivalent) ALARP (As Low As Reasonably Probable) Stålhane and Skramstad (2006), Aven (2009)
Traditional risk analysis Baskeville and Stage (1996), Karolak (1996), Boehm (1991), Holmgren and Thedéen (2009)
Risk identification: What can go wrong? Group discussions SWOT analysis Brain storming Expert panels Earlier experiences References Checklists McManus (2004), Boehm (1991)
Risk avoidance/mitigation Find root causes of risks Deal with root causes or reduce consequences Sell risk to 3rd party Expertise (train/hire) Introduce barriers Design the risk out of the solution Buy information e.g. proof of concept Lane (1998), Boehm (1991)
2. Real Option Theory Add flexibility and options proactively Options may be used but they don’t have to Benaroch et al. (2007), Erdogmus and Favaro (2002)
First date at a steakhouse The date is a vegetarian Menu option 1. Steak Menu option 1. Steak First date at a restaurant serving different dishes The date is a vegetarian Menu option 2. Salad Menu option 2. Fish
Options for IT projects The option to: Defer Explore Stage Change-Scale Abandon Outsource Lease Strategic-Grow Benaroch et al. (2007), Erdogmus and Favaro (2002)
3. Processes and standardization Processes Tool support Techniques Standards ,[object Object]

Recomendados

18 zain ul abideen final paper258--267
18 zain ul abideen final paper258--26718 zain ul abideen final paper258--267
18 zain ul abideen final paper258--267Alexander Decker
 
A new conceptual framework to improve the application of occupational health...
A new conceptual framework to improve the application of occupational health...A new conceptual framework to improve the application of occupational health...
A new conceptual framework to improve the application of occupational health...Diandra Rosari
 
Risk management of telecommunication and engineering laboratory
Risk management of telecommunication and engineering laboratoryRisk management of telecommunication and engineering laboratory
Risk management of telecommunication and engineering laboratorySalam Shah
 
Open Source and Content Management (+audio)
Open Source and Content Management (+audio)Open Source and Content Management (+audio)
Open Source and Content Management (+audio)Matt Hamilton
 
Leveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the RiskLeveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the RiskProtecode
 
Open Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementOpen Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementSebastiano Cobianco
 
Iso26262 component reuse_webinar
Iso26262 component reuse_webinarIso26262 component reuse_webinar
Iso26262 component reuse_webinarمحمدعبد الحى
 
10120140506004 2
10120140506004 210120140506004 2
10120140506004 2IAEME Publication
 

Recomendados

18 zain ul abideen final paper258--267
18 zain ul abideen final paper258--26718 zain ul abideen final paper258--267
18 zain ul abideen final paper258--267Alexander Decker
 
A new conceptual framework to improve the application of occupational health...
A new conceptual framework to improve the application of occupational health...A new conceptual framework to improve the application of occupational health...
A new conceptual framework to improve the application of occupational health...Diandra Rosari
 
Risk management of telecommunication and engineering laboratory
Risk management of telecommunication and engineering laboratoryRisk management of telecommunication and engineering laboratory
Risk management of telecommunication and engineering laboratorySalam Shah
 
Open Source and Content Management (+audio)
Open Source and Content Management (+audio)Open Source and Content Management (+audio)
Open Source and Content Management (+audio)Matt Hamilton
 
Leveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the RiskLeveraging Open Source Opportunity in the Public Sector Without the Risk
Leveraging Open Source Opportunity in the Public Sector Without the RiskProtecode
 
Open Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementOpen Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementSebastiano Cobianco
 
Iso26262 component reuse_webinar
Iso26262 component reuse_webinarIso26262 component reuse_webinar
Iso26262 component reuse_webinarمحمدعبد الحى
 
10120140506004 2
10120140506004 210120140506004 2
10120140506004 2IAEME Publication
 
10120140506004 2
10120140506004 210120140506004 2
10120140506004 2IAEME Publication
 
W6 making decisions in risky situations - simon pollard
W6 making decisions in risky situations - simon pollardW6 making decisions in risky situations - simon pollard
W6 making decisions in risky situations - simon pollardlgconf11
 
PM508 - Week 1, Organization Risk Tolerance, Behavior, and Perception
PM508 - Week 1, Organization Risk Tolerance, Behavior, and PerceptionPM508 - Week 1, Organization Risk Tolerance, Behavior, and Perception
PM508 - Week 1, Organization Risk Tolerance, Behavior, and Perceptioncityuelearning
 
Glis Intro 01 20071029
Glis Intro 01 20071029Glis Intro 01 20071029
Glis Intro 01 20071029Jan Pawlowski
 
Application Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementApplication Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementMel Drews
 
Erpppt
ErppptErpppt
Erppptsaileshvaishnavi
 
Avoid the risk of workload and hr planning to achieve sustainable business gr...
Avoid the risk of workload and hr planning to achieve sustainable business gr...Avoid the risk of workload and hr planning to achieve sustainable business gr...
Avoid the risk of workload and hr planning to achieve sustainable business gr...Management_Team
 
Risk factorserp sumner
Risk factorserp sumnerRisk factorserp sumner
Risk factorserp sumnerIIUM
 
PAPERS20 April 2013 ■ Project Management Jou.docx
PAPERS20 April 2013 ■ Project Management Jou.docxPAPERS20 April 2013 ■ Project Management Jou.docx
PAPERS20 April 2013 ■ Project Management Jou.docxdanhaley45372
 
Supply Chain Risk 2009
Supply Chain Risk 2009Supply Chain Risk 2009
Supply Chain Risk 2009Jan Husdal
 
Running head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docx
Running head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docxRunning head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docx
Running head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docxjeanettehully
 
Running head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docx
Running head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docxRunning head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docx
Running head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docxhealdkathaleen
 
Enablers for Maturing your S&OP Processes, SherTrack
Enablers for Maturing your S&OP Processes, SherTrackEnablers for Maturing your S&OP Processes, SherTrack
Enablers for Maturing your S&OP Processes, SherTrackInnovation Enterprise
 
Ics 3210 information systems security and audit - edited
Ics 3210 information systems security and audit - editedIcs 3210 information systems security and audit - edited
Ics 3210 information systems security and audit - editedNelson Kimathi
 
Carol Harstad Research Proposal
Carol Harstad Research ProposalCarol Harstad Research Proposal
Carol Harstad Research ProposalCarol Harstad
 
Role Of Knowledge Management In The Decision Making
Role Of Knowledge Management In The Decision MakingRole Of Knowledge Management In The Decision Making
Role Of Knowledge Management In The Decision MakingFaisal Haroon
 
Casestudy On It Development Outsource
Casestudy On It Development OutsourceCasestudy On It Development Outsource
Casestudy On It Development Outsourceuddika
 
data science & machine learning prasentation
data science & machine learning prasentationdata science & machine learning prasentation
data science & machine learning prasentationsainikoyal108
 
A Customer Relationship Management Case Study Critical Success Factors In Ac...
A Customer Relationship Management Case Study Critical Success Factors In Ac...A Customer Relationship Management Case Study Critical Success Factors In Ac...
A Customer Relationship Management Case Study Critical Success Factors In Ac...Yolanda Ivey
 
10 Trends in Capability Planning for Defence and Security
10 Trends in Capability Planning for Defence and Security10 Trends in Capability Planning for Defence and Security
10 Trends in Capability Planning for Defence and SecurityStephan De Spiegeleire
 
PhD Defense Øyvind Hauge
PhD Defense Øyvind HaugePhD Defense Øyvind Hauge
PhD Defense Øyvind HaugeØyvind Hauge
 
2010 open standards in norwegian public sector nordic oss
2010 open standards in norwegian public sector nordic oss2010 open standards in norwegian public sector nordic oss
2010 open standards in norwegian public sector nordic ossØyvind Hauge
 

Más contenido relacionado

Similar a Trial lecture - Risk Management and Open Source Software Adoption - Øyvind Hauge

W6 making decisions in risky situations - simon pollard
W6 making decisions in risky situations - simon pollardW6 making decisions in risky situations - simon pollard
W6 making decisions in risky situations - simon pollardlgconf11
 
PM508 - Week 1, Organization Risk Tolerance, Behavior, and Perception
PM508 - Week 1, Organization Risk Tolerance, Behavior, and PerceptionPM508 - Week 1, Organization Risk Tolerance, Behavior, and Perception
PM508 - Week 1, Organization Risk Tolerance, Behavior, and Perceptioncityuelearning
 
Glis Intro 01 20071029
Glis Intro 01 20071029Glis Intro 01 20071029
Glis Intro 01 20071029Jan Pawlowski
 
Application Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementApplication Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementMel Drews
 
Avoid the risk of workload and hr planning to achieve sustainable business gr...
Avoid the risk of workload and hr planning to achieve sustainable business gr...Avoid the risk of workload and hr planning to achieve sustainable business gr...
Avoid the risk of workload and hr planning to achieve sustainable business gr...Management_Team
 
Risk factorserp sumner
Risk factorserp sumnerRisk factorserp sumner
Risk factorserp sumnerIIUM
 
PAPERS20 April 2013 ■ Project Management Jou.docx
PAPERS20 April 2013 ■ Project Management Jou.docxPAPERS20 April 2013 ■ Project Management Jou.docx
PAPERS20 April 2013 ■ Project Management Jou.docxdanhaley45372
 
Supply Chain Risk 2009
Supply Chain Risk 2009Supply Chain Risk 2009
Supply Chain Risk 2009Jan Husdal
 
Running head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docx
Running head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docxRunning head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docx
Running head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docxjeanettehully
 
Running head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docx
Running head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docxRunning head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docx
Running head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docxhealdkathaleen
 
Enablers for Maturing your S&OP Processes, SherTrack
Enablers for Maturing your S&OP Processes, SherTrackEnablers for Maturing your S&OP Processes, SherTrack
Enablers for Maturing your S&OP Processes, SherTrackInnovation Enterprise
 
Ics 3210 information systems security and audit - edited
Ics 3210 information systems security and audit - editedIcs 3210 information systems security and audit - edited
Ics 3210 information systems security and audit - editedNelson Kimathi
 
Carol Harstad Research Proposal
Carol Harstad Research ProposalCarol Harstad Research Proposal
Carol Harstad Research ProposalCarol Harstad
 
Role Of Knowledge Management In The Decision Making
Role Of Knowledge Management In The Decision MakingRole Of Knowledge Management In The Decision Making
Role Of Knowledge Management In The Decision MakingFaisal Haroon
 
Casestudy On It Development Outsource
Casestudy On It Development OutsourceCasestudy On It Development Outsource
Casestudy On It Development Outsourceuddika
 
data science & machine learning prasentation
data science & machine learning prasentationdata science & machine learning prasentation
data science & machine learning prasentationsainikoyal108
 
A Customer Relationship Management Case Study Critical Success Factors In Ac...
A Customer Relationship Management Case Study Critical Success Factors In Ac...A Customer Relationship Management Case Study Critical Success Factors In Ac...
A Customer Relationship Management Case Study Critical Success Factors In Ac...Yolanda Ivey
 
10 Trends in Capability Planning for Defence and Security
10 Trends in Capability Planning for Defence and Security10 Trends in Capability Planning for Defence and Security
10 Trends in Capability Planning for Defence and SecurityStephan De Spiegeleire
 

Similar a Trial lecture - Risk Management and Open Source Software Adoption - Øyvind Hauge (20)

10120140506004 2
10120140506004 210120140506004 2
10120140506004 2
 
W6 making decisions in risky situations - simon pollard
W6 making decisions in risky situations - simon pollardW6 making decisions in risky situations - simon pollard
W6 making decisions in risky situations - simon pollard
 
PM508 - Week 1, Organization Risk Tolerance, Behavior, and Perception
PM508 - Week 1, Organization Risk Tolerance, Behavior, and PerceptionPM508 - Week 1, Organization Risk Tolerance, Behavior, and Perception
PM508 - Week 1, Organization Risk Tolerance, Behavior, and Perception
 
Glis Intro 01 20071029
Glis Intro 01 20071029Glis Intro 01 20071029
Glis Intro 01 20071029
 
Application Threat Modeling In Risk Management
Application Threat Modeling In Risk ManagementApplication Threat Modeling In Risk Management
Application Threat Modeling In Risk Management
 
Erpppt
ErppptErpppt
Erpppt
 
Avoid the risk of workload and hr planning to achieve sustainable business gr...
Avoid the risk of workload and hr planning to achieve sustainable business gr...Avoid the risk of workload and hr planning to achieve sustainable business gr...
Avoid the risk of workload and hr planning to achieve sustainable business gr...
 
Risk factorserp sumner
Risk factorserp sumnerRisk factorserp sumner
Risk factorserp sumner
 
PAPERS20 April 2013 ■ Project Management Jou.docx
PAPERS20 April 2013 ■ Project Management Jou.docxPAPERS20 April 2013 ■ Project Management Jou.docx
PAPERS20 April 2013 ■ Project Management Jou.docx
 
Supply Chain Risk 2009
Supply Chain Risk 2009Supply Chain Risk 2009
Supply Chain Risk 2009
 
Running head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docx
Running head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docxRunning head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docx
Running head SECURITY RISKS IN DATABASE MIGRATION1SECURITY RIS.docx
 
Running head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docx
Running head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docxRunning head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docx
Running head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY2.docx
 
Enablers for Maturing your S&OP Processes, SherTrack
Enablers for Maturing your S&OP Processes, SherTrackEnablers for Maturing your S&OP Processes, SherTrack
Enablers for Maturing your S&OP Processes, SherTrack
 
Ics 3210 information systems security and audit - edited
Ics 3210 information systems security and audit - editedIcs 3210 information systems security and audit - edited
Ics 3210 information systems security and audit - edited
 
Carol Harstad Research Proposal
Carol Harstad Research ProposalCarol Harstad Research Proposal
Carol Harstad Research Proposal
 
Role Of Knowledge Management In The Decision Making
Role Of Knowledge Management In The Decision MakingRole Of Knowledge Management In The Decision Making
Role Of Knowledge Management In The Decision Making
 
Casestudy On It Development Outsource
Casestudy On It Development OutsourceCasestudy On It Development Outsource
Casestudy On It Development Outsource
 
data science & machine learning prasentation
data science & machine learning prasentationdata science & machine learning prasentation
data science & machine learning prasentation
 
A Customer Relationship Management Case Study Critical Success Factors In Ac...
A Customer Relationship Management Case Study Critical Success Factors In Ac...A Customer Relationship Management Case Study Critical Success Factors In Ac...
A Customer Relationship Management Case Study Critical Success Factors In Ac...
 
10 Trends in Capability Planning for Defence and Security
10 Trends in Capability Planning for Defence and Security10 Trends in Capability Planning for Defence and Security
10 Trends in Capability Planning for Defence and Security
 

Más de Øyvind Hauge

PhD Defense Øyvind Hauge
PhD Defense Øyvind HaugePhD Defense Øyvind Hauge
PhD Defense Øyvind HaugeØyvind Hauge
 
2010 open standards in norwegian public sector nordic oss
2010 open standards in norwegian public sector nordic oss2010 open standards in norwegian public sector nordic oss
2010 open standards in norwegian public sector nordic ossØyvind Hauge
 
FLOSS2009 Øyvind Hauge
FLOSS2009 Øyvind HaugeFLOSS2009 Øyvind Hauge
FLOSS2009 Øyvind HaugeØyvind Hauge
 
Fri Programvarelisenser Øyvind Hauge
Fri Programvarelisenser Øyvind HaugeFri Programvarelisenser Øyvind Hauge
Fri Programvarelisenser Øyvind HaugeØyvind Hauge
 
OSS2008 Øyvind Hauge
OSS2008 Øyvind HaugeOSS2008 Øyvind Hauge
OSS2008 Øyvind HaugeØyvind Hauge
 
OSS2007 Øyvind Hauge
OSS2007 Øyvind HaugeOSS2007 Øyvind Hauge
OSS2007 Øyvind HaugeØyvind Hauge
 
OSS2009 Øyvind Hauge
OSS2009 Øyvind HaugeOSS2009 Øyvind Hauge
OSS2009 Øyvind HaugeØyvind Hauge
 
Open Nordic 2008 NTNU
Open Nordic 2008 NTNUOpen Nordic 2008 NTNU
Open Nordic 2008 NTNUØyvind Hauge
 
Goopen 2009 Øyvind Hauge
Goopen 2009 Øyvind HaugeGoopen 2009 Øyvind Hauge
Goopen 2009 Øyvind HaugeØyvind Hauge
 

Más de Øyvind Hauge (11)

PhD Defense Øyvind Hauge
PhD Defense Øyvind HaugePhD Defense Øyvind Hauge
PhD Defense Øyvind Hauge
 
2010 open standards in norwegian public sector nordic oss
2010 open standards in norwegian public sector nordic oss2010 open standards in norwegian public sector nordic oss
2010 open standards in norwegian public sector nordic oss
 
TDT10 Øyvind Hauge
TDT10 Øyvind HaugeTDT10 Øyvind Hauge
TDT10 Øyvind Hauge
 
NTNU @ Nordic OSS
NTNU @ Nordic OSSNTNU @ Nordic OSS
NTNU @ Nordic OSS
 
FLOSS2009 Øyvind Hauge
FLOSS2009 Øyvind HaugeFLOSS2009 Øyvind Hauge
FLOSS2009 Øyvind Hauge
 
Fri Programvarelisenser Øyvind Hauge
Fri Programvarelisenser Øyvind HaugeFri Programvarelisenser Øyvind Hauge
Fri Programvarelisenser Øyvind Hauge
 
OSS2008 Øyvind Hauge
OSS2008 Øyvind HaugeOSS2008 Øyvind Hauge
OSS2008 Øyvind Hauge
 
OSS2007 Øyvind Hauge
OSS2007 Øyvind HaugeOSS2007 Øyvind Hauge
OSS2007 Øyvind Hauge
 
OSS2009 Øyvind Hauge
OSS2009 Øyvind HaugeOSS2009 Øyvind Hauge
OSS2009 Øyvind Hauge
 
Open Nordic 2008 NTNU
Open Nordic 2008 NTNUOpen Nordic 2008 NTNU
Open Nordic 2008 NTNU
 
Goopen 2009 Øyvind Hauge
Goopen 2009 Øyvind HaugeGoopen 2009 Øyvind Hauge
Goopen 2009 Øyvind Hauge
 

Último

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Último (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Trial lecture - Risk Management and Open Source Software Adoption - Øyvind Hauge

  • 1. Conceptualizations of risk and control in business organizations relevant to the process of OSS adoption Trial lecture Øyvind Hauge oyvind.hauge@idi.ntnu.no
  • 2. 53.3% of the respondents thought computer breakdowns was a major concern (Coleman, 2006) The local hospital was in 2006 a full day without ICT support and a week without wireless phone Denver Airport, Computerized Baggage Handling fails, 1995 -> costs up to 1$ million per day Therac-25, 1985-1987, overdoses of radiation leading to three deaths
  • 3. Table of content The scope of this presentation Risk and control Ways of controlling risk Risk and control related to OSS adoption
  • 4. Present and discuss relevant conceptualizations of risk and control in business organizationsrelevant to the process of OSS adoption SE & IS
  • 5. Business organization Is a legal entity (private or public) Has a Mission to provide either goods or services Owner Budget Variations in Size Domain Country Organization form Geographical distribution …
  • 6. Table of content The scope of this presentation Risk and control Ways of controlling risk Risk and control related to OSS adoption
  • 7. Risk The effect of uncertainty on objectives The effect may be positive or negative Risk=Probability*Cost Involves uncertainty Event Causes/threats Consequences ISO Guide 73:2009, Aven (2009)
  • 8.
  • 16. Planning and controlScott and Vessey (2002), Wallace et al. (2004), Karolak (1996)
  • 17. ”Typical” software risks Baccarini et al. (2004) – IT projects Personnel shortfall Unreasonable schedule and budget Unrealistic expectations Incomplete requirements Diminishing window of opportunity Boehm (1991) – Software risks Personnel shortfall Unreasonable schedule and budget Developing the wrong functions and properties Developing the wrong user interface Gold-plating Changing requirements Shortfall in externally furnished components Shortfall in externally performed task Real-time performance shortfalls Straining computer science capabilities Aloini et al. (2007) – ERP systems Inadequate product selection Ineffective strategic thinking and planning Ineffective project management techniques Bad managerial conduct Inadequate change management Inadequate training and instruction Poor project team skills Inadequate Business Process Re-engineering Low top management involvement Low key user involvement Chatzoglou and Diamantidis (2009) – IT/IS implementation Management ability Information integrity Controllability Exclusivity
  • 18. Few risks are technical Baccarini et al. (2004) – IT projects Personnel shortfall Unreasonable schedule and budget Unrealistic expectations Incomplete requirements Diminishing window of opportunity Boehm (1991) – Software risks Personnel shortfall Unreasonable schedule and budget Developing the wrong functions and properties Developing the wrong user interface Gold-plating Changing requirements Shortfall in externally furnished components Shortfall in externally performed task Real-time performance shortfalls Straining computer science capabilities Aloini et al. (2007) – ERP systems Inadequate product selection Ineffective strategic thinking and planning Ineffective project management techniques Bad managerial conduct Inadequate change management Inadequate training and instruction Poor project team skills Inadequate Business Process Re-engineering Low top management involvement Low key user involvement Chatzoglou and Diamantidis (2009) – IT/IS implementation Management ability Information integrity Controllability Exclusivity
  • 19. Risks Negative impact on objectives May come from a number of sources The most important risks are not related to the technology
  • 20. Control Measures that are modifying risk Prevent Reduce consequences Event Causes/threats Consequences ISO Guide 73:2009
  • 21. Table of content The scope of this presentation Risk and control Ways of controlling risk Risk management Real Option Theory Processes and standardization Risk and control related to OSS adoption
  • 22. 1. Risk management Coordinated activities to direct and control an organization with regard to risk Aven (2008), ISO Guide 73:2009
  • 23.
  • 24. Not all risk can be controlled Hanseth and Ciborra (2007), Forester (1989)
  • 25. The norm of risk management GALE (Globally At Least Equivalent) ALARP (As Low As Reasonably Probable) Stålhane and Skramstad (2006), Aven (2009)
  • 26. Traditional risk analysis Baskeville and Stage (1996), Karolak (1996), Boehm (1991), Holmgren and Thedéen (2009)
  • 27. Risk identification: What can go wrong? Group discussions SWOT analysis Brain storming Expert panels Earlier experiences References Checklists McManus (2004), Boehm (1991)
  • 28. Risk avoidance/mitigation Find root causes of risks Deal with root causes or reduce consequences Sell risk to 3rd party Expertise (train/hire) Introduce barriers Design the risk out of the solution Buy information e.g. proof of concept Lane (1998), Boehm (1991)
  • 29. 2. Real Option Theory Add flexibility and options proactively Options may be used but they don’t have to Benaroch et al. (2007), Erdogmus and Favaro (2002)
  • 30. First date at a steakhouse The date is a vegetarian Menu option 1. Steak Menu option 1. Steak First date at a restaurant serving different dishes The date is a vegetarian Menu option 2. Salad Menu option 2. Fish
  • 31. Options for IT projects The option to: Defer Explore Stage Change-Scale Abandon Outsource Lease Strategic-Grow Benaroch et al. (2007), Erdogmus and Favaro (2002)
  • 32.
  • 34. Revision control, issue tracking, automated building, …
  • 35. Design patterns, code refactoring, pair programming, …
  • 36.
  • 37. Table of content The scope of this presentation Risk and control Ways of controlling risk Risk and control related to OSS adoption
  • 39. OSS Adoption Hauge et al. (2010)
  • 40. Risk, control and OSS adoption Non-technical risks are the most important OSS risk are therefore not the most prominent ones Relevant to IT adoption and development also relevant to OSS Risk management Alternatives Standards, tools, and processes OSS experience: to analyse the use of OSS in the context
  • 41. "software risks can be best managed by combining specific risk management considerations with a detailed understanding of the environmental context and with sound managerial practices, such as relying on experienced and well-educated project managers and launching correctly sized projects" (Ropponen and Lyytinen, 2000, p.98).
  • 42. References DavideAloini, RiccardoDulmin, and Valeria Mininnocial, Risk management in ERP project introduction: Review of the literature, Information & Management 2007:44, pages 547-567 TerjeAven, 2008, Risk Analysis: Assessing Uncertainties Beyond Expected Values and Probabilities, Wiley TerjeAven, 2009, Risk Mangement, in GöranGrimvall, Åke J. Holmgren, Per Jacobsson, and TorbjörnThedéen (editors), Risks in Technological Systems, Springer David Baccarini, Geoff Salm, and Peter E.D. Love, Management of risks in information technology projects, Industrial Management & Data Systems 2004:104(4) pages 286-295 Michel Benaroch, Yossi Lichtenstein, Karl Robinson, Real options in information technology risk management: an empirical validation of risk-option relationships, MIS Quarterly 2006:30(4) YegorBugayenko, 2009, Competitive Risk Identification Method for Distributed Teams, in OllyGotel, Mathai Joseph, and Bertrand Meyer (editors), Software Engineering Approaches for Offshore and Outsourced Development - Proceedings of the Third International Conference, SEAFOOD 2009, Zurich, Switzerland, Springer Richard L. Baskerville and Jan Stage, Controlling Prototype Development through Risk Analysis. MIS Quarterly, 1996:20(4), pages 481-504 Barry W. Boehm, Software Risk Management: Principles and Practices, IEEE Software, 1991:8(1), pages 32-41 Prodromos D. Chatzoglou and Anastasios D. Diamantidis, IT/IS implementation risks and their impact on firm performance, International Journal of Information Management, 2009:29, pages 119-128 Les Coleman, 2006, Why Managers and Companies Take Risks, Springer John Forester, 1989, Planning in the Face of Power, University of California Press HakanErdogmus and John Favaro, 2002, Keep Your Options Open: Extreme Programming and Economics of Flexibility, in G. Succi, M. Marchesi, L. Williams, D. Wells (editors) XP Perspectives, Addison Wesley
  • 43. References Ole Hanseth and Claudio Ciborra (editors), 2007, Risk Complexity and ICT, Edward Elgar Publishing Limited ØyvindHauge, Daniela S. Cruzes, ReidarConradi, KetilSandangerVelle and Tron André Skarpenes, Risks and Risk Mitigation in Open Source Software Adoption: Bridging the Gap between Literature and Practice, in: Proceedings of the 6th IFIP Working Group 2.13 International Conference on Open Source Systems (OSS2010) - Open Source Software: New Horizons, May 30th-June 2nd, Notre Dame, USA, pages 105--118, Springer, 2010 Åke J. Holmgren and TorbjörnThedéen, 2009, Risk Analysis, in GöranGrimvall, Åke J. Holmgren, Per Jacobsson, and TorbjörnThedéen (editors), Risks in Technological Systems, Springer ISO 31000:2009, Risk management -- Principles and guidelines, http://www.iso.org/iso/catalogue_detail.htm?csnumber=43170 ISO Guide 73:2009, Risk Management Vocabulary, http://www.iso.org/iso/catalogue_detail?csnumber=44651 Casper Jones, 1994, Assessment and Control of Software Risks, Yourdon Press http://www.springerlink.com/content/q0j808/ Christel Lane, 1998, Introduction: theories and issues in the study of trust, in Christel. Lane and John McManus, 2004, Risk Management in Software Development Projects, Elsevier JanneRopponen and KalleLyytinen, Components of software development risk: how to address them? A project manager survey, IEEE Transactions on Software Engineering, 2000:26(2), pages 98-112 Reinhard Bachmann (editors), Trust within and between organisations, Oxford: Oxford University, pages. 1–30. Marvin Rausand, 1991, RisikoanalyseVeiledningtil NS 8514, Tapir Judy E. Scott and Iris Vessey, Managing Risks in Enterprise Systems Implementations, 2002:45(4) Communications of the ACM Thomas Stober and UweHansmann, 2009, Agile Software Development , Springer Tor Stålhane and TorbjørnSkramstad, Presentation for Workshop at EuroSPI 2006 Linda Wallace, Mark Keil, and ArunRai, Understanding software project risk: a cluster analysis, Information & Management, 2004:42 pages 115-125