Information technology risks: An interdisciplinary challenge

This chapter introduces students to general concepts and theoretical foundations of managing risks induced by developing and using information technology (IT risks). This chapter first provides an overview of the broad nature of IT risks. We introduce categories of IT risks to illustrate its diverse and heterogeneous causes and consequences as well as possible strategies required to balance the risks and benefits of information systems. Second, we illustrate the interdisciplinary challenges that come with managing IT risks on the most researched form of IT risk, namely IT project risks. We discuss the subjectivity of IT risks, various IT risk assessment techniques, outline the process of managing IT project risks, and introduce the dynamics of IT project risks. Third, we present five perspectives on IT risks as a fruitful lens to structure the variety of topics in IT risk research. Using these five perspectives as a framework, we present the most frequently cited IT risk research papers and theories. We conclude with an IT risk research agenda that posits worthwhile avenues for advancing the understanding and control of IT risks.