IT项目风险管理研究
|
摘要
伴随着信息技术的快速发展和信息时代的到来,IT项目管理已经到了一个全新的应用高度。IT项目属于软件密集项目,项目的目的在于开发出高效的信息管理系统,从而降低现实世界的不确定性。但是,项目自身的发展却充满了许多的不确定性,单纯信息技术的发展不但没有减弱、反而还助长了这一现象,特别是随着应用的广泛深入及项目规模增大,这种现象愈加突出。因此IT项目中的风险管理就愈重要。
本文围绕IT项目风险管理本身具有的项目风险管理及软件开发的双重性质,对软件的项目风险管理进行了定性的风险识别、定性与定量相结合的风险评估,在此基础上对项目的风险应对提出合适的应对措施,并采取相应的技术方法监控项目的风险,以保证IT项目的顺利开发。
论文首先回顾和分析了国内外研究现状,介绍本文研究的目的、基本思路方法和本文的创新点;其次介绍了IT项目风险管理的基本特征、流程和不确定性等IT项目风险管理本身具有的性质,并介绍了其相关的基本理论基础;再次,对IT项目风险管理按照风险识别、风险评估、风险应对、风险监控的顺序进行了相关的理论研究,介绍了相关的理论方法,并着重介绍了多层次灰色理论及网络分析法ANP理论方法,对项目风险进行定性与定量相结合的方法评估,为风险应对、风险监控建立理论基础。最后本文通过以某房产频道的软件项目开发为例,根据本身的实践经验与理论,详细介绍了IT项目风险管理的具体操作步骤及方法,旨在通过实例论证挖掘IT项目风险管理的内在规律,指导IT项目风险管理的顺利开发。
With the rapid development of Information Technology(IT) and the emergence of information period,IT project risk management has gotten a great development IT project is a kind of software project The purpose of the project is developing a advanced management information system to reduce the uncertainty of application. But the self-development of the project is full of uncertainty.The development of single Information Technology enhances the trend instead of reducing the uncertainty. Especially the trend is becoming more and more obvious because the application of project is becoming more extensive and the size of the project gets too large. Consequently,IT project risk management is becoming more and more important
The thesis is based on the dualism of project risk management and software exploitation.It analyses project risk identification with qualitative ideas and project risk assessment with the combination of qualitative ideas and quantitative ideas.Then we will give the appropriate risk measures and the right risk monitoring and controlling ideas and tools.The purpose is to assure the exploitation of IT project perfectly.
The main contents of this thesis are as follows:Firstly,the history and state-of-the-art of this subject are reviewed both domestically and abroad、the purpose of the paper、the basic method and the innovation of the thesis.Then the thesis contains the essence character、process and uncertainty of IT project risk management It also includes the basic quality and the correlative theories.Thirdly,it introduces the basic theories and risk identification,risk assessment,risk controlling and risk measures.Especially,it introduces the methods of Graymulti-layer synthetic evaluation model and Analytical Network Process(ANP).They are the methods of the combination of qualitative ideas and quantitative ideas.
At last,the paper gives a risk management example of software exploitation.The model is about software of selling houses on Internet.It is based on experiences and theories.It includes the process and methods of IT project risk management The purpose of the model aims at finding the hidden rules and assuring the success of IT project risk management
本文围绕IT项目风险管理本身具有的项目风险管理及软件开发的双重性质,对软件的项目风险管理进行了定性的风险识别、定性与定量相结合的风险评估,在此基础上对项目的风险应对提出合适的应对措施,并采取相应的技术方法监控项目的风险,以保证IT项目的顺利开发。
论文首先回顾和分析了国内外研究现状,介绍本文研究的目的、基本思路方法和本文的创新点;其次介绍了IT项目风险管理的基本特征、流程和不确定性等IT项目风险管理本身具有的性质,并介绍了其相关的基本理论基础;再次,对IT项目风险管理按照风险识别、风险评估、风险应对、风险监控的顺序进行了相关的理论研究,介绍了相关的理论方法,并着重介绍了多层次灰色理论及网络分析法ANP理论方法,对项目风险进行定性与定量相结合的方法评估,为风险应对、风险监控建立理论基础。最后本文通过以某房产频道的软件项目开发为例,根据本身的实践经验与理论,详细介绍了IT项目风险管理的具体操作步骤及方法,旨在通过实例论证挖掘IT项目风险管理的内在规律,指导IT项目风险管理的顺利开发。
With the rapid development of Information Technology(IT) and the emergence of information period,IT project risk management has gotten a great development IT project is a kind of software project The purpose of the project is developing a advanced management information system to reduce the uncertainty of application. But the self-development of the project is full of uncertainty.The development of single Information Technology enhances the trend instead of reducing the uncertainty. Especially the trend is becoming more and more obvious because the application of project is becoming more extensive and the size of the project gets too large. Consequently,IT project risk management is becoming more and more important
The thesis is based on the dualism of project risk management and software exploitation.It analyses project risk identification with qualitative ideas and project risk assessment with the combination of qualitative ideas and quantitative ideas.Then we will give the appropriate risk measures and the right risk monitoring and controlling ideas and tools.The purpose is to assure the exploitation of IT project perfectly.
The main contents of this thesis are as follows:Firstly,the history and state-of-the-art of this subject are reviewed both domestically and abroad、the purpose of the paper、the basic method and the innovation of the thesis.Then the thesis contains the essence character、process and uncertainty of IT project risk management It also includes the basic quality and the correlative theories.Thirdly,it introduces the basic theories and risk identification,risk assessment,risk controlling and risk measures.Especially,it introduces the methods of Graymulti-layer synthetic evaluation model and Analytical Network Process(ANP).They are the methods of the combination of qualitative ideas and quantitative ideas.
At last,the paper gives a risk management example of software exploitation.The model is about software of selling houses on Internet.It is based on experiences and theories.It includes the process and methods of IT project risk management The purpose of the model aims at finding the hidden rules and assuring the success of IT project risk management
引文
[1]中国建设监理协会组织编写.《建设工程监理概论》.知识产权出版社,2003
[2]Kathy Schwalbe著、王金玉等译.《IT项目管理》.机械工业出版社,2002
[3]斯坦利·波特尼著.宁俊、韩燕等译.《如何做好项目管理》.企业管理出版社,2001
[4]杰克·吉多詹姆、克莱门斯著.张金成等译.《成功的项目管理》.机械工业出版社,2001
[5]横向课题:中建三局二公司集成化信息资源管理系统规划与实施(一期工程)(2003.62004.5):
[6]Boehm B W.Software risk management[M].Washington D.C.:IEEE Computer Society Press,1989:56-63
[7]Boehm BW.Software risk management:Principles and Practices[J].IEEE Software.1991.8(1):32-41
[8]Charette R N.Software engineering risk analysis and management[M].New York:Inter text Publications.1989.3 5-37
[9]Ray C,Williams R C.Software risk evaluation(SRE) team member' s notebook.Pittsburgh,Pa:Carnegie Mellon University,CMU/SEI-99-TR-029
[10]Sisti F.J,Joseph S.Software risk evaluation model[R].Pittsburgh,Pa:Carnegie Mellon Universitv.CMU/SEI-94-TR-19
[11]杜文华.IT项目监理:企业信息化成功的关键[J].科技情报开发与经济,2004.3:214-215
[12]Software Risk Management Practices 2001,Peter Kulik and Catherine Weber[M].KLCI 2001 8
[13]王莲芬.网络分析法(ANP)理论和算法[J].系统工程理论和实践,2001,21(3):44-50.
[14]沈建明.《项目风险管理》.机械工业出版社.2004。
[15]李小宁,EPC工程总承包全过程项目控制,图际经济合作,2000,6:41-46
[16]连惠萍,孙其龙,学寸民,2004,1,国际承包EPC合同模式应用分析,黄河水利职业技术学院45-46
[17]邵晓峰,季建华,黄培清.供应链中供应商选择方法的研究[J].数量经济技术经济研究,2001,18(8):80-83
[18]吴润衡.英英.张勇.上市公司经营业绩的多因索层次模糊评价[J].运筹与管理,2004,13(4):102-105
[19]Keil M,Mallace L、Turk D.An investigation of risk perception and risk propensity on the decision to continue a software development Project[J].The Journal of Systems and Software,2000(53)
[20]Lister T.Interview with Tim Lister[J].IEEE Software,1997.
[21]齐治昌,谭庆平,宁洪编著.软件工程[M].高等教育出版社,2001年.
[22]伊莱恩.M.霍尔[Elaine M.Hall]著.风险管理一软件系统开发方法[M].影印版,清华大学出版社,2002年8月第1版.
[23](英)丹.雷曼伊著,杨爱华,肖艳颖,黄北惠等译.拯救IT--运用风险管理中止IT项目失败[M].机械工业出版社,2002年10月第1版.
[24](美)约翰.拉夫特里(著),李清立(译).项目管理风险分析[M].机械工业出版社,2002年1月第1版.
[25]邱莞华主编.现代项目风险管理方法与实践[M].科学出版社,2003年7月第1版.
[26]莫湘群.软件项目的进度风险管理[[J].电脑与信息技术,2002(4).
[27]李师贤,张路玲.需求分析的常见问题及其对策分析[J].计算机工程,2002(1).
[28]文亚栋.软件项目的风险管理[[J].计算机系统应用,2002(2).
[29]罗荣桂.一种实用的小型软件项目开发风险管理方法[[J].武汉理工大学学报(信息与管理工程版),2003(5).
[30]张洛玲,李师贤.软件项目风险管理方法比较和研究[[J].计算机工程,2003(3).
[31]方德英.IT项目风险管理理论体系构建[J].合肥工业大学学报(自然科学版),2003(S 1).
[32]Walsh K R,Schneider H.The role of motivation and risk behavior in software development success[J].Information Research.2002.7:27-36.
[33]Boehm,B.W.Software Risk Management.IEEE Computer Society Press Washington D.C,1989.
[34]Brooks F P The mythical man-month[M].Reading(MA):Addison-Wesley,1975.3-26.
[35]Boehm BW Software Engineering Economics.Englewood Cliffs.1981
[36]Microsoft Corp.MSF risk management process.http://www.Microsoft.tom,1999/6.
[37]P.P.Wallon,et al.Using Real Options analysis for Evaluating Uncertain Investments in Information Technology[a]:Insights From The ICIS 2001 Debate,Communications of the association for Information Systems 2002,9:136167.
[38]Boehm B W.Software risk management:Principles and practices[J].IEEE Software,
[41]James J.Jiang et al.Risks to different aspects of system success.Information& Management,1999,(36):263272.
[42]Brooks F P.No silver bullet:Essence and accidents of software engineering [J].IEEE Computer.1987.20(4):10-19.
[43]Marvin J.Catr,S.L.Konda,I.Monarch,F.C.Ulrich,C.F.Walker SEI Technical Report SEI-93-TR-006,Pittsburgh,PA:Software Engineering Institute,(SEI internal report).
[44]Wideman,R.Max.Project and program risk management:a guide to managing project risks and opportunities.Project Management Institute,1992.
[45]Brian P.Gallagher.Software acquisition risk management key process area(KPA)-a guidebook version 1.02.CMU/SEI-99-HB-001,1999/10.
[46]Donald Reifer.Ten deadly risks in Internet and internet software Development IEEE Software,May/June 1997.
[47]IEEE standard 1540-2001.IEEE Standard for Software Life Cycle Processes-Risk Management.New York,NY.,2001.
[48]Sisti F J,Joseph S.Software risk evaluation model(Version 1.0)[R].Pittsburgh Pa:Carnegie Mellon University,CMU/SEI-94-TR 19.
[49]Barbara.Estimates Uncertainty and Risk.IEEE Software,Vol.14.
[50]Ray C,Williams RC,Pandelios GJ.Software risk evaluation(SRE) team member's notebook(Version 2.0)[R].Pittsburgh,Pa:Carnegie Mellon University,CMU/SEI-99-TR-029.
[51]Kevin Sullivan.Software Design as an Investment Activity:A Real Options Perspective.Real Options,And Business Strategy,215-245.
[52]Samuel J.Mantel,Jr.,Jack R.Meredith,Scott M.Shafer& Margaret M.Sutton:Project Management in Practice.John Wiley& Sons,2001
[53]Barry W.Boehm,Richard E.Software estimation perspectives.IEEE Software November/December 2000,22-26.
[54]Kim Y J,Sanders G L.Strategic actions in information technology investment based on real option theory[J].Decision Support Systems.2002.33:1-11.
[55]宋明哲.风险管理.[台北]中华企、IU管理发展中心,1987/10.
[56]Gove,Phillip Babcock,Editor.Webster's Third New International Dictionary:Unabridged.
[57]Theron R.Leishman,Larry Smith.Software Project Management Technology Report United States Air Force(USAF) Software Technology Support Center(STSC).,2000.9Version 4.
[58]Charette R N.Publications,1989.are engineering risk analysis and management [M].New York:Intertext35-37.
[59]Jack Gide,James P.Clements:Successfnl Project Management.South-Western College Publishing,1999
[60]Boehm,B.W.Software Engineering Economics.1981.
[61]约瑟夫.雷纳斯.CMM软件过程改进指南.电子工业出版社,2002
[62]Risk Management Research and Development Program Collaboration,Risk Management Maturity Level Development. 2002
[63] Williams, Ray C. Applying the Seven Principles of Team Risk Management, the Software Engineering Symposium. 1995.9:11 — 14
[2]Kathy Schwalbe著、王金玉等译.《IT项目管理》.机械工业出版社,2002
[3]斯坦利·波特尼著.宁俊、韩燕等译.《如何做好项目管理》.企业管理出版社,2001
[4]杰克·吉多詹姆、克莱门斯著.张金成等译.《成功的项目管理》.机械工业出版社,2001
[5]横向课题:中建三局二公司集成化信息资源管理系统规划与实施(一期工程)(2003.62004.5):
[6]Boehm B W.Software risk management[M].Washington D.C.:IEEE Computer Society Press,1989:56-63
[7]Boehm BW.Software risk management:Principles and Practices[J].IEEE Software.1991.8(1):32-41
[8]Charette R N.Software engineering risk analysis and management[M].New York:Inter text Publications.1989.3 5-37
[9]Ray C,Williams R C.Software risk evaluation(SRE) team member' s notebook.Pittsburgh,Pa:Carnegie Mellon University,CMU/SEI-99-TR-029
[10]Sisti F.J,Joseph S.Software risk evaluation model[R].Pittsburgh,Pa:Carnegie Mellon Universitv.CMU/SEI-94-TR-19
[11]杜文华.IT项目监理:企业信息化成功的关键[J].科技情报开发与经济,2004.3:214-215
[12]Software Risk Management Practices 2001,Peter Kulik and Catherine Weber[M].KLCI 2001 8
[13]王莲芬.网络分析法(ANP)理论和算法[J].系统工程理论和实践,2001,21(3):44-50.
[14]沈建明.《项目风险管理》.机械工业出版社.2004。
[15]李小宁,EPC工程总承包全过程项目控制,图际经济合作,2000,6:41-46
[16]连惠萍,孙其龙,学寸民,2004,1,国际承包EPC合同模式应用分析,黄河水利职业技术学院45-46
[17]邵晓峰,季建华,黄培清.供应链中供应商选择方法的研究[J].数量经济技术经济研究,2001,18(8):80-83
[18]吴润衡.英英.张勇.上市公司经营业绩的多因索层次模糊评价[J].运筹与管理,2004,13(4):102-105
[19]Keil M,Mallace L、Turk D.An investigation of risk perception and risk propensity on the decision to continue a software development Project[J].The Journal of Systems and Software,2000(53)
[20]Lister T.Interview with Tim Lister[J].IEEE Software,1997.
[21]齐治昌,谭庆平,宁洪编著.软件工程[M].高等教育出版社,2001年.
[22]伊莱恩.M.霍尔[Elaine M.Hall]著.风险管理一软件系统开发方法[M].影印版,清华大学出版社,2002年8月第1版.
[23](英)丹.雷曼伊著,杨爱华,肖艳颖,黄北惠等译.拯救IT--运用风险管理中止IT项目失败[M].机械工业出版社,2002年10月第1版.
[24](美)约翰.拉夫特里(著),李清立(译).项目管理风险分析[M].机械工业出版社,2002年1月第1版.
[25]邱莞华主编.现代项目风险管理方法与实践[M].科学出版社,2003年7月第1版.
[26]莫湘群.软件项目的进度风险管理[[J].电脑与信息技术,2002(4).
[27]李师贤,张路玲.需求分析的常见问题及其对策分析[J].计算机工程,2002(1).
[28]文亚栋.软件项目的风险管理[[J].计算机系统应用,2002(2).
[29]罗荣桂.一种实用的小型软件项目开发风险管理方法[[J].武汉理工大学学报(信息与管理工程版),2003(5).
[30]张洛玲,李师贤.软件项目风险管理方法比较和研究[[J].计算机工程,2003(3).
[31]方德英.IT项目风险管理理论体系构建[J].合肥工业大学学报(自然科学版),2003(S 1).
[32]Walsh K R,Schneider H.The role of motivation and risk behavior in software development success[J].Information Research.2002.7:27-36.
[33]Boehm,B.W.Software Risk Management.IEEE Computer Society Press Washington D.C,1989.
[34]Brooks F P The mythical man-month[M].Reading(MA):Addison-Wesley,1975.3-26.
[35]Boehm BW Software Engineering Economics.Englewood Cliffs.1981
[36]Microsoft Corp.MSF risk management process.http://www.Microsoft.tom,1999/6.
[37]P.P.Wallon,et al.Using Real Options analysis for Evaluating Uncertain Investments in Information Technology[a]:Insights From The ICIS 2001 Debate,Communications of the association for Information Systems 2002,9:136167.
[38]Boehm B W.Software risk management:Principles and practices[J].IEEE Software,
[41]James J.Jiang et al.Risks to different aspects of system success.Information& Management,1999,(36):263272.
[42]Brooks F P.No silver bullet:Essence and accidents of software engineering [J].IEEE Computer.1987.20(4):10-19.
[43]Marvin J.Catr,S.L.Konda,I.Monarch,F.C.Ulrich,C.F.Walker SEI Technical Report SEI-93-TR-006,Pittsburgh,PA:Software Engineering Institute,(SEI internal report).
[44]Wideman,R.Max.Project and program risk management:a guide to managing project risks and opportunities.Project Management Institute,1992.
[45]Brian P.Gallagher.Software acquisition risk management key process area(KPA)-a guidebook version 1.02.CMU/SEI-99-HB-001,1999/10.
[46]Donald Reifer.Ten deadly risks in Internet and internet software Development IEEE Software,May/June 1997.
[47]IEEE standard 1540-2001.IEEE Standard for Software Life Cycle Processes-Risk Management.New York,NY.,2001.
[48]Sisti F J,Joseph S.Software risk evaluation model(Version 1.0)[R].Pittsburgh Pa:Carnegie Mellon University,CMU/SEI-94-TR 19.
[49]Barbara.Estimates Uncertainty and Risk.IEEE Software,Vol.14.
[50]Ray C,Williams RC,Pandelios GJ.Software risk evaluation(SRE) team member's notebook(Version 2.0)[R].Pittsburgh,Pa:Carnegie Mellon University,CMU/SEI-99-TR-029.
[51]Kevin Sullivan.Software Design as an Investment Activity:A Real Options Perspective.Real Options,And Business Strategy,215-245.
[52]Samuel J.Mantel,Jr.,Jack R.Meredith,Scott M.Shafer& Margaret M.Sutton:Project Management in Practice.John Wiley& Sons,2001
[53]Barry W.Boehm,Richard E.Software estimation perspectives.IEEE Software November/December 2000,22-26.
[54]Kim Y J,Sanders G L.Strategic actions in information technology investment based on real option theory[J].Decision Support Systems.2002.33:1-11.
[55]宋明哲.风险管理.[台北]中华企、IU管理发展中心,1987/10.
[56]Gove,Phillip Babcock,Editor.Webster's Third New International Dictionary:Unabridged.
[57]Theron R.Leishman,Larry Smith.Software Project Management Technology Report United States Air Force(USAF) Software Technology Support Center(STSC).,2000.9Version 4.
[58]Charette R N.Publications,1989.are engineering risk analysis and management [M].New York:Intertext35-37.
[59]Jack Gide,James P.Clements:Successfnl Project Management.South-Western College Publishing,1999
[60]Boehm,B.W.Software Engineering Economics.1981.
[61]约瑟夫.雷纳斯.CMM软件过程改进指南.电子工业出版社,2002
[62]Risk Management Research and Development Program Collaboration,Risk Management Maturity Level Development. 2002
[63] Williams, Ray C. Applying the Seven Principles of Team Risk Management, the Software Engineering Symposium. 1995.9:11 — 14