Assessing the Maturity Level of Risk Management in IT Projects

Abstract

The purpose of the article is to determine the maturity level of risk management in IT projects. To achieve this goal, the most popular risk management maturity models were analyzed. This analysis allows the identification of methods and mechanisms for determining maturity levels, the identification of strengths and weaknesses for each model, and the study of findings obtained from their use. Based on the data obtained, the author’s risk management maturity model in IT projects was developed and tested, considering the strengths and weaknesses of the analyzed models. Based on the analysis results and empirical data, it was found that the application of the created model allows the determination of the current maturity level of risk management in IT projects, the identification of these projects’ management problems, and the development of recommendations for increasing the level of management. The results have shown that the transition to the Standardized maturity level eliminates 105 universal risks and significantly increases the chances of successfully achieving the designed goals. In addition, it was found that the evaluation of the risk elimination effectiveness and efficiency and the best risk management practices identification and standardization are the main processes that ensure the transition to higher maturity levels. The obtained results suggest that the created author’s risk management maturity model in IT projects can become a tool for identifying the best contractor (performer, supplier), which guarantees the development of the desired IT product.