Risk management in IT departments: A process perspective

Abstract

This research reports on a field based research investigation into the processes of implementing Risk Management (RM) schemes in IT departments from a sensemaking perspective. Participation and implementation of the framework is conceptualised as a process of organisational learning. The literature on RM, specifically implementation issues associated with RM schemes, is reviewed. This paper focuses on contextual and processual elements as well as the action of key players associated with implementation. This research also suggests a different approach to doing RM research — one that takes into account the interaction over time of learning, context, meaning, process, planning and action around the implementation of RM schemes. The findings will provide insight for theory and practice, detailing the organisational learning that are associated with RM frameworks under certain circumstances, and how these might be assessed and managed.