Risk management model for IT projects from service provider perspectives in SME: A case study at two-P technology Sdn Bhd / Mohamad Fadhil Abdul Rahim

This study is meant to be a guide for service provider in SMEs regarding an effective risk Management model for IT project. The main purpose of this thesis is to introduce risk management for IT project and enhance the managerial model toward effective IT project risk management in company. The research is based on a case study at Two-P Technology Sdn Bhd.The study investigates risk management, uncertainties and risks in IT projects, its models and particularities in order to give the main manner about IT project risk management and its adaptation in company. Due to the need of improvements, recommendations and advices are drawn for the case. A questionnaire is used to list out the factors of risk arise in IT project process and determine the level of each risks. Then, a qualitative research based on structured and open ended interview was conducted to show how risk management of IT project is implemented in the case company. There were two respondents who participated in this study. Project Manager 'A' was a project manager with experience in managing organizational larger-sized IT projects for other organizations for nearly 10 years. Meanwhile Project Manager 'B' was a project manager who manager smaller-sized IT Projects for other organization for nearly 8 years. As a result, both of project managers have different perception about risks. Risk strategy that they plan also different because each risk exposed to their IT project have different values. Later studies continued by examined how project managers managing IT projects. All the vulnerabilities in their risk management practices identified by compared it with the available practice literature. Then, the recommended model is built as their guidance for managing IT projects risk in the future. In final result, this research found that there is no standard model used to manage IT project risk in organization, the research findings showed that there are four common processes in risk management practices by the Project Manager in Two-D Technology. The processes are risk identification, risk assessment, risk and risk response plans. In other findings showed that the most significant IT project risks are varying according to size and type of project. But from the list of risk factors, high level risk that often affect the IT project are as conflicts between departments, lack technical specification for IT project and improper support documents on executed task or site work instructions by client or project team. Finally, this research recommended that the process managing risk should be starts from risk planning, risk identification, risk assessment, risk Strategies, risk control and risk response for organization's project manager and project team to manage IT project risk.