Risk management and ‘routine-based reliability’ is considered fundamental to project performance. Existing theories of project risk management do not fully explain why project managers stop practicing risk management information systems (IS); however, constructs drawn from organisation theory offer insights into how and why such disengagement occurs.
The study examines risk management practices in 21 IS projects within 10 organisations. By focusing on risks that resulted in significant events and mapping backwards over time the practices associated with those risks, we identify that in all but five projects the manager had disengaged from prescribed risk management before executing risk responses. In most projects, the majority of formally identified and assessed risks remained unallocated and untreated. A laddering technique was used to help explain why this transpired. We found five key underlying beliefs that governed project managers’ risk management attitudes and actions. LINK