Challenges regarding risks and risk management: A review of Risk, Complexity and ICT
The University of the West Indies, Trinidad
Risk, Complexity and ICT, edited by Ole Hanseth and Claudio Ciborria, Northampton, MA: Edward Elgar, (hardback, 978 1 84542 661 3, $110.00), 2007.
This book explores the challenges regarding risks and risk management related to the growing complexity of information and communication technology systems solutions. The book is presented in two major parts in addition to an overall introduction; and is a collaborative effort of eleven chapter authors. Part I, which deals with theory, consists of three chapters contributed by three different authors. Part II, entitled Cases consists of five chapters with all but one written by a team of two to four authors. These chapters demonstrate and expose, through the study of real life systems, theses which the authors present about the immediacy of increasing complexity and the attendant increasing risks, and the lessons to be learnt therefrom.
The arrangement of the book in terms of theory and cases immediately allows the discriminating reader to focus on underpinning theory or the more practical examples of application and allows for relatively easy interrogation, manoeuvrability and use as a textbook. The introduction not only sets the tone of the book, but promotes guidance to the reader to address his/her interests in using the book. The introduction in this book is critical to a full understanding of the textual material. It details the thinking and setting of the theories and cases that follow, and also provides an overview that is essential to exploring the arguments in the later chapters. It gives background information to the theories, shows the relevance of the case-studies, and also illustrates quite clearly how the evidence supports the theories put forward.
The theory section of the book, Chapters 2-4, is concerned with digital technologies, risk management and the increasing risk that derives from increasing complexity and risk in relation to the ‘essence’ of using technology. Some key issues addressed include: the incompleteness of knowledge; the inability to predict the future which sets the stage for risk and opportunity; and technology and risk. Emerging from an exploration of these issues are several theories from previous researchers that drove the research of the book. These theories include (1) Risk society/ Reflexive modernization (2) Complexity theory, (3) Action network theory (ANT), and (4) Inherence of risk in complex technologies. Each theory chapter is complete in its own right, highlighting its goal and/or background, providing evidence and argument, drawing its conclusions and including its own comprehensive bibliography.
The cases explored in Chapters 5-9 illustrate the theories and theses proposed in Part I. Each of the chapters maintains its integrity in terms of providing a context for the case, outlines the case from the perspective desired, which involves the evolution of the institution or industry in terms of the historical development of its information systems, and provides an analysis of the issues that support the theory or thesis. Chapter 5 is a good example of how the cases are explored in the context of the theoretical framework. This chapter examines integration and how it leads to increasing risks in an integrated information system in a global company. It starts off with the nature of implementing and managing information systems in the global company, and emphasises the multifaceted implications of practically and analytically integrating global systems. In a historical review of the development of the information systems in the company, it highlights the tension between integration and fragmentation in implementation. It explains that this brings a consequential increase in complexity of interaction and an inherent increase in risk. The chapter outlines the company’s work processes and shows how the information system involved improving effectiveness in providing current, accurate and complete data on which major decisions that impacted on the functioning and operations cost of the company depended. Through the historical lens, the development of the information system, which in this case is deliberative and management driven, is explored and clarified with the aid of a set of comprehensive diagrams that portray the developmental structures. The evolutionary complexity of the information system since its inception and the attendant risks with increasing functionality were thus clearly exposed. This case is supported by evidence from management of the information system’s project and its users. It also emphasises the challenge to learning from experience in the complex theatre of global information systems integration which it is argued really define the role of information technology.
The other case chapters are equally comprehensive and exploratory and range from Reflexive Integration in the Development and Implementation of an Electronic Patient Record System; Risks and Risk Management in the Mobile Telecom Sector; The Duality of Risk and the Evolution of Danger in Global ICT Integration; When is an Intranet? The Topsy-turvey Unfolding of a Web-based Information System.
Reflexive Integration in the Development and Implementation of an Electronic Patient Record System is presented in four stories that illustrate the multiplicity of perspectives, intentions, constraints, challenges and agendas at work in the social and technological network, for which the concept of reflexivity affords an interpretation of the dynamics involved in the case in the context of the theory of modernity.
Risks and Risk Management in the Mobile Telecom Sector examined the complexity within a large and more complex system. The increasing complexity of this system was substantial and so were the increasing risks and these were examined in the context of Ulric Beck’s theories.
The Duality of Risk and the Evolution of Danger in Global ICT Integration focussed on the integration of ICT through the development of a global email infrastructure. This case illustrates the adoption of a conventional information systems management approach to ICT integration with its techno-scientific concept of risk and the changing characteristics of risk in implementation in a global risk society, among other findings related to the challenges presented to managers with outmoded armoury facing new situations of danger.
When is an Intranet? the Topsy-turvey Unfolding of a Web-based Information System. This chapter examines the evolution of an intranet in a pharmaceutical company. It highlights the complexity of the multi-dimensional developments and changes and applications and platforms by functional areas, product, location, drug-development and a range of other factors, which all define the company. The chapter further defines the characteristics of a topsy-turvy unfolding of a web-based information system, and shows the challenge, if not improbability, of delineating the boundaries of a system that occurs in varied manifestations driven by tensions that are difficult to resolve.
The book benefits from the contributions of the variety and experiences of its authors that provide depth, insight, rigorous argument and research. Also contributing to the effectiveness of the book are the organization of the text and the clarity of its structure. It is relatively easy to read, and more importantly, the ideas can be grasped with strategic interrogation. I would highly recommend this book for both those who study the management of information systems, and for practitioners, who advise on and make decisions about information systems. The setting of the book in theory and the application of theoretical concepts in the cases, provide knowledge for study and practice as well as a teaching/learning methodology that supports the development of expertise. Both final year undergraduate and postgraduate programmes would be boosted with the use of this book as an essential text, which will continue to serve the users as they engage the world of work.
Copyright for articles published in this journal is retained by the authors, with first publication rights granted to the journal. By virtue of their appearance in this open access journal, articles are free to use, with proper attribution, in educational and other non-commercial settings. Original article at: http://ijedict.dec.uwi.edu//viewarticle.php?id=575&layout=html