To differentiate from competitors, some organizations are transforming their business models from offering single products or services to providing IT solutions. In an IT solution, the provider and the customer co-operate in integrat-ing hardware, software and service components to fulfil customer-specific needs. The new business model, however, presents new risks, for example, those engendered by operating the IT solution on behalf of the customer and by in-tegrating modules from third-party providers. Also IT solution providers need to support the whole lifecycle from planning to end-of-life, and account for customer-specific risk profiles. It is therefore important that IT solution pro-viders understand these additional risks, and that they adapt their risk management processes to account for and mitigate these risks. In this paper, we present the results of a design science research project conducted in a medium-sized IT solution pro-vider. We developed two artifacts. First, we developed a risk management process that could be generalized to IT solution providers of similar size. Second, we derived a taxonomy of IT solution risks to drive the risk management process. We describe process how the organization under study transformed its risk management processes and dis-cuss implications for other medium-sized IT solution providers.
«
To differentiate from competitors, some organizations are transforming their business models from offering single products or services to providing IT solutions. In an IT solution, the provider and the customer co-operate in integrat-ing hardware, software and service components to fulfil customer-specific needs. The new business model, however, presents new risks, for example, those engendered by operating the IT solution on behalf of the customer and by in-tegrating modules from third-party pr...
»