Vergleich des Risikoverständnisses in den Disziplinen Wirtschaftsinformatik und Soziologie

Table of Content

1 Introduction and Organization

2 Understanding of Risk in Sociology

2.1 The concept of risk society from Ulrich Beck

2.2 Risk as a Collective Construct from the Culture

2.3 Risk in the Context of Communications and Systems Theory from Luhmann

2.4 Risk and Govermantiality

3 Risks in Information Systems

3.1 Risks in Software Project Management

3.1.1 Definition of Project, Project Risks and Some Categorization

3.1.2 Management Understanding of Risk and their Limitation

3.1.3 Risk Management in Software Projects

3.1.4 Effect of Coordination and Uncertainty on Software Project Performance

3.1.5 Risk Categories and their Effect on Product and Process Performance

3.1.6 Critical Risks in Outsourced IT projects

3.1.7 Risk Factors, Categories and their Observance

3.1.8 Contingency Model of Software Project Risk Management

3.1.9 Risk Perception and Risk Propensity on the Decision to Continue a Project

3.2 Risks in the Field of IT Security

3.2.1 Development and Progress of IT Security: From Past to Present

3.2.2 Categorization of IT Security Threats

3.2.3 Ranking and Perception of IT Threats

3.2.4 Risk Perception: The Technology Threat Avoidance Theory

3.2.5 Risk Perception Amongst Managers

3.2.6 User Participation in IS Security Risk Management

3.2.7 IT Security From an Entrepreneurial Standpoint

3.2.8 Differences in Computer Ethics

4 Comparison of Risk understanding in Information Systems and Sociology

4.1 Comparison of Risk Characteristics

4.2 The Culture Theory in Information Systems

4.3 Risk Perception, Risk Environment and Risk Transformation

5 Discussion and Outlook

Research Objectives and Themes

The primary objective of this work is to identify and compare the sociological understanding of risk with the practical application and perception of risk within the fields of Information Systems, specifically Software Project Management and IT Security. It explores how sociological frameworks can be transferred to IT environments to explain organizational risk cultures and user behaviors.

• Theoretical foundations of sociological risk research (Beck, Luhmann, Douglas, Foucault).
• Risk identification and management strategies in software development projects.
• Mechanisms of risk perception and threat avoidance in IT security (TTAT).
• Cultural impacts and organizational awareness on risk management practices.

Excerpt from the Book

Summary of Chapters

1 Introduction and Organization: This chapter outlines the motivation for the study, establishing the connection between sociological risk theory and modern Information Systems challenges.

2 Understanding of Risk in Sociology: This section provides a theoretical overview of risk, covering objectivist and constructivist views from key thinkers like Beck, Douglas, Luhmann, and Foucault.

3 Risks in Information Systems: This chapter analyzes how risk is managed and perceived in Software Project Management and IT Security, including specific models like TTAT and contingency frameworks.

4 Comparison of Risk understanding in Information Systems and Sociology: This section synthesizes the findings, comparing sociological constructs with IT management practices to identify how culture influences risk perception.

5 Discussion and Outlook: The conclusion summarizes how sociological insights can enhance corporate risk culture and suggests directions for future research into the alignment of risk management with organizational values.

Key Words

Social risk theory, risk sociology, IT security risk, software project risk, Ulrich Beck, Niklas Luhmann, Mary Douglas, Michel Foucault, risk perception, grid-group model, IT security, software development, risk management, culture theory, corporate risk culture.

Frequently Asked Questions

What is the core focus of this research paper?

The paper examines the relationship between sociological theories of risk and the practical risk management approaches found in Information Systems, particularly within software project management and IT security.

What are the primary thematic fields covered in this study?

The main themes include the definition and sociological categorization of risk, practical risk management strategies in software projects, IT security threats, and the role of organizational culture in shaping risk perception.

What is the central research goal?

The goal is to bridge the gap between abstract sociological risk theories and applied IT risk management to better understand why organizations and individuals perceive and react to risks in specific, often culturally conditioned, ways.

Which scientific methods are employed?

The research primarily utilizes a comparative, theory-based analytical approach. It synthesizes literature from both sociology and information systems to establish a conceptual framework for interpreting risk management practices.

What is addressed in the main part of the paper?

The main body details the theoretical perspectives of sociologists (Beck, Luhmann, Douglas, Foucault) and analyzes technical risk management methods such as risk checklists, process models, and the Technology Threat Avoidance Theory (TTAT).

Which keywords characterize this work?

Key terms include social risk theory, risk sociology, IT security risk, software project risk, and organizational culture.

How does the author define risk in the context of IT Security?

Following Luhmann and others, the author distinguishes between risk (attributable to personal decisions) and danger (attributed to the external environment), arguing that security measures often create an "illusion of safety."

What role does the 'grid-group model' play in this analysis?

The grid-group model is used to classify different forms of social organization and their specific risk perceptions, which the author subsequently applies to explain varying levels of security policy adherence within corporate environments.