Kaushik - Risks to project performance can have severe consequences on the delivery, operation, and profitability of a project. The risk mitigation strategy can include establishing the context of the risk; identifying, evaluating and treating the risk and tracking and reporting the risk plans. Saving Changes...
IT and infraestructure projects are the project where you can identify risk and issues more easily. That is because most of the things you have to consider are tangible. If you add software component then this is the situation where your are at a cliff`s edge. I lead several projects/programs in that niche including inside my actual work place. About how to access risk nothing new than in other type of projects and the same about the action you take for each risk (avoid, mitigate, etc) Saving Changes...
Technology risks in IT projects are relatively straight forward to identify. Examples:-
Human Risk - What if someone gets hurt due to manual handling risk?
Equipment Risk - What if the equipment falls down or fails?
Disasters :- What if there is a catastrophe like Flood?
Technology Risk - What if the piece of software that you are upgrading doesn't upgrade due to a system limitation/defect?
Then come vendor risks :-
What if vendor time frames slip?
What if the vendor expertise is lacking?
What if the defect resolution takes too much time?
What if the quality of deliverable is sub-par?
Then come the Human Resources risk
What if the internal staff lack expertise
What if a key staff member leaves
What if the stakeholders keep changing frequently due to a changing company structure
in short, if you categorize the various risks as you will in a non -IT project and then pay specific attention to the technology risks, you would have covered a major chunk of all possible risks. Saving Changes...
Lots of good responses here on classification and reasons behind risks of technology projects. I believe at a strategic level a discussion of ownership of the risk (Project Sponsors) in tandem with a guidelines/process for determining a risk appetite for a project is an important step strategically addressing risk in this area.
Typically I have seen this area be handled in a very informal and on a project by project basis.
The risk profile in this area, IT projects, can be high simply by the changing nature of the IT solution area alone but, a good place to start strategically is to discuss ownership/accountability at a project sponsorship level and then a discussion as to the process to set risk appetite for the project in a formal manner and for the project. Saving Changes...