Risk analysis in extended enterprise environments: Identification of critical risk factors in B2B E-Commerce relationships

Steve G. Sutton, Deepak Khazanchi, Clark Hampton, Vicky Arnold

Research output: Contribution to journalArticle

37 Citations (Scopus)

Abstract

The focus of this study is to identify, the critical risk factors that can be used to assess the impact of B2B e-commerce on overall enterprise risk. We apply the Khazanchi and Sutton (2001) framework for B2B e-commerce assurance as the organizing conceptual model for the study. The framework focuses on three primary risk components: (1) technical risks, (2) application-user risks, and (3) business risks. To identify o critical set of B2B risk factors, structured focus groups applying a nominal group technique were conducted with three internal constituency groups (corporate groups consisting of IS security, internal IT audit, and e-commerce development managers) and two external constituency groups (e-commerce consultants and external IT auditors). Tests of consistency between the groups confirm strong agreement on the identified critical B2B risk factors. Tests were also conducted on participant groups' perceived relative importance of the critical B2B risk factors. The only substantial inconsistencies were between the internal constituency groups and the e-commerce consultants' group for the business risk factors. This would appear to indicate that the priorities of internal groups might be different from the e-commerce consultants who appear more focused on management support of projects than on active involvement of trading partner staff with systems integration. Subsequent testing of the three-component B2B risk assurance model with a follow-up questionnaire suggests that the identified risk factors support the model, including theorized interrelationships among the three risk components.

Original languageEnglish (US)
Pages (from-to)151-174
Number of pages24
JournalJournal of the Association for Information Systems
Volume9
Issue number3-4
StatePublished - Jan 1 2008

Fingerprint

Electronic commerce
Risk analysis
Industry
Managers

Keywords

  • Business partners
  • Business-to-business
  • E-business
  • Electronic commerce
  • Enterprise risk management
  • Interorganizational systems
  • Systems assurance
  • extended enterprise systems

ASJC Scopus subject areas

  • Information Systems
  • Computer Science Applications

Cite this

Risk analysis in extended enterprise environments : Identification of critical risk factors in B2B E-Commerce relationships. / Sutton, Steve G.; Khazanchi, Deepak; Hampton, Clark; Arnold, Vicky.

In: Journal of the Association for Information Systems, Vol. 9, No. 3-4, 01.01.2008, p. 151-174.

Research output: Contribution to journalArticle

@article{7c8b74c4f4ce4d09bf9b21196dbd35a8,
title = "Risk analysis in extended enterprise environments: Identification of critical risk factors in B2B E-Commerce relationships",
abstract = "The focus of this study is to identify, the critical risk factors that can be used to assess the impact of B2B e-commerce on overall enterprise risk. We apply the Khazanchi and Sutton (2001) framework for B2B e-commerce assurance as the organizing conceptual model for the study. The framework focuses on three primary risk components: (1) technical risks, (2) application-user risks, and (3) business risks. To identify o critical set of B2B risk factors, structured focus groups applying a nominal group technique were conducted with three internal constituency groups (corporate groups consisting of IS security, internal IT audit, and e-commerce development managers) and two external constituency groups (e-commerce consultants and external IT auditors). Tests of consistency between the groups confirm strong agreement on the identified critical B2B risk factors. Tests were also conducted on participant groups' perceived relative importance of the critical B2B risk factors. The only substantial inconsistencies were between the internal constituency groups and the e-commerce consultants' group for the business risk factors. This would appear to indicate that the priorities of internal groups might be different from the e-commerce consultants who appear more focused on management support of projects than on active involvement of trading partner staff with systems integration. Subsequent testing of the three-component B2B risk assurance model with a follow-up questionnaire suggests that the identified risk factors support the model, including theorized interrelationships among the three risk components.",
keywords = "Business partners, Business-to-business, E-business, Electronic commerce, Enterprise risk management, Interorganizational systems, Systems assurance, extended enterprise systems",
author = "Sutton, {Steve G.} and Deepak Khazanchi and Clark Hampton and Vicky Arnold",
year = "2008",
month = "1",
day = "1",
language = "English (US)",
volume = "9",
pages = "151--174",
journal = "Journal of the Association of Information Systems",
issn = "1536-9323",
publisher = "Association for Information Systems",
number = "3-4",

}

TY - JOUR

T1 - Risk analysis in extended enterprise environments

T2 - Identification of critical risk factors in B2B E-Commerce relationships

AU - Sutton, Steve G.

AU - Khazanchi, Deepak

AU - Hampton, Clark

AU - Arnold, Vicky

PY - 2008/1/1

Y1 - 2008/1/1

N2 - The focus of this study is to identify, the critical risk factors that can be used to assess the impact of B2B e-commerce on overall enterprise risk. We apply the Khazanchi and Sutton (2001) framework for B2B e-commerce assurance as the organizing conceptual model for the study. The framework focuses on three primary risk components: (1) technical risks, (2) application-user risks, and (3) business risks. To identify o critical set of B2B risk factors, structured focus groups applying a nominal group technique were conducted with three internal constituency groups (corporate groups consisting of IS security, internal IT audit, and e-commerce development managers) and two external constituency groups (e-commerce consultants and external IT auditors). Tests of consistency between the groups confirm strong agreement on the identified critical B2B risk factors. Tests were also conducted on participant groups' perceived relative importance of the critical B2B risk factors. The only substantial inconsistencies were between the internal constituency groups and the e-commerce consultants' group for the business risk factors. This would appear to indicate that the priorities of internal groups might be different from the e-commerce consultants who appear more focused on management support of projects than on active involvement of trading partner staff with systems integration. Subsequent testing of the three-component B2B risk assurance model with a follow-up questionnaire suggests that the identified risk factors support the model, including theorized interrelationships among the three risk components.

AB - The focus of this study is to identify, the critical risk factors that can be used to assess the impact of B2B e-commerce on overall enterprise risk. We apply the Khazanchi and Sutton (2001) framework for B2B e-commerce assurance as the organizing conceptual model for the study. The framework focuses on three primary risk components: (1) technical risks, (2) application-user risks, and (3) business risks. To identify o critical set of B2B risk factors, structured focus groups applying a nominal group technique were conducted with three internal constituency groups (corporate groups consisting of IS security, internal IT audit, and e-commerce development managers) and two external constituency groups (e-commerce consultants and external IT auditors). Tests of consistency between the groups confirm strong agreement on the identified critical B2B risk factors. Tests were also conducted on participant groups' perceived relative importance of the critical B2B risk factors. The only substantial inconsistencies were between the internal constituency groups and the e-commerce consultants' group for the business risk factors. This would appear to indicate that the priorities of internal groups might be different from the e-commerce consultants who appear more focused on management support of projects than on active involvement of trading partner staff with systems integration. Subsequent testing of the three-component B2B risk assurance model with a follow-up questionnaire suggests that the identified risk factors support the model, including theorized interrelationships among the three risk components.

KW - Business partners

KW - Business-to-business

KW - E-business

KW - Electronic commerce

KW - Enterprise risk management

KW - Interorganizational systems

KW - Systems assurance

KW - extended enterprise systems

UR - http://www.scopus.com/inward/record.url?scp=56949085904&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=56949085904&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:56949085904

VL - 9

SP - 151

EP - 174

JO - Journal of the Association of Information Systems

JF - Journal of the Association of Information Systems

SN - 1536-9323

IS - 3-4

ER -