Academic journal article Journal of the Association for Information Systems

Risk Analysis in Extended Enterprise Environments: Identification of Critical Risk Factors in B2B E-Commerce Relationships *

Academic journal article Journal of the Association for Information Systems

Risk Analysis in Extended Enterprise Environments: Identification of Critical Risk Factors in B2B E-Commerce Relationships *

Article excerpt

Abstract

The focus of this study is to identify the critical risk factors that can be used to assess the impact of B2B e-commerce on overall enterprise risk. We apply the Khazanchi and Sutton (2001) framework for B2B e-commerce assurance as the organizing conceptual model for the study. The framework focuses on three primary risk components: (1) technical risks, (2) application-user risks, and (3) business risks. To identify a critical set of B2B risk factors, structured focus groups applying a nominal group technique were conducted with three internal constituency groups (corporate groups consisting of IS security, internal IT audit, and e-commerce development managers) and two external constituency groups (e-commerce consultants and external IT auditors). Tests of consistency between the groups confirm strong agreement on the identified critical B2B risk factors. Tests were also conducted on participant groups' perceived relative importance of the critical B2B risk factors. The only substantial inconsistencies were between the internal constituency groups and the e-commerce consultants' group for the business risk factors. This would appear to indicate that the priorities of internal groups might be different from the e-commerce consultants who appear more focused on management support of projects than on active involvement of trading partner staff with systems integration. Subsequent testing of the three-component B2B risk assurance model with a follow-up questionnaire suggests that the identified risk factors support the model, including theorized interrelationships among the three risk components.

Keywords: Electronic commerce, e-business, business-to-business, interorganizational systems, extended enterprise systems, business partners, systems assurance, enterprise risk management.

1. Introduction

There is accumulating evidence that the benefits of B2B e-commerce relationships are predominantly produced by enhanced collaboration (Lee et al., 2003) engendered by the benefits accrued from widespread internal integration of B2B (Iacouvou et al., 1995). Despite all the perceived benefits of forging integrated business relationships, for many organizations there is still some trepidation about entering into these relationships (Iacovou et al., 1995). This trepidation can come from costs, but more frequently is a result of perceived enterprise risks. Kumar and van Dissel (1996) summarize these risks as the costs associated with exposure to being exploited in the relationship. These risks include transaction-specific capital (i.e., investment by one party that has little or no value outside of the business relationship), information asymmetries (i.e., problems in monitoring performance that lead to a risk of shirking by a business partner), and loss of resource control (i.e., resources that are transferred in a relationship that cannot be returned or controlled in the event of the relationship's termination).

These risks primarily center on loss of investment, which can have negative financial ramifications for an organization, but in most cases are not likely to cripple an organization. Yet, in an era where the focus has been on enhancing core business processes, outsourcing activities that other organizations can do better at lower cost, and developing integrated value chains, breakdowns in relationships may have far greater ramifications than simply financial losses and/or inefficiencies (Sutton and Hampton, 2003). For instance, in a just-in-time environment where a vendor is responsible for managing the materials and parts inventory, a vendor's failure to deliver parts for a prolonged period of time could lead to extended shutdowns of manufacturing processes. These interruptions could put the manufacturing company at risk due to the inability to produce goods, inability to meet obligations downstream in the supply chain, loss of other business partners' trust, and decline in general reputation. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.