RISK ANALYSIS FOR INTER-ORGANIZATIONAL CONTROLS

Joris Hulstijn, Jaap Gordijn

Abstract

Existing early requirements engineering methods for dealing with governance and control issues do not explicitly support comparison of alternative solutions and have no clear semantics for the notion of a control problem. In this paper we present a risk analysis method for inter-organizational business models, which is based on value modeling. A risk is the likelihood of a negative event multiplied by its impact. In value modeling, the impact of a control problem is given by the missing value. The likelihood can be estimated based on assumptions about trust and about the underlying coordination model. This allows us to model the expected value of a transaction. The approach is illustrated by a comparison of the risks of different electronic commerce scenarios for delivery and payment.

References

  1. Asnar, Y., Moretti, R., Sebastianis, M., and Zannone, N. (2008). Risk as dependability metrics for the evaluation of business solutions: A model-driven approach. In Agent-Oriented Software Engineering VII (ARES 2008), pages 1240-1247. Springer Verlag.
  2. Bons, R. W. H., Lee, R. M., and Wagenaar, R. W. (1998). Designing trustworthy interorganizational trade procedures for open electronic commerce. International Journal of Electronic Commerce, 2(3):61-83.
  3. Gambetta, D. (1988). Trust, chapter Can we trust trust?, pages 213-237. Basil Blackwell, New York.
  4. Gordijn, J. and Akkermans, J. (2003). Value-based requirements engineering: Exploring innovative e-commerce ideas. Requirements Engineering, 8(2):114-134.
  5. Gordijn, J., Yu, E., and van der Raadt, B. (2006). E-service design using i* and e3-value modeling. IEEE Software, 23(3):26-33.
  6. Hu, X., Lin, Z., Whinston, A., and Zhang, H. (2004). Hope or hype: On the viability of Escrow services as trusted third parties in online auction environments. Information Systems Research, 15(3):236-249.
  7. Kartseva, V. (2008). Designing Controls for Network Organization: A Value-Based Approach. PhD thesis, Vrije Universiteit Amsterdam. Available at http://docs.e3value.com/bibtex/pdf/Kartseva2008.pdf.
  8. Kartseva, V., Gordijn, J., and Tan, Y.-H. (2005). Towards a modelling tool for designing control mechanisms in network organisations. International Journal of Electronic Commerce, 10(2):57-84.
  9. Mylopoulos, J., Borgida, A., and Yu, E. (1997). Representing software engineering knowledge. Automated Software Engineering, 4(3):291-317.
  10. Pearl, J. (1986). Fusion, propagation, and structuring in belief networks. Artificial Intelligence, 29(3):241-288.
  11. Romney, M. and Steinbart, P. (2006). Accounting Information Systems, 10e. Prentice Hall, NJ.
  12. Tapscott, D., Lowy, A., and Ticoll, D. (2000). Harnessing the Power of Business Webs. Harvard Business School Press, Boston, MA.
  13. Weigand, H. and de Moor, A. (2003). Workflow analysis with communication norms. Data and Knowledge Engineering, 47(3):349-369.
  14. Wieringa, R. (2008). Operational business-it alignment in value webs. In Kaschek, R., Kop, C., Steinberger, C., and Fliedl, G., editors, Information Systems and e-Business Technologies (UNISCON 2008), LNBIP 5, pages 371-378. Springer Verlag.
  15. Williamson, O. E. (1979). Transaction cost economics: The governance of contractual relations. Journal of Law and Economics, 22:3-61.
  16. Yu, E. (1997). Towards modelling and reasoning support for early-phase requirements engineering. In Proceedings of the 3rd IEEE International Symposium on Requirements Engineering (RE'1997), pages 226-235. IEEE CS Press.
Download


Paper Citation


in Harvard Style

Hulstijn J. and Gordijn J. (2010). RISK ANALYSIS FOR INTER-ORGANIZATIONAL CONTROLS . In Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 978-989-8425-06-5, pages 314-320. DOI: 10.5220/0002964603140320


in Bibtex Style

@conference{iceis10,
author={Joris Hulstijn and Jaap Gordijn},
title={RISK ANALYSIS FOR INTER-ORGANIZATIONAL CONTROLS},
booktitle={Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2010},
pages={314-320},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002964603140320},
isbn={978-989-8425-06-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - RISK ANALYSIS FOR INTER-ORGANIZATIONAL CONTROLS
SN - 978-989-8425-06-5
AU - Hulstijn J.
AU - Gordijn J.
PY - 2010
SP - 314
EP - 320
DO - 10.5220/0002964603140320