M 公司是一家国际知名的运动用品制造企业。由最初大批量生产的传统模式，逐渐 向提供定制化产品的模式转变，成为运动产品定制的行业领先者。行业领先地位有利于 公司拓展市场，抢占市场占有率，但同时也带来相应的风险。与定制化相关的 IT 项目 没有同行经验可以参考，且缺乏行业标准及相关技术，需要自身去摸索开发。 通过长期跟踪观察，笔者发现 M 公司原有 IT 项目风险管理的控制模型较为简单， 采用传统的 CRM 持续风险管理模型, 各个项目管理团队都是根据自身经验对风险进 行识别，在团队内部讨论应对方法，很少涉及团队以外的干系人；总部的项目管理办公 室与项目小组也缺乏联系，缺少指引章程，监督不到位，往往是出现问题后才介入，造 成应对迟缓，损失难以挽救。这种风险管理模式对于开展客户定制化 IT 项目不是对症 下药，存在诸多问题，特别是缺乏监管体系从全局上去管控风险，无法满足项目开展的 需要。 笔者通过对风险管理模型的摸索比较，发现 Charette 理论比较适合解决 M 公司 所面临的挑战。本文在 Charette 的理论基础上，结合公司实际情况，量身设计了 E-Ch arette 风险管理系统。E-Charette 把公司 IT 项目风险管理周期分为风险分析和风险管 理两个模块，模块里面各环节并不孤立存在，而是互相联系。同时建议公司根据新的管 理流程，调整了的组织架构，增设风险管理办公室，与项目管理办公室协调运作，负责 制定风险管理章程，监督组织内关键项目的风险应对，在各个管理环节提供管理思路、 方法和具体技术。在日常运营中，风险管理办公室和项目管理办公室一起协调完善风险 管理方法体系，更新风险资料库，加强风险管理指导培训。具体到项目实施过程里，根 据 E-Charette 管理流程，项目执行团队通过频繁与各关联方检讨绩效，监督进程，收集 反馈，向风险管理办公室定期汇报风险状况，通知更新风险目录。另外，笔者从项目生 命周期出发，分析项目不同阶段存在的风险，根据得出的结果制定了针对不同阶段的风 险管理方案。 本文结合理论和实际案例，针对 M 公司出现的问题进行讨论并提出改善方案，通 过实施效果反映 Charette 模型对企业 IT 项目风险管控水平提升的帮助，以期为其他 行业领先的定制化企业起到一定示范作用。 关键词，IT 项目风险管理；行业领先；定制化；CharetteII Abstract M company is an internationally renowned sports brand enterprise. From the tradi tional mode of mass production to the mode of providing customized products, it has become the industry leader of customization of sports products. The leading position o f the industry is conducive to expanding the market and occupying the market share, but it also brings corresponding risks. IT projects related to customization have no pe er experience to refer to, and lack of industry standards and related technologies, so t hey need to explore and develop themselves. Through long-term follow-up observation, the author found that the original IT pr oject risk management control model of M company is relatively simple, using the tra ditional CRM continuous risk management model, each project management team ident ifies risks according to their own experience, discusses the response methods within th e team, rarely involving stakeholders outside the team; the project management office and the project team at Headquarters are also involved. Lack of contact, lack of guide lines and regulations, and inadequate supervision often lead to problems before interve ntion, resulting in slow response and loss difficult to salvage. This risk management model is not a prescription for developing customized IT projects. There are many pro blems, especially the lack of a regulatory system to control risks from a global perspe ctive, which can not meet the needs of project development. By re-comparing the risk management models, the author finds that Charette theor y is more suitable to solve the challenges faced by M company. Based on the theory of Charette and the actual situation of the company, this paper designs the E-Charette risk management system. E-Charette divides the risk management cycle of company IT project into two modules: risk analysis and risk management. Each link in the modul e does not exist in isolation, but is related to each other. At the same time, according to the new management process, the organizational structure has been adjusted, and a risk management office has been set up to coordinate with the project management o ffice. It is responsible for formulating the risk management charter, supervising the ris k response of key projects in the organization, and providing management ideas, meth ods and specific technologies in all management links. In daily operation, the risk ma nagement office and the project management office coordinate and improve the risk m anagement method system, update the risk database, and strengthen the risk manageme nt guidance training. Specifically in the project implementation process, according to tIII he E-Charette management process, the project execution team regularly reports to the risk management office and notifies the update of the risk catalogue through frequent reviews of performance, monitoring the process, collecting feedback with the relevant parties. In addition, starting from the project life cycle, the author analyzed the risks i n different stages of the project, and formulated risk management plans for different st ages according to the results. Combining theory with practical cases, this paper discusses the problems of M co mpany and puts forward improvement plans. The implementation effect reflects the hel p of Charette model to improve the level of enterprise IT project risk management an d control, in order to play a demonstration role for leading customized enterprises in other industries. Key Words: Risk Management; Leading industry; Customization; CharetteIV 目 录 摘要...........................................................................................................................................I Abstract ..................................................................................................................................... II 图表清单.................................................................................................................................VII 第一章 绪论..............................................................................................................................1 1.1 研究背景和意义............................................................................................................. 1 1.1.1 研究背景.................................................................................................................. 1 1.1.2 研究意义.................................................................................................................. 3 1.2 国内外研究综述............................................................................................................. 3 1.2.1 国外研究综述.......................................................................................................... 3 1.2.2 国内研究综述.......................................................................................................... 5 1.3 研究内容......................................................................................................................... 7 1.4 研究思路和论文结构..................................................................................................... 7 第二章 M 公司 IT 项目风险管理现状及存在的问题............................................................9 2.1 体育用品制造业特点及其 IT 项目的风险 ................................................................. 9 2.1.1 客户需求变化迅速.................................................................................................. 9 2.1.2 技术更新换代迅速.................................................................................................. 9 2.1.3 供应链周期短........................................................................................................ 10 2.1.4 产品种类多样........................................................................................................ 10 2.2 M 公司现状 .................................................................................................................. 11 2.2.1 年轻时尚的品牌文化............................................................................................ 11 2.2.2 注重技术创新........................................................................................................ 11 2.3 M 公司的客户化定制现状 .......................................................................................... 12 2.4 M 公司风险管理现状 .................................................................................................. 14 2.4.1 体育用品制造业 IT 项目风险 ............................................................................ 14 2.4.2 行业领先地位所带来的“探路者”风险 ................................................................ 15 2.4.3 探索新技术的风险................................................................................................ 16 2.4.4 定制类 IT 项目治理风险 .................................................................................... 16 2.5 本章小结....................................................................................................................... 16V 第三章 M 公司 IT 项目风险管理问题的成因及应对.......................................................17 3.1 M 公司风险管理中存在问题的成因分析 .................................................................. 17 3.1.1 缺乏应对“探路者”风险的流程 ............................................................................ 17 3.1.2 生产能力不足........................................................................................................ 17 3.1.3 客户需求获取能力不足........................................................................................ 18 3.1.4 对项目进度监控不足............................................................................................ 20 3.1.5 缺乏团队协作应对风险的能力............................................................................ 21 3.2 M 公司对 IT 项目风险管理模型的选择................................................................... 22 3.2.1 M 公司风险管理现状 ........................................................................................... 22 3.2.2 M 公司原有风险管理模型 ................................................................................... 22 3.2.3 选择新的风险管理模型........................................................................................ 23 3.3 M 公司 IT 项目风险管理模型的设计....................................................................... 24 3.3.1 模型的设计依据.................................................................................................... 24 3.3.2 E-Charette 风险管理模型....................................................................................... 26 3.4 本章小结....................................................................................................................... 32 第四章 M 公司 IT 项目风险管理优化...............................................................................33 4.1 改善 IT 项目的过程管理 ........................................................................................... 33 4.1.1 对 IT 项目过程管理的改善 ................................................................................ 33 4.1.2 E-Charette 模型的运行评价指标.......................................................................... 35 4.2 M 公司 IT 项目风险管理的改善措施....................................................................... 39 4.2.1 应对“探路者”风险 ................................................................................................ 39 4.2.2 提供高效设计流程................................................................................................ 39 4.2.3 掌握客户需求........................................................................................................ 40 4.2.4 建立完善的监管体系............................................................................................ 40 4.2.5 建立流畅的沟通体系............................................................................................ 43 4.2.6 运用大数据收集客户数据.................................................................................... 44 4.2.7 应对市场风险........................................................................................................ 44 4.3 优化措施后的效果....................................................................................................... 45 4.4 本章小结....................................................................................................................... 46 第五章 M 公司 IT 项目风险管理优化措施的效果分析...................................................47VI 5.1 M 公司鞋定制 IT 项目概况....................................................................................... 47 5.2 风险控制实施前的风险分析....................................................................................... 47 5.3 改善高于阈值的风险项............................................................................................... 50 5.3.1 对用户风险的改善................................................................................................ 50 5.3.2 对团队风险的改善................................................................................................ 51 5.3.3 对计划与控制风险的改善.................................................................................... 52 5.4 风险控制模型实施效果............................................................................................... 53 5.4.1 实施风险规避后的风险评估................................................................................ 53 5.4.2 风险规避前后的评估对比.................................................................................... 54 5.5 本章小结....................................................................................................................... 54 结 论........................................................................................................................................55