时代在进步，信息技术行业蒸蒸日上，逐步由传统的互联网进入移动互联网。在 中国伴随移动通信网络升级所带来的数据传输性能的改善以及费用的降低，用户已逐 渐养成通过智能手机进行上网的习惯。据行业机构分析报告，2017 年移动互联网用 户数已近突破5亿。然而，移动互联网行业的项目的执行状态却不容乐观，软件项目 超时、低质量、缺乏适合的开发方法、职责不清等问题长期存在，导致项目成功交付 异常艰辛、甚至失败。 按照理论联系实际的整体思路，概述了信息系统项目管理与风险管理及相关理 论；按照时间周期，首先是启动，之后依次计划，执行，监控，最后是收尾过程，同 样需要知识技能的综合应用，即整体，范围，时间，成本，质量，风险，人力，采购， 沟通，干系人共10个知识领域的相关运用。而在项目管理的五十七个活动中，风险 管理活动与其他绝大多数活动都有交集；信息系统项目风险管理，一般按照思考即规 划与识别，分析即定性与定量分析，行动即应用与监控的过程执行，在项目生命周期 中不间断、也不区别阶段的进行。加入JD后，见证了公司从瀑布，螺旋迭代，到敏 捷Scrum，项目管理方式的变更，但无论哪种方式方法管理项目，风险的管理与控制 始终是影响项目成功交付的核心因素。 经过理论与案例研究，得出风险管理如下两个方面的结论: 战略层面，人才的培养与能力建设；组织环境，经验的总结与分享，过程的持续 改进，与项目风险管理文化的培养；合适的项目管理工具与风险管理工具。三个要素 对项目风险管理有重要的意义。 战术层面，计划是控制的依据，是管理的基础，要符合项目的实际情况和具体的 特点，使其科学、合理；项目周期越短，分解的工作任务的时间也要尽量短，这个可 以提升资源利用率；项目团队定期及时的沟通，可以增加团队凝聚力、战斗力。 关键词：信息系统项目风险管理与实践；项目管理；风险分析；风险应对；风险控制 北京理工大学硕士学位论文 II Abstract With the development of the times, the information technology industry has gradually entered the new era of mobile Internet from the traditional Internet era. In China, with the improvement of data transmission performance and the decrease of cost that brought by the upgrading of mobile communication network, users have gradually developed the habit of accessing the Internet through their smart phones. According to the analysis report of the industry organization, the number of mobile Internet users has exceeded 500 million in 2017. However, the state of execution of the project in the mobile Internet industry is not optimistic. Problems such as overtime of the soft project, low quality, lack of suitable development methods, unclear responsibilities et cetera，have existed for a long time, all of the above lead to exceptionally difficult or even unsuccessful project delivery. According to the whole idea of integrating theory with practice, this paper summarizes the information system project management, risk management and related theories. According to the time cycle, the first process is to start, then plan, implement, monitor. And finally, it is the closing process, which also needs the comprehensive application of knowledge and skills, that is, the related application in ten knowledge areas of the whole, the scope, time, cost, quality, risk, manpower, procurement, communication and stakeholder. Among the fifty-seven activities of project management, risk management activities intersect with most other activities. Information system project risk management generally follows the process of thinking (planning and identification), analysis (qualitative and quantitative analysis), and action (application and monitoring). During the project life cycle, the above activities are repeated without interruption and do not distinguish between the current phases of the project. After joining JD, witnessed the company's change of project management method from waterfall, spiral iteration to agile Scrum. However, risk management and control are always the core factors that affect the successful delivery of the project. After theoretical and case studies, the conclusions of risk management are drawn as follows: At the strategic level, talent cultivation and capacity building; organizational environment, summary and sharing of experience, continuous improvement of process, and cultivation of project risk management culture; suitable project management tools and risk management tools; three factors are of great significance to project risk management. 北京理工大学硕士学位论文 III At the tactical level, the plan is the basis of control and management. It should conform to the actual situation and specific characteristics of the project, so as to make it scientific and reasonable. The shorter the project cycle, the shorter the time to decompose the task, which can improve the resource utilization; regular and timely communication within the project team can increase team cohesion and combat effectiveness. Key Words: IT project risk management and practice; Project management; Risk analysis; Risk response; Risk control 北京理工大学硕士学位论文 IV 目录 研究成果声明 ................................................................................................. I 关于学位论文使用权的说明 ......................................................................... I 摘要 ................................................................................................................. I Abstract ........................................................................................................ II 目录 .............................................................................................................. IV 第1章 绪论 ................................................................................................. 1 1.1 研究背景 ......................................................................................................... 1 1.2 研究的目的和意义 ......................................................................................... 2 1.3 国内外研究现状 ............................................................................................. 3 1.3.1 国外项目风险管理研究 ...................................................................... 3 1.3.2 国内项目风险管理研究 ...................................................................... 4 1.3.3 研究综述 .............................................................................................. 4 1.4 研究内容和思路 ............................................................................................. 4 1.4.1 研究内容 .............................................................................................. 4 1.4.2 研究方法 .............................................................................................. 5 1.4.3 论文结构 .............................................................................................. 5 第2章 信息系统项目管理与风险管理概述 ............................................. 7 2.1 项目与项目管理概述 ..................................................................................... 7 2.1.1 如何理解项目 ...................................................................................... 7 2.1.2 信息系统项目管理 .............................................................................. 8 2.2 风险与风险管理概述 ................................................................................... 11 2.2.1 如何理解风险 .................................................................................... 12 2.2.2 信息系统项目风险管理 .................................................................... 14 2.3 信息系统项目风险管理与项目管理的关系 ............................................... 15 2.4 信息系统项目风险管理特点与流程 ........................................................... 16 2.4.1 风险管理的特点 ................................................................................ 16 2.4.2 风险管理的流程 ................................................................................ 17 2.4.3 风险管理流程描述 ............................................................................ 18 第3章 “JD”APP项目风险识别 ............................................................ 24 3.1 项目简介 .....................................................................................................