Enterprise Resource Planning (ERP) systems have been regarded as one of the most important information technology developments in the past decades. While ERP systems provide the potential to bring substantial benefits, their implementations are characterized with large capital outlay, long duration, and high risks of failure including implementation process failure and system usage failure. As a result, the adoption of ERP systems in project-based firms has been lagged behind lots of companies in many other industries. In order to ensure the success of ERP system implementations in project-based firms, sound risk management is the key.

The overall objective of this research is to identify the risks in ERP system implementations within project-based firms and develop a new approach to analyze these risks and quantitatively assess their impacts on ERP system implementation failure. At first, the research describes ERP systems in conjunction with the nature and working practices of project-based firms and current status and issues related to ERP adoption in such firms, and thus analyzes the causes for their relatively low ERP adoption and states the research problems and objectives. Accordingly, a conceptual research framework is presented, and the procedures and research methods are outlined. Secondly, based on the risk factors regarding generic ERP projects in extant literature, the research comprehensively identifies the risk factors of ERP system implementation within project-based firms. These risk factors are classified into different categories, qualitatively described and analyzed, and used to establish a risk taxonomy. Thirdly, an approach is developed based on fault tree analysis to decompose ERP systems failure and assess the relationships between ERP component failures and system usage failure, both qualitatively and quantitatively. The principles and processes of this approach and related fault tree analysis methods and techniques are presented in the context of ERP projects. Fourthly, certain practical strategies are proposed to manage the risks of ERP system implementations.

The proposed risk assessment approach and management strategies together with the comprehensive list of identified risk factors not only contribute to the body of knowledge of information system risk management, but also can be used as an effective tool by practitioners to actively analyze, assess, and manage the risks of ERP system implementations within project-based firms.