This study collects 24 risk-management-relevant research papers published between 2000 and 2010 to elicit significant risk factors and thus develop the risk management mechanism of an enterprise resource planning (ERP) system. The study adopts the grounded theory and conducts an expert questionnaire in order to report its findings on 49 risk factors. Based on the work system method, the identified factors are classified into nine categories and a risk management mechanism is developed thereafter. Finally, to examine the feasibility of the mechanism, two case studies are further investigated. The developed mechanism is found to be a convenient, quick, and proper ERP system risk management tool that can assist enterprises in identifying, analyzing, assessing, and responding to potential risks.