Past research concerning information systems (IS) risk has mainly focused on development risk. However, the impact of any risk event that occurs once the system is operational can be far more extensive. Such events are due to what has been termed operational risk. Our research is concerned with operational risk that involves an IS – or IS-related operational risk – which has received little attention in the academic literature. Specifically, we seek to offer a comprehensive exploratory analysis of IS-related operational risk based on a database documenting hundreds of actual IS-related operational risk events. Our findings could help managers and researchers to achieve a better understanding of the risk exposure associated with operational ISs in their current business environment and with new information technology (IT) investments under consideration. This research could also assist organizations in achieving a higher level of strategic and economic alignment, through the use of a systematic IS risk management approach.