Scandinavian Journal of Information Systems


Design Science Research (DSR) is a complex form of research that combines very heterogeneous activities requiring different skills. Information systems and technologies are complex entities that have more elaborate areas of risk to manage. Research to invent and evaluate new IT artefacts introduces new areas of risk As yet, there is little experience with managing risk in DSR or even identification of types of risks to be managed. This paper analyses DSR research activities and elaborates known principles and practices of risk management and applies them to DSR to develop a new framework (RMF4DSR) for identifying, assessing, prioritizing, and treating potential risks inherent to DSR. Potential users of the framework include experienced and novice DSR researchers. The framework classifies six potential risk areas and enumerates specific key risks within each area. It includes risk assessment and treatment models. The paper applies the framework to a recent DSR case study to provide initial evidence of its value and feasibility and further evaluates the RMF4DSR framework by asking researchers to apply it in a workshop and surveying the participants’ opinions about the utility of the framework.