Abstract
Information Technology (IT) project management continues to face persistent risks despite decades of research into critical failure factors. Two decades ago, Tiwana and Keil's (2004) "One-Minute Risk Assessment" classifies project vulnerability into six drivers: methodology fit, customer involvement, formal project management practices, project similarity, project complexity, and requirements volatility, giving managers a rapid diagnostic for evaluating exposure. That framework, however, emerged from a predominantly waterfall era of bounded, enterprise-scale systems. The IT landscape has been shifting. For example, organizations are moving from waterfall towards agile and hybrid frameworks. Digital transformation projects span organizational boundaries. In addition, projects increasingly dependent on complex ecosystems that integrate cloud platforms and Artificial Intelligence (AI). Recent studies suggest that today's leading causes of IT project failure include poor requirements management, lack of executive sponsorship, insufficient stakeholder engagement, unrealistic planning, resource shortages, and technology integration risks (Hughes et al., 2016; PMI, 2021). These shifts suggest that a diagnostic designed for 2004 may underweight the socio-technical complexity and cross-stakeholder alignment challenges that dominate contemporary projects. This research draws on project risk management literature of how risk categories evolve as practices and technologies change. Tiwana and Keil (2004) framed risk into methodology fit, complexity, and requirements volatility. Recent research points to executive sponsorship and stakeholder engagement (Mysore et al., 2021), and integration challenges are increasingly tied to AI and digital transformation projects. The research objective of this study is to offer a way to investigate whether contemporary risks can be rapidly assessed and communicated to practitioners in an actionable form. Comparing the legacy framework with current empirical findings also contributes to theoretical conversation on how diagnostic tools must adapt to evolving socio-technical systems. The goal of this research is to design and evaluate an updated one-minute risk assessment tool that integrates both classic and contemporary project risk factors. We examine three research questions: RQ1: How have the top IT project risks evolved since Tiwana and Keil's (2004) "One-Minute Risk Assessment"? RQ2: What risk dimensions should be added or revised to better reflect contemporary IT project environments? RQ3: How can a rapid diagnostic tool be designed for today's agile and digitally complex projects? The resulting case study will offer theoretical insight into the evolution of IT project risk diagnostics and practical guidance for managers seeking an efficient, up-to-date assessment tool. References Tiwana, A., & Keil, M. (2004). The one-minute risk assessment tool. Communications of the ACM, 47(11), 73–77. Hughes, D. L., Dwivedi, Y. K., Simintiras, A. C., & Rana, N. P. (2016). Project failure and its contributing factors. In Success and Failure of IS/IT Projects: A State of the Art Analysis and Future Directions (pp. 3-25). Cham: Springer International Publishing.
Recommended Citation
Aryal, arun and Howell, Pamella, "Updated One-Minute Risk Assessment Tool: Case Study of AI-IT Project Risk Factors" (2026). AMCIS 2026 TREOs. 53.
https://aisel.aisnet.org/treos_amcis2026/53