Article

Risk Management in Global CRM Business Perspectives and Research

1–17
IT Projects © 2020 K.J. Somaiya Institute of Manage-
ment Studies and Research
Reprints and permissions:
in.sagepub.com/journals-permissions-india
DOI: 10.1177/2278533719887005
journals.sagepub.com/home/bpr
G. K. Deshmukh1
Hory Sankar Mukerjee2
U. Devi Prasad3

Abstract
Global information technology projects are risky with failure rates for customer relationship management
information technology (CRM IT) projects estimated to 70 percent. These failures are often due to
multiplicity of factors including poor risk management. The project management literature points out
four broad types of risks: technical, external, organizational, and other risk factors. Project manager’s
basic job, therefore, becomes to manage the risks and ensure that an IT project is steered to completion
while meeting the objectives. Unmanaged risks run into chances of failure and ultimately impacting the
CRM project and the reputation of the consultant. Payne and Frow’s (2005) advocates the need for a
structured study on the information technology implementations of these projects. The objectives of
the study are to investigate: how project risks in CRM- IT implementations impact the final outcome and
how the risk management process adopted by the IT project manager impacts the final outcome of the
project.The research was conducted administering questionnaire to 135 project managers. It was found
that project risk impact cost, time, and technical performance and risk management process impacts
planning, support of customers as well as top management.

Keywords
Risk, risk management, global CRM, CRM implementation, technology, CRM solutions

Introduction
Information technology implementations are inherently risky (Tian & Sean Kin, 2015) for any kind of
IT project. Although thinking and common knowledge might disagree, there are many infamous cases of
even standard packaged software, such as an enterprise resource planning (ERP) or customer relationship
management (CRM) fails. This risk of IT projects can be attributed to many reasons. Although CRM
software vendors provide a standard solution, tested by the vendors and implementations that have

1
Institute of Management, Pt. Ravishankar Shukla University, Raipur, Chhattisgarh, India.
2
Principal (Education, Training and Assessment), Infosys Limited, Bhubaneshwar, India.
3
Associate Professor, Hyderabad Business School, GITAM University, Hyderabad, India.

Corresponding author:
G. K. Deshmukh, Institute of Management Pt. Ravishankar Shukla University, Raipur, Chhattisgarh 492010, India.
E-mail: gkd16@yahoo.co.in
2 Business Perspectives and Research

already been done, it does not guarantee a successful implementation or project success. Risks, therefore,
are differentiators between successful or a botched-up implementation. Risks, however, are inherent and
can come from multiple sources. Some might be predictable, coming from the operating environment
and others could be from the client or the CRM vendor. For an IT consultant, therefore, identifying and
managing the risks for an IT project are critical in a global setting to ensure its successful implementation.
The objectives of this study are to understand:
1. How does a project risk in CRM- IT implementations impact the final outcome?
2. How does the risk management process adopted by the IT project manager impact the final
outcome of the project?

Literature Review

Why CRM Projects Fail?

Kale (2004) estimates that projects not reaching to their objectives are in between 60 percent to 80
percent of all the implementations done. It is not uncommon to find out abandoned information
technology projects. Customer relationship management solutions are not a magic bullet to improve the
bottom line and a frequently made mistake by organizations. Getting distracted with what CRM
software’s can do is meaningless, instead the focus should be on what it should do (Rigby & Ledingham,
2004; Wikstrom, 2004). Companies fail with their CRM implementations, because of the complex
technical and organization issues (Goodhue, Wixom, & Watson, 2002). Failures could also be on account
of maintaining top management support, alignment of processes, linking the CRM project to a company’s
strategy, focusing on the returns or trying to achieve success quickly (Nguyen, Sherif, & Newby, 2007).
The common causes of CRM failure are: as a technology solution little support of top management, little
focus on customers, no change management (Chalmeta, 2006; Kale, 2004) redefine the processes, lack
of data quality/data analysis and information/user involvement (Chalmeta, 2006). Rigby, Reichheld, and
Schefter (2002) pointed that assuming that more of CRM technology is better, can also lead to failures.
Bull (2003) underlines the problems of the CRM implementation on account of bad choice of sourcing
CRM software, difficulty in integration with other applications, and wrong selection of project team
members. The role played by the information technology team is critical (Dhaka & Nahar, 2014).
Installations of the CRM systems, getting them running, the infrastructure, and capabilities of the
software, integration of data or poor quality of data are common reasons for failure. A predefined budget,
time, and customizations needed for a CRM implementation is necessary (Dhaka & Nahar, 2014). Nelson
(2007) points out that failure could be a result of the IT consultant’s implementation process. The failures
according to Nelson (2007) could be people, product, process, and/or technology failures. Poor IT project
management, technical methodologies could lead to a failure. Delayed start, aggressive and optimistic
schedules, and risk management capabilities are some of the other reasons (Nelson, 2007). IT
infrastructure, technological readiness, customization of the software, and integration could be reasons
of CRM project failures (Wilson, Daniel, & McDonald, 2002; Goodhue et al., 2002). Failure, therefore,
can be summarized into three buckets. First category of failure occurs due to the poor or wrong objectives,
strategies of the implementing organizations. Second category of failures occurs in the project
management of CRM technologies. Third category of failures is a result of misinterpreting or
understanding or overestimating of what CRM software is capable of doing.
Deshmukh et al. 3

How Are CRM Projects Implemented?

Prasongsukarn (2009) details the three step approach to CRM implementations. First is to plan a strategy
design and ensure the organizational readiness, second is to plan and analyze the CRM execution, and
third is to execute CRM interactions. Customer relationship management and technology implementations
can never be successful without top management support, managers, and employees of the organization.
The most important investments are the executives, time, and organizational resources for the software
to go live (Nguyen et al., 2007; Van Bentum & Stone, 2005). The commitment, therefore, is essential.
The senior executives, therefore, must lead and drive this entire process (Kimberly & Evanisko, 1981;
Nguyen et al., 2007).The next is to set up a steering committee, a cross functional team, with members
responsible for CRM (Buttle, 2009). A representation of IT, marketing, sales, HR, and production creates
the right mix for the steering committee. Their job is to list the requirements and communicate with
internal IT experts, who in turn explains to the IT consultant. The role of the IT department, at this
juncture is minimal. If left to them, communication gaps and improper explanation of the requirements
lead to failure. Explaining the business needs and availability of data, and making the data available are
the next step. A focus on the customer perspective is essential at this stage (Chen & Popovich, 2003).
Demographic, psychographic, emotional, behavioral data along with data on customer retention,
dissatisfaction, and attrition should be captured (Prasongsukarn, 2009).
After an analysis of the business needs, the steering committee and the IT team should look at the data
and the missing information. Any missing or additional data needs to be collected. The next step starts
with the evaluation of business processes, reengineering them is necessary, and the selection of the
software or technology. The activities must focus on the ultimate goal of value adding to the customers
and if it meets the overall CRM objective. Selection of the CRM software is the following step. This is
difficult and critical. The roles of IT consultants are crucial during this stage. Prasongsukarn (2009)
suggests three considerations for CRM software selection. First is the ability to meet the needs, second if
the benefits exceed the costs, and third compatibility with the current landscape or systems being used
(Prasongsukarn, 2009). The last step is where the IT consultants play their role. Ensuring the requirements
have been gathered, configurations made, implemented against a budget and timeline. The system thereby
will need support from software solution vendors and IT consultants. The vendors are responsible for its
up-gradation and version changes, resulting from any legal or statutory changes happening or any change
of requirements. IT consultants are also responsible for providing support and monitoring of the system.

Risks and IT Projects

Risks are a key differentiator in IT projects as it has the capability to increase the probability and risk of
threats in an IT project (Alhawari, Karadsheh, Talet, & Mansour, 2012). Risks can be natural disasters,
breaches in security, people failing to deliver projects, vendors or financial chaos of vendors, business
environments, and failures to complete the project within schedule (Alhawari et al., 2012). The effects
of risks can either be positive or negative and may impact the costs, time, scope, or the quality. The cause
of a risk is uncertain and may include the project management practices, operating environment, lack of
integrated systems, dependency or external vendors which are not controllable (Project Management
Institute, 2004). Risks, therefore, are all events that will prevent the end objective to be realized (Alhawari
et al., 2012). Therefore, identification of risks, understanding its impact, and mitigating them to minimize
the risks or maximize the benefits that may happen is critical (Olsson, 2008). Risks have a “probability
of occurrence” with a frequency and would essentially leave a “consequence” (Carbone & Tippett,
2004). This area of risk management has developed over time and is today an integral part of project
4 Business Perspectives and Research

management (Del Cano & Cruz, 2002). It deals with planning, identification, analyzing, responding,
monitoring, and control on the project (Project Management Institute, 2004). The objective of risk
management is, therefore, identification of the risks in an information technology project, based on their
importance, the impact it can create, and their frequency (Alhawari et al., 2012).
Software development projects have to be analyzed for risk and its management (Roy, 2004). Tesch,
Kloppenborg, and Frolick (2007) finds out that failures in the information technology projects account
multiple reasons. They can be failures to complete on time, performance, quality or cost. A total of 92
risk factors were identified by Tesch et al. (2007). Another study on the synthesis of software risks were
studied by Aloini, Dulmin, and Mininno (2007). They identified 19 risk factors on the various studies of
risks in IT and ERP projects. They were:

inadequate selection, poor project team skills, poor top management involvement, poor communication, lack
of key user involvement, inadequate or poor training, complex architecture or implementation, poor business
process reengineering, managerial conduct, poor project management skills and techniques, inadequate change
management practices, inadequate legacy management system, poor consulting, leadership, system issues,
maintainability, supplier issues and stability, strategic planning and poor financial management. (Aloini et al.,
2007)

Different studies on IT risk management have been done. Over decades a lot of inputs have gone into the
identification of risks in IT projects (Charette, 1996; Jurison, 1995; Kliem, 2004; McGaughey, Snyder,
& Carr, 1994; Schmidt, Lyytinen, & Mark Keil, 2001; Schwalbe, 2015). Other well-known lists are
Boehm (1991), Addison and Vallabh (2002), Barki, Rivard, and Talbot (1993), and Schmidt et al. (2001).
Project Management Institute (2004) classifies risks into four broad categories. First are the technical
risks, second are the project management risks, third are the organizational risks, and the fourth are the
external risks. Technical risks are sub classified into requirements, technology, complexity, interface,
performance, and quality. Project management risks into estimating, planning, controlling, and
communication; Organizational risks into project dependencies, resources, funding, and prioritization,
and external risks into suppliers and contractors, regulatory, markets, and customers. It is, therefore,
evident that information technology projects are risky (Tian & Sean Xin, 2015). The failure of risks is high
and it could have a severe impact on the implementing organization and the overall success of the project.
It would also indicate a lack of capability of the CRM IT consultant. It is, therefore, evident that the
project risks play a critical role in the process of information technology implementations and has a
chance of impacting the project success, cost, budget, quality, and timelines. IT risks have not been
specifically studied from the perspective of CRM implementations and from the consultant’s perspective.

Risk Management in IT Projects

Risk management is capable of minimizing the impact of risks or reduce it. The understandings of risks
lead to a positive impact on the overall project outcome (Didraga, 2013). The role of a project manager,
therefore, is to steer the project into safety and completion, within budget and with the intended outcomes.
They are essentially managers of risk. Risk management is a set of process essentially to develop a set
of options and actions that would be taken by a project manager. Risk management is, therefore, to assess
information technology projects on things that could go wrong, finding out its importance, strategies to
deal with risks, assessment, and determination of risks (Abdul-Rahman, Mohd-Rahim, & Chen, 2012).
Risk management practices for information technology projects have the following benefits. First it tells
the project manager on the course of action to be taken, second it gives a confidence that the objectives
Deshmukh et al. 5

with which the project started would be met and, therefore, the success of implementation, and third it
would tremendously reduce the surprise element from the projects. Last, the risk management would
also ensure better estimation, accuracy, and reduction in the efforts and in some cases duplicity of work
(Bannerman, 2008). Risk management also helps in awareness creation, giving more clarity to projects,
gaining acceptance, trust, and commitment. A lot of successful information technology projects owe to
successful risk management strategies (Didraga, 2013).
Risk management is a two stage process according to Li, Slyngstad, Torchiano, Morisio, and Bunse
(2008). The stage one being assessment of risks and the second being controlling of risks. Other effective
ways of managing the risks are to use practice-based approach like PRojects IN Controlled Environments
(PRINCE) or capability maturity model integration (CMMI), and information technology infrastructure
library (ITIL) (Pritchard & PMP, 2014). Researcher also suggests to manage risks across software
development life cycle (SDLC) and a strategy to mitigate (Iijima, 2011). However, risk management as
a process has some apprehensions carried by IT project managers. The first apprehension is that risk
management is an overhead for the IT consultant, the second is the cost attached to the process of risk
management, and the third is the set of project manager’s priorities, such as getting the projects on
schedule, time, and cost (Iijima, 2011). The other inhibitions are hindsight or uncertainty in project,
problem of ownership of the process, cost justification for managing the process, lack of expertise, and
stakeholder anxiety (Kutsch & Hall, 2009). Four approaches of risk management are found in the
literature (Bannerman, 2008). These are checklist-based approach, analytical frameworks for risk
management, process models for risks, and risk response model for risk management (Bannerman,
2008). Of these four, the risk response model is most effective in providing options (Bannerman, 2008).
The risk response model consists of four methodologies: avoid, transfer, mitigate, and accept the risk.

Research Gap and Contribution of Present Study

Payne and Frow’s (2005) also suggests the need for a structured study on the project management process
for the information technology implementations of these projects. Although studies have been done in
the past on ERP implementations, there are differences with the way CRM acts (King & Burgess, 2008).
Customer relationship management is for customer facing executives, unlike ERP, which are more
internal process oriented. The focus of CRM implementation research is on knowledge management
(KM), cultural changes, and readiness toward technology. This suggests the challenges in CRM
implementations which require a bigger cultural change than ERP projects (King & Burgess, 2008).
There are lots of research studies done on CRM projects, project risks, and risk management, but very
few studies cover the integration of risk and project management. No study has been done in the area of IT
that covers consultants’ perspectives with real time empirical evidences of CRM projects in India. Thus,
this study covers projects that are global in nature being managed by Indian consultants from the perspective
of project risk in CRM- IT implementation and risk management process adopted by IT project managers.

Research Hypothesis
Global information technology projects are risky and could originate from various sources. “More than
fifty percent CRM projects have failed and the underestimation of costs are in between forty percent and
seventy five percent” (Everett, 2002, p. 25; King & Burgess, 2008). Charette (2005) conducted research
on “why software’s fail” lists major project failures and the implications of such failures. Most of these
6 Business Perspectives and Research

failures can be managed to a significant extent with the risk management practices which are likely to
improve the project outcomes (Charette, 2005; Jiang, Klein, & Ellis, 2002). Risk management is always
not applied, and a halfhearted approach is taken toward it (Ibbs & Kwak, 2000; Pfleeger, 2000). Thus, it
is hypothesized that:
Hypothesis 1: Project risks impact the completion of CRM information technology projects
The research work of Ibbs and Kwak (2000) also indicates that “risk management” has the least maturity
in the IS areas among all other areas. It has also been found out by researchers that a detailed risk
management process is absent for many information technology projects, though most project managers
agreed to have used some risk management processes (Ropponen & Lyytinen, 2000). However, Remenyi
(1999), Ropponen and Lyytinen (1997), Elkington and Smallman (2002), Jiang et al. (2002), and Charette
(2005) identified and reported that risk management can significantly improve software project outcomes.
On the basis of this understanding it would be sufficient to conclude that risks are relevant to information
technology projects and there is a need to understand, research, and practice risk management in the
information technology scenarios. Considering the varying nature of CRM projects and higher failures
reported in CRM technology implementations, this needs to be attended immediately.
Thus, it is hypothesized that:
Hypothesis 2: Risk management process of CRM- IT projects will impact the project outcome.

Methodology

Study Sample
The study investigated CRM software implementation and project risk management practices for IT
consultants. The primary purpose of the study was to look at if project risks impact global CRM
deployments, and second if the risk management processes followed by the consultants impact the project
outcome. A questionnaire was designed for the study, vetted by industry professionals. The questionnaire
was tested before emailed to over 150 CRM projects. The changes suggested by the industry professionals
were included in the study, so that the terminologies are understood in the same context. The sample was
drawn using snowball sampling from consultants based out of India. Five consulting organizations were
chosen for the study. The projects were a part of global implementations done by the consultants. All the
projects were at CMMI five level which was essentially done for process maturity. The projects spread
across five large information technology consulting organizations with a global presence, almost equally.
All the IT consultants employed more than 100,000 people and had more than 500 active clients. The IT
consultants had more than US$5 billion average annual revenue. All the respondents to the questionnaire
had a previous work experience in project management and in the implementation of CRM projects.
However, we did not distinguish between on-demand and on-premise CRM solutions. We received a total
of 135 responses after follow ups, of which we could accept only 105 responses. Since we had sent the
questionnaire over email, the response ratio was not captured.

Study Instrument
The first part of the study included questions relating to the impact of risks on “timelines, deliverables,
nature of impact (one question each on positive and negative), technical performance, cost, quality,
Deshmukh et al. 7

assessment of contingencies and enablement of effective project management” (Project Management

Institute, 2004). All of these items were measured on a 5-point Likert scale, ranging from strongly
disagree (1) to strongly agree (5). To measure the impact, data was requested from the respondents up to
any three CRM projects completed by them. Questions were asked on five parameters. The respondents
had to provide the estimated versus the actual for each of the factors given later.
Time: In months; Cost: In USD; Deliverables: Number of scenarios; Technical performance:
Number of customizations; Impact on client satisfaction scores: 1–5; 1 = Lowest and 5 = Highest.
Since the past project data were asked, all these data are generally archived in company databases and it
did not require them too much of effort to retrieve, unless the respondent had moved across companies.
In case they had changed jobs, we asked them for the last one or two projects. In the second part of the
study, questions were asked on:

risks were predefined, budgeting of time and cost for risk management, customer support for risk management,
customer certification of the risk management plan, escalation matrix for risk issues, people dependency for
management of risks, discussion with team members, reporting of risks to senior management and keeping the
customers informed about the risks and action taken. (Project Management Institute, 2004)

All of these items were measured on a 5-point Likert scale, ranging from strongly disagree (1) to
strongly agree (5).

Data Analysis and Interpretation

Summary Statistics
The study profile has been presented later in Table 1 of the participant demographics.

Table 1. Demographic Profile of Respondents

Age In % (Percent)
30–34 70.4
35–40 20
41 and above 9.5
Gender
Women 26.7
Men 73.3
Project management experience
Up to 5 years 24.7
5–10 years 50.4
Greater than 10 years 24.7
Number of CRM implementation experience
1–3 implementations 44.8
4–6 implementations 26.7
6–9 implementations 14.3
(Table 1 Continued)
8 Business Perspectives and Research

(Table 1 Continued)
Age In % (Percent)
Above 9 implementations 14.3
Type of CRM implementation
On demand 26.7
On premise 45.7
Both 27.6
CRM solutions implemented
SAP 51.4
Oracle 14.3
SFDC 6.7
Microsoft 14.3
Others 4.8
SAP and Oracle 1.0
SAP and Sugar CRM 1.0
Oracle and SFDC 1.9
SFDC and Microsoft 1.9
Microsoft and Sugar CRM 1.0
Microsoft and Zoho 1.0
SAP, Oracle and Microsoft 1.0
Average implementation project duration
Less than 6 months 13.4
6 month to 1 year 37.1
1–2 years 33.3
More than 2 years 16.2
Success percentage of project implementation (%)
Up to 20 1.0
20–40 1.9
40–60 5.7
60–80 29.5
80–100 61.9
Source: The authors.

Detailed Analysis
Cronbach’s alpha for the nine items in this study were 0.783, higher than the required level of 0.7 (Forza,
2002). Table 1 shows the responses in percentage of the impact of risks. Table 2 represents the opinion
of the respondents in percentage on the risk parameters. Most of the respondents agree or strongly agree
with the impact that risks have on CRM IT projects. It is important to understand that though risks
typically imply negative impact on a project, it may be otherwise as well. A total of 41.9 percent of the
Deshmukh et al. 9

respondents agree with the positive impact of risks. However, another interesting finding from the
aforementioned table is that, risks are still viewed negatively by the customers (71.7%).
A factor analysis was done for all the nine factors impacting the project outcome. The correlation
between the items were in between 0.3 and 0.8, KMO value was 0.628, and Bartlett’s test of sphericity
had a sig. value of 0.000. Three components explained the variance of 63.135 percent, which were then
extracted. The component matrix has been presented in Table 3.

Table 2. Opinion of the Respondents on the Various Risk Parameters (in %)

Strongly Disagree Neither Agree Strongly Total
Disagree Agree nor Agree
Disagree
Project risks can impact the timelines 1.9 1 1 61 35.2 100
Project risks can impact the deliverables 1.9 4.8 1 46.7 45.7 100
Project risks can have a positive impact 2.9 12.4 42.9 33.3 8.6 100
on the final outcome of the project
Project risks can impact the technical 0 7.6 18.1 54.3 20 100
performance of the CRM system
Project risks can have a negative impact 0 11.4 17.1 48.6 22.9 100
on the final outcome of the project
Risks can have an impact on the cost and 0 6.7 10.5 51.4 31.4 100
quality of the project
Risks are generally viewed negatively by 1 8.6 19 45.7 25.7 100
customers
Risks can justify decisions and enable 0 1 9.5 59 30.5 100
more effective project management
Risks help assessment of contingencies 0 5.7 6.7 62.9 24.8 100
Source: The authors.

Table 3. Component Matrixa

Component
1 2 3
F1 (Timelines) 0.681
F2 (Deliverables) 0.714
F3 (Positive impact) 0.656
F4 technical performance 0.629
F5 (Negative impact) 0.661
F6 (Cost and quality) 0.662
F7 (Viewed negatively) 0.526
F8 (Effective project management) 0.588
F9 (Assessment of contingencies) 0.652
Source: The authors.
Notes: Extraction method: Principal component analysis.
a
3 components extracted.
10 Business Perspectives and Research

The three components extracted from the component analysis were named: impact factor, deliverable
factor and the assessment of contingencies. The first component is related to impact of risks on projects.
It comprises of impact on timelines, negative impact of risks, impact on technical performance, and
impact on the cost and quality. The second component is related to impact of risks on deliverables.
Deliverables for the project manager is the most critical aspect and risks could impact deliverables in
both positive as well as negative way. Overall risks could impact the deliverables. The third component
is the impact of risks on assessment of contingencies. Risks would imply that the project manager to take
a look at the various alternatives/likelihoods/eventualities. It is, therefore, important for the IT consultant
to keep a risk mitigation plan ready for any foreseeable or unforeseen problems that may arise.
To test the hypothesis, data collected from the project managers were used. The summary statistics
has been presented in Table 4 and analyzed in Table 5.

Table 4. Paired Samples Statistics

Mean N Std. Deviation Std. Error Mean

Pair 1 Impact on cost (estimated) 4.4356 315 12.56902 0.70818
Impact on cost (actual) 4.9335 315 13.48459 0.75977
Pair 2 Impact on time lines (est) 5.0508 315 6.55092 0.36910
Impact on time lines (act) 6.0717 315 7.71232 0.43454
Pair 3 Impact on technical 5.6698 315 9.96805 0.56164
performance (est)
Impact on technical 6.9848 315 11.44532 0.64487
performance (act)
Pair 4 Impact on deliverables (est) 6.4381 315 14.34932 0.80849
Impact on deliverables (act) 7.6000 315 14.75895 0.83157
Pair 5 Impact on client satisfaction 2.4721 315 2.15867 0.12163
(estimated)
Impact on client satisfaction (act) 2.4086 315 2.12883 0.11995
Source: The authors.

Table 5. Paired Samples Test

Paired Differences
95% Confidence
Std. Interval of the
Std. Error Difference Sig.
Mean Deviation Mean Lower Upper T df (2-tailed)
Pair 1 Impact on cost −0.49794 1.33438 0.07518 −0.64586 −0.35001 6.623 314 0.000
(estimated) −
Impact on cost
(actual)
Pair 2 Impact on time −1.02095 2.45725 0.13845 −1.29336 −0.74854 7.374 314 0.000
lines (est) − Impact
on time lines (act)
(Table 5 Continued)
Deshmukh et al. 11

(Table 5 Continued)
Paired Differences
95% Confidence
Std. Interval of the
Std. Error Difference Sig.
Mean Deviation Mean Lower Upper T df (2-tailed)
Pair 3 Impact on −1.31492 3.23072 0.18203 −1.67307 −0.95677 7.224 314 0.000
technical
performance
(est) − Impact
on technical
performance (act)
Pair 4 Impact on −1.16190 2.39342 0.13485 −1.42724 −0.89657 8.616 314 0.000
deliverables
(est) − Impact on
deliverables (act)
Pair 5 Impact on client 0.06349 0.53784 0.03030 0.00387 0.12312 2.095 314 0.037
satisfaction
(estimated) −
Impact on client
satisfaction (act)
Source: The authors.

Table 5 presents the paired sample t-test results. ANOVA statistics reveals that significance level (p
value) is less than 0.05 on the ANOVA table, hence the null hypothesis is rejected and research hypothesis
is supported. Therefore, presence of project risks has created a significant difference in between the
estimated and actual costs, timelines, technical performance, deliverables, and client satisfaction (p =
0.000, 0.000, 0.000, 0.000, and 0.037).
The second part of this research was on the risk management process followed and if it had an impact
on the project outcome. The responses of the project managers have been summarized in Table 6. Cronbach’s
alpha for the nine items in this study were 0.718, higher than the required level of 0.7 (Forza, 2002).

Table 6. Summary of the Responses (in %)

Neither
Strongly Agree nor Strongly
Disagree Disagree Disagree Agree Agree Total
Are the risks predefined before the 0 24.8 34.3 39 1.9 100
start of the project
Is budgeting done for time and cost 8.6 16.2 25.7 47.6 1.9 100
required for risk management?
Is your customer supportive of the risk 2.9 2.9 27.6 61 5.7 100
management plan?
Does your customer certify the risk 2.9 10.5 27.6 51.4 7.6 100
management plan for the project start?
(Table 6 Continued)
12 Business Perspectives and Research

(Table 6 Continued)
Neither
Strongly Agree nor Strongly
Disagree Disagree Disagree Agree Agree Total
Is there an escalation matrix for risk- 2.9 9.5 13.3 56.2 18.1 100
related issues?
Can risks be managed irrespective of 8.6 33.3 10.5 42.9 4.8 100
people managing the project?
Are risks discussed with your project 0 4.8 18.1 56.2 21 100
team members?
Is the senior management kept 0 1.9 11.4 58.1 28.6 100
updated about the risks in the project
execution?
Is the customer kept updated about 1.9 7.6 22.9 48.6 19 100
the risks during the project execution?

Source: The authors.

Table 5 presents some of the interesting observations. The customers in many cases were not kept
updated about the risks as they often perceive risks to be negative. Another important observation is the
people dependency of risk management.
A factor analysis was done for all the nine factors impacting the project outcome. The correlation
between the items were in between 0.3 and 0.8, KMO value was 0.602, and Bartlett’s test of sphericity
had a sig. value of 0.000. Four components explained the variance of 67.975 percent, which were then
extracted. The rotated component matrix has been presented in Table 7.

Table 7. Rotated Component Matrixa

Component
1 2 3 4
Are the risks predefined before the start of the project 0.799
Is the customer kept updated about the risks during the project execution? 0.647
Is budgeting done for time and cost required for risk management? 0.644
Does your customer certify the risk management plan for the project start? 0.822
Is your customer supportive of the risk management plan? 0.705
Is the senior management kept updated about the risks in the project 0.853
execution?
Are risks discussed with your project team members? 0.789
Can risks be managed irrespective of people managing the project? 0.891
Is there an escalation matrix for risk-related issues? 0.582
Source: The authors.
Notes: Extraction method: Principal component analysis.
Rotation method:Varimax with Kaiser normalization.
a
Rotation converged in six iterations.
Deshmukh et al. 13

Table 8. Results of the Pearson Chi-square Analysis

Pearson chi-square Value df Asymp. Sig. (2-sided)

Are the risks predefined before the start of the project 19.788 3 0.0252
Is budgeting done for time and cost required for risk 14.444 4 0.03
management?
Is your customer supportive of the risk management plan? 15.360 4 0.0252
Does your customer certify the risk management plan for 10.089 4 0.039
the project start?
Is there an escalation matrix for risk-related issues? 9.019 4 0.041
Can risks be managed irrespective of people managing the 0.902 4 0.924
project?
Are risks discussed with your project team members? 18.636 3 0.00888
Is the senior management kept updated about the risks in 16.435 3 0.00697
the project execution?
Is the customer kept updated about the risks during the 13.126 4 0.0437
project execution?
Source: The authors.

Table 7, shows the rotated component matrix for the four components extracted, contributing to 67.975
percent of the total variance. The naming of the components was done in a way that all the highest loading
reflects in the name of that factor. The four major factors identified after grouping of all the 10 factors are:
1. Planning of risk management
2. Customer support
3. Top management support
4. Personnel issues
The first component is related to planning of risk management. It comprises of pre definition of risks,
keeping customers updated and budgeting of time and cost. The second component is the aspect of
customer support and it goes without saying that the risk management plan must be supported by the
customer. The third component is the top management support that is essential for the risk management
to be successful. The fourth component is the people aspects of managing the risk. The summary of the
Pearson chi-square analysis has been presented in Table 8.
The Pearson chi-square test was performed. Chi-square statistics reveals that significance level
(p-value) is less than 0.05 in Table 8, except one dimension, that is, people dependency in management of
risks, rests all were significant. Therefore, null hypothesis is rejected and research hypothesis is supported.

Conclusion and Implications

Conclusion
Risks can and will impact CRM implementations and it is important that as project managers the handling
of the risks is done well. Most of the risks are considered negative, although risks can have a positive
14 Business Perspectives and Research

outcome as well, though most of the project managers still view risks to be negative. Whether positive
or negative, risks can disturb the course of the project and is capable of delaying the normal schedule. In
most of the cases, risks had an impact on the schedule. The changes primarily have been delays in the
timelines, delivery schedules, budgets, and meeting the final outcomes. The greater impacts, however,
are on the timelines, cost, and quality of deliverables. Responding to risks is the next critical action item
for the project managers. It is the job of the project manager to steer the risks and land the project
successfully on time. Ad hoc management of risks does not help. Aspects of risk management like
keeping the senior leadership, customers, and the team members informed is essential. However, it is
also important to appreciate the fact that the sales of IT is different from the delivery of IT. Although “big
promises” are made at the beginning of the project, by the sales team, it may be difficult to maintain the
deadlines or schedules. Risks, therefore, can be inherent and managing these are more important. People
dependency like employees leaving the project with insufficient knowledge transfer or replacement can
also bottleneck a project. Managing of risks is not an easy task for the project manager.

Theoretical Implications
This study is a new study which advances project management studies as it looks at risks from a new
perspective and provides empirical evidences. Theoretically, the current study throw light on reason of
failure of CRM Projects, process of implementation of CRM Projects, risks associated with IT Projects
and risk management in IT Projects. The findings of this study provide a view for understanding that
project risk in CRM- IT implementation and its impact on the final outcome. The findings of this study
reveal risk management process adopted by IT project manager and the impact of risk management
process on final outcome of the project.

Practical Implications
Practically this study provides useful insights to the managers involved in CRM IT implementation
projects with respect to interplay of risks and put more emphasis on risk handling to get more and more
positive outcome. This study exclusively deals with management of CRM IT Projects from the
consultants’ perspective while providing empirical evidences. The results of the study may facilitate IT
Project managers in formulating more effective strategies with respect to planning of risk management,
to get support of customers and top management, and handling personnel issues.

Limitations and Scope for Further Study

Most of this study has been done with project managers from India. However, a cross-cultural perspective
has to be taken. There is a need to study this area of risk and risk management more formally and even
in a greater depth. Risks need an in-depth understanding. Also the projects used as a sample for this study
are packaged CRM solutions. IT by nature has different types of project, requiring different capabilities.
Therefore, putting them under the same basket is a wrong practice. Risks also have dependency with
other functions of the organization. These aspects need study. Also studies can be done on the intangible
or softer dimensions of project management. There are finer aspects of project management, which
cannot be captured with a questionnaire. An in-depth interview or a case method may be used with a
Deshmukh et al. 15

focused approach on smaller projects. It is also important to look at the risk management practices and
the success of projects. Did the risk management practices enable a successful project completion or did
it lead into failures are some other studies that can be done.

Declaration of Conflicting Interests

The authors declared no potential conflicts of interest with respect to the research, authorship, and/or publication of
this article.

Funding
The authors received no financial support for the research, authorship, and/or publication of this article.

References
Abdul-Rahman, H., Mohd-Rahim, F. A., & Chen, W. (2012). Reducing failures in software development projects:
Effectiveness of risk mitigation strategies. Journal of Risk Research, 15(4), 417–433.
Addison, T., & Vallabh, S. (2002). Controlling software project risks—An empirical study of methods used by
experienced project managers. Proceedings of SAICSIT (pp. 128–140). Port Elizabeth, South Africa. Retrieved
from: https://people.dsv.su.se/~joco2917/ft_gateway.cfm97.pdf
Alhawari, S., Karadsheh, L., Talet, A. N., & Mansour, E. (2012). Knowledge-based risk management framework for
information technology project. International Journal of Information Management, 32(1), 50–65.
Aloini, D., Dulmin, R., & Mininno, V. (2007). Risk management in ERP project introduction: Review of the
literature. Information & Management, 44(6), 547–567.
Bannerman, P. L. (2008). Risk and risk management in software projects: A reassessment. Journal of Systems and
Software, 81(12), 2118–2133.
Barki, H., Rivard, S., & Talbot, J., (1993). Toward an assessment of software development risk. Journal of
Management Information Systems, 10(2), 203–225.
Boehm, B.W. (1991). Software risk management: Principles and practices. IEEE Software, 8(1), 32–41.
Bull, C. (2003). Strategic issues in customer relationship management (CRM) implementation. Business Process
Management Journal, 9(5), 592–602.
Buttle, F. (2009). Customer relationship management: Concepts and technologies. London, UK: Routledge.
Carbone, T., & Tippett, D. (2004). Project risk management using the project risk FMEA. Engineering Management
Journal, 16(4), 28–35.
Chalmeta, R. (2006). Methodology for customer relationship management. The Journal of Systems and Software,
79, 1015–1024.
Charette, R. N. (1996). The mechanics of managing IT risk. Journal of Information Technology, 11(4), 373–378.
———. (2005). Why software fails? IEEE Spectrum, 42(9), 42–49.
Chen, I. J., & Popovich, K. (2003). Understanding customer relationship management (CRM) people, process and
technology. Business Process Management Journal, 9(5), 672–688.
Del Cano, A. D., & Cruz, M. P. (2002). Integrated methodology for project risk management. Journal of Construction
Engineering and Management, 128(6), 473–485.
Didraga, O. (2013). The role and the effects of risk management in IT projects success. Informatica Economica,
17(1), 86–98.
Dhaka, V. P., & Nahar, P. (2014). A review: Benefits and critical factors of customer relationship management.
International Journal of Advanced Networking and Applications, 6(1), 2191–2194.
Elkington, P., & Smallman, C. (2002). Managing project risks: A case study from the utilities sector. International
Journal of Project Management, 20(1), 49–57.
Everett, C. (2002, July). The slings and arrows of CRM. Computing, 18, 25–35.
16 Business Perspectives and Research

Forza, C. (2002). Survey research in operations management: A process-based perspective. International Journal of
Operations & Production Management, 22(2), 152–194.
Goodhue, D. L., Wixom, B. H., & Watson, H. J. (2002). Realizing business benefits through CRM: Hitting the right
target in the right way. MIS Quarterly Executive, 1(2), 79–94.
Ibbs, C. W., & Kwak, Y. H. (2000). Assessing project management maturity. Project Management Journal, 31(1),
32–43.
Iijima, T. (2011). Improving IT project oversight. Journal of Corporate Accounting & Finance, 22(5), 45–52.
Jiang, J. J., Klein, G., & Ellis, T. S. (2002). A measure of software development risk. Project Management Journal,
33(3), 30–41.
Jurison, J. (1995). The role of risk and return in information technology outsourcing decisions. Journal of Information
Technology, 10(4), 239–247.
Kale, S. H. (2004). CRM failure and the seven deadly sins. Marketing Management, 13(5), 42–46.
Kimberly, J. R., & Evanisko, M. J. (1981). Organizational innovation: The influence of individual, organizational,
and contextual factors on hospital adoption of technological and administrative innovations. Academy of
Management Journal, 24(4), 689–713.
King, S. F., & Burgess, T. F. (2008). Understanding success and failure in customer relationship management.
Industrial Marketing Management, 37(4), 421–431.
Kliem, R. (2004). Managing the risks of offshore IT development projects. Information Systems Management,
21(3), 22–27.
Kutsch, E., & Hall, M. (2009). The rational choice of not applying project risk management in information
technology projects. Project Management Journal, 40(3), 72–8.1
Li, J., Slyngstad, O. P. N., Torchiano, M., Morisio, M., & Bunse, C. (2008). A state-of-the-practice survey of
risk management in development with off-the-shelf software components. IEEE Transactions on Software
Engineering, 34(2), 271–286.
McGaughey, R. E., Snyder, C. A., & Carr, H. H. (1994). Implementing information technology for competitive
advantage: Risk management issues. Information & Management, 26(5), 273–280.
Nelson, R. R. (2007). IT project management: Infamous failures, classic mistakes, and best practices. MIS Quarterly
Executive, 6(2), 67–78.
Nguyen, Sherif, & Newby. (2007). Strategies for successful CRM implementations. Journal of Information
Management & Computer Security, 15(2), 102–115.
Olsson, R. (2008). Risk management in a multi-project environment: An approach to manage portfolio risks. The
International Journal of Quality and Reliability Management, 25(1), 60–71.
Payne, A., & Frow, P. (2005). A strategic framework for customer relationship management. Journal of Marketing,
69(4), 167–176. doi:10.1509/jmkg.2005.69.4.167.
Pfleeger, S. L. (2000). Risky business: What we have yet to learn about risk management? Journal of Systems and
Software, 53(3), 265–273.
Prasongsukarn, K. (2009). Customer relationship management: From theory to practice. AU-GSB e-Journal, 2(1),
17–32.
Pritchard, C. L., & PMP, P. R. (2014). Risk management: Concepts and guidance. Boca Raton, FL: CRC Press.
Project Management Institute, I. (2004). A guide to the project management body of knowledge: PMBOK guide (3rd
ed., p. 380). Newtown Square, PA: Project Management Institute.
Remenyi, D. (1999). Stop IT project failures through risk management. Oxford, UK: Butterworth Heinemann.
Rigby, D. K., & Ledingham, D. (2004). CRM done right. Harvard Business Review, 82(11), 118–129.
Rigby, D. K., Reichheld, F. F., & Schefter, P. (2002). Avoid the four perils of CRM. Harvard Business Review, 80(2),
101–109.
Ropponen, J., & Lyytinen, K. (2000). Components of software development risk: How to address them? A project
manager survey. IEEE Transactions on Software Engineering, 26(2), 98–112.
Roy, G. G. (2004). A risk management framework for software engineering practice. Proceedings of the 2004,
Australian Software Engineering Conference (ASWEC’04), IEEE Computer Society (pp. 60–67). Washington.
Retrieved from: https://core.ac.uk/download/pdf/11240595.pdf
Deshmukh et al. 17

Schmidt, R., Lyytinen, K., & Mark Keil, P. C. (2001). Identifying software project risks: An international Delphi
study. Journal of Management Information Systems, 17(4), 5–36.
Schwalbe, K. (2015). Information technology project management. Boston, MA: Cengage Learning.
Tesch, D., Kloppenborg, T., & Frolick, M. (2007). IT project risk factors: The project management professionals
perspective. Journal of Computer Information Systems, 47(4), 61–69.
Tian, F., & Sean Xin, X. (2015). How do enterprise resource planning systems affect firm risk? Post-implementation
impact. MIS Quarterly, 39(1), 39–60.
Van Bentum, R., & Stone, M. (2005). Customer relationship management and the impact of corporate culture—A
European study. The Journal of Database Marketing & Customer Strategy Management, 13(1), 28–54.
Wikstrom, C. (2004). A case study of emergent and intentional organizational change: Some implications for
customer relationship management success. Proceedings of the 37th Hawaii International Conference on System
Sciences, Hawaii, 5–8, 2004. Retrieved from https://www.computer.org/csdl/proceedings-article/hicss/2004/20
5670172c/12OmNyPQ4QU
Wilson, H., Daniel, E., & McDonald, M. (2002). Factors for success in customer relationship management (CRM)
systems. Journal of Marketing Management, 18(1/2), 193–219.