Risk Analysis of Alternative Solutions IT Acquisition Template 6

Risk Analysis of Alternative Solutions IT Acquisition Template 6

http://www.iteconcorp.com/T6RiskAnalysis.html

Risk Analysis of Alternative Solutions IT Acquisition Template 6

Perceptions of Risk

There is risk everywhere, which is why two basic considerations, probability and impact, are widely used to determine which risks are most important and should be managed. Even so, judgments of probability and impact vary based on past experience, organizational culture (which includes values), and professional competence. It is no surprise, therefore, that risk identification and assessment results for similar projects vary from organization to organization. Moreover, it is no surprise that not all use the same set of risk assessment criteria. The variations in risk perceptions and practices from organization to organization is why a buyer organization and its IT services contractor often have somewhat different views of the risks involved with an IT project.

Allocating Risk Responsibilities

Assuming the buyer and contractor can come to an agreement on the major risks associated with a project, the next question is which organization is in the best position to control a specific risk, the buyer or the contractor? This is important because sometimes a buyer will ask the contractor to be responsible for a risk that only the buyer can control. The contractor cannot make the mistake of accepting such a risk, especially in a fixed price contract. Both parties need to have sufficient understanding of each significant risk and who can best control it. Allocating risk between the buyer and the organization must always reflect which party is in the best position to control the risk. If neither party can control the risk, the best approach usually is for both parties to share the risk.

Risk and Contract Price

The contractor’s proposed price generally reflects the contractor’s understanding of the work, including the amount of risk the contractor expects to assume. If the contractor has a poor understanding of the risk, the price may be too high or too low and the allocation of risk might be detrimental to both parties. Similarly, if the buyer has a poor understanding of the risk, the buyer might pay too much or too little for the contractor’s services, and the allocation of risk could similarly be detrimental. This means that both the buyer and potential contractors need to have a good understanding of the project risks by the time contract negotiations take place

Sometimes there are so many unknowns that it is not possible for either party to have a good understanding of the potential risks in advance of contract negotiations. The contractor cannot be expected to assume such risks at its own expense. The contractor normally takes this uncertainty into account in establishing its proposed price, usually with contingencies built into the contract.

Use of Integrated Project Team (IPT)

The principal reason for using an Integrated Project Team to identify and assess risk is because it brings many different perspectives, which is important in identifying and evaluating risk. The team members represent all of the key business areas affected by the proposed project. As a team, they are better able than a single person to know what the risks are and how they might be avoided or mitigated.

Risk Analysis Process

Identifying risk should begin at the beginning of the pre-solicitation the planning, well before the formal risk analysis documented in this template (Template 6). As risks are identified, they can be document for subsequent consideration. The risks identify for some alternative solutions will be eliminated when the solutions are screened out. The risks associated with the solutions that are not screened out need to be retained for further analysis in the formal risk analysis documented in Template 6.

The risk analysis process consists of identifying the sources and types of risks associated with each alternative solution and its work breakdown structure, evaluating each risk in terms of probability and likely impact, and establishing a mitigation strategy for each risk. For the alternative solution that is ultimately selected, this risk information will become part of a risk management plan that is used to monitor and manage risks during the project. The process of identifying and evaluating risk, planning risk mitigation strategies, and monitoring risks takes place throughout the life cycle of the IT investment. The process ends with the disposal of the IT system at the end of its life cycle.

The most critical time to use the risk analysis process is early in the planning–for two purposes: (1) to screen out alternative solutions that would present too much risk and (2) to determine how to modify otherwise acceptable alternatives to reduce their risk. Too many organizations do a poor job of identifying risk. In particular, they ignore the fact that many major risks can be avoided either by not selecting certain alternative solutions or by modifying an alternative to reduce its risk.

In evaluating alternative solutions, risk analysis of alternative solutions generally precedes the economic analysis of the alternatives because the economic analysis must take risk into account. The economic analysis results (see Template 7) are “risk adjusted,” which requires that the risks associated with each alternative solution be identified and quantified.

Risks Identified with the Work Breakdown Structures

Work breakdown structures have been prepared for at least two or more of the “best” solutions based on prior analysis. The review of the work breakdown structures for Template 5 is likely to have identified risks that could not be avoided or otherwise eliminated by modifications of the solutions. Those risks need to be taken into account in the risk analysis. It is advisable for the IPT to perform a formal risk analysis of each

WBS, not only to confirm the risks identified earlier, but also to identify risks that may have been missed.

Risk Criteria Categories

Leading organizations group related risks into a single “risk category” that is given a name that identifies the types of risks in that category. The organization may establish five, six, seven or more categories to represent all of the possible risks that might be identified. The table below illustrates the risk categories used by two different organizations.

Organization A’s Risk Categories Organization B’s Risk Categories • Strategic/Commercial Risk • Economic/Financial/Market Risk • Legal and Regulatory Risks • Organizational Management/People

Issues • Political/Societal Issues • Environmental Factors/Acts of God • Technical/Operational/Infrastructure

Risks

• Business/Strategic • External Factors • Procurement • Organizational

Factors • Management • Technical

Each risk identified by an organization must be documented in one of the risk categories. To facilitate this, organizations develop a detailed definition of each category and the risks that it includes and they provide checklists, examples, and other aids to help individuals identify risk and correctly document them in the correct categories. Leading organizations have policies and procedures that support a professional approach to risk identification, documentation, assessment, mitigation, and management. They are aware that most project failures occur because important risks were not identified until it was too late to avoid the risks or effectively mitigate them.

Research-Based Risk Categories

Listed below are a set of risk criteria categories and definitions that grew out of a number of years of research on planning and implementing IT projects. The risk category definitions have been abbreviated for use here, but as stated they give a good idea of the nature of each category. Also, none of the aids associated with each category (e.g, checklist, examples) is shown. It is important to keep in mind that, while organizations may use the same criteria categories, they will modify the definitions of these categories to best address their own situations. For example, a law firm is likely to have some different risk exposures related to its IT projects than a clothing manufacturer.

1. Organizational Risk: Extent of buy-in by key stakeholders (e.g., affected managers, users, other employees, customers). Extent to which qualified

individuals will be available to manage and staff the project. Extent to which employees with the required knowledge and skills are likely to be available to staff the implemented system. Extent to which the organization is otherwise ready to successfully implement and use the system. Possibility for loss of senior management support at some point in the project and possibility for resistance to change by one or more managers who are or will be affected by the project.

2. Infrastructure Risk: The extent to which it places demands on the organization’s infrastructure, including its IT infrastructure (e.g., will it incur non-project costs elsewhere in the organization; will it slow up other processes or reduce needed flexibility; will it interoperate with other systems without undue cost or risk?)

3. Information Security and Privacy: The extent to which it meets the established standards for information security and privacy.

4. Complexity Risk: Degree of complexity of the project and/or the proposed solution. Extent to which all of the assumptions have been identified, are supported, and taken into account in the planning. Likely accuracy of forecasts for benefits, costs, and risks.

5. External Risk: The extent to which external risks pertain to this solution (e.g., affect on corporate partners, the environment, compatibility with law and regulation). Includes contractual relationships and regulations.

Every risk associated with an alternative solution is documented and placed in its proper risk category. Risks that fall into the same risk category are often related and similar risk management strategies may be applicable. Sometimes an overarching strategy can help to control all of the risks in the category.

A variety of sources of information may be used to estimate the probability of the risk occurring and the likely financial impact if it does occur. Analyzing the risk will be important in judging the probability and likely impact. Other important sources are the organization’s performance with past projects and any “lessons learned” from them. The probability and likely impact make it possible to calculate the organization’s financial “risk exposure” for each risk, which enable the risks to be prioritized. The highest priority risks based on the risk exposure calculation get the most attention and resources for managing them.

Template 6 is used to summarize the findings of the detailed analysis of each alternative. Documentation of the detailed analysis should be maintained to support and defend the entries made in the template. One Template 6 form is used for each alternative.

Here is an important finding based on the experience of organizations using the five risk criteria provided in the template: The greatest proportion of project failures are caused by risks that fall into the Organizational Risk category. Such risks include stakeholder buy-in and senior management support. This underlines the need for stakeholder participation in the project to help obtain and maintain stakeholder buy-in and the

importance of appointing an executive to serve as an executive change manager and project champion.

Using Template 6 – the Risk Analysis Template

The use of Template 6 should follow a full risk identification and analysis process (e.g., using checklists and other aids). Template 6, below, uses the five research-based criteria categories and definitions provided above.

A separate Template 6 is used for each alternative solution that is analyzed for risk. Enter the name of each alternative solution at the top of each template, as shown in the examples below.

• Identify and Document the Risks. Use the risk categories and definitions above to identify and categorize the risks for each alternative solution. Specifically, use each of the five categories of risk and their definitions, one at a time, to help you determine if one or more important risks in a risk category is associated with your alternative solution. If it is, document the risk–as illustrated in the Template 5 examples below–under the proper category name. As shown in the first example below, three significant risks were identified in the Organization Risk category.

• Estimate Probability of Occurring and the Impact if it Occurs. After you have identified and documented a risk, estimate its probability of occurring and then the likely financial impact if it does occur. The financial impact is usually indicated by a range of dollar costs because it is almost impossible to forecast a precise dollar figure.

• State Mitigation Strategy for Each Risk. Next, state the mitigation strategy for the risk–your recommendation for avoiding or otherwise controlling and minimizing the risk.

• Calculate Risk Exposure. Then calculate the approximate risk exposure for that risk and enter it in the Approximate Risk Exposure column. The purpose of calculating the risk exposure is to aid in prioritizing the risk–the greater the risk exposure, the higher the priority. Risks that fall into the same category tend to be interrelated, enabling certain risk management strategies to be applied at the aggregate level. Here is an explanation of how to calculate the risk exposure of individual risks:

Calculating Risk Exposure The risk exposure of any given risk is the probability of the risk occurring times the total loss if the risk occurs. We are using a financial cost (loss) range, so you need to multiply the probability times the low cost figure and the probability times the high cost figure.

For example, if there is a 20% probability of risk “X” occurring and the impact cost (loss) is in the range of $20,000 to $50,000, the risk exposure range calculation would be as follows:

20% x $20,000 = $4,000 Low end of risk exposure

20% x $50,000 = $10,000 High end of risk exposure

Risk exposure range for risk “X” = $4,000 – $10,000

• Prioritize the Risks. After the risk exposure range has been calculated for each risk, the risks need to be prioritized based on their risk exposure. The greater the risk exposure, the higher the priority. A simple way to prioritize them is to form three categories, Low, Medium, and High, and define each. The definitions of the ranges will vary with the organization. For the Template 6 examples below, the following ranges were used: L (low) = $1,000 – $5,000; M (medium) = $5,001 – $15,000; and H (high) = $15,001 and up. L, M, and H are used to identify the priorities in the Risk Priority column in the template.

• Compute the Average Risk Probability. At the bottom of Template 6, there is a cell titled Average Probability. The entry to be made in this cell is merely the average probability of occurrence for the risks listed above for this alternative. For example, assume the sum of eight risk probability entries in the column is 170%. Dividing the 170% by eight, we find that there is a 21.5% average probability that the risks will occur. This average is simply a general reference point in assessing the riskiness of an alternative solution. [Note, the economic analysis software used with Template 7 requests entries for the “probability that this benefit will be achieved.” This is looking at risk from a different perspective. If the risk is, say, 21.5% that the benefit will NOT be achieved, the probability that it WILL be achieved is 78.5% (100% – 21.5% = 78.5%).]

• Compute Total Approximate Risk Exposure. At the bottom of Template 6, there is a place for entering the sum of the risk ranges for the individual risks. It is titled Total Approximate Risk Exposure. The figures to enter are obtained by summing the dollar impact figures at the bottom of the range for each risk’s probability range and then summing the dollar impact figures at the top of each risk’s probability range. This produces the total cost impact range of from $X to $Y. These total impact figures permit a comparison of alternative solutions based on their risk probabilities and their likely impacts.

• Make Recommendations for Alternative Solutions. After a Template 6 has been used to document and analyze the risks associated with each alternative solution, it is necessary to state which alternatives should be carried forward for further analysis and which should be eliminated because of risk. Generally, an alternative solution with even one unacceptable risk is screened out. Similarly, if

the total amount of risk for an alternative solution is unacceptable to the organization, the alternative needs to be screened out. There needs to be at least two acceptable alternative solutions carried forward. If there are not two that are are acceptable, it will be necessary to modify the alternative solutions so at least two will be acceptable or to identify new ones that will be acceptable. Note the statement below following the fourth Template 6 form, which describes the recommendations regarding the four alternative solutions.

The use of Template 6 is illustrated below. Four alternative solutions to a performance problem were assessed in terms of their risks. The Template 6 forms illustrate the risks that were identified and documented in each risk criteria category. This is followed by a statement recommending that two of the alternatives be eliminated and two retained. The entries are illustrative and are not meant to represent a full risk assessment.

Alternative Solution #1 (Tentative Solution Rank Order #1): Acquire In-house Graphics Management System – Hire a contractor to recommend, acquire, and install the graphics management tool or tool set and provide training, using a performance-based contract

.

Risk Category Proba bility

Impact If

Occurs Mitigation Strategy

Approx. Risk

Exposure Risk

Priority

Organizational Risk

a. Scope creep (users may increase functionality requirements)

b. Users may resist use of new system

c. Possible loss of executive support during project due to new priorities

a. 20%

b.50%

c. 20%

a. $20,000 – $50,000

b. $5,000 – $20,000

c. $10,000 – $30,000

a. Use of representative IPT; frequent meetings with users to inform and prevent misunderstandings

b. Pre-sell new system, provide training; remove old systems as of a specified date

c. Frequent executive briefings; stress link to the organization’s key performance indicators

a. $4,000 – $10,000

b.$2,500 – $10,000

c. $2,000 – $6,000

a. M

b. M

c. M

Information Security and Privacy Risk

Potential loss of control of proprietary graphics

20% $15,000 – $50,000 Identify proprietary graphics at outset; establish and test security measures to safeguard them

$3,000 – $10,000 M2

Complexity Risk

a. Possible unrecognized

a. 20%

b. 10%

a. $5,000 –

$20,000.

Require all estimates and assumptions to be justified; obtain independent verifications of assumptions and estimates;

a. $1,000 – $4,000

b. $500 –

a. L

b. L

assumptions

b. Accuracy in forecasting costs and benefits

b. $5,000 – $10,000

assign responsibility for specific assumptions and estimates to individuals by name and hold them accountable for their accuracy.

$1,000

Infrastructure Risk Possible interoperability Problem

. 15% .$2,000 -$10,000 Require onsite pilots by vendors to identify and address potential problems

$300 – $1,500 L

External Risk Contractor underperformance

15% $20,000 – $30,000

Require certification of the contractor by the software vendor; check related past performance and staff to be assigned; use performance-based contract

$3,000 – $4,500 L

. Average

Probability

21.25% . Total Approximate Risk Exposure:

$16,300 – $47,000 .

Template 6. Alternative #1 Risk Analysis Results

Alternative Solution #2 (Tentative Solution Rank Order #3): Outsource the Graphics Management Functions – Outsource the graphics design and management work to an expert graphics design and production company under a negotiated time and materials contract with incentives and penalties.

.

Risk Category Proba bility

Impact If

Occurs Mitigation Strategy

Approx. Risk

Exposure Risk

Priority

Organizational Risk

a. Scope creep (users may increase functionality requirements)

b. Users may resist use of new system

c. Possible loss of executive support during project due to

a. 20%

b.40%

c. 20%

d. 40%

a. $5,000 – $50,000

b. $5,000 – $20,000

c. $10,000 – 30,000

d. $30,000 – $50,000

a. Use of representative IPT; frequent meetings with users to inform and prevent misunderstandings

b. Pre-sell new system, provide training; remove old system as of a specified date

c. Frequent executive briefings; stress link to the organization’s key performance indicators

d. Hire or train to gain qualified

a. $1,000 – $10,000

b. $2,000 – $8,000

c. $2,000 – $6,000

d. $12,000 – $20,000

a. M

b. M

c. M

d. H

new priorities

d. Internal staff not able to qualified to manage outsourcing contract

personnel

Information Security and Privacy Risk

a. Potential loss of control of proprietary graphics

b. Contractor security breach

a. 30%

b. 15%

a. $50,000 – $150,000

b. $15,000 – $50,000

a. Identify proprietary graphics at outset; establish and test security measures to safeguard them

b. Confirm contractor’s security controls; include contractual penalties

a. $15,000 – $45,000

b. $2,250 – $7,500

a.H

b. M

Complexity Risk

a. Possible unrecognized assumptions

b. Accuracy in forecasting costs and benefits

c. Initial relationship policies and procedures may have defects and new ones will need to be developed.

a. 20%

b. 20%

c. 30%

a. $5,000- $25,000

b. $5,000 – $10,000

c. $10,000 -$50,000

a & b. Require all estimates and assumptions to be justified; obtain independent verifications of assumptions and estimates; assign responsibility for specific assumptions and estimates to individuals by name and hold them accountable for their accuracy.

c. Hire expert advisor to make recommendations; investigate and adopt suitable best practices in graphics outsourcing; establish integration monitors; give issue resolution high priority

a. $1,000 – $5,000

b. $1,000 – $2,000

c. $3,000 – 15,000

a. L

b. L

c. L

Infrastructure Risk Possible interoperability Problem

15% $5000 -$10000 Onsite pilots by contractors to identify potential problems

$750 – $1,500 L

External Risk

a. Services are not as described

b. Selected company has relationship with our competitor

a. 20%

b. 10%

.a.$10,000 – $20,000

b. $10,000 – $20,000

a. Hire experienced outsourcing legal experts to prepare, modify, and/or review proposed outsourcing contract. Assess contractor’s past performance in outsourcing; establish contractual penalties.

b. Perform due diligence prior to selection; negotiate conflict of interest policies, procedures, and penalties

a. $2,000 – $4,000

b. $1,000 – $2,000

a. L

b. L

. Average . Total Approximate Risk $42,950 – .

Probability

22.5%

Exposure: $126,000

Template 6. Alternative #2 Risk Analysis Results

Alternative Solution #3 (Tentative Solution Rank Order #2): Use Software as a Service – Use a graphics management system that is hosted on the computer of a service provider. This is a web-based solution that falls in the category of “cloud computing.”

.

Risk Category Proba bility

Impact If

Occurs Mitigation Strategy

Approx. Risk

Exposure Risk

Priority

Organizational Risk

a. Scope creep (users may increase functionality requirements)

b. Users may resist use of a hosted system

c. Possible loss of executive support during project due to new priorities

d. Internal staff may not be satisfied with the host system arrangement

a. 20%

b.20%

c. 20%

d. 25%

a. $5,000 – $50,000

b. $5,000 – $20,000

c. $10,000 – 30,000

d. $20,000 – $40,000

a. Use of representative IPT; frequent meetings with users to inform and prevent misunderstandings

b. Pre-sell the host system approach via presentations, visit to host sites, and Q&A sessions; subsequently remove old systems as of a specified date

c. Frequent executive briefings; stress the value and potential of SaaS; stress the expected contributions to the organization’s key performance indicators

d. Have internal users help to select the SaaS system, including test it before selection, and after selection be trained in its use by qualified training personnel

a. $4,000 – $10,000

b. $1,000 – $4,000

c. $2,000 – $6,000

d. $5,000 – $10,000

a. M 2

b. L 8

c. M4

d. M 1

Information Security and Privacy Risk

a. Possible productivity loss through internet or other network

a. 10%

b. 15%

a. $15,000 – $50,000

b. $15,000 – $50,000

a. Investigate best solution to network problems that will enable continuity of work; evaluate host’s recommendations; select and implement an acceptable approach to ensuring work continuity.

a. $1,500 – -$5,000

b. $2,250 – $7,500

a. L 5

b. M3

problems.

b. Contractor security breach

b. Test and evaluate host organization’s security policies, procedures, and enforcement; evaluate historical performance and any prior security breaches; include contractual penalties

Complexity Risk

a. Possible unrecognized assumptions

b. Accuracy in forecasting costs and benefits

c. Users may seek to use capabilities available from host that are beyond their training and experience

a. 10%

b. 15%

c. 20%

a. $10,000- $25,000

b. $5,000 – $10,000

c. $5,000 – $20,000

a & b. Require all estimates and assumptions to be justified; obtain independent verifications of assumptions and estimates; assign responsibility for specific assumptions and estimates to individuals by name and hold them accountable for their accuracy.

c. In coordination with host, block user access to host system capabilities that have not been approved for use by the users; establish a program to give users training and access to selected new capabilities that can strengthen our organization’s performance.

a. $1,000 – $2,500

b. $750 – $1,500

c. $1,000 – $4,000

a. L 9

b. L 11

c. L 7

Infrastructure Risk Possible interoperability Problem

15% $5000 -$10000 Conduct tests to ensure that host system will interface smoothly with related internal systems.

$750 – $1,500 L 12

External Risk

a. Services are not as described

b. Selected host has relationships with our competitor

a. 20%

b. 10%

.a.$10,000 – $20,000

b. $10,000 – $20,000

a. Hire experienced SaaS experts to assist in evaluating the host and developing a mutually beneficial SaaS contract. Assess host’s past performance in serving its clients; establish contractual penalties.

b. Perform due diligence prior to selection of host; as needed, interest-protection policies, procedures, and penalties

a. $2,000 – $4,000

b. $1,000 – $2,000

a. L 6

b. L 10

. Average

Probability

16.67% . Total Approximate Risk Exposure:

$22,666 – $80,666 .

Template 6. Alternative #3 Risk Analysis Results

Alternative Solution #4 (Tentative Solution Rank Order #4): Acquire Graphics Management Firm – Acquire a small graphics arts firm with demonstrated expertise in graphics creation and management in support of business proposals.

Risk Category Proba bility

Impact If

Occurs Mitigation Strategy

Approx. Risk

Exposure Risk

Priority

Organizational Risk

a. Scope creep (users may increase functionality requirements)

b. Culture conflicts (differences in values, priorities, expectations, and practices)

c. Possible loss of executive support during project due to new priorities

d. Inability of firm to pay relatively large up-front expenditure to purchase the firm

a. 20%

b.50%

c. 20%

d. 40%

a. $20,000 – $50,000

b. $50,000 – $100,000

c. $10,000 – $30,000

d. $20,000- $30,000

a. Use of representative IPT; frequent meetings with users to inform and prevent misunderstandings

b. Involve firm being acquired in all integration planning activities; pilot test each procedure involving graphics support services; conduct two or more welcoming get-to-know- each-other events.

c. Frequent executive briefings; stress link to the organization’s key performance indicators

d. Ensure that the firm can afford the cost of acquiring the firm, considering other demands on its resources; establish minimum performance requirements for the acquired firm; seek to negotiate mutually-beneficial arrangement for paying the purchase cost over a period of time.

a. $4,000 – $10,000

b. $25,000 – $50,000

c. $2,000 – $6,000

d. $8,000 – $12,000

a. M3

b. H1

c. M5

d. M2

Information Security and Privacy Risk

Potential loss of control of proprietary graphics

5% $15,000 – $50,000

Conduct briefing sessions with acquired group regarding proprietary information and security measures; as needed, conduct background checks.

$750 – $2, 500 L 7

Complexity Risk

a. Possible unrecognized assumptions

a. 20%

b. 10%

a. $5,000 -.$20.000

b. $5,000 – $10,000

a & b. Require all estimates and assumptions to be justified; obtain independent verifications of assumptions and estimates; assign responsibility for specific assumptions and estimates to

a. $1,000 – $4,000

b. $500 – $1,000

a. L 6

b. L9

b. Accuracy in forecasting costs and benefits

individuals by name and hold them accountable for their accuracy.

Infrastructure Risk Possible interoperability Problem

15% .$5 000 -$10,000

Require monitored pilots by graphics firm to identify and address potential interoperability problems

$750 – $1,500 L 8

External Risk

Possible liabilities associated with the firm’s customers and past activities.

20% ..$10,000 -$40,000

Require an audit of the graphic firm’s assets, liabilities, and other financial aspects; check past performance and reputation with customers; ensure that key staff will be retained if the firm is acquired; consider making purchase price contingent on post- acquisition performance.

$2,000 – $8,000 M 4

. Average

Probability

22.22% . Total Approximate Risk Exposure:

$44,000 – $95,000 .

Template 6. Alternative #4 Risk Analysis Results

Recommendation: Eliminate Alternatives #2 and #4 and Retain Alternatives #1 and #3

Based on this risk analysis and in consideration of the likely benefits and the Template 4 ratings, Alternatives #2 (outsource the functions) and #4 (acquire a small firm) are eliminated from further consideration. Alternative #2 is eliminated principally because of the risk of losing control of proprietary information by placing it in the hands of a third party. Alternative #4 is eliminated for three reasons: the risk of not finding a qualified firm that wishes to be purchased, the relatively large up-front costs that would be involved, and the time it would likely take to integrate the small firm into the corporate culture. Alternatives #1 and #3 also have less risk than other two alternatives and are expected to cost less. Although the organization has no experience with the Alternative #3 solution (SaaS), this alternative is expected to be especially attractive financially and in terms of expected performance. It could be the least costly solution and the risks involved are only slightly greater than those of Alternative #1 but are outweighed by the potential for greater benefits. It is recommended that alternatives #1 and 3 be further analyzed to determine which is the better solution for our organization.

Template 5. Recommendation of Alternative Solutions for Further Analysis

IMPORTANT NOTES:

1. This template should be used with a Microsoft Word (or other word processor) document. It should not be used in an Excel worksheet because a worksheet is is not an

appropriate medium for electronically transmitting the document to others or for printing it for distribution.

2. The template is adjustable. After the template is copied to a Word document, replace the sample entries in the cells with your own information. You can change the length and width of the template and its cells after you copy the template to your document. If you put your cursor on a line in the template, the line can be moved horizontally or vertically, depending on the line, to best fit your information. There is no need to color any of the cells in your Word version, though color is used in the examples above.

* * *


Comments are closed.