Surfacing ERP exploitation risks through a risk ontology

The purpose of this paper is to develop a risk identification checklist for facilitating user companies to surface, organise and manage potential risks associated with the post‐adoption of enterprise resource planning (ERP) systems.

A desktop study, based on the process of a critical literature review, is conducted by the researchers. The critical review focuses on information systems and business research papers, books, case studies and theoretical articles, etc.

By systematically and critically analysing and synthesising the literature review, the researchers identify and propose a total of 40 ERP post‐implementation risks related to diverse operational, analytical, organisation‐wide and technical aspects. A risk ontology is subsequently established to highlight these ERP risks, as well as to present their potential causal relationships.

For researchers, the established ERP risk ontology represents a starting point for further research, and provides early insights into a research field that will become increasingly important as more and more companies progress from implementation to exploitation of ERPs.

For practitioners, the risk ontology is an important tool and checklist to support risk identification, prevention, management and control, as well as to facilitate strategic planning and decision making.

There is a scarcity of studies focusing on ERP post‐implementation in contrast with an over abundance of studies focusing on system implementation and project management aspects. This paper aims to fill this significant research gap by presenting a risk ontology of ERP post‐adoption. It represents a first attempt in producing a comprehensive model in its area. No other such models can be found from the literature review.