The Issue: While all companies seek great rewards or Return on Investment (ROI) on technology supporting business strategies, they struggle in assessing the risk (technology and business process change) required to realize different types of gains.Balancing risk and rewardThe delicate balance of risk versus reward ties AMR Researchs many discussions with clients together. A few years ago, we helped a client, a Midwestern manufacturing company with a limited budget and low-margin products, in the selection of an enterprise system. The choice came down to two vendors: one a fiscally solvent company with a market-tracking technology, the other a fiscally challenged company with a niche technology. Their products were positioned as low risk and high risk, respectively. At the last moment, the latter vendor decided to undercut a fairly close bidding process by offering the software for free in exchange for exclusive systems integration rights on the project.The buyer was perplexed. Was this too good a deal to be true? No, but an economic value was being placed on company and product risk. The buyer was advised that such a purchase was highly risky and had a large potential for an unsuccessful install, particularly given its expertise and spending ability. The buyer, however, decided that the economics of the situation outweighed the risks and purchased the less expensive system. Unfortunately for the client, a combination of limited software fit requiring much customization, a technology that became unwieldy to support, and company bankruptcy led it to write off the entire project and purchase yet another product 18 months later. To address the need to manage this type of risk in technology investment, AMR Research is introducing a Risk Assessment Profile (RAP). The RAP has been created to supplement our research with a new rigorous methodology for how technology buyers can better manage risk in a turbulent market.Hidden risks Risk is always somewhat veiled in the ways that buyers evaluate products and ongoing strategies. Functional benchmarks are made, financial viabilities are examined, and technology is tested in evaluating new systems and expanding currently owned ones. Each area (and more) individually represents a single and incomplete picture of the risk involved. Only by combining and understanding the interplay between these different factors can buyers of enterprise software truly assess the risk of their decisions.These different areas of risk are often examined very broadly, without much focus, consideration, or methodology, which can lead to poor decisions. While many factors can be considered, risk is best examined when all of the factors are consolidated and structured into two areas: company risk and product risk.Company riskExamines how well a vendor can and will serve the needs of a given market. Factors include business strategy, financial strength, customer practices, and internationalization. The purpose is to determine the overall commitment a company has to a market and its ability to serve clients.Product riskExamines how well the product can and will serve the needs of a given market. Factors include technology, functionality, referenceability, and internationalization. The purpose is to determine the overall ability of the product to meet and continue to meet the needs of a market. (Some RAP exercises evaluate IT service categories, in which case the domain and delivery categories are substituted for technology and functionality categories.)Defining the marketsThe RAP Sheet is then used to compare companies and products in a well-defined market. The best, and perhapsmost elegant, definition of markets was coined by Geoffrey Moore in his seminal high-technology marketing book,Crossing the Chasm: “A set of actual or potential customers for a given set of products or services who have a common set of needs or wants and who reference each other when making a decision.”This definition implies that many markets exist when only one may be loosely spoken of when market numbers are given. Thus the Enterprise Resource Planning (ERP) market actually comprises many markets, including the following:The global ERP market (for buyers seeking a single system across the globe)The North American ERP midmarket (for buyers seeking a system in North America)The European ERP midmarket (for buyers seeking a system in Europe)However, the Customer Relationship Management (CRM) market does not exist in the perspective of the Risk Assessment Profile, because a buyer of a salesforce automation system has little use or need for a call center dispatch package.The applied definitionOnly when this type of market definition rigor is applied to companies and products can a relevant analysis emerge. It also means that the company and product risk of an individual product will be different. Consider these examples:Company riskIn the late 1990s, Computer Associates would have had a high company risk in the midtierERP market for a number of reasons, evidenced by its exit from the market. On the other hand, SAP has always had a low company risk for the global ERP market, though its ranking in the small-to-midsize business ERP market has never ranked as high.Product riskSiebels salesforce automation product may be well suited for large, global salesforces, but perhaps not so much for smaller groups. This view has been shaped through the rapid growth of salesforce.com, Microsofts SFA initiative, and Siebels own move into a subscription-based product, which it acquired.By focusing on markets and buyer needs, the Risk Assessment Profile attempts to consider such differences in companies and product needs and quantify them.Navigating the marketThe quantifications are made in bands of risk: low, low to moderate, moderate to high, and high. Similar to how buyers evaluate products, each band trades off company risk against product risk. To some buyers, purchasing a low risk product from a high-risk company can be a good decision because its likely that the product will always find a good home regardless of corporate owner. But it may be a poor decision to buy a high-risk product from a low-risk company, since the company may decide to jettison the product, leaving current customers in the lurch. By applying the rigor of our RAP methodology and RAP Sheet output, clients get help in avoiding such mistakes and a much more quantifiable review of product selection and strategy determination. In the coming months, AMR Research will be producing RAPs and presenting more detailed reference discussions concerning their use. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe