Submitted To:

Prof. Vinay Kumar Dutta

Submitted By:
Pragati Saraf (91040)
Saurabh Anand (91049)
Title – “In Depth Study on: Risks in IT Industry: The Case of Infosys Technologies”

Broad Area of Interest: Risk management in IT Industry

Objectives

The project undertaken towards fulfilment of ERM course is aimed at understanding in detail all
the risks associated with Infosys Technologies in the IT Industry. The following mentioned
objectives will be covered under the same:

 To identify the various types of risk associated with Infosys technologies.

 To study the present organizational structure that exists in the organization- risk
management executives and teams in place.
 To study the risk management processes currently in place over the complete value chain
and identifying key risks.
 To identify shortcomings in the current risk management processes and gives suggestions
for improvement.

Scope

IT industry has been hogging lime light because of the double digit growth it is achieving y-o-y
and generating employment opportunities for people. Being a service industry in which changes
take place rapidly, it is associated with much higher risk. Much of the work comes from other
cross country locations which make a number of factors out of control of the organization like
currency risk etc. This will help the company in:

 Identifying various types of risks faced by the industry and the company and prioritizing
them on the basis of extent of damage it can cause.
 Current Risk management policies and procedures will be analyzed based on the
preparedness towards handling risks.
 Recommendations given to the organization at the end of the study will help them
identify shortcomings in the present system and ways to make their system full proof.

Sources of data

Primary Sources: Employees and executives working in the company will be contacted and
interviewed on current risk management practices.

Secondary Sources: Forrester, Gartner IT industry reports, Internet

Page | 2
Methodology

 First secondary research will be done to have an in depth knowledge of IT industry and
various types of risks associated with it. IT consultants like Forrester, Gartner reports will
be considered along with Infosys Annual report.
 Then Primary research will be conducted in which the concerned employee will be
interviewed on the risk management practices currently in place in the organization.
 After analyzing the company organizational structure and processes, company
preparedness towards risks will be analyzed, short comings will be identified and based
on that recommendations will be given.

References

 Infosys Annual Report

(http://www.infosys.com/investors/reports-filings/annual-report/annual/Documents/
Infosys-AR-09.pdf)
 ERM and Role of CRO
(http://www.erisk.com/learning/research/011_lamriskoff.pdf)
 Challenges in Implementing Enterprise risk management
(http://www.scmhrd.edu/Finalyst_Issues/EnterpriseRiskManagementPaper.pdf)

Contact Person

Mr. Sumit Kumar in Infosys Technologies Ltd. (Bangalore)

Page | 3