The conclusions of academic research on ERP are positive: ERP improves business processes, and organizations that implement ERP have better financial performance than their peers that have not implemented ERP. However, horror stories also occur, examples of ERP implementations that overrun their budgets or even endanger the continuity of the organization. In the first part of this book, several of these horror stories have been mentioned, such as Fox Myer Drugs, Dell, Hagemeyer, Wessanen,
D’Ieteren and the Dutch Ministry of Defense.
Most ERP implementations do not become horror stories, but ERP implementations are undeniably risky. Grabski et al  estimate that around ninety percent of all ERP implementations end later than planned or cost more than estimated. Other research shows that many implementations do not attain their initial objectives [Nucleus, 2003; Adam & O’Doherty, 2003; Koning, 2004], or may even be considered complete failures [Giannotten, 2003].
The above examples show that an ERP implementation should not be taken lightly. ERP is not straightforward and an implementation has associated financial and reputation risks. It is clear that no organization aspires to become the next ERP horror story. A thorough risk analysis during the ex ante evaluation of an ERP implementation is therefore indispensible.
Though there is a general recognition that ERP is risky, only limited academic research is available on the specific risks of ERP and the ways in which organizations mitigate these risks. Below, a summary of existing research is presented. A distinction is made between critical success factors on the one hand and risks on the other hand.
A critical success factor is a condition for achieving objectives. When a critical success factor for an ERP implementation is not met, the objectives of the implementation most likely will also not be met. A risk is the potential occurrence of an event that will have a negative impact on achieving objectives [COSO, 2004]. Within the context of ERP the attainment of implementation objectives will be endangered when the event that is associated with the risk actually takes place; there is however also a chance that the event does not occur.
The following can be said about ERP critical success factors. Various authors have derived critical success factors for ERP on a theoretical basis, after which they have validated the factors in practice. Critical success factors that have been listed by at least two of these authors are top management support for the project, the presence of a so-called champion, a top management executive who owns the project, and continuous communication with all stakeholders [Markus et al., 2000; Grabski et al., 2003; Parr & Shanks, 2003; Sumner, 2003].
These critical success factors are probably not unique to ERP, but are inherent to all business process redesign and many IT projects. However, the research indicates that neglecting these critical success factors in an ERP implementation project is unwise, as the risk of failure then becomes very high.
Therefore the management of these critical success factors should be part of the ERP ex ante evaluation.
The following is known about risks associated with ERP implementations. It is generally accepted that
ERP implementation projects are risky. However, only limited research is available on which specific risks can be distinguished in practice during ERP implementations. Below, an overview is presented of four risks that have not only been deducted on theoretical grounds; they have actually been observed in practice when researchers carried out case studies, interviewed participants in ERP implementations, or studied financial reports. The four identified risks are:
- Cost overruns for implementation partner costs and software modifications [Stefanou, 2001; Koning, 2004]
- No or only partial realization of projected benefits, due to functional mismatch between the organization’s processes and the functionality of the ERP system [Sumner, 2003; Koning, 2004]
- No improvement in financial performance [Hunton et al., 2003]
- For small companies that were financial ly unhealthy when they started the ERP implementation (they may not have enough resources to complete the implementation successfully)
- For large companies that were financial ly healthy when they started the ERP implementation (they may not have enough improvement potential)
- Operational problems in the go live phase [Markus et al., 2000; Have, 2003]
These four risks are specific to ERP implementations. If one or more of the events associated with a risk actually occur during an ERP implementation, the objectives of the implementation are at risk. It is therefore essential to already pay attention to active risk mitigation during the ex ante evaluation of an ERP implementation.
An example of a company that has carefully evaluated risks during an ERP implementation, and has also taken the relevant mitigating measures is Unilever. The company implemented SAP and went live in 2003. In image above the project is described.
In 2002, Unilever consciously decided for a high-risk approach for their ERP implementation. The planned implementation horizon was twelve months, while an average ERP implementation takes eighteen months. The business processes that were going to be supported with ERP were critical for Unilever’s operation, as they comprised the whole demand & supply chain. Finally, the project should run smoothly in order to retain good relationships with the retailers, the most important customers for Unilever.
The company has consciously taken risks, but has also consciously implemented risk-mitigating measures. Testing was carried out on a large scale with operational data. No costs were spared on the implementation team, which consisted of at least fifty people, and in the team knowledge of business processes, SAP, and IT was amply available. The project suffered from some misfortune, but it ended on time and under budget.