跳到主要內容

簡易檢索 / 詳目顯示

研究生: 高子青
Gau, Tzyy-Ching
論文名稱: 金融機構建置政府資訊系統應用實務與風險治理:個案分析
Risk Governance and Practical Applications in Government Information Systems Developed by Financial Institutions: A Case Study
指導教授: 林士貴
口試委員: 陳銘賢
林士貴
江永裕
杜慧如
學位類別: 碩士
Master
系所名稱: 國際金融學院 - 國際金融碩士學位學程
Master’s Program in Global Banking and Finance
論文出版年: 2026
畢業學年度: 114
語文別: 中文
論文頁數: 92
中文關鍵詞: 政府資訊系統標案敏捷專案管理需求不確定性風險治理
外文關鍵詞: Government Information Systems, Agile Project Management, Requirements Uncertainty, Risk Governance
相關次數: 點閱:12下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報
  • 在政府資訊系統標案情境中,專案執行同時受到政府採購制度、固定總價契約與驗收導向治理之高度制度性約束。敏捷專案管理因具備迭代開發與持續回饋特性,被視為可因應需求不確定性與時限壓力的方法,然其於政府標案中的實務落地,常面臨契約限制、治理結構與問責要求的結構性張力。本研究以金融機構承作政府資訊系統標案之單一案例為對象,採用案例研究法,透過文件分析、系統紀錄與專案實務觀察進行分析,並以ISO 31000風險管理流程為主架構,結合IEC 31010評估方法,系統性進行風險識別、分析、評估、處置與監控,建構可追溯之風險事件鏈。研究結果顯示,本個案最具影響性的風險並非源自需求變更頻率,而是制度規則與例外情境於測試與驗收階段才被完整揭露,導致需求澄清活動後移,並在驗收期間集中出現高嚴重性缺陷。當變更決策缺乏可追溯證據時,需求凍結點與變更控制機制易流於形式,難以抑制範疇擴張。此外,供應商人力流失與專案控制力不足,進一步放大跨組織知識落差與缺陷不收斂問題,使品質與時程風險顯著提高。在治理層面,本研究指出,政府標案敏捷專案之關鍵不在於導入敏捷儀式,而在於建立以收斂性與可追溯性為核心之治理機制。透過品質門檻設計、缺陷收斂指標與最小可追溯紀錄之整合,可將風險由驗收階段前移至開發與測試過程,有助於在固定總價與高問責環境下提升專案可控性。本研究提供將風險管理標準具體化於政府標案敏捷專案之實務方法,並提出可供金融機構設計專案治理與風險管理機制之參考。


    Government information system projects are constrained by public procurement regulations, fixed-price contracts, and acceptance-oriented governance. Agile project management is often adopted to address requirements uncertainty and time pressure; however, its effectiveness is limited in such environments. This study examines a government IT project implemented by a financial institution, applying a single-case study approach. Based on project documents, system records, and practical observations, the study utilizes the ISO 31000 framework to analyze risk mechanisms and construct traceable risk event chains.The findings indicate that critical risks did not arise from frequent requirements changes, but from the late disclosure of institutional rules and exception scenarios. As a result, requirements clarification was delayed to testing and acceptance stages, leading to concentrated high-severity defects. Weak traceability of change decisions further reduced the effectiveness of governance mechanisms, while vendor staff turnover amplified knowledge gaps and defect persistence. The study suggests that effective risk management requires shifting from final-stage validation to early-stage control. By introducing threshold-based governance, convergence-oriented quality monitoring, and minimal traceability mechanisms, risks can be mitigated earlier. These findings provide practical implications for managing agile projects under high-constraint environments.

    謝辭 i
    摘要 iii
    Abstract v
    圖次 x
    表次 xi
    第一章 緒論 1
    第一節 研究動機 1
    第二節 研究目的 4
    第三節 研究範圍與限制 6
    第四節 研究方法與流程 8
    第二章 文獻探討 11
    第一節 政府資訊系統標案特性分析 11
    第二節 敏捷專案管理方法概述 13
    第三節 需求不確定性與時限壓力之相關研究 15
    第四節 敏捷專案管理在政府標案上的應用研究 18
    第五節 相關風險管理理論與實務 22
    第三章 敏捷專案管理於政府資訊系統標案之應用實務分析 26
    第一節 案例背景介紹 26
    第二節 時限壓力與需求不確定性的現況描述 29
    第三節 敏捷專案實踐方式分析 32
    第四節 專案過程中需求訪談、分析與開發差異 35
    第五節 範圍與成本掌握的挑戰與因應措施 38
    第四章 政府標案專案風險治理 43
    第一節 政府標案專案風險識別 43
    第二節 風險分析 49
    第三節 風險評估 54
    第四節 風險處置 58
    第五節 風險監控與持續改善 62
    第六節 治理意涵與建議 65
    第七節 本章之分析性貢獻 68
    第五章 結論與研究展望 71
    第一節 研究問題之回答 72
    第二節 本研究提出之治理解法 74
    第三節 未來研究方向 75
    第四節 結語 75
    參考文獻 77
    附錄 81
    附錄A1:Sprint WBS 進度與 影響外溢 證據 81
    附錄A2:客戶端測試控制圖 82
    附錄A3:變更控制委員會決策痕跡 83
    附錄A4:客戶端測試缺陷結構統計 84
    附錄B1:政府、銀行、資訊整合廠之三方治理清單 85
    附錄C:敏捷專案與專案管理專有名詞說明 87

    【中文文獻】
    一. 網站資料
    [1]. 行政院主計總處(2023)。採購審核及監辦注意事項。https://ebasnew.dgbas.gov.tw/PublicinsideAudit/Detail/0/1344
    [2]. 政府電子採購網。(n.d.)。採購資訊查詢系統。https://web.pcc.gov.tw/pis/
    [3]. 政府採購法。(2019)。https://law.moj.gov.tw

    【英文文獻】
    一. 網站資料
    [1]. Agile Manifesto. (2001). Manifesto for agile software development. https://agilemanifesto.org
    [2]. Association for Project Management. (2020). Procuring for agile projects. APM White Paper. https://www.apm.org.uk
    [3]. International Organization for Standardization. (2018). ISO 31000:2018 risk management—Guidelines. https://www.iso.org/obp/ui/#iso:std:iso:31000:ed-2:v1:en
    [4]. International Electrotechnical Commission. (2019). IEC 31010:2019 risk management—Risk assessment techniques. https://mdcpp.com/doc/materialDownload/IEC%2031010-2019%20EN.pdf
    [5]. McKinsey & Company. (2022). Unlocking the potential of public-sector IT projects. https://www.mckinsey.com/industries/public-sector/our-insights/unlocking-the-potential-of-public-sector-it-projects
    [6]. UK Government. (2023). Contracting for agile: Guidance note. GOV.UK. https://www.gov.uk/government/publications/contracting-for-agile-guidance-note-html

    二. 期刊
    [1]. Braun, V., & Clarke, V. (2006). Using thematic analysis in psychology. Qualitative Research in Psychology, 3(2), 77–101. https://www.sci-hub.ee/10.1191/1478088706qp063oa
    [2]. Ciancarini, P., Di Giacomo, R., & Grimaudo, G. (2024). Scrum@PA: Tailoring an agile methodology to the digital transformation in the public sector. Information, 15(2), 1–27. https://www.mdpi.com/2078-2489/15/2/110
    [3]. Eisenhardt, K. M. (1989). Building theories from case study research. Academy of Management Review, 14(4), 532–550. https://doi.org/10.5465/amr.1989.4308385
    [4]. Hoy, Z., & Xu, M. (2023). Agile software requirements engineering challenges–solutions: A conceptual framework from systematic literature review. Information, 14(6), 322. https://doi.org/10.3390/info14060322
    [5]. Inayat, I., Salim, S. S., Marczak, S., Daneva, M., & Shamshirband, S. (2015). A systematic literature review on agile requirements engineering practices and challenges. Computers in Human Behavior, 51(Part B), 915–929. https://www.academia.edu/20287717/A_systematic_literature_review_on_agile_requirements_engineering_practices_and_challenges
    [6]. Krancher, O. (2020). Agile software development practices and success in outsourced projects: The moderating role of requirements risk. In Agile processes in software engineering and extreme programming (XP 2020) (pp. 56–72).Springer. https://link.springer.com/chapter/10.1007/978-3-030-49392-9_4
    [7]. Neumann, O., Kirklies, P.-C., & Schott, C. (2024). Adopting agile in government: A comparative case study. Public Management Review, 26(12), 3692–3714. https://doi.org/10.1080/14719037.2024.2354776
    [8]. Odzaly, E. E., Greer, D., & Stewart, D. (2018). Agile risk management using software agents. Journal of Ambient Intelligence and Humanized Computing, 9, 823–841. https://link.springer.com/article/10.1007/s12652-017-0488-2
    [9]. Ren, A., Liu, L., Wang, Y., Liu, X., Wang, H., Xu, K., Zhang, X., & Arora, C. (2024). Requirements elicitation in government projects: A preliminary empirical study. arXiv. https://arxiv.org/abs/2404.05425
    [10]. Rizkiyah, K., Nisyak, A. K., & Raharjo, T. (2020). Agile-based requirement challenges of government outsourcing project: A case study. In Proceedings of the International Conference on Information Technology Systems and Innovation.
    [11]. Schwaber, K., & Sutherland, J. (2020). The scrum guide: The definitive guide to scrum. Scrum.org. https://scrumguides.org/scrum-guide.html
    [12]. Singh, S., Madaan, G., Singh, A., Sood, K., Grima, S., & Rupeika-Apoga, R. (2023). The AGP model for risk management in agile IT projects. Journal of Risk and Financial Management, 16(2), 129. https://doi.org/10.3390/jrfm16020129
    [13]. Silva, A. S., Araujo, A., Palomino, P., Araujo, R., & Dermeval, D. (2024). Mastering requirements volatility: Strategies for dynamic environments and multiple stakeholders in government software projects. IEEE Access, 12, 183060–183077. https://doi.org/10.1109/ACCESS.2024.3510056
    [14]. Utami, A. T., Raharjo, T., Mustaqim, I. Z., & Trisnawaty, N. W. (2024). Barriers of agile requirements engineering in the public sector: A systematic literature review. Interdisciplinary Journal of Information, Knowledge, and Management, 19, 1–32. https://doi.org/10.28945/5289
    [15]. U.S. Digital Service. (n.d.). Contract types for agile development contracts. TechFAR Hub. https://techfarhub.usds.gov

    無法下載圖示 全文公開日期 2031/06/28
    QR CODE
    :::