Compliance-risks in the operation of IT products

The article discusses compliance risks that can arise during the operation of IT products in the market and cause unacceptable damage to IT organisations. To achieve this goal, the author of this article conducted a study of civil, administrative and criminal judicial practice, where one of the parties was an IT company (OKVED 62), including disputes related to the infringement of exclusive rights to IT products. Based on the research conducted, 12 compliance risks were identified, of which 6 were civil, 1 was administrative and 5 were criminal. An analysis of judicial practice has shown that the withdrawal, distribution and operation of IT products on the market without taking into account these requirements exposes IT companies to civil, administrative and/or criminal liability. In addition, as part of the work carried out, the dynamics of criminal offences in the field of computer information was analysed, where it was found that in the period 2022-2023. The increase in offences related to unauthorised access to electronic devices rose from 9,308 to 36,788 crimes (an increase of 74.6%). The results of the study highlited the urgent need for IT stakeholdes to develop effective and efficient preventive measures to influence identified compliance risks. For example, the development of measures related to the review of requirements for documentary support of IT projects, the form and content of IT products, and ways of protecting computer information.

1. Beskodarova V.S. (2020). Author’s agreements. Synergy of Sciences, 45: 158-163. (In Russ.)

2. Gayazov I.R. (2022). On the issue of modifying computer programs. Internauka, 22-6(245): 21-32. (In Russ.)

3. Zaidova E.B. (2021). Problems of the efficiency model of granting real rights to a computer program through an author’s order. Scientific Research of the XXI Century, 1(9): 331-334. (In Russ.)

4. Kopylov A.Yu. (2019). Basic qualifying characteristics of works as an object of copyright. Issues of Russian and International Law, 9(10-1): 106-112. (In Russ.)

5. Kotovshchikov A.V. (2017). Computer programs in the system of objects of object rights. In: Current problems of graphic law and graphic legal proceedings: 75-78. (In Russ.)

6. Kuznetsova K.O., Chernova E.A., Mayer V.R., Garifullin R.F. (2022). Information management. Interscience, 40-4(263): 54-55. (In Russ.)

7. Mikhailenko K.A., Kovaleva K.A. (2021). Review and analysis of software development. In: Current problems of science and education in the context of modern challenges: Collection of materials of the II International Scientific and Practical Conference: 52-55. (In Russ.)

8. Nikolaenko V.S. (2024). IT‐product: Clarification of the concept. Journal of Wellbeing Technologies, 52(3): 136-145. (In Russ.)

9. Nikolaenko V.S. (2024). Compliance-features of creating IT-products within the framework of IT-project. Issues of Risk Analysis, 21(5): 97-107. (In Russ.)

10. Shorokhov D.A. (2020). Selection of software for creating a website. Current Scientific Research in the Modern World, 7-1(63): 219-226. (In Russ.)

11. Aven T. (2012). The risk concept - Historical and recent development trends. Reliability Engineering and System Safety, 99: 33-44.

12. Beer M., Wolf T., Garizy T.Z. (2015). Systemic risk in IT portfolios - An integrated quantification approach. In: Exploring the Information Frontier: International conference on information systems: 1-18.

13. Brandas C., Didraga O., Bibu N. (2012). Study on risk approaches in software development project. Informatica Economica, 16(3): 148-157.

14. Chapman R. (2011). Simple tools and techniques for enterprise risk management. Chichester, Wiley.

15. De Baker K., Boonstra A., Wortmann H. (2014). The communicative effect of risk identification on project success. Project Organisation and Management, 6: 138-156.

16. Lee O.-K.D., Baby D.V. (2013). Managing dynamic risks in global IT projects: Agile risk-management using the principles of service-oriented architecture. International Journal of Information Technology & Decision Making, 12: 1121-1150.

17. Luckmann J. A. (2015). Positive risk management: Hidden wealth in surface mining. Journal of the Southern African Institute of Mining and Metallurgy, 115: 1027-1034.

18. Mishra A., Das S., Murray J. (2014). Managing risk in government information technology projects: Does process maturity matter? Production and Operations Management, 24(3): 365-368.

19. Nikolaenko V., Sidorov A. (2023). Analysis of 105 IT project risks. Journal of Risk and Financial Management, 16(1): 33. DOI: https://doi.org/10.3390/jrfm16010033.

20. Paladino B., Cuy L., Frigo M. (2009). Missed opportunities in performance and enterprise risk management. Journal of Corporate Accounting & Finance, 20(3): 43-51.

21. Wieczorek-Kosmala M. (2014). Risk management practices from risk maturity models perspective. Journal for East European Management Studies, 19(2): 133-159.