Next Article in Journal
Optimization Approaches for Multiple Conflicting Objectives in Sustainable Green Supply Chain Management
Next Article in Special Issue
Exploring the 4IR Drivers for Sustainable Residential Building Delivery from Social Work Residential Perspective—A Structural Equation Modelling Approach
Previous Article in Journal
Low-Altitude Remote Sensing Inversion of River Flow in Ungauged Basins
Previous Article in Special Issue
Construction Information Management: Benefits to the Construction Industry
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Sustainability
Volume 14
Issue 19
10.3390/su141912793
sustainability-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Data Management Risks: A Bane of Construction Project Performance

by
Ornella Tanga
1,*,
Opeoluwa Akinradewo
1,*,
Clinton Aigbavboa
1,
Ayodeji Oke
1,2 and
Samuel Adekunle
1
1
cidb Centre of Excellence, Faculty of Engineering and the Built Environment, University of Johannesburg, Johannesburg 2006, South Africa
2
Department of Quantity Surveying, School of Environmental Technology, Federal University of Technology, Akure 340271, Nigeria
*
Authors to whom correspondence should be addressed.
Sustainability 2022, 14(19), 12793; https://doi.org/10.3390/su141912793
Submission received: 12 September 2022 / Revised: 23 September 2022 / Accepted: 5 October 2022 / Published: 7 October 2022
(This article belongs to the Special Issue Sustainable Management of Construction Projects)
Browse Figures
Versions Notes

Abstract

:
The construction industry is a sector that creates employment opportunities for everybody from all backgrounds. A good performance achieved through managing data is one factor that enables the construction industry’s success and development. Unfortunately, data management encounters challenges regarding data safety, due to the implementation of the fourth industrial revolution (4IR) (digitalisation). This study sets out to evaluate the effects of risks to data management on the performance of construction projects. This research work used a quantitative methodology and gathered information from different construction professionals in the South African construction industry via a well-structured questionnaire through online platforms. These professionals were quantity surveyors, architects, civil, mechanical, and electrical engineers practising for a firm, company, organization, or institution within Gauteng province, South Africa. A random sampling technique was used in this research to ensure that each part and set of individuals had an equivalent possibility of being incorporated into the sample. Of 215 questionnaires sent out, 181 (84.19%) responses were received and used for data analysis. Mean item score (MIS), standard deviation (SD), a non-parametric test, and exploratory factor analysis were used to analyse the retrieved data. Findings revealed that loss of construction project data, loss of confidential information, company image and reputational harm are among the top three effects that risks to data have on people working in the construction sector. This study concluded that these data management risk effects could be prevented if construction project stakeholders were aware of the different data management risks.

1. Introduction

According to Khan [1] and Boadu et al. [2], the construction industry is perceived as a sector that helps to generate jobs and provide employment opportunities to all categories of people, depending on their level of studies and expertise (expert, skilled, semi-skilled, and unskilled). Moreover, the construction industry greatly contributes to revenue generation, due to the fact that anyone with any level of educational background (both formal and informal) can find employment [1,2,3]. Milford [4] considers the building sector to be a field that boosts competitiveness and improves the value of customers and enterprise performance. Therefore, it is an important sector for economic development, job creation, quality improvement, maintenance of infrastructure, and enhancement of project lifespan. The discussion above shows that the construction industry needs to be successful because of its benefits to the economy [4,5]. To achieve success in a construction project, good performance is required during the project lifecycle, which can be achieved through overall project risk management and data management [5,6,7].
Global businesses that are digitally connected (I4.0) benefit from a variety of new opportunities, such as access to worldwide resources, reaching out to international markets, and increasing the effectiveness of their global operations [8]. Zscheischler et al. [9] further state that digitalisation promotes sophisticated job management in all industries, without exception, and increases efficiency, which boosts production, effectiveness, and profitability. Raptis et al. [10] opine that data is a critical asset for advancing Industry 4.0 (I4.0). This applies from machine automation to information automation and knowledge automation. In the construction sector, data is obtained through building information modelling, virtual reality, augmented reality, and different types of sensors used during construction execution [11]. The construction sector generates a huge amount of data during construction phases that stakeholders need to share. This data requires data management to avoid project failure and disputes [10]. Data management is the creation, implementation, and oversight of strategies, rules, programmes, and practices that regulate, safeguard, provide, and improve the value of data and information assets, according to Dama international [12]. Jing et al. [13] stress that in the 1980s, the term ‘data management’ started. This term was used when database systems and data storage were first introduced. Tanga et al. [6] point out that today’s organizations, including construction organizations, depend on data, and its management shows the company’s success level. This is because data management involves storing, retrieval, security, and exchange, enabling a good construction environment by facilitating good communication among project parties for better project advancement.
Deep et al. [3] argue that ineffective planning, execution, and limitations cause risks and other constraints for the client or project partners. Many professionals try to mitigate and control these risks by using information communication tools such as BIM, cloud storage, and web-based software, among others [3,4,6,14] which result in other risks. From inception, these tools were supposed to bring solutions to appease construction parties regarding project risks, but this has not worked one hundred percent in their favour [6,11]. In this highly digitalized world, there is a need to be aware of advanced risk factors connected to internet use. Boateng et al. [5] and Pham et al. [15] explain that no construction project is risk-free, due to the sector’s demanding, dynamic, and complicated character. According to Boateng et al. [5], construction projects are more vulnerable to hazards than other industries because of their complexity, which both practitioners and academics has confirmed over the years. Unfortunately, the sector is now exposed to non-internet-related and internet risks. In addition, most professional and project members focus on non-internet-related factors. Thus, it is important to draw their attention to the data risks and the related effects [7]. According to Lainjo [16], data management risk measures or actions must be implemented in all organizations, whether the company is experiencing cyber-attacks or not. Without adopting data management risk measures, many organizations have to bear the load of the costly effects of data management risks [16]. In addition, Luo [8] and Zscheischler [9] emphasize the fact that that many digitalisation risks (data risks) are highly unresolved and poorly understood in many industries, therefore necessitating the emergence of data management, particularly in the construction industry in this case. The construction sector receives and sends a large amount of information during a project lifecycle. This information needs to be managed to ensure a productive outcome. Thus, this study aims to evaluate the effect of risks to data management on the performance of construction projects. This is expected to highlight how improper or inadequate data management can pose a significant risk to the construction industry’s performance. Project risk management the past did not include data management risks, which made project management ineffective. Most construction projects are not adapting data management risks to their dynamic project nature, which causes a gap between general project risk management and data management risks. Nevertheless, studies such as Tang et al. [17] built the risk index system and experimentally measured the likelihood, effect, influence scope, and period of risk for the Xinjiang Code-Division Multiple Access (CDMA) core network expansion project, using Fuzzy evaluation. This did not address the internet and non-internet-related risks and their effects. Similarly, Gorecki [18] carried out a study that saw big data as a major tool to manage project risk management through data collection and analytics, thereby enabling construction work performance tracking. This study focused on project risk management, with no emphasis on data risks per se. In addition, Tummala and Schoenherr [19] offered a thorough and comprehensive strategy for controlling risks in supply chains with the aid of risk phases, among which were risk identification, measurement, assessment, evaluation, mitigation and control. Furthermore, Kuner et al. [20] researched the approaches to risk management in data protection while pointing out the rights and obligations of individual organizations in ensuring data protected as deemed fit. None of these studies identified the internet- and non-internet-related risks in the construction industry. To bridge this gap in the body of knowledge, this paper will identify internet- and non-internet-related risks that should be managed effectively for the success of construction projects.

2. Theoretical Background to Data Management Risks

Data management is very complex and involves many interrelated tasks to be completed. Thus, a data management system is required. The construction sector stakeholders use data management systems to store large amounts of data representing general project information. The system is ever-changing because when new applications and data are added to the system, old applications and data still have to operate permanently [21]. Information changes as the construction project execution continues, data grow and need to be stored or added to the information system. These data are expected to be readily available and safe [22]. The storage (database) of data plays an important role in the management of projects because it is the indicator of project delivery satisfaction, as explained in Tanga et al. [6] and Poltavtseva [23]. Data management systems represent a distributed network that helps easily access and deliver data. This is founded on the idea of autonomous agents for collective communication with the aid of open network infrastructure [24]. Data management also involves data warehousing and business intelligence, which collect data from several sources [25]. The collected data is stored in one central and reliable repository for use in artificial intelligence, machine learning, data analysis, and data mining. Data warehousing enables easy access to data, leading to better decision-making during the project lifecycle [26]. IBM [25] put forward the idea that for more than three decades, data warehousing systems have been identified as a core component of business intelligence.
Another data management approach is data governance. According to Abraham et al. [27], data governance refers to a cross-functional data management framework that serves as a strategic asset to the construction organization. Thus, it defines the accountabilities and decisions that are right for the organization’s data decision-making process and helps in compliance control and formalization of data standards, regulations, and procedures. Furthermore, data security and privacy are also major data management approaches. Dimitrieska et al. [28] stress that many organizations have become more connected via various software or interconnected solutions, due to the adoption of the fourth industrial revolution. Attackers use this opportunity to attack organizations that do not control how data are exchanged among stakeholders [29,30]. According to Zhang and Yuang [31] and Talha et al. [32], data security and privacy mean maintaining data confidentiality, integrity, and availability (called the CIA triad) whenever needed by the organization. As Bhushan et al. [33] highlight, besides the CIA triad, other properties related to data access reinforce security, such as non-repudiation, authenticity, and authorization. Data architecture is another viable data management approach, and Sherman [34] puts forward the idea that data architecture is beneficial to many organizations because it enables data privacy and security, provides better data understanding, provides management instructions from the initial stage of data collection in a source system for the consumption of data by businesspeople, promotes data government development and also supports data warehousing, business intelligence and big data, specifically. Data architecture represents a data picture that shows how organizational data integrate, and serves as a guide for data definition, schemas, transformation, storage, collection, enhancement, and information workflow [34,35].
Data quality also forms an integral part of the data management approach and, according to Talha et al. [32], data quality and security represent the two aspects that enhance data value. Before any data exploitation, these two aspects must be adopted to construct better project data management because they are in a direct relationship. Poor data quality expenses in the construction sector might include lost opportunities, lost income, construction process re-execution due to data inaccuracies, quality improvement fees, and other factors. Taleb et al. [36] stress that a good data quality assessment includes data refinery (filtering, cleansing, compression, and format conversion) and valuation. In other words, data quality ensures data fitness before usage [37]. Document and content management is another data management approach. Rosa et al. [38] stress that with the implementation of the I4.0, data is received electronically in multiple formats during the lifecycle of projects in various industries and companies. These different formats need to be managed, stored and transformed into documents. Project success is guaranteed if construction organizations properly manage these documents and content [6,39]. Oztaysi [40] asserts that a DCMS (document and content management system) helps construction organizations store various documents coming from different sources, retrieve documents and manage document lifecycles and provide a system for reliable access to document content.
Lastly, another data management approach is data modelling and development. IBM [41] note that organizations use data modelling. This process consists of generating a visual display of an entire information system or different aspects to show correlations between two elements: data points and structures. A data model, which is equivalent to the building plans of an architect that helps stakeholders to comprehend the structure to be constructed, refers to the conceptual data structures representation that a database needs. These data structures incorporate data objects, the rules governing object operations, and the objects’ relationship [41,42].
Based on the various functions of a data management system, data risks can occur anytime if a function or all the functions are not carefully or well applied (data mismanagement). Data security has become a severe issue for many organizations worldwide, including the construction sector, due to industry 4.0 adoption [28]. Data is continuously at risk, due to technological development that offers opportunities to cyber attackers to perform data integrity violations, security policy violations, and data privacy violence [23]. Poor data governance and data management raise data security issues that cost organizations. The effects in the construction sector due to poor data management and governance are discussed further.

3. Data Management Risks on Construction Projects

On the one hand, Dokuchaev et al. [43] put forward the idea that data risks can be caused by attacks or other factors. The factors involve employees or information system users of an organization taking incorrect actions (error) or violating requirements. These actions might be at the information system’s technical, organizational or documentation level. Furthermore, other risks are accidents, the sharing of passwords, unwise disposal of private documents, diverse failures or malfunctions, and interference, resulting in the information system’s hardware devices malfunctioning [43,44]. On the other hand, data risks are also caused by cyber-attacks or crimes [23]. Al Amro [45] stresses that cyber-attacks represent any malicious activity that uses internet vulnerabilities to execute multiple kinds of attacks, primarily against ICT tools or software, or particularly to harm human beings. These activities can be performed in various ways, including phishing, malware, denial of service (DoS), and man-in-the-middle-attack [46,47]. The following subsections highlight the identified data management risks attributed to construction projects.

3.1. Time Wastage

Time in project management refers to one of the factors of the iron triangle (time, cost and quality) that enables good performance and the way the project management is performed so that the project is completed in the time framework required [7,48,49,50]. On top of the iron triangle, project performance is also among the main goals of construction projects, to enable project satisfaction from the project’s inception to conception [48]. Al-Qahtani and Baymount [50] assess that time in a project is crucial to the efficiency and satisfaction of the project, and if not well-managed, delays can arise. Pawlak and Wendling [51] stress that different studies have shown that the time required to resolve a cyberattack is more than 32 days, with an overall average cost higher than $ 1 million for affected firms or companies during the 32 days. This is based on a cybercrime survey completed in 2013 with United States companies. This will, therefore, delay the project execution and make the contractor liable to the client for not respecting the time frame as indicated in the contract.

3.2. Project Execution Interruption and Financial Losses

According to Shi and Saleem [52], phishing attacks include the electronic falsification of e-mails, voice-over-internet protocols, text messages, SMSs, and social networking sites. This is explained by the fact that the attacker can imitate the contractor’s e-mail to send false bank details to the principal agent or client. The client might pay into the wrong account, putting the contractor and all projects in financial difficulty. This can lead to non-payment of the cost of work done, and result in a lack of funds to continue with the project. Additionally, Kikwasi [53] and Amina et al. [54] assert that the main reasons for project interruption involve suspensions, liquidation, bankruptcy, delayed payment, cash flow issues, stakeholders’ non-payment and schedule slippage. Thus, good data management risk through the use of ML techniques such as fuzzy control, WEKA, and ANN, among others, can help detect phishing [55] and prevent the execution of construction projects by avoiding various risks. However, construction parties need to be constantly updated on the new and various project risks to keep the same level of control over the project finances, execution and performance [15]. This is also applicable to data management risks. However, Luo [8] puts forward the idea that although investing in digital technologies as cited above is important, developing a business that will be able to control, identify, contain, and even mitigate data risks through the use of the same technologies is more important.

3.3. Reduction of Competitive Advantage and Poor Information Quality

According to White and Murray [56], attackers can easily penetrate systems, using various strategies to steal the companies’ success strategies, sell or share them with rival companies, or expose their vulnerabilities to the public to take over the market. Bishop [57] and Mallik et al. [58] stress that cyber attackers find ways to infect other services, access, read and spread sensitive information all over the networks, and modify or remove files. These modifications of information or data due to cyberattacks may also lead to poor data quality because there might be missing or modified information that will cause confusion, loss of client trust, and construction rework during the project lifecycle. Kosutic and Pigni [59] put forward the idea that companies that ignore cyberattacks and data management risks have a less competitive advantage, and cannot secure assets from intruders. This results in loss of customers, lack of trust among stakeholders, and increased losses. Therefore, construction project stakeholders should be conscious of the effects of risks to data management because these will lower the company’s competitive advantage, as clients will prefer rival companies. Furthermore, Deep et al. [3] explain that using data management risks in a construction environment reduces the extent to which unfavourable conditions influence the project’s success. In this case, the unfavourable conditions are poor information quality and reduction of competitive advantage. The KPMG [60] explain that organisations that are able to successfully handle their data, analyse their information and data at a rapid pace, enhance innovation, achieve organisational objectives, transform their institutional mind-set, and start viewing data as an asset, are able to acquire a sharpened competitive edge.

3.4. Project Abandonment Due to Lack of Credible data and Loss of Confidential Information

This is justified by the fact that cybercriminals might gain access to the company’s system and steal banking details to conduct unlawful transactions (slicing attacks) [61]. The company will run out of money needed to execute the project, pay stakeholders, and buy construction materials. When a huge amount of money is stolen, the company cannot recover [56]. Luo [8] explains that intrusions may result in the loss of priceless data, and customer trust, all of which can have severe and difficult-to-recover-from consequences. Moreover, Dave [62] and Mallik et al. [58] explain that when hackers penetrate an information system, they only wish to modify, destroy and reduce confidential and important information. Therefore, this can lead to the abandonment of a construction project, due to continuous modification of data which may result in continuous rework and time, effort, and money wastage. For these reasons, the management of data risks is as important as physical security [8].

3.5. Cost Overrun on Company’s Overheads

Kemp et al. [63] noted that the internet is becoming a dangerous space for daily usage because of security breaches or cyber-attacks and crimes taking over the internet, especially during the COVID-19 pandemic. The pandemic and the restriction measures that came along with it intensified already existing fraud and crimes on the internet [63]. De Bruijn and Janssen [64] and Strategic Direction [65] and Luo [8] point out that the number of cybercrimes keeps increasing, and organizations are being forced to spend a huge amount of money on cyber security to cope with the different forms of cyberattacks. For example, if the system has been attacked by ransomware, the client is not held responsible for lack of security and might even claim costs to rebuild and re-secure the system [66]. Furthermore, Tepeli et al. [48] and Pham [15] emphasize that, based on several research studies conducted around the world, risks have caused high cost and time overruns. This affects the portion of enterprises with little technological capacity and no data security understanding, because they become more even more vulnerable [8].

3.6. Compromise of Occupied Building and Mistrust of Project Data

The institute of engineering technology (IET) [67] explains that when attackers gain access to sensitive information from BIM, for instance, they may know the plan of the building, including all the alarm systems and security features, without visiting the facility after construction or the site during the project execution. This is dangerous, because attackers can plan to rob or harm the occupants in the near future. Also, reliable information is needed to deliver a good quality output during project execution. However, when an attack occurs, data deletion and modifications occur, which in turn bring complications, disputes, and mistrust between project parties and increase a lack of trust in project data, especially if this happens continuously [68]. Thus, stakeholders must be strict regarding data management risk in the construction industry. De Bruijn and Janssen [64] explain that some cyberattacks have severe consequences and effects even though many cyberattacks are harmless. The violations of cyber security can vary from minimal to having no effect.

3.7. Inability to Submit Tenders and Hardware and Software Destruction

Roy et al. [69], Gunkel [70], and Dokuchaev et al. [43] stress that cyberattacks such as hacking aim at destroying data and computer programmes completely. On top of this, to attack a system or a computer, the attackers take a few seconds, while it takes minutes, hours, or even days to deal with the consequences of cyberattacks [71]. When the information storage is attacked, constructors may be unable to retrieve saved documents, take more time to recover the file, or even start carrying out another tender to submit, and end up being late for submission. All of this can reach an extent where the software and hardware are damaged, and in cases where attacks such as viruses, PCB tampering, and IP piracy are combined and not treated and detected (managed) on time, can destroy the company hardware and software, making it impossible to access the information system [6,32,36,72]. Mohammad [73] further explains that the management of data requires regular update of software and continuous training and update in data security methods to keep data handling authentic, because the more that preventive methods are used, the more intruders find new ways to sabotage and penetrate systems.

3.8. Harm to Company’s Reputation and Image, Stakeholders’ Loss of Confidence, and Compromise of Trade Secrets

In recent years, advertising and the press have become common targets for cyber security incidents. This harms the reputation and image of companies and can result in unplanned costs. In addition, this harm can decrease a business’s market value, establish new legal complexities, and result in fines from certain regulatory and non-compliance bodies [56]. Cyber risk poses a huge threat to private and public institutions, due to its effect on the systems of information of the organization, its reputation, stakeholders’ confidence loss, and financial losses [74]. Furthermore, Bondarenko et al. [75] agree that intruders could also steal data from information systems on intellectual property rights such as trademarks, secret trades, copyrights and industrial product design brands. This data type also needs to be protected, to avoid the wrong usage of the company logo and success strategies. In addition, Pham et al. [15] stress that one of the biggest reasons for cost overruns, delay, a bad reputation, and sometimes project failure is inefficient risk management in general. Luo [8] adds that failure of the company’s leadership to address digitalisation or data risks could result in severe knock-on effects that harm not only the company’s international operations and those with partner companies in different nations and industries, but also the company’s reputation in the world and the public’s goodwill.

3.9. Cyber-Extortion and Interruption of Project Timeline

According to Mabunda [76], cyber-extortion is one of the big effects of cyberattacks that many people and organizations face, because of the high use of electronic devices and the internet. Cyber-extortion generally occurs through ransomware, where the attacker asks the target or victim to make payment transactions [45]. Sulkowski [77] and Al Amro [45] define cyber-extortion as demanding large amounts of money or valuables to keep the obtained information secret or unblock the victim system. This obtained information usually involves the information system of the victim. Moreover, the time taken to recover the information, which is sometimes impossible when the victim does not make the payment, will lead to work stoppage, thus affecting the project timeline and resulting in late project delivery [43]. Therefore, construction professionals must be aware of cyber-extortion, to avoid negative effects interrupting project execution. Deep et al. [3] emphasize that each phase of a construction project has its scope, function, and duration. As a result, frequent and various risks and ambiguities seen throughout the various stages of a construction project show the necessity of developing an effective and consistent project output mechanism. The mechanism will allow all stakeholders to track project progress and secure all information related to the project, to avoid interruptions.

3.10. Promotion of Physiological Effects

With the development of technology, many organizations become more connected via various software or interconnected solutions. This is at the same time advantageous and disadvantageous to internet users. The advantage is that the internet allows remote and fast communication among stakeholders, as well as facilitating smooth project execution. At the same time, the disadvantage is that every company, including those in the construction industry, uses e-mails or the internet, and these are the cyber attacker’s targets [28]. Al Amro [45] asserted that the promotion of physiological effects is included among the numerous disadvantages of cybercrime. The psychological effects involve the experience of persistent fear and worry, stress and mental disturbances, symptoms of depression, and social adjustment abnormalities, all of which can lead to chest tightness and breathing problems [45]. Moreover, Modic and Anderson [78] reveal that financial fraud victims experience the emotional effect of fraud more seriously than the effect of the actual financial impact. According to Deep et al. [3], many risks result from IT usage, resulting in poor construction quality and even litigation. These may have physiological effects such as extreme fatigue and illness [15,45], and psycho-social effects such as occupational disability, impaired mental capacity, and early retirement [15].

3.11. Compromised Project and Employee Data

At the present time, everyone has access to the internet for any activity or purpose. These activities involve obtaining information, ways of communicating, moments of leisure, shopping, e-social activities, education, financial transactions, application for jobs, file-share services, and downloads [79]. Although the online service helps people in their day-to-day lives, it also increases vulnerabilities, enhances data risk problems (negative changes to data) or exposes sensitive information to attackers [9]. Because of cyberattacks, companies’ and personnels’ sensitive information is vulnerable and can be easily accessed or compromised [80]. Therefore, good data security needs to be implemented in the construction sector to avoid effects like these. To achieve a long-time use of digital devices, the address of ethical considerations that come with the variety of digital technologies need to be put in place [9]. This is possible through the use of data management and security with the ability to retrieve, store and transmit data through different applications to detect various data risks and avoid negative financial consequences and information losses [73].
Based on the discussion above, internet-related risks affect project execution, and no risk type is more important than the other as depicted in Figure 1. All the risks must be considered at the same level because they can cause negative effects. Thus, during the execution of a project, non-internet-related risks and internet-related risks need to be managed, to minimize project failure. For instance, when vandalism occurs onsite, the cost will increase, as more materials must be purchased to finish the work. In addition, if data are modified without permission, resulting in rework, this will increase the project cost. However, most professionals are more aware of non-internet-related risks, due to the nature of the industry from inception. Hence, there is a need to create awareness so that they can take internet-related- (data) risks with the same seriousness. Reminding professionals about data risk is a great step toward achieving successful projects.

4. Materials and Methods

This research study preferred a quantitative method to a qualitative one, as the large sample size in the chosen research area could be properly covered in a comparatively short period. The targeted population for this research work was professional quantity surveyors, architects, engineers, construction project managers, construction managers and IT professionals practising for a firm or institution within the Gauteng province, South Africa. This choice was based on their level of knowledge and experience in contributing to this work’s research objectives, and they were selected from their respective professional bodies. Due to COVID-19 restrictions and rules, the respondents were contacted online. A total of 215 professionals were contacted, but only 181 responses were retrieved. This research project was approved by the Faculty Ethics and Plagiarism Committee (FEPC) of the Faculty of Engineering and the Built Environment (FEBE) at the University of Johannesburg (UJ), with approval number UJ-FEBE-FEPC-00246. A random sampling technique was used in carrying out this research, because this sampling technique ensures that each part and set of individuals has an equivalent possibility of being incorporated into the sample. The data collection tool applicable to this research work was a well-structured questionnaire that provided the respondents with variables to rank, based on their knowledge and opinions. In addition, closed-ended questions were used on the questionnaire to facilitate ease of administration and analysis. A five-point Likert scale was used to evaluate the effects of risks to data management on the performance of construction projects. Statistical software for social sciences (SPSS) was used to analyse the retrieved data. The data was analysed using mean item score (MIS), a nonparametric test and exploratory factor analysis (EFA). Descriptive statistics were adopted to analyse the respondents’ demographic information, while the MIS was used to rank variables based on the participants’ opinions. The Kruskal-Wallis H test was used to test the existing relationship or considerable variance in smaller respondent groups [81]. In addition, the EFA was used to bring together information regarding the interrelationships among the identified variables of this study. Survey reliability refers to a research tool’s consistency, dependability, or stability level (questionnaire). In this study, Cronbach’s alpha was used for reliability measurement, and the result revealed an alpha value of 0.934, which was close to 1.0, as recommended for reliability measurement [81]. This study contributes to the body of knowledge by assessing the effects of data management risks applicable to the construction industry with a focus on non-internet- and internet-related risks. The study adopted literature from other industries to give a background to data management risks due to the lack of similar studies in the built environment. The study also adopted an EFA approach to classify the effects based on their interrelationships, which has not been adopted in similar studies across all industries. A pictorial representation of the adopted research methodology is shown in Figure 2.

5. Findings and Discussion

5.1. Biographical Data Results

The findings relating to respondents’ professional affiliations revealed that all respondents were qualified to answer the specifically designed questionnaire for this study because they had the necessary educational qualifications, as shown in Table 1. The findings also showed that respondents had sufficient experience to provide suitable responses to achieve the research study objectives, as 86% of respondents had experience ranging from 1-5 years to 20 years in the construction industry. In addition, 100% of the respondents chose at least one of the six professional affiliation options.

5.2. Mean Item Score and Non-Parametric Test for Effects of Risks to Data Management on the Performance of Construction Projects

Based on the literature review, 20 variables were identified as being the effects of risks to data management on the performance of construction projects. These variables were ranked by respondents and subjected to the Kruskal-Wallis H test to ascertain if the six groups of respondents (architects, quantity surveyors, engineers, construction managers, construction project managers and IT professionals) had the same opinion or not. The results are presented in Table 2. According to the respondents, ‘loss of construction project data’ was ranked first, with a mean item score (M) of 4.17, a Kruskal-Wallis H of 19.934 and asymp. Sig. value of 0.011; ‘loss of confidential information’ was ranked second (M = 4.12; Kruskal-Wallis H = 12.230; asymp. Sig. value = 0.141); ‘company’s image and reputation harm’ was ranked third (M = 4.11; Kruskal-Wallis H = 16.653; asymp. Sig. value = 0.034). ‘Promotes physiological effects’ was ranked seventeenth (M = 3.85; Kruskal-Wallis H = 8.924; asymp. Sig. value = 0.349); ‘project abandonment due to lack of credible data’ was ranked nineteenth (M = 3.77; Kruskal-Wallis H = 16.695; asymp. Sig. value = 0.033), and finally ‘inability to submit tenders’ was ranked the lowest (M = 3.64; Kruskal-Wallis H = 6.300; asymp. Sig. value = 0.614).
Non-parametric tests revealed that twelve factors significantly differed in the opinions of the nine respondents. These factors included loss of construction project data, company image and reputation harm, and extortion. For example, quantity surveyors ranked the loss of construction project data as low, compared with the other eight groups of participants. In contrast, architects and electrical engineers ranked the harm to the company’s image and reputation as high. Furthermore, mechanical engineers ranked ‘extortion’ lower than the other eight groups, while ‘financial losses’ was ranked high by architects and industrial engineers, compared with the other seven groups. Results from the findings showed that the highest-rated effect of risks to data management on the performance of construction projects were ‘loss of construction project data’, ‘loss of confidential information’, and ‘company’s image and reputation harm’.
Similarly, White and Murray [56] found that loss of construction project data is a major effect of data management risks. Loss of construction project data occurs whenever cyber attackers succeed in penetrating the company’s system, where they might delete or modify important information from the system or files. This affects the overall construction work performance, disrupting the initial contract’s framework. Buch et al. [61] also found that a loss of confidential information was among the highest-rated effects of risks to data management. This specific effect happens when intruders take private information from the company’s computers or databases without authorization. White and Murray [56] also note that the company’s image and reputation harm is a major bearer of the risks to data management that the construction industry encounters. When attackers gain access to information that can portray the company’s deficiencies, this can be exposed to the market and result in a loss of customers. Companies will then have to find ways to improve their reputation, such as dropping service prices, to regain clients. According to Arcuri et al. [74], compromising company trade secrets is a major effect of data management risks. All data types must be protected, including intellectual property rights such as trademarks, trade secrets, copyrights, and industrial product design brands [75]. Protecting this information is essential to strengthening the construction company to avoid extortion. Trade information is particularly sensitive data, as competitors always try to get rival companies’ trade secrets, to take control of the market. Salkoswki’s work supports the finding of this study, that extortion is also one of the main effects of risks to data management. Extortion is the practice of demanding large amounts of money or valuable items to keep the obtained information secret [77].

5.3. Exploratory Factor Analysis for Effects of Risks to Data Management on the Performance of Construction Projects

An exploratory factor analysis (EFA) was carried out on the 20 effects of risks to data management in construction identified from the literature review. This EFA was used to bring together information regarding the interrelationships among the group variables [81]. Before performing the EFA, the suitability of the data for FA was conducted. Pallant [81] stresses that the correlation matrix should display coefficients of r = 0.3 or above to determine the variables’ factorability. A careful examination of the correlation matrix indicated that all the coefficients were greater than 0.3. Eiselen et al. [82] note that to proceed with EFA, the KMO is also used to indicate the adequacy of the distribution of values. The condition for a KMO measure of sampling adequacy value to be retained for factor analysis is that it should not be less than 0.6, and Bartlett’s test of Sphericity should be statistically significant at p less than 0.05. The KMO measure of adequacy attained a value of 0.834, and Bartlett’s test of sphericity a p-value of 0.000. Figure 3 shows the scree plot with both factors with eigenvalues superior and inferior to one.
All the factors with eigenvalues above one are displayed on the steep slope of the plot, while the rest of the factors with eigenvalues inferior to one are represented on the gradual trail of the plot. Four factors had eigenvalues above 1, and represented the clusters interpreted for this factor analysis (FA), as shown in Table 3. In addition, these clusters were subjected to direct oblimin rotation. The direct oblimin choice was based on the relationship of the 20 variables. The factor cluster report is shown in Table 3, where the twenty identified variables are factored into four clusters. The clusters are explained based on the perceived characteristic relationship among the variables:
The seven variables loaded onto component 1 were ‘promotes physiological effects’ (84.9%), ‘extortion’ (78.9%); ‘financial losses’ (78.4%); ‘company’s image and reputation harm’ (67.1%); ‘hardware and software destruction’ (47.3%); ‘loss of stakeholders’ confidence’ (45.8%); and ‘compromise of company employees’ data’ (43%), with an overall percentage of variance of 45.135%, as shown in Table 3. These variables are all connected to the failure of the company. Thus, they can be named ‘company’s downfall’.
Four variables loaded onto this cluster were ‘poor information quality due to incompleteness’ (86.8%); ‘mistrust of project data’ (84.7%); ‘interruption of project timeline due to loss of data’ (80%), and ‘loss of confidential information’ (57.6%). This cluster had an overall percentage of variance of 9.713 %, and was ranked as the second classification of effects of data management risks on the performance of construction projects. The above-listed variables are labelled ‘loss of sensitive data’ because they address the effect of losing project data.
Four variables linked to the opposition of good project undertaking were loaded onto the third cluster (component 3). These variables include ‘project execution interruption’ (76.9%); ‘cost overrun on overheads’ (75.4%); ‘inability to submit tenders’ (62.2%); and ‘reduction of competitive advantage’ (56.2%), with an overall percentage of variance of 7.854%, as shown in Table 3. Based on their relationship, this cluster was named ‘project execution constraints’.
The last cluster was termed ‘company’s data exposition’ because all five variables were loaded onto it. The loaded variables in this cluster were ‘project abandonment due to lack of credible data’ (−81.5%); ‘compromise of occupied building security (infrastructure)’ (−78.3%); ‘loss of construction project data’ (−75.4%); ‘compromise of company trade secrets’ (−60.4%); and ‘time wastage (interruption of project advancement due to locked system)’ (−54.5%), and they show an overall percentage of variance of 6.070%.
Four-factor clusters were obtained after using the EFA to establish the correlation patterns in the data set. The negative values observed in the result indicate that the variables must be interpreted inversely. This does not, however, exempt them from the constructs [83]. From the factor analysis, four factors emerged, and they are discussed as follows:
Component 1–company’s downfall: the findings from the results indicated that these items had a high significance rate in the company’s downfall, especially because they promote physiological effects, the issue of extortion and financial loss. Symantec [84] supports this finding by stating that risks to data management affect people socially and psychologically in a given area or environment. At the same time, Modic and Anderson [78] also note the serious emotional effect on financial fraud victims. Thus, by putting in place data management techniques that will prevent these risks from occurring, the construction industry will avoid the stresses that affect those working in the industry, especially those related to extortion. According to De Bruijn and Janssen [64], financial losses represent a data management risk. This is because intruders lock or block the computer screen and file system or even delete the different files, and ask for a large amount of money in exchange for information files. Derbez and Fouque [85] posit that hardware and software destruction is ranked high as an effect of data management risks. Hackers may be looking for a company’s sensitive data to destroy or modify or even damage the hardware, as a way of data destruction.
Component 2–loss of sensitive information: the findings from the results indicated that all the items were highly significant. Similarly, Bishop [57] interprets that poor information quality due to incompleteness impacts construction projects negatively. Modifying or reducing data information due to various data risks may also lead to poor data quality, resulting in confusion and stakeholder disputes. Mistrust of the quality of project data, which scored high in these findings, was also considered a significant effect of data management risks by Mallik et al. [58]. When someone believes they are communicating with another stakeholder when it is a hacker, the confusion can make construction professionals lack trust in the data provided through electronic means or ICT tools. Shi and Saleem [52] and Arcuri et al. [74] identify project timeline interruption due to data loss as a risk of not managing data effectively. Kikwasi [53] states that the main reasons for project interruption are suspensions, stakeholders’ non-payment, and schedule slippage, among others. This is explained by the fact that whenever a large amount of money is stolen from a company due to various data risks, there will be no funds to pay the workers. Therefore, there will be a work stoppage. According to Maggi et al. [86] and Arcuri et al. [74], the loss of confidential information is an effect of not managing data risk. The more the use of network resources grows, the more attacks on the network increase, resulting in lost sensitive information and confidential data and viruses spreading in networks and computers [29]. Luo [8] states that business leaders must not minimize any type of risk, because one of the main goals of businesses that operate globally is risk management [8]. Construction contracts are also businesses. Adekunle et al. [87] further opine that when there is no systematic management of construction information, there will be re-occurrence of loss of data in construction procedures.
Component 3–project execution constraints: project execution interruption is also noted as an effect of the risks in data management by Kikwasi [53]. Shi and Saleem [52] state that attackers are looking for the electronic falsification of every means of communication (e-mail, SMS, and social networking sites). Therefore, construction professionals must be careful concerning data exchange, because manipulating the transmitted information can interrupt project execution. The participants of this study stated that cost overruns on the company’s overheads significantly affected data management risks. This is also noted as a concerning effect by De Bruijn and Janssen [64] and Deo and Farik [66]. The risks are there as hackers are motivated by money, and actions such as locking the computer screen until they are paid can affect the finance of a construction company or a project [66]. Another effect of data management risks is the inability to submit tenders. Odlyzko [71] supports this finding. Because of the time needed to correct the damage to a computer system, it is important to consider and manage these risks effectively. As Roy et al. [66] remind us, it is a short-time investment for the attacker, but the victim must spend hours or days solving the problem. With 56.2%, the reduction of competitive advantage was noted as a significant effect by the participants in this study. The KPMG [60] states that companies that neglect the management of data do experience difficulties in identifying key insights or creating business models, but also spend more compared with rival organisations on cleansing data, building knowledge management, and dealing with issues resulting from faulty data. Bishop [57] and White and Murray [56] also point to this as an effect. Because hackers look for information they can sell to rival companies, this risk affects construction companies’ success by exposing the methods, formulas and instruments they have, to rival companies. They can then use these at a cheaper price and take over the market.
Component 4–company’s data exposition: as with the respondents in this study, Dave [62] posits project abandonment due to lack of credible data as a major effect of data management risk. Activities that hackers perform include the falsification of e-mails, text messages, voice-over-internet protocols, and social networking sites [52]. The confusion, disputes, and the need to rework construction that may result from this, can lead to project abandonment. De Bruijn and Janssen [64] also found that the infrastructure of an occupied building could be compromised, and support the view of the participants in this study. Innovations in Engineering and Technology [67] state that when attackers gain access to information about a plan from BIM, it compromises the security features and alarm systems and opens up the possibility of the building security being under threat once the construction is completed. This has obvious effects, such as putting the occupants’ lives in danger. Professionals working on construction projects need to be vigilant about this serious effect which can occur if the data has not been managed and protected. Time wastage resulting from an interruption of project advancement due to a locked system is another significant effect of data risk not being managed well, which is supported by the literature [50,51]. Efficient time management is crucial for construction projects to be successfully managed to the client’s satisfaction. As discussed under component 3, the amount of time needed to sort out issues such as information recovery when it has been damaged or destroyed by an attacker, can affect time management adversely. The care needed to manage the data and protect it from risks will ensure that all of the necessary information is available easily and efficiently for the project [51].

6. Implication of Study

The theoretical review is consistent with the empirical findings of this research study. Based on the ranking of the variables carried out by the respondents in the South African construction industry, loss of construction project data is the most notable effect of data management risk that construction professionals face in the construction industry. This makes the project inactive, due to unavailable or incomplete data. Loss of confidential information is also among the top effects because employees’ and company data is deleted or modified. After the project’s and employees’ data is stolen, the weaknesses and strengths of the company are exposed to rival companies. This can result in harm to the company’s image and reputation. The compromise of a company’s trade secrets is among the effects that cost the construction industry, because the stolen data will reveal to the public all the success formulas the company uses, which is very disadvantageous. Extortion is another effect which occurs when attackers possess the company’s important data, and stakeholders do not want their information to be exposed. Attackers might request a large amount of money from stakeholders for the company’s data secrets. Therefore, professionals in the construction industry must be aware of the possible effects of the attackers’ actions and be conscious of the effect these will have on their projects and the companies they work for.
Moreover, in line with the Kruskal-Wallis H non-parametric test results, we can conclude that quantity surveyors do not consider the loss of construction project data as a measure of the effect of bad risk data management. The results of this study will add to the existing project risk management consideration of the internet-related (data) risks that have consequences on the project. Furthermore, this work will also change how professionals think, by reassuring them that no industry is untouchable regarding data risks.

7. Conclusions and Recommendation

From the inception of the construction industry, risks have been in existence. However, they have become worse through the use of the internet, which gives hackers room to operate, and adversely affects the targeted project or organization. This study set out to assess the effects of data management risks on construction project performance through the collection of data from built environment professionals in South Africa. The findings reveal that the noticeable effects of data risks are loss of construction project data, loss of confidential information, harm to company image and reputation, compromise of company trade secrets, extortion, interruption of the project timeline, loss of data, and financial losses. It is worthy of note that the reviewed literature indicate that the use of the internet does not eliminate the non-internet-related risks, but amplifies them, as they affect the overall project success. Therefore, the contribution to the body of knowledge on the effects of data management risks from this study is expected to encourage professionals to pay attention to data management in the construction industry.
This study consequently recommends that stakeholders bear in mind the fact that the use of the internet and electronic devices is not attack-free. Thus, applying each step of data management to enforce the security and protection of their data is necessary. It is also recommended that the effect of data management risks be explained to construction workers, from top management employees to subcontractors and the client. In this era, everyone, without exception, uses the internet, especially for communication purposes. If these effects are understood properly, some mistakes will be avoided, as everyone will be involved in protecting and managing data. Having a strong knowledge of data management risks effects is a step that encourages employee involvement in protecting both the company and project data for a good and pleasant working environment. Moreover, training sessions should be implemented to explain the different cyber attackers’ approaches that can affect project data.

Author Contributions

Conceptualization, O.T., O.A. and C.A.; methodology, O.T. and O.A.; software, O.T. and C.A.; validation, O.A., C.A., A.O. and S.A.; formal analysis, O.T. and A.O.; investigation, O.T. and O.A.; resources, C.A. and O.A.; data curation, O.T. and O.A.; writing—original draft preparation, O.T. and A.O.; writing—review and editing, O.A. and S.A.; supervision, O.A. and C.A. All authors have read and agreed to the published version of the manuscript.

Funding

The authors would like to acknowledge the financial support provided by the National Research Foundation, South Africa, to fund this research.

Institutional Review Board Statement

This study was conducted in accordance with the approval of the Faculty Ethics and Plagiarism Committee (FEPC) of the Faculty of Engineering and the Built Environment (FEBE) at the University of Johannesburg (UJ), with approval number UJ-FEBE-FEPC-00246 on 15/11/2020.

Informed Consent Statement

Informed consent was obtained from all subjects involved in the study.

Data Availability Statement

Anonymized data is available from the corresponding author upon written request to the provided emails, and subject to review.

Conflicts of Interest

On behalf of all authors, the corresponding author states that there are no conflict of interest.

References

  1. Khan, R.A. Role of construction sector in economic growth: Empirical evidence from Pakistan economy. In Proceedings of the First International Conference on Construction in Developing Countries (ICCIDC), Karachi, Pakistan, 4–5 August 2008. [Google Scholar]
  2. Boadu, E.F.; Wang, C.C.; Sunindijo, R.Y. Characteristics of the construction industry in developing countries and its implications for health and safety: An exploratory study in Ghana. Int. J. Environ. Res. Public Health 2020, 17, 4110. [Google Scholar] [CrossRef] [PubMed]
  3. Deep, S.; Bhoola, V.; Verma, S.; Ranasinghe, U. Identifying the risk factors in real estate construction projects: An analytical study to propose a control structure for decision-making. J. Financ. Manag. Prop. Constr. 2021, 27, 220–238. [Google Scholar] [CrossRef]
  4. Milford, R. Public capacity payment and procurement issues should be a challenge to the operations of contractors in South Africa. In Proceedings of the Fifth Built Environment Conference of the Association of Schools of Construction of Southern Africa, Durban, South Africa, 18–20 July 2010. [Google Scholar]
  5. Boateng, A.; Ameyaw, C.; Mensah, S. Assessment of systematic risk management practices on building construction projects in ghana. Int. J. Constr. Manag. 2020, 1–10. [Google Scholar] [CrossRef]
  6. Tanga, O.; Akinradewo, O.; Aigbavboa, C.; Thwala, D. Usage of Cloud Storage for Data Management in the Built Environment. In Advances in Artificial Intelligence, Software and Systems Engineering; Ahram, T.Z., Karwowski, W., Kalra, J., Eds.; Springer: Cham, Switzerland, 2021; Volume 271, pp. 465–471. [Google Scholar] [CrossRef]
  7. Abu-Reishah, L.; Hiyassat, M.A. The severity of design-construction interface risks in jordanian construction industry. Int. J. Constr. Manag. 2021, 1–9. [Google Scholar] [CrossRef]
  8. Luo, Y. A general framework of digitization risks in international business. J. Int. Bus. Stud. 2022, 53, 344–361. [Google Scholar] [CrossRef] [PubMed]
  9. Zscheischler, J.; Brunsch, R.; Rogga, S.; Scholz, R.W. Perceived risks and vulnerabilities of employing digitalization and digital data in agriculture–Socially robust orientations from a transdisciplinary process. J. Clean. Prod. 2022, 358, 132034. [Google Scholar] [CrossRef]
  10. Raptis, T.P.; Passarella, A.; Conti, M. Data management in industry 4.0: State of the art and open challenges. IEEE Access 2019, 7, 97052–97093. [Google Scholar] [CrossRef]
  11. Tanga, O.T.; Aigbavboa, C.O.; Akinradewo, O.I.; Thwala, D.W.; Onyia, M. Construction Digitalisation Tools in South African Construction Industry: An Added Advantage. IOP Conf. Ser. Mat. Sc. Eng. 2021, 1107, 012230. [Google Scholar] [CrossRef]
  12. Dama International. The DAMA Guide to the Data Management Body of Knowledge (DAMA-DMBOK). Technics Publications. 2009. Available online: https://www.academia.edu/19992490/The_DAMA_Guide_to_the_Data_Management_Body_of_Knowledge_First_Edition (accessed on 30 June 2022).
  13. Jing, H.; Xiaohui, Y.; Kai, Z.; Chen, G. Data Sharing and Innovative Utilization: A Study on Shenzhen’s Multi-Actor Interaction Mechanism of Smart City Construction. China City Plan. Rev. 2021, 30, 33–42. [Google Scholar]
  14. Green, P.E. Enterprise Risk Management: A Common Framework for the Entire Organization; Butterworth-Heinemann: Oxford, UK, 2015. [Google Scholar]
  15. Pham, H.T.; Pham, T.; Truong Quang, H.; Dang, C.N. Supply chain risk management research in construction: A systematic review. Int. J. Constr. Manag. 2022, 1–11. [Google Scholar] [CrossRef]
  16. Lainjo, B. Network security and its implications on program management. Int. J. Saf. Secur. Eng. 2020, 10, 739–746. [Google Scholar] [CrossRef]
  17. Tang, X.Y.; Jiang, Y.N.; Jian, J. Fuzzy comprehensive evaluation for it project risk management. In Applied Mechanics and Materials; Trans Tech Publications Ltd.: Bäch, Switzerland, 2012. [Google Scholar]
  18. Górecki, J. Big data as a project risk management tool. In Risk Management Treatise for Engineering Practitioners; IntechOpen: London, UK, 2018. [Google Scholar]
  19. Tummala, R.; Schoenherr, T. Assessing and managing risks using the supply chain risk management process (SCRMP). Supply Chain Manag. Int. J. 2011, 16, 474–483. [Google Scholar] [CrossRef]
  20. Kuner, C.; Cate, F.H.; Millard, C.; Svantesson, D.J.B.; Lynskey, O. Risk management in data protection. Int. Data Priv. Law 2015, 5, 95–98. [Google Scholar] [CrossRef] [Green Version]
  21. Gray, J. Data Management: Past, Present, and Future. 1996. Available online: https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.40.1316&rep=rep1&type=pdf (accessed on 11 March 2021).
  22. Amusan, L.M.; Oloniju, L.I.; Akomolafe, M.; Makinde, A.; Peter, N.J.; Farayola, H.; Osawaru, F.A.I.T.H. Adopting information and communication technology in construction industry. Int. J. Mech. Eng. Technol. 2018, 9, 739–746. [Google Scholar]
  23. Poltavtseva, M.A. Evolution of data management systems and their security. In Proceedings of the 2019 International Conference on Engineering Technologies and Computer Science (EnT), Moscow, Russia, 26–27 March 2019; pp. 25–29. [Google Scholar] [CrossRef]
  24. Huhnt, W.; Richter, S.; Wallner, S.; Habashi, T.; Krämer, T. Data management for animation of construction processes. Adv. Eng. Inform. 2010, 4, 404–416. [Google Scholar] [CrossRef]
  25. IBM. Data Warehouse, 2020. Available online: https://www.ibm.com/cloud/learn/data-warehouse (accessed on 12 September 2021).
  26. Konikov, A.; Kulikova, E.; Stifeeva, O. Research of the possibilities of application of the Data Warehouse in the construction area. In Proceedings of the MATEC Web of Conferences, Moscow, Russia, 14–16 November 2018. [Google Scholar] [CrossRef] [Green Version]
  27. Abraham, R.; Schneider, J.; vom Brocke, J. Data governance: A conceptual framework, structured review, and research agenda. Int. J. Inf. Manag. 2019, 49, 424–438. [Google Scholar] [CrossRef]
  28. Dimitrieska, S.; Stankovska, A.; Efremova, T. The Fourth Industrial Revolution: Advantages and disadvantages. Econ. Manag. 2018, 14, 182–187. [Google Scholar]
  29. Imran, M.; Ahmad, B. Role of firewall Technology in Network Security. Int. J. Innov. Advancem. Comp. Sc. 2015, 4, 3–6. [Google Scholar]
  30. Sony, M. Pros and cons of implementing Industry 4.0 for the organizations: A review and synthesis of evidence. Prod. Manuf. Res. 2020, 8, 244–272. [Google Scholar] [CrossRef]
  31. Zhang, N.; Yuan, Q. An Overview of Data Governance. Economics Paper. 2016. Available online: https://www.researchgate.net/profile/Zhang-Ning-25/publication/321899578 (accessed on 5 April 2021).
  32. Talha, M.; Abou El Kalam, A.; Elmarzouqi, N. Big data: Trade-off between data quality and data security. In Proceedings of the 9th International Symposuim on Frontiers in Ambient and Mobile Systems (FAMS), Leuven, Belgium, 29 April–2 May 2019; pp. 916–922. [Google Scholar] [CrossRef]
  33. Bhushan, B.; Sinha, P.; Sagayam, K.M.; Andrew, J. Untangling blockchain technology: A survey on state of the art, security threats, privacy services, applications and future research directions. Comput. Elec. Eng. 2021, 90, 106897. [Google Scholar] [CrossRef]
  34. Sherman, R. Business Intelligence Guidebook: From Data Integration to Analytics; Morgan Kaufmann: Burlington, MA, USA, 2014; pp. 65–68. [Google Scholar]
  35. Inmon, W.H.; Linstedt, D.; Levins, M. Data Architecture: A Primer for the Data Scientist; Academic Press: Cambridge, MA, USA, 2019; pp. 1–5. [Google Scholar]
  36. Taleb, I.; Serhani, M.A.; Dssouli, R. Big data quality: A survey. In Proceedings of the 2018 IEEE International Congress on Big Data (BigData Congress), Seattle, WA, USA, 10–13 December 2018; pp. 166–173. [Google Scholar] [CrossRef]
  37. Ibrahim, A.; Mohamed, I.; Satar, N.S.M. Factors Influencing Master Data Quality: A Systematic Review. Int. J. Adv. Comput. Sci. Appl. 2021, 12, 181–192. [Google Scholar] [CrossRef]
  38. Rosa, A.T.R.; Pustokhina, I.V.; Lydia, E.L.; Shankar, K.; Huda, M. Concept of electronic document management system (EDMS) as an efficient tool for storing document. J. Crit. Rev. 2019, 6, 85–90. [Google Scholar] [CrossRef]
  39. Forcada Matheu, N. Life Cycle Document Management System for Construction. Ph.D. Thesis, Polytechnic University of Catalonia, Barcelona, Spain, 2005. [Google Scholar]
  40. Oztaysi, B. A Decision Model for Information Technology Selection Using AHP Integrated TOPSIS-Grey: The Case of Content Management Systems. Knowledge-Based Systems. 2005. Available online: https://www.sciencedirect.com/science/article/pii/S0950705114000598 (accessed on 5 May 2021).
  41. IBM. Data Modeling, 2020. Available online: https://www.ibm.com/cloud/learn/data-modeling (accessed on 21 September 2021).
  42. Ponniah, P. Data Modeling Fundamentals: A Practical Guide for IT Professionals; John Wiley and Sons: New York, NY, USA, 2008; pp. 5–12. [Google Scholar]
  43. Dokuchaev, V.A.; Maklachkova, V.V.; Statev, V.Y. Classification of personal data security threats in information systems. J. T-Comm 2020, 14, 56–60. [Google Scholar] [CrossRef]
  44. Bulgurcu, B.; Cavusoglu, H.; Benbasat, I. Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. Manag. Inform. Syst. Q. 2010, 34, 523–548. [Google Scholar] [CrossRef] [Green Version]
  45. Al Amro, S. How safe is governmental infrastructure: A Cyber Extortion and Increasing Ransomware Attacks Perspective. Int. J. Compt. Sci. Inform. Sec. 2020, 18, 79–82. [Google Scholar]
  46. Alhayani, B.; Abbas, S.T.; Khutar, D.Z.; Mohammed, H.J. Best ways computation intelligent of face cyberattacks. Mater. Today Proc. 2021; In press. [Google Scholar] [CrossRef]
  47. Bendovschi, A. Cyber-attacks–trends, patterns and security countermeasures. In Proceedings of the Economics and Finance, Wadham College, Oxford, UK, 13–14 April 2015; pp. 24–31. [Google Scholar] [CrossRef] [Green Version]
  48. Tepeli, E.; Taillandier, F.; Breysse, D. Multidimensional modelling of complex and strategic construction projects for a more effective risk management. Int. J. Constr. Manag. 2021, 21, 1218–1239. [Google Scholar] [CrossRef]
  49. Project Management Institute (PMI). A Guide to the Project Management Body of Knowledge, 4th ed.; Project Management Institute: Newtown Square, PA, USA, 2008; pp. 353–354. [Google Scholar]
  50. Al-Qahtani, S.; Baymout, M. Measuring Results of Project Management Triangle Constraints: The Case of Engineering Building at Effat University. PalArch’s J. Archaeol. Egypt/Egyptol. 2021, 18, 293–300. [Google Scholar]
  51. Pawlak, P.; Wendling, C. Trends in cyberspace: Can governments keep up? Environ. Syst. Decis. 2013, 33, 536–543. [Google Scholar] [CrossRef]
  52. Shi, J.; Saleem, S. Computer Security Research Reports: Phishing, 2012. Available online: https://www2.cs.arizona.edu/~collberg/Teaching/466-566/2014/Resources/presentations/2012/reports.pdf (accessed on 2 January 2021).
  53. Kikwasi, G. Causes and effects of delays and disruptions in construction projects in Tanzania. Australas. J. Constr. Econ. Build-Conf. Ser. 2012, 1, 52–59. [Google Scholar] [CrossRef]
  54. Amina, M.N.; Idiake, J.E.; Kasimu, A.M. Appraisal of causes and effects of delayed payment on building construction projects delivery in Niger state. Collaboration for Sustainable Development in the Built Environment. In Proceedings of the International Conference of Environmental Sciences, ICES 2019, Kwara State, Nigeria, 29–30 April 2019; pp. 192–200. [Google Scholar]
  55. Das, M.; Saraswathi, S.; Panda, R.; Mishra, A.K.; Tripathy, A.K. Exquisite Analysis of Popular Machine Learning–Based Phishing Detection Techniques for Cyber Systems. J. Appl. Sec. Res. 2021, 16, 538–562. [Google Scholar] [CrossRef]
  56. Murray, R. A Cybersecurity Risk in the Construction Industry. Available online: https://www.dhgllp.com/Portals/0/ResourceMedia/publications/construction-cybersecurity.pdf (accessed on 10 October 2020).
  57. Bishop, M. Computer Security: Art and Science; Addison-Wesley Professional: Boston, MA, USA, 2003; pp. 1–10. [Google Scholar]
  58. Mallik, A.; Ahsan, A.; Shahadat, M.; Tsou, J. Man-in-the-middle-attack: Understanding in simple words. Int. J. Data. Net. Sci. 2019, 3, 77–92. [Google Scholar] [CrossRef]
  59. Kosutic, D.; Pigni, F. Cybersecurity: Investing for Competitive Outcomes. Available online: https://www.emerald.com/insight/content/doi/10.1108/JBS-06-2020-0116 (accessed on 11 September 2021).
  60. KPMG. What Can Proper Data Management Do for You? 2020. Available online: https://home.kpmg/ch/en/home/services/advisory/management-consulting/enterprise-applications/data-management-solutions.html (accessed on 2 February 2022).
  61. Buch, R.; Ganda, D.; Kalola, P.; Borad, N. World of Cyber Security and Cybercrime. RE Trends Program. Lang. 2017, 4, 18–23. [Google Scholar]
  62. Dave, K.T. Brute-force Attack; Seeking but Distressing. Int. J. Innov. Eng. Technol. 2013, 2, 75–78. [Google Scholar]
  63. Kemp, S.; Buil-Gil, D.; Moneva, A.; Miró-Llinares, F.; Díaz-Castaño, N. Empty streets, busy internet: A time-series analysis of cybercrime and fraud trends during COVID-19. J. Contemp. Crim. Just. 2021, 37, 480–501. [Google Scholar] [CrossRef]
  64. De Bruijn, H.; Janssen, M. Building cybersecurity awareness: The need for evidence based framing strategies. Gov. Inform. Q. 2017, 34, 1–7. [Google Scholar] [CrossRef]
  65. Direction, S. Investing in cybersecurity: Gaining a competitive advantage through cybersecurity. J. Bus. Strat. 2021, 37, 19–21. [Google Scholar] [CrossRef]
  66. Deo, S.; Farik, M. Information security: Recent attacks in Fiji. Int. J. Sci. Technol. Res. 2016, 5, 218–220. [Google Scholar]
  67. The Institute of Engineering Technology (IET). Building Information Modelling (BIM): Addressing the Cyber Security Issues. Available online: https://www.theiet.org/media/1222/bim-cyber.pdf (accessed on 18 October 2020).
  68. Losonczi, P. Importance of dealing with cybersecurity challenges and cybercrime in the senior population: Security dimensions. Int. Natl. Stud. 2018, 26, 173–186. [Google Scholar] [CrossRef]
  69. Roy, S.; Nag, S.; Maitra, I.K.; Bandyopadhyay, S.K. A Review on Automated Brain Tumor Detection and Segmentation from MRI of Brain. Int. J. Adv. Res. Comput. Sci. Softw. Eng. 2013, 3, 1706–1746. [Google Scholar]
  70. Gunkel, D.J. Hacking Cyberspace; Routledge: New York, NY, USA, 2018; pp. 1–28. [Google Scholar]
  71. Odlyzko, A. Cybersecurity is not very important. Ubiquity 2019, 2019, 1–23. [Google Scholar] [CrossRef] [Green Version]
  72. Tehranipoor, M.; Wang, C. (Eds.) Introduction to Hardware Security and Trust; Springer Science & Business Media: Berlin/Heidelberg, Germany, 2011. [Google Scholar]
  73. Mohammad, S.M. Risk Management in Information Technology. Int. J. Innov. Eng. Res. Technol. (IJIERT) 2020, 7, 373–381. [Google Scholar] [CrossRef]
  74. Arcuri, M.C.; Brogi, M.; Gandolfi, G. How does cybercrime affect firms? The effect of information security breaches on stock returns. In Proceedings of the First Italian Conference on Cybersecurity (ITASEC17), Venice, Italy, 17–20 January 2017; pp. 175–193. [Google Scholar]
  75. Bondarenko, T.G.; Isaeva, E.A.; Orekhov, S.A.; Soltakhanov, A.U. Optimisation of the company strategic management system in the context of economic instability. Eur. Res. Stud. J. 2017, 20, 3–24. [Google Scholar]
  76. Mabunda, S. Cyber Extortion, Ransomware and the South African cybercrimes and cybersecurity bill. Statut. Law Rev. 2019, 40, 143–154. [Google Scholar] [CrossRef]
  77. Sulkoswki, A.J. Cyber-Extortion: Duties and Liabilities Related to the Elephant in the Server Room. 2007. Available online: https://core.ac.uk/download/pdf/204280298.pdf (accessed on 5 July 2020).
  78. Modic, D.; Anderson, R. It’s All over but the crying: The emotional and financial impact of internet fraud. IEEE Sec. Priv. 2015, 13, 99–103. [Google Scholar] [CrossRef]
  79. Kisa. Purpose of Internet Use. 2011. Available online: http://isis.kisa.or.kr/eng (accessed on 2 August 2020).
  80. Valuch, J.; Gábriš, T.; Hamuľák, O. Cyber-attacks, information attacks, and postmodern warfare. Baltic J. Law Pol. 2017, 10, 63–89. [Google Scholar] [CrossRef] [Green Version]
  81. Pallant, J. SPSS Survival Manual: A Step-by-Step Guide to Data Analysis Using SPSS Windows, 3rd ed.; Open University Press: Maidenhead, UK, 2007. [Google Scholar] [CrossRef]
  82. Eiselen, R.; Uys, T.; Potgieter, T. Analysing Survey Data Using SPSS13, 3rd ed.; University of Johannesburg: Johannesburg, South Africa, 2007. [Google Scholar]
  83. Akinradewo, O.; Aghimien, D.; Aigbavboa, C.; Onyia, M. Factors influencing the adoption of insurance as a risk treatment tool by contractors in the construction industry. Int. J. Const. Manag. 2020, 22, 2484–2492. [Google Scholar] [CrossRef]
  84. Symantec. Norton Cybercrime Report: The Human Impact, 2010. Available online: https://www.symantec.com/content/en/us/home_homeoffice/media/pdf/cybercrime_report/Norton_USA-Human%20Impact-A4_Aug4-2.pdf (accessed on 2 September 2020).
  85. Derbez, P.; Fouque, P.A.; Leresteux, D. Meet-in-the-Middle and Impossible Differential Fault Analysis on AES. In Cryptographic Hardware and Embedded Systems—CHES 2011. CHES 2011; Preneel, B., Takagi, T., Eds.; Lecture Notes in Computer Science; Springer: Berlin/Heidelberg, Germany, 2011; pp. 274–291. [Google Scholar] [CrossRef] [Green Version]
  86. Maggi, F.; Volpatto, A.; Gasparini, S.; Boracchi, G.; Zanero, S. A fast eavesdropping attack against touchscreens. In Proceedings of the 2011 7th International Conference on Information Assurance and Security (IAS), Malacca, Malaysia, 5–8 December 2011; pp. 320–325. [Google Scholar] [CrossRef] [Green Version]
  87. Adekunle, P.; Aigbavboa, C.; Akinradewo, O.; Oke, A.; Aghimien, D. Construction Information Management: Benefits to the Construction Industry. Sustainability 2022, 14, 11366. [Google Scholar] [CrossRef]
Sustainability 14 12793 g001 550
Figure 1. Risks factors in construction projects (Authors’ idea from reviewed literature).
Figure 1. Risks factors in construction projects (Authors’ idea from reviewed literature).
Sustainability 14 12793 g001
Sustainability 14 12793 g002 550
Figure 2. Research Methodology Adopted (Authors’ idea).
Figure 2. Research Methodology Adopted (Authors’ idea).
Sustainability 14 12793 g002
Sustainability 14 12793 g003 550
Figure 3. Scree plot of the effect of data management risks on construction project performance.
Figure 3. Scree plot of the effect of data management risks on construction project performance.
Sustainability 14 12793 g003
Table
Table 1. Background information of respondents.
Table 1. Background information of respondents.
Educational QualificationFrequencyPercent
Doctorate137.2
Masters5429.8
Honours3117.1
Bachelor5832.1
Post-matric certificate2513.8
Total181100.0
Professional affiliationFrequencyPercent
Construction project manager2513.8
Construction manager3619.9
Engineer2714.9
Quantity surveyor4927.1
Architect158.3
IT Professional2916.0
Total181100.0
Experience of respondentFrequencyPercent
Less than 12 months2513.8
1 to 5 years6737.0
6 to 10 years5128.2
11 to 15 years2513.8
16 to 20 years137.2
More than 20 years00.0
Total181100.0
Table
Table 2. Mean item score and non-parametric test for effects of risks to data management on the performance of construction projects.
Table 2. Mean item score and non-parametric test for effects of risks to data management on the performance of construction projects.
FactorxKruskal-Wallis HAsymp. Sig. R
Loss of construction project data4.1719.9340.0111
Loss of confidential information4.1212.2300.1412
Company’s image and reputation harm4.1116.6530.0343
Compromise of company’s trade secrets4.0510.9230.2064
Extortion4.0217.8200.0235
Interruption of project timeline due to loss of data4.007.4390.4906
Financial losses4.0023.1250.0036
Compromise of company employees’ data3.9816.8370.0328
Loss of stakeholders’ confidence3.9525.2050.0019
Hardware and software destruction3.9512.0780.1489
Cost overrun on company’s overheads3.9412.4430.13311
Compromise of occupied building security (infrastructure)3.9416.9300.03111
Time wastage (interruption of project advancement due to locked system)3.9321.3200.00613
Poor information quality due to incompleteness3.9320.6860.00813
Mistrust of project data3.9321.5090.00613
Project execution interruption3.899.0450.33916
Reduction of competitive advantage3.8518.4270.01817
Promotion of physiological effects3.858.9240.34917
Project abandonment due to lack of credible data3.7716.6950.03319
Inability to submit tenders3.646.3000.61420
Note: x = Mean item score; R = Rank.
Table
Table 3. Effects of Data Management Risks on The Performance of Construction Projects.
Table 3. Effects of Data Management Risks on The Performance of Construction Projects.
Cluster Factor GroupingsEigenvalues% of Variance1234
FACTOR 1–company’s downfall9.02745.135
Promotes physiological effects 0.849
Extortion 0.789
Financial losses 0.784
Company’s image and reputation harm 0.671
Hardware and software destruction 0.473
Loss of stakeholders’ confidence 0.458
Compromise of company employees’ data 0.430
FACTOR 2–Loss of sensitive information1.9439.713
Poor information quality due to incompleteness 0.868
Mistrust of project data 0.847
Interruption of project timeline due to loss of data 0.800
Loss of confidential information 0.576
FACTOR 3–project execution constraints1.5717.854
Project execution interruption 0.769
Cost overrun on overheads 0.754
Inability to submit tenders 0.622
Reduction of competitive advantage 0.562
FACTOR 4–company’s data exposition1.2146.070
Project abandonment due to lack of credible data −0.815
Compromise of occupied building security (infrastructure) −0.783
Loss of construction project data −0.754
Compromise of company trade secrets −0.604
Time wastage (interruption of project advancement, due to locked system) −0.545
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Tanga, O.; Akinradewo, O.; Aigbavboa, C.; Oke, A.; Adekunle, S. Data Management Risks: A Bane of Construction Project Performance. Sustainability 2022, 14, 12793. https://doi.org/10.3390/su141912793

AMA Style

Tanga O, Akinradewo O, Aigbavboa C, Oke A, Adekunle S. Data Management Risks: A Bane of Construction Project Performance. Sustainability. 2022; 14(19):12793. https://doi.org/10.3390/su141912793

Chicago/Turabian Style

Tanga, Ornella, Opeoluwa Akinradewo, Clinton Aigbavboa, Ayodeji Oke, and Samuel Adekunle. 2022. "Data Management Risks: A Bane of Construction Project Performance" Sustainability 14, no. 19: 12793. https://doi.org/10.3390/su141912793

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop