🤖 AI Summary
High failure rates in data science projects stem primarily from the lack of integrated governance addressing technical, organizational, and ethical risks. This study employs a systematic literature review and cross-framework content analysis to compare mainstream risk management standards—including ISO 31000, PMBOK, NIST RMF, and CRISP-DM—assessing their adequacy across the data science lifecycle. It identifies critical structural gaps in handling data maturity, cross-functional collaboration, and socio-technical risk responsiveness. To address these limitations, the paper proposes an innovative “Governance–Monitoring–Ethics” triadic framework that transcends unidimensional risk models by embedding ethical review and continuous governance mechanisms directly into technical workflows and organizational practices. The resulting integrated risk management perspective supports responsible data practices and establishes a theoretical foundation for subsequent framework development and empirical validation. (149 words)
📝 Abstract
Data science initiatives frequently exhibit high failure rates, driven by technical constraints, organizational limitations and insufficient risk management practices. Challenges such as low data maturity, lack of governance, misalignment between technical and business teams, and the absence of structured mechanisms to address ethical and sociotechnical risks have been widely identified in the literature. In this context, the purpose of this study is to conduct a comparative analysis of the main risk management methodologies applied to data science projects, aiming to identify, classify, and synthesize their similarities, differences and existing gaps. An integrative literature review was performed using indexed databases and a structured protocol for selection and content analysis. The study examines widely adopted risk management standards ISO 31000, PMBOK Risk Management and NIST RMF, as well as frameworks specific to data science workflows, such as CRISP DM and the recently proposed DS EthiCo RMF, which incorporates ethical and sociotechnical dimensions into the project life cycle. The findings reveal that traditional approaches provide limited coverage of emerging risks, whereas contemporary models propose multidimensional structures capable of integrating ethical oversight, governance and continuous monitoring. As a contribution, this work offers theoretical support for the development of hybrid frameworks that balance technical efficiency, organizational alignment and responsible data practices, while highlighting research gaps that can guide future investigations.