【正文】 they are more willing to learn from one another and to adjust to cultural and other differences or idiosyncrasies. Collaboration involves trust and partner predictability which are functions of both individual and collective business behaviors critical in establishing collaboration relationships, managing shared processes, handling critical exceptions, and in fostering innovation. (SCMCouncil, 2020) Risk identification and analysis must therefore identify risks to trust. Major problems arise in failure of effective collaboration in vision (failure to establish mon goals), management (failure to establish or use patible technical and business processes), project deposition and integration (failure to establish proper boundaries between ponents), munication (failure to establish channels, protocols, and expectations for munication, so that all parties are confident that important munication will occur, while protecting property rights and security), and/or culture and trust (failure to establish familiarity with collaborating anizations both technical staff and management and their cultures). 2. Culture Cultural differences, whether social or anizational, are a significant source of mistrust. Among other problems, these differences may foster tendencies toward opportunism and may lead in turn to misuse of power. The social nature of knowledge and learning implies that culture and language will affect how people craft and share knowledge with other members of the anization. Moreover, social, professional, and anizational cultures will each have noticeable and distinct but interacting effects. Culture also affects employees39。 requirements and technical environment management support, etc Source Which activities or constrains cause the problem? Product definition, business impact/environment, process definition, development environment, innovation, staff skills/training, legal/regulatory Definiteness Degree of risk Definiteness Known in advance? Known, predictable, unpredictable, unknowable Level How likely to arise? Estimated probability range Impact How serious if occurs? Negligible to significant to catastrophic Scope How much affected? Isolated ponent to subsystem to entire system Location of effects Diver What business aspects are most affected? Market, performance, support environment, cost, schedule, deployment, relationships Type How does it manifest? Functional specification/expectation Performance or other extrafunctional requirements Schedule, budget, process pliance Collaborative impact Contagion Where are the effects? Intraanizational, interface, global Trust How is ongoing cooperation/trust affected? Unaffected, recoverable, damaged, unrecoverable In addition, risk analysis must address the ongoing relationship between partners, rather than just the success of a single product or project. This overarching concern for collaboration and ongoing relationships introduces two new risk dimensions (and a new dimension group), as shown at the bottom of Table 3: ? Contagion (and risk confinement): Many risks, even those occurring within a single anization, may have effects beyond the anization. Where a risk cannot be confined to a single anization, it must be addressed collaboratively. ? Trust: Once collaboration has deteriorated, it is difficult or impossible to restore a good working relationship. Each risk must be examined for its potential effects on existing relationships. Collaborative software development also impacts the support activities in Table 1: ? Risk munication: Risk information has to be municated to multiple anizations, and risk information from multiple anizations must be correlated. ? Risk planning, RMMM review, and responsibility for managing project risks: When there are interanizational effects, there is no clear decisionmaking entity and central authority to administer and manage the RMMM effort. Ⅳ PRINCIPLES OF COLLABORATIVE RISK MANAGEMENT Successful collaboration requires collaborationaware management, intra and interanizationally. This entails collaborationaware risk management, which is an extension of traditional risk management as well as teambased risk management (Higuera et al., 1994, Higuera et al., 1994a): In the continuing application of the risk management process to large software development programs, the most dramatic effect has been in opening the munication channels for dialogues within anizations relating to risk and risk management. In addition to the usual benefits of a rigorous approach to risk management, collaborative risk management may itself be an important early step in establishing trust and handling cultural and language problems. Cultural familiarity and trust have consistently been identified among the top four important success factors in collaboration (Powell et al., 2020). Thus, a new and different set of munication protocols, standards, policies, and strategies are needed to ? Help with establishment and growth of trust ? Evaluate the suitability and adequacy of management and IT processes for support of both technical and social aspects of interteam and interanizational munication ? Address anizational, social, cultural, linguistic, and legal/regulatory differences ? Manage or at least monitor disagreements over power and responsibility among anizations ? Decrease conflict and define norms ? Let information flow effortlessly, timely, and precisely ? Define adequate software development practices, standards, rules, and environments for distributed crossanizational software development efficiency and alignment We generalize the above needs into risk management principles for CSD. As shown in Table 4, risk management for CSD includes traditional risk management principles, teambased (and distributed) risk manag