Novel Approach to Conceptual Design of Enterprise Risk Management Software
Listed in
This article is not in any list yet, why not save it to one of your lists.Abstract
The problem is how to create a comprehensive "tool", applicable to any company, which will allow to achieve multiple effects at the same time, such as adhering to the ISO 31000 procedure, connecting risks and company goals in the manner defined by the COSO framework (by connecting the elements of the organizational structure with the company goals), assessment of all types of risks that a company may face, including technical, enable decision support and given visualization of data and effects. Solving this general problem requires solving many specific problems such as the creation of a specific risk matrixes for each company that will express its risk appetite but also to give the possibility of a comprehensive overview of all possible types of consequences, linking entities one-to-many and many-to-one in order to link the elements of the organizational structure to the goals that can be and common to several units, the acquisition of potential risks based on the knowledge of external experts, which overcomes the limitation of insight from the company and introduces elements of artificial intelligence, the application of standards for the evaluation of technical risks such as EN 16991 or API 580, 581 etc. while enabling the management of the implementation project and evergreening in the future. Our research question is can an integral model be made that will solve the above problems in an integrated way. The goal is to create software that will support this solution and that will be practically applicable. Solving such a complex problem of connecting various theoretical and practical aspects required creation of a special algorithm for connecting project activities, risks, organizational structure, goals, knowledge, data management and software. The algorithm, model and software were developed and successfully tested in two Serbian companies.