Innovative Approach to Conceptual Design of Enterprise Risk Management Software

The paper shows the integration of the theoretical and practical aspects of designing an ERM software tool. The basic idea of the designed ERM is conceived in the form of an algorithm using the integration of ISO 3100, the COSO framework, the risk matrix designed according to the risk appetite of the observed company, quantitative and qualitative models for risk assessment, and the generation of consequences and mitigating measures for each identified risk. Methodologies for risk assessment in the presented ERM include the following: For business risks, questionnaires were generated for different business areas (from knowledge bases) and the assessment was conducted according to risk matrices. Workplace risk is assessed according to the Kinney method, while technical risks are assessed according to the API 580, 581 standard. Software is created to outbalance problems of all types of risk that may arise regardless of the complexity of the business and the risk itself. The algorithm, model and software were developed and successfully tested in two Serbian companies.