Author:
Almeida Rafael,Teixeira José Miguel,Mira da Silva Miguel,Faroleiro Paulo
Abstract
Purpose
The purpose of this paper is to ease the ISO 31000 standard understanding and provide mechanisms that allow organizations to adopt and adapt this standard to their reality.
Design/methodology/approach
The research methodology adopted in this research was the design science research methodology.
Findings
Key finding is that enterprise architecture (EA) models and EA tools can help reduce the complexity of the ISO 31000 standard and improve the communication between stakeholders.
Practical implications
The research proposal serves the purpose of supporting the evidence collection for an enterprise risk management (ERM) initiative in an as-was, as-is, or to-be perspective.
Originality/value
Traditional ERM efforts operate on silos, limiting the sharing of risk information and the achievement of an organization-wide view of risks. EA can provide a common way to model complex business systems, from the strategic level to implementation details. This paper proposes the use of an EA model and an EA tool (Atlas) to represent ISO 31000, allowing a better understanding on the value of assets that can be affected from the manifestation of some risks over time.
Subject
Information Systems,Management of Technology and Innovation,General Decision Sciences
Reference42 articles.
1. Using Archimate to assess COBIT 5 and ITIL implementations,2016
2. Using ArchiMate to integrate COBIT 5 and COSO metamodels,2016
3. On the new ISO guide on risk management terminology;Reliability Engineering and System Safety,2011
4. The risk balls game: transforming risk and insurance into tangible concepts;Risk Management and Insurance Review,2001
Cited by
26 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献