RISK MANAGEMENT FRAMEWORK FOR IT-CENTRIC MICRO AND SMALL COMPANIES WITH MODEL FOR RISK ASSESSMENT
Journal
University-Industry Links: Coproducing Knowledge, Innovation & Growth
Date Issued
2017-08-31
Author(s)
Trajkovski, J
Abstract
There are many approaches to risk management, and the practice shows that they are
not suitable for IT-centric Micro Small and Medium Enterprises (MSME), but more
targeted to large and complex organizations. At the same time, the existing
approaches in isolation are aimed at a particular type of risk, not taking into account
that MSMEs need a more integrated approach that they could apply to various types of
risks they are exposed and in order to obtain adequate information for making quality
decisions for managing the companies. Based on field research and direct work with
companies, the issues and challenges identified for the IT-centric micro and small
companies are: need for encompassing various risks, limited resources for risk
management, and necessity for usable and comprehensive framework. The new
framework covers people, policy, methodology and process, and tools. The method for
assessment of risks is a hybrid one, as it was shown that MSME couldn’t sustain a
fully quantitative approach and as managers feel more confident with qualitative
estimates.
not suitable for IT-centric Micro Small and Medium Enterprises (MSME), but more
targeted to large and complex organizations. At the same time, the existing
approaches in isolation are aimed at a particular type of risk, not taking into account
that MSMEs need a more integrated approach that they could apply to various types of
risks they are exposed and in order to obtain adequate information for making quality
decisions for managing the companies. Based on field research and direct work with
companies, the issues and challenges identified for the IT-centric micro and small
companies are: need for encompassing various risks, limited resources for risk
management, and necessity for usable and comprehensive framework. The new
framework covers people, policy, methodology and process, and tools. The method for
assessment of risks is a hybrid one, as it was shown that MSME couldn’t sustain a
fully quantitative approach and as managers feel more confident with qualitative
estimates.
Subjects
File(s)![Thumbnail Image]()
Loading...
Name
ICEIRD2017-ProceedingsBook.pdf
Size
20.03 MB
Format
Adobe PDF
Checksum
(MD5):9cd3d0b55b549e0d7899a2e3647bfaca