A CONCEPTUAL VISION OF ENTERPRISE RISK MANAGEMENT MODELS

Izaias Otacilio da Rosa, Leonardo Ensslin, Sandra Rolim Ensslin
DOI: https://doi.org/10.5329/RECADM.20111002009

Abstract

Throughout the evolutionary process world security consolidated as preponderant factor of success for the various segments, aggregating value to social development, economic and technological development. The demands arising from the scenarios of violence, common to major centers of population, promoted the allocation of efforts with a view to the protection of resources tangible and intangible, highlighting the need of reasoned planning for the management of risks which may to hit negatively in organizational environments. In this context, the objective of this research is to build a systemic analysis of a theoretical reference showing the academic and empirical knowledge more relevant in the area of risks management to security organization. With this purpose, from a process structured, held searches to access journals available through the portal of CAPES, reaching a theoretical composed for 17 publications aligned to this subject. The publications that integrate the theoretical this research were analyzed in 07 criteria: [1] the concept of risk; [2] the concept of risk analysis; [3] the dossiers submitted to identify the aspects to be taken into account in risk analysis; [4] the procedures used to measure the degree of risk; [5] the procedures used to determine the level of anchoring the scales of measuring the degree of risk; [6] the procedures used to integrate the scales to the degree of overall risk; and [7] the procedures to build actions of processing. With this, it was possible to identify the state of art for these seven aspects and for best practice propose referrals to promote their improvement.


Keywords

Risk management; Organizational security; Systemic analysis; Performance evaluation


Compartilhe


References


Baybutt, P. (2002). Assessing risks from threats to process plants: Threat and vulnerability analysis. Process Safety Progress, 24(4), 269-275. http://dx.doi.org/10.1002/prs.680210403

Biringer, B. E., Matalucci, R. V., & O’connor, S. L. (2007). Security Risk Assessment and Management: A professional practice guide for protecting buildings and infrastructures. New Jersey: John Wiley & Sons.

Brasiliano, A. C. R. (2003). Manual de Análise de Riscos para a Segurança Empresarial. São Paulo: Sicurezza.

Broder, J. F. (2006). Risk Analysis and the Security Survey (3ª ed.). Boston: Butterworth Heinemann.

Cardella, B. (1999). Segurança no trabalho e prevenção de acidentes – uma abordagem holística. São Paulo: Atlas.

Davis, A. (2005). Return on security investment – proving it's worth it. Network Security, 11, 8-10. http://dx.doi.org/10.1016/S1353-4858(05)70301-9

Ensslin, L., & Ensslin, S. (2008). [Notas de Aula da Disciplina MCDA III].

Ensslin, L., & Ensslin, S. (2009). Processo de Indicadores para Avaliação de Desempenho. Paper presented at the Ciclo De Debates: Avaliação De Políticas Públicas, Florianópolis.

Ensslin, L., Giffhorn, E., Ensslin, S. R., Petri, S. M., & Vianna, W. B. (2010). Avaliação do Desempenho de Empresas Terceirizadas com o Uso da Metodologia Multicritério de Apoio à Decisão- Construtivista. Revista Pesquisa Operacional, 30(1), 125-152.

Ensslin, L., Montibeller, G., & Noronha, S. M. (2001). Apoio à Decisão: metodologia para estruturação de problemas e avaliação multicritério de alternativas. Florianópolis: Insular.

Fink, D. (1995). IS security issues for the 1990s: implications for management. Jounal of Systems Management, 46(2), 46-49.

Fischer, R. J., & Green, G. (2004). Introduction to security (7th ed.). Boston: Elsevier.

Gerber, M., & Von Solms, R. (2001). From Risk Analysis to Security Requirements. Computers & Security, 20(7), 577-584. http://dx.doi.org/10.1016/S0167-4048(01)00706-4

Gil, A. C. (1999). Métodos e Técnicas de Pesquisa Social. São Paulo: Atlas.

Iudicibus, S. (2004). Teoria da Contabilidade. São Paulo: Atlas.

Keeny, R. L. (1992). Value-Focused Thinking: a path to creative decision making. Cambridge: Harvard University Press.

Keeny, R. L. (1996). Value focused thinking: Identifying decision opportunities and creating alternatives. European Journal of Operational Research, 92, 537-549. http://dx.doi.org/10.1016/0377-2217(96)00004-5

Mina, C. (2001). Segurança empresarial. São Paulo: Sicurezza.

Moore, D. A. (2006). Application of the API/NPRA SVA methodology to transportation security issues. Jounal of Hazardous Materials, 130(1-2), 107-121. http://dx.doi.org/10.1016/j.jhazmat.2005.07.042. PMid:16171946

Parker, D. B. (2007). Risks of risk-based security. Communications of the ACM, 50(3). http://dx.doi.org/10.1145/1226736.1226774

Petri, S. M. (2005). Modelo para apoiar a avaliação das abordagens de gestão de desempenho e sugerir aperfeiçoamentos: sob a ótica construtivista. Doutorado Tese, Universidade Federal de Santa Catarina, Florianópolis.

Richardson, R. J., Peres, J. A. S., Wanderley, J. C. V., Correia, L. M., & Peres, M. H. M. (1999). Pesquisa Social. Métodos e Técnicas. São Paulo: Atlas.

Norma de gestão de riscos (2002).

Roper, C. A. (1999). Risk Management for Security Professionals. Boston: Butterworth Heinemann.

Roy, B. (2006). Multicriteria Methodology for Decision Aiding. Dordrecht: Kluwer Academic Publishers.

Seguros, A. A. L. A. d. A. d. R. e. (2005). Aspectos Gerais da Administração de Riscos. Associação de Riscos e Seguros Ibero americana, 6, 22-26.

ISO/IEC CD Guide 73: Risk management - vocabulary (2002).

ISO 31000: Principles and guidelines on implementation (2009).

AS/NZS 4360:2004: Risk management (2004).

Suh, B., & Han, I. (2003). The IS risk analysis based on a business model. Information & Management, 41, 149-158. http://dx.doi.org/10.1016/S0378-7206(03)00044-2

Superior, C.-C. d. A. d. P. d. N. (2009). Portal de Periódicos CAPES Retrieved 21/12/2009, from http://www.peridodicos.capes.org.br

Van Wyk, R., Bowen, P., Akintoye, A. (2008). Project risk management practice: The case of a South African utility company. International Journal of Project Management, 26(2), 149-163. http://dx.doi.org/10.1016/j.ijproman.2007.03.011

Zamith, J. L. C. (2007). Gestão de riscos & prevenção de perdas um novo paradigma para a segurança nas organizações. Rio de Janeiro: FGV.




Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.