Organizational risk management should not only rely on protecting data and information but also on protecting knowledge which is underdeveloped in many cases or measures are applied in an uncoordinated, dispersed way. Therefore, we propose a consistent top-down translation from the organizational risk management goals to implemented controls to overcome these shortcomings. Our approach adopted from the domain of IT security management allows to measure how well knowledge protection is actually pursued in organizations. This affects organizations' abilities to prove compliance to risk management standards, laws, guidelines, or frameworks and creates transparency throughout the whole knowledge protection processes. After introducing our integrated risk management framework, we demonstrate how the technical part of the framework can be implemented by using process mining in a case study of an Italian aerospace company.
An Integrated Risk Management Framework: Measuring the Success of Organizational Knowledge Protection / S. Thalmann, M. Manhart, P. Ceravolo, A. Azzini. - In: INTERNATIONAL JOURNAL OF KNOWLEDGE MANAGEMENT. - ISSN 1548-0666. - 10:2(2014), pp. 28-42. [10.4018/ijkm.2014040103]
An Integrated Risk Management Framework: Measuring the Success of Organizational Knowledge Protection
P. Ceravolo;A. Azzini
2014
Abstract
Organizational risk management should not only rely on protecting data and information but also on protecting knowledge which is underdeveloped in many cases or measures are applied in an uncoordinated, dispersed way. Therefore, we propose a consistent top-down translation from the organizational risk management goals to implemented controls to overcome these shortcomings. Our approach adopted from the domain of IT security management allows to measure how well knowledge protection is actually pursued in organizations. This affects organizations' abilities to prove compliance to risk management standards, laws, guidelines, or frameworks and creates transparency throughout the whole knowledge protection processes. After introducing our integrated risk management framework, we demonstrate how the technical part of the framework can be implemented by using process mining in a case study of an Italian aerospace company.File | Dimensione | Formato | |
---|---|---|---|
AnIntegratedRiskManagementFramework.pdf
accesso riservato
Tipologia:
Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione
412.06 kB
Formato
Adobe PDF
|
412.06 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.