social computing tools for risk management
TRANSCRIPT
-
8/3/2019 Social Computing Tools for Risk Management
1/23
Social Computing Tools
for Inter-organizationalRisk Management
Walter Castelnovo
Department of Informatics and CommunicationUniversity of Insubria (Italy)[email protected]
-
8/3/2019 Social Computing Tools for Risk Management
2/23
SUAP One Stop Shop for Production Activities (in Italy)
Case study: the cooperation context
SUAP a single point of access to services and
information for business offered by differentpublic authorities.
1
1. municipalities are put in charge of the functioning of the SUAP,that could also be shared by different municipalities;
2. the SUAP must give or deny a final authorization within a fixedterm defined by the law, having previously acquired all therequired authorizations from the competent agencies
-
8/3/2019 Social Computing Tools for Risk Management
3/23
SUAP the new Italian legislation
Case study: the cooperation context
new measures have been defined, in order to favour the
In 2010 the Italian Government took new initiatives tomake it easier starting, transforming or closing a business:
1
complete digitalisation of inter-agencies communications andworkflows
the procedures for starting, transforming or closing a
business have been simplified by turning the currentlegislation from the traditional ex ante authorization regimeinto an ex-post controls regime.
-
8/3/2019 Social Computing Tools for Risk Management
4/23
SUAP The ex-post controls regime
Case study: the cooperation context
Upon registering the SCIA (Certified Communication of the
start of a business) the SUAP has to operate all therequired controls within an interval of time defined by the
law (60 days).
1
If any of the controls detects some inadequacy, then thebusiness can be stopped:
- temporally until the inadequacy will be removed
- definitively, if the inadequacy can not be removed
otherwise it can operate without requiring any further
authorizations.
-
8/3/2019 Social Computing Tools for Risk Management
5/23
SUAP The problem with the new legislation
Case study: the cooperation context
Small municipalities, as well as other public agencies
involved in the SUAPs activities, suffer from the lack ofresources (especially human resources, competences andskills)
1
People that should perform the ex post controls are likelyto be also allocated to other activities; thus, they couldhave difficulties to promptly operate the required controlson a given SCIA.
-
8/3/2019 Social Computing Tools for Risk Management
6/23
CONDITIONS FOR THE RISING OF RISKS
Risk Management
1. some choice or decision is required
2. there must be some uncertainty with respect to theeventual outcome
2
3. there must be a potential loss associated with asituation
-
8/3/2019 Social Computing Tools for Risk Management
7/23
-
8/3/2019 Social Computing Tools for Risk Management
8/23
THE TEAM RISK MANAGEMENT (TRM) MODEL(Software Engineering Institute - Carnegie Mellon University)
Inter-organizational Risk Management 2
-
8/3/2019 Social Computing Tools for Risk Management
9/23
The controls that must be operated by the SUAP most oftenconcern matters on which different public agencies havecompetences. This determines two relevant consequences:
Inter-organizational Risk Managementfor the SUAP
2
1. the decisions should be shared among all the agenciesinvolved
2. all these agencies should coordinate their control
activities, since a possible delay in one agencys activitycould have consequences on the final result of theprocessing of a SCIA.
-
8/3/2019 Social Computing Tools for Risk Management
10/23
-
8/3/2019 Social Computing Tools for Risk Management
11/23
1. BASELINE RISK ASSESSMENT
AIMS:
evaluate the potentialrisks involved
Inter-organizational Risk Managementfor the SUAP
2
plan the execution ofthe control activities
-
8/3/2019 Social Computing Tools for Risk Management
12/23
2. TEAM REVIEW
AIMS:
To allow the partners
to jointly evaluate the
Inter-organizational Risk Managementfor the SUAP
2
a shared risk evaluation.
to determine what is themore adequate risktreatment strategy to
assume
-
8/3/2019 Social Computing Tools for Risk Management
13/23
3. CONTINUOUS PROCESSES
Action planningredefine the partnerspriorities
tracking and control
Inter-organizational Risk Managementfor the SUAP
2
routine risk identification and
analysisidentify new risks arising during
the partners day to day
activities
monitor the results of the riskhandling actions implemented
-
8/3/2019 Social Computing Tools for Risk Management
14/23
PROBLEM
Secondary risks
Risk treatment itself can introduce risks. These secondaryrisks should be handled.
Possible problems with the TRM model
3
risks should be handled at the interorganizational level
repeated execution of the team review process
TRM
MODEL
-
8/3/2019 Social Computing Tools for Risk Management
15/23
PROBLEM
(i) what risk management processes can be made moreefficient and effective, and how this can be done;
3Possible problems with the TRM model
(ii) what technologies and tools can be used to make theseprocesses more effective and efficient, both at the intra-organizational and at the inter-organizational level.
-
8/3/2019 Social Computing Tools for Risk Management
16/23
3
HOW TOMAKETHEBASELINERISK
Possible problems with the TRM model
ASSESSMENTMOREEFFICIENTAND
EFFECTIVE
-
8/3/2019 Social Computing Tools for Risk Management
17/23
3
HOW TOMAKETHETEAMREVIEW
Possible problems with the TRM model
MOREEFFICIENTANDEFFECTIVE
-
8/3/2019 Social Computing Tools for Risk Management
18/23
4
SOCIAL COMPUTING TOOLS
Social Computing tools for interorganizationalRisk Management
-
8/3/2019 Social Computing Tools for Risk Management
19/23
4Social Computing tools for interorganizationalRisk Management
A1 - Identify the experts toinvolve in the evaluationof the SCIA
a. browsing social networkprofiles
TOOLS SUPPORTING THE BASELINE RISK ASSESSMENT
A2 promptly inform them thattheir advise is needed
.
for help
c. Automatically generating aRSS feed
-
8/3/2019 Social Computing Tools for Risk Management
20/23
4Social Computing tools for interorganizationalRisk Management
A3 support risk evaluation bygiving access to relevantinformation
a. Sharing information through
a Blog
b. Sharing the informationcontained in jointly created
TOOLS SUPPORTING THE BASELINE RISK ASSESSMENT
WIKIs
A4 collect the experts advices
a. Posting comments (riskevaluations) on a Blog
b. Uploading documents on ashared workspace
-
8/3/2019 Social Computing Tools for Risk Management
21/23
4Social Computing tools for interorganizationalRisk Management
B1 sharing the decisions
a. Discussing each partner
decision on a Blog,possibly integrated withpolling mechanisms
TOOLS SUPPORTING THE TEAM REVIEW
face-to-face meetings b. Sharing the informationcontained in jointly createdWIKIs
-
8/3/2019 Social Computing Tools for Risk Management
22/23
4Social Computing tools for interorganizationalRisk Management
B2 promptly informing the
partners of the occurrence ofsecondary risks
a. Posting a targeted
Microblog
b. AutomaticallyB3 rom tl informin the
TOOLS SUPPORTING THE TEAM REVIEW
B4 coordinating among thepartners the execution of therisk handling actions
Discussion on a Blogto achieve a sharedplanning
genera ng afeed
managers of what they haveto do and when
-
8/3/2019 Social Computing Tools for Risk Management
23/23
4Social Computing tools for interorganizationalRisk Management
The best practices show that the highest chances of success
for the adoption of Social Computing tools depend on:1. the application of these tools to the core activities of the
organization
CONCLUSIONS
. e r n egra on w n ex s ng wor ows
Risk management is a central component of any
organisations strategic management
The adoption of the new participatory technologies and toolswithin the TRM is such that the Social Computing tools aredirectly integrated within existing workflows