social computing tools for risk management

Upload: wacastel

Post on 06-Apr-2018

215 views

Category:

Documents


0 download

TRANSCRIPT

  • 8/3/2019 Social Computing Tools for Risk Management

    1/23

    Social Computing Tools

    for Inter-organizationalRisk Management

    Walter Castelnovo

    Department of Informatics and CommunicationUniversity of Insubria (Italy)[email protected]

  • 8/3/2019 Social Computing Tools for Risk Management

    2/23

    SUAP One Stop Shop for Production Activities (in Italy)

    Case study: the cooperation context

    SUAP a single point of access to services and

    information for business offered by differentpublic authorities.

    1

    1. municipalities are put in charge of the functioning of the SUAP,that could also be shared by different municipalities;

    2. the SUAP must give or deny a final authorization within a fixedterm defined by the law, having previously acquired all therequired authorizations from the competent agencies

  • 8/3/2019 Social Computing Tools for Risk Management

    3/23

    SUAP the new Italian legislation

    Case study: the cooperation context

    new measures have been defined, in order to favour the

    In 2010 the Italian Government took new initiatives tomake it easier starting, transforming or closing a business:

    1

    complete digitalisation of inter-agencies communications andworkflows

    the procedures for starting, transforming or closing a

    business have been simplified by turning the currentlegislation from the traditional ex ante authorization regimeinto an ex-post controls regime.

  • 8/3/2019 Social Computing Tools for Risk Management

    4/23

    SUAP The ex-post controls regime

    Case study: the cooperation context

    Upon registering the SCIA (Certified Communication of the

    start of a business) the SUAP has to operate all therequired controls within an interval of time defined by the

    law (60 days).

    1

    If any of the controls detects some inadequacy, then thebusiness can be stopped:

    - temporally until the inadequacy will be removed

    - definitively, if the inadequacy can not be removed

    otherwise it can operate without requiring any further

    authorizations.

  • 8/3/2019 Social Computing Tools for Risk Management

    5/23

    SUAP The problem with the new legislation

    Case study: the cooperation context

    Small municipalities, as well as other public agencies

    involved in the SUAPs activities, suffer from the lack ofresources (especially human resources, competences andskills)

    1

    People that should perform the ex post controls are likelyto be also allocated to other activities; thus, they couldhave difficulties to promptly operate the required controlson a given SCIA.

  • 8/3/2019 Social Computing Tools for Risk Management

    6/23

    CONDITIONS FOR THE RISING OF RISKS

    Risk Management

    1. some choice or decision is required

    2. there must be some uncertainty with respect to theeventual outcome

    2

    3. there must be a potential loss associated with asituation

  • 8/3/2019 Social Computing Tools for Risk Management

    7/23

  • 8/3/2019 Social Computing Tools for Risk Management

    8/23

    THE TEAM RISK MANAGEMENT (TRM) MODEL(Software Engineering Institute - Carnegie Mellon University)

    Inter-organizational Risk Management 2

  • 8/3/2019 Social Computing Tools for Risk Management

    9/23

    The controls that must be operated by the SUAP most oftenconcern matters on which different public agencies havecompetences. This determines two relevant consequences:

    Inter-organizational Risk Managementfor the SUAP

    2

    1. the decisions should be shared among all the agenciesinvolved

    2. all these agencies should coordinate their control

    activities, since a possible delay in one agencys activitycould have consequences on the final result of theprocessing of a SCIA.

  • 8/3/2019 Social Computing Tools for Risk Management

    10/23

  • 8/3/2019 Social Computing Tools for Risk Management

    11/23

    1. BASELINE RISK ASSESSMENT

    AIMS:

    evaluate the potentialrisks involved

    Inter-organizational Risk Managementfor the SUAP

    2

    plan the execution ofthe control activities

  • 8/3/2019 Social Computing Tools for Risk Management

    12/23

    2. TEAM REVIEW

    AIMS:

    To allow the partners

    to jointly evaluate the

    Inter-organizational Risk Managementfor the SUAP

    2

    a shared risk evaluation.

    to determine what is themore adequate risktreatment strategy to

    assume

  • 8/3/2019 Social Computing Tools for Risk Management

    13/23

    3. CONTINUOUS PROCESSES

    Action planningredefine the partnerspriorities

    tracking and control

    Inter-organizational Risk Managementfor the SUAP

    2

    routine risk identification and

    analysisidentify new risks arising during

    the partners day to day

    activities

    monitor the results of the riskhandling actions implemented

  • 8/3/2019 Social Computing Tools for Risk Management

    14/23

    PROBLEM

    Secondary risks

    Risk treatment itself can introduce risks. These secondaryrisks should be handled.

    Possible problems with the TRM model

    3

    risks should be handled at the interorganizational level

    repeated execution of the team review process

    TRM

    MODEL

  • 8/3/2019 Social Computing Tools for Risk Management

    15/23

    PROBLEM

    (i) what risk management processes can be made moreefficient and effective, and how this can be done;

    3Possible problems with the TRM model

    (ii) what technologies and tools can be used to make theseprocesses more effective and efficient, both at the intra-organizational and at the inter-organizational level.

  • 8/3/2019 Social Computing Tools for Risk Management

    16/23

    3

    HOW TOMAKETHEBASELINERISK

    Possible problems with the TRM model

    ASSESSMENTMOREEFFICIENTAND

    EFFECTIVE

  • 8/3/2019 Social Computing Tools for Risk Management

    17/23

    3

    HOW TOMAKETHETEAMREVIEW

    Possible problems with the TRM model

    MOREEFFICIENTANDEFFECTIVE

  • 8/3/2019 Social Computing Tools for Risk Management

    18/23

    4

    SOCIAL COMPUTING TOOLS

    Social Computing tools for interorganizationalRisk Management

  • 8/3/2019 Social Computing Tools for Risk Management

    19/23

    4Social Computing tools for interorganizationalRisk Management

    A1 - Identify the experts toinvolve in the evaluationof the SCIA

    a. browsing social networkprofiles

    TOOLS SUPPORTING THE BASELINE RISK ASSESSMENT

    A2 promptly inform them thattheir advise is needed

    .

    for help

    c. Automatically generating aRSS feed

  • 8/3/2019 Social Computing Tools for Risk Management

    20/23

    4Social Computing tools for interorganizationalRisk Management

    A3 support risk evaluation bygiving access to relevantinformation

    a. Sharing information through

    a Blog

    b. Sharing the informationcontained in jointly created

    TOOLS SUPPORTING THE BASELINE RISK ASSESSMENT

    WIKIs

    A4 collect the experts advices

    a. Posting comments (riskevaluations) on a Blog

    b. Uploading documents on ashared workspace

  • 8/3/2019 Social Computing Tools for Risk Management

    21/23

    4Social Computing tools for interorganizationalRisk Management

    B1 sharing the decisions

    a. Discussing each partner

    decision on a Blog,possibly integrated withpolling mechanisms

    TOOLS SUPPORTING THE TEAM REVIEW

    face-to-face meetings b. Sharing the informationcontained in jointly createdWIKIs

  • 8/3/2019 Social Computing Tools for Risk Management

    22/23

    4Social Computing tools for interorganizationalRisk Management

    B2 promptly informing the

    partners of the occurrence ofsecondary risks

    a. Posting a targeted

    Microblog

    b. AutomaticallyB3 rom tl informin the

    TOOLS SUPPORTING THE TEAM REVIEW

    B4 coordinating among thepartners the execution of therisk handling actions

    Discussion on a Blogto achieve a sharedplanning

    genera ng afeed

    managers of what they haveto do and when

  • 8/3/2019 Social Computing Tools for Risk Management

    23/23

    4Social Computing tools for interorganizationalRisk Management

    The best practices show that the highest chances of success

    for the adoption of Social Computing tools depend on:1. the application of these tools to the core activities of the

    organization

    CONCLUSIONS

    . e r n egra on w n ex s ng wor ows

    Risk management is a central component of any

    organisations strategic management

    The adoption of the new participatory technologies and toolswithin the TRM is such that the Social Computing tools aredirectly integrated within existing workflows