Spelling suggestions: "subject:"enterprise risk"" "subject:"enterprise disk""
11 |
Gestão de riscos corporativos: um estudo multicaso sobre seus métodos e técnicas / Enterprise risk management: a multicase study about its methods and techniquesFerro, Daniel dos Santos 07 October 2015 (has links)
Esta pesquisa trata da gestão de riscos corporativos em empresas do setor não financeiro. Sabe-se que existem normas, ferramentas e métodos que auxiliam as empresas na gestão de seus riscos, entretanto verifica-se que há uma lacuna no que tange a impossibilidade de estabelecimento de um modelo padrão para gerir riscos, pois, uma metodologia única não seria capaz de abarcar as especificidades de cada empresa. Sendo assim, cada organização precisa desenvolver sua própria forma de gerir seus riscos, segundo o seu perfil, porte, setor e recursos disponíveis. Nesse sentido, o objetivo deste estudo é analisar o processo de gestão de riscos corporativos em empresas do setor não financeiro, buscando identificar quais são os aspectos fundamentais considerados para estruturação de uma área de riscos; descrever os elementos da análise do ambiente (interno e externo) no qual a empresa está inserida; e verificar quais são os principais agentes processos, metodologias, normas e ferramentas adotadas para gerir os riscos nessas empresas. Para tanto, este estudo foi desenvolvido a partir de uma pesquisa qualitativa e descritiva, baseada em estudo de casos múltiplos, que permitiu um aprofundamento na realidade organizacional das unidades de análise escolhidas com a finalidade de compreender como elas estruturam seu processo de gestão de riscos corporativos. Os resultados decorrentes da análise realizada nos mostram que as empresas estudadas demonstram um alinhamento com os principais direcionamentos apontados pela literatura para gerir riscos, divergindo apenas com relação a pontos particulares decorrentes de especificidades suas realidades organizacionais / This is a research about enterprise risk management in non-financial sector companies. There are rules, tools and methods that assist companies in managing their risks, however it turns out that there is a gap regarding the impossibility of establishing a standard model to manage risk, because a single methodology would not be able to deal with the specificities of each company. Consequently, each organization needs to develop its own way of managing their risks, according to his profile, size, industry and available resources. Accordingly, the main objective of this study is to analyze the process of enterprise risk management in non-financial sector companies in order to identify what are the key issues considered for structuring a risk area; describe the analysis of the environmental (internal and external) in which the company operates; and see which are the main agents, processes, methodologies, standards and tools used to manage risks in these companies. In order to achieve that, this study was developed from a qualitative and descriptive research, based on multiple case study, permitting a deep analysis of the organizational reality of the companies chosen; in order to understand how they structure their enterprise risk management process. The results show that in the studied companies demonstrate alignment with the main directions indicated in the literature to manage risks, differing only about particular issues arising from their specific organizational realities.
|
12 |
Riskhantering i projektbaserade organisationer : En jämförelse av svenska teknikkonsultföretagDahl, Jacob January 2018 (has links)
Riskhantering i projektbaserade organisationer - En jämförelse av svenska teknikkonsultföretag På 2000-talet har behovet av, och intresset för, riskhantering ökat. Riskerna ökar i projekt och inhyrda konsulter blir vanligare i teknikbranschen. Riskhanteringen blir unik i varje enskilt projekt, varför nya utmaningar kommer med varje nytt projekt. Det gör att det blir viktigt för teknikkonsulter att kunna hantera risker på ett effektivt sätt. Syftet med denna studie är att jämföra hur riskhantering skiljer sig mellan projektbaserade teknikkonsultföretag baserat på deras definition av risk. Hur skiljer sig riskhanteringen mellan stora teknikkonsultföretag? Risk kan definieras som positiv och negativ eller som enbart negativ. Utifrån tidigare studier har organisationens definition av risk, ledningens involvering i riskhantering och organisationens integrering av riskhantering identifierats som variabler för studiens analytiska ramverk. Denna kvalitativa studie är uppbyggd på semistrukturerade intervjuer med fyra personer från ledningsgrupper i teknikkonsultföretag för att jämföra likheter och skillnader i deras arbete. Hur en organisation definierar risk är inte avgörande för hur organisationens riskhantering ser ut. Inte heller påverkar det arbetet med hot och möjligheter. Att en organisation har en genomtänkt definition av risk hänger däremot nära samman med att organisationen har en genomtänkt riskhantering.
|
13 |
Diagnóstico de riscos operacionais em uma instituição financeira sob a perspectiva intervencionistaRicca, Edmilson Casagrande 04 February 2015 (has links)
Made available in DSpace on 2016-03-15T19:32:54Z (GMT). No. of bitstreams: 1
Edmilson Casagrande Ricca_NAO AUTORIZADO PARA DIVULGACAO (2).pdf: 1604795 bytes, checksum: f06462c7036409e7701977bb66df9910 (MD5)
Previous issue date: 2015-02-04 / In a global scenario, where transparency and trustworthiness have become more and more mandatory for financial institutions, the proper operational risk management has been the main concern of the financial sector due to the huge loss potential, the reputational risk and the consequences of financial scandals, with special mention to the financial crisis in 2008. Under these circumstances, this study s goal was to identify operational risks in a financial institution by setting a model of self-assessment for risks and controls - RCSA. The model was based on the concepts of ERM framework of COSO and was made feasible through the use of an interventionist approach. The research sought to diagnose the operational risks of the investigated company, providing data to the senior managers about each department, in order to enable them to do the proper mitigating actions in relation to those risks. As a consequence, an important supporting grind has been built for the corporation to strengthen its operational risks management before its headquarters and regulating offices. It is believed that the proposed stages applied during this study have contributed to the theoretical and practical model, making it a valuable tool for identifying the potential operational risks in the segment of the financial market. / Num cenário global, onde a demanda por transparência e confiabilidade em relação às instituições financeiras atinge proporções nunca antes alcançadas, o adequado gerenciamento de riscos operacionais tornou-se a maior preocupação deste segmento em razão do potencial de perdas elevado, risco de imagem e consequências de desastres financeiros recentes, com destaque para a crise de 2008. É nesse contexto que o presente estudo teve como objetivo principal fazer um diagnóstico de riscos operacionais em uma instituição financeira, através da construção de um modelo de autoavaliação de riscos e controles RCSA. O modelo foi fundamentado nos conceitos do framework ERM do COSO e viabilizado com a utilização da abordagem intervencionista. A pesquisa buscou identificar os riscos operacionais da empresa investigada, dando visibilidade à alta gerência sobre a exposição de cada departamento, permitindo que ações mitigadoras pudessem ser tomadas em relação àqueles. Consequentemente, foi construído um importante pilar de suporte para a instituição fortalecer seu gerenciamento de riscos operacionais perante sua matriz e regulador. Acredita-se que as etapas propostas aplicadas no decorrer do trabalho agregaram contribuição teórica e prática ao modelo, tornando esta uma valiosa ferramenta para identificar potenciais riscos operacionais no segmento do mercado financeiro.
|
14 |
Gestão de riscos corporativos: um estudo multicaso sobre seus métodos e técnicas / Enterprise risk management: a multicase study about its methods and techniquesDaniel dos Santos Ferro 07 October 2015 (has links)
Esta pesquisa trata da gestão de riscos corporativos em empresas do setor não financeiro. Sabe-se que existem normas, ferramentas e métodos que auxiliam as empresas na gestão de seus riscos, entretanto verifica-se que há uma lacuna no que tange a impossibilidade de estabelecimento de um modelo padrão para gerir riscos, pois, uma metodologia única não seria capaz de abarcar as especificidades de cada empresa. Sendo assim, cada organização precisa desenvolver sua própria forma de gerir seus riscos, segundo o seu perfil, porte, setor e recursos disponíveis. Nesse sentido, o objetivo deste estudo é analisar o processo de gestão de riscos corporativos em empresas do setor não financeiro, buscando identificar quais são os aspectos fundamentais considerados para estruturação de uma área de riscos; descrever os elementos da análise do ambiente (interno e externo) no qual a empresa está inserida; e verificar quais são os principais agentes processos, metodologias, normas e ferramentas adotadas para gerir os riscos nessas empresas. Para tanto, este estudo foi desenvolvido a partir de uma pesquisa qualitativa e descritiva, baseada em estudo de casos múltiplos, que permitiu um aprofundamento na realidade organizacional das unidades de análise escolhidas com a finalidade de compreender como elas estruturam seu processo de gestão de riscos corporativos. Os resultados decorrentes da análise realizada nos mostram que as empresas estudadas demonstram um alinhamento com os principais direcionamentos apontados pela literatura para gerir riscos, divergindo apenas com relação a pontos particulares decorrentes de especificidades suas realidades organizacionais / This is a research about enterprise risk management in non-financial sector companies. There are rules, tools and methods that assist companies in managing their risks, however it turns out that there is a gap regarding the impossibility of establishing a standard model to manage risk, because a single methodology would not be able to deal with the specificities of each company. Consequently, each organization needs to develop its own way of managing their risks, according to his profile, size, industry and available resources. Accordingly, the main objective of this study is to analyze the process of enterprise risk management in non-financial sector companies in order to identify what are the key issues considered for structuring a risk area; describe the analysis of the environmental (internal and external) in which the company operates; and see which are the main agents, processes, methodologies, standards and tools used to manage risks in these companies. In order to achieve that, this study was developed from a qualitative and descriptive research, based on multiple case study, permitting a deep analysis of the organizational reality of the companies chosen; in order to understand how they structure their enterprise risk management process. The results show that in the studied companies demonstrate alignment with the main directions indicated in the literature to manage risks, differing only about particular issues arising from their specific organizational realities.
|
15 |
Riskhantering under Covid-19 pandemin : En fallstudie om Enterprise Risk Management på Scania i OskarshamnLilja, Nellie, Hesselbom, Frida January 2021 (has links)
Magisteruppsats (4FE18E), Civilekonomprogrammet - Inriktning Controller, Ekonomihögskolan vid Linnéuniveristetet i Växjö, Vårterminen 2021. Titel: Riskhantering under Covid-19 pandemin - En fallstudie om Enterprise Risk Management på Scania i Oskarshamn Bakgrund: Riskhantering blev ett mycket aktuellt ämne efter finanskrisen 2008 till följd av identifierade svagheter i organisationers riskhanteringssystem. I den förändrade tid som var efter finanskrisen 2008 fick bland annat konceptet Enterprise Risk Management (ERM) mer uppmärksamhet att potentiellt lösa de problem organisationer hade med sina riskhanteringssystem. ERM till skillnad från traditionell riskhantering innefattar en mer systematisk och övergripande riskhantering som integrerar risk i företagsstrukturen och involverar alla individer i företaget. Tidigare forskning har påvisat relationen mellan intern riskstruktur och riskkultur som viktig för att genererar en effektiv riskhantering utifrån ERM. Däremot finns det ett forskningsgap hur dessa komponenter samverkar i praktiken för att funktionen av ERM. Syfte: Syftet med denna studie är att öka kunskapen om relationen mellan riskstruktur och riskkultur för funktionen av ERM. Detta genom en fallstudie på Scania för att beskriva och analysera arbetet med ERM under Covid-19 pandemin. Metod: Denna fallstudie är av kvalitativ karaktär med en deduktiv ansats vilket innebär att befintlig litteratur om ERM testas i praktiken. Studiens empiri är insamlad från semistrukturerade intervjuer med krisgruppen på Scania i Oskarshamn. Empiri samlades även in från enkäter besvarade av Scanias medarbetare för att förstå Scanias riskhantering utifrån ERM. Slutsats: Genom en kartläggning av Scanias riskhanteringsprocess och hur den uppmuntrar till en riskkultur präglad av ett högt säkerhetstänk gick det att identifiera följande områden där relationen mellan riskkultur och riskstruktur spelar en viktig roll för funktionen av ERM; Målsättning & Systematisk riskhantering, Uppmuntran till riskmedvetenhet, Värdet av riskhantering, Riskåtgärder & Förtroende för riskhantering, Information & kommunikation, Öppenhet & Transparens och Tonen uppifrån. Hur relationen mellan intern riskstruktur och riskkultur styrs i dessa områden har således en påverkan för effektiviteten av ERM. / Master thesis (4FE18E), Degree of Master of Science in Business and Economics - Controller, School of Business and Economics at Linnaeus University in Växjö, Spring semester 2021. Title: Risk Management during the Covid-19 pandemic - A case study about Enterprise Risk Management on Scania Background: Risk management became a topic after the financial crisis in 2008 as a result of identified weaknesses in organizations' risk management systems. The concept of Enterprise Risk management gained more attention after the financial crisis in 2008 as the solution to potentially solve the problems organizations had with their risk management systems. ERM, unlike the traditional risk management, includes a more systematic and comprehensive risk management that integrates risk into the structure of the company and involves all individuals in the company. Previous research has established the relationship between internal risk structure and risk culture as important for generating effective risk management based on ERM. However, there is a research gap on how these components interact in practice for the function of the ERM. Purpose: The purpose of this study is to increase knowledge about the relationship between risk structure and risk culture for the function of ERM. This through a case study at Scania to describe and analyze the work with Enterprise Risk Management during the Covid-19 pandemic. Method: This case study is of a qualitative nature with a deductive approach, which means that existing literature concerning ERM is tested in practice. The study's empirical data is collected from semi-structured interviews with the crisis group at Scania in Oskarshamn. Empirical data were also collected from surveys answered by Scania's employees to understand Scania's risk management based on ERM. Conclusion: Through a survey of Scania's risk management process and how it encourages a risk culture characterized by a high level of security thinking, it was possible to identify the following areas where the relationship between risk culture and risk structure plays an important role in the functioning of the ERM; Objectives & Systematic risk management, Encouragement of risk awareness, The value of risk management, Risk response & Trust for risk management, Information & Communication, Openness & Transparency and the Tone from top. How the relationship between internal risk structure and risk culture is governed in these areas has an impact on the effectiveness of ERM.
|
16 |
Risks and Risk Mitigation Strategies Related to AI in Medical Imaging : A Qualitative Case Study of Implementing AI in Screening Mammography / Risker och riskhanteringsstrategier relaterade till AI inom bild- och funktionsmedicin : En kvalitativ fallstudie av implementering av AI vid mammografiscreeningGerigoorian, Annika, Kloub, Maha January 2023 (has links)
AI in medical imaging is promising. Breast cancer screening has particularly seen advancements as researchers have demonstrated how commercially available AI algorithms could detect breast cancer at the same level as the best radiologists. The clinical uptake of AI implementations has however been slow and research studies on the real-life effects AI would have when it is implemented in healthcare settings, are lacking. As AI is integrated into the workflows of hospitals, new risks, are likely to be introduced. The breast radiology department at the hospital of Capio S:t Göran is among the first in the world to clinically let AI act as an independent reader, replacing one of the two radiologists reading the mammograms. This study thus aimed to investigate how a hospital like Capio S:t Göran may prepare for the clinical uptake of AI by exploring risks from an enterprise risk management perspective, i.e., looking beyond risks associated with patient safety, and proposing risk mitigation strategies. Data was qualitatively collected through different means. Brainstorming sessions were conducted with personnel at the hospital, either directly or indirectly involved with AI, with the purpose of identifying risks. Two external experts with competencies in cybersecurity, machine learning, and the ethical aspects of AI, were interviewed as a complement. Insights were also gained via observations at the hospital and internal documents/information. The risks identified were analyzed according to an enterprise risk management framework adopted for healthcare, that assumes risks to be emerging from eight different domains. Additionally, appropriate risk mitigation strategies were identified and discussed. The findings from the study demonstrates 23 risks associated with the clinical AI implementation in medical imaging and proposes risk mitigation strategies to each identifiedrisk. Not only does the study indicate the emergence of clinical/patient safety risks, but it also shows that there are operational, strategic, financial, human capital, legal, and technological risks. In addition, the study emphasizes the existence of possible synergies between the risks. The study concludes on the significance for hospitals to view risks holistically and to manage them proactively. / Användandet av AI inom bild- och funktionsmedicin är lovande. Det har framför allt skett framsteg inom bröstcancerscreening i takt med att forskare lyckats demonstrera hur kommersiellt tillgängliga AI algoritmer kan detektera bröstcancer på samma nivå som de bästa bröstradiologerna. AI införandet inom klinisk praxis har däremot varit långsam och det finns en avsaknad på forskningsstudier som studerat effekterna av ett AI-införande när det implementeras i den verkliga sjukvårdsmiljön. När ett AI system ska integreras i ett sjukhusarbetsflöde är det sannolikt att nya risker introduceras. Mammografiavdelningen på Capio S:t Görans sjukhus är det första sjukhuset i världen som ska börja använda AI kliniskt i syfte att ersätta en av två radiologer. Planen är att låta ett AI-system agera som en oberoende granskare och därmed ersätta en av de två radiologer som normalt sett granskar mammografibilderna. Syftet med denna studie har därav varit att undersöka hur sjukhus, såsom Capio S:t Göran bör förbereda sig för ett kliniskt införande av AI. Detta har gjorts genom att både identifiera risker från ett Enterprise Risk Managementperspektiv, vilket ur en sjukvårdskontext bland annat innebär att titta bortom patientsäkerhetsrisker, samt identifiera och föreslå riskhanteringsstrategier. För att identifiera risker hölls brainstorming sessioner med personal på Capio S:t Görans sjukhus med antingen direkta eller indirekta kopplingar till AI implementeringen. Detta kompletterades med två expertintervjuer där den ena hade kompetens inom cybersäkerhet och maskininlärning och den andra inom de etiska aspekterna av AI. Dessutom erhölls insikter via observationer gjorda på sjukhuset samt genom tillgång till intern information. Riskerna som identifierades analyserades därefter enligt ett Enterprise Risk Management ramverk som anpassats till sjukvården och som utgår från åtta olika risk domäner. Till sist diskuterades och identifierades lämpliga riskhanteringsstrategier. Resultatet från studien kunde indikera 23 risker relaterade till ett kliniskt användande av AI inom bild- och funktionsmedicin samt föreslå riskhanteringsstrategier till respektive risk som identifierades. Studien kunde identifiera operativa risker, patientsäkerhetsrisker, strategiska risker, finansiella risker, humankapitalrisker, juridiska risker och tekniska risker samt synliggöra eventuella synergier som existerar mellan riskerna. Slutsatsen av studien är att en holistisk syn på riskhantering och att en proaktiv hantering av risker är av avgörande betydelse för sjukhus som ska genomgå en implementering av AI.
|
17 |
Les facteurs critiques de succès de l’implantation de l’ERMVicente, Ricardo Luis January 2017 (has links)
Notre recherche vise à identifier les facteurs critiques du succès de l’implantation de l’Entreprise Risk Management (ERM). À cette fin, nous avons élaboré un modèle, c’est-à-dire une sorte de cadre de référence susceptible d’améliorer nos connaissances des déterminants de succès dans l’implantation de l’ERM, d’une part, et de guider les entreprises impliquées dans cette implantation, d’autre part.
Étant donné le caractère holistique de l’ERM, nous avons adopté une approche systémique. Cette dernière nous a permis : 1) de conceptualiser les enjeux associés à l’implantation de l’ERM comme un tout au sens d’identifier les éléments et leurs attributs; 2) de déterminer les relations entre les éléments; 3) et de tenir compte de la dynamique de la gestion intégrée des risques que préconise l’ERM.
Comme cadre théorique général, nous avons eu recours à la théorie sociotechnique, ce qui a orienté notre réflexion vers des construits : pilotage stratégique, implication des acteurs, parrainage de la direction, adaptation structurelle et climat organisationnel, du côté social, et capacité d’intégration des connaissances, capacité TI et capacité de changement, du côté des aspects techniques. L’approche de notre recherche est exploratoire avec un design d’étude corrélationnel et une recherche par enquête.
Les données ont été collectées entre le 2 décembre 2012 et le 28 février 2013, par l’intermédiaire d’un questionnaire électronique. Nous avons procédé à la réduction des données à l’aide d’une analyse factorielle exploratoire. Pour la modélisation statistique proprement dite, nous avons eu recours aux équations structurelles par la méthode des moindres carrés partiels. Pour ce, nous avons utilisé le logiciel SmartPLS.
Les résultats sont satisfaisants et nous ont permis : a) de déceler des problèmes dans l’opérationnalisation de certains construits, b) de valider certaines des hypothèses, c) de tirer des conclusions que nous avons ventilées au début. Ces résultats nous ont aussi montré qu’il y avait d’autres facteurs qu’il n’était pas nécessaire de considérer dans une telle implantation.
De manière générale, la recherche répond à notre question de recherche : « Quels sont les facteurs critiques du succès de l’implantation de l’ERM? ». Il en ressort aussi des contributions théoriques et pratiques.
En ce qui a trait aux contributions théoriques, en premier lieu, notre étude contribue à une meilleure compréhension des facteurs de succès de l’implantation de l’ERM, car elle permet d’identifier de manière empirique les facteurs : Pilotage Stratégique, Implications des Acteurs, Parrainage de la Direction, Adaptation Structurelles, Capacité TI et Capacité de Changement Organisationnelle. En second lieu, notre recherche se distingue des études antérieures sur l’ERM également, car elle contribue à développer une perspective théorique relative à l’ERM en proposant de considérer l’ERM comme étant une innovation administrative et technologique, d’une part, et comme un système sociotechnique, d’autre part.
En ce qui a trait aux contributions pratiques, les résultats empiriques suggèrent 1) que les gestionnaires accordent une attention importante au soutien de la haute direction avant de s’engager dans l’adoption et l’implantation de l’ERM; 2) que l’implantation réussie de l’ERM ne dépend pas uniquement de la disponibilité des ressources techniques physiques et humaines, les gestionnaires doivent s’assurer d’intégrer les processus opérationnels et technologiques. / Abstract : Our research aims to identify the critical success factors for the implementation
of the Enterprise Risk Management (ERM). To this end, we have developed a model,
meaning a kind of framework to improve our knowledge of the determinants of success
in implementing ERM, on the one hand and guide companies involved in this
implementation, on another hand.
Given the holistic nature of the ERM, we have adopted a systemic approach,
which allowed us to: 1) to conceptualize the issues associated with the implementation
of ERM as a whole in the sense of identifying the elements and their attributes; 2) to
determine the relationship between the elements; 3) and take into account the dynamics
of integrated risk management advocated by the ERM.
As a general theoretical framework, we used the socio-technical theory, which
guided our thinking towards the variables: strategic management, stakeholder
involvement, sponsorship management, structural adjustment and organizational
climate, on the social side, and capacity integration of knowledge, IT capability and
capacity for change, on the side of the technical aspects. The approach of this research
is exploratory with a design of correlation study and survey research.
Data collection was done between December 2, 2012 and February 28, 2013,
via an electronic questionnaire. We performed data reduction using an exploratory
factor analysis. For the statistical modeling, we used Structural Equations Modeling
(SEM) technique with Partial Least Squares (PLS) as the method. For this, we used the
SmartPLS software.
The results are satisfactory and allowed us to: a) identify problems in the
application of some variables, b) validate some of the hypothesis, c) to confirm some
8
ideas which we have in the beginning. These results also showed that there were other
factors that it was not necessary to consider in such implementation.
In general, the research responds to our research question: "What are the critical
success factors for the implementation of the ERM?". It also gives some theoretical and
practical contributions.
Concerning the theoretical contributions, in the first place, our study contributes
to a better understanding of the factors of successful implementation of ERM, as it
allows to identify empirically the follow factors: Strategic Driving, Employee
Implication, Board Implication, Structure Adaptation, IT Capacity and Change
Capacity. Second, our research differs from previous studies on the ERM because it
helps to develop a theoretical perspective on the ERM proposing to consider the ERM
as an administrative and technological innovation on the one hand, and as a sociotechnical
system, on the other hand.
Moreover, in respect to practical contributions, empirical results suggest 1)
Members of the board and senior managers are supposed to understand the importance
of giving support for the implementation team even before engaging in the adoption
and implementation of ERM; 2) the successful implementation of ERM does not
depend only on the availability of physical, technical and human resources, Senior
managers should be engaged in the integration of operational and technological
processes.
|
18 |
Systém řízení rizik a správa společnosti / Enterprise Risk Management and Corporate GovernancePivný, Vojtěch January 2010 (has links)
The aim of this thesis is to evaluate present experiences with enterprise risk management implementation and to provide potential solutions for futher risk management development. It also includes minor aims clarifying often falses, which are done by companies. At the beginning of the thesis there are presented common principles with qualitative and quantitative methods. Then the implemenation part is following where methods and conditions of enterprise risk management are described. For succesful system implementation is then described risk culture, where corporate governance is firstly mentioned. A diference among risk management and enterprise risk management is shown in a next chapter compiling financial management and risk management. Own Solvency II experiences, RVA concept, risk management deficiencies and transition from risk measurement to risk management are closing the thesis. The conclusion of the thesis only summarises aims' fulfillment and said hypotheses are confirmed. Enterprise risk management has to be based on common risk management acceptation as a mainstream of the company that has to be fully supported by risk management department.
|
19 |
The economic enterprise risk management innovation program for healthcare organizations : E2RMhealthcareEtges, Ana Paula Beck da Silva January 2018 (has links)
A Gestão de Riscos Corporativos (ERM), a partir das publicações da ISO 31000 em 2009 e do guia do COSO em 2007, vem sendo aplicada e adaptada às especificidades de múltiplos mercados. O contexto hospitalar, caracterizado pela necessidade de avanços em sistemas e métodos gerenciais que permitam maior acurácia de informações e sustento na orientação à tomada de decisão, passou a, também, interessar-se pelo valor da ERM. Influenciado pelos programas de qualidade e segurança do paciente e de gestão de riscos assistencial, presentes na cultura hospitalar mundial, gestores estratégicos à frente de organizações de saúde começaram a procurar por metodologias que possam ser adaptadas à complexidade de um hospital e apoiem a implementação da ERM. A literatura prévia ao desenvolvimento desta tese não apresenta um modelo que consolida e orienta a operacionalização da ERM em organizações de saúde, mas destaca em múltiplas publicações a necessidade que os hospitais têm de atentar a metodologias que permitam gerir de forma proativa e estratégica seus negócios, que estão expostos a riscos internos e externos. Motivada pela lacuna descrita, esta tese explorou o mercado brasileiro e norte americano através de entrevistas, estudos de caso e survey, e propôs um modelo global de ERM para organizações de saúde: o E2RMhealthcare. Este sugere requisitos para a operacionalização global da ERM e é fragmentado em 4 níveis: risk baseline, education, quantitative e governance que orientam uma implementação gradual, considerando a maturidade de gestão da organização. Formas de como explorar as características do hospital e capital humano para exercer a ERM também foram estudadas, sendo proposto uma relação entre as equipes de avaliação de tecnologias de saúde hospitalar e de ERM no processo de criação de valor da organização através de um mapa de causa e efeito. Como destaque do negócio saúde, essa tese inova propondo o primeiro inventário de riscos corporativos orientado a organizações de saúde que foi validado por gestores de múltiplos países, identificando o risco de ataques cibernéticos como o principal. Por fim, o uso de métodos de análise multicriterial e de custeio por atividade são aplicados como soluções inovadoras para a priorização e avaliação econômica de riscos ao longo dos níveis Baseline e Quantitative do E2RMhealthcare. O avanço do E2RMhealthcare com estas metodologias incorporadas para um software com capacidade de inteligência artificial é deixado como sugestão de trabalhos futuros além da sua real aplicação em múltiplos casos. / Since the ISO 31000 publication in 2009 and the COSO guide in 2007 Enterprise Risk Management (ERM) has been applied and adapted to the specificities of different business markets. The hospital context characterized by the demand for advances in management systems and methods that allow to improve information accuracy and to support the decision-making process, also became interested in the value of ERM. Influenced by quality and patient safety and healthcare risk management programs presents in the global hospital culture, managers at the top of healthcare organizations started to look for methodologies that can be adapted to the hospital management complexity to support the ERM implementation. The literature, prior to the development of this thesis, does not present a model that consolidates a guide to operationalize ERM in healthcare organizations. Although emphasizes, in multiple publications, the urgency for methodologies that enable proactive and strategic management of healthcare businesses, which are exposed to internal and external risks. Motivated by the described gap, this thesis explored the Brazilian and American healthcare market through interviews, case studies and survey, and proposed a global ERM model for healthcare organizations: E2RMhealthcare. It suggests requirements for global operationalization of the ERM and is organized in 4 levels: risk baseline, education, quantitative and governance that guide a gradual implementation, considering the maturity of the organization management. Different manners to explore the features of the hospital and human capital to operate the ERM were also studied, and it was proposed a relation between the hospital healthcare technology assessment teams and the ERM in the value creation process of the organization through a cause and effect map. Focusing on the healthcare business, this thesis innovates by proposing the first enterprise risk inventory aimed at healthcare organizations that was confirmed by risk managers from different countries. Cyber-attack was identified as the main enterprise risk in healhtcare. Finally, the use of multicriterial analysis methods and activity-based costing are applied as innovative solutions for prioritization and economic assessment of risks throughout the Baseline and Quantitative levels of E2RMhealthcare. The progress of E2RMhealthcare with these incorporated methodologies for a software with artificial intelligence capacity is left as a suggestion for future studies, in addition to its actual application in multiple cases.
|
20 |
Comunicação nos processos de gestão de risco corporativo na BM&FBOVESPA / Communication in corporate risk management process in BM&FBOVESPAMoraes, Flavio de 24 October 2012 (has links)
Este trabalho aborda como é estruturada a comunicação nos processos de gestão de risco corporativo para identificar como é realizado o alinhamento das informações e percepções sobre riscos entre a gestão, conselho de administração e demais públicos interessados. Foi realizada revisão da literatura sobre Governança Corporativa, Gestão de Riscos, Gestão de Riscos Corporativos e Comunicação sobre riscos. Devido à escassez de estudos relacionados ao tema esta pesquisa possui caráter exploratório e foi utilizado o método de estudo de caso. Devido às limitações do método utilizado, as principais contribuições da pesquisa são evidências que apontam para o papel da gestão de risco corporativo como complementar à gestão de risco em silos, para a parceria entre especialistas e não especialistas em gestão de risco como fator que influencia na qualidade dos processos e da comunicação sobre riscos, bem como possíveis fatores que influenciam na formação e manutenção desta relação de parceria, além de evidências da presença de pessoas com experiência em gestão de riscos e nas atividades da empresa como possível fator que afetar a relação entre especialistas e não especialistas em gestão de riscos e a qualidade dos processos de gestão de risco. / This paper discusses how communication in enterprise risk management is structured to identify how managers, board member and other stakeholders align information and perceptions about risks. The literature review covers Corporate Governance, Risk Management, Enterprise Risk Management and Communication about risks. Due to the limitations of the method used in this research the main contributions are evidences pointing to the role of corporate risk management as complementary to the risk management silo approach, the partnership between specialists and non specialists in risk management as a factor that influences quality of processes and communication about risks and factors that might influence the formation and maintenance of this partnership relationship as well evidences of the presence of people with experience in risk management and the company\'s activities as a possible factor affecting the relationship between experts and nonexperts in risk management and the quality of risk management processes.
|
Page generated in 0.0752 seconds