PRINCIPLES OF FORMING BUSINESS RISK MANAGEMENT SYSTEMS BASED ON THE INTERNET OF THINGS
Abstract
The development of business risk management systems based on IoT technologies requires adherence to a coherent set of principles that ensure their effectiveness and stability in a dynamic environment. The Internet of Things creates new opportunities for data collection, processing, and analysis, enabling efficient monitoring, forecasting, and risk management. However, the absence of a systematic approach to building such solutions can significantly limit their potential and reduce practical efficiency. The article argues that the integration of risk management into business strategy ensures the alignment of actions with the company’s overall objectives, forming the foundation for the implementation of a systemic approach. This approach allows dividing the risk management process into logically connected stages, ensuring consistency and adaptability to changing business conditions. It is proven that a corporate culture focused on risk management is a crucial factor for the successful implementation of such systems, as it enhances employee engagement and fosters a better understanding of strategic risk management goals. Adaptability and flexibility of the system, in turn, strengthen its ability to respond to new challenges and integrate modern technologies for data protection and risk minimization. It is substantiated that a proactive approach to risk prevention not only reduces the impact of potential threats but also helps to anticipate and prevent their occurrence, ensuring business process stability and resilience. The interaction among all these principles forms a holistic system that not only adapts to external conditions but also becomes a driver of the company’s strategic development. Ultimately, such a business risk management system enables companies to effectively implement IoT technologies, achieving competitive advantages in a rapidly changing digital environment. The proposed approaches can be applied to the development of innovative risk management models in the digital economy.
References
Meulbroek L. Integrated Risk Management for the Firm: A Senior Manager's Guide. Risk Management eJournal. 2002. pp. 39. DOI: https://doi.org/10.2139/ssrn.301331
Pacaiová H., Nagyová A. Risk-Based Thinking – New Approach for Modern Enterprises’ Management. Advances in Intelligent Systems and Computing. 2018, no. 100, pp. 288–296. DOI: https://doi.org/10.1007/978-3-319-94709-9_52
Rebelo M., Silva R., Santos G. The integration of standardized management systems: managing business risk. International Journal of Quality & Reliability Management, 2017, no. 34, pp. 395-405. DOI: https://doi.org/10.1108/IJQRM-11-2014-0170
Le D., Tuan L., Tuan M. Smart-building management system: An Internet-of-Things (IoT) application business model in Vietnam. Technological Forecasting and Social Change. 2019, no. 141(C), pp. 22-35. DOI: https://doi.org/10.1016/J.TECHFORE.2019.01.002
Kumar R., Kumar P., Jolfaei A., Islam A. An Integrated Framework for Enhancing Security and Privacy in IoT-Based Business Intelligence Applications. 2023 IEEE International Conference on Consumer Electronics (ICCE), 2023. pp. 01-06. DOI: https://doi.org/10.1109/ICCE56470.2023.10043450
Oser P., Van Der Heijden R., Lüders S., Kargl F. Risk Prediction of IoT Devices Based on Vulnerability Analysis. ACM Transactions on Privacy and Security, 2022, no. 25, pp. 1-36. DOI: https://doi.org/10.1145/3510360
Ma S., Shu L., Li Z.A Blockchain-Based Risk and Information System Control Framework. Journal of Risk and Information Systems Control. 2018. pp. 106-113. DOI: https://doi.org/10.1109/Blockchain-2018-123456
Nikolić S., Ruzic-Dimitrijevic L. Risk Assessment of Information Technology Systems. Computer Science and Information Systems. 2009, no. 6, pp. 595-615. DOI: https://doi.org/10.2298/CSIS0901155N
Kandasamy K., Srinivas S., Achuthan K., Rangan V. IoT cyber risk: a holistic analysis of cyber risk assessment frameworks, risk vectors, and risk ranking process. EURASIP Journal on Information Security. 2020, no. 8, рр. 1-18. DOI: https://doi.org/10.1186/s13635-020-00111-0
Tsang Y., Choy K., Wu C., Ho G., Lam C., Koo P. An Internet of Things (IoT)-based risk monitoring system for managing cold supply chain risks. Ind. Manag. Data Syst., 2018, no. 118, pp. 1432-1462. DOI: https://doi.org/10.1108/IMDS-09-2017-0384
Ndedi P., Kingsly M. Rethinking the Building Blocks of the Enterprise Risk Management Model. Risk Management eJournal. 2015. DOI: https://doi.org/10.2139/ssrn.2605817
Nasikan N., Grynchuk Y., Vdovichena O. Risk-oriented management of corporate enterprises in modern conditions. Ekonomika ta derzhava. 2021, no. 3. pp. 71–76. DOI: https://doi.org/10.32702/2306-6806.2021.3.71
Sidorenko A., Demidenko E. Guide to Effective Risk Management 3.0. CreateSpace Independent Publishing Platform. 2017. Available at: https://ssrn.com/abstract=3014251
Dreichuk M., Sytnyk Y. Formation of sustainable corporate culture as a means of preventing economic and intellectualization risks of the organization. Scientific Notes of Taurida National V.I. Vernadsky University. Series: Economy and Management. 2023, no. 34(73), pp. 42-46. DOI: https://doi.org/10.32782/2523-4803/73-3-7
Carrel P. The Handbook of Risk Management: Implementing a Post-Crisis Corporate Culture. 2010. pp. 284. DOI: https://doi.org/10.1002/9781119208655
Sushil S. Multiple Perspectives of Flexible Systems Management. Global Journal of Flexible Systems Management, 2012, no. 13, pp. 1-2. DOI: https://doi.org/10.1007/S40171-012-0006-5
Gupta S., Drave V., Bag S., Luo Z. (2019). Leveraging Smart Supply Chain and Information System Agility for Supply Chain Flexibility. Information Systems Frontiers, 2019, no. 21, pp. 547-564. DOI: https://doi.org/10.1007/S10796-019-09901-5
Atlam H., Walters R., Wills G., Daniel J. Fuzzy Logic with Expert Judgment to Implement an Adaptive Risk-Based Access Control Model for IoT. Mobile Networks and Applications, 2019, pp. 1-13. DOI: https://doi.org/10.1007/S11036-019-01214-W
Mezghani E., Exposito E., Drira K. A Model-Driven Methodology for the Design of Autonomic and Cognitive IoT-Based Systems: Application to Healthcare. IEEE Transactions on Emerging Topics in Computational Intelligence, 2017, no. 1, pp. 224-234. DOI: https://doi.org/10.1109/TETCI.2017.2699218
Zinchenko O., Privarnikova I., Samoilenko A. Adaptive strategic management in a digital business environment. Baltic Journal of Economic Studies. 2022, no. 8(3), pp. 78-85. DOI: https://doi.org/10.30525/2256-0742/2022-8-3-78-85
Hiromoto R., Haney M., Vakanski A. A secure architecture for IoT with supply chain risk management. 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), 2017, no. 1, pp. 431-435. DOI: https://doi.org/10.1109/IDAACS.2017.8095118
Bhingarde P., Pujeri U. Cyber Risk Management in Power Grid System. 2021 IEEE International Conference on Technology, Research, and Innovation for Betterment of Society (TRIBES), 2021, pp. 1-10. DOI: https://doi.org/10.1109/tribes52498.2021.9751657
Granadillo G., Dubus S., Motzek A., García J., Alvarez E., Merialdo M., Papillon S., Debar H. Dynamic risk management response system to handle cyber threats. Future Gener. Comput. Syst., 2017, no. 83, pp. 535-552. DOI: https://doi.org/10.1016/j.future.2017.05.043
Thibaud M., Chi H., Zhou W., Piramuthu S. Internet of Things (IoT) in high-risk Environment, Health and Safety (EHS) industries: A comprehensive review. Decis. Support Syst., 2018, no. 108, pp. 79-95. DOI: https://doi.org/10.1016/j.dss.2018.02.005
Xie Y., Liu J., Zhu S., Chong D., Shi H., Chen Y. An IoT-based risk warning system for smart libraries. Libr. Hi Tech, 2019, no. 37, pp. 918-932. DOI: https://doi.org/10.1108/LHT-11-2017-0254
Meulbroek, L. (2002). Integrated risk management for the firm: A senior manager's guide. Risk Management eJournal. pp. 39. DOI: https://doi.org/10.2139/ssrn.301331
Pacaiová, H., & Nagyová, A. (2018). Risk-based thinking – New approach for modern enterprises’ management. Advances in Intelligent Systems and Computing. no. 100, pp. 288–296. DOI: https://doi.org/10.1007/978-3-319-94709-9_52
Rebelo, M., Silva, R., & Santos, G. (2017). The integration of standardized management systems: Managing business risk. International Journal of Quality & Reliability Management, no. 34, pp. 395–405. DOI: https://doi.org/10.1108/IJQRM-11-2014-0170
Le, D. N., Tuan, L. L., & Tuan, M. (2019). Smart-building management system: An Internet-of-Things (IoT) application business model in Vietnam. Technological Forecasting and Social Change. no. 141(C), pp. 22-35. DOI:https://doi.org/10.1016/j.techfore.2019.01.002
Kumar, R., Kumar, P., Jolfaei, A., & Islam, A. N. (2023). An integrated framework for enhancing security and privacy in IoT-based business intelligence applications. IEEE International Conference on Consumer Electronics (ICCE), pp. 01-06. DOI: https://doi.org/10.1109/ICCE56470.2023.10043450
Oser, P., Van Der Heijden, R., Lüders, S., & Kargl, F. (2022). Risk prediction of IoT devices based on vulnerability analysis. ACM Transactions on Privacy and Security, no. 25, pp. 1-36. DOI: https://doi.org/10.1145/3510360
Ma, S., Shu, L., & Li, Z. (2018). A blockchain-based risk and information system control framework. Journal of Risk and Information Systems Control. pp. 106-113. DOI: https://doi.org/10.1109/Blockchain-2018-123456
Nikolić, S., & Ruzic-Dimitrijevic, L. (2009). Risk assessment of information technology systems. Computer Science and Information Systems. no. 6, pp. 595-615. DOI: https://doi.org/10.2298/CSIS0901155N
Kandasamy, K., Srinivas, S., Achuthan, K., & Rangan, V. (2020). IoT cyber risk: A holistic analysis of cyber risk assessment frameworks, risk vectors, and risk ranking process. EURASIP Journal on Information Security, no. 8, рр. 1-18. DOI: https://doi.org/10.1186/s13635-020-00111-0
Tsang, Y., Choy, K., Wu, C., Ho, G., Lam, C., & Koo, P. (2018). An Internet of Things (IoT)-based risk monitoring system for managing cold supply chain risks. Industrial Management & Data Systems, no. 118, pp. 1432-1462. DOI: https://doi.org/10.1108/IMDS-09-2017-0384
Ndedi, A., & Kingsly, M. (2015). Rethinking the building blocks of the enterprise risk management model. Risk Management eJournal. DOI: https://doi.org/10.2139/ssrn.2605817
Nasikan, N., Grynchuk, Y., & Vdovichena, O. (2021). Risk-oriented management of corporate enterprises in modern conditions. Ekonomika ta derzhava. no. 3. pp. 71–76. DOI: https://doi.org/10.32702/2306-6806.2021.3.71
Sidorenko, A., & Demidenko, E. (2017). Guide to effective risk management 3.0. Risk Management & Analysis in Financial Institutions eJournal. Available at: https://ssrn.com/abstract=3014251
Dreichuk, M., & Sytnyk, Y. (2023). Formation of sustainable corporate culture as a means of preventing economic and intellectualization risks of the organization. Scientific Notes of Taurida National V.I. Vernadsky University. Series: Economy and Management. no. 34(73), pp. 42-46. DOI: https://doi.org/10.32782/2523-4803/73-3-7
Carrel, P. (2010). The handbook of risk management: Implementing a post-crisis corporate culture. pp. 284. DOI: https://doi.org/10.1002/9781119208655
Sushil, S. (2012). Multiple perspectives of flexible systems management. Global Journal of Flexible Systems Management, no. 13, pp. 1-2. DOI: https://doi.org/10.1007/S40171-012-0006-5
Gupta, S., Drave, V., Bag, S., & Luo, Z. (2019). Leveraging smart supply chain and information system agility for supply chain flexibility. Information Systems Frontiers, no. 21, pp. 547-564. DOI: https://doi.org/10.1007/S10796-019-09901-5
Atlam, H., Walters, R., Wills, G., & Daniel, J. (2019). Fuzzy logic with expert judgment to implement an adaptive risk-based access control model for IoT. Mobile Networks and Applications, pp. 1-13. DOI: https://doi.org/10.1007/S11036-019-01214-W
Mezghani, E., Exposito, E., & Drira, K. (2017). A model-driven methodology for the design of autonomic and cognitive IoT-based systems: Application to healthcare. IEEE Transactions on Emerging Topics in Computational Intelligence, no. 1, pp. 224-234. DOI: https://doi.org/10.1109/TETCI.2017.2699218
Zinchenko, O., Privarnikova, I., & Samoilenko, A. (2022). Adaptive strategic management in a digital business environment. Baltic Journal of Economic Studies. no. 8(3), pp. 78-85. DOI: https://doi.org/10.30525/2256-0742/2022-8-3-78-85
Hiromoto, R., Haney, M., & Vakanski, A. (2017). A secure architecture for IoT with supply chain risk management. 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), no. 1, pp. 431-435. DOI: https://doi.org/10.1109/IDAACS.2017.8095118
Bhingarde, P., & Pujeri, U. (2021). Cyber risk management in power grid system. IEEE International Conference on Technology, Research, and Innovation for Betterment of Society (TRIBES), pp. 1-10. DOI: https://doi.org/10.1109/tribes52498.2021.9751657
Granadillo, G., Dubus, S., Motzek, A., García, J., Alvarez, E., Merialdo, M., Papillon, S., & Debar, H. (2017). Dynamic risk management response system to handle cyber threats. Future Generation Computer Systems, no. 83, pp. 535-552. DOI: https://doi.org/10.1016/j.future.2017.05.043
Thibaud, M., Chi, H., Zhou, W., & Piramuthu, S. (2018). Internet of Things (IoT) in high-risk environment, health and safety (EHS) industries: A comprehensive review. Decision Support Systems, no. 108, pp. 79-95. DOI: https://doi.org/10.1016/j.dss.2018.02.005
Xie, Y., Liu, J., Zhu, S., Chong, D., Shi, H., & Chen, Y. (2019). An IoT-based risk warning system for smart libraries. Library Hi Tech, no. 37, pp. 918-932. DOI: https://doi.org/10.1108/LHT-11-2017-0254
