Article Preview
TopRisk Assessment And Analytical Hierarchy Process
In enterprise risk management, there are a number of frameworks in use today and COSO (Committee of Sponsoring Organizations of the Treadway Commission) (Curtis & Carey, 2012) is the most widely adopted by organizations. Typically, risk management involves identifying, prioritizing, responding to, assessing, monitoring and reporting risks. The risks may include physical risks like fire and earthquake and financial risks like interest rate instability and payment default. However, there is also an important category of risks not specifically addressed by these common frameworks but related to IC of organizations which must be effectively managed to ensure competitiveness and sustainability. These risks, arising from IC not properly managed, are called IC risks. Examples are: knowledge leakage, intellectual property (IP) loss and employee turnover. In this paper, the focus is on risk assessment component of a framework as applied to one of the most important IC risks - knowledge leakage. As for risk assessment, it refers to activities carried out in establishing assessment criteria and scope, determining likelihood and impact of risks, and prioritizing them (Hallikas, Karvonen, Pulkkinen, Virolainen, &Tuominen, 2004). Common frameworks like COSO (Curtis & Carey, 2012) and CAS (Casualty Actuarial Society) (Casualty Actuarial Society, 2013) have similar risk assessment methodology. The determination of the level of risk is important in risk management, including IC risk management. According to Zhi (1995) and Williams (1993), risk is expressed mathematically as:
where
R is the level of risk,
P is the probability for the risk to occur and
I is the impact of the risk.