Introduction
The importance of risk management in an organization has been well studied. Almost all kinds of business and activities are affected. Research showed that it affected the success in supply chain activities (Aboutorab et al., 2022), software development (Ziana and Charles, 2022), public–private partnership projects (Rasheed et al., 2022; PMI, 2013), in the pharmaceutical industry (Hoon Kwak and Dixon, 2008; Nyden and Hagglund, 2022), in project management (Raz et al., 2002). Brown and Grundy (2016) even said “Only a fool will believe that no risk emerges in a project.” These studies support the idea that risk management affects the success of almost all kinds of organizations whether profit or not-for-profit organizations. Practically it affects any company (Nelson et al., 2008; Kountur, 2018; Hardy et al., 2020; Hardy and Maguire, 2016; George, 2020).
The success of risk management is due to its ability in creating and protecting value. However, studies also showed that risk management not only creates value but also increases performance (Farrell and Gallagher, 2015; Gatzert and Martin, 2015; Willumsen et al., 2019). Therefore, it is important for an organization to implement all steps in the risk management process to be successful. It started by stating the context, assessing the risk, treating the risks, and monitoring the implementation of risk treatment. One of the important activities in risk assessment is risk identification. Before any risk can be treated, it is very essential to identify them (Moeller, 2017; Everson and Chesley, 2016; Bowling and Rieger, 2005; Aven, 2011; Gjerdrum and Peter, 2011; Barghi and Sikari, 2020). Risk identification is the first step in assessing risk (Chapman and Ward, 2003; Elkington and Smallman, 2002). This is in line with the risk management framework proposed by both COSO and ISO 31000 that Risk Identification is the first step to be done in risk assessment where risk assessment is part of the risk management process. Risk identification events getting more important especially when organizations are facing unpredictable environments (Picciotto, 2019) since risks exist in any work that the organization is doing. Ignoring them will be very dangerous to the organization (Siddique and Hussein, 2014).
Risk identification is the process of discovering risks that affect the goals or objectives of an organization (Kasap and Kaymak, 2007; Tchankova, 2002). Only after risk has been identified that the subsequent process of risk management may be performed (Schieg, 2006). How can risk in an organization be treated without knowing what risks the organization is facing? Thus, risk identification is important for an organization.
There are increasing numbers of research in the area of risk management, particularly in the identification and assessment of risk (Zhang et al., 2019; Liu et al., 2018; Osei-Kyei et al., 2021; Hartono et al., 2021; Ameyaw and Chan, 2015; Aboutorab et al., 2022). Some of the risk identification approaches are complex and require a cumbersome procedure, as Aboutorab, et al. (2022) who introduced the reinforce learning-based approach for the proactive risk identification (RL-PRI) approach said that “this step is also extremely complex…” Most of these risk identification techniques are complex, requiring highly skilled persons to conduct and require several people in the implementation. This is consistent with the study of Ahmed et al. (2007); Larson and Gray (2021) that risk identification requires more people to work. Further, the existing techniques of risk identification tend to be subjective, as they are based on some prediction (Maytorena et al., 2007). It seems that a more practical approach with more accurate results in risk identification is needed. Two risk identification approaches that may be considered more practical, less complex, and possible to involve only one person in the process are business process and work breakdown structure approaches.
Business process approach
Among different approaches to risk identification, the business process approach seems to get more attention in some research (Suriadi et al., 2014), probably due to its practicality and effectiveness. There are some variations of this approach as Lambert et al. (2006) called the business process model. It has long been used in several areas such as quality control (Stamatis, 2003), and hazard analysis (Kletz, 1999). Salmela (2008) called it business process analysis, while Cope et al. (2010) called it a risk-extended process model. It seems no one exact procedure of the business process approach, the principles are the same, and the risk is derived from a business process however the detailed procedure may vary. Thus, it is still possible to improve the procedure. In this paper, we are introducing the practical approach of risk identification with the use of a business process approach.
The term “business process” is a common term that refers to a set of activities done for a goal (Weske, 2007; Recker et al., 2009; Ould, 1995) that attempt to improve the operation of an organization (Thompson, 2002). This definition seems to be acceptable in describing the business process as used in the risk identification process. They are the activities done in achieving organizational goals. The organization’s goals may be in the form of objectives, targets, or the form of key performance indicators (KPIs). Thus, the two most important element of a business process is activities and goal. The goal must be first set then followed by activities done to attain the goal. In each of the activities, there will be a potential loss event. This loss event is what is known as risk. Different unit in an organization has different goal (target, objective, or KPIs) to pursue, and each goal has its different activities or process to be performed.
The procedure of the business process approach in risk identification introduced in this study starts with (1) selecting a unit in an organization where risk identification will be performed. This unit is usually the lower-level unit in the organization structure. After risks have been identified in the first unit then move to the next unit until all units in the same level have been selected for identification. That is the reason why the business process approach is sometimes known also as a bottom-up approach since its starts from the lower level to the top level in the organization structure. Next, (2) determine the KPIs, targets, or objectives of the unit selected. Next, (3) list all the activities to be done to attain the KPIs, targets, or objectives. Next, (4) find out possible loss events in each of the activities. Usually, several loss events will be identified in each activity, this loss event is what is known as risk. A risk is a possible event that may cause losses. The loss may be in the form of loss itself, failure, or damage. Next, (5) categorized the risk into an appropriate category that has been developed since all risks need to be categorized (Mazher, 2019; Wu et al., 2018). There are two steps in categorizing risk, first is to categorize risk by activity and then by function (Kountur, 2016). For example, a business process with an activity of sending products to customers. In this activity possible to have a loss event when sending products that are products destroyed on the way to the customer or damaged. So, in the activity of sending the product to the customer, there is a risk of “product defect,” which is an event. Product defect may be categorized into an activity of delivery that can be called a “risk in delivery,” this is a category based on activity. The risk of delivery may be categorized into “operational risk,” which is a category based on function. Take note that a risk is an event that may be categorized into activity and further categorized into function. In other words, one function may consist of several activities, and one activity may consist of several loss events. The procedure of the business process approach in risk identification may be described in Fig. 1.
Fig. 1 [Images not available. See PDF.]
The procedure of the business process approach.
In the lower level of organizational structure, the risk is defined as an event and it must be a loss, thus it is called a loss event. The first four activities in the risk identification process are done in the lower level of the organization structure. In the middle level of the organization structure, the risk is defined as activity. Several loss events in the lower level are categorized into one activity in the middle level since one activity consists of several loss events. In the top level of the organization structure, risk is defined as a function. Several activities in the middle level are categorized into one function in the top level since one function consists of several activities.
Risks are treated at the event level not at the activity or functional level since activity and function are just a way to categorize risk events. The activities and functions of an organization have been pre-determined. However, the loss events cannot be pre-determined but are known from the process of risk identification. When the organization has more structure or the structure is high, activities may be divided into general activities and specific activities. A function may also be categorized as a major function or a specific function.
Work breakdown structure approach
The work breakdown structure (WBS) is originally used in project management. It is the way how to break the project work into several activities. However, the use of WBS getting broader in some other areas. The WBS has been used as a risk identification technique (Lei, 2012) and in the preparation of a safety plan (Elsye et al., 2018). The use of WBS in risk identification was found to improve future projects (Chaher and Soomro, 2016). In project management, WBS is used to break the project by tasks and sub-tasks, deliverables, and work packages. The process of decomposing the tasks and breaking them into some work packages may be used in identifying risk not only for a project but also for an organization.
The WBS approach that is presented here is a modified model where the project or the organization is decomposed into functions, activities, and events instead of tasks, deliverables, and work packages. The first step (1) in the risk identification process that makes use of the WBS approach is to break the organization into several functions. Take note that each organization may have its unique different functions. The second step (2) is to break the function into several activities. The third step (3) is to know which activities belong to which unit in the organization. The fourth step (4) is to identify the loss event which is the risk in each activity. There might be several loss events in every activity. The fifth step (5) is to know the objective or the KPI of the unit where the loss events were found and to make sure that the loss event relates to the objective or KPI of the unit. The steps of doing the WBS approach in risk identification are presented in Fig. 2.
Fig. 2 [Images not available. See PDF.]
The procedure of the work breakdown structure approach.
The organization’s works are divided into several pre-determined functions. Each function has several pre-determined activities. The risk may be identified in each of the activities. However, not all risks in each activity may be relevant. Only risks related to the objective or key performance indicator (KPI) of the unit where the activities belong may be considered relevant risks.
The WBS approach is starting from the top and goes down to the bottom. That is why sometimes it is also called the top-down approach. Some claim that the WBS approach is practical and has a positive effect on risk management (Chaher and Soomro, 2016; Smith, 2008).
Conceptual framework
Some risks have easily been identified since they appear on the surface. They are loss events that had occurred in the past and may occur again in the future. However, some risks are hidden, they do not appear in the past or they are unnoticed therefore hard to identify. These kinds of risks which are hidden are important to be identified. The risk that is not seen is the one that may destroy the organization. So, it is important to identify something unseen. There are two approaches to risk identification that are introduced in this research, and both have been well practiced in the past with some adjustments (Suriadi et al., 2014; Lambert et al., 2006; Stamatis, 2003; Kletz, 1999; Salmela, 2008; Cope et al., 2010; Lei, 2012; Elsye et al., 2018; Chaher and Soomro, 2016). We expect that one approach can identify more risk than the other where risks that are unnoticed or have not occurred yet in the past may be identified.
The person who identifies the risk may be able to identify it not because of the approach he is using but more of his knowledge of the context (Nyden and Hagglund, 2022; Maytorena et al., 2007; Hoon Kwak and Dixon, 2008). For example, a person who identifies risk in the accounting department and has knowledge of accounting may be able to identify more risk than people who do not know accounting. Therefore, in this study, the effect of knowledge about the context is controlled. The dependent variable is the number of risks identified and the treatment variable is the identification methods. The description of the variables is presented in Table 1.
Table 1. The description of variables.
Variable type | Variable name | Variable symbol | Variable measure method |
|---|---|---|---|
Independent variable | The number of risks identified. | Y | This variable is measured by counting the number of risks each respondent identifies. |
Treatment variable | Risk identification approaches. | X | This variable consists of three categories of treatments, the work breakdown structure (WBS), the business process (BP), and the placebo. |
Controllable variable | Knowledge of the context. | C | This variable is measured by a testing instrument in the form of multiple choice. |
We hypothesized thatwhere μ1 is the mean of placebo or no treatment (NT), μ2 is the mean of the business process (BP) approach, and μ3 is the mean of the work breakdown structure (WBS) approach
In other words, this study hypothesizes that the risk identification approach (X) affects the number of risks identified (Y) where the knowledge of the context (C) is controlled.
Losses and damage that companies experience are usually caused by some unidentified risks that hit them unprepared. Some companies and organizations even have to close their business or discontinue their operation due to the huge negative impact of the risk they experienced. Knowing the risks that may hit an organization is important. Risk needs to be identified properly. Though there had been some approaches a person can use in identifying risk, most of those approaches are complex, require several people involved, are too subjective, and are not able to identify unseen risks. The use of the WBS or BP approach is more practical since it can work well even being done by only one person. We are still not sure whether these two approaches provide the same results or not. Thus, this research is conducted. All enterprise risk management practitioners in their work of identifying risks need to know the most effective approach to risk identification.
Methods
This is an experimental study where the number of risks identified as the dependent variable and treatment variables are the two risk identification approaches plus one placebo. Knowledge of the context is the variable that is controlled.
Sample
Risk management is a process of identifying, measuring, and treating or controlling risks that can be done by any profession. Most of the practices of risk management were indeed done by managers in an organization, however, it is not limited to the manager only but to any profession. The ability to identify risk is a human ability, not an organizational ability. Therefore, we are using university students as the respondents. We intend to select business students since they are familiar with the business environment and cases though they have no real experience in the business organization yet. However, real experience in an organization is not required since our concern is more on human ability than on organizational ability.
Eighty-six students from one of the top business schools in Indonesia were selected. They were selected conveniently however in assigning which respondents belong to which group of treatment were selected randomly.
The description of the sample is shown in Table 2. Most of the respondents are female (68%) while fewer (32%) are male. Most of them (54%) is in their first semester, none in the second and fourth semester, and few are in the fifth (21%) and third (25%) semester. In terms of knowledge in accounting, the range is quite wide between 3 and 21 with a maximum score of 25. The wider the range, the higher will be the effect size which does not require a large sample size to get high statistical power. This is true for the number of risks identified too where the range is between 1 and 11 for a maximum of 11.
Table 2. The description of the sample.
Variable | Category | Frequency | Percentage |
|---|---|---|---|
Gender | Male | 27 | 32 |
Female | 57 | 68 | |
Semester | 5 | 18 | 21 |
4 | 0 | 0 | |
3 | 21 | 25 | |
2 | 0 | 0 | |
1 | 45 | 54 | |
Knowledge in accounting | 20–23 | 4 | 5 |
16–19 | 15 | 18 | |
12–15 | 18 | 20 | |
08–11 | 29 | 35 | |
04–07 | 15 | 18 | |
00–03 | 3 | 4 | |
The number of risks identified. | 9–11 | 2 | 2 |
6–8 | 11 | 13 | |
3–5 | 42 | 50 | |
0–2 | 29 | 35 |
Procedure
From all the selected respondents, they were assigned randomly into three groups. The first group was the placebo group. The second group was the group that was taught the business process approach, and the last group was the group that was taught the work breakdown structure approach. These were the students who never take any risk management course before. We make sure that they do not know risk identification techniques yet.
A written short similar business case was given to all groups for them to read. This was the case in the accounting department. They have to put themselves as the accounting manager and tried to identify what are the risks he or she was facing. The first group which is the placebo group after reading the case then was asked to identify as many risks as they can think of based on the case provided. They were given a sheet of paper to write all of the appropriate risks that they can identify.
For the second group, before they were given the case to read, they were taught the method of risk identification based on the business process approach. After explaining the approach, we let them ask about any procedure in this approach that they did not understand to make sure that they understand the approach. After we were sure that everyone in the group understand the procedure then we gave them the case to read. We also provide an answer sheet that was designed according to the steps in the doing business process approach. The answer sheet will help them identify the risk based on the business process approach.
For the third group, similar treatment was given as for the second group except that they were taught the work breakdown structure approach and the answer sheet was designed according to the steps in doing the work breakdown structure approach.
After completing identify the risk, all of the respondents were given a multiple-choice question about accounting. This was to know their knowledge of accounting since knowledge in accounting become the controllable variable.
Data analysis
This is an experimental study where the data of the dependent variable is in interval form and the independent variable is the treatment variable which is in nominal form. The appropriate statistical tool is the analysis of variance. The controllable variable was controlled statistically therefore we are using the one-way analysis of co-variance (ANCOVA) with a 95% level of confidence. This statistical technique is robust. Violation of some parametric statistical assumptions such as normality and linearity may not affect the result. However, the existence of outliers and missing data may affect the result therefore we made sure that no outliers and missing data were in the analysis. The analysis then will be followed by a post-hoc-test with the use of Tukey’s HSD test.
Results
A one-way analysis of covariance (ANCOVA) was performed to compare the effect of different risk identification methods on the number of risks identified where knowledge about the context was controlled.
The one-way analysis of covariance revealed that there was a statistically significant difference in the number of risks Identified between different methods of risk identification in at least two groups (F(2, 35.69) = 12.72, p < 0.05), that knowledge of the context was also found to be significantly affecting the number of risks identified (Y) (F(1, 45.79) = 16.32, p < 0.05) that has been controlled (see Table 3).
Table 3. Analysis of covariance: The number of risks identified.
Case | Sum of square | df | Mean square | F | p | η2 |
|---|---|---|---|---|---|---|
Risk ident. method (Y)a | 71.37 | 2 | 35.69 | 12.72 | 0.00 | 0.21 |
Knowledge (C)a | 45.79 | 1 | 45.79 | 16.32 | 0.00 | 0.13 |
aIndicate significance. Both, risk identification method (X) as the treatment variable and knowledge (C) as the controllable variable are significant.
Tukey’s HSD test for multiple comparisons found that the mean value of the number of risk identified was significantly different between business process (BP) and placebo or no treatment (NT) (p < 0.05); between business process (BP) and work breakdown structure (WBS) (p < 0.05) as shown in Table 4. While there was no statistical difference between WBS and NT (p = 0.34).
Table 4. Post-hoc comparison on risk identification method.
Mean difference | SE | t | PTukey |
|---|---|---|---|
BP–NT | 2.21 | 0.45 | 0.00 |
BP–WBS | 1.59 | 0.45 | 0.00 |
WBS–NT | −0.63 | 0.44 | 0.34 |
BP, WBS, and NT is the treatment where BP = business process, WBS = work breakdown structure, and NT = no treatment or placebo.
The average number of risks identified with the use of the BP method in risk identification is higher (M = 5.93) than the use of the WBS method (M = 3.14) and also higher than placebo or no treatment is used (M = 2.46), as shown in Table 5.
Table 5. Number of risks identified.
Risk ident. method | N | Mean | SD |
|---|---|---|---|
BP | 28 | 4.93 | 2.40 |
NT | 28 | 2.46 | 1.32 |
WBS | 28 | 3.14 | 1.58 |
BP, WBS, and NT is the treatment where BP = business process, WBS = work breakdown structure, and NT = no treatment or placebo.
N number of respondents, SD standard deviation.
The use of Eta square (η2) is common in ANOVA as a measure of effect size. Small effect size when η2 = 0.01. A medium effect size when η2 = 0.06 while η2 = 0.14 indicates a large effect. Both effect size and sample size affect the statistical power of the finding. If the effect size of the intervention is large, it is possible to detect such an effect in the smaller sample (Sullivan and Feinn, 2012). As shown in Table 1, the effect size of both the Risk Identification approach and Knowledge are large. Thus, 86 sample size is appropriate to detect such an effect.
Discussion
Among the two methods of identifying risks, the business process (BP) approach can identify more risk than the work breakdown structure (WBS) approach, on average about 1.57 times, and 2.00 times as compared to not using any approach. This is after controlling the knowledge of respondents about the context since knowledge of the context affects the number of risks identified. This is consistent with the study of Nyden and Hagglund (2022), Maytorena et al. (2007), and Hoon Kwak and Dixon (2008).
It is important for the risks in any organization to be well identified. How can risks be managed without first being identified? It is easy to identify something that is obvious but how about risks that are hidden? They do not appear on the surface and are hard to be identified. These kinds of risks required a particular method to identify. Several methods of risk identification have been introduced so far as the study by Zhang et al. (2019), Liu et al. (2018), Osei-Kyei et al. (2021), Hartono et al. (2021), Ameyaw and Chan (2015), and Aboutorab et al. (2022). However, as Aboutorab et al. (2022) said they are complex, and according to Ahmed et al. (2007) and Larson and Gray (2021) required some people to be involved. Thus, there is a need of having a practical method of identifying risks that can easily be implemented and identify hidden risks, since risks that are hidden may kill the organization.
It is very much recommended that all enterprise risk management practitioners use the business process approach in risk identification as introduced in this study. However, as with all studies, no studies have no weaknesses. The sample of this study was taken from business students in one university. Though some of them were working students, however, further study needs to be done to include only related employees of an organization. Since this study is focusing on the business process approach and the work breakdown structure approach other methods of risk identification may be further studied.
Acknowledgements
We would like to thank and acknowledge the contribution of the university in allowing its students to be the respondents of this study. We also would like to thank the research centre of the university for providing a review of our research.
Author contributions
Authors were working as a team in writing a literature review, collection of data, analyzing of data, and in writing the report. However, in writing a literature review, data analysis, and results were led by RK, while data collection and discussion were led by MRS.
Data availability
The datasets generated during and/or analyzed during the current study are available from the corresponding author on reasonable request.
Competing interests
The authors declare no competing interests.
Ethical approval
This research received ethical approval from the ethical review committee of the Research Center and Case Clearing House of the PPM School of Management, Jakarta. All procedures performed in this study involving human participation have been in accordance with the ethical standards of the institution and with the Declaration of Helsinki and its later amendments or comparable ethical standards.
Informed consent
Informed consent was obtained for all research participants. All participants were informed about the purpose of the study. Their participation was completely consensual, anonymous, and voluntary.
Supplementary information
The online version contains supplementary material available at https://doi.org/10.1057/s41599-023-02028-8.
Publisher’s note Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
References
Aboutorab, H; Hussain, OK; Saberi, M; Hussain, FK. A reinforcement learning-based framework for disruption risk identification in supply chains. Future Gen Comput Syst; 2022; 126, pp. 110-122. [DOI: https://dx.doi.org/10.1016/j.future.2021.08.004]
Ahmed, A; Kayis, B; Amornsawadwatana, S. A review of techniques for risk management in projects. Bench; 2007; 14,
Ameyaw, EE; Chan, APC. Risk allocation in public-private partnership water supply projects in Ghana. Constr Manag Econ; 2015; 33, pp. 187-208. [DOI: https://dx.doi.org/10.1080/01446193.2015.1031148]
Aven, T. On the new ISO guide on risk management terminology. Reliab Eng Syst Saf; 2011; 96,
Bowling, DM; Rieger, L. Success factors for implementing enterprise risk management: building on the COSO framework for enterprise risk management to reduce overall risk. Bank Acc Finder; 2005; 18, pp. 29-34.
Barghi, B; Sikari, SS. Qualitative and quantitative project risk assessment using a hybrid PMBOK model developed under uncertainty conditions. Heliyon; 2020; 6,
Brown L, Grundy T (2016) Project management for the pharmaceutical industry. Routledge
Chaher, Z; Soomro, AR. Facilitate risk management in the construction process by using hierarchical risk breakdown structure. Int J Sci Res Publ; 2016; 6,
Chapman C, Ward SC (2003) Project risk management: processes, techniques, and insights. John Wiley & Sons, Corp, Chichester
Cope, EW; Kuster, JM; Etzweiler, D; Deleris, LA; Ray, B. Incorporating risk into business process models. J Res Dev; 2010; 54,
Elkington, P; Smallman, C. Managing project risks: a case study from the utility sector. Int J Proj Manag; 2002; 20,
Elsye V, Latief Y, Sagita L (2018) Development of work breakdown structure (WBS) standard for producing the risk-based structural work safety plan of the building. MATEC Web Conf 147 (06003). https://doi.org/10.1051/matecconf/201814706003
Everson MEA, Chesley DL (2016) Aligning risk with strategy and performance: executive summary. Retrieved from www.coso.org/Documents/COSO-ERMExec-Summary-draft-Post-Exposure-version.pdf
Farrell, M; Gallagher, R. The valuation implications of enterprise risk management maturity. J Risk Insur; 2015; 82,
Gatzert, N; Martin, M. Determinants and value of enterprise risk management: empirical evidence from the literature. Risk Manag Insur Rev; 2015; 18,
George, C. The essence of risk identification in project risk management: an overview. Int J Sci Res; 2020; 9,
Gjerdrum, D; Peter, M. The New International Standard on the practice of risk management—a comparison of ISO 31000:2009 and the COSO ERM framework. Soc Actuar; 2011; 12, pp. 8-12.
Hardy, C; Maguire, S. Organizing risk: discourse, power, and “riskification”. Acad Manag Rev; 2016; 41,
Hardy, C; Maguire, S; Power, M; Tsoukas, H. Organizing risk: organization and management theory for the risk society. Acad Manag Ann; 2020; 14,
Hartono, B; Ghifari, MDA; Dianita, O. Risk allocation preferences in Indonesian Electricity public–private partnership projects: a conjoint analysis. IEEE Eng Manag Rev; 2021; 49, pp. 154-174. [DOI: https://dx.doi.org/10.1109/EMR.2021.3087809]
Hoon Kwak, Y; Dixon, CK. Risk management framework for pharmaceutical research and development projects. Int J Manag Proj Bus; 2008; 1,
Kasap D, Kaymak M (2007) Risk identification step of the project management. In: PICMET 2007 proceedings, edited by Aissa S, et al., IEEE
Kletz TA (1999) HAZOP and HAZAN, 4th edn. CRC Press, Boca Raton, FL
Kountur, R. The likelihood value of residual risk estimation in the management of enterprise risk. Invest Manag Financ Innov; 2018; 15,
Kountur R (2016) Asesmen Risiko Terintegrasi: quantitative approach. PT.RAP Indonesia, Jakarta
Lambert, JH; Jennings, RK; Joshi, NN. Integration of risk identification with the business process model. Syst Eng; 2006; 9,
Larson EW, Gray CF (2021) Project management: the managerial process, 8th edn. Mcgraw-Hill Education, New York, NY
Lei S (2012) WBS-based risk identification for the whole process of real estate projects and countermeasures. In: Proceedings of the National Conference on Information Technology and Computer Science, edited by Chen B, Hu V, & Kong D, CITCS
Liu, Y; Sun, C; Xia, B; Liu, S; Skitmore, M. Identification of risk factors affecting PPP Waste-to-Energy Incineration Projects in China: a multiple case study. Adv Civ Eng; 2018; 2018,
Maytorena, E; Winch, GM; Freeman, J; Kiely, T. The influence of experience and information search styles on project risk identification performance. IEEE Trans Eng Man; 2007; 54,
Mazher KM (2019) Risk assessment and allocation model for public–private partnership infrastructure projects in Pakistan. Hong Kong Poly University, Hong Kong
Moeller RR (2017) COSO enterprise risk management: understanding the new integrated ERM framework. John Wiley & Sons, Inc., USA
Nelson CR, Taran G, Hinojosa LL (2008) Explicit risk management in agile processes. In: Proceedings of the 9th International Conference on Agile Processes in Software Engineering and Extreme Programming, edited by Abrahamsson P et al., Springer
Nyden E, Hagglund WJ (2022) Pharmaceutical project risk identification: a qualitative study of Swedish companies’ pharmaceutical project risk identification process. Thesis, Umea School of Business and Economics, Umea University
Osei-Kyei, R; Tam, V; Ma, M. Risk assessment of retirement village public–private partnership homes. J Agric Environ; 2021; 36,
Ould MA (1995) Business processes: Modelling and analysis for re-engineering and improvement. Wiley, Chichester
Picciotto, R. Towards a “New Project Management” movement? An international development perspective. Int J Proj Manag; 2019; 38,
PMI (Project Management Institute) (2013) A guide to the Project Management Body of Knowledge (PMBOK guide). PMI, USA
Rasheed, N; Shahzad, W; Khalfan, M; Rotimi, JOB. Risk identification, assessment, and allocation in PPP projects: a systematic review. Buildings; 2022; 12,
Raz, T; Shenhar, AJ; Dvir, D. Risk management, project success, and technological uncertainty. R&D Manag; 2002; 32,
Recker, J; Rosemann, M; Indulska, M; Green, P. Business process modeling: a comparative analysis. J Assoc Inf Syst; 2009; 10,
Salmela, HHS. Analyzing business losses caused by information systems risk: a business process analysis approach. J Inf Technol; 2008; 23,
Schieg, M. Risk management in construction project management. J Bus Econ Manag; 2006; 7, pp. 77-83. [DOI: https://dx.doi.org/10.3846/16111699.2006.9636126]
Siddique L, Hussein BA (2014) Practical insight about risk management process in Agile Software Projects in Norway. A paper published in 2014 IEEE International Technology Management Conference
Smith NJ (2008) Engineering project and management. Blackwell Publishing Ltd., Oxford
Stamatis DH (2003) Failure mode and effect analysis: FMEA from theory to execution, 2nd edn. ASQ Quality Press, Milwaukee, WI
Sullivan, GM; Feinn, R. Using effect size-or why the P value is not enough. J Grad Med Educ; 2012; 4,
Suriadi, S et al. Current research in risk-aware business process management-overview, comparison, and gap analysis. Commun Assoc Inf Syst; 2014; 34,
Tchankova, L. Risk identification—basic stage in risk management. Environ Manag Health; 2002; 13,
Thompson, W. IT and business process management glossary; 2002; New York, McGraw-Hill Higher Education:
Weske M (2007) Business process management. Springer-Verlag, New York
Willumsen, P; Oehmen, J; Stingl, V; Geraldi, J. Value creation through project risk management. Int J Proj Manag; 2019; 37,
Wu, Y; Xu, C; Li, L; Wang, Y; Chen, K; Xu, RA. Risk assessment framework of PPP waste-to-energy incineration projects in China under a 2-dimension linguistic environment. J Clean Prod; 2018; 183, pp. 602-617. [DOI: https://dx.doi.org/10.1016/j.jclepro.2018.02.077]
Zhang, L; Zhao, Z; Chai, J; Kan, Z. Risk identification and analysis for PPP projects of electric vehicle charging infrastructure based on 2-tuple and the DEMATEL model. World Electric Veh J; 2019; 10,
Ziana, MA; Charles, J. Stepping towards explicit risk identification in agile software development. Int J Res Anal Rev; 2022; 9,
You have requested "on-the-fly" machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Show full disclaimer
Neither ProQuest nor its licensors make any representations or warranties with respect to the translations. The translations are automatically generated "AS IS" and "AS AVAILABLE" and are not retained in our systems. PROQUEST AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES FOR AVAILABILITY, ACCURACY, TIMELINESS, COMPLETENESS, NON-INFRINGMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Your use of the translations is subject to all use restrictions contained in your Electronic Products License Agreement and by using the translation functionality you agree to forgo any and all claims against ProQuest or its licensors for your use of the translation functionality and any output derived there from. Hide full disclaimer
© The Author(s) 2023. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
Abstract
Losses and damages that any company or organization experience is usually caused by some unidentified risks that hit them unprepared. Some companies even must close their business or discontinue their operation due to the huge negative impact of the risk that hit them. Knowing the risks that an organization face is important. Risk needs to be identified properly. Though there had been some approaches a person can use in identifying risk, most of those approaches are complex, require several people involved, are too subjective, and are not able to identify unseen risks. Therefore, the purpose of this study is to know which risk identification method can identify more risks when knowledge of the context is controlled. The study made use of experimental research design with the use of covariance analysis in analyzing the data. With a 95% level of confidence, it was found that risk identification methods affect the number of risks identified. The business process approach seems to identify more risks than the work breakdown structure approach and placebo. The step-by-step procedures in doing the business process approach and work breakdown structure approach are also introduced in this study.
You have requested "on-the-fly" machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Show full disclaimer
Neither ProQuest nor its licensors make any representations or warranties with respect to the translations. The translations are automatically generated "AS IS" and "AS AVAILABLE" and are not retained in our systems. PROQUEST AND ITS LICENSORS SPECIFICALLY DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING WITHOUT LIMITATION, ANY WARRANTIES FOR AVAILABILITY, ACCURACY, TIMELINESS, COMPLETENESS, NON-INFRINGMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Your use of the translations is subject to all use restrictions contained in your Electronic Products License Agreement and by using the translation functionality you agree to forgo any and all claims against ProQuest or its licensors for your use of the translation functionality and any output derived there from. Hide full disclaimer
Details
1 Sekolah Tinggi Manajemen PPM, Jakarta, Indonesia