Title: SYRMA: a tool for a system approach to risk management in mission critical systems
Authors: Gionni Bernardini; Federica Paganelli; Mauro Manetti; Alessandro Fantechi; Ernesto Iadanza
Addresses: VAR Life s.r.l., Loc. Prulli, 103/c 50066 Reggello (FI), Italy ' CNIT – Unit of Research at the University of Florence, Via S. Marta 3, 50139, Firenze, Italy ' VAR Life s.r.l., Loc. Prulli, 103/c 50066 Reggello (FI), Italy ' Department of Computer Engineering, University of Florence, Via S. Marta 3, 50139, Firenze, Italy ' Department of Electronics and Telecommunications, University of Florence, Via S. Marta 3, 50139, Firenze, Italy
Abstract: Managing risks and taking steps to reduce risks at acceptable level are considered as strategic objectives for organisations in almost any application domain. It is widely recognised that a system-oriented approach is needed to effectively manage risks in complex and mission critical systems. Well-known standard approaches to risk management exist and some frameworks and best practices have reached a high level of completeness and suitability in the different possible application scenarios. Nonetheless, we realised that poor support is offered towards the adoption of system-oriented approaches to risk management. This paper proposes a web-based application, named systemic risk management (SYRMA), to effectively support a system approach to risk management, especially in the case of complex and mission critical systems. SYRMA is based on a conceptual model that identifies main entities in risk management and their relations with resources of the target organisation. Identified relationships among model entities facilitate the provision of a synoptic overview of incidents, possible risks and risk-related information. Finally, we describe how SYRMA has been implemented as a prototype for the healthcare sector.
Keywords: systemic risk management; mission critical systems; clinical governance; system approach; risk intelligence; risk assessment; risk monitoring; incident reporting; risk incidents; clinical risk management; healthcare information systems.
DOI: 10.1504/IJBIS.2013.054166
International Journal of Business Information Systems, 2013 Vol.13 No.1, pp.21 - 44
Published online: 30 Aug 2013 *
Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article