Operational risk analysis in business processes

Quantified Score

Visualization

Abstract

The operational continuity of a business process is an important performance indicator that contributes to the perceived quality of service delivery, hence it is important to understand and monitor the underlying issues that can affect the performance of the process. These issues might have been foreseen at the beginning of the process design and deployment phase, or might have emerged during the execution of the process, and must be viewed as risk threats to the business process. In most cases risk is only considered from the project management angle or from financial, market, insurance and other general business perspective. Operational risk at service provision level receives little attention and thus there is a need to develop methodologies and tools to identify and analyse business operational risks. The authors concentrate on operational risk for business process management by introducing a novel way for applying risk assessment frameworks at the process activity level. The paper briefly reviews existing risk frameworks and selects the COSO framework as the most appropriate for business processes. This framework is modified in order to address and evaluate the main elements of business processes. It defines a statistical approach towards operational risk assessment by quantifying risk factors in each activity within a business process for service provision. A risk forecast is produced for each activity, and for the whole process, to model associated uncertainties and to contribute in identifying the risk factors that affect the business process objectives. To demonstrate the framework, it is applied to a hypothetical process involving setting up a network service. These results help to advise on which risk factors need higher attention in order to achieve successful process fulfilment.