Еволюція підходів до управління ризиками в організаціях

Abstract

The article is aimed at studying the evolution of approaches to risk management in organizations. As result of the carried out study, three existing approaches were identified: the «Three Lines of Protection» model (2013), the «Three Lines» model (2020), and the «Dynamic Risk Management» model (2020). It is proposed to consider the «Three Lines of Protection» model as a transition from non-systemic risk management in organizations to a structured vision of this process with a clear definition of the responsibilities of key participants. The article explains the advantages and disadvantages of this approach. Its advantages include simplicity and clarity in use in practice. Among the shortcomings of the model are the following: an overly structured approach to risk management in organizations; too cautious attitude to possible risks; dubious versatility of the model; imperfection of its structure. Three directions for possible improvement of the model are defined. It is identified that in 2020 there was an updated approach to risk management in organizations – the «Three Lines» model. A comparison of the «Three Lines of Protection» model with the «Three Lines» model was carried out. The main advantages of the new approach are determined. The emergence of an alternative vision of the process of risk management and control in organizations against the background of new social challenges – the «Dynamic risk management» is researched. The advantages of this approach include its priority areas in risk management in organizations, i.e.: risk management taking into account their consequences, risk management based on actions, risk management with an orientation towards digital technologies. The differences between traditional models and the newest approach are specified. It is determined that each of the three principles of the latest approach improves the quality of risk management in organizations as participants in the survey conducted by Gartner company. Purpose of further research in this direction be the institutional registration of coordinated interaction between the two directions of the modern model of risk management and control of the risks.