Risk Framework for an Organizational System With Major Components

Abstract

Many large organizations accomplish their various functions through interactions across their major components. Components refers to functional entities within a large complex organization, such as business sectors, academic departments, or regional divisions. The dependency between the various components can cause risk to propagate through their overall system. This article presents a risk assessment framework that integrates risk across a diverse set of components to the overall organization functions. This project addresses three major challenges: aggregating risk, estimating component interdependencies including cycles of dependencies, and propagating risk across components. The framework aggregates risk assessments through a value function for severity that is evaluated at the expected outcome of accomplishing planned goals in terms of performance, schedule, and resources. The value function, which represents risk tolerance, scales between defined points corresponding to failure and success. Different risk assessment may be aggregated together. This article presents a novel approach to establishing relationships between the various components. This article develops and compares three network risk propagation models that characterize the overall organizational risk. The U.S. Air Force has applied this risk framework to evaluate success in hypothetical future wars. The analysts employing this risk framework have informed billions of dollars of strategic investment decisions.