Introduction . Risk identification is the process of identifying, recognizing and documenting risks. Its purpose is to determine what may or may occur that will affect the goals of the system or organization. Once the enterprise risk has been identified, it is necessary to identify all existing controls, such as design elements, employees, processes and systems. The process of identifying risks involves identifying factors and sources of risk, events, situations or circumstances that may have a significant effect on the objectives and nature of the risk. Regardless of the methods actually used, it is important that human and organizational factors are taken into account when determining risk. Accordingly, deviations from human and organizational considerations should be included in the risk identification process, as well as software and hardware related events. Purpose . The purpose of the research is to reveal the process of risk identification as a tool for ensuring the economic security of the enterprise under a risk-oriented approach to management, to study the stages of the process of risk identification using the main points of international standards on risk management. Methods. The methodological basis of the study is a set of methods of cognition: generalization, historical-logical and retrospective methods, factor analysis, statistical methods: mass observation, grouping, rating method. Results. Identification of assets. This stage of identification is carried out on the basis of documentation, namely the financial statements of the enterprise, the strategy of enterprise development, the monthly plan of transportation, the main indicators of the work of regional branches, etc. Identification of sources of risk. To study the primary sources of risk of the company X we use the method of analysis of bow tie. It provides an opportunity to schematically analyze the paths of risk from cause to effect. Identification of risk events. For a given enterprise, one of the priorities for analyzing the types of risks is the risk of an accident at a railway facility. The main causes of such accidents are: errors of dispatchers, machinists, natural disasters, failure of equipment, malfunctions and technological processes, poor quality and untimely maintenance of rolling stock. Identification of existing control measures. The enterprise has a Department of Economic and Information Security and a Risk Management Unit directly involved in risk identification, analysis, evaluation, processing, documentation and reporting, as well as monitoring and control. Identification of consequences. This stage of risk identification involves an almost identical list of potential consequences that will affect the availability, integrity and / or confidentiality of a joint-stock company. This list can be supplemented by the consequences specific to the analyzed enterprise. Thus, according to the results of the risk identification procedure for the company X, a list of identified risks was formed. Originality. It is proposed to consider the identification of risks at a railway undertaking using the recommendations of international risk management standards. Conclusion. The cost of an enterprise depends on many elements that can be forecasted and controlled by management. However, there are unexpected or unanticipated risks associated with events that may be beyond the control of management. Such events can greatly affect the overall economic security of the enterprise. While it is not possible to pinpoint all the risks, it makes sense to take into account how events can affect the main financial and economic performance of an enterprise.
Read full abstract