Addressing Organizational Complexity
through Graph-Based Models and
Correction Factors
FEATURED PAPER
By Marco Pinzaglia
Luiss University
Rome, Italy
and
Dr. Michele Vincenti
University Canada West
Vancouver, Canada
Abstract
This work aims to stimulate a reflection on the fact that organizations that have or adopt very complex organizational structures may encounter results in risk assessment that are not entirely reliable or compromised by their complexity.
The work examines the main approaches to risk analysis organizations adopt, particularly the models and techniques used to assess processes and information management risks.
Risk analysis is an essential process to ensure adequate governance for the organization. For it to be effective, it is also necessary to define a Risk Analysis Model (a methodology) capable of preserving specific properties such as completeness and repeatability. These are some of the indispensable elements to ensure a (recurrent) risk assessment that can consider the evolution of the corporate asset protection system over time and thus determine whether the system as a whole increases or decreases its performance.
In this context, some factors can jeopardize the quality and reliability of the results obtained, and one of these factors is the complexity of the organization. Organisations are becoming increasingly complex due to their structure, processes, and rapidly changing external environment, and we know that some limitations exist in using the graph theory applied to RACI. The study of corporate complexity measurement is a vast subject, but this simplified tool is intended to support risk analysis processes in complex organisations specifically.
Measuring organizational complexity is a subject that can be addressed with multiple approaches. This work proposes a strategy based on graph and flow network tools applied to RACI matrices. This tool can reproduce an organization starting from its representation produced through RACI matrices and, with the necessary assumptions, express an index of the complexity of the organization itself using the algebraic properties of graphs. The reflection that emerges is that risk assessment could be subject to errors caused by the detection of input data used to calculate the level of risk. The generation of these errors is linked to the size and complexity of an organization. To manage this phenomenon, the work introduces a correction parameter of the results produced by risk analysis (an “adjustment” factor) that can mitigate any measurement errors produced precisely by the complexity dimension.
Complexity can significantly compromise the reliability of risk assessment results, and organizations must implement correction parameters to mitigate such measurement errors, ensuring better governance and performance over time.
The Importance of Risk Analysis for Organizations
Risk analysis is a fundamental process that allows organizations to identify, evaluate, and mitigate risks that can negatively affect their operations, reputation, financial stability, and overall resilience. Risk analysis has a strategic function within an organization; the identification and measurement of risks enable the company to protect its assets and strengthen its ability to counter threats while also helping it understand better the organizational structure and the costs incurred to deliver its services adequately…
More…
To read entire paper, click here
How to cite this paper: Pinzaglia, M. and Vincenti, M. (2024). Enhancing Risk Assessment Accuracy: Addressing Organizational Complexity through Graph-Based Models and Correction Factors; PM World Journal, Vol. XIII, Issue IX, September. Available online at https://pmworldlibrary.net/wp-content/uploads/2024/09/pmwj145-Sep2024-Pinzaglia-Vincenti-Enhancing-Risk-Assessment-Accuracy.pdf
About the Authors
Marco Pinzaglia
Rome, Italy
Marco Pinzaglia, Engineer at the University of Rome, UniRoma2, and MBA Master at Luiss Business School in 2024. I am an expert in cybersecurity, digital transformation, and IT business processes. I have written numerous articles related to cybersecurity, models’ impact on governance and compliance, and sustainability. I am an expert and certified ISO27001, expert in management systems (e.g. ISO9001, 20000, 22301), IT cybersecurity architectures and solutions, and Risk Analysis. I am an expert in process and IT solutions for Supply Chain and Third-Party Security (certified Cybersecurity Insurance Strategy and Third Party Risk Management). I have attended in-depth courses specifically on digital services and innovation (Bocconi, A Scientific Approach to Innovation Management, and Copenhagen Business School – Digital Competition in Digital Services). Since 2024, I have also been Director and Secretary of FembaClub, an international association of managers, and a former MBA. Marco can be contacted at marco.pinzaglia@gmail.com
Dr. Michele Vincenti
Vancouver, BC, Canada
Dr. Michele Vincenti’s distinguished academic and professional journey showcases his profound organizational development, leadership, and management consulting expertise. He is a full professor and the MBA Leadership and People Management department Chair at the University of Canada West (UCW). His experience spans various international institutions, marked by significant teaching, research, and professional practice achievements. His contributions to academia and industry and his commitment to mentorship and community involvement underscore his exceptional credentials, making him a notable figure in his field. He can be contacted at michele.vincenti@ucanwest.ca