Litcius/Paper detail

A Systematic Review of Risk Management Methodologies for Complex Organizations in Industry 4.0 and 5.0

Juan Vicente Barraza de la Paz, Luis Alberto Rodríguez‐Picón, Víctor Morales-Rocha, Soledad Vianey Torres-Argüelles

2023Systems62 citationsDOIOpen Access PDF

Abstract

The large amount of information handled by organizations has increased their dependance on information technologies, which has made information security management a complex task. This is mainly because they cover areas such as physical and environmental security, organization structure, human resources and the technologies used. Information security frameworks can minimize the complexity through the different documents that contain guidelines, standards, and requirements to establish the procedures, policies, and processes for every organization. However, the selection of an appropriate framework is by itself a critical and important task, as the framework must adapt to the characteristics of an organization. In this paper, a general vision of the newest versions of the NIST CSF, ISO/IEC 27001:2022, and MAGERIT frameworks is provided by comparing their characteristics in terms of their approaches to the identification, assessment, and treatment of risks. Furthermore, their key characteristics are analyzed and discussed, which should facilitate the consideration of any of these frameworks for the risk management of complex manufacturing organizations.

Topics & Concepts

Task (project management)NISTComputer scienceIdentification (biology)Risk managementKey (lock)Risk analysis (engineering)Process managementKnowledge managementBusinessSystems engineeringComputer securityEngineeringBotanyFinanceNatural language processingBiologyDigital Transformation in IndustryInformation and Cyber SecuritySupply Chain Resilience and Risk Management