A Case Management Approach to Risk Management

Risk management is a development activity and increasingly plays a crucial role in organization’s management. Organizations develop and implement enterprise risk management strategies intending to improve their business model and bring them better results. Enterprise risk management strategies are based on the implementation of a risk management process and supporting structure. Together, this process and structure make a system. The ISO ISO 31000:2018 standard is currently the main global reference framework for risk management systems, proposing the general principles and guidelines, regardless of context. This standard depicts the process of risk management as a case rather than a sequential process flow. To that end, we explored the potential and limitations of the conceptual modeling language “Case Management Model and Notation” (CMMN) for the elaboration of the related conceptual conceptual diagrams, and the “Decision Model and Notation” (DMN) notation to model risk decisions. The application of the model is also demonstrated for a real case.