Organizational Risk management: Control Model for Secure Development


Organizations require risk management approaches and adopt new concepts to risk management. This is in an effort to have a smooth business functioning as they struggle with risks associated with various products and methods of network organization. Enterprise risk management academic study is still at young ages and requires alignment with specific strategy and corporate governance since most articles do not focus on management but accounted and finance. Enterprise risk management is a new research area for scholars and researchers seeking to explore the depths of the phenomenon. This paper aims to approach risk management and vulnerability assessment methods. The paper is approaches this topic to addresses the gaps that need to be addressed by future research and shows how beneficial as it mentions that the money lending is one of the industries where ERM is essentially needed and have been proven to work successfully evidenced by research on the topic.


For smooth business operation, organizations must have risk management installations and adopt new concepts to risk management. While, enterprise risk management academic study is still at young ages and requires alignment with specific strategy and corporate governance, most researchers do not focus on management but accounting and finance. Every organization strives to have a smooth business functioning. They also grapple with risks associated with various products and methods of network organization. Based on the developed model, ERM implementation is beneficial to a firm in that it helps decrease risk profile, strengthens management confidence on operational and monitoring business operations, reduces earning volatility and generates plane governance actions, refines clearness of the firm, creates comprehensive resolution, inspires entrepreneurship within the firm and enhances the effectiveness of the firm. It also helps in cutting down the capital cost and enhances the performance of the business.

This conceptual map was developed based on the research objectives and the literature. Shand and Lai et al. (2015) posits that shareholder value improvement and enterprise risk management are fundamentally connected.

Central concepts to the conceptual framework must be factored in the ERM initiative design and planning; these include details of strategies, , and protocols risks and should be recorded in the firm’s risk management policies. Economic value added (EVA) is the best measure for financial performance as it assesses the firm’s operation impact on shareholder wealth; if earnings returns are more significant than the cost of capital, the firm’s value increases, which is according to the EVA theory (Bromily, 2015).

The banking industry can be affected by many risks such as fraud, political instability risks, unstable foreign exchange rates, financial, and operational risk. The main risks seen in the banking and lending industry are economical, regulatory risks, operational risks, and data breaches, and fraud. A checklist developed from literature is undertaken to identify risks in the industry in the United States.

Relational Database and Warehousing Strategy

Relational database and data warehousing have several advantages to contemporary business in light of technological advancement, competition, and emergent security threats that come with innovations (Alghamdi, Owda& Crockett, 2017). The relational database helps avoid duplication of data since data is stored only once, inconsistent records, sets the stage for easier data and information change, data format change, easy adding and removal of data, and it easier to maintain the security of data. On top of these efficiency and effectiveness advantages, relational databases ensure that no multiple record changes are not needed, there more efficient storage of data, easy deletion, and modification of data, complex queries can be carried out, data security is bettered by splitting data that limit user access to certain information, and it also caters for future requirements in that data are held in tables that make updating of records easier, and are accessible in future (Yu & Silver, 2017). Data are planned and arranged in synchrony with records records with data points in table columns; relations are also strengthened using constraints, the data are indexed to ensure hi-speed access, the SQL is utilized in the in and out the movement of data in the database, and views triggered, procs stored and views materialized are supported (Yu & Silver, 2017).

On the other hand, data warehousing, being a relational database in design are meant for query and analysis rather than processing of transactions, and houses transactional historical data and can contain data from different sources. It ensures separate workload of analysis from transaction workload that enables the company to consolidate data from various sources (Alghamdi, Owda& Crockett, 2017). The data provides an organization with a window into historical activities that include both successes and failures. It, therefore, provides for a practical analysis of structured business data for data-driven decision making.

Flow Data Schema

A web-based company should have a well-choreographed yet simple data schema that envisions the business, processes, and efficient workflow. The company should have several divisions that include the human resource, the order entry, the product media, the information exchange, and the sales divisions (Yu & Silver, 2017).

The human resource division is critical in light of the widened employee and customer base. It will track information on company employees and facilities by keeping records such as employee number for identification, job identification code, email address, salary, commissions, and manager (Yu & Silver, 2017). Every job should have a code for identity, title, and minimum and maximum range for salaries divisions. Also, that should be kept on track is the length of employee service in the company with different positions held, and records on start and end dates of former jobs, job identification number and department in case an employee switch jobs should also be kept by the human resource division (Aouiche,& Darmont, 2017).

In the division of order entry, the inventories of products and sale of products through a range of channels are tracked. Information inventory should also record all products, the warehouse in which the product is, and quantity. The descriptions should be maintained in different major global languages. The product division keeps records of the product description of each sold item, multimedia, and prints information on the product such as audio and video clips, press release texts, product information ads on print media, and other promotional information and their respective different languages translations (Yu & Silver, 2017). Business decisions are based on business statistics, and the sales divisions, therefore, keeps them.

A schema represents each division. Since the company will experience higher business volumes, the time-based and nonvolatile statistics reports will aid in decision support as they help in past data trends analysis (Storey & Song, 2017). The company, regularly, will be feeding data into the warehouse for statistical collection for reporting that include product weekly, monthly, quarterly and annual figures, sales delivery, and distribution channels so that when it runs product special promotion, the sale impact and geographical area is analyzed.

The product ID and Employee ID are the primary keys in this case. A composite primary key constraint is formed by productemployee to ensure that table row has a distinctive amalgamation of productID and employeeID to prevent duplicate rows. Sales.salesperson table is foreign linked to the sales order. The salespersonID column is the foreign key to the salesperson table.

The primary constraints that create a foreign key do not automatically create a corresponding index; primary keys are checked with the foreign key constraints. A foreign key constraint’s primary function is controlling the data stored in a foreign key table and data changes in the primary key table (Alghamdi, Owda& Crockett, 2017). For instance, if the salesperson row is cut out of the sales/salesperson table, ID of the salesperson is used to place product requests in the sales/sales order table. The integrity of relations gets broken. There will be no link the salesperson table data. Constraint of the foreign key helps in preventing the circumstance. It ensures the integrity of references by ensuring that changes in the primary key table data cannot be made if the intended changes invalidate links to foreign key table data (Aouiche,& Darmont, 2017). Attempts to delete the row in the primary key table or changing key values will fail upon changing the value of the primary key when it corresponds to the values of foreign constraints in another table. For this to go through, the foreign critical table data must be deleted or changed.

Suppose all the sub-departments are grouped into one, and different employees are also grouped into one. In that case, the sub-departments and different employee types have the same features in their domain. Therefore, the merger will make it more straightforward and easy to understand; this is referred to as generalization (Storey & Song, 2017).

Data flow diagram

Order Details

Client Details



Order complete

Implementation Centre


Cloud Computing

For betterment of the business operations, the business can utilize the benefits held by cloud computing. Cloud computing holds many advantages, including storage and backup of data, strong capabilities of the server, software as a service, cost-effectiveness and time-saving, increase of productivity, and information technology sandboxing capabilities, AWS as a cloud-based platform for business solution building that uses inter-connected web services gives a wide gamut of products on the cloud-based platform such as developer tools, storage, database, applications for enterprise, networking, security, developer tools, compute, IoT, mobile, analytics and, management tools. These services of Amazon Web services help organizations run their operations faster at lower IT costs and scale. It powers a range of workloads such as mobile and web applications, data processing and warehousing, storage, game development, archive, and a couple more others. Its structure of AWS Elastic Compute Cloud, EC2, lets users use virtual machines with different configurations as per requirement through configuration options, server mapping, and a range of pricing options.

AWS cloud security offers benefits from the AWS data center and network architecture designed and built to meet security-sensitive organizations’ needs. Advantages include the fact that AWS lets its clients scale and innovate and also ensures secure development environment. Subscribers can pay for services used as they get the securities needed without the upfront expenses and lower costs than in an on-premises environment. More befits include more controls and increased privacy at reasonably low costs, allowing customers to safely keep their data, meet compliance requirements, save money, and scale up or down quickly.

Security infrastructure and capabilities help customers control network access and increase privacy. Web application and network firewall proficiencies let businesses develop their own private networks and application control access and instances. Encryption further boosts data security as connectivity points enable private or dedicated connections on premise-environments.


Alghamdi, A., Owda, M., & Crockett, K. (2017). Natural Language Interface to Relational Database (NLI-RDB) Through Object Relational Mapping (ORM). In Advances in Computational Intelligence Systems (pp. 449–464). Springer International Publishing.

Aouiche, K., & Darmont, J. (2017). Index and materialized view selection in data warehouses — arXiv preprint arXiv:1701.08029.

Bromiley, Philip, et al. “Enterprise risk management: Review, critique, and research directions.” Long-range planning 48.4 (2015): 265–276.

Shad, M. K., & Lai, F. W. (2015). A conceptual framework for enterprise risk management performance measure through economic value-added. Global Business and Management Research, 7(2), 1.

Storey, V. C., & Song, I. Y. (2017). Big data technologies and Management: What conceptual modeling can do. Data & Knowledge Engineering, 108, 50–67.

Yu, B., & Silva, C. T. (2017). VisFlowWeb-based Visualization Framework for Tabular Data with a Subset Flow Model. IEEE Transactions on Visualization and Computer Graphics, 23(1), 251–260.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store