Characteristics and Countermeasures of Enterprise Risk Management in Digital Economy Era

: This paper makes an in-depth analysis of the risk situation and transformation motivation faced by enterprises in the era of digital economy, and probes into the transformation of enterprise risk management from two aspects of risk management business and digital technology drive, in order to provide reference for the upgrading of enterprise risk management.


Introduction
At present, China's economy is shifting from a stage of high-speed growth to a stage of high-quality development, and from a mode of economic growth dominated by largescale government-led investment to a mode of growth driven by total factor productivity, disrupting the original balance between economic development mode, economic structure and growth drivers. In the process of economic transformation, various risks of enterprises are prone to high occurrence and may be released centrally. In the global competition, some enterprises have gradually grown from "runners" to "leaders" in the industry, and the opportunities they face are more challenging and the risks they face are more complex and overall. Enterprises should not only pay attention to their own health and sustainable development, but also prevent the occurrence of major risk events, and improve risk prevention and management capabilities in the new stage of development.

Characteristics of Enterprise Risk in The Era of Digital Economy
In the era of digital economy, digital technology has significantly improved the ability of enterprises to understand and change the world, and the probability, frequency, form and characteristics of risks have also undergone subversive changes.

The frequency of risk occurrence has
evolved from "small amount and occasional occurrence" to "normal occurrence" With the development of big data technology, management theory and practice paradigm shift to "data+model+analysis".The digital economy is moving from information technology to digitalization and intelligence with the help of a new generation of technologies such as "cloud big things Intelligent migration", so that the production and operation activities of enterprises break through the limitations of time and space, and realize the real-time flow, collection, analysis and application of data.
Driven by data, the innovation of business model, operation mode and management means makes the previously relatively static enterprise risks and incentives become active and diverse. In addition, the new risks brought by the vigorous development of the digital economy continue to emerge, and the enterprise's risk prediction and control ability needs to be further improved. The combination of multiple factors makes the frequency of risk occurrence gradually become normal and frequent.

Risk events evolve from "single risk" to "compound risk"
In the era of digital economy, the economic activities and foreign exchanges of enterprises are more frequent, and the risk events they face are characterized by fission propagation and compound superposition. A certain risk event may produce a domino effect, so that a single risk event will eventually evolve into a compound risk event, and spread rapidly through the limitations of time and space.This requires a more diverse approach to risk.

Risk transmission path evolves from
"point-like one-way" to "network diffusion" In the past, the transmission and impact path of enterprise risk events were usually point-like and one-way transmission, which did not require the participation of other media, and the risk transmission path was relatively clear, which could be simplified as a "1-N" model. However, in the era of digital economy, major risk events faced by enterprises are variable, complex and derivative, and the impact caused by risk events often has an amplification effect, resulting in the network diffusion of related risks.
The deeper the development of the digital economy, the closer the cooperation and interaction between enterprises, and the stronger the mutual dependence caused by the interwoven network relationship. As long as any link in this network relationship has a problem, the entire network chain may be broken or even collapsed, resulting in the paralysis of enterprise operation.

The New Changes Facing Enterprise Risk Management
In the era of digital economy, the new generation of information technology such as "big cloud intelligent chain" is subverting the business model of enterprises, and reconstructing the operation and management mode of enterprises with data drive, creating huge business value but also bringing many new risks.

Risk data information collection is unbalanced
Enterprise risk management naturally has data requirements. Lack of information and partial understanding is an important reason leading to the occurrence of risk events in enterprises. For example, enterprises do not have enough information about the factors that may lead to risks in important work such as trading activities, major investment decisions, and major capital arrangements. Now, enterprises have different ability to acquire and apply data information, and those who have sufficient data and information are more likely to occupy a dominant position in the competition. In general, digital native and technology leading enterprises will occupy a certain advantage, through the use of advanced digital collection, processing and mining technology, the potential value of massive multi-source heterogeneous data is presented, and the risk is accurately described and accurately managed.

Risk data are stored in various ways
With the increasingly advanced means of information collection, the continuous accumulation of risk data gradually builds up an enterprise-level risk information database, thereby precipitate and form valuable risk management suggestions. Therefore, risk data needs long-term, low-cost, and high-efficiency trusted storage. Structured risk data can usually be stored in a relational database, and unstructured risk data can be managed in the Hadoop Distributed File System (HDFS). Implementation of PB (PetaByte) level data storage. Based on the enterprise risk information stored in the above database technology, enterprises can classify and manage according to different business activities and different risk types, so as to lay a solid foundation for subsequent mining and analysis.

Risk classification is becoming more complex
Under the traditional development mode, the risks faced by enterprises mainly come from various uncertainties closely related to their economic activities, such as industry supervision, strategic planning, operation and management, marketing, financial management, financing and mergers and acquisitions. According to different standards and dimensions, enterprise risks can be classified according to the cause, risk nature, risk target, risk behavior, etc. For example, central enterprises generally divide risks into five categories according to the standards of the State-owned Assets Supervision and Administration Commission of the State Council, namely, strategic risk, market risk, financial risk, operational risk, and legal risk.
But, the logic of economic activities of enterprises has undergone significant and even subversive changes. New risks have gradually emerged, the nature of original risks has changed, the categories and characteristics of risks have become increasingly complex, and the previously applicable classification standards are no longer accurate. The mode innovation and management reform brought about by the digital transformation of enterprises will produce new risk types.
Such as mobile payment risks, data security risks, etc.

Risk spreads faster
In the era of digital economy, the speed, scope and extent of the spread of risk events have undergone subversive changes. The risk of modern society has obvious cross-border characteristics, once the risk crosses the border, its risk coefficient will be greater, the harmful impact will be wider. The link connection between systems and the interconnection of data make the granularity of enterprise risk management objects from enterprise groups, molecular companies and professional departments to the smallest business units (such as teams, work areas, project departments, etc.), and the difficulty and magnitude of enterprise risk management have increased exponentially, posing severe challenges to the traditional risk management model, management process and technical methods.
In the era of the Internet of everything digital economy, more and more new business forms and models have emerged, and massive multi-source heterogeneous data have integrated and penetrated each other on various network platforms. While creating huge value, it can also turn a small risk event into a major risk event, and a single risk into a systemic risk.

Risk analysis focuses on critical minorities
Under the background, while enterprises acquire massive risk data, they also bring huge challenges to risk management departments, increasing the difficulty of enterprise risk managers to collect, identify and analyze risk data information. Traditional risk data analysis is based on risk data and risk indicators, and makes research and judgment on the enterprise's strategy, finance, market, operation, legal and other risk conditions. The analysis and research and judgment of qualitative risk data usually have strong subjectivity.
Firstly, help companies identify and collect effective risk information, discarding data that is less important and less relevant. Secondly, the scope of analysis is gradually expanded from qualitative risk data to quantitative risk data, and the above qualitative risk data and unstructured risk data are analyzed more deeply and rationally and objectively through big data algorithms and models. Third, combined with the strategic planning, resource allocation and performance orientation of enterprise management, risk analysis can not only examine the effectiveness of past risk management, but also further extend to the prediction and early warning of future enterprise risks, especially major risks, and make emergency plans for major risk events in advance.
Based on the above enterprise risk evolution trend and risk management changes, the motivation for enterprises to promote the transformation and development of comprehensive risk management system can be summarized and analyzed from three aspects: external environment, internal management and technology development. From the external business environment, the increase of various uncertainties in the era of digital economy brings new challenges to enterprises. From the perspective of internal management improvement, enterprise management reform urgently needs to upgrade the risk control system to meet the new requirements of risk prevention and contro. From the perspective of technological development trend, the increasing maturity and wide application of the new generation of information technology has brought new momentum to risk management.

The Enterprise Comprehensive Risk
Management System Transformation Suggestions

Management concept transformation
Enterprise management decision has experienced the evolution from static decision to dynamic decision, from perfect rational decision to finite rational decision, from single objective decision to multi-objective decision. In the digital economy, management decisions are shifting from focusing on traditional processes to being data-centric. As artificial intelligence technology gradually enters the engineering and practical stage, management decisionmaking thinking is transitioning from "limited rationality" and "satisfied" to "limit rationality" and "optimal choice".
Traditional management decision-making criteria will be subverted, and enterprise risk decision-making, especially major risk decision-making, will make full use of various information perception technologies, data mining technologies and machine learning to conduct real-time collection, cleaning, statistical analysis and value mining of massive multi-source heterogeneous data in complex internal and external business environments. In addition, the enterprise risk management data is visually and vividly displayed in a visual way, and the development trend of enterprises focusing on risk is predicted and evaluated, and the matching solutions are proposed.
In the face of the ever-changing business environment, senior managers of enterprises can use data intelligence technologies such as big data and artificial intelligence to gain insight into and predict the changes of enterprise risks, and "self-correct" risk strategies and decisions in time, improve the accuracy and effectiveness of risk decisions, and realize the transformation of enterprise risk management from "intuitive experience decision making" to "data value decision making".

Management thinking transformation
Risk assessment and monitoring is an important issue in enterprise risk management. In traditional management, risk decision-making mainly relies on domain knowledge, chooses established risk assessment methods and sets relatively fixed risk early warning thresholds.
Traditional enterprise risk management decisions usually follow linear thinking and process execution, and generally form the decision results of specific enterprise risks gradually through risk information collection, risk identification, risk analysis, risk evaluation, risk strategy formulation, risk management solutions, risk management supervision and improvement.
Linear thinking is a one-way and one-dimensional way of thinking that lacks change. It thinks about problems along a certain linear trajectory, emphasizes the causal relationship between things, believes that the occurrence of any risk event has causes and results, and expects to predict and prevent other risks by replicating successful experience in risk prevention and control.
Recently, enterprises are in frequent interaction with internal and external stakeholders, and it is difficult to think and solve risk problems in a linear way of thinking, and the relationship between the causes and impacts of risk events becomes increasingly fuzzy. The risk in the era of digital economy is undergoing nonlinear evolution, and the simple linear thinking mode is difficult to give a clear explanation for the massive risk information and complex risk factors. The thinking mode of enterprise risk management needs to conform to the characteristics of the digital economy era, break the limitation of linear thinking, and realize the transformation of enterprise risk thinking from "simple linear thinking" to "systematic nonlinear thinking".

Management mode transformation
In the past, the enterprise organizational structure was a typical bureaucracy and pyramid structure, with the significant characteristics of striped functional management and strict hierarchical order, and the subordinate relationship between the upper and lower levels of the enterprise was very clear. In the risk management work of enterprises, the department responsible for risk management is usually an active actor, while other functional departments play a more cooperative role, and it is difficult to reach a consensus on many company-level risks and special risks.
Whereas, data-driven changes the business logic and management mode of enterprises. The value attributes of data connectivity, openness, collaboration and sharing have brought challenges to the traditional bureaucratic management mode, requiring enterprises to cooperate in management, interconnect systems and build and share data.
Therefore, the enterprise risk management model and organizational structure put more emphasis on collaboration, and it is necessary to change from the single linear management of the traditional risk management department to the collaborative governance with the participation of multiple subjects. The multi-subject collaborative governance of enterprise risk emphasizes the equal participation of multiple subjects such as government departments, regulatory agencies, enterprise management, risk management departments and cooperating departments, and third-party organizations, and relies on big data resources and artificial intelligence technology to achieve democratic and scientific risk governance. Through the establishment of collaborative, trust and mutually beneficial cooperative relations, Jointly prevent and resolve all kinds of enterprise risks, and finally realize the transformation of enterprise risk management mode from "single linear management" to "multiple collaborative governance".

Manage focus transformation
Since China started the standardized construction of risk management system in 2006, Chinese enterprises have achieved remarkable results in the construction of risk management system, and the awareness of risk prevention has been deeply rooted in people's hearts. However, in the process of work practice, many enterprises struggle with the word "comprehensive" in the concept of comprehensive risk management mentioned in the policy guide, trying to manage everything and control everything, resulting in the lack of focus and grasp of risk management work, and the limited enterprise resources are scattered and inefficient use.
Generally, the focus of comprehensive risk management should focus on the realization of the overall business objectives, and the focus should be on the strategic decisionmaking level of the enterprise. Enterprise management decision-making level and risk management department must grasp the main contradictions and major risks of enterprise operation, the focus of risk management should focus on the development strategy and overall objectives, continue to strengthen the prevention and resolution of major risks in key areas, and actively use new technologies to identify, analyze, evaluate and cope with "extreme and devastating" major risks that affect the survival of enterprises. Thus, enterprise risk management is transformed from "enterprise comprehensive risk" to "enterprise major risk".

Management role transformation
"Professional operational" risk managers are mainly responsible for risk information collection, risk ledger maintenance, risk report preparation and other basic work, serving the users of enterprise risk reports and risk reports. At present, the sources and channels of risk information are diversified, and the methods, models and technologies of risk management are also increasingly diversified. The main work of risk managers is no longer limited to traditional risk reports and ledgers, and the role of risk managers has changed to "auxiliary decision-making", which also puts forward higher requirements for the competence of risk managers. Risk managers should not only master professional knowledge of risk management, but also cultivate big data thinking, master advanced information technology and data technology, comprehensively view and deal with enterprise risk management issues from the three perspectives of management, foresight and technology, and realize the transformation of risk managers from "professional management" to "auxiliary decision-making".
The application of artificial intelligence, big data, RPA and other technologies will greatly reduce the basic work of risk managers such as risk information collection, risk ledger maintenance, and general risk analysis, and the basic risk management work with high standardization and repeatability may be replaced by artificial intelligence. By connecting the data with the enterprise information system and synchronously storing the required risk information data, the risk control robot can help employees quickly complete the basic work with high standardization and repeatability, avoid human errors, and improve the efficiency of risk management. Managers can devote more energy to major risk analysis, cross-professional risk communication, quantitative risk data analysis and other aspects, focusing on high-risk business of enterprises, so as to realize the transformation of enterprise risk management from "manual operation" to "man-machine collaboration".

Transformation of management style
Traditional risk management focuses on the process control of business activities and transactions. Driven by big data, the interconnection of enterprise risk management system and business information system will enable the risk management department to form a network connection with the business department, and the risk management department can carry out real-time monitoring of various risks. The network management of risks provides enterprises with direct mass data, and the further expansion of the risk supervision and control field is conducive to the risk management department to establish and improve the risk early warning system, realize the advance of risk prevention and control, give full play to the functions of the risk management department, and realize the transformation of management mode from "process control" to "network management".
In 2017, the Enterprise Risk Management Framework released by the United States COSO proposed a new positioning of enterprise risk management focusing on the enhancement of enterprise value, and advocated the deep integration of risk management with enterprise strategy and performance management. In order to effectively play the role of risk management in promoting the improvement of enterprise value management, enterprises need to actively use the new generation of information technology such as "cloud and object intelligence migration" to break the dilemma of isolated operation of the original risk management system. By building a risk control cloud platform, data links and process breakpoints between the business system and the risk control cloud platform can be connected to realize instant collection and real-time interaction of risk data. It can focus on and monitor online enterprise risks, especially major risks, so as to realize the transformation of risk management system from "isolated operation" to "risk control cloud platform".