A Systematic Review of Risk Management Methodologies for Complex Organizations in Industry 4.0 and 5.0
Abstract
:1. Introduction
2. Literature Review
Research Methodology
- The research was carried out in two parts. Firstly, the data were obtained from “Google Scholar”.
- Initially, we used the keyword “Cybersecurity Frameworks” to identify the most common cybersecurity frameworks.
- From the first publication of 2018 to March 2023.
- Document type “Article and Review”.
- Literature review: This category comprises comprehensive literature reviews, encompassing both qualitative and quantitative studies, which provide a broad understanding of the current state of knowledge on a particular topic.
- Comparison of methodologies: This category includes studies that compare and contrast different research methodologies, highlighting the strengths and weaknesses of each approach.
- Case studies: This category comprises in-depth analyses of specific cases, providing a detailed understanding of the subject matter in question and offering insights that may be applicable to similar situations.
- Implementation guides: This category includes practical guides that provide step-by-step instructions on how to implement specific methodologies or approaches in practice, highlighting potential challenges and offering advice on how to overcome them.
3. A Comparison of Information Security Management Frameworks
4. Risk Management Methodologies
4.1. ISO/IEC 27005:2022
- Fulfilling the actions required by ISO/IEC 27001:2022 to address information security risks.
- Carrying out ISMS activities, particularly evaluating and assessing information security.
- Establishing the context, which includes identifying and defining the scope, determining the criteria for risk acceptance, and identifying any legal, regulatory, or contractual requirements.
- Conducting a risk assessment, which includes the following:
- Identifying risks. Identifying the risks that could affect the CIA of the information assets.
- Analyzing risks. By assessing the likelihood and impact of the risks based on the identified threats, vulnerabilities, and the existing controls.
- Evaluating risks. Evaluating the risks by comparing the assessed risks with the established risk criteria, which include the risk appetite and the risk tolerance of the organization.
- Treating iteratively the identified risks. Implementing controls or taking other actions to reduce the likelihood or impact of the risk.
- Implementing risk management processes. Establishing communication channels, and monitoring and reviewing the risk management process.
- Utilizing management system processes. Integrating the risk management process with other management systems, such as quality or environmental management.
- Documented information. Document all relevant information, such as risk assessments, treatment plans, and management system processes.
4.2. NIST SP 800-30, NIST SP 800-37 and NIST SP 800-39
4.3. MAGERIT
- Needs analysis and feasibility study: This phase involves defining the scope of the risk analysis and conducting a feasibility assessment of risk management using the MAGERIT methodology.
- Risk analysis: During this stage, the organization’s information assets are identified and evaluated for associated information security risks. The identification of assets, threats, vulnerabilities, and potential impacts is included, as well as the assessment of the likelihood and impact of the risks.
- Risk management: In this stage, plans for managing risks are developed and implemented to address the risks identified during the analysis phase. Risk management plans may include implementing information security controls, accepting risks, transferring risks, or mitigating risks through protective measures.
4.4. Risk Management Process Comparison
4.4.1. Identifying Potential Risks
4.4.2. Risk Assessment
- Adversarial threats originate from individuals, groups, organizations, or nations.
- Accidental threats refer to unintentional actions.
- Structural threats are caused by equipment or software failures.
- Environmental threats arise from external disasters, which can be either natural or human-made, such as fires and floods.
- Assessing the likelihood of an attack originating from a human threat source can be challenging and may involve evaluating factors such as skill level, motive, opportunity, and size.
- Vulnerability assessment, on the other hand, takes into account several factors, such as exploitability, ease of detection, intrusion detection, and awareness. A combination of historical and estimated data should be used to provide the most accurate probability of an event occurring.
- The magnitude of impact should be determined, which can be classified on a scale ranging from very low to very high or negligible to catastrophic impact.
4.4.3. Treatment and Control
5. Discussion
- Scalability: IoT systems can have a large number of devices, which can make it difficult to scale the application of these frameworks.
- Diversity of devices: IoT devices come in different shapes, sizes, and functionalities. This can make it challenging to identify and classify all the risks associated with these devices.
- Real-time nature: Many IoT systems operate in real time, which can make it difficult to implement some of the risk management processes outlined in these frameworks.
- Data privacy: IoT devices generate a lot of data, and these data can be sensitive. Therefore, privacy and security considerations should be given a higher priority in IoT systems.
6. Conclusions
Author Contributions
Funding
Data Availability Statement
Conflicts of Interest
References
- Burritt, R.; Christ, K. Industry 4.0 and environmental accounting: A new revolution? Asian J. Sustain. Soc. Responsib. 2016, 1, 23–38. [Google Scholar] [CrossRef]
- Waheed, A.; Alharthi, M.; Khan, S.Z.; Usman, M. Role of Industry 5.0 in Leveraging the Business Performance: Investigating Impact of Shared-Economy on Firms’ Performance with Intervening Role of i5.0 Technologies. SAGE Open 2022, 12, 21582440221094608. [Google Scholar] [CrossRef]
- Golovianko, M.; Terziyan, V.; Branytskyi, V.; Malyk, D. Industry 4.0 vs. Industry 5.0: Co-Existence, Transition, or a Hybrid. Procedia Comput. Sci. 2023, 217, 102–113. [Google Scholar] [CrossRef]
- Bakon, K.; Holczinger, T.; Sule, Z.; Jasko, S.; Abonyi, J. Scheduling under Uncertainty for Industry 4.0 and 5.0. IEEE Access 2022, 10, 74977–75017. [Google Scholar] [CrossRef]
- Kumar, S.; Mallipeddi, R.R. Impact of cybersecurity on operations and supply chain management: Emerging trends and future research directions. Prod. Oper. Manag. 2022, 31, 4488–4500. [Google Scholar] [CrossRef]
- Raptis, T.P.; Passarella, A.; Conti, M. Data management in industry 4.0: State of the art and open challenges. IEEE Access 2019, 7, 97052–97093. [Google Scholar] [CrossRef]
- Lowry, P.B.; Dinev, T.; Willison, R. Why security and privacy research lies at the centre of the information systems (IS) artefact: Proposing a bold research agenda. Eur. J. Inf. Syst. 2017, 26, 546–563. [Google Scholar] [CrossRef]
- Dotsenko, S.; Illiashenko, O.; Kamenskyi, S.; Kharchenko, V. Integrated Security Management System for Enterprises in Industry 4.0. Inf. Secur. Int. J. 2019, 43, 294–304. [Google Scholar] [CrossRef]
- Culot, G.; Nassimbeni, G.; Podrecca, M.; Sartor, M. The ISO/IEC 27001 information security management standard: Literature review and theory-based research agenda. TQM J. 2021, 33, 76–105. [Google Scholar] [CrossRef]
- Agrawal, V. A Framework for the Information Classification in ISO 27005 Standard. In Proceedings of the 4th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2017 and 3rd IEEE International Conference of Scalable and Smart Cloud, SSC 2017, New York, NY, USA, 26–28 June 2017. [Google Scholar]
- Azmi, R.; Tibben, W.; Win, K.T. Review of cybersecurity frameworks: Context and shared concepts. J. Cyber Policy 2018, 3, 258–283. [Google Scholar] [CrossRef]
- Dawson, M. Hyper-connectivity: Intricacies of national and international cyber securities. In PQDT—Glob; London Metropolitan University: London, UK, 2017. [Google Scholar]
- Lopes, I.M.; Guarda, T.; Oliveira, P. Implementation of ISO 27001 Standards as GDPR Compliance Facilitator. J. Inf. Syst. Eng. Manag. 2019, 4, em0089. [Google Scholar] [CrossRef]
- Cockcroft, S. What is the nist framework. ITNOW 2020, 62, 48–49. [Google Scholar] [CrossRef]
- Ferruzola Gómez, E.; Duchimaza, S.J.; Ramos Holguín, J.; Alejandro Lindao, M. Plan de contingencia para los equipos y sistemas informáticos utilizando la metodología MAGERIT. Rev. Científica Tecnológica UPSE 2019, 6, 34–41. [Google Scholar] [CrossRef]
- Popchev, I.; Radeva, I.; Nikolova, I. Aspects of the Evolution from Risk Management to Enterprise Global Risk Management. Eng. Sci. 2021, LVIII, 16–30. [Google Scholar] [CrossRef]
- Ahmad, R.; Alsmadi, I. Machine learning approaches to IoT security: A systematic literature review[Formula presented]. Internet Things 2021, 14, 100365. [Google Scholar] [CrossRef]
- Griffy-Brown, C.; Chun, M.; Lazarikos, D. Emerging Technologies and Cyber Risk: How do we secure the Internet of Things (IoT) environment? J. Appl. Bus. Econ. 2019, 21, 70–79. [Google Scholar] [CrossRef]
- Falivene, L.; Tucker, B. Unifying Cyber Risk: Cyber Risk Maturity Model v1 Cyber Risk Maturity Model Construction Process & Maturity Model Document; Universidad de Buenos Aires: Buenos Aires, Argentina, 2021. [Google Scholar]
- Tatiara, R.; Fajar, A.N.; Siregar, B.; Gunawan, W. Analysis of factors that inhibiting implementation of Information Security Management System (ISMS) based on ISO 27001. In Proceedings of the Journal of Physics: Conference Series, Medan, Indonesia, 28–30 November 2018; Volume 978. [Google Scholar]
- Lambrinoudakis, C.; Gritzalis, S.; Xenakis, C.; Katsikas, S.; Karyda, M.; Tsochou, A.; Papadatos, K.; Rantos, K.; Pavlosoglou, Y.; Gasparinatos, S.; et al. Compendium of Risk Management Frameworks with Potential Interoperability: Supplement to the Interoperable EU Risk Management Framework Report; European Union Agency for Cybersecurity (ENISA): Athens, Greece, 2022; ISBN 9789292045548. [Google Scholar]
- Tranfield, D.; Denyer, D.; Smart, P. Towards a Methodology for Developing Evidence-Informed Management Knowledge by Means of Systematic Review. Br. J. Manag. 2003, 14, 207–222. [Google Scholar] [CrossRef]
- Xiao, Y.; Watson, M. Guidance on Conducting a Systematic Literature Review. J. Plan. Educ. Res. 2019, 39, 93–112. [Google Scholar] [CrossRef]
- Lame, G. Systematic literature reviews: An introduction. Proc. Int. Conf. Eng. Des. ICED 2019, 1, 1633–1642. [Google Scholar] [CrossRef]
- Ali, R.F.; Dominic, P.D.D.; Ali, S.E.A.; Rehman, M.; Sohail, A. Information security behavior and information security policy compliance: A systematic literature review for identifying the transformation process from noncompliance to compliance. Appl. Sci. 2021, 11, 3383. [Google Scholar] [CrossRef]
- Tissir, N.; El Kafhali, S.; Aboutabit, N. Cybersecurity management in cloud computing: Semantic literature review and conceptual framework proposal. J. Reliab. Intell. Environ. 2021, 7, 69–84. [Google Scholar] [CrossRef]
- Krumay, B.; Bernroider, E.W.N.; Walser, R. Evaluation of Cybersecurity Management Controls and Metrics of Critical Infrastructures: A Literature Review Considering the NIST Cybersecurity Framework. In Proceedings of the Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Olso, Norway, 28–30 November 2018; Volume 11252. [Google Scholar]
- Chidukwai, A.; Zander, S.; Koutsakis, P. A Survey on the Cyber Security of Small-to-Medium Businesses: Challenges, Research Focus and Recommendations. IEEE Access 2022, 10, 85701–85719. [Google Scholar] [CrossRef]
- Gritzalis, D.; Iseppi, G.; Mylonas, A.; Stavrou, V. Exiting the risk assessment maze: A meta-survey. ACM Comput. Surv. 2018, 51, 1–30. [Google Scholar] [CrossRef]
- Pappalardo, S.M.; Niemiec, M.; Bozhilova, M.; Stoianov, N.; Dziech, A.; Stiller, B. Multi-sector assessment framework—A new approach to analyse cybersecurity challenges and opportunities. In Proceedings of the Communications in Computer and Information Science, Kraków, Poland, 8–9 October 2020; Volume 1284. [Google Scholar]
- Santos-Olmo, A.; Sánchez, L.E.; Álvarez, E.; Rosado, D.G.; Fernandez-Medina, E. Revisión Sistemática de Análisis de Riesgos Asociativos y Jerárquicos. Periodo 2014–2019. In Proceedings of the Seguridad Informática. X Congreso Iberoamericano(CIBSI 2020), Bogota, Colombia, 22–24 January 2020; pp. 139–147. [Google Scholar]
- Hurtado, M. Gestión de Riesgo Metodologías Octave y Magerit. In Repos Inst Univ Pilot Colomb; Universidad Piloto de Colombia: Bogota, Colombia, 2018. [Google Scholar]
- Khaleefah, A.D. Methodologies, Requirements and Challenges of Cybersecurity Frameworks: A Review. Int. J. Wirel. Microw. Technol. 2023, 13, 1–13. [Google Scholar] [CrossRef]
- Bawono, M.W.A.; Soetomo, M.A.; Apriatin, T. Analysis correlation of the Implementation Framework COBIT 5, ITIL V3 and ISO 27001 for ISO 10002 Customer satisfaction. ACMIT Proc. 2021, 7, 31–46. [Google Scholar] [CrossRef]
- Roy, P.P. A High-Level Comparison between the NIST Cyber Security Framework and the ISO 27001 Information Security Standard. In Proceedings of the 2020 National Conference on Emerging Trends on Sustainable Technology and Engineering Applications (NCETSTEA), Durgapur, India, 7–8 February 2020; Volume 53, pp. 27001–27003. [Google Scholar] [CrossRef]
- García, F.Y.H.; Moreta, L.M.L. Maturity Model for the Risk Analysis of Information Assets based on Methodologies MAGERIT, OCTAVE y MEHARI; Focused on Shipping Companies. In Proceedings of the Applications in Software Engineering—Proceedings of the 7th International Conference on Software Process Improvement, CIMPS 2018, Guadalajara, Mexico, 17–19 October 2018. [Google Scholar]
- Yoseviano, H.F.; Retnowardhani, A. The use of ISO/IEC 27001: 2009 to analyze the risk and security of information system assets: Case study in xyz, ltd. In Proceedings of the 2018 International Conference on Information Management and Technology, ICIMTech 2018, Jakarta, Indonesia, 3–5 September 2018. [Google Scholar]
- Carvalho, C.; Marques, E. Adapting ISO 27001 to a Public Institution. In Proceedings of the Iberian Conference on Information Systems and Technologies, CISTI, Coimbra, Portugal, 19–22 June 2019. [Google Scholar]
- ALDhanhani, M.J.; Jizat, J.E.M. Review of Cyber Security on Oil and Gas Industry in United Arab Emirates: Analysis on the Effectiveness of the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework. Turk. J. Comput. Math. Educ. 2021, 12, 714–720. [Google Scholar]
- Ibrahim, A.; Valli, C.; McAteer, I.; Chaudhry, J. A security review of local government using NIST CSF: A case study. J. Supercomput. 2018, 74, 5171–5186. [Google Scholar] [CrossRef]
- Amiruddin, A.; Afiansyah, H.G.; Nugroho, H.A. Cyber-Risk Management Planning Using NIST CSF v1.1, NIST SP 800-53 Rev. 5, and CIS Controls v8. In Proceedings of the 3rd International Conference on Informatics, Multimedia, Cyber, and Information System, ICIMCIS 2021, Jakarta, Indonesia, 28–29 October 2021. [Google Scholar]
- Udroiu, A.M.; Dumitrache, M.; Sandu, I. Improving the cybersecurity of medical systems by applying the NIST framework. In Proceedings of the 2022 14th International Conference on Electronics, Computers and Artificial Intelligence, ECAI 2022, Ploiesti, Romania, 30 June–1 July 2022. [Google Scholar]
- García, F.Y.H.; Moreta, L.M.L. Model for measuring the maturity of the risk analysis of information assets in the context of shipping companies. RISTI—Rev. Iber. Sist. E Tecnol. Inf. 2019, 2019, 1–17. [Google Scholar] [CrossRef]
- Pillajo-García, P.; Avila-Pesantez, D. Análisis de ciberseguridad en plataformas e-learning: Revisión sistemática de la literatura. Rev. Perspect. 2023, 5, 19–30. [Google Scholar]
- Diamantopoulou, V.; Tsohou, A.; Karyda, M. From ISO/IEC 27002:2013 information security controls to personal data protection controls: Guidelines for GDPR compliance. In Proceedings of the Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Luxembourg City, Luxembourg, 26–27 September 2020; Volume 11980. [Google Scholar]
- Mirtsch, M.; Kinne, J.; Blind, K. Exploring the Adoption of the International Information Security Management System Standard ISO/IEC 27001: A Web Mining-Based Analysis. IEEE Trans. Eng. Manag. 2021, 68, 87–100. [Google Scholar] [CrossRef]
- Putra, D.S.K.; Tistiyani, S.; Sunaringtyas, S.U. The Use of ISO/IEC 27001 Family of Standards in Regulatory Requirements in Some Countries. In Proceedings of the 2021 2nd International Conference on ICT for Rural Development, IC-ICTRuDev 2021, Jogjakarta, Indonesia, 27–28 October 2021. [Google Scholar]
- Longras, A.; Pereira, T.; Cameiro, P.; Pinto, P. On the Track of ISO/IEC 27001:2013 Implementation Difficulties in Portuguese Organizations. In Proceedings of the 9th International Conference on Intelligent Systems 2018: Theory, Research and Innovation in Applications, IS 2018—Proceedings, Funchal, Portugal, 25–27 September 2018. [Google Scholar]
- Yvon, T. Exploring Factors Limiting Implementation of the National Institute of Standards and Technology Cybersecurity Framework; Colorado Technical University: Colorado Springs, CO, USA, 2020. [Google Scholar]
- Mylrea, M.; Gourisetti, S.N.G.; Larimer, C.; Noonan, C. Insider threat cybersecurity framework webtool & methodology: Defending against complex cyber-physical threats. In Proceedings of the 2018 IEEE Symposium on Security and Privacy Workshops, SPW 2018, San Francisco, CA, USA, 24 May 2018. [Google Scholar]
- National Institute of Standards and Technology [NIST]. Risk Management Framework for Information Systems and Organizations; Special Publication 800-37 Rev. 2; National Institute of Standards and Technology [NIST]: Gaithersburg, MD, USA, 2018. [Google Scholar] [CrossRef]
- Malatji, M. Management of enterprise cyber security: A review of ISO/IEC 27001:2022. In Proceedings of the 2023 International Conference on Cyber Management and Engineering, CyMaEn 2023, Bangkok, Thailand, 26–27 January 2023. [Google Scholar]
- Ortega, L.; Medina, L. Riesgos Tecnológicos en Pequeñas Empresas. Una Revisión a sus Incidentes en la Gestión Organizacional; Fundación Universitaria Panamericana: Bogota, Colombia, 2020. [Google Scholar]
- Kurii, Y.; Opirskyy, I. Analysis and Comparison of the NIST SP 800-53 and ISO/IEC 27001:2013. In Proceedings of the CEUR Workshop Proceedings, Kyiv, Ukraine, 13 October 2022; Volume 3288. [Google Scholar]
- Sulistyowati, D.; Handayani, F.; Suryanto, Y. Comparative analysis and design of cybersecurity maturity assessment methodology using nist csf, cobit, iso/iec 27002 and pci dss. Int. J. Inform. Vis. 2020, 4, 225–230. [Google Scholar] [CrossRef]
- Silva Rampini, G.H.; Takia, H.; Tobal Berssaneti, F. Critical Success Factors of Risk Management with the Advent of ISO 31000 2018—Descriptive and Content Analyzes. Procedia Manuf. 2019, 39, 894–903. [Google Scholar] [CrossRef]
- ISO 31000:2018; Risk Management—Guidelines. ISO: Geneva, Switzerland, 2017.
- Li, S.; Bi, F.; Chen, W.; Miao, X.; Liu, J.; Tang, C. An improved information security risk assessments method for cyber-physical-social computing and networking. IEEE Access 2018, 6, 10311–10319. [Google Scholar] [CrossRef]
- ISO/IEC 27005:2022; Information Security, Cybersecurity and Privacy Protection—Guidance on Managing Information Security Risks. ISO: Geneva, Switzerland, 2022.
- National Institute of Standards and Technology [NIST]. Guide for Conducting Risk Assessments; Special Publication 800-30 Rev. 1; National Institute of Standards and Technology [NIST]: Gaithersburg, MD, USA, 2012. [Google Scholar]
- National Institute of Standards and Technology [NIST]. Managing Information Security Risk Organization, Mission, and Information System View; Special Publication 800-39; National Institute of Standards and Technology [NIST]: Gaithersburg, MD, USA, 2011. [Google Scholar]
- Crespo Martínez, E. Ecu@Risk, Una metodología para la gestión de Riesgos aplicada a las MPYMEs. Enfoque UTE 2017, 8, 107–121. [Google Scholar] [CrossRef]
- Hariyanti, E.; Djunaidy, A.; Siahaan, D.O. A Conceptual Model for Information Security Risk Considering Business Process Perspective. In Proceedings of the 2018 4th International Conference on Science and Technology, ICST 2018, Yogyakarta, Indonesia, 7–8 August 2018. [Google Scholar]
- Canelón, J.; Huerta, E.; Leal, N.; Ryan, T. Unstructured data for cybersecurity and internal control. In Proceedings of the Annual Hawaii International Conference on System Sciences, Maui, HI, USA, 7–10 January 2020. [Google Scholar]
ISO/IEC 27001 | NIST CSF | MAGERIT | |
---|---|---|---|
Literature review | [9,25,26] | [27,28] | [29,30,31] |
Methodology comparison | [32,33,34,35,36] | ||
Case studies | [37,38] | [39,40,41,42] | [15,43,44] |
Implementation Guides | [13,20,45,46,47,48] | [49,50,51] | - |
ISO/IEC 27001 | NIST CSF | MAGERIT | |
---|---|---|---|
Updated | August 2022 | April 2018 | October 2012 |
Description | International standard describing best practices for an information security management system. | Security framework for the protection of operations and assets. | Security framework that seeks to raise awareness of the existence of risks and the need to manage them in organizations. |
Structure | 11 sections, 0–3 non-mandatory and 4–10 mandatory, Annex A. | 5 functions, 22 categories and 98 subcategories, 4 levels of implementation. | 9 categories, 6 appendices, catalog of elements and guide to techniques |
Certifiable | Yes | No | No |
Mandatory documents | Clauses 4 to 10 | Not specified | Not specified |
Based | Risk management | Risk management | Risk management |
Mechanisms | Non-voluntary and independent audit | Optional, self-certification | Optional, self-certification. |
Scope | Provides the requirements for establishing, implementing, maintaining, and continuously improving an information security management system, as well as the requirements for assessing and addressing information security risks tailored to the needs of organizations. | Optional guidelines, best practices, and standards for improving cybersecurity programs. | Implements the risk management process within a framework for the governing bodies to make decisions, taking into account the risks derived from the use of information technologies. |
Technology independence | Yes | Yes | Yes |
Availability | Distributed commercially | Free download from the official website | Free download from the official website |
Risk Identification | ISO/IEC 27001:2022 | NIST | MAGERIT |
---|---|---|---|
Understanding the Context | Understand the scope and objectives of the information system to identify critical assets. | ||
Process identification | The organization is responsible for the ongoing management of an ISMS, including the necessary processes and their interrelationships, to comply with the requirements established in this document. | Identify critical processes to be protected and relevant assets. | |
Identify Threats | Use standard threat catalogs or analysis techniques such as FMEA or SWOT to identify potential threats. | Use the NIST framework to identify relevant threats, such as NIST SP 800-30, NIST SP 800-37 or NIST SP 800-39. | Use the MAGERIT methodology to identify relevant threats, including the identification of actors that could be responsible for an attack. |
Vulnerability Identification | Identify weaknesses or weak points in the system that can be exploited by threats. | ||
Impact Assessment | Determine the potential impact on assets and the business in the event of a security incident. | ||
Probability Evaluation | Determine the probability of a threat exploiting a vulnerability and causing an impact. | ||
Risk Prioritization | Prioritize risks based on the combination of impact and probability. | ||
Response Planning | Develop a plan to mitigate or address identified and accepted risks. |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Barraza de la Paz, J.V.; Rodríguez-Picón, L.A.; Morales-Rocha, V.; Torres-Argüelles, S.V. A Systematic Review of Risk Management Methodologies for Complex Organizations in Industry 4.0 and 5.0. Systems 2023, 11, 218. https://doi.org/10.3390/systems11050218
Barraza de la Paz JV, Rodríguez-Picón LA, Morales-Rocha V, Torres-Argüelles SV. A Systematic Review of Risk Management Methodologies for Complex Organizations in Industry 4.0 and 5.0. Systems. 2023; 11(5):218. https://doi.org/10.3390/systems11050218
Chicago/Turabian StyleBarraza de la Paz, Juan Vicente, Luis Alberto Rodríguez-Picón, Víctor Morales-Rocha, and Soledad Vianey Torres-Argüelles. 2023. "A Systematic Review of Risk Management Methodologies for Complex Organizations in Industry 4.0 and 5.0" Systems 11, no. 5: 218. https://doi.org/10.3390/systems11050218
APA StyleBarraza de la Paz, J. V., Rodríguez-Picón, L. A., Morales-Rocha, V., & Torres-Argüelles, S. V. (2023). A Systematic Review of Risk Management Methodologies for Complex Organizations in Industry 4.0 and 5.0. Systems, 11(5), 218. https://doi.org/10.3390/systems11050218