This is an Open Access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.
org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author 
and source are credited.

Copyright © 2021 The Author(s). Published by Vilnius Gediminas Technical University

MODELING THE PROCESS OF RISK MANAGEMENT RESPONSE TO 
THE NEGATIVE IMPACT OF RISKS AS THE BASIS FOR  

ENSURING ECONOMIC SECURITY

Svitlana KRYSHTANOVYCH  1*, Viktoriya GUTSULYAK 2,  
Ivanna HUZII 3, Tetiana HELZHYNSKA 4, Valentyna SHEPITCHAK5

1,2Department of Pedagogy and Psychology, State University of Physical Culture Named after Ivan 
Bobersky, Lviv, Ukraine

3,4Department of Pedagogy and Innovative Education, Lviv Polytechnic National University, Lviv, Ukraine
4Department of Finance, Banking and Insurance, Central Ukrainian National Technical University, 

Kropyvnytskyi, Ukraine
5Department of English Philology and Methods of Teaching English, Ternopil Volodymyr Hnatiuk 

National Pedagogical University, Lviv, Ukraine

Received 21 April 2021; accepted 17 June 2021

Abstract. Purpose – the main purpose of the article is to form a methodological approach 
to counteract risks that most negatively affect the system of ensuring the economic security 
of engineering enterprises.
Research methodology – the research methodology involves the application of the theory of 
graph connections, modeling from IDEF0.
Findings  – the main risks that most negatively affect the system of ensuring the economic 
security of engineering enterprises were identified, modeling of the main stages of response 
to their impact was carried out.
Research limitations – the article has a number of limitations and this applies to the area of 
the study. The emphasis was on the engineering industry. In addition, it should be noted 
that there are other modeling methods for mapping the stages of response to the negative 
impact of risks.
Practical implications – practical application of our methodological approach can be suitable 
for engineering enterprises.
Originality/Value – the originality of the study lies in the presented methodological approach 
to identifying the risks that most negatively affect the system of economic security of 
engineering enterprises and modeling the process of responding to this impact.

Keywords: risk, engineering enterprises, theory of graph connections, IDEF0 functional 
model, economic security.

JEL Classification: D81, L53, O12

*Corresponding author. E-mail: skrischtanovich@gmail.com

Business, Management and Economics Engineering
ISSN: 2669-2481 / eISSN: 2669-249X

2021 Volume 19 Issue 2: 289–302

https://doi.org/10.3846/bmee.2021.14798

http://dx.doi.org/10.1016/S0377-2217(03)00091-2
http://dx.doi.org/10.1016/S0377-2217(03)00091-2
https://orcid.org/0000-0002-2147-9028
mailto:skrischtanovich@gmail.com
https://doi.org/10.3846/bmee.2021.14798


290 S. Kryshtanovych et al. Modeling the process of risk management response to the negative impact...

Introduction

In modern economic conditions, it is important for an enterprise to avoid possible threats 
and timely eliminate the harmful consequences of negative phenomena. Riskiness is an inte-
gral part of entrepreneurial activity, uncertainty is seen as a primary phenomenon, and risk is 
secondary. The greater the uncertainty in making a business decision, the greater the degree 
of risk. It is impossible to eliminate risks related to the activities of business entities, since 
they are an element of objective reality. The main difference between risk and uncertainty 
is the ability to measure and estimate: uncertainty cannot be measured, while risk can be 
estimated. So, risk, as opposed to uncertainty, can be managed.

Risk management is a systematic use of the methods, tools and techniques available to 
managers to solve problems related to risks: setting the context, analysis (identification and 
assessment), influence, monitoring and communication.

In the enterprise management system, the risk management system is designed to become 
an integral part of the organization’s management subsystem, that is, it should be integrated 
into its general policy, work plans and activities. When this condition is met, the applica-
tion of the risk management system is an effective process. Risk management is associated 
with both negative and positive consequences. The essence of risk management is to identify 
potential deviations from planned results and to manage these deviations to improve pros-
pects, reduce losses and improve the soundness of decisions made. Risk management means 
defining perspectives and identifying opportunities for improvement, as well as preventing 
or reducing the likelihood of undesirable developments.

Foreign practice shows that company leaders successfully use the risk management sys-
tem both in individual segments and in general. According to a survey conducted by the 
Federation of European Risk Management Associations: 79% of surveyed enterprises carry 
out risk mapping, while 44% of them identified risk management as a subsystem of enterprise 
management.

In connection with the development of market relations, entrepreneurial activity in 
Ukraine has to be carried out in the conditions of the growing uncertainty of the situation 
and the variability of the economic environment. It becomes difficult to obtain the expected 
end result, and therefore, the risk increases, that is, the danger of failure, unforeseen losses. 
This is especially inherent in the initial stages of the development of entrepreneurship. There 
is no business without risk. This is due to the fact that the goal of its implementation is to 
maximize profit, and the greatest profit, as a rule, is brought by market transactions with 
increased risk. The entrepreneur is forced to assume the risk by the uncertainty of the eco-
nomic situation and the conditions of the political and economic state and the prospects for 
changing these conditions. The greater the uncertainty of the economic situation of decision-
making, the higher the degree of risk. The implementation of entrepreneurship in any of its 
forms, which is associated with risk, is usually called economic, or entrepreneurial.

In the process of countering the negative impacts aimed at engineering enterprises, the 
management of this enterprise pays less attention to risks, since in their opinion they are the 
least threatening. That is why this problem has acquired particular relevance today, given 
that risks can potentially turn into a threat or danger. An example of this can be called the 



Business, Management and Economics Engineering, 2021, 19(2): 289–302 291

fact that at the beginning of last year there was only the risk of a pandemic lockdown, which 
quickly turned into uncontrollable threats and dangers. It is because of the low attention to 
risk management and risks in general that we have chosen this topic.

Risk management is the management of the enterprise as a whole, taking into account the 
impact of risks on the basis of the process of their identification, assessment and analysis, as 
well as the choice and use of methods to neutralize their consequences in order to achieve 
an optimal balance between the level of risk and the strategic capabilities of the enterprise. 
Accordingly, risk management is aimed at finding the optimal balance between a high level 
of risk, which can lead to the collapse of the enterprise, and a complete rejection of it, which 
leads to a loss of competitiveness.

Today, the issue of forming a methodological approach is extremely relevant, which will 
allow top managers of the enterprise to better organize the negative impact of risks, with the 
aim of its subsequent elimination. Considering the above, the main goal of the article is to 
form a methodological approach to an adequate response and counteraction to risks that most 
negatively affect the system of ensuring the economic security of engineering enterprises.

The structure of the article provides for a review of specialized literature, which became 
the basis for the study, a description of the methodology used in the course of the study (the 
research methodology involves the application of the theory of graph connections, modeling 
from IDEF0); the results of the research and discussion, which included the identification of 
risks and the construction of a model of response to them, a description of how our research 
differs from the existing ones and the conclusions.

The proposed methodological approach to modeling the management process is suitable 
for engineering enterprises. In the future, this model is planned to be used at one of the 
leading engineering companies in the Western region of Ukraine for its practical verification.

1. Literature review

Ensuring economic security at enterprises today is becoming a priority area of   scientific 
research. At the same time, risk management and mitigation of their negative impact plays 
a special role (Parfitt & Barnes, 2020).

An effective tool for responding to changes in the economic environment of an enterprise 
is risk management, which is defined as a set of integrated management actions aimed at 
identifying, analyzing and regulating risks. Within the framework of the proposed approach, 
risk management can be considered as a process of influencing a business object, which 
provides the widest possible range of coverage of possible risks, preventive actions, their 
reasonable accounting when making management decisions and reducing the degree of 
influence of the identified risks to the minimum limits. Studies of modern conceptual 
approaches to risk management have made it possible to form a set of methods and methods 
of an integrated risk management system.

The issue of ensuring the optimal operation of enterprises and ensuring economic se-
curity, in the context of risk management, is the subject of interest of a large number of 
scientists. For example, in the work of Pauliukevičius and Skusevičienė (2013), the basis for 
the formation of an effective system of combating risks that affect the functioning of the 



292 S. Kryshtanovych et al. Modeling the process of risk management response to the negative impact...

enterprise is to improve the institutional system of the country, while Shynkar et al. (2020) 
and Pushak et al. (2021) believe that the main role is played by the formation of a powerful 
internal risk management system.

Risk management problems have been of interest to the scientific community for more 
than a decade. Modern technologies and the impact of globalization in general significantly 
affect changes in the activities of enterprises and therefore more and more groups of risks 
arise and, as a result, new problems that need to be addressed.

Risk management is the subject of interest of leading scientists in the field of security 
at the enterprise. The ambiguity and inaccuracy of today’s risk management systems are 
highlighted in Kim (2020) work, which determines the relationship between inaccuracies 
and imperfections in risk management systems and the performance of an enterprise.

For example, the basic concepts of the essence of such a phenomenon as “risk” were 
considered by Aven (2012) and Head (2009). However, our research is more methodological 
in nature and aims to identify and respond to them.

What risk concepts may exist and which subspecies and how they may differ has been 
explored by Belles-Sampera et  al. (2013), Chatterjee et  al. (2003) and Regan and Patè-
Cornell (1997). Of course, concepts and theoretical analysis are very important, but we 
strive to demonstrate how it is possible to depict the process of counteracting negative 
influences through modeling.

Stasytyte and Aleksienė (2015) and Korombel (2012) examined the specifics of 
operational risks that are encountered in SMEs. We take into account certain operational 
risks in our research, but strive to cover the negative impact of others.

The very process of organizing the work of the risk management system is well 
described in the works of Di Serio et al. (2011), Verbano and Venturini (2013) and Islam 
et al. (2006). According to some scientists, risk management can be part of other enterprise 
management systems. For example, in the work of Wu and Meng (2019), risk management 
is part of management security. In our opinion, today risks play one of the most important 
roles in the system of enterprise functioning, taking into account this risk, management 
should act as an independent functional management system at the enterprise.

Risk management and its role in the activities of the enterprise has always been 
accompanied by a certain element of surprise and uncertainty. The specifics of the process 
of risk management activities were investigated by Tohidi (2011) and Tamošiūnienė and 
Savčuk (2007). We took into account the specifics of the risk management activity process 
for our research and its reflection in the proposed model.

Of course, human resources and plant personnel are at the greatest risk, an issue 
actively explored by Thevendran and Mawlesley (2004) and Zhi-Qiang and Tao (2008).

Features of the hierarchical ordering of risks can be found in the works of Kmec 
(2011) and Knight (2002), however, our research is based on significant changes that have 
occurred in the world and the impact of globalization to significantly change the modern 
risks that a significant number of enterprises face every day.

Regarding the methodology we use, it should be noted that Sylkin et  al. (2019) have 
already applied a similar methodological approach for their own research, but then it 
concerned anti-crisis management and the financial security system. Our research 
combines several methods and focuses primarily on risk management.



Business, Management and Economics Engineering, 2021, 19(2): 289–302 293

Paying tribute and taking into account the scientific contribution of a significant number 
of scientists to the development of solving the problems of the risk management system at 
the enterprise, the issue of highlighting the main risks that most negatively affect the system 
of ensuring the economic security of engineering enterprises and modeling the process of 
responding to this influence is still relevant.

2. Methodology

The basis of our research is the methods that will allow us to determine and streamline the 
level of influence of the main risks on the activities of enterprises and to ensure economic 
security in general, and to simulate the process of responding to them. To do this, we used 
the following methods:

1. Formation of a model for hierarchical ordering of the main risks that negatively 
affect the engineering enterprises of Ukraine. To do this, it is necessary to apply a graph of 
connections between risks, which are formed on the main use of graph theory. It should be 
noted that graph theory is one of the key branches of mathematics that studies the properties 
of graphs. In general, a graph is a geometric configuration that includes points connected 
by lines. The use of graph theory is found in scientific papers in various fields, it can be 
informatics, management and logistics, including in economics. As an example, in the field 
of economic research, we use the theory of networked systems. A network is a generalization 
of the concept of a graph and is a graph where each edge is assigned a certain number, which 
is called the “edge weight” and this number has a certain meaning, for example: price, profit, 
income, etc. Today graph theory is one of the best predictive models used in scientific circles. 
An example of such use can be considered the work of Davahli et al. (2021), who, using this 
model, formed a predictive model of the distribution and risks of COVID-19.

The list of risks that have the most negative impact on the activities of engineering 
enterprises and their system of economic security are presented in Table 1.

Table 1. The list of risks that have the most negative impact on the activities of engineering enterprises 
and their system of economic security

Mathematical notation Risks Mnemonic name

Z1 The risk of loss of property as a result of theft, 
which entails constant technical and financial costs 
(for Ukraine, this is a very common phenomenon)

RLS

Z2 Risks associated with loss due to delayed payments RDP
Z3 Risks related to inflationary factors in the country 

and the bank’s discount rate
RRI

Z4 Risks arising from the highly volatile exchange rate 
in Ukraine

RHV

Z5 Risks arising from problems of legislative support RLS
Z6 Risks associated with the wrong choice of 

capital investment method, type of securities for 
investment

RWC

Z7 Risks associated with abuse of their powers in the 
company

RPC



294 S. Kryshtanovych et al. Modeling the process of risk management response to the negative impact...

Separately, we note that to determine those risks that have the most negative impact on 
the activities of engineering enterprises in Ukraine and their system of economic security, 
we apply an expert method of interviewing employees of three leading engineering enter-
prises, who provided a detailed answer, which risks negatively affect the activities of their 
company. Unfortunately, the respondents asked to remain anonymous and this right remains 
with them.

Despite the COVID-19 pandemic, the peer review method was conducted through re-
mote communication using email and video chats. At each of the three enterprises, at least 
10 representatives were involved in the survey, whose duties include ensuring economic 
security at their enterprise. All employees who took part in the survey have at least 5 years 
of experience in the enterprise in the field of ensuring economic security.

2. Since the process of risk management’s response to the negative impact of certain and 
hierarchically ordered risks is, in its essence, it is a certain process that involves the imple-
mentation of actions at certain stages. So, for this you need to depict these stages, clearly 
demonstrate to the risk management team their visions for responding to the negative im-
pact of risks and ensuring economic security in the company. In our opinion, the functional 
modeling and graphical description of processes (IDEF0) methodology can be well suited for 
this. It allows you to better understand the very objectivity of the field of study. It should be 
noted that the objects of functional modeling and structural analysis according to the IDEF0 
methodology are just organizational and economic systems.

The key parameters of our functional model of the process of responding to the negative 
impact of risks on the economic security system are the following, shown in Table 2.

Table 2. Parameters of the functional model of the process of responding to the negative impact of risks 
on the system of ensuring the economic security of engineering enterprises

Parameter Definition

The purpose of modeling Form an IDEF0 model to reflect the process of responding to the 
negative impact of risks on the system of economic security

View top management team, risk management and security entities in the 
company

The audience our model is 
aimed at

security subjects and the risk management team, who must possess 
information technologies for the development and adoption of 
optimal management decisions aimed at responding to risks

Context of the model list of functions and objects of diagrams of functional model IDEF0
Modeling technology IDEF0 functional modeling methodology
Software application for building vector diagrams

3. Results of research

Suppose that the set of certain threats is a certain set 1 2{ , ,..., }nZ z z z= . From this aggregate, 
we will select Z1 ∈ Z2 a number of significant threats. For clarity, we will supplement the 
mathematical designation of each factor with its mnemonic name (Table 1).



Business, Management and Economics Engineering, 2021, 19(2): 289–302 295

At the first stage, the subset of threats Z1 and possible interrelationships between them, 
we represent in the form of a directed graph (Figure 1), at the vertices of which the elements 
of the subset Z1 are located, the arcs connect the sum of the pairs of vertices (zi, zj) for which 
the connection is defined. It indicates a certain dependence of one threat (beginning of the 
arrow) on another (end of the arrow).

Figure 1 shows a graph of the relationship of the set Z1 with other Z, ie the relationship 
of Z1-risk with other selected risks. The use of a graph of connections is a prerequisite for 
using graph theory.

�1

�2

�3

�4

�5

�6

�7

Figure 1. Graph connections between certain risks that have the most negative impact on the 
activities of engineering enterprises and their system of economic security

Based on the constructed graph, we construct a binary dependence matrix A for the set 
of vertices Z1 as follows (1):
 aij=  1, if the criterion (vertex) i does depend on the criterion (vertex) j;
	  0, if the criterion (vertex) i does not depend on the criterion (vertex) j. (1)

We place the matrix A of 7 × 7 elements in the table, adding to it an information row and 
a column with the names of risks (Table 3).

Table 3. Binary dependency matrix

1 2 3 4 5 6 7

RLS RDP RRI RHV RLS RWC RPC

1 RLS 0 0 0 0 1 0 0
2 RDP 1 0 1 1 1 0 1
3 RRI 1 0 0 0 0 0 0
4 RHV 0 0 0 0 0 0 0
5 RLS 0 0 0 0 0 0 0
6 RWC 1 0 0 0 1 0 1
7 RPC 1 0 0 0 0 0 0



296 S. Kryshtanovych et al. Modeling the process of risk management response to the negative impact...

Based on the matrix A, we build the reachability matrix. We form a binary matrix (I + A), 
where I is the identity matrix. As a result, the reachability matrix must satisfy condition (2):

 
–1 1( ) ( ) ( )k k kI A I A I A ++ ≤ + = + . (2)

The actual construction of a binary matrix is reduced to filling in the table (Table 4).

Table 4. Reachability matrix

1 2 3 4 5 6 7

RLS RDP RRI RHV RLS RWC RPC

1 RLS 1 0 0 0 1 0 0
2 RDP 1 1 1 1 1 0 1
3 RRI 1 0 1 0 0 0 0
4 RHV 0 0 0 1 0 0 0
5 RLS 0 0 0 0 1 0 0
6 RWC 1 0 0 0 1 1 1
7 RPC 1 0 0 0 0 0 1

The vertex zj is reached from the vertex zi if there is a path in the graph (Figure 1) that 
leads from the vertex zi to the vertex zj. Such a top is called reachable. We denote the subset 
of such vertices by S (zi). Similarly, the vertex zi is in front of the vertex zj if it reaches its 
vertex. Let the number of predecessor vertices form a subset P (zi).

Finally, a section of subsets of reachable and predecessor vertices, that is, subset (3):
 R(z1) = S(z1) ∩ P(z1). (3)

The vertices that are not reached from any of the vertices of the set Z1, the remaining 
ones, determine a certain level of the hierarchy of the priority of the action of the influence of 
risks assigned to these vertices. An additional condition in this case is to ensure equality (4):
 P(z1) = R(z1). (4)

Performing the combination of the above actions gives the first level (the lowest in terms 
of the importance of influencing the process under study) of the hierarchy of risks. To 
determine it on the basis of a preliminary matrix, we build a Table 5.

Table  5. Calculation table for building a model of the hierarchy of risk influence in the activities of 
engineering enterprises

І S(zi) Р(zi) S(z1) ∩ P(z1)

1 1, 5 1, 2, 3, 6, 7 1
2 1, 2, 3, 4, 5, 7 2 2
3 1, 3 2, 3 3
4 4 2, 4 4
5 5 1, 2, 5, 6 5
6 1, 5, 6, 7 6 6
7 1, 7 2, 6, 7 7



Business, Management and Economics Engineering, 2021, 19(2): 289–302 297

The second column of this table is the numbers of the unit elements of the corresponding 
rows of the access matrix, the third is the numbers of the unit elements of the columns of this 
matrix. Equality (4) is fulfilled for 2 – Risks associated with loss due to delayed payments and 
6 – Risks associated with the wrong choice of capital investment method, type of securities for 
investment, these risks refer to a low priority level of impact on the activities of engineering 
enterprises. Further Table 5 we remove lines 2 and 6, and in the i-th columns we delete numbers 
2 and 6. Next, the second iteration is calculated, etc. Without further calculations, it can be 
argued that the highest level of the hierarchy will be occupied by 1 – The risk of loss of property 
as a result of theft, which entails constant technical and financial costs (for Ukraine, this is a 
very common phenomenon) and 5 – Risks arising from problems of legislative support.

Arranging risks at certain levels, we obtain a hierarchically structured model (Figure 2), 
simulating the priority of their impact on the activities of engineering enterprises and their 
system of economic security.

The next step will be to form a methodological approach to reflecting the decomposition 
of the risk management response process and the negative impact of the above risks on the 
activities of engineering enterprises.

For this, we will apply the methodology of functional modeling and graphical description 
of processes (IDEF0).

Let’s build a tree of nodes, a list of functions and objects with appropriate explanations 
will become the initial basis for their creation (Figure 3).

Note that each block in the IDEF0 functional model diagrams implements the process of 
converting input to outputs through certain mechanisms. For our task, it is enough just to 
talk about the transformation of information objects and streams.

Integrally, the entire system we simulate is denoted by the A-0 block. In accordance with 
this, all inputs, outputs, controls and mechanisms will be connected to the block by limit 
arrows and codes in Figure 4.

Figure 4 has several mathematical notations that cover the basic problem. So, input – In 
(n = 1), control – Cn (n = 1, 2), output – On (n = 1, 2), mechanism – Mn (n = 1, 2).

Figures 5 show the decomposition of the first of the three levels of the context diagram of 
the IDEF0 functional model of responding to the risk of negative impact of risks.

Z2

Z1

3

2

1
Z5

Z4 Z7Z3

Z
6

Figure 2. Model of the hierarchy of the impact of risks on the activities of  
engineering enterprises and their system of economic security



298 S. Kryshtanovych et al. Modeling the process of risk management response to the negative impact...

Provide an adequate response to the negative impact 

of risks

А0

А3

А2

А1
Determination of the risks carrying out the most negative 

injection

Forming a team that will react

Determination of the main ways to counter 

negative influence

Reacting according to the hierarchy of influence

А4

Figure 3. Hierarchy of blocks of the functional model IDEF0 of the response process risk 
management negative impact of risks

Provide an adequate response to the 

negative impact of risks

С1

М1

І1

Regulatory 

documents

Information 

from 

stakeholders

Choosing the optimal strategic solution

Technical means

Financial and human 

resources
А0

С2

М2

Decision maker

О1

О2

Information on the state of the 

negative impact of risks

Figure 4. Comprehensive model diagram IDEF0 of the response process risk management  
negative impact of risks

Subprocess 

Progress 

Information 

А2

Subprocess 

Progress 

Information 

А3

Subprocess 

Progress 

Information 

А4

Determination of the risks 

carrying out the most 

negative injection

Forming a team that will react

Determination of the main 

ways to counter negative 

influence

Reacting according to the 

hierarchy of influence

А1

А2

А3

А4

М2М1

Directives

to ensure

subprocess А2

Directives

to ensure

subprocess А3

Directives

to ensure

subprocess А4

Hierarchical ordering 

results

Variants of antidia

Results of counteraction to 

influence

С1 С2

І1

О2

О1

Figure 5. Decomposition of the context diagram of the IDEF0 of the response process risk 
management negative impact of risks



Business, Management and Economics Engineering, 2021, 19(2): 289–302 299

Based on the decomposition constructed by us in Figure 5, we should consider in detail 
the list of functions that are depicted by blocks in the model diagram:

A1 – According to our proposed model, the manager must form a model for hierarchical 
ordering of the main risks that negatively affect their company. This will help streamline the 
negative impact of existing risks.

A2 – When the negative impact is identified, an appropriate team of managers, specialists 
in risk management should be formed to provide an appropriate response to this negative 
impact.

A3 – the formation of basic ideas for the implementation of decisions on the provision of 
responses to counter the negative impact of risks on the activities of engineering enterprises.

A4  – Selection and implementation of the selected option to counteract the negative 
impact of risks on the activities of engineering enterprises.

4. Discussions

We would like to acknowledge the work of Kryshtanovych et al. (2020) and Merigó (2014), 
which have brought significant developments in addressing security and risk management 
issues. First, note the fact that the results of the study by Kryshtanovych et  al. (2020), also 
apply the modeling method through IDEF0; however, our study suggests its application 
to map the process of risk management’s response to the negative impact of certain and 
hierarchically ordered risks.

In contrast to the work of Merigó (2014) and Stasytytė (2013), we focused on how, due 
to the use of the link graph, to form a model for the hierarchical ordering of the main risks 
that negatively affect engineering enterprises.

In the work of Drobyazko et  al. (2020), the identification of risks was carried out using 
Kohonen maps, which should form a full assessment of the level of protection against risks. 
This assessment model is complex and requires the construction of a separate map for each 
impact factor, in addition, it is necessary to deduct the integral indicator and the impact 
coefficient. Graph theory and functional model are much easier to use, so they can be used 
at the level of any enterprise.

So, the main difference from such studies and, together, the originality of our article 
lies in the presented methodological approach to identifying risks, most negatively affect 
the system of ensuring the economic security of engineering enterprises and modeling the 
process of responding to this influence.

Conclusions

Based on the results of our research, we have identified the main risks that affect most 
negatively to the system of ensuring the economic security of engineering enterprises, and 
we have modeled the main stages of response to their impact.

The company needs to form its own risk management system, which should contain 
potential sources for financing losses that the company may incur as a result of the negative 
realization of the risk. The choice of a mechanism for risk management should be aimed at 



300 S. Kryshtanovych et al. Modeling the process of risk management response to the negative impact...

finding the optimal, expedient and cost-effective method of influence in a particular situation. 
As a result, the enterprise will be able to form a comprehensive risk management strategy, that 
is, the ability to make decisions focused on financial, labor, material resources, distribute tasks 
among managers, consult with specialists, and the like. In general, the adopted mechanism for 
minimizing risks largely determines the effectiveness of the enterprise’s risk management and, 
as a consequence, the success of the results of activities and competitiveness in the market.

The present requires from the heads of enterprises to constantly monitor risk-generating 
factors to create an effective and flexible management system in a market environment and 
limited resources, which leads to the need for a risk management system, all its aspects, basic 
principles and management methods. Enterprise risk management should be organized in 
such a way as to provide continuous introspection and self-control. The more detailed the 
monitoring process, the less the need for additional checks on the activities of the enterprise. 
An important aspect of enterprise risk management is the choice of an effective mechanism 
for preventing and minimizing, eliminating or accepting risks that determine the efficiency of 
the enterprise. Ignorance of the enterprise’s propensity to take risks can lead to unpredictable 
consequences, crisis and bankruptcy.

The formation of a risk management system at the enterprise should become a condition 
for the effective operation of an enterprise in a changing uncertain environment. Risk 
management is a risk management system based on the process of their identification, 
assessment and analysis, as well as the choice and use of methods to neutralize their 
consequences, aimed at achieving the necessary balance between the strategic capabilities 
of the enterprise and the level of risk, as well as finding the optimal balance between the 
high level of risk, which can lead to bankruptcy of the enterprise, and complete rejection 
of it, which leads to a loss of competitiveness. The risk management system is designed to 
become an integral part of the organization’s management subsystem. The development of 
risk management standards indicates that a change in the business environment leads to the 
emergence of new dangers and risks that require timely optimization.

The aim of the study was to form a methodological approach to dealing with risks that may 
affect the economic security of an engineering enterprise. As a result of the expert assessment, 
we have identified the main risks affecting the economic security of an engineering enterprise.

Thanks to the use of the graph connections, we have formed models for the hierarchical 
ordering of the main risks that negatively affect the engineering enterprises of Ukraine. Due 
to the use of the methodology of functional modeling and graphical description of processes 
(IDEF0), we have depicted the process of risk management’s response to the negative impact 
of certain and hierarchically ordered risks.

Of course, our research has limitations. The article has a number of limitations and this 
applies to the area of   the study. The emphasis was on the engineering industry. In addition, 
it should be noted that there are other modeling methods for mapping the stages of response 
to the negative impact of risks.

In the end, we can conclude that the results obtained in the course of the study indicate 
the effectiveness of the existing model of the response of the risk management system to the 
negative impact of risks. In the future, the model we have formed will be implemented at one of 
the leading engineering companies in the Western region of Ukraine for its practical verification.



Business, Management and Economics Engineering, 2021, 19(2): 289–302 301

Taking into account the existing limitations that arose during the writing of the article, 
the next steps of our research will be the formation of the same methodological approach for 
other types of hazards at the enterprise, as well as the adaptation of our methodology to the 
organizational structure of enterprises in other European countries. Despite the fact that our 
model is applied only for cutters of economic security of engineering enterprises, this model 
is plastic in its structure and can be modified for other types of security.

References

Aven, T. (2012). The risk concept – historical and recent development trends. Reliability Engineering & 
System Safety, 99, 33–44. https://doi.org/10.1016/j.ress.2011.11.006

Belles-Sampera, J., Merigó, J. M., Guillén, M., Santolino, M. (2013). The connection between distortion 
risk measures and ordered weighted averaging operators. Insurance: Mathematics and Economics, 
52(2), 411–420. https://doi.org/10.1016/j.insmatheco.2013.02.008

Chatterjee, S., Wiseman,  R.  M., Fiegenbaum, A., & Devers,  C.  E. (2003). Integrating behavioural and 
economic concepts of risk into strategic management: The Twain shall meet. Long Range Planning, 
36, 61–79. https://doi.org/10.1016/S0024-6301(02)00201-7

Davahli, M. R., Fiok, K., Karwowski, W., Aljuaid, A. M., & Taiar, R. (2021). Predicting the dynamics of 
the COVID-19 pandemic in the United States using graph theory-based neural networks. Interna-
tional Journal of Environmental Research and Public Health, 18(7), 3834. 
https://doi.org/10.3390/ijerph18073834

Di Serio,  L.  C., de Oliveira,  L.  H., & Siegert Schuch,  L.  M. (2011). Organizational risk management: 
A study case in companies that have won the Brazilian quatity award prize. Journal of Technology 
Management and Innovation, 6(2), 230–243. https://doi.org/10.4067/S0718-27242011000200016

Drobyazko, S., Barwinska-Malajowicz, A., Slusarczyk, B., Chubukova, O., & Bielialov, T. (2020). Risk 
management in the system of financial stability of the service enterprise. Journal of Risk and 
Financial Management, 13(12), 1–15. https://doi.org/10.1002/ijfe.2471

Head, L. G. (2009). Risk management – why and how. International Risk Management Institute, Dallas, 
Texas.

Islam, M. A., Tedford, J. D., & Haemmerle, E. (2006). Strategic risk management approach for small and 
medium-sized manufacturing enterprises (SMEs): Theoretical framework. In Proceedings of IEEE 
International Conference on Management of Innovation and Technology, Singapore (pp. 694–698).

Kim, H. (2020). Risk management and optimal capital structure under ambiguity. Finance Research 
Letters, 40, 101752. https://doi.org/10.1016/j.frl.2020.101752

Kmec, P. (2011). Temporal hierarchy in enterprise risk identification. Management Decision, 49(9), 
1489–1509. https://doi.org/10.1108/00251741111173952

Knight, K. W. (2002). Developing a risk management standard – the Australian experience. Safety Sci-
ence, 40, 69–74. https://doi.org/10.1016/S0925-7535(01)00042-X

Korombel, A. (2012, May 10–11). Enterprise risk management in practice of Polish small businesses – 
own research results. In 7th International Scientific Conference “Business and Management 2012”. 
Vilnius, Lithuania. Selected papers (pp. 1137–1143). Technika. https://doi.org/10.3846/bm.2012.146

Kryshtanovych, M., Petrovskyi, P., Khomyshyn, I., Bezena, I., & Serdechna, I. (2020). Peculiarities of 
implementing governance in the system of social security. Business, Management and Economics 
Engineering, 18(1), 142–156. https://doi.org/10.3846/bme.2020.12177

Merigó, J. M. (2014). Decision-making under risk and uncertainty and its application in strategic man-
agement. Journal of Business Economics and Management, 16(1), 93–116. 
https://doi.org/10.3846/16111699.2012.661758

https://doi.org/10.1016/j.ress.2011.11.006
https://doi.org/10.1016/j.insmatheco.2013.02.008
https://doi.org/10.1016/S0024-6301(02)00201-7
https://doi.org/10.3390/ijerph18073834
https://doi.org/10.4067/S0718-27242011000200016
https://doi.org/10.1002/ijfe.2471
https://doi.org/10.1016/j.frl.2020.101752
https://doi.org/10.1108/00251741111173952
https://doi.org/10.1016/S0925-7535(01)00042-X
https://doi.org/10.3846/bm.2012.146
https://doi.org/10.3846/bme.2020.12177
https://doi.org/10.3846/16111699.2012.661758


302 S. Kryshtanovych et al. Modeling the process of risk management response to the negative impact...

Parfitt, C., & Barnes, T. (2020). Rethinking economic security in a precarious world. Critical Sociology. 
https://doi.org/10.1177/0896920519850266

Pauliukevičius, G., & Skusevičienė, D. (2013). Modeling of the institutional system of enterpreneur-
ship promotion: the case of Lithuania. Business, Management and Economics Engineering, 11(2), 
350–375. https://doi.org/10.3846/bme.2013.20

Pushak, Y., Lagodiienko, V., Basiurkina, N., Nemchenko, V., & Lagodiienko, N. (2021). Formation the 
system for assessing the economic security of enterprise in the agricultural sector. Business: Theory 
and Practice, 22(1), 80–90. https://doi.org/10.3846/btp.2021.13013

Regan, P. J., & Patè-Cornell, M. E. (1997). Normative engineering risk management systems. Reliabil-
ity Engineering and System Safety, 57(2), 159–169. https://doi.org/10.1016/S0951-8320(97)00023-9

Shynkar, S., Gontar, Z., Dubyna, M., Nasypaiko, D., & Fleychuk, M. (2020). Assessment of economic 
security of enterprises: Theoretical and methodological aspects. Business: Theory and Practice, 21(1), 
261−271. https://doi.org/10.3846/btp.2020.11573

Stasytytė, V. (2013). The development of an attitude towards risk management in the context of country 
competitiveness. Business, Management and Economics Engineering, 11(2), 281–293. 
https://doi.org/10.3846/bme.2013.16

Stasytyte, V., & Aleksienė, L. (2015). Operational risk assessment and management in small and medi-
um-sized enterprises. Business: Theory and Practice, 16(2), 140–148. 
https://doi.org/10.3846/btp.2015.568

Sylkin, O., Kryshtanovych, M., Zachepa, A., Bilous, S., & Krasko, A. (2019). Modeling the process of 
applying anti-crisis management in the system of ensuring financial security of the enterprise. Busi-
ness: Theory and Practice, 20, 446–455. https://doi.org/10.3846/btp.2019.41

Tamošiūnienė, R., & Savčuk, O. (2007). Risk management in Lithuanian organizations – relation with 
internal audit and financial statements quality. Business: Theory and Practice, 8(4), 204–213. 
https://doi.org/10.3846/btp.2007.29

Thevendran, V., & Mawlesley, M. J. (2004). Perception of human risk factors in construction projects: 
an exploratory analysis. International Journal of Project Management, 22, 131–137. 
https://doi.org/10.1016/S0263-7863(03)00063-2

Tohidi, H. (2011). The role of risk management in IT systems of organizations. Procedia Computer Sci-
ence, 3, 881–887. https://doi.org/10.1016/j.procs.2010.12.144

Verbano, C., & Venturini, K. (2013). Managing risks in SMEs: a literature review and research agenda. 
Journal of Technology Management & Innovation, 8(3), 186–187. 
https://doi.org/10.4067/S0718-27242013000400017

Wu, Y., & Meng, F. (2019). Security classification for safe management and information resource. Jour-
nal of Strategic Security, 11(4), 72−84. https://doi.org/10.5038/1944-0472.11.4.1694

Zhi-Qiang, M., & Tao, H. (2008). Risk evaluation on technological innovation of Chinese small and 
medium-sized enterprises SMEs based on fuzzy neural network. In IEEE International Conference 
on Wireless Communication, Networking and Mobile Computing Proceedings, Niagara Falls, Canada 
(pp. 13067–13073). IEEE.

https://doi.org/10.3846/bme.2013.20
https://doi.org/10.3846/btp.2021.13013
https://doi.org/10.1016/S0951-8320(97)00023-9
https://doi.org/10.3846/btp.2020.11573
https://doi.org/10.3846/bme.2013.16
https://doi.org/10.3846/btp.2015.568
https://doi.org/10.3846/btp.2019.41
https://doi.org/10.3846/btp.2007.29
https://doi.org/10.1016/S0263-7863(03)00063-2
https://doi.org/10.1016/j.procs.2010.12.144
https://doi.org/10.4067/S0718-27242013000400017
https://doi.org/10.5038/1944-0472.11.4.1694