Available via license: CC BY-NC-ND 4.0
Content may be subject to copyright.
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3176
Prototype to Mitigate Risks for the Closure of a Company with the Support
of Information Technologies
Washington A. Altamirano
1
, Moisés Toapanta T.
2
, Lenin Altamirano
3
, Rodrigo Del Pozo
Durango
4
, Antonio Orizaga T
5
, Roció Maciel A.
6
Abstract
The problems of business closures (SMEs) are constant in the world and in Ecuador due to the lack of application of appropriate
management models that allow the conversion of strategies. The deductive method was used for exploratory research of the information
related to the research topic. The objective is to design a prototype to mitigate risks and prevent threats to avoid the closure of this type
of companies. The result was a conceptual model to minimize risks, a risk control prototype, a prototype flow chart, a simulation of
processes with five scenarios, determination of the formula to detect the probability of closure as an SME and risk analysis and
evaluation. It was concluded that the proposed prototype to detect threats and vulnerabilities provides an optimal security model for
small and medium-sized companies; as a result of the simulations, a security percentage of 77.92% was established, which means that
the greater the number of risks and threats, the greater the probability that a small and medium-sized company will close.
Keywords: Risk Assessment, Threats and Vulnerabilities, Closure and Bankruptcy of SMEs, Administration and Information
Systems, Information Technologies.
Introduction
Currently there are a significant number of small and medium-sized companies that close their operations
unexpectedly. The effect it causes is the decrease in sources of employment at the local and even regional
level. Since their emergence, which is linked to the global economic crisis of recent decades, SMEs have
contributed to reducing the consequences of unemployment and poverty, through the creation of small
artisan workshops and family maquiladoras, some of which have even become developed into large
companies(Rodríguez-Mendoza & Aviles-Sotomayor, 2020).
In fact, in Latin America they represent 99.50%(Oecd/Caf, 2019). In Ecuador, there are 849,831 active
companies, of this total 91.89% are microenterprises; and 7.65% are small and medium-sized
companies(Instituto Nacional de Estadística y Censos, 2021). While it is true, startups manage to grow and
become micro-businesses and some of them into large companies with national and international
recognition (Marco Dini, 2020). However, not all of them have achieved this exponential growth due to
many factors that have limited their expansion, such as: Lack of administrative management, lack of
financing, unskilled work, lack of knowledge of economies of scale, market analysis, among others(De La
et al., 2019).
This situation has caused micro, small and medium-sized companies to carry out their processes in a
traditional way, not establish strategies to improve their organizational performance, and worse still use
indicators that allow them to measure their management to achieve institutional objectives (MANSOOR at
al., 2021). The lack of a management model that allows turning strategies into action, and then measuring
their results to apply improvement measures to meet the objectives in SMEs, is due to ignorance of the
Departamento de Ciencias Económicas Administrativas y de Comercio, Universidad de las Fuerzas Armadas ESPE, Sangolqui, Ecuado r; Email:
waaltamirano@espe.edu.ec.
2
Centro de Investigación en Mecatrónica y Sistemas Interactivos (MIST), Ingeniería en Tecnologías de la Información, Universidad Tecnológica
Indoamérica, Quito, 170301, Ecuador, Email: moisestoapanta@uti.edu.ec, (CorrespondingAuthor)
3
Graduate program, Master degree in Logistics, Politécnico do Porto ISCAP, Rua Jaime Lope s Amorin, Portugal, Email: 2220209@iscap.ipp.pt
4
Postgraduate Director, Universidad Estatal de Bolívar (UEB), Guaranda, Bolívar, Ecuador , Email: rdurango1973@yahoo.es.
5
Information Systems Department of the CUCEA University of Guadalajara (UDG), Guadalajara, México, Email:
jose.orizaga@academicos.udg.mx
6
Information Systems Department of the CUCEA University of Guadalajara (UDG), Guadalajara, México, Email: ma.maciel@academicos.udg.mx
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3177
existence of this type of methodologies, as well as also the cost of implementation until subsequent
monitoring and control. Some companies that have adopted this type of methodologies have not been able
to complete the process, due to the lack of commitment on the part of management and the excessive
number of indicators to control.
The main problem consists of business stagnation, due to the lack of definition of strategies to meet the
objectives of this type of organizations. The vast majority of micro, small and medium-sized companies do
not measure their management, they make decisions without having indicators that allow them to determine
if it is correct or not and if it will bring positive results that improve organizational performance.
Contributing to this problem is the absence of controls, monitoring and measurement of the results
obtained, through an administrative management model defined exclusively for SMEs, with the support of
information technologies.
The existence of these threats, which can even remain hidden for a long period of time, generates
uncertainty and puts the proper management of SMEs at risk. To reduce the inventory of risks due to
threats that could cause the closure of this type of organizations, risk assessment is a primary aspect, since
it allows us to determine what they are exposed to and propose immediate solutions, such as: mitigate,
share, avoid and minimize risk.
Apart from the risk assessment, it is important to carry out an analysis and establish a measurement model
for business management in this sector. In order to provide useful information for adequate decision
making, compliance with objectives and the effectiveness of established strategies. Finally, a prototype will
be established to minimize the risk of bankruptcy in SMEs.
The deductive method is used for exploratory research of information related to the research topic. The
objective is to design a prototype to mitigate risks and prevent threats to avoid the closure of this type of
companies.
The results obtained are: A conceptual model to minimize risks, a risk control prototype, a flow chart
prototype, a simulation of processes with five scenarios, determination of the formula to detect the
probability of closure as an SME and risk analysis and evaluation.
It is concluded that the proposed prototype to detect threats and vulnerabilities provides an optimal security
model for small and medium-sized companies; as a result of the simulations, a security percentage of
77.92% was established, which means that the greater the number of risks and threats, the greater the
probability that a small and medium-sized company will.
Literature Review
The reasonableness of the information is crucial for the survival of SMEs, since it affirms that the figures
presented are real and consistent with business reality, minimizing the threats of bankruptcy risk that
endanger the continuity of the companies(Maciejewska, 2014). When unexpected closures occur due to
company bankruptcies, there is a risk of affecting other companies in their production chain, even more so
when they are small and medium-sized companies(Roque & Caicedo Carrero, 2022). The authors in this
research establish the objective of providing an exhaustive review of the current literature on risk
management to minimize bankruptcies and unexpected closures of small and medium-sized companies,
with one of the most important components being the evaluation of risks(Zahedi et al., 2023). They define
the situational management process of production systems, based on a comprehensive scorecard,
establishing indicators and selecting options for management decisions(Khanova et al., 2020). They
determined that the Balanced Scorecard allows verifying compliance with the goals that a company sets for
itself when implementing its strategies(Novikova et al., 2020). The business world provides precise
information on the threats and vulnerabilities, the positive and negative effects of closing a microenterprise,
such as the dismissal of people, illiquidity, non-compliance with obligations with third parties,
others(Fátima-Robles-Robles et al., 2021). The ISO 31000 Risk Management Standards establish a
comprehensive methodology for risk management for SMEs, however, this regulation does not clearly
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3178
indicate how to manage risks(International Organization for Standardization, 2018). Bankruptcy has been
a problem and cause for concern, due to its negative effects on areas of the economy, society and politics.
The purpose of this research is to develop a model to predict bankruptcy that allows predicting the
probability of financial difficulties of the company, we worked with random forest regression methods and
synthetic minority sampling techniques, however, the results obtained are not significant to define that the
model can be adapted to any type of company (Tran Duc Quynh; Tran thi Lan Phuong, 2020).They propose
how to introduce their risk adversity into decision making with risk estimation, using the best coherent risk
measure derived from the risk adverse utility of the decision maker, a dynamic risk minimization problem
is analyzed in the decision-making process. Markov decision (Yoshida, 2019). However, there are many risk
models for the phenomenon of bankruptcy, the authors point out that none of the existing models can be
applied in a plural way, and that many of them consider the cash flow between companies, for which they
present a model multi-agent bankruptcy contagion based on cash flow graph(Zhang, 2020). It is also
important to consider the support provided by ICTs in predicting bankruptcy; Indeed, one of the strategies
to predict bankruptcy is to implement parallel computing and the use of prediction algorithms (CBR) based
on historical data, which has satisfactory results, but has low performance at the time of calculation, due to
the enormous historical financial data(Rahayu, n.d.). The development of an intelligent information system
for the evaluation of the bankruptcy risk of a company based on fuzzy logic and the synthesis of neural
network technologies is a contribution that not only allows for a current evaluation of the bankruptcy risk
of the company, but also provides the opportunity to track how it changes when one or several indicators
with inadequate current values vary. The implementation of such a capability makes it possible to simulate
development, select an appropriate way to normalize a level of bankruptcy risk, and make timely
management decisions(Telipenko & Sopova, 2018). The COBIT method calculates the maturity level of a
process. This allows the risks and threats to be determined in order to predict whether or not there is a risk
of bankruptcy from the IT environment, becoming an important factor in a financial company (Rooswati
& Legowo, 2018). The methodology known as the Chinese Wall that regulates the "Conflict of Interest"
relationship, whose acronym is CIR, allows you to identify the risks and threats and the consequences that
conflicts of interest entail among the stakeholders of a company(Lin, 2015). Adequate risk management
focuses on determining the threats and vulnerabilities that affect companies, to establish the impact on each
process(Fabric, 2019). The authors present six types of risks as detailed in table 1(Suroso et al., 2019).
Table 1. Shows the Types of Risks
Type
Ref.
Business Risk
(Suroso et al.,
2019)
Investment Risk
Quality Risk
Operational Risk
Technological Risk
Financial Risk
List of Risks and Threats of Bankruptcy
The threats that could cause the bankruptcy of companies, especially small and medium-sized ones, have
been pointed out by some authors as detailed in table 2.
Table 2. List of Bankruptcy Risks and Threat
Thread
Process
Ref
Creative
Accounting
Creative practices that serve to improve or worsen financial
information according to the interests of the Stakeholders.
(Altamirano Salazar,
2017)
Fraud Risk
Incidence of fraud risks on financial performance.
(Guachimbosa-
santiago, 2024)
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3179
Financial
Crimes
Financial crimes in the Web3-Empowered Metaverse:
taxonomy, countermeasures, and opportunities.
(Wu et al., 2023)
Data mining
Method of data extraction for financial purposes, through
Data Mining.
Detection of fraud in account statements to support the
decisions of interested parties.
(Yao et al., 2018)
Money
Laundering
Intelligent two-phase method based on data analysis and
machine learning techniques to identify suspected money
laundering accounts from transaction data.
(Tai, 2019)
Methodologies and Models of Risks and Administrative Management
Regarding the administrative management models, which allow the improvement of processes and
therefore minimize the risk of company closure, the following are defined: Canvas, Six Sigma, Kanban,
comprehensive dashboards, among others.
Canvas Model
It is a management tool designed by Osterwalder and Pigneur (Osterwalder & Pigneur, 2010) for the
development of new business models that understand the company as a whole. The model is made up of
nine modules that represent the key areas of the company that must be taken into account in the business
model to achieve its income(Cuzco Simbaña et al., 2019). The modules are: Key partnerships, key activities,
value propositions, customer relationships, market segments, key resources, channels, cost structure and
revenue sources.
Six Sigma Model
As for the Six Sigma model, it is a continuous business improvement strategy that seeks to find and
eliminate the causes of errors, defects and delays in business processes, focusing on those aspects that are
critical for the client(Malpartida et al., 2021). The 6σ strategy is based on a highly systematic and quantitative
methodology aimed at improving business results with three priority areas of action: customer satisfaction,
reduction of cycle time and reduction of defects(Ramírez Pérez et al., 2021).
Kanban Model
Kanban, on the other hand, is a methodology that seeks to achieve a productive, organized and efficient
process. This technique was created at Toyota to monitor the progress of work performed throughout a
supply chain. Kanban is part of the Lean Manufacturing methodology that is based on the use of just-in-
time (JIT) techniques. The main objective of Kanban is to ensure sustainable production to avoid excess
final product, bottlenecks and delivery delays(Castellano Lendínez, 2019).
Balanced Scorecard (BSC) Model or Balanced Scorecard
The Balanced Scorecard (BSC) is a powerful tool in the management of an organization. The
implementation of a management model based on a balanced scorecard allows companies to define
strategies and measure their management (Carvajal Zambrano et al., 2022). Balanced Scorecard (BSC)
created by professors Robert Kaplan and David Norton(Kaplan S.Robert.; and David. P. Nurton, 2016). It
is a methodology that translates strategy into action, and its subsequent monitoring. Its analysis is based on
four perspectives: financial, customer, internal processes, learning and growth. The balanced scorecard
allows you to create strategic maps that help obtain a complete visual representation of the strategy in an
organization.
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3180
For Zamora(Zamora, 2018) The objective of organizational performance is to change the culture, defined
in its traditions, systems and outdated procedures, promoting innovative means different from those of the
past, maintaining and improving what has been done well and therefore must continue. In this context, the
Balanced Scorecard is a powerful management tool that helps design strategic maps, balanced scorecards,
define management indicators, and above all, align business strategies. SMEs seek to achieve growth and
positioning indicators for their products and services in the markets. This tool will allow them to monitor
progress in meeting the proposed goals.
Having a control panel based on indicators designed based on the four perspectives of the BSC, allows the
owners, managers and administrators of SMEs to have at hand a tool that helps verify if they are on the
right path. In the event that there are deviations, delays, non-compliance, the control panel provides alerts
to managers so that they can implement improvement actions immediately. Thus, contributing to
organizational development, leading them to the objectives they want to achieve, based on an evaluation of
the organization that considers its structure, activities, purpose, budget and resources it has to carry out its
function. The Balanced Scorecard and the Canvas model can be linked as complementary tools for
entrepreneurs. The first develops objectives and operational measures in four main perspectives to achieve
the mission and strategy. The second has meant a revolution in the generation of business models,
establishing nine sections that reflect its logic(Añaguaya, 2021).
COSO Report
This report addresses the need for organizations to improve their risk management approach to meet the
demands of an evolving business environment. Align performance and risk management to understand the
impact of risk on performance.The focus of the report is based on five aspects:
Governance and Culture: Governance is responsible for managing institutional risks and establishing
responsibilities. Culture refers to ethical values, desired behaviors and understanding of risk.
Strategy and goal setting: business risk management, strategy and goals (strategic planning)
Performance: Risks that may impact the achievement of the strategy and the business
Review: When reviewing entity performance, an organization can consider how well enterprise risk
management components are working over time
Information, communication and reporting: It is a continuous process of obtaining and exchanging the
necessary information, from internal and external
sources(Committee_of_Sponsoring_Organizations_of_Treadway_Commission, 2017).
Risk Matrix
To The risk matrix is one of the methodologies most used by companies to measure the risk levels to which
they are exposed. For this purpose, elements such as: Impact and Probability are used
(Committee_of_Sponsoring_Organizations_of_Treadway_Commission, 2017), considering the ranges
established in detail in Table 3.
Table 3. Risks Impact Matrix
Impact Level
Assessment
Mild Risk
1
Low Risk
2
Half Risk
3
High Risk
4
Extreme Risk
5
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3181
Table 3 defines the impacts that will be evaluated in this research process, which can be quantitative and
qualitative, considering the parameters defined by the Richter scale.
Table 4. Probability of Occurrence Matrix
Ocurrence
Assessment
Unlikely occurrence
1
Likely occurrence
2
Very likely occurrence
3
Highly probable occurrence
4
Extremely likely occurrence
5
The methodology also establishes the probabilities of a risk occurring, according to table 4.
Table 5. Risk Importance Scale
Importance Level
Scale
Mild Risk
1-5
Low Risk
6-10
Normal Risk
11-15
High Risk
16-20
Criticism Risk
20-25
The following criteria of importance for a risk were used. Table 5 contains the index of importance that
risks can have.
To determine the risk value in the indicated matrices, the following formula will be used:
𝑉𝑅 = 𝑃𝑂𝑥𝐼 (1)
Where:
PO = Probability of occurrence
I = Impact
VR = Risk Level
With the matrices and the indicated formula, Table 6 was prepared, which establishes the risk level of each
identified risk factor.
Table 6. Risk Matrix
Risk
Probability of
Ocurrence (PO)
Impact
(I)
Risk Value (VR)
Operational Risks (Market,
customers, product, logistics.)
4
5
20
Financial Risk (Liquidity,
solvency, profitability, debt)
5
5
25
Fraud Risk
4
4
16
Reputational Risk
3
3
9
Technological Risks
4
3
12
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3182
In the example cited, the table shows that if there are values that do not exceed 5 points, there is no risk,
up to 10 points generate a relatively low risk and those that exceed 20 points are extremely high and must
be monitored.
Methodology
The articles, presentations and conference proceedings that were compiled served as a basis for analyzing
risk prototypes and administrative management models, with the aim of establishing the most appropriate
and optimal one applicable to small and medium-sized companies. For the design of the prototype, the
administrative structure of small and medium-sized SMEs was considered, validated by the different
administrative management models.
Conceptual Model
The references (Castellano Lendínez, 2019), (Carvajal Zambrano et al., 2022) and
(Committee_of_Sponsoring_Organizations_of_Treadway_Commission, 2017) served as a basis for the
development of the conceptual model of the prototype of bankruptcy risks in SMEs.
Security Prototype
For the construction of the prototype to prevent risks and threats, the following references were taken into
account: Phases to obtain the value of a risk(Huang et al., 2015), Risk Categories(Alsalamah, 2017).
Algorithm
The references cited below were used in the construction of the algorithm (Tran Duc Quynh; Tran thi Lan
Phuong, 2020), (Yoshida, 2019), (Rooswati & Legowo, 2018), (Altamirano Salazar, 2017), (Elizabeth &
Santiago, 2023), were taken into account; for this purpose, the phases of the bankruptcy risk prototype were
defined; At the end a formula will be defined to verify the stability of the algorithm.
Construction of the Formula
The variables used to construct the formula were the number of risks and the companies' mitigation
capacity. For this purpose, security level tables were used to improve the prototype.
Simulations
The simulations help determine if there is a probability that a problem will occur, for which five different
scenarios were analyzed.
Results
The results obtained in this research are: Conceptual model to minimize risks, Risk control prototype,
Prototype flowchart, Process simulation with five scenarios, Determination of the formula to detect the
probability of closing as SME and Risk analysis and evaluation.
Conceptual model to minimize risks
The proposed model allows minimizing the availability of threats and vulnerabilities of small and medium-
sized companies, in order to determine what they are exposed to in order to propose immediate solutions,
such as: mitigate, share, avoid and eliminate the risk. The model is detailed in Figure 1 below.
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3183
Figure 1. Conceptual Model of the Proposed Protocol.
The model presented in Figure 1 allows the following activities to be carried out: Evaluate the vulnerabilities
and threats that may affect organizational performance; Determine the actual risk mitigation capacity;
Determine the probability of impact on organizational performance; And establish the value of the risks,
for this purpose, the probability of occurrence will be multiplied by the impact of each risk(Moisés et al.,
2022).
Below is the formula used to calculate the prototype of the conceptual model
1
()
3
n
i
D T R
x
(2)
Where:
X = Average of mitigation indicators
D = Mitigation Detection (range value 0 - 10)
T = Mitigation Tolerance (range value 0 - 10)
R = Mitigation Response (range value 0 - 10)
10
xx
CM CME
(3)
Where:
CM = Actual Mitigation Capacity
CME = Estimated Mitigation Capacity
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3184
( )% *100
!
R CM
CM e
PR R
(4)
Where:
P(R)% = Probability that risks affect companies
R = Number of Risks
100 ( )%EP P R
(5)
Where:
EP = Mitigation Efficiency of the prototype, which will be verified in table 7.
Table 7. Mitigation Scale
Scale
Assessment
80-100
Excellent rating
50-70
Optimal valuation
20-40
Regular Assessment
0-10
Poor valuation
Risk Control Prototype
The prototype proposes to minimize the risks that can cause bankruptcy in companies, by identifying the
vulnerabilities and threats that erroneous financial information can generate. Select mitigation strategies in
order to design and implement an action plan, until its monitoring.
Figure 2. Risk Prototype
Figure 2 Shows the Five Phases of the Prototype
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3185
First Phase
In this phase, the administrative and financial information of the companies, employees, clients, suppliers,
investors, etc. is detailed
Second Stage
It allows identifying vulnerabilities that cause risks that threaten the survival of small and medium-sized
businesses:
Third Phase
Once the risks have been identified, they must be analyzed and classified according to their level of impact
and probability, in order to implement risk mitigation strategies.
Fourth Phase
This stage allows risks to be mitigated, for which risk response categories are established, such as: eliminate,
minimize and share the risk.
Fifth Phase
In the final phase, an action plan must be made that will contain mitigation strategies. Subsequently, it will
be monitored to make corrections and suggestions.
Prototype flowchart
The algorithm and flowchart of the proposed methodology establish the activities that companies must
execute to mitigate vulnerabilities, threats and risks to prevent company closure.
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3186
Figure 3. Prototype Algorithm Expressed in A Flow Chart
In the Figure 3 describes the algorithm in a flow chart, and what its phases are.
Description
Phase 1.- Administrative and Financial Information: An administrative and financial diagnosis must
be carried out to determine which aspects may be compromised if any negative event occurs that
affects the survival of SMEs.
Phase 2.- Vulnerabilities and threats: Once they are identified, the existing risks in SMEs can be
determined. If the prototype determines that they do not exist, the process ends.
Phase 3.- Risks measurement: To carry out this phase it is necessary to determine the value of the
risks. Which is calculated by multiplying the probability of occurrence by the impact it can generate.
Then they must be categorized, giving importance to those that can cause serious consequences
that require immediate attention.
Phase 4.- Mitigate risks: Risks are analyzed to design mitigation strategies, which can be: Eliminate,
minimize or share. If there are no mitigation strategies, the risks must be created and reanalyzed.
Phase 5.- Risk Management: In this phase, strategies must be selected, described, executed and
monitored based on the action plan.
Next, the respective algorithm is defined.
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3187
Phase 1: Administrative and Financial Information. - Financial and non-financial management
indicators are detailed.
Phase 2: Identification of threats and vulnerabilities. - Vulnerabilities and threats are described. If
they do not exist, the process will be terminated.
Phase 3: Risk identification and mitigation. - The risks are categorized and the value of each one is
calculated.
Phase 4: Risk Management. - With the selected strategies, an action plan must be created, which
will be implemented and monitored.
Once the prototype has been created, it must be demonstrated that it is stable; for this purpose, the formulas
mentioned above will be used.
*
1
o
R
R
PCM
(6)
(100%)
o
sP
(7)
Where:
R = Number of risk
R * = Number of high and critical risks
Po = Security level
CM = Mitigation capacity
s = Algorithm stability percentage
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3188
Process Simulation with Five Scenarios
Figure 4. Percentage of Security in Five Scenarios
Figure 4 shows that scenario 2 obtained 77.92%, which is the highest percentage of security for a company
not to go bankrupt. For a small company not to go bankrupt, based on expert judgment, it is recommended
that its percentage be greater than 75%.
Determination of the Formula to Detect the Probability of Closing As SME
With the following formula, the probability of closure problems occurring in companies can be determined,
taking into account the number of risks and threats.
#
( ) [(# ) ]/ !
nR
P n R e n
(9)
Where:
P (n) = Probability of a problem occurring in the company
n = Number of threats
#R = Number of system risks
Risk analysis and evaluation
After having analyzed the risk and administrative management methodologies and models, it was
determined that the identification and evaluation of risks is the most critical process within an organization.
Indeed, the Coso report, the risk matrix and the characterization of risks, allow prioritizing the impact of
risks, to determine an indicator of threats to companies and the damage they may cause. The ability of
companies to mitigate risks is compromised by compliance with various parameters, measured through
quantitative scales and for this purpose, formulas were used to determine if the prototype is stable and will
allow minimizing risks and threats that compromise continuity. Of companies and be able to determine
actions that mitigate vulnerabilities, threats and risks.
Discussion
As a result of the analysis, it was established that there are several risk and administrative management
methodologies and models. In the investigation, a model based on the methodology of the Coso report and
the risk matrix was applied. It is important to note that the prototype does not determine the
implementation values, this will depend on each organization.
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3189
In the article (Tran Duc Quynh; Tran thi Lan Phuong, 2020) Random Forest Regression methods and
synthetic minority sampling techniques were used to develop a model to predict bankruptcy that allows
predicting the probability of financial difficulties of the company. In the article (Yoshida, 2019) a dynamic
risk minimization problem in the Markov decision process is analyzed to introduce its risk adversity in
decision making with risk estimation. A multi-agent bankruptcy contagion model based on the cash flow
graph is presented in paper (Zhang, 2020). The support provided by ICTs in predicting bankruptcy is
important; In the article (Rahayu, n.d.), parallel computing and the use of prediction algorithms (CBR) are
implemented to predict bankruptcy. Our contributions are the results presented in this research as
alternatives to mitigate the risks of medium-sized companies and SMEs.
According to the administrative and risk management models, risk management is essential because it allows
us to know what the main threats and vulnerabilities are that can cause the closure of small and medium-
sized businesses.
As a result of the simulations, a security percentage of 77.92% was established, which means that the greater
the number of risks and threats, the greater the probability that a small and medium-sized company will
close.
Companies must apply risk prototypes to mitigate vulnerabilities, threats that can cause the closure of small
and medium-sized companies with high bankruptcy rates.
Future Work and Conclusions
The researchers in the next phase of the research process will carry out the implementation in small,
medium-sized companies, even in corporate companies in order to validate and ensure that the support of
Information Technologies is an important factor to avoid the bankruptcy or closure of companies.
It was concluded that the proposed prototype to detect threats and vulnerabilities provides an optimal
security model for small and medium-sized companies; as a result of the simulations, a security percentage
of 77.92% was established, which means that the greater the number of risks and threats, the greater the
probability that a small and medium-sized company will close.
The results obtained from the simulation demonstrate that companies must have a good mitigation capacity
for the efficiency percentage to be high.
The present investigation allowed us to propose a conceptual map that shows the mitigation efficiency
formula of the prototype. Determining that each phase helps avoid the loss of information to minimize the
threats detected. On the other hand, the algorithm was established to verify that the protocol is optimal
against the risks obtained in small and medium-sized companies, with the proposed formula it was possible
to verify the mitigation efficiency of the prototype.
Authors’ Contributions
All authors collaborated in the process of elaboration of the article. Washington Altamirano and Moises
Toapanta worked mainly in the Introduction, Analysis, Review of all phases of the article and the Literature.
Lenin Altamirano and Rodrigo Del Pozo worked mainly in the methodology, search for information and
results. Rocio Maciel and Antonio Orizaga worked mainly in the selection of the validation scales,
discussion and conclusions.
Author Ethical Declarations
We confirm that the work has not been published elsewhere in any form or language
Funding information: No funding was received for conducting this study.
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3190
Conflict of Interest: The authors state no conflict of interest.
Declaration of Interests
The authors declare that they have no known competing financial interests or personal relationships that
could have appeared to influence the work reported in this paper.
References
Alsalamah, A. (2017). Security risk management in online system. Proceedings - 2017 5th International Conference on
Applied Computing and Information Technology, 2017 4th International Conference on Computational
Science/Intelligence and Applied Informatics and 2017 1st International Conference on Big Data, Cloud Compu,
119–124. https://doi.org/10.1109/ACIT-CSII-BCD.2017.59
Altamirano Salazar, A. W. (2017). La Contabilidad Creativa en el Gobierno Corporativo de las empresas. Ciencias
Administrativas, 12, 027. https://doi.org/10.24215/23143738e027
Añaguaya, O. H. (2021). Integración del Cuadro de Mando Integral (CMI) con el Modelo Canvas como Estrategia de Gestión
Empresarial. INF-FCPN-PGI Revista PGI, Cmi, 135–138.
Carvajal Zambrano, G. V., Chávez López, A. C., Velásquez Vera, M. L., & Nogueira Rivera, D. (2022). Balanced Scorecard:
A look from its evolution. Revista Venezolana de Gerencia, 27(97), 224–256.
https://doi.org/10.52080/rvgluz.27.97.17
Castellano Lendínez, L. (2019). Kanban. Metodología para aumentar la eficiencia de los procesos. 3C Tecnología. Glosas de
innovación aplicadas a la pyme. 3C Tecnología. Glosas de Innovación Aplicadas a La Pyme, 8(1), 30–41.
Committee_of_Sponsoring_Organizations_of_Treadway_Commission. (2017). Enterprise Risk Management Integrating
with Strategy and Performance (Issue June).
Cuzco Simbaña, E. G., Erazo Álvarez, J. C., Narváez Zurita, C. I., & Andrade Mena, G. I. (2019). El modelo Canvas como
fundamento del plan de negocios para empresas de servicios de software de la ciudad de Cuenca. Cienciamatria,
5(1), 781–804. https://doi.org/10.35381/cm.v5i1.319
De La, D., Cordero, O., & Monge-González, R. (2019). Factores que influyen en el desempeño de las PYMEs: una perspectiva
cualitativa de los empresarios costarricenses Factors that influence the SMEs performance: a qualitative
perspective of Costa Rican entrepreneurs. Ran, 4(2), 2019.
Elizabeth, C., & Santiago, G. (2023). Riesgo de fraude y el desempeño financiero en las cooperativas de ahorro y crédito del
Ecuador Fraud risk and financial perfomamnce in savings and credit cooperatives in Ecuador Resumen. 5206–
5216.
Fabric, A. H. (2019). A Hyperledger-based P2P Energy Trading Scheme using Cloud Computing with Low Capabillity
Devices. 2019–2021. https://doi.org/10.1109/SmartCloud.2019.00039
Fátima-Robles-Robles, M. del R., Romero-Espinoza, M. de los Á., & Romero Vivar, N. G. (2021). Efectos económicos y
operativos preliminares del COVID-19 en las Mipymes de Sonora, México Preliminary economic and operational
effects of COVID-19 on MSMEs in Sonora, Mexico. Economía, Sociedad Y Territorio, XXI(67), 631–655.
Guachimbosa-santiago, C. E. (2024). no Equador. 9(4), 1089–1102.
Huang, L., Shen, Y., Zhang, G., & Luo, H. (2015). Information system security risk assessment based on multidimensional
cloud model and the entropy theory. ICEIEC 2015 - Proceedings of 2015 IEEE 5th International Conference on
Electronics Information and Emergency Communication, 11–15. https://doi.org/10.1109/ICEIEC.2015.7284476
Instituto Nacional de Estadística y Censos. (2021). Estadística de las empresas. 3–17.
International Organization for Standardization. (2018). Norma Internacional ISO 31000. In Administración/Gestión de
riesgos — Lineamientos guía.
Kaplan S.Robert.; and David. P. Nurton. (2016). BALANCED SCORECARD The balanced scorecard translating strategy
into action [1996].pdf (pp. 1–28).
Khanova, A., Protalinsky, O., Bondareva, I., & Khanova, Y. (2020). Situational management of production systems based on
a balanced scorecard. 2020 International Conference Engineering and Telecommunication, En and T 2020, 1–5.
https://doi.org/10.1109/EnT50437.2020.9431313
Lin, T. Y. T. Y. (2015). Chinese wall security policies information flows in business cloud. Proceedings - 2015 IEEE
International Conference on Big Data, IEEE Big Data 2015, 1603–1607.
https://doi.org/10.1109/BigData.2015.7363927
Maciejewska, I. (2014). Risk factors for an audit process in the developed IT environment: The concept of research based on
experiences from small audit practices in Poland. Iberian Conference on Information Systems and Technologies,
CISTI, 1–4. https://doi.org/10.1109/CISTI.2014.6877007
Malpartida, J., Olmos, D., Quiñones, S., Ledesma, M. J., Garcia Curo, G., & Diaz Dumont, J. R. (2021). Six Sigma process
improvement strategy applied to the textile. Alpha Centauri, 2(3), 72–90.
MANSOOR, M., AWAN, T. M., & PARACHA, O. S. (2021). Predicting pro-environmental behaviors of green electronic
appliances’ users. International Journal of Business and Economic Affairs, 6(4), 175-186.
Marco Dini, G. S. (2020). MIPYMES en América Latina Un frágil desempeño y nuevos desafíos para las políticas de fomento.
https://repositorio.cepal.org/bitstream/handle/11362/44148/1/S1800707_es.pdf
Moisés, S., Toapanta, T., Humberto, R., Pozo, D., Enrique, L., Gallegos, M., Zharayth, E., Díaz, G., Josefina, Y., Quintana,
M., Noheli, J., Jimenez, M., Roció, M., Arellano, M., & Orizaga, J. A. (2022). Prototype to Mitigate the Risks ,
Vulnerabilities and Threats of Information to Ensure Data Integrity. 7(6), 139–150.
Journal of Ecohumanism
2024
Volume: 3, No: 7, pp. 3176 – 3191
ISSN: 2752-6798 (Print) | ISSN 2752-6801 (Online)
https://ecohumanism.co.uk/joe/ecohumanism
DOI: https://doi.org/10.62754/joe.v3i7.4449
3191
Novikova, T. B., Davletkireeva, L. Z., & Romanova, E. V. (2020). Balanced Scorecard Modeling: An Effective Management
Tool. 2020 International Multi-Conference on Industrial Engineering and Modern Technologies, FarEastCon
2020, 0–5. https://doi.org/10.1109/FarEastCon50210.2020.9271456
Oecd/Caf. (2019). Índice de Políticas PYME: América Latina y el Caribe 2019 Políticas para PYMEs competitivas en la
Alianza del Pacífico y países participantes de América del Sur. In América Latina y el Caribe 2019.
https://www.oecd.org/latin-america/Indice-Politicas-PYME-LAC-Mensajes-Principales.pdf
Osterwalder, A., & Pigneur, Y. (2010). Esfuerzan Por Desafiar Los Modelos Comerciales Pasados De Moda Y Escrito Por.
Rahayu, D. S. (n.d.). Parallel Implementation in Case-based Reasoning Bankruptcy Prediction System.
Ramírez Pérez, J. F., López Torres, V. G., Hernández Castillo, S. A., & Morejón Valdés, M. (2021). Lean Six Sigma E
Industria 4.0, Una Revisión Desde La Administración De Operaciones Para La Mejora Continua De Las
Organizaciones. UNESUM-Ciencias. Revista Científica Multidisciplinaria. ISSN 2602-8166, 5(4), 151–168.
https://doi.org/10.47230/unesum-ciencias.v5.n4.2021.584
Rodríguez-Mendoza, R., & Aviles-Sotomayor, V. (2020). Las PYMES en Ecuador. Un análisis necesario. 593 Digital
Publisher CEIT, 5-1(5), 191–200. https://doi.org/10.33386/593dp.2020.5-1.337
Rooswati, R., & Legowo, N. (2018). Evaluation of IT Project Management Governance Using Cobit 5 Framework in
Financing Company. Proceedings of 2018 International Conference on Information Management and Technology,
ICIMTech 2018, September, 81–85. https://doi.org/10.1109/ICIMTech.2018.8528192
Roque, D. I., & Caicedo Carrero, A. (2022). Detección de insolvencia financiera mediante el modelo Z-Altman en empresas
colombianas no cotizantes durante el periodo 2016-2019. Contabilidad Y Negocios, 17(33), 167–192.
https://doi.org/10.18800/contabilidad.202201.007
Suroso, J. S., Januanto, A., & Retnowardhani, A. (2019). Risk Management of Debtor Information System at Bank XYZ
Using OCTAVE Allegro Method. 2019 International Conference on Electrical Engineering and Informatics
(ICEEI), 2019-July, 261–265. https://doi.org/10.1109/ICEEI47359.2019.8988890
Tai, C. (2019). Identifying Money Laundering Accounts. 2019 International Conference on System Science and Engineering
(ICSSE), 379–382.
Telipenko, E. V., & Sopova, S. P. (2018). Software for bankruptcy risk assessment of the enterprise. RPC 2018 - Proceedings
of the 3rd Russian-Pacific Conference on Computer Technology and Applications, 1–4.
https://doi.org/10.1109/RPC.2018.8482206
Tran Duc Quynh; Tran thi Lan Phuong. (2020). Improving the bankruptcy prediction by combining some classification
models. 12th International Conference on Knowledge and Systems Engineering (KSE), 263–268.
Wu, J., Member, S., Lin, K., Lin, D. A. N., & Student, G. (2023). Financial Crimes in Web3-Empowered Metaverse :
Taxonomy , Countermeasures ,. IEEE Open Journal of the Computer Society, 4(February), 37–49.
https://doi.org/10.1109/OJCS.2023.3245801
Yao, J., Zhang, J., & Wang, L. (2018). A financial statement fraud detection model based on hybrid data mining methods.
2018 International Conference on Artificial Intelligence and Big Data, ICAIBD 2018, 57–61.
https://doi.org/10.1109/ICAIBD.2018.8396167
Yoshida, Y. (2019). Markov Decision Processes with Coherent Risk Measures: Risk Aversity in Asset Management.
Proceedings - 2019 IEEE Conference on Cognitive and Computational Aspects of Situation Management,
CogSIMA 2019, 1, 147–151. https://doi.org/10.1109/COGSIMA.2019.8724252
Zahedi, M. H., Kashanaki, A. R., & Farahani, E. (2023). Risk management framework in Agile software development
methodology. International Journal of Electrical and Computer Engineering, 13(4), 4379–4387.
https://doi.org/10.11591/ijece.v13i4.pp4379-4387
Zamora, M. (2018). El Desarrollo Organizacional Como Generador De Un Cambio Significativo En Las Organizaciones De
La Sociedad Civil. Revista Extremeña de Ciencias Sociales, 10, 87–109.
Zhang, J. (2020). Structured Multi-Agent-Based Model for Bankruptcy Contagion With Cash Flow. 8.
https://doi.org/10.1109/ACCESS.2020.3024711.
