Crime rates in digital spaces are rising each year, involving increasingly innovative attack methods that organizations are unable to handle, or prepare for, with their obsolete management structures. This paper presents a Multivocal Literature Review in which expertise is collected from the academia and industry on how Digital Risk is perceived, interpreted and handled. Findings from the analysis of 82 selected works, out of an initial set of 519, support the necessity of a paradigm shift in Risk Management to appropriately counter the vulnerabilities specific to digitalization and to abolish the existing siloed organizational approach in favor of a more holistic, cooperative system where individuals are empowered to make decisions and oversight is specialized and dedicated. After analyzing the definitions, compositions, domain contextualizations and organizational structurings attributed to Digital Risk in the literature, a new definition for this concept is proposed, accompanied by a conceptual map and a diagram for structural changes in organizations, to provide an understanding of the area and a contribution to the theoretical foundations of Digital Risk, so that better solutions can be pursued in the future, improving the effectiveness of Risk Management practices in modern organizations.

--

Digital risk,Multivocal literature review,Risk management,Three lines of defense

• Computer and Information Sciences - Natural Sciences