The 4.0 industrial revolution is evidenced by the exponential evolution and adoption of digitalisation in all aspects of society. The resulting disruption and has led to the digital transformation of industry. There has been a race to explore and reap the benefits of digitalisation through emerging technologies such as: artificial intelligence, machine learning, big data analytics, cloud, autonomous vehicles and the Internet of Things. The evolution of these technologies has not resulted in the explicit development of risk management methods and frameworks which facilitate digital risk identification. The complexity of the context of risk influences the identification of risks and supercomplexity creates a level of detail which does not easily facilitate effective risk identification with the current methods of identification.
This paper presents a critical analysis of risk identification in the digital world and suggests that the application of additional dimensions: interface, causation and accumulation to digital technology may enhance the identification of risk. Artificial intelligence relies on the premise that the original data is free of bias, accurate and fit for purpose. The line of causation when applied to machine learning can result in misleading outcomes if the base data is incorrect or applied erroneously. There are issues with the accumulation of risk resulting from the interconnectivity of the digital world. Macro level interconnectivity may be identified, but unknown connectivity resulting from machine learning at the micro level may remain unknown, unidentified and unmanageable. Interface risk requires the identification of risks at the interface of different digital technology and human application.
Fundamentally, the ability to identify risk in a digital context requires identification, greater scrutiny and governance. It is questionable whether at this stage of development there is a clear understanding of the inherent digital risks. The application of interface, causation and accumulation to the existing generic methods of risk identification contributes to a more holistic identification of digital risks