A Knowledge-based Decision Support Tool for Enterprise Risk Management

Enterprise risk management (ERM) refers to a set of processes and methods used by organizations to manage their business risks. In this paper we present a knowledge-based, ERM decision-support tool to help identify, assess, prioritize, analyze and to design solutions to mitigate risks faced by organizations. This design tool is expected to be used both by business consultants as well as client organizations. Several ERM methodologies and tools have been presented in the past. Three key features differentiate our work from the prior-art. First, our knowledge-based ERM tool contains a rich repository of risk content organized for efficient search, and retrieval. This speeds up the risk, and root cause identification and helps conduct the risk assessment and analysis in a structured and consistent manner. Second, the classic and traditional qualitative and quantitative risk analytics are enriched with novel visualizations to help users query and view risk content. This provides useful insight in the context of the larger business environment. Finally, the tool supports the risk management life-cycle by integrating design-time activities with day-to-day risk monitoring and management. This encourages risk management at enterprise level rather than in silos and enables proactive management of risks. Feedback from beta test of this tool with ERM consultants at a large IT consulting company has been very positive and the tool is currently in use at the same company.

By: Nitin Nayak; Rama Akkiraju; Nagesh Mantripragada; Robert Torok

Published in: RC25007 in 2010


This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.


Questions about this service can be mailed to reports@us.ibm.com .