Knowledge driven enterprise risk management

Abstract

In this paper we describe a knowledge management approach for addressing enterprise-level risks and present our experiences in piloting its implementation within a large, multi-organizational enterprise. Our approach facilitates cross organizational discussion and enables enterprise-level perspectives in risk identification, analysis and management thereby avoiding the dangerous pitfalls of silo-approach to risk management. Our tool consists of two parts: (1) a knowledge management tool that enables the collection, and visualization, of risk data and collaboration among risk managers of various organizations within an enterprise (2) an Enterprise Risk Management (ERM) risk assessment and analysis workbench that enables risk managers to (a) qualitatively analyze the interrelationships among various risk elements, and their impact on business objectives and (b) quantitatively assess the risk exposure, and the impact of risk mitigation projects. To the best of our knowledge this is the first of its kind of a tool that provides a knowledge management based approach to enterprise risk management. © 2012 IEEE.