IBM Systems Journal - 2002 Copyright

IBM Skip to main content
  Home     Products & services     Support & downloads     My account  

  Select a country  
Journals Home  
  Systems Journal  
  ·  Current Issue  
  ·  Recent Issues  
  ·  Papers in Progress  
  ·  Search/Index  
  ·  Orders  
  ·  Description  
  ·  Author's Guide  
Journal of Research
and Development
  Contact Us  
  Related links:  
     IBM Research  

IBM Journal of Research and Development  
Volume 46, Number 2, Page 219 (2007)
Compliance Management
  Full article: arrowHTML arrowPDF   arrowCopyright info


Optimized enterprise risk management

by C. Abrams, J. vonKänel, S. Müller, B. Pfitzmann, S. Ruschka-Taylor
As the result of the increasing costs of risk and compliance activities, enterprises are beginning to integrate compliance and risk management into a comprehensive enterprise risk management function and thus proactively address all sorts of risk, including operational risk and the risk of noncompliance. We present the IBM Research enterprise risk management framework, designed to address risk and compliance management in a strategic, integrated, and comprehensive manner. We demonstrate how enterprises evolve along an enterprise-risk-management maturity continuum from a state of mere penalty avoidance through a state of improvement until they finally reach a state of continuous, risk-based transformation. We then explain our high-level model of the enterprise and its environment and describe the central issues, systems, models, and technologies involved. We conclude by presenting the tactical steps necessary to successfully launch enterprise risk management in accordance with our framework.
Related Subjects: