A quantitative optimization model for dynamic risk-based compliance management
IBM Journal of Research and Development - Business optimization
A static compliance-checking framework for business process models
IBM Systems Journal
Regulations Expressed As Logical Models (REALM)
Proceedings of the 2005 conference on Legal Knowledge and Information Systems: JURIX 2005: The Eighteenth Annual Conference
Addressing the data aspects of compliance with industry models
IBM Systems Journal
A static compliance-checking framework for business process models
IBM Systems Journal
One Size Does Not Fit All---A Contingency Approach to Data Governance
Journal of Data and Information Quality (JDIQ)
Indra: an integrated quantitative system for compliance management for IT service delivery
IBM Journal of Research and Development
Industry models for enterprise data management in financial markets
IBM Journal of Research and Development
Three key enablers to successful enterprise risk management
IBM Journal of Research and Development
A risk-metric framework for enterprise risk management
IBM Journal of Research and Development
Firm objectives, IT alignment, and information security
IBM Journal of Research and Development
Emerging challenges in information systems research for regulatory compliance management
CAiSE'10 Proceedings of the 22nd international conference on Advanced information systems engineering
Risk-averse production planning
ADT'11 Proceedings of the Second international conference on Algorithmic decision theory
Hi-index | 0.00 |
As the result of the increasing costs of risk and compliance activities, enterprises are beginning to integrate compliance and risk management into a comprehensive enterprise risk management function and thus proactively address all sorts of risk, including operational risk and the risk of noncompliance. We present the IBM Research enterprise risk management framework, designed to address risk and compliance management in a strategic, integrated, and comprehensive manner. We demonstrate how enterprises evolve along an enterprise-risk-management maturity continuum from a state of mere penalty avoidance through a state of improvement until they finally reach a state of continuous, risk-based transformation. We then explain our high-level model of the enterprise and its environment and describe the central issues, systems, models, and technologies involved. We conclude by presenting the tactical steps necessary to successfully launch enterprise risk management in accordance with our framework.