By Topic

IBM Journal of Research and Development

Issue 3 • Date May-June 2010

Business Integrity and Risk Managementa

The increasingly complex and global nature of business enterprises and their activities—which include worldwide supply chains, cross-border financial activity, and services outsourcing—is accompanied by increasing levels of economic uncertainty, global competition, governmental regulatory controls, and use of interdependent information technologies. This issue covers a broad array of domain and non-domain-specific topics and technologies for enhancing business integrity through the provisioning of risk management capabilities. Topics range from enterprise risk management to IT security to the management of power-outage risks.

Filter Results

Displaying Results 1 - 13 of 13
  • Cover 1

    Publication Year: 2010, Page(s): C1
    IEEE is not the copyright holder of this material | PDF file iconPDF (724 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2010, Page(s):1 - 2
    IEEE is not the copyright holder of this material | PDF file iconPDF (49 KB)
    Freely Available from IEEE
  • Preface: Business Integrity and Risk Management

    Publication Year: 2010, Page(s):1 - 2
    IEEE is not the copyright holder of this material | PDF file iconPDF (47 KB)
    Freely Available from IEEE
  • Three key enablers to successful enterprise risk management

    Publication Year: 2010, Page(s):1:1 - 1:15
    Cited by:  Papers (1)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (5476 KB)

    Enterprise risk management (ERM) refers to a set of processes that enables the effective management of the risks, opportunities, and expected and unexpected events that may affect the enterprise. The successful implementation of ERM is a challenging task in part because it requires collaboration among multiple business units of different sizes, scope, and capability, each facing what it per... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Problems with scoring methods and ordinal scales in risk assessment

    Publication Year: 2010, Page(s):2:1 - 2:10
    Cited by:  Papers (12)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (232 KB)

    Risk assessment methods based on scoring methods that rate the severity of each risk factor on an ordinal scale are widely used and frequently perceived by users to have value. We argue that this perceived benefit is probably illusory in most cases. We begin by describing a number of common scoring methods currently used to assess risk in a variety of different domains. We then review the l... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A risk-metric framework for enterprise risk management

    Publication Year: 2010, Page(s):3:1 - 3:10
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (1650 KB)

    We describe a risk-metric framework that supports enterprise risk management. At the core of the framework is the notion of a risk profile that provides risk measurement for risk elements. By providing a generic template in which metrics can be codified in terms of metric space operators, risk profiles can be used to construct a variety of risk measures for different business contexts. Thes... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Incorporating risk into business process models

    Publication Year: 2010, Page(s):4:1 - 4:13
    Cited by:  Papers (9)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (4059 KB)

    Although business process modeling is considered as a core activity in enterprise risk management, existing process modeling languages do not include a complete notation for documenting how processes can fail. This paper develops a conceptual framework for extending standard business process metamodels to include comprehensive information that is useful for managing and quantifying operatio... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Firm objectives, IT alignment, and information security

    Publication Year: 2010, Page(s):5:1 - 5:7
    Cited by:  Papers (5)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (934 KB)

    More and more attention has been devoted to the alignment of information technology (IT) spending and initiatives with organizational strategic objectives. IT spending across organizations and industries has a high opportunity cost and involves a substantial opportunity for deviations from support for the highest priorities of business units. The business justification and rationale for inf... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Causal networks for risk and compliance: Methodology and application

    Publication Year: 2010, Page(s):6:1 - 6:12
    Cited by:  Papers (2)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (2859 KB)

    This paper presents a statistical approach to quantitatively measure the current exposure of a company to failures and defects in product quality or to compliance to government regulations. This approach is based on causal networks, which have previously been applied to other fields, such as systems maintenance and reliability. Causal networks allow analysts to causally explain the values o... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Service operation classification for risk management

    Publication Year: 2010, Page(s):7:1 - 7:17
    Cited by:  Papers (3)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (6390 KB)

    We propose an empirical service-operation risk-classification model to provide managerial insights to service providers in terms of risk management. The model is developed through an investigation of the dependencies between the characteristics of service operations in consumer services and the broad classes of provider risk to which they are exposed. A survey of professional managers has b... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A statistical model for risk management of electric outage forecasts

    Publication Year: 2010, Page(s):8:1 - 8:11
    Cited by:  Papers (10)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (4113 KB)

    Risk management of power outages caused by severe weather events, such as hurricanes, tornadoes, and thunderstorms, plays an important role in electric utility distribution operations. Damage prediction based on weather forecasts on an appropriate spatial scale can improve the efficiency of risk management by reducing the economic and societal costs associated with restoration efforts. We h... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Risk-adjusted approach to optimize investments in product development portfolios

    Publication Year: 2010, Page(s):9:1 - 9:15
    Cited by:  Papers (1)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (3001 KB)

    Companies invest in a portfolio of products with the financial objective of increasing revenue and net profit. They also have a limited product development budget and uncertainty around which products will be successful. In this paper, we offer a methodology to manage the allocation of a limited budget across a portfolio of products. Specifically, we provide a practical approach for quantif... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Management of disruption risk in global supply chains

    Publication Year: 2010, Page(s):10:1 - 10:9
    Cited by:  Papers (1)
    IEEE is not the copyright holder of this material | Click to expandAbstract | PDF file iconPDF (1595 KB)

    Global supply chains (GSCs) are an integral part of the twenty-first century economy. A disruption occurring within a supply chain, whether it is attributable to a natural disaster or a human-induced event, presents substantial risk to organizations within the supply chain and the markets that it serves. In this paper, we discuss new research toward a risk-based modeling approach to managin... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.

Aims & Scope

The IBM Journal of Research and Development is a peer-reviewed technical journal, published bimonthly, which features the work of authors in the science, technology and engineering of information systems.

Learn about subscribing to this journal >

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Clifford A. Pickover
IBM T. J. Watson Research Center