Risk management has always been important, but continues to grow as human systems develop. The past two decades have seen impressive development of technology supporting management of knowledge, providing opportunities to manage risk more effectively. This paper provides a view of knowledge management in the context of risk. It briefly gives a view of risk in business and a short discussion of knowledge in the business context, knowledge management, and the decision process used in organizational decision making. It then describes business analytic tools that have proven effective in giving knowledge management support to all phases of the risk management process. These tools include balanced scorecards, multiple criteria analysis, simulation, data envelopment analysis, and financial risk measures.
First, doing business implies taking on risk. Risk can include many factors that might impact organizations or individuals. External factors arise from economic change, developments in financial markets, and dangers from political, legal, technological, and demographic domains. There is no human endeavor that is perfectly safe, and those endeavors that are the safest tend to be the most boring. There is no reason to conduct business if there weren’t any risk—competition drives the search for better returns, which involve activities that are at the risk/return boundary. There is not a perfect correlation between risk and return, but it is notably positive. A key principle of doing business is that organizations should take on risks that they are competent to deal with, and off-load other risks to others (like insurance firms). Each business organization must decide which risks to tackle, and which to avoid.
There are many alternative ways in which a risk management process can be applied. But universally, risk must first be identified, followed by monitoring and review to include measurement of organizational performance. Once risks are clearly identified, responses must be selected (
Olson and Wu, 2015). After risks have been identified, risk management seeks to coordinate and economically apply resources to control the probability and impact of adverse events, and to monitor the effectiveness of these actions (
Hubbard, 2009). Risks can be mitigated by either insurance or internal risk reduction. Most actions available to organizations involve knowing what risks the organization can cope with because of their expertise and capabilities, and which risks they should outsource to others at some cost. Some risks can be dealt with, others avoided.
Second, knowledge discovery involves identification of interesting patterns from data. The era of big data involves use of massive quantities. We are swamped with weather data, military and homeland security intelligence, television signals, and floods of Twitter, Facebook, and other details far greater than most people want to know. Organizations face similar masses of data generated by internal enterprise systems, as well as industry data external to the organization. Knowledge management seeks to cope with this flood, turning it into actionable information. Actionable means you can use it in furtherance of your purposes. Information is defined as the patterns, correlations, rules, or relationships in data providing knowledge useful in decision making. Knowledge discovery involves finding interesting patterns from data stored in large databases through use of computer analysis. In this context, the term interesting implies non-trivial, implicit, previously unknown, easily understood, useful and actionable knowledge.
Knowledge management is a key for building competency in this world flooded with data (
Wang et al., 2007). From the information systems perspective, knowledge can be defined as information plus the causal links that help to make sense of this information, and as a process establishing and articulating these links (
Sarvary, 1999;
McGinnis and Huang, 2007).
Zhang and Venkatesh (2017) cited knowledge management’s key objective to be facilitating positive outcomes for job performance and satisfaction.
Alavi and Leidner (2001) defined knowledge as information possessed in the minds of individuals, personalized, and related to facts, procedures, concepts, interpretations, ideas, observations and judgments. The strategic management literature has focused on a knowledge-based perspective of how services offered by tangible resources could transform organizational know-how into useful functionality (
Hung et al., 2015).
Statisticians and students of artificial intelligence revolutionized the field of statistics to develop data mining, which when combined with database capabilities evolving on the computer side led to business intelligence. The quantitative side of this development is business analytics, focusing on providing better answers to business decisions based on access to massive quantities of information ideally in real-time (big data).
Business decision making involves understanding each organization’s particular system, and applying that understanding to monitor the environment to determine the need for a decision, followed by gathering information to better understand options, possibly to generate better options, and to anticipate consequences of implementing options.
Third, the information systems’ perspective of business intelligence and analytics focuses on data management and storage (
Chen et al., 2012). Data storage involves systems such as data warehouses for long-range storage, data marts usually used for specific applications (such as data mining studies), and tools for extraction, transformation and loading data. At the individual level, online analytic processing and reporting tools such as scorecards and dashboards are useful. More on the analytic side but tied into the overall field are data mining tools. The field has evolved from initial focus on things such as database management systems and on line analytical processing (OLAP) through a second generation with web-based tools capable of dealing with more unstructured content such as opinion mining and social media analytics, to more recent emphasis on mobile and sensor-based content.
Applying knowledge management tools to support organizational risk management provides opportunities to identify, assess, and control key threats in many fields. Knowledge discovery arises from the use of digital technology through modeling and analytics to keep on top of risks in many domains (
Lin et al., 2017).
We will group methods into four classes (drawing upon
Olson and Wu, 2015;
2017): 1) Initial scouting of the risk environment might be supported by risk matrices, focusing on key risks facing the organization, and identifying policies to apply for different levels of exposure and severity. 2) Risk environments implicitly involve tradeoffs among multiple, conflicting factors, and tools such as decision analysis and various multiple criteria methodologies can be used to identify these tradeoffs in light of preferences. Data envelopment analysis can also be applied in certain circumstances. 3) It is important to measure risk exposure and severity, although this can be challenging in rapidly developing situations. But efforts should be made to get statistical measures as accurately as possible, which enable a variety of techniques to support risk decisions, to include value-at-risk analysis in finance, stochastic optimization, and simulation modeling. 4) Once organizational efforts to manage risk are implemented, balanced scorecards are one way to monitor events.
To conclude, this comment of the intersection of enterprise risk management, knowledge management, and business intelligence first looked at definitions of terms. Knowledge management was described in terms of knowledge generation, the support of organizational decision processes, and model support commonly used in practice. This was followed by review article density over time, in terms of model use as well as application.
The conclusion drawn is that a key element in managing and coping with risk is to thoroughly understand the system involved. Systems understanding was described by
Zeleny (2006) in terms of a pre-decision gathering of objective information, followed by the process of evaluating alternatives, evolving criteria, weighting their importance, and then identifying a course of action. This systemic process of knowledge creation is autopoietic (
Maturana and Varela, 1987), capable of producing knowledge in the cycle of system study, solution generation, and operational implementation.
The key to dealing with risks in organizational decision making is to understand the overall system. Knowledge management frameworks include information systems to provide access to what has happened, although we cannot expect these information systems to give all necessary information. Knowledge needs to be generated, through inquiring systems. Once information has been gathered and converted into some form of understanding, models are highly useful in generating solutions and comparatively evaluating them in light of a variety of criteria, many of which will conflict.
PDF
(51KB)
