Optimizing Enterprise Risk Management for Decision Making Using Knowledge Graph

Authors

  • Aan Albone Bina Nusantara University

DOI:

https://doi.org/10.21512/emacsjournal.v7i3.14325

Keywords:

Enterprise Risk Management, Assets, Threat, Vulnerability, Knowledge Graph

Abstract

The challenge in current enterprise risk management is that hundreds of risks are eventually recorded without knowing how hazards relate to one another or cascade. The distinction between peripheral and critical hazards is unknown to decision-makers. Organizations can depict the interconnectedness of risk in a structured, adaptable, and understandable way by showing these components as nodes and their interactions as edges. This knowledge graph makes it possible to store and query risk data in ways that are not entirely supported by conventional relational models. This method's ability to execute graph queries that uncover links and patterns that would otherwise be obscured in siloed datasets is one of its main advantages. Such inquiries can reveal how a single threat can lead to many vulnerabilities across multiple assets, or how flaws in shared systems can directly and indirectly raise exposure to interconnected hazards. These revelations draw attention to structural flaws that linear or isolated investigations frequently ignore. Organizations can improve situational awareness and long-term risk governance by using such a knowledge graph to find hidden trends, pinpoint important risk spots, and more efficiently prioritize mitigation efforts. The knowledge graph also helps to optimize enterprise risk management goals like resource allocation, control prioritization, and prompt reaction planning. Enterprise risk management can effectively represent the intricate relationships between risks, vulnerabilities, threats, and assets by incorporating a knowledge graph. Businesses can concentrate mitigation efforts where they will have the biggest impact by determining which nodes and edges are the most important and highest impact. This focused strategy increases overall resilience and decreases inefficiencies.

Dimensions

Author Biography

Aan Albone, Bina Nusantara University

Data Science Program, Computer Science Department, School of Computer Science

References

Albagli-Kim, S., & Beimel, D. (2022). Knowledge graph-based framework for decision-making process with limited interaction. Multidisciplinary Digital Publishing Institute (MDPI).

Ekstedt, M., Afzal, Z., Mukherjee, P., Hacks, S., & Lagerstrom, R. (2023). Yet another cybersecurity risk assessment framework. International Journal of Information Security.

Fanga, R., Liaoa, H., Xua, Z., & Herrera-Viedma, E. (2023). Risk assessment in project management by a graph-theory-based group decision-making method with comprehensive linguistic preference information. Economic Research – Ekonomska Istraživanja, 36(1).

Fathullah, M. A., & Subbarao, A. (2022). Security risk analysis for information asset. Journal of System and Management Sciences, 12. https://doi.org/10.33168/JSMS.2022.0412

García Pérez, A., López Martínez, A., & Gil Pérez, M. (2023). Adaptive vulnerability-based risk identification software with virtualization functions for dynamic management. Journal of Network and Computer Applications. https://doi.org/10.1016/j.jnca.2023.103728

Gleiner, W., & Berger, T. B. (2024). Enterprise risk management: Improving embedded risk management and risk governance. Journal of Multidisciplinary Digital Publishing Institute (MDPI).

Hogan, A. (2022). Knowledge graphs: A guided tour. International Research School in Artificial Intelligence in Bergen.

Isah, M. A., & Kim, B.-S. (2023). Development of knowledge graph based on risk register to support risk management of construction projects. KSCE Journal of Civil Engineering.

Jiao, J., Li, W., & Guo, D. (2024). The vulnerability relationship prediction research for network risk assessment. Electronics, 13.

Li, P., Zhao, Q., Liu, Y., Zhong, C., Wang, J., & Lyu, Z. (2024). Survey and prospect for applying knowledge graph in enterprise risk management. Computers, Materials and Continua, 78(3), 3825–3865. https://doi.org/10.32604/cmc.2024.07803

Ma, J., Li, Y., She, L., Qin, Z., Meng, J., & Hu, Y. (2024). Design and research of enterprise risk management avoidance system based on KGN-LLM algorithm. Proceedings of the 2nd International Conference on Mathematical Physics and Computational Simulation.

Pekaric, I., Frick, M., Adigun, J. G., Groner, R., Witte, T., Raschke, A., Felderer, M., & Tichy, M. (2024). Streamlining attack tree generation: A fragment-based approach. Proceedings of the Hawaii International Conference on Social Systems (HICSS-57).

Qin, Y., Cao, H., & Xue, L. (2020). Research and application of knowledge graph in teaching: Take the database course as an example. Journal of Physics: Conference Series.

Shi, Z., Matyunin, N., Graffi, K., & Starobinski, D. (2022). Uncovering product vulnerabilities with threat knowledge graphs. IEEE Secure Development Conference (SecDev) (pp. 84–90). IEEE.

Sikos, L. F. (2023). Cybersecurity knowledge graphs. Knowledge & Information Systems, 65, 3511-3531. https://doi.org/10.1007/s10115-023-01860-3

Unger, S., Arzoglou, E., Heinrich, M., Scheuermann, D., & Katzenbeisser, S. (2024). Risk assessment graphs: Utilizing attack graphs for risk assessment. International Journal of Information Security.

Downloads

Published

2025-09-30

How to Cite

Albone, A. (2025). Optimizing Enterprise Risk Management for Decision Making Using Knowledge Graph . Engineering, MAthematics and Computer Science Journal (EMACS), 7(3), 327–335. https://doi.org/10.21512/emacsjournal.v7i3.14325

Issue

Vol. 7 No. 3 (2025): EMACS

Section

Articles

License

Copyright (c) 2025 Aan Albone

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors who publish with this journal agree to the following terms:

  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License - Share Alike that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.

USER RIGHTS

All articles published Open Access will be immediately and permanently free for everyone to read and download. We are continuously working with our author communities to select the best choice of license options, currently being defined for this journal as follows: Creative Commons Attribution-Share Alike (CC BY-SA)

Abstract 44  .
PDF downloaded 9  .