9.1 Introduction

Risk management has long been pursued by services, business, and industry; indeed, insurance companies and banks’ activities are based on its successful application. Risk management is currently enjoying enhanced attention and renewed prominence due to the belief that nowadays we can do a better job of it. This perception is based on phenomenal developments in the area of data processing and data analysis. The challenge is to turn “data” into information, knowledge, and insights (Kenett, 2008; Kenett and Raanan, 2010). This chapter is about meeting this challenge by evaluating how risk management analytics increase information quality (InfoQ). The growing interest in risk management is driven partly by regulations on corporate governance in the private and public sectors. However, much of risk management is still based on informal scoring using subjective judgment. Modern risk management systems incorporate several activities including:

• System mapping. Developing and revisiting organizational charts and process maps are standard practice in risk assessments. A more comprehensive approach is the application of business process modeling to map actors, roles, activities, and goals (Kenett, 2013).
• Risk identification. Generating a list of main risk events classified by area and subarea. Risk identification does not stop after the first analysis but rather is a continuous process.
• Risk measurement and risk scoring. Assessing the loss or impact ...