Abstract:
The goal of Risk Management is to define prevention and control mechanisms to address the risks attached to specific activities and valuable assets. Many Risk Management efforts operate in silos with narrowly focused, functionally driven, and
disjointed activities. That fact leads to a fragmented view of risks, where each activity uses its own language, customs and metrics. That limits an organization-wide perception of risks, where interdependent risks are not anticipated, controlled or managed. The lack of integrated solutions to manage risk information, lead the experts to use spreadsheets as their main tool, impeding
collaboration, communication and reuse of risk information. In order to address these issues, this paper presents a solution that
integrates a Risk Management framework, including a XML-based Domain Specific Language for Risk Management. The
proposed framework is supported by an information system to manage the definition or risks.
