Search results

This study aims to evaluate performance and map the science of research on International Organization for Standardization (ISO) 31000 standard through published articles. Specifically, this study determines the current state of the art, identifies research gaps and guides future studies related to ISO 31000.

This work investigates and examines the research papers acquired from the Scopus and Web of Science databases. Inclusion and exclusion criteria were applied to obtain relevant papers. Bibliometric analysis using Biblioshiny was conducted to answer the research objectives.

The results show growing interest in ISO 31000 research but limited interconnectivity among articles. Influential journals have emerged, highlighting key research trends in risk management's (RM) practical application and its significance in organizational decision-making. Key research areas include risk assessment (RA) methods, enterprise RM and system integration, endorsing ISO 31000 as a valuable tool. Future research should prioritize longitudinal studies to track ISO 31000's impact, study effective risk communication strategies, explore sector-specific RM practices and assess ISO 31000's application in emerging technologies.

This research reveals key themes and diverse methods that aid practitioners in customizing industry risk strategies, adapting to emerging trends, engaging global collaboration and improving risk communication. Nevertheless, the study might overlook non-English contributions, urging broader language inclusion for ISO 31000's profundity.

This paper's originality lies in its comprehensive bibliometric analysis of ISO 31000 research, providing valuable insights into the standard's growing significance and global impact. The study identifies key research themes and influential authors, guiding future research and improving RM practices.

Businesses are increasingly vulnerable and exposed to physical climate change risks, which can cascade through local, national and international supply chains. Currently, few methodologies can capture how physical risks impact businesses via the supply chains, yet outside the business literature, methodologies such as sustainability assessments can assess cascading impacts.

Adopting a scoping review framework by Arksey and O'Malley (2005) and the PRISMA extension for scoping reviews (PRISMA-ScR), this paper reviews 27 articles that assess climate risk in supply chains.

The literature on supply chain risks of climate change using quantitative techniques is limited. Our review confirms that no research adopts sustainability assessment methods to assess climate risk at a business-level.

Alongside the need to quantify physical risks to businesses is the growing awareness that climate change impacts traverse global supply chains. We review the state of the literature on methodological approaches and identify the opportunities for researchers to use sustainability assessment methods to assess climate risk in the supply chains of an individual business.

The Scottish economy was experiencing steady growth prior the hit of the COVID-19, with the pandemic causing the government to announce extreme lockdown measures with unprecedented impact on small and medium-sized enterprises (SMEs). Whilst some of the industry sectors in Scotland took a lighter hit, a large part of the organizations had to either adapt or completely disrupt their business. An essential aspect of their survival, risk management (RM) was among the areas requiring the most significant acceleration. This study compared the RM practices implemented by Scottish SMEs prior and after the outbreak as well as examined the attitudes of key decision-makers in the SMEs in relation to risk, including their perceived readiness for another crisis of similar significance.

An online survey based on ISO 31000 RM guidelines was distributed to 232 Scottish SMEs. Based on the official government reports and existing knowledge on how SMEs around the world have handled crisis events within the past 20 years, the authors developed the hypothesis that crisis events significantly accelerate SMEs' RM implementation. Around 13 items were tested in relation to the hypothesis and responses were tested via two-tailed T-test to establish significant statistical difference.

The research provides insight into the current state of risk management practices implemented by Scottish SMEs. As expected, SMEs showed significant difference in their RM implementation prior and after the COVID-19 outbreak. Whilst this has been viewed as a positive, motivations, priorities and approaches in managing risk demonstrated by the SMEs is questionable with views to their sustainable long-term recovery. The study highlights the lack of confidence instilled within the SMEs that they can handle another crisis of similar significance and provides directions for further investigation and improvements with the aim of helping the SMEs prepare better to mitigate the consequences of future crisis events.

In academic sense, the study offers a tested universal framework and a detailed questionnaire for assessment of RM strategy, applicable to organisations of various type, size and geography. Several implications with regards to managerial practices have been highlighted, including the neglect of the SMEs’ own internal environments and its significance in their risk strategies, the predominantly reactive approach to RM displayed by most Scottish SMEs as well as the neglect of compliance risk leading to potential quality and customer satisfaction issues preventing SMEs from full post-crisis recovery.

This study’s main objective is to explore the ISO 9001 implementation model and identify a future research agenda. This is important because not all organizations find it easy to implement ISO 9001, and not all organizations get positive benefits after implementing it.

The paper presents a comprehensive review of the literature on ISO 9001 implementation models using the preferred reporting items for systematic reviews (PRISMA) methodology to systematically review the existing literature on ISO 9001 implementation models. Relevant studies published from 2003 to early 2023 are explored to reveal the research landscape, gaps and trends.

Many ISO 9001 implementation methods have been developed for actual implementation in organizations, including models, frameworks, special variable considerations, application uses and integration. These methods were developed and applied to cover gaps regarding constraints, unbeneficial, special conditions, implementation objectives and organization types in ISO 9001 implementation. Current issues and future research on ISO 9001 implementation models were found, namely ISO 9001 implementation models specific to SMEs, ISO 9001 implementation levels, ISO 9001 implementation models that are agile to change, and affordable certification models.

Only a few researchers have systematically reviewed the literature or taken a bibliometric approach in their analyses to provide an overview of the current trends and links to ISO 9001 implementation models. The ISO 9001 standard is a general standard and can be applied by all organizations with the implementation method left to the implementer. Many implementation methods have been developed, but several implementation obstacles and disadvantages are still found. It is important to know the extent of current research and discover future research gaps regarding methods of implementing the ISO 9001 standard.

The growing business complexity has caused many risks (e.g. operational, financial, reputational, cybersecurity, regulatory and compliance) that threaten companies' sustainability and have received attention from regulators, investors, and businesses. The authors present a model for assessing and reporting corporate risk by examining the indicators underlying corporate risk reporting.

A thorough review of the literature and semi-structured interviews with experts were conducted and the fuzzy Delphi technique was used to obtain consensus and screening of risks. The relationships between these risk indicators were recognized, weighted and prioritized by employing a hybrid Decision Making Trial and Evaluation Laboratory Model (DEMATEL) method integrated with Analytic Network Process (ANP) (DEMATEL-ANP [DANP]) approach. Finally, using the Iranian setting of corporate risk reporting, a model was developed to calculate the risk-reporting scores.

The results indicate that risk disclosure quality is more important than risk disclosures' textual properties and quantity. According to the experts, reporting the key risks that the company faces, management's approach to dealing with these risks and quantifying their impact are more important than the other indicators. The results also show that risk reporting in Iran lacks quantitative and specific information, and most risk disclosures are sticky.

The data have been prepared and analyzed according to the unique Iranian reporting environment, which should be considered when interpreting the results.

The results of this research can be used by the regulators of the Stock Exchange Organizations (SEO) to evaluate corporate risk reports and rank companies. Results are also relevant to investors and policymakers to identify companies with poor risk disclosure and to take necessary measures to improve their reporting practices.

This paper contributes to the social and governance literature by presenting the importance of risk reporting in corporate disclosures.

The unique Iranian setting of corporate risk reporting furthers the understanding of risk reporting and thus provides education, policy, practice and research implications for other emerging economies like Iran. Many prior studies focus mainly on the quality of risk disclosure, and other aspects of corporate risk disclosure presented in the study have remained largely overlooked. The corporate risk reporting attributes identified in the study are relevant to the rise of non-financial risks, the textual and qualitative nature of risk reporting and textual risk disclosures.

The application of lean and quality improvement methods is very common in process improvement projects at organisational levels. The purpose of this research is to assess the adoption of Lean Six Sigma™ approaches for addressing a complex process-related issue in the coal industry.

The sticky coal problem was investigated from the perspective of process-related issues. Issues were addressed using a blended Lean value stream of supply chain interfaces and waste minimisation through the Six Sigma™ DMAIC problem-solving approach, taking into consideration cross-organisational processes.

It was found that the tendency to “solve the problem” at the receiving location without communication to the upstream was, and is still, a common practice that led to the main problem of downstream issues. The application of DMAIC Six Sigma™ helped to address the broader problem. The overall operations were improved significantly, showing the reduction of sticky coal/wagon hang-up in the downstream coal handling terminal.

The Lean Six Sigma approaches were adopted using DMAIC across cross-organisational supply chain processes. However, blending Lean and Six Sigma methods needs to be empirically tested across other sectors.

The proposed methodology, using a framework of Lean Six Sigma approaches, could be used to guide practitioners in addressing similar complex and recurring issues in the manufacturing sector.

This research introduces a novel approach to process analysis, selection and contextualised improvement using a combination of Lean Six Sigma™ tools, techniques and methodologies sustained within a supply chain with certified ISO 9001 quality management systems.

Consumers increasingly rely on organisations for online services and data storage while these same institutions seek to digitise the information assets they hold to create economic value. Cybersecurity failures arising from malicious or accidental actions can lead to significant reputational and financial loss which organisations must guard against. Despite having some critical weaknesses, qualitative cybersecurity risk analysis is widely used in developing cybersecurity plans. This research explores these weaknesses, considers how quantitative methods might address the constraints and seeks the insights and recommendations of leading cybersecurity practitioners on the use of qualitative and quantitative cyber risk assessment methods.

The study is based upon a literature review and thematic analysis of in-depth qualitative interviews with 16 senior cybersecurity practitioners representing financial services and advisory companies from across the world.

While most organisations continue to rely on qualitative methods for cybersecurity risk assessment, some are also actively using quantitative approaches to enhance their cybersecurity planning efforts. The primary recommendation of this paper is that organisations should adopt both a qualitative and quantitative cyber risk assessment approach.

This work provides the first insight into how senior practitioners are using and combining qualitative and quantitative cybersecurity risk assessment, and highlights the need for in-depth comparisons of these two different approaches.

The inherent risks and their interactive impacts in megaproject development have been found in numerous cases worldwide. Although risk management standards have been recommended for the best practice in engineering construction projects, there is still a lack of systematic approaches to describing the interactions. Interactions such as social, technical, economic, ecological and political (STEEP) risks have complex and dynamic implications for megaproject construction. For a better understanding and effective management of megaprojects such as the Edinburgh Tram project, the dynamic interaction of concomitant risks must be studied.

A systems dynamic methodology was adopted following the comprehensive literature review. Documentary data were gathered from the case study on Tram Network Project in Edinburgh.

A casual loop of typical evolution of key indicators of risks was then developed. A hypothesised model of social and ecological (SE) risks was derived using the system dynamics (SD) modelling technique. The model was set up following British Standards on risk management to provide a generic tool for risk management in megaproject development. The study reveals that cost and time overruns at the developmental stage of the case project are caused mainly by the effects of interactions of risk factors from the external macro project environment on a timely basis.

This article presented a model for simulating the socio-ecological risk confronting the management and construction of megaprojects. The use of SD provided the opportunity to explain the nature of all risks, particularly the SE risks in the past stages of project development.

This study aims to explore the adoption of enterprise risk management (ERM) in developing and developed countries. Is there a similarity or difference between the two contrasting institutional markets and the reasons behind them?

The adoption of ERM is analyzed on the basis of the institutional framework. The author draws empirical evidence by comparing the cases of a British and an Indian insurance company using evidence from multiple sources. This paper focuses on extra-organizational pressures exerted by economic, social and political situations across two countries that influenced the adoption decision of ERM.

The findings of this research revealed that early adopters of ERM in different institutional markets face coercive and normative pressure but not mimetic pressure. The adoption of ERM in India and the UK is dissimilar. Companies in the British insurance market encounter higher institutional forces than those in the Indian market because of higher coercive and normative pressure. The aspirations to adopt ERM in the Indian and UK markets included improved strategic decision-making to maintain stakeholder expectations and higher standards of corporate governance. In the UK, ERM was adopted to reduce surprises and fluctuations under flexible regulations but with stricter adoption and to improve credit ratings.

Previous literature has discussed ERM adoption in similar markets or within one market with similar institutional pressure. In contrast, this research is a comparative study that explains the analysis of institutional theory in two different institutional environments in the adoption of ERM.

This study aims to establish an assessment model to measure big data readiness in the public sector, specifically targeting local governments at the provincial and city/regency levels. Additionally, the study aims to gain valuable insights into the readiness of selected local governments in Indonesia by using the established assessment model.

This study uses a mixed-method approach, using focus group discussions (FGDs), surveys and exploratory factor analysis (EFA) to establish the assessment model. The FGDs involve gathering perspectives on readiness variables from experts in academia, government and practice, whereas the survey collects data from a sample of selected local governments using a questionnaire developed based on the variables obtained in FGDs. The EFA is used on survey data to condense the variables into a smaller set of dimensions or factors. Ultimately, the assessment model is applied to evaluate the level of big data readiness among the selected Indonesian local governments.

FGDs identify 32 essential variables for evaluating the readiness of local governments to adopt big data. Subsequently, EFA reduces this number by five and organizes the remaining variables into four factors: big data strategy, policy and collaboration, infrastructure and human resources and data collection and utilization. The application of the assessment model reveals that the overall readiness for big data in the selected local governments is primarily moderate, with those in the Java cluster displaying higher readiness. In addition, the data collection and utilization factor achieves the highest score among the four factors.

This study offers an assessment model for evaluating big data readiness within local governments by combining perspectives from big data experts in academia, government and practice.