Search results

Surging natural disasters globally has precipitated renewed interests in disaster risk management. Though several global and regional disaster risk management policy frameworks have been put in place, it is necessary to evaluate their successes and capacities to deliver. This chapter reviews key disaster management frameworks, particularly the Yokohama Strategy, the Hyogo Framework for Action and the Sendai Framework for Disaster Risk Reduction. It examines the extent to which these policies shaped Africa’s regional disaster risk management processes, with an emphasis on sub-Saharan Africa (SSA). Through documentary analysis and scientific literature review, this chapter identifies key parameters that shaped SSA’s disaster risk reduction (DRR) processes and their implications for DRR policy instruments and impact studies. The analysis reveals a number of findings. First, the roll-out process of global disaster reduction and management policy processes and instruments is yet to optimally impact SSA, in terms of effective disaster management. Second, a more comprehensive understanding of the magnitude and severity of natural disasters could contribute to stem the damages linked to their occurrence. This is yet to be achieved. Third, paradigm shifts towards fully appreciating underlying disaster risk factors and manifestations could potentially support the practical drift from disaster coping and management towards risk identification, reduction and resilience building in SSA. Finally, instruments that prioritise capacity building (such as extension services training, research and development, information and communication), organisational governance, sustainable financing and technology, still relatively weak in SSA, should be stepped up to promote DRR capacities and strategies.

The purpose of this paper is to illustrate how information technology (IT) governance supports the process of enterprise risk management (ERM). In particular, the paper illustrates how the Control Objectives for Information and related Technology (COBIT) framework helps a company reach its objectives by integrating and supporting the Enterprise Risk Management by the Committee of Sponsoring Organizations (COSO ERM) framework.

This paper explains how the integration between the two frameworks (COSO ERM and COBIT 5) can represent, for any organization, a good way to achieve the objectives of internal control and risk management and, more generally, corporate governance.

The paper identifies some gaps in the COSO ERM and illustrates how the COBIT framework facilitates the implementation of an adequate system of internal control.

The originality of the work presented here is in analyzing the COBIT 5 together with the COSO ERM framework. This paper highlights that is not enough to apply only an internal control framework for achieving the risk management and internal control system objectives. An IT governance framework, such as COBIT 5 is proposed as a tool that support risk management in order to develop an adequate system of internal control.

The purpose of this paper is to emphasise on the need for efficient and effective project risk management practices and to support project managers in increasing the cost certainty of projects by proposing a new framework for project risk management.

The author adopts a “constructivist” methodology, drawing on practices common in construction management sciences and new institutional economics.

The author presents a holistic and customisable project risk management framework that is grounded in both practice and academia. The framework is holistic because, amongst others, all steps of the typical risk management process are addressed. The framework is customisable, because it allows for alternative ways of implementing the project risk management steps depending on the project-specific circumstances.

The framework does not address the potential unwillingness of the project players to set up a project risk management process, at all. The proposed framework has not yet been tested empirically. Future research will seek to validate the framework.

The framework is designed to account for the difficult circumstances of a complex construction project. It is intended to support decision makers in customising a practical yet comprehensive project risk management concept to the characteristics of the unique project. Although many other project risk management concepts are designed based on the assumption that actors are perfectly rational and informed, this framework’s design is based on the opposite assumption. The framework is dynamic and should adapt over time.

This study aims to examine the factors influencing enterprise risk management and propose a framework for identifying and explaining the components of enterprise risk management. To enable broader analytical thinking about risk factors, the framework utilizes the resource-based theory to link various classes of risks to an extended set of organizational resources.

The paper opted for an exploratory study using a sample from an online survey. The survey subjects were recruited from the membership database of the American Institute of Certified Public Accountants, focusing primarily on CFOs. The survey consisted of six sections: demographics, a section on each of the four risk types included in ERM: strategic risk, operational risk, financial risk and hazard risk, and exit questions (where very general questions about ERM were asked). The survey yielded a data set of 227 valid responses.

Using the associated sample survey data, the paper provides empirical validation of the proposed framework that managers in any organizations could use to identify and manage risks.

The proposed model does have limitations that predominantly exist from the fact that human judgment in decision-making is not always data-driven, and hence, a proper risk exposure could be ignored based on pure arguments of cost and benefits from domain experts. Therefore, researchers and practitioners are encouraged to test the proposed framework further.

Risk exposure is not a snapshot event in an organization’s time horizon. Rather, risk identification is an ongoing process and the proposed framework allows organizations to handle increasing complex risks and/or identifying them based on how the organizational resources may be exposed over time. Managers could use a form of risk control analytics (monitoring dashboard of all identified risks under each interaction sets on a regular basis) to become more proactive in managing risk or exploiting opportunities across enterprise.

This paper fulfills an identified need to study how enterprise risks exposure can be proactively assessed and managed.

This case study aims to present a viable solution to how organizations can adapt and customize the ISO 31000:2009 enterprise risk management framework to suits its needs and requirements.

Approach used for this case study is via adopting Six Sigma DMAIC (Define, Measure, Analyze, Improve and Control phases) methodology.

Key finding is the importance of stakeholders’ feedbacks which are taken into consideration during the designing of the new customized enterprise risk management framework, integrated with all supporting processes, tools and resources.

The ISO 31000:2009 enterprise risk management framework dictates that it is not a one-size-fits-all. Rather, organizations who wish to adapt this framework need to customize accordingly, but there is no indication on how organizations can do it. This case study presents a viable solution to this challenge.

This study aims to develop a framework for cybersecurity risk assessment in an organization. Existing cybersecurity frameworks are complex and implementation oriented. The framework can be systematically used to assess the strategic orientation of a firm with respect to its cybersecurity posture. The goal is to assist top-management-team with tailoring their decision-making about security investments while managing cyber risk at their organization.

A thematic analysis of existing publications using content analysis techniques generates the initial set of keywords of significance. Additional factor analysis using the keywords provides us with a framework comprising of five pillars comprising prioritize, resource, implement, standardize and monitor (PRISM) for assessing a firm’s strategic cybersecurity orientation.

The primary contribution is the development of a novel PRISM framework, which enables cyber decision-makers to identify and operationalize a tailored approach to address risk management and cybersecurity problems. PRISM framework evaluation will help organizations identify and implement the most tailored risk management and cybersecurity approach applicable to their problem(s).

The new norm is for companies to realize that data stratification in cyberspace extends throughout their organizations, intertwining their need for cybersecurity within business operations. This paper fulfills an identified need improve the ability of company leaders, as CIOs and others, to address the growing problem of how organizations can better handle cyber threats by using an approach that is a methodology for cross-organization cybersecurity risk management.

Islamic financial institutions (IFIs) are required to establish a Shariīʿah Governance Framework (SGF) to strengthen their Sharīʿah-compliance mechanism and ensure that all relevant IFI regulations are in line with Sharīʿah rules and principles. Effective implementation of the Shariīʿah-compliance function will further promote stakeholder confidence, as well as the integrity of IFIs, by reducing Shariīʿah non-compliance risks. This study aims to examine the internal control framework developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and explore the extent to which it can be incorporated in the Sharīʿah-compliance function of IFIs.

This study adopts a qualitative method of inquiry, utilizing the inductive method and content analysis to build comprehensive knowledge that will assist in exploring the framework of COSO methodology and the extent to which it can be adopted by IFIs.

The findings indicate that the existing frameworks of Sharīʿah governance, whether that of the Accounting and Auditing Organization for Islamic Financial Institutions (AAOIFI) or Bank Negara Malaysia (BNM), need to be further developed. Therefore, the adoption of COSO methodology in the internal Sharīʿah audit of IFIs, as suggested by AAOIFI, is not only possible but desirable. The study also finds that the COSO framework places the highest priority on risk management in that it makes it an integral part of the decision-making process in all the institution's activities. As a result, incorporating the comprehensive COSO risk management structure within the Sharīʿah-compliance function will enhance risk management in IFIs.

This study highlights the importance of the COSO internal control framework and examines its components, principles and the possibility of its adoption by IFIs. The findings of this study are expected to contribute to enhancing the Sharīʿah-compliance function of IFIs.

This paper aims to develop an innovation management framework for achieving sustainability by managing risks associated with innovative solutions during the design process.

To achieve the abovementioned aim, a research methodology was designed to achieve four objectives. Firstly, a literature review was conducted to investigate the concepts of sustainability, innovation, innovation management and innovation and the design process. Secondly, three case studies were selected and analysed to validate the identified risks of innovation and to investigate the role of innovation management towards managing risks of innovation during the design process. Thirdly, a survey questionnaire was carried out with a representative sample of architectural design firms (ADFs) in Egypt to examine their perception and application of innovation management as an approach to managing risks of innovative solutions during the design process. Finally, developing an innovation management framework to achieve sustainability through managing risks associated with innovative solutions during the design process.

The literature review revealed that innovation plays a significant role towards achieving sustainability objectives, but integrating innovative solutions during the design process is frequently associated with risks. During the course of this research, 30 risks of innovation were identified and classified into four categories of product, process, person and press. Case studies showed that ADFs that applied innovation management approaches were successful in managing the risks associated with innovative solutions, whereas others that failed to use such approaches failed to meet sustainability objectives. Results of the survey questionnaire revealed that ADFs not only recognised the importance of innovative solutions in developing sustainable projects but also showed a gap between theory and practice. “Project delivery” is the most important type of innovation for ADFs in Egypt, followed by “building technologies” and “organisational culture”. Moreover, there is a misalignment between ADFs’ perceptions and the strategies used to deliver successful innovations. The highest risks of innovation are “unanticipated cost of innovation”, “manufacturing technologies and development issues” and “failing to meet technical criteria”.

Because of the conceptual nature of the developed framework, it has to be tested and validated to ensure its capability to achieve sustainability through managing the risks of innovative solutions during the design process which, in this research, adopted the Royal Institute of British Architects plan of work stages. Moreover, the lack of data availability directed this study to present and analyse only three case studies.

This research presents a practical solution to achieve sustainability through managing risks of innovation during the design process. It is a structured tool that can be used by ADFs in Egypt towards facilitating the shift in the direction of a more economically viable, environmentally friendly and socially acceptable built environment.

Although innovative design solutions are needed in developing sustainable buildings, a practical and systematic framework to manage associated risks during the design process is still lacking. In addition, current studies are business-oriented and need to be reinterpreted to fit with the architectural, engineering and construction disciplines. Thus, this research developed an innovation management framework to achieve sustainability through managing the risks associated with innovative solutions during the design process, which represents a synthesis that is novel and creative in thought and adds value to the knowledge in a manner that has not been previously explored.

This study aims to propose a conceptual framework to examine the impact of risk management implementation on green innovation in the Malaysian solar photovoltaic (PV) manufacturing industry.

The study is based on primary data to be collected from 30 Malaysian solar PV manufacturing companies through a questionnaire that incorporates the five-point Likert scale. The exploratory factor analysis (EFA) is proposed to be performed using SPSS 24.0 and confirmatory factor analysis (CFA) is suggested to be conducted using AMOS.21 software to explore the factors and reliability of the items and to confirm the factorial structure of risk management implementation and green innovation. Furthermore, partial least square-structural equation modeling (PLS-SEM) is proposed to investigate relationships between constructs and latent variables.

The proposed framework is based on the stakeholder's theory and suggests that the comprehensive implementation of risk management has a significant and positive impact on green innovation in the Malaysian solar PV manufacturing industry.

This study provides insight into formulating strategies for enhancing green innovation in the solar PV manufacturing sector and serves as a valuable resource for stakeholders.

The significance of the proposed conceptual framework lies in its ability to enhance the workability of the stakeholder's theory and to create value for stakeholders through the implementation of risk management to drive green innovation. This study adds to the existing literature by exploring the relationship between risk management and green innovation in the solar PV manufacturing industry.