Search results

1 – 10 of over 18000
Article
Publication date: 12 March 2019

Håkan Jankensgård

The purpose of this paper is to develop a theory of enterprise risk management (ERM).

2457

Abstract

Purpose

The purpose of this paper is to develop a theory of enterprise risk management (ERM).

Design/methodology/approach

The method is to develop a theory for ERM based on identifying the general risk management problems that it is supposed to solve and to apply the principle of deduction based on these premises.

Findings

ERM consists of risk governance, which is a set of mechanisms that deals with the agency problem of risk management and risk aggregation, which is a set of mechanisms that deals with the information problem of risk management.

Research limitations/implications

The theory, by identifying the central role of the Board of Directors, encourages further research into the capabilities and incentives of directors as determinants of ERM adoption. It also encourages research into how ERM adoption depends on proxies for agency problems of risk management, such as a decentralized company structure.

Practical implications

The theory encourages Boards of Directors to focus on understanding where the under and over management of risk are likely to be greatest, as opposed to the current practice of mapping a large number of risk factors.

Originality/value

The theory complements existing theory on corporate risk management, which revolves around the role of external frictions, by focusing on internal frictions in the firm that prevent effective risk management. It is the first work to delineate ERM vis-a-vis existing risk theory.

Details

Corporate Governance: The International Journal of Business in Society, vol. 19 no. 3
Type: Research Article
ISSN: 1472-0701

Keywords

Article
Publication date: 1 May 2006

Aggeliki Tsohou, Maria Karyda, Spyros Kokolakis and Evangelos Kiountouzis

The purpose of this paper is to examine the potential of cultural theory as a tool for identifying patterns in the stakeholders' perception of risk and its effect on…

5492

Abstract

Purpose

The purpose of this paper is to examine the potential of cultural theory as a tool for identifying patterns in the stakeholders' perception of risk and its effect on information system (IS) risk management.

Design/methodology/approach

Risk management involves a number of human activities which are based on the way the various stakeholders perceive risk associated with IS assets. Cultural theory claims that risk perception within social groups and structures is predictable according to group and individual worldviews; therefore this paper examines the implications of cultural theory on IS risk management as a means for security experts to manage stakeholders perceptions.

Findings

A basic theoretical element of cultural theory is the grid/group typology, where four cultural groups with differentiating worldviews are identified. This paper presents how these worldviews affect the process of IS risk management and suggests key issues to be considered in developing strategies of risk management according to the different perceptions cultural groups have.

Research limitations/implications

The findings of this research are based on theoretical analysis and are not supported by relevant empirical research. Further research is also required for incorporating the identified key issues into information security management systems (ISMS).

Originality/value

IS security management overlooks stakeholders' risk perception; for example, there is no scheme developed to understand and manage the perception of IS stakeholders. This paper proposes some key issues that should be taken into account when developing strategies for addressing the issue of understanding and managing the perception of IS stakeholders.

Details

Information Management & Computer Security, vol. 14 no. 3
Type: Research Article
ISSN: 0968-5227

Keywords

Article
Publication date: 15 May 2017

Yevgen Bogodistov and Veit Wohlgemuth

The purpose of this study is to enhance the existing enterprise risk-management (ERM) theory by introducing both a resource-based view and a dynamic capability…

4342

Abstract

Purpose

The purpose of this study is to enhance the existing enterprise risk-management (ERM) theory by introducing both a resource-based view and a dynamic capability perspective. These strategic management concepts might resolve several theoretical shortcomings in the field of risk management. The concept of risk-management capabilities is proposed as an explanation of a firm’s risk resilience.

Design/methodology/approach

This paper is conceptual in nature. For illustrative purposes, the paper refers to practical examples.

Findings

First, the resource-based view provides a framework that helps to set priorities in risk management. Second, the dynamic capability perspective illustrates how firms can handle unforeseen events. Third, it is proposed that dynamic capabilities are needed to allow a constant reassessment of the impact of specific resources and, consequently, of ERM priorities. Fourth, a risk-management capability, as an integral part of a dynamic capability, allows firms to develop risk resilience in turbulent environments.

Research limitations/implications

This paper develops an enhanced framework for ERM within specific boundary conditions. It shows how priorities at the strategic level are to be set, and how these priorities influence the operational level of risk management.

Practical implications

The framework provides clear guidelines on setting priorities in ERM and implementing a risk-management process within firms.

Originality/value

This study contributes to the theoretical literature on ERM by enhancing it through a new framework. The resource-based view and dynamic capability perspective benefit through insights from risk-management literature.

Details

The Journal of Risk Finance, vol. 18 no. 3
Type: Research Article
ISSN: 1526-5943

Keywords

Article
Publication date: 11 April 2008

Ila Manuj and John T. Mentzer

Global supply chains are more risky than domestic supply chains due to numerous links interconnecting a wide network of firms. These links are prone to disruptions…

57574

Abstract

Purpose

Global supply chains are more risky than domestic supply chains due to numerous links interconnecting a wide network of firms. These links are prone to disruptions, bankruptcies, breakdowns, macroeconomic and political changes, and disasters leading to higher risks and making risk management difficult. The purpose of this paper is to explore the phenomenon of risk management and risk management strategies in global supply chains.

Design/methodology/approach

This paper is based on an extensive literature review and a qualitative study comprising 14 in‐depth interviews and a focus group meeting with senior supply chain executives.

Findings

The study provides insights into the applicability of six risk management strategies with respect to environmental conditions and the role of three moderators.

Research limitations/implications

The model is developed in a global manufacturing supply chain context. It should be tested in other contexts and with other methods to provide generalizability. The study takes a much needed step toward building a theory of risk management in global supply chains, which opens important future research directions.

Practical implications

This research provides direction to managers for choosing risk management strategies based on the global supply chain environment. Moderators have practical implications for global supply chain managers.

Originality/value

The paper addresses an identified gap in the literature for selecting risk management strategies in global supply chains. It employs grounded theory, a methodology appropriate for theory‐building, to explore a phenomenon with an inadequate theoretical base.

Details

International Journal of Physical Distribution & Logistics Management, vol. 38 no. 3
Type: Research Article
ISSN: 0960-0035

Keywords

Article
Publication date: 1 June 2010

Peter Massingham

There has been increased interest in application of knowledge management (KM) in managerial issues as a way of demonstrating the field's value. There has also been an

16891

Abstract

Purpose

There has been increased interest in application of knowledge management (KM) in managerial issues as a way of demonstrating the field's value. There has also been an increasing focus on risk management (RM) in response to growing organisational awareness of corporate and social responsibilities. This paper seeks to contribute to the emergence of a new field of research – referred to as knowledge risk management (KRM), which applies KM tools and techniques to the management of organisational risk.

Design/methodology/approach

The approach takes the form of building on an empirical study of the Australian Department of Defence using case study methods.

Findings

The paper examines how conventional approaches to risk management based on decision tree methods are ineffective, and proposes and tests an alternative KRM model.

Research limitations/implications

A limitation is that the paper is based on a single case study.

Originality/value

The model provides managers with a way to differentiate amongst risks and prioritise for action. Its main value is to reduce the cognitive bias inherent in traditional decision methods for risk assessment. The KRM model improves the accuracy of risk assessment by reducing subjectivity caused by cognitive bias.

Details

Journal of Knowledge Management, vol. 14 no. 3
Type: Research Article
ISSN: 1367-3270

Keywords

Article
Publication date: 19 March 2018

Michael McShane

This paper aims to investigate the evolution of enterprise risk management (ERM) out of fragmented disciplinary perspectives to provide a foundation for promoting…

3423

Abstract

Purpose

This paper aims to investigate the evolution of enterprise risk management (ERM) out of fragmented disciplinary perspectives to provide a foundation for promoting interdisciplinary research and proposes a design science approach for more effective ERM implementation in organizations.

Design/methodology/approach

This conceptual paper synthesizes ERM research and practice from multiple disciplines.

Findings

Corporate risk management concepts were born in academic finance and developed further in the finance subset known as risk management and insurance. With the advent of ERM, efforts must broaden beyond applying statistical models to quantifiable risks. Other disciplines have expanded ERM research by embracing techniques to investigate risk management practices to produce knowledge that integrates practice and theory. ERM is promoted as integrated risk management, yet silos still remain in both practice and research.

Originality/value

This study provides a foundation and a proposal for moving ERM past academic and organizational silos, which is necessary to achieve the ERM philosophy and increase organizational resilience. Understanding the evolution and fragmented nature of ERM research and practice provides a foundation for interdisciplinary cooperation necessary to achieve the holistic ERM philosophy. A next frontier is effective ERM implementation. This paper argues for an organizational design science approach for mitigating the resistance to change that confounds effective implementation of ERM in organizations facing an increasingly uncertain environment and outlines future research for applying the approach to implementing the ISO 31000 risk management process.

Details

The Journal of Risk Finance, vol. 19 no. 2
Type: Research Article
ISSN: 1526-5943

Keywords

Article
Publication date: 1 December 2003

Kwo‐Shing Hong, Yen‐Ping Chi, Louis R. Chao and Jih‐Hsing Tang

With the popularity of electronic commerce, many organizations are facing unprecedented security challenges. Security techniques and management tools have caught a lot of…

15458

Abstract

With the popularity of electronic commerce, many organizations are facing unprecedented security challenges. Security techniques and management tools have caught a lot of attention from both academia and practitioners. However, there is lacking a theoretical framework for information security management. This paper attempts to integrate security policy theory, risk management theory, control and auditing theory, management system theory and contingency theory in order to build a comprehensive theory of information security management (ISM). This paper suggests that an integrated system theory is useful for understanding information security management, explaining information security management strategies, and predicting management outcomes. This theory may lay a solid theoretical foundation for further empirical research and application.

Details

Information Management & Computer Security, vol. 11 no. 5
Type: Research Article
ISSN: 0968-5227

Keywords

Article
Publication date: 16 December 2019

Pei-Ju Wu and Pattra Chaipiyaphan

Delivery vulnerability is a critically important theme in logistics risk management. However, while logistics service providers often collect and retain massive amounts of…

Abstract

Purpose

Delivery vulnerability is a critically important theme in logistics risk management. However, while logistics service providers often collect and retain massive amounts of logistics data, they seldom utilize such information to diagnose recurrent day-to-day logistics risks. Hence, the purpose of this paper is to investigate delivery vulnerabilities in a logistics system using its own accumulated data.

Design/methodology/approach

This study utilizes pragmatic business analytics to derive insights on logistics risk management from operations data in a logistics system. Additionally, normal accident theory informs the discussion of its management implications.

Findings

This study’s analytical results reveal that a tightly coupled logistics system can align with normal accident theory. Specifically, the vulnerabilities of such a system comprise not only multi-components but also interactive ones.

Research limitations/implications

The tailored business analytics comprise a research foundation for logistics risk management. Additionally, the important research implications of this study’s analytical results arrived at via such results’ integration with normal accident theory demonstrate the value of that theory to logistics risk management.

Practical implications

The trade-offs between logistics risk and logistics-system efficiency should be carefully evaluated. Moreover, improvements to such systems’ internal resilience can help to alleviate potential logistics vulnerabilities.

Originality/value

This pioneering analytical study scrutinizes the critical vulnerability issues of a logistics service provider and therefore represents a valuable contribution to the field of logistics risk management. Moreover, it provides a guide to retrieving valuable insights from existing stockpiles of delivery-vulnerability data.

Details

The International Journal of Logistics Management, vol. 31 no. 1
Type: Research Article
ISSN: 0957-4093

Keywords

Article
Publication date: 10 July 2017

Ralph Schuhmann and Bert Eichhorn

The aim of this paper is to pursue three objectives: to assess the extent to which theoretical concepts and corporate practice are reflecting the contract’s risk management

1330

Abstract

Purpose

The aim of this paper is to pursue three objectives: to assess the extent to which theoretical concepts and corporate practice are reflecting the contract’s risk management dimensions; to identify ways to make full usage of the contract’s risk dimensions for risk management purposes; to overcome the isolation of the contract caused by its perception as a legal instrument by integrating its handling into the overall corporate management processes.

Design/methodology/approach

Literature is analyzed regarding the contract’s roles as a source of risk and as a risk management device. Based on the relevant findings, it uses the Contractual Management Model to develop a concept that integrates all contract-related risk management processes in an enterprise.

Findings

The paper redefines the term “contract risk” in the light of modern understanding of contract functions and contract purposes. It shows that only Contractual Risk Management theory takes the management capacity of the contract fully into account. A Contractual Risk Management process is suggested which integrates all contract-related corporate management processes and aligns them to the requirements of transaction risk management and enterprise risk management.

Originality/value

The paper may guide executives to optimize corporate risk management processes through a better understanding of the risk potential of contract and of its risk management capacity. It provides a checklist of redefined contract risks as well as a concept that, for the first time, is aligning all contract-related management processes to support the corporate risk management system.

Details

International Journal of Law and Management, vol. 59 no. 4
Type: Research Article
ISSN: 1754-243X

Keywords

Article
Publication date: 1 May 2007

Jonathan A. Batten and Samanthala Hettihewa

Country‐specific information on risk management is increasingly important, not only for investors and decision makers in international markets but also, for those in…

Abstract

Country‐specific information on risk management is increasingly important, not only for investors and decision makers in international markets but also, for those in national and regional markets. This study reports the results of a cross‐sectional survey of risk management practice and derivatives use by a sample of Australian firms. Overall, the results suggest that firm‐specific factors appear to have some influence on risk management practice with the industry of the respondent being the most important, while the degree of international exposure has the least. Larger and more internationally exposed firms are likely to have more frequent reporting of derivatives use, and are more likely to use swaps and options to manage risks than other types of firms. Issues and implications for international firms are discussed.

Details

Journal of Asia Business Studies, vol. 1 no. 2
Type: Research Article
ISSN: 1558-7894

Keywords

1 – 10 of over 18000