Full Text

Introduction

Enterprise risk management (ERM) plays a corporate governance role in the holistic management of all risks to aid in decision-making and increasing the likelihood of achieving operational and strategic objectives. Risks are typically classified as hazard, financial, operational and strategic risks (four common categories) (D’Arcy and Brogan, 2001; Elliott, 2013). Even though ERM scholarship has roots in the academic finance/risk management and insurance (RMI) discipline, research there has almost solely focused on hazard and financial risks. These more quantifiable types of risk suit the skills of RMI researchers, but for ERM to be truly holistic and play a strategic role in organizations, a broader research agenda must include difficult to quantify risks, such as the more ambiguous operational and strategic risks, and foundational ERM concepts, such as risk appetite, corporate governance, strategic view of risk, breaking down risk management silos and implementation of ERM (Bharathy and McShane, 2014).

Accounting research has brought a focus on the “management” part of ERM with broad efforts on the relationship of management control and corporate governance to risk management. This research has been active in advancing risk management research beyond finance/RMI roots by using multiple research paradigms, such as field and case study methods, contingency theories and actor network theory (Mikes, 2009, 2011; Hopper and Bui, 2016). Other disciplines have contributed also. Nair et al. (2014) and Bogodistov and Wohlgemuth (2017) discuss ERM from a dynamic capability perspective. Gatzert and Schmit (2016) integrate the management of reputation risks into the ERM framework.

The holistic ERM philosophy requires interdisciplinary efforts that result in integration and the building of a more comprehensive perspective. A major issue facing corporate risk management is the effective implementation of ERM, which is not amenable to one-size-fits-all solutions, but is contingent on factors that vary across organizations (Mikes and Kaplan, 2015). This paper proposes organizational design science to overcome the difficulty and uncertainty related to implementing ERM, which requires a major change management process involving the breakdown of functional silos. The organizational design science philosophy includes understanding stakeholders who will be directly affected and proceeds in increments with learning applied after each step. In a complex and rapidly changing environment, planning that locks in an inflexible long-term commitment can lead organizations attempting ERM implementation...