Enhancing public sector enterprise risk management through interactive information processing
Torben J. Andersen
Peter C. Young- 1Department of International Economics, Government and Business, Copenhagen Business School, Frederiksberg, Denmark
- 2Opus College of Business, University of St. Thomas, Minneapolis, MN, United States
Introduction: Federal agencies are increasingly expected to adopt enterprise risk management (ERM). However, public sector adoption of ERM has typically focused on the economic efficiency of tax-financed activities based on control-based practices. This reflects an emphasis on quantifiable concerns that invariably directs attention to risk, that (by definition) relates to identifiable and measurable events, thereby downplaying uncertain and unknown aspects of public exposures. This is a potentially serious shortcoming as government entities often act as society's risk managers of last resort. When extreme events happen what were previously considered private matters can quickly turn into public obligations. Hence, there is a need for proactive assessments of the evolving public risk landscape to discern unpredictable-even unknowable-developments.
Methods: The article reviews recent empirical studies on public risk management practices, effects of digitalization in public sector institutions, current strategic management research, and insights uncovered from a recent study of risk management practices in federal agencies. On this basis, the article explains how the ability to generate value from ERM can be enhanced when it intertwines with local responsive initiatives and central strategic risk analyses. It can form a dynamic adaptive risk management process where insights from dispersed actors inform updated risk analyses based on local autonomy and open exchange of information. This approach builds on specific structural features embedded in culture-driven aspirations to generate collaborative solutions. Its functional mode is an interactive control system with open discussions across levels and functions in contrast to conventional diagnostic controls that monitor predetermined key performance indicators (KPIs) and key risk indicators (KRIs).
Findings: Backed by theoretical rationales and empirical research evidence, it is found that applications of ERM frameworks can produce positive results but is unable to deal with a public risk landscape characterized by uncertain unpredictable conditions with potentially extreme outcome effects. It is shown how interactive exchange of fast local insights and slow integrated strategic risk analyses supported by digitized data processing can form a dynamic adaptive system that enable public sector institutions to deal with emergent high-scale exposures. It is explained how the requirement for conducive organizational structures and supportive values require a new strategic risk leadership approach, which is contrasted to observed practices in federal agencies that are constrained by prevailing public governance requirements.
Discussion: The need to deal with uncertainty and unknown conditions demands a cognitive shift in current thinking from a primary focus on risk to also appraise complexity and prepare for the unexpected where data-driven methods can uncover emergent exposures through dynamic information processing. This requires strategic risk leaders that recognize the significance of complex public exposures with many unknowns and a willingness to facilitate digitalized information processing rooted in a collaborative organizational climate. If handled properly, adoption of ERM in public risk management can consider emergent dimensions in complex public exposures applying interactive information processing as a dynamic adaptive risk management approach incorporating digitized methods to solicit collective intelligence for strategic risk updating.
Introduction
As federal agencies implement enterprise risk management (ERM), these efforts should display the views expressed in the guidelines. This means that all material exposures to potential threats—or opportunities—should receive attention. Ample evidence suggests that this is often not the end-result. Rather, there is a tendency to focus on measurable economic effects of tax-financed public activities while passing over more uncertain and hard-to-assess exposures within a complex environment. To ameliorate this, there is a need to pay more attention to current insights from emergent developments as they occur. Here we note that the public risk landscape is distinct in terms of complexity and potential scale and scope of eventual responsibilities. Many private exposures quickly turn into public obligations when extreme events happen making governmental entities de facto risk managers of last resort. For these reasons there is a call to progress from current compliance and control-based risk management approaches toward more proactive assessments of emergent and unpredictable public exposures. To address this, the article presents a dynamic information processing approach to generate updated data-driven assessments of evolving public concerns on both measurable, and difficult-to-measure exposures.
Based on available evidence, we show that the value derived from ERM adoption can be significantly augmented if the ERM practices operate conjointly with strategic planning processes and local initiatives taken to deal with emergent conditions. This can provide a foundation for dynamic adaptive risk management where ongoing insights from operating entities update the central forward-looking analytics that inform ongoing strategic risk considerations. Dynamic adaptive risk management builds on distinct structural features including delegation of decision power, empowerment of local initiatives, and information systems for data and knowledge exchange to augment risk awareness and enable collaborative solutions.
The following section reviews current research on ERM adoption in the public sector illuminating a dearth of studies looking at uncertain and unknown aspects of the public risk landscape. Then, theoretical rationales and empirical evidence that support an interactive information processing approach are outlined as foundation for dynamic adaptive risk management where digitalized collection of local insights inform updated strategic risk assessments. Finally, we present strategic risk leadership as the fulcrum for dynamic adaptive risk management in public agencies with a view to prevailing governance and administrative constraints.
Background
Public sector agencies have increasingly adopted enterprise risk management (ERM) often based on mandatory requirements [Office of Management and Budget (OMB), 2016; Rana et al., 2019]. Recent research shows, however, that most adoptions assume an attenuated form limited in scope and detail (Young and Hoang, 2023). Varying reasons are given for this outcome, such as difficulty obtaining leadership support, cultural barriers, organizational constraints, political considerations, lack of guidance, etc. (AFERM, 2022). Caution in implementing ERM also plays a role, frequently leading to reliance on traditional risk management methods primarily influenced by audit and internal control applications (e.g., Rana et al., 2019; Bracci et al., 2021). In many agencies, ERM is expressly seen as a management control process (Young and Hoang, 2023). There have been some notable advances and successes, but largely without paying attention to challenges related to uncertain and unknown aspects of public exposures (e.g., Bracci et al., 2021). Human behavior under conditions of uncertainty—indeed all human aspects embedded in the leader-follower dynamics—receives limited attention, which is problematic (Andersen and Young, 2020). Overcoming these stumbling blocks will require a fundamental shift in risk outlook, not only among formally appointed Chief Risk Officers (CROs), but also particularly among policymakers. It will take conscious leadership efforts to change this.
It should be noted that public sector institutions typically exist for different purposes than commercial enterprises, which presents wide-ranging and potentially extreme exposures (e.g., Fone and Young, 2000; Young et al., 2022; Andersen and Young, 2023). Yet, the transference of ERM practices developed for commercial enterprises to public sector entities rarely results in a thorough reconsideration of the underlying principles. To illustrate this commercial/public distinction, consider exposures to extreme events such as financial crises or natural, manmade, and climate-related disasters (e.g., Meyer and Kunreuther, 2017; Courbage and Golnaraghi, 2022). When these so-called low-probability high-impact incidents occur (often unexpectedly) what were previously considered private exposures frequently transform into public liabilities and governmental concerns.1 We know these developments all too well from recent experiences, such as, the COVID-19 pandemic, military conflict in Ukraine, climate-driven flooding events, wildfires, and similar disasters (UK Cabinet Office, 2022). In such contexts, governments and public agencies are (or become) society's risk manager of last resort with potentially unlimited exposure (Moss, 2002). These situations, however, manifest themselves outside the scope of current public risk management practices (Raine and Lloyd, 2013) and typically escape monitoring and ex post risk audits (Domokos et al., 2015).
To be clear, ERM does have a potential to advance learning from engaged discussions and create deeper insights to develop risk strategies among policymakers (Capaldo et al., 2018; Hinna et al., 2018). Yet, in practice there is limited evidence of activities beyond a control-based compliance and audit focus among public institutions (Rana et al., 2019; Bracci et al., 2021).
Therefore, this article intends to search for an approach that facilitates considerations for a wider scope of public exposures—an extensive (strategic) field—using current insights and data to update the ongoing threat assessments. This extended view, should create stronger awareness of the complex public risk environment that needs more flexible, dynamic, and adaptive approaches to navigate turbulent and rapidly changing conditions (e.g., Kay and King, 2002). It requires a different way of thinking about (public) risk management with more concern for the often unpredictable and unmeasurable effects of complex, uncertain, and unknown exposures assessing the capacity to respond to such conditions (Andersen and Young, 2020).
Dealing with a changing environment
The ability to identify emergent risk events in advance and to quantify their impacts—as assumed in conventional risk management—does not hold in complex and uncertain settings. Under a pandemic, for example, it is not possible to make meaningful predictions to determine the societal exposures using conventional risk management tools as “real-life complexity … escapes neat estimations by probabilistic methods” (Seetoh et al., 2012, p. 718). As it turned out, the (global) political context was highly complex and unpredictable under COVID-19 (Shefrin, 2020). Instead, effective adaptation to extreme conditions depends on entrepreneurial improvisation where sharing of current insights creates awareness of emergent events and identifies responsive opportunities in the changing environment (Alonso et al., 2021). This approach should engage stakeholders, including frontline employees, with diverse insights rather than relying on a central risk function to assess exposures based on conventional impact-likelihood calculus (e.g., Rodriguez and Edwards, 2014).
The contemporary risk landscape is changing from probabilistic risk conditions toward uncertain and unknown circumstances with potentially extreme outcome effects (Phillips et al., 2023). These dynamic and complex environmental conditions create wicked problems that are multifaceted with no single optimal solution in easy sight. They comprise issues, such as, global financial crisis, food production sustainability, circular economy standards, climate change effects, and various combinatorial outcomes from these issues. The resolution to wicked problems requires open discussions and collaborative efforts where the challenge is to devise complex multi-stakeholder processes that can lever diverse contributions in collective problem analyses (Elia and Margherita, 2018). The public sector is particularly exposed to turbulent, complex, and unpredictable conditions with wicked problems that require leadership to generate viable solutions and retain the societal order in the face of disruptions.
These challenges to the public system should prompt proactive responses and adaptive processes that can uphold the essential public functions (Chen et al., 2020). This may require engagement of both internal and external competencies where information is shared in collaborative efforts to generate solutions for the whole system (Ansell et al., 2020). Indeed, an organizational capacity to process information effectively—accommodating updated insights to enlighten timely decisions—is associated with superior outcomes (Yu et al., 2019). That is, a complex crisis-situation like a pandemic calls for rapid decisions based on critical current information with frequent interactions between key decision-makers (Phillips et al., 2023). The ability to innovate and find opportunities from crisis situations can be effective when dealing with disruptive conditions (Wenzel et al., 2020) and safeguarding public assets and processes that provide essential services.
Theoretical underpinnings
The dynamic adaptive risk management approach can be conceptualized through theories on strategic responsiveness, collective intelligence, and dynamic adaptation where the first two consider aspects of timely informed responses and the third explains the adaptive dynamic. In combination these theoretical lenses outline the contours of a dynamic adaptive system that—we claim—can respond effectively to ongoing environmental changes.
Strategic responsiveness
Strategic responsiveness has been conceived as a “bundle of capabilities to assess the environment, identify firm resources, and mobilize them in effective responsive actions with the intent of achieving strategic fit over time” (Andersen et al., 2007, p. 410). This resonates with a “dynamic capabilities” concept based on sensing ongoing changes, seizing resources around opportunities, and reconfiguring organized activities as environmental conditions change (Teece et al., 1997; Teece, 2007). It is construed as complex bundles of organizational routines and processes affected by the interventions of managers and leaders (e.g., Teece et al., 2016; Teece, 2018). It can be displayed as strategy-making where managers decide on responsive initiatives as they observe ongoing changes and adjust activities to improve performance (Andersen and Bettis, 2015). Different response capabilities across firms that operate in similar contexts affect their relative effectiveness where high performing organizations generate more stable outcomes above average performance (Andersen et al., 2007). This effect can be modeled as an adaptation process where the ability to observe developments and learning to generate better opportunistic responses lead to more adaptive strategic decisions.
The updated versions of major ERM frameworks emphasize similar associations to the strategy-making process—or strategy-setting (e.g., COSO, 2017; ISO., 2018)2 stating that risk assessment is an important precursor for making strategic decisions. However, this intended aim is rarely achieved even though proclaimed to offer the highest potential for ERM improvement (Viscelli et al., 2016). So, risk management and strategic planning continue to be performed as compartmentalized activities in many private and public organizations. Yet, the empirical evidence shows that planning, i.e., a rational analytical approach to strategy-making, can have a significant positive and material mediating effect on ERM performance (e.g., Sax and Andersen, 2019) where innovative responses are induced by strategic planning (Sakellarios et al., 2022).
Collective intelligence
Collective intelligence is conceived as distributed group intelligence where knowledge resides with many individuals across a social system that holds relevant experiential insights from the interactions performed among various stakeholders. Pentland (2007) demonstrated how social networks provide a basis to understand human intelligence beyond the common focus on individuals in cognitive science as they form a collective “network intelligence” mediated by communication processes. It is often seen as an IT-enhanced phenomenon where the intelligence subsumed in individual skills is mobilized in real-time digitized form through computer intervention (Lévy, 1999). Lévy (2010) further argues that digital technologies provide powerful tools to augment the joint cognitive processes and multiply the formation of collective intelligence through information exchange within digitalized networks.
Communication and information technology (CIT) can connect wide networks of individuals and facilitate interaction across time and space forming a joint virtual knowledge base. The current insights of many individuals constitute their “collective wisdom” that can generate more accurate forecasts (Surowiecki, 2004; Page, 2007a) if the group includes diverse independent individuals with relevant expertise (Hong and Page, 2004; Page, 2007b). It can also increase the joint ability to perform specific tasks (Woolley et al., 2010, 2015) amplified by social sensitivity and broad participation. Use of collective intelligence is generally effective when adapting to uncertain environments facilitated in different domains from computer enhanced networks to agent-based systems (Schut, 2010). An elaborated definition refers to “the capacity of human collectives to engage in intellectual cooperation in order to create, innovate and invent” (Lévy, 2010, p. 71), i.e., it can improve resolutions to complex issues by enhancing an innovative capacity. This is an important design element in effective learning organizations that can generate collaborative solutions to wicked problems (Kirschner et al., 2009; Zambrano et al., 2019). These network structures resemble the collective ideation processes associated with “swarm intelligence” where creative solutions are advanced through open sharing of information and ideas (Gloor, 2006, 2011, 2017; Malone, 2018).
Dynamic adaptation
Dynamic adaptation derives from ideas of combined fast and slow information processing that stimulates an ability to deal with turbulent unpredictable contexts advancing activities in non-linear ways through interim meta-stable positions (e.g., Kelso and Engstrøm, 2006; Pfeifer and Bongard, 2006). This resembles the dynamic models of the human brain developed in modern cognitive science (e.g., Kahneman, 2011). The human brain, groups of people, organizations, and societies can be interpreted as fast-slow information processing systems, where fast insights from current responsive actions inform slow comprehensive forward-looking analyses (e.g., Andersen and Fredens, 2013; Andersen and Hallin, 2016). In organizations, the ongoing learning from emerging strategic initiatives in the operating entities and the strategic planning considerations at head office constitute fast and slow information processes (e.g., Andersen, 2013, 2015). The fast-slow interactive information processing has adaptive advantages but also some limitations caused by potentially distorting biases (Schwenk, 1984; Finkelstein, 2003; e.g., Bazerman and Watkins, 2008; Heffernan, 2011; Shefrin, 2016) and cognitive filters (e.g., Reitzig and Sorenson, 2013; Tuckett and Nikolic, 2017; Sokol-Hessner and Rutledge, 2018). To the extent these adverse influences can be subdued, using (fast) experiential insights from local responses to inform and update the (slow) analytical strategic planning rationales can form a dynamic adaptive system (Andersen, 2015; Andersen et al., 2018). It can exploit the entrepreneurial minds of many internal stakeholders dispersed throughout the organization where their diverse insights can support the adaptive thinking of central strategic decision-makers.
The ability to deal with disruptive events and create adaptive outcomes depends on a capacity to generate innovative responses and using them to modify organizational, or social activities to emergent changes through integrative reconfiguration mechanisms (Teece et al., 1997; Andersen et al., 2007). From this perspective, the empirical evidence on the value creating potential of ERM in turbulent contexts remains rather elusive (Andersen and Sax, 2020). Conversely, a recent study shows that ERM performance can be (significantly and materially) enhanced by decentralized response initiatives in conjunction with central strategic planning processes (Andersen et al., 2022). The study measures ERM adoption by the extent to which the organizations follow the procedures prescribed by the major frameworks (COSO, 2004; ISO., 2009), i.e., whether they abide by the basic principles of ERM (Andersen et al., 2022). So, adhering to the principles of ERM can create value but the performance effects are significantly enhanced when combined with more complex bundles of dynamic adaptive capabilities (Peteraf et al., 2013). Instituting this in organizations requires leadership that is attentive to the dynamic adaptive design parameters of power delegation, open information exchange, and collaboration where managers can overrule formal routines as needed (Teece et al., 2016).
Implications
The complementary perspectives that outline a model of adaptive strategy-making and dynamic risk analysis have not been formally specified despite extensive effort (Schilke et al., 2018). This model resembles collaborative approaches applied in investment planning where internal groups engage in the strategizing efforts soliciting current insights and tacit knowledge from diverse participants (Weigand et al., 2014). It also embraces ideas of open strategy-making where interested stakeholders can contribute through online platforms using diverse insights from ad hoc crowds (Malhotra et al., 2017).
The interactive information processing logic is deceptively simple and consistent with recognized perspectives on interactive strategy-making (e.g., Mintzberg and Waters, 1985; Burgelman and Grove, 2007). However, the model contravenes a common belief that the ability to manage major risks requires central control-based approaches and that comply with a predetermined risk appetite statement condoned by top-management. Information processing in social systems also has behavioral and ethical dimensions that can affect outcomes and therefore must be considered (e.g., Andersen and Young, 2020). The fast-slow interaction implies communication between individuals located in different parts of an organization, or social system, including executives, operating managers, and employees. CIT can facilitate exchange of data across time and space and possibly be devised in ways that may reduce the adverse effects of potential information filtering (Gleasure and Feller, 2016, 2018; e.g., Brooks, 2017).
Model development
Dynamic response capabilities embedded across various operating entities provide strategic decision-makers in an organization, or public policymakers within a social structure,3 with first-hand insights to sense impending changes and identify opportunities that may deal with emergent events (Teece, 2007; e.g., Andersen et al., 2007). Getting access to current insights about evolving developments, and how the operating entities respond to them can update adaptive risk strategies and point to viable solutions. The ability to use these insights depends on a willingness among central strategic thinkers, decision-makers, or leaders, to consciously collect and consider the knowledge held by individuals in the frontline and use this intelligence to inform the strategy deliberations (Figure 1). A function for Strategic Risk Analysis performs ongoing risk assessments for the central strategic decision-makers informed by Current Insights from local operating entities to generate an Updated Risk Strategy.
Figure 1. Interactive information processing to update the risk strategy.
However, strategic decision-makers often ignore or remain unaware of emergent risk events revealed by insights from frontline employees in the operating entities often due to the influence of “dominating elitist” connections (Chen et al., 2009). To improve the ability to recognize new developments, the central risk leaders should probably increase their interactions with frontline personnel building social relationships with lower-level managers and employees. The important updated information can be generated through systematic collection and analysis of current insights from frontline actors in the operating entities (e.g., Andersen, 2015; Andersen and Hallin, 2017). They may also be extracted from direct face-to-face discussions between executives and operating managers in interactive control processes (e.g., Simons, 2005; Andersen and Sax, 2023). The insights gained from responses to evolving changes in the local task environments can be used in a collaborative learning process where an analytical strategic risk function interacts with the operating entities in open exchange of information.
Supporting collaborative effort
People in the operating entities gain updated insights as they observe and respond to often subtle changes in their immediate surroundings as they interact with colleagues, customers or clients, and partners to complete their daily routines and activities. The observed changes in the environment may have strategic significance where systematic data collection and analysis of insights can provide important information for strategic decision-makers as they consider the needs for adaptive actions in an updated risk strategy. But strategic decision-makers develop “dominant logics” formed by past experiences and create cognitive biases that influence the interpretation of observed developments and emergent risk scenarios (e.g., Bettis and Prahalad, 1995; Bazerman and Moore, 2009). Many strategic decision-makers also subconsciously hesitate to consider information from lower-level operating entities due to cognitive and power-related biases (e.g., Dutton, 1993; Blader and Chen, 2012; Tost et al., 2013).
The ability to update strategic decision-makers and public policymakers with current insights from the operating entities is essential for the ability to develop effective adaptive organizations and societies. It is important that ongoing strategic thinking is informed by current insights generated as the local operating entities act on emerging changes and learn from events as they evolve. However, the interactive information exchange of current insights from operating entities and updated risk strategies from a central risk analytical function relies on a willingness among strategic decision-makers to use information from lower-level employees. The positive benefits from collaborative learning can only unfold when the current insights from local responses inform the assessments for updated adaptive risk strategies.
The collection of such “weak signals” may be enhanced by environmental scanning processes, solicitation of expert panels, and data collection using different internet-based tools from networks of creative individuals with intuitive skills and broad knowledge (Holopainen and Toivonen, 2012). IT and digital capabilities can be applied to exchange data that capture ongoing changes and present possible ways to respond (Overby et al., 2006). CIT can give access to relevant market intelligence including data from adjacent governmental units that may reveal important public preferences, political initiatives, etc. Similarly, a range of digital solutions are available to facilitate idea generation, crowdsource solutions, structure communication platforms, and more to support collaborative efforts.
Dynamic information processing
The ability to generate innovative solutions is superior in multi-actor collaborative networks compared to hierarchical and market-based approaches. The positive innovation results can be derived from collaboration in networks that integrate different partnerships including swarms of public and private actors (e.g., Gloor, 2006, 2011, 2017). While collaborative innovation building on diverse contributions to generate public value is superior, the ability to manage diversity requires a common purpose whereby participating actors can process their contributions (Torfing and Ansell, 2017; Torfing et al., 2020). This ascribes to a need for slow analytical information processing linked to strategic risk assessments based on generally accepted objectives and goals. It is argued that eristic reasoning based on debate and exchange of arguments is required to deal with extreme uncertainty whereas heuristic reasoning, i.e., learning through trial-and-error responses is insufficient on its own (Kurdoglu et al., 2022). The interactive information processing model engages both heuristic and eristic reasoning to deal effectively with unpredictable complex conditions. In uncertain evolving environments with many unknowns, the only way to “find out” is by trying, or responding, but this also requires a sensemaking process where the updated trial-and-error learnings can be interpreted to form a new understanding of the evolving context. This is the underlying dynamic of the interactive information processing approach. However, it requires leadership to set up structures that enable, support, promote, and encourage collaboration that can foster collective learning for creative problem solving.
A need for strategic risk leadership
The interactive information processing model implies open communication and data exchange across levels and functions where dominant connections with executive peers lead to different perceptions of the environment than contacts to individuals with a lower hierarchical status. Hence, maintaining nearly exclusive associations with other elites limits the peripheral vision of executive decision-makers (Chen et al., 2009). In contrast, Nonaka et al. (2016) present leadership approaches more likely to foster dynamic response capabilities based on team-level interactions among individual members in the organization. They argue that sensing of environmental changes predominantly is done by frontline employees where the utility of their collective insights must be supported by leadership to unleash the potential to generate adaptive innovation (Nonaka et al., 2016). This involves encouraging and providing a space for new ideas among entrepreneurial individuals in response to tensions between existing operating systems and changing requirements in a rapidly changing environment. The leaders must enable a capacity to deal with potential operating and servicing shortfalls and foster creative solutions for adaptive initiatives (Uhl-Bien and Arena, 2018). Conversely, mimetic strategic behaviors and normative pressures can lead executives toward misguided decisions. Hence, organizations with tightly connected boards fare worse during economic recession compared to firms with less connected boards that are less exposed to pressures of common beliefs (Hudson and Morgan, 2022). It takes a high degree of consciousness among individual leaders to recognize these potential biases and take the necessary measures to circumvent them.
In rapidly changing contexts, leaders are challenged to adapt organizational activities to remain relevant and effective. An uncertain environment with many unknowns requires an ability to deal with potential threats and explore adaptive opportunities. While uncertainty often triggers adoption of control-based approaches with more reporting and constraints, this is a self-defeating proposition as tight controls reduce flexibility and experimentation for creative solutions. Prioritizing immediate efficiencies tend to limit the possibility to create responsive opportunities with a long-term value potential. It is not possible to measure and control things in uncertain unpredictable contexts whereas experimentation and learning from responsive initiatives to deal with evolving developments can generate workable solutions.
It takes a certain leadership style to recognize the rich, diverse, and deep insights that reside among individuals within and around the organization. A transformative leadership style breaks with the control-based approach to engage people in generating opportunities to achieve higher-order goals (Bass and Riggio, 2006; Borener et al., 2007). A respectful leadership style can encourage knowledge sharing through social mindfulness with a willingness to increase opportunities for others in open exchange of information (Gerpott et al., 2020). An enactive leadership style acknowledges the limitations of (even powerful) executives and seeks insights from many individuals in the organization as new knowledge is formed through concrete interactions with the changing environment (e.g., Varela et al., 1992; Thompson, 2007). Meaning is generated from ongoing interpretations of responses and reactions experienced through actions taken as the environmental conditions evolve and derives from “the interplay of action and interpretation rather than the influence of evaluation on choice” (Weick et al., 2005, p. 409). So, enactive leaders form their understanding of the environment from guided responses to ongoing environmental changes where cognitive structures are updated by observed reactions and outcomes.
In unpredictable contexts effective risk management requires collaborative leadership (Jacklin-Jarvis and Potter, 2020) to facilitate collective search for solutions across organizational networks (Kim et al., 2021). It motivates and encourages engagement rather than it directs and controls activities, and it pays attention to behavioral aspects that facilitate information sharing and generate innovative ways to adapt (Murphy et al., 2017; Kapucu and Ustun, 2018). There is a need for strategic risk leadership with a moral connection between leaders, employees, and related stakeholders recognizing that uncertain and unknown environmental factors are important (Andersen and Young, 2020). Strategic risk leaders think critically about the (potential) exposures and effects of dynamic complex contexts where outcomes are hard to predict and require collaborative efforts to generate sustainable solutions.
Organizational culture
The presence of supportive cultural values is essential to execute organizational processes including those promoted by ERM that often refer to “risk-aware” cultures—presumably hinting that organizational members should be conscious about possible exposures. Yet, the implementation of standardized routines may turn into bureaucratic practices with limited awareness of emergent risk events and a reduced capacity to respond proactively to ongoing changes. Responsiveness calls for norms of open communication around early warning signals with joint efforts to gain deeper understanding and generate effective solutions. Establishing these supportive values derive from leadership priorities led by example—not by words—aligned with supportive decision-structures, information systems, and incentive schemes. As Miller (2022) argues: “the responses and behavior of senior leaders, middle management, and frontline personnel … are far more indicative of the risk culture than any number of policies and memorandums”.
The empirical evidence suggests that organic structures where people have room to improvise, compared to more mechanistic structures, make faster and better progress toward ERM adoption (Kimbrough and Componation, 2009). However, leaders (CFOs for instance) that front the ERM efforts are more attuned to the formal strategy setting views of ERM than the employees that operate the ERM frameworks (Viscelli et al., 2016). So, there are significant discrepancies between executives and employees where senior leaders typically have a much rosier perception of the risk culture than the staff that executes the ERM practices (Sheedy and Griffin, 2018). Nonetheless, a recent study shows that a compliance-based defensive organization can adopt a more cognitive and engaged risk climate (Agarwal and Kallapur, 2018). Conscious monitoring of behavioral metrics can proactively guide the risk management policies where associated training programs may develop a risk-aware environment with conscious strategic decision-makers (Miller, 2022). It is relevant to know if the risk climate in the organization lives up to the ERM expectations regarding “ethical values, desired behaviors, and understanding of risk in the entity” (COSO, 2017). This concern should be extended to consider the structural dimensions of dynamic adaptive risk management with interactive information processing capabilities across many individuals in and around the implicated organizational entities.
Discussion
The preceding review of current research shows that ERM adoption in the public sector remains focused on well-intended motives to increase the efficiency of public operations but downplays concerns about major exposures to uncertainty and the unknown. ERM attempts to deal proactively with foreseeable risk scenarios—but it is less successful in addressing the (often) unforeseen and (potentially) extreme public risk exposures. The ERM practices—as generally employed—are insufficient to deal with a complex public risk landscape with major events like financial crises, pandemics, military conflicts, climate-related events, etc. More is required to deal effectively with this evolving public risk environment.
A recent study of ERM adoption in US federal agencies (Young and Hoang, 2023) examines leadership readiness to better understand how risk leaders translate the specifications by the Office of Management and Budget (OMB) (2016) A-123 Circular to their organizations. This provides specific insights into the perceived readiness of risk leaders including their considerations about leadership issues, agency work, organizational culture, employee awareness, and understanding of ERM principles. Three internal factors emerge from this inquiry as critical obstacles to successful ERM adoption that corroborate the extant literature.
Leadership short-termism
The tenure of political leadership is subject to political cycles and career considerations that tend toward shorter terms of service for administrative leaders in federal agencies where major initiatives, like ERM adoption require longer-term leadership commitment. So, short-termism in the leadership ranks is an obstacle that puts a premium on risk leaders (however designated) with knowledge, skills, and acuity to act “as if” a sustained top-level commitment is present and maintained.
Organizational cultural barriers
Difficulties in aligning ERM with organizational culture (or vice versa) are often cited as challenges to implementation where short-termism in leadership makes it harder to induce cultural changes. Even with a formally designated (long-term) risk leader, the relative standing of that individual might restrain the cultural change efforts.
Legal and political constructions
The legal and political considerations in federal agencies may be at odds with conventional ERM practices as well as many behavioral factors that influence performance outcomes. The principle of power separation may conflict with efficiency/efficacy objectives, privacy concerns can delimit information-sharing, budgeting processes can interfere with longer-term considerations, while the political dynamic often introduces major policy changes, etc. For these reasons public sector risk management is materially distinct from commercial ERM practices (Andersen and Young, 2023), which suggests that ERM practices cannot be transferred wholesale into public agency settings.
The distinct public sector “conditions” should be considered when proposing a dynamic adaptive risk management approach based on principles of interactive information processing based on data exchanges among diverse stakeholders across levels, functions, and entities. In a public context, the core idea is to quickly uncover current insights generated at the operating frontlines where local agents are the first to observe new developments. Acting as first-responders help agents learn as they gain current insights from initial responses to the evolving changes. Collecting this information and feeding it into analytical sensemaking processes around strategists and policymakers can inform updated risk strategy reviews considering opportunistic solutions to needed adaptations based on collective efforts among engaged stakeholders.
This approach requires a leadership style with a willingness to engage the collective intelligence to develop better updated risk strategies. It can use various CIT systems and AI tools to facilitate the data and information exchange processes while circumventing effects of information filtering and cognitive biases. This should not be done uncritically as use of computer-based information networks raises concerns that require further research to untangle including issues of privacy, transparency, manipulation, etc. While there are benefits to derive from AI enabled information processing, it should be adopted in ways that aligning with required process specifications and network arrangements (e.g., Taylor, 2019). It must also recognize how AI technology interacts with people and affects social institutions to ensure that norms formalized in the digitalized systems align with the values of the social settings where they are deployed (Venkatasubramanian et al., 2020). As important governance functions can become informed—even automatically executed—by machine learning algorithms (for the claimed benefit of society), there is a need to impose human oversight functions that can secure privacy and fundamental rights of citizens (Florin, 2022). Hence, the nationwide network of fusion centers supported by the Department of Homeland Security (DHS) to collect risk-related data failed to ensure proper use and thereby have undermined civil rights and liberties under the guise of public security (German et al., 2022).
It is argued that innovation emerges from disorder through “destructive creation” that may lead to “creative destruction” as successful innovations are diffused throughout the organization (Li et al., 2020). Yet, the most influential innovative ideas arise from in-person contacts across diverse entities suggesting that collaboration through technological connectivity may enable short-term innovations that eventually collapse due to cultural and psychological factors (Li et al., 2020). The use of videoconferencing is also found to inhibit creative ideas as this form of communication misses essential features of in-person interactions, such as, eye-gaze, recall stimuli, and latent semantics (Brucks and Levav, 2022). Hence, applications of CIT and AI to build interactive relationships, facilitate information exchange, and generate innovative solutions are promising but most likely cannot stand on their own.
Empirical studies of digitization,4 or digitalization, typically focus on positive aspects and discards negative implications (Trittin-Ulbrich et al., 2021), such as, professional concerns of misapplied digital outputs (Karsten, 2021) or subversive actions to regain work discretion (Lammi, 2021). Digitalization affects relationships and administrative workflows where adoption of digital technology is shaped by discourse influenced by vested interests, ethical concerns, and algorithms with outcomes that may threaten professional autonomy and reduce service quality (Andersson et al., 2022). In this context, studies on implementation of digital solutions are often vague and incomplete (Carroll et al., 2023). Hence, implementation of digital technologies can depersonalize work with negative effects on the organizational climate while interactive employee–manager relationships and involvement reduce these adverse outcomes (Palumbo, 2022). Failed digital transformations are often caused by “blind” pursuit of an “exciting” technology without a clear purpose, which instead calls for a human leadership-centric approach to foster innovative adaptation based on insights from many individuals (Kotter et al., 2021). This requires an open engaging leadership style where change derives from interaction among many people in the organization and external stakeholders to generate opportunities for adaptive moves (Kotter et al., 2021). That is, leadership makes the difference.
This makes it clear that development of dynamic adaptive systems not only calls for different digital technologies, including CIT and AI enhanced tools, but ultimately requires a different type of leader and a specific leadership style—strategic risk leadership. This requires further—and deeper—investigation where it is fair to acknowledge that, among the many challenges is also one of creating organizational “buy-in” and cultural harmony. The aim of achieving these goals—if even possible—tends to dominate the first years of a CRO's tenure (University of St. Thomas, 2014). Thus, alongside the task of imposing dynamic, or adaptive response capabilities—we see significant related leadership challenges. It seems critical that leaders adopt more interactive and collaborative approaches guided by “strategic” sensibility for long-term resilient outcomes. This can be learned, but success is greatly influenced by individual personality traits, attitudes, and experiences. Other complications, as noted, include short-termism in federal agencies, along with the political dynamics and public budget cycles. The leadership of cultural change raises other concerns. The open sharing of information requires formal permissions and can lead to potential criticisms—where many risk issues imply potential errors and mistakes—particularly under extreme uncertainty—that may cause legal actions, ethical concerns, and political criticisms.
So, political acuity and administratve acumen would seem important attributes among risk leaders in public agencies—on top of leadership styles that differ from conventional control-based management approaches. It appears likely that formally appointed risk leaders must possess rather distinct capabilities—at times requiring them to lead absent engagement from executive directors, or political appointees, with hard-to-change cultural obstacles, and few possibilities to circumvent the unique pressures of public policy.
Conclusion
A thorough review of empirical studies points to dynamic adaptive risk management based on interactive information processing as a promising way of upgrading ERM to deal with uncertainty and unknown exposures in the evolving public risk landscape. CIT and AI can facilitate the open information exchange in ways that avoid cognitive biases, filtering effects, and data manipulation but more research is needed to uncover these possibilities. The most updated empirics on digitization in the public sector shows that positive economic effects can be counteracted by unexpected organizational and social consequences. Hence, it takes a particular leadership style to foster organizational structures that enable entrepreneurial initiatives supported by values conducive to collaborative efforts with open information exchange and communication. It requires leadership skills rather than technical prowess with a different way of thinking about public risk management issues. It is reflected in strategic risk leadership—a mental shift recognizing the importance of uncertainty and unknowability while thinking critically about emergent events in dynamic complex public contexts showing a willingness to engage collective intelligence and collaborative efforts in the development of responsive risk strategies.
Data availability statement
The original contributions presented in the study are included in the article/supplementary material, further inquiries can be directed to the corresponding author.
Author contributions
All authors listed have made a substantial, direct, and intellectual contribution to the work and approved it for publication.
Acknowledgments
TA acknowledges support from the Independent Research Fund Denmark Grant 8019-00046B for this work as part of a larger project on Risky Business: Managing in a world with extreme exposures. PY extends his gratitude to the IBM Center for the Business of Government for support to an affiliated project examining the leadership role in ERM adoptions within US federal agencies.
Conflict of interest
The authors declare that the research was conducted in the absence of any commercial or financial relationships that could be construed as a potential conflict of interest.
Publisher's note
All claims expressed in this article are solely those of the authors and do not necessarily represent those of their affiliated organizations, or those of the publisher, the editors and the reviewers. Any product that may be evaluated in this article, or claim that may be made by its manufacturer, is not guaranteed or endorsed by the publisher.
Footnotes
1. ^To illustrate this, President Bush as an example signed a US$ 10.5 billion relief package to support relief efforts around New Orleans after Hurricane Katrina's landfall in 2005. Treasury Secretary, Paulson and President Bush also proposed buying up to US$ 700 billion mortgage-backed assets from financial institutions in fall 2008 to improve market conditions. In early 2009, the Obama administration proposed an economic stimulus package at an estimated cost around US$ 825 billion and after the Deepwater Horizon explosion in 2010, the federal authorities committed resources (working around the clock) to mitigate the impact of the oil spill. In short, central government and its agencies typically pitch in with substantial resources, when extreme, but in principle foreseeable events happen.
2. ^The ERM frameworks use the term, “strategy setting”, to denote the efforts to formulate, or develop a formal strategy for intended activities.
3. ^Defined as the distinctive arrangement of institutions set up for citizens to interact and operate in a society.
4. ^Use of digital technologies implies “digitization” that converts information from paper-based to digital storage, and “digitalization” that (supposedly) deals with the conversion of manual workflows to digital processes. However, we find that work practices in the public sector change with digitization (Plesner et al., 2018), so the distinction between the two terms is truly blurred.
References
AFERM (2022). The Association for Federal Enterprise Risk Management. 2022 Annual Survey. Available online at: https://aferm.org (accessed August 05, 2023).
Agarwal, R., and Kallapur, S. (2018). Cognitive risk culture and advanced roles of actors in risk governance: a case study. J. Risk Finan. 19, 327–342. doi: 10.1108/JRF-11-2017-0189
Alonso, A. D., Bressan, A., Sakellarios, N., Koresis, A., Solis, M. A. B., and Santoni, L. J. (2021). Facing and responding to the COVID-19 threat – an empirical examination of MSMEs. Eur. Busin. Rev. 33, 775–796. doi: 10.1108/EBR-09-2020-0231
Andersen, T. J. (2013). Short Introduction to Strategic Management. Cambridge: Cambridge University Press. doi: 10.1017/CBO9781139381642
Andersen, T. J. (2015). Interactive strategy-making: combining central reasoning with ongoing learning from decentralized responses. J. General Manage. 40, 69–88. doi: 10.1177/030630701504000405
Andersen, T. J., and Bettis, R. A. (2015). Exploring longitudinal risk-return relationships. Strateg. Manage. J. 36, 1135–1145. doi: 10.1002/smj.2281
Andersen, T. J., Denrell, J., and Bettis, R. A. (2007). Strategic responsiveness and Bowman's risk-return paradox. Strateg. Manag. J. 28, 407–429. doi: 10.1002/smj.596
Andersen, T. J., and Fredens, K. (2013). “The responsive organization: Understanding the dual processes of the human mind and human interaction in strategy making,” in CGSR Working Paper Series No. 1. Frederiksberg: Copenhagen Business School.
Andersen, T. J., and Hallin, C. A. (2016). The adaptive organization and fast-slow systems. oxford research encyclopedia. business policy and strategy, organization theory. Organizat. Behav. doi: 10.1093/acrefore/9780190224851.013.126
Andersen, T. J., and Hallin, C. A. (2017). Global Strategic Responsiveness: Exploiting Frontline Information in the Adaptive Multinational Enterprise. London, UK: Routledge. doi: 10.4324/9781315469058
Andersen, T. J., Hallin, C. A., and Fredens, K. (2018). Et Netværk af Hjerner: Tænk med dine medarbejdere og led med succes. Copenhagen, Denmark: Gyldendal Business.
Andersen, T. J., and Sax, J. (2020). “Strategic risk management – a research overview,” in State of the Art in Business Research. Abingdon, UK: Routledge.
Andersen, T. J., and Sax, J. (2023). “Responding to advance upside potential through interactive strategic control processes,” in Responding to Uncertain Conditions: New research on strategic adaptation, eds. T. J. Andersen, T. J. Bingley, UK: Emerald Publishing, 65–89.
Andersen, T. J., Sax, J., and Gianozzi, A. (2022). Conjoint effects of interacting strategy-making processes and lines of defense practices in strategic risk management: an empirical study. Long Range Plann. 55, 1–21. doi: 10.1016/j.lrp.2021.102164
Andersen, T. J., and Young, P. C. (2020). Strategic Risk Leadership: Engaging a World of Risk, Uncertainty, and the Unknown. Abingdon, UK: Routledge. doi: 10.4324/9781003006220
Andersen, T. J., and Young, P. C. (2023). Reshaping public sector (enterprise) risk management. Int. J. Public Admini. doi: 10.1080/01900692.2023.2197170
Andersson, C., Hallin, A., and Ivory, C. (2022). Unpacking the digitalization of public services: configuring work during automation in local government. Gov. Inf. Q. 39, 101662. doi: 10.1016/j.giq.2021.101662
Ansell, C., Sørensen, E., and Torfing, J. (2020). The COVID-19 pandemic as a game changer for public administration and leadership? The need for robust governance responses to turbulent problems. Public Manage. Rev. 23, 949–960. doi: 10.1080/14719037.2020.1820272
Bass, B. M., and Riggio, R. E. (2006). Transformational Leadership. Mahwah, NJ: Lawrence Erlbaum Publishers. doi: 10.4324/9781410617095
Bazerman, M. H., and Moore, D. (2009). The Managerial Decision Making Process (5th ed). Hoboken, NJ: Wiley.
Bazerman, M. H., and Watkins, M. D. (2008). Predictable Surprises: The Disasters You Should Have Seen Coming, and How to Prevent Them. Boston, MA: Harvard Business Press.
Bettis, R. A., and Prahalad, C. K. (1995). The dominant logic: retrospective and extension. Strateg. Manag. J. 16, 5–14. doi: 10.1002/smj.4250160104
Blader, S., and Chen, Y. (2012). Differentiating the effects of status and power: a justice perspective. J. Pers. Soc. Psychol. 102, 994–1014. doi: 10.1037/a0026651
Borener, S., Eisenbeliss, S. A., and Griesser, D. (2007). Follower behavior and organizational performance: the impact of transformational leaders. J. Leader. Organizat. Stud. 13, 15–26. doi: 10.1177/10717919070130030201
Bracci, E., Tallaki, M., Gobbo, G., and Papi, L. (2021). Risk management in the public sector: a structured literature review. Int. J. Public Sector Manage. 34, 205–223. doi: 10.1108/IJPSM-02-2020-0049
Brooks, R. (2017). The Seven Deadly Sins of AI Predictions, MIT Technology Review. Available online at: https://www.technologyreview.com/s/609048/the-seven-deadly-sins-of-ai-predictions (accessed October 04, 2023).
Brucks, M. S., and Levav, J. (2022). Virtual communication curbs creative idea generation. Nature 605, 108–112. doi: 10.1038/s41586-022-04643-y
Burgelman, R. A., and Grove, A. S. (2007). Let chaos reign, then rein in chaos-repeatedly: Managing strategic dynamics for corporate longevity. Strateg. Manag. J. 28, 965–979. doi: 10.1002/smj.625
Capaldo, G., Costantino, N., Pellegrino, R., and Rippa, R. (2018). The role of risk in improving goal setting in performance management practices within public sector: an explorative research in courts offices in Italy. Int. J. Public Admi. 41, 986–997. doi: 10.1080/01900692.2017.1317799
Carroll, N., Conboy, K., Hassan, N. R., Hess, T., Junglas, I., and Morgan, L. (2023). Problematizing assumptions on digital transformation research in the information systems field. Commun. Assoc. Inform. Syst. 53, 15. doi: 10.17705/1CAIS.05322
Chen, G., Trevino, L. K., and Hambrick, D. C. (2009). CEO elitist association: toward a new understanding of an executive behavioral pattern. Leadersh. Q. 20, 316–328. doi: 10.1016/j.leaqua.2009.03.003
Chen, J., Walker, R. M., and Sawhney, M. (2020). Public service innovation: a typology. Public Manag. Rev. 22, 1674–1695. doi: 10.1080/14719037.2019.1645874
COSO (2004). “Enterprise risk management – integrated framework,” in Committee of Sponsoring Organizations of the Treadway Commission.
COSO (2017). “Enterprise risk management – integrating with strategy and performance,” in Committee of Sponsoring Organizations of the Treadway Commission.
Courbage, C., and Golnaraghi, M. (2022). Extreme events, climate risks and insurance – editorial: issues and practice. Geneva Papers Risk Insur. 47, 1–4. doi: 10.1057/s41288-021-00260-4
Domokos, L., Nyéki, M., Jakovác, K., Németh, E., and Hatvani, C. (2015). Risk analysis and risk management in the public sector and in public auditing. Public Finan. Quart. 1, 7–28. Available online at: https://unipub.lib.uni-corvinus.hu/8849/1/a_domokos_2015_1.pdf
Dutton, J. E. (1993). Interpretations an automatic: a different view of strategic issue diagnosis. J. Manage. Stud. 30, 339–357. doi: 10.1111/j.1467-6486.1993.tb00308.x
Elia, G., and Margherita, A. (2018). Can we solve wicked problems? A conceptual framework and a collective intelligence system to support problem analysis and solution design for complex social issues. Technol. Forecast. Soc. Change 133, 279–286. doi: 10.1016/j.techfore.2018.03.010
Finkelstein, S. (2003). Why Smart Executives Fail and What You Can Learn from Their Mistakes. New York, NY: Portfolio Penguin Group.
Florin, M. V. (2022). Nine Recommendations for the Governance of AI Systems. Geneva: International Risk Governance Center (IRGC). Available online at: https://www.epfl.ch/research/domains/irgc/nine-recommendations-for-the-governance-of-ai-systems/ (accessed October 04, 2023).
German, M., Lewinson-Waldman, R., and Mueller-Hsia, K. (2022). Ending Fusion Center Abuses: A Roadmap for Robust Federal Oversight. New York: Brennan Center for Justice, New York University School of Law. Available online at: https://www.brennancenter.org/our-work/policy-solutions/ending-fusion-center-abuses (accessed September 27, 2023).
Gerpott, F. H., Fasbender, U., and Burmeister, A. (2020). Respectful leadership and followers' knowledge sharing: a social mindfulness lens. Hum. Relat. 73, 789–810. doi: 10.1177/0018726719844813
Gleasure, R., and Feller, J. (2016). Emerging technologies and the democratization of financial services: a meta-triangulation of crowdfunding research. Inform. Organizat. 26, 101–115. doi: 10.1016/j.infoandorg.2016.09.001
Gleasure, R., and Feller, J. (2018). What kind of cause unites a crowd? Understanding crowdfunding as collective action. J. Elect. Commerce Res. 19, 223–236. Available online at: http://www.jecr.org/sites/default/files/2018vol19no3_paper2.pdf
Gloor, P. A. (2006). Swarm Creativity: Competitive Advantage Through Collaborative Innovation Networks. Oxford, UK: Oxford University Press.
Gloor, P. A. (2011). Cool Farming: Turn Your Great Idea into the Next Big Thing. New York, NY: AMACOM.
Gloor, P. A. (2017). Swarm Leadership and the Collective Mind: Using Collaborative Innovation Networks to Build a Better Business. New York, NY: Emerald Publishing. doi: 10.1108/9781787142008
Heffernan, M. (2011). Willful Blindness: Why We Ignore the Obvious at Our Peril. London, UK: Bloomsbury.
Hinna, A., Scarozza, D., and Rotundi, F. (2018). Implementing risk management in the Italian public sector: hybridization between old and new practices. Int. J. Public Admin. 41, 110–128. doi: 10.1080/01900692.2016.1255959
Holopainen, M., and Toivonen, M. (2012). Weak signals: Ansoff today. Futures 44, 198–205. doi: 10.1016/j.futures.2011.10.002
Hong, L., and Page, S. E. (2004). Groups of diverse problem solvers can outperform groups of high-ability problem solvers. Proc. Natl. Acad. Sci. USA. 101, 16385–16389. doi: 10.1073/pnas.0403723101
Hudson, K., and Morgan, R. E. (2022). The wisdom and madness of crowds: How information networks and board cognition help or hinder firm performance across the business cycle. Long Range Plann. 55, 1–20. doi: 10.1016/j.lrp.2021.102180
ISO. (2009). Risk Management – Principles and Guidelines [ISO 31000]. Geneva: International Organization for Standardization.
ISO. (2018). Risk Management - ISO 31000 Update. Geneva: International Organization for Standardization.
Jacklin-Jarvis, C., and Potter, K. (2020). Exploring the potential for collaborative leadership through a policy lens: a comparative analysis of children's services and flood risk management. Int. J. Public Admin. 43, 1386–1396. doi: 10.1080/01900692.2019.1669176
Kapucu, N., and Ustun, Y. (2018). Collaborative crisis management and leadership in the public sector. Int. J. Public Admin. 41, 548–561. doi: 10.1080/01900692.2017.1280819
Karsten, M. M. V. (2021). Dislocated dialogue: an anthropological investigation of digitization among professionals in fire safety. Organization 28, 92–114. doi: 10.1177/1350508420961527
Kay, J., and King, M. (2002). Radical Uncertainty: Decision-Making for an Unknowable Future. London, UK: The Bridge Street Press.
Kim, K., Andrew, S. A., and Jung, K. (2021). Building resilient organizations: Organizational resilience as a network outcome. Int. J. Public Admin. 44, 1319–1328. doi: 10.1080/01900692.2020.1758720
Kimbrough, R. L., and Componation, P. J. (2009). The relationship between organizational culture and enterprise risk management. Eng. Manage. J. 21, 18–26. doi: 10.1080/10429247.2009.11431803
Kirschner, F., Paas, F., and Kirschner, P. A. (2009). A cognitive load approach to collaborative learning: United brains for complex tasks. Educ. Psychol. Rev. 21, 31–42. doi: 10.1007/s10648-008-9095-2
Kotter, J. P., Akhtar, V., and Gupta, G. (2021). Change: How Organizations Achieve Hard-to-Imagine Results. Hoboken, NJ: Wiley.
Kurdoglu, R. S., Ates, N. Y., and Lerner, D. A. (2022). Decision-making under extreme uncertainty: Eristic rather than heuristic. Int. J. Entrepren. Behav. Res. 29, 763–782. doi: 10.1108/IJEBR-07-2022-0587
Lammi, I. J. (2021). Automating to control: the unexpected consequences of modern automated work delivery in practice. Organization 28, 115–131. doi: 10.1177/1350508420968179
Lévy, P. (1999). Collective Intelligence: Mankind's Emerging World in Cyberspace. New York, NY: Perseus Publishing.
Lévy, P. (2010). From social computing to reflexive collective intelligence: the IEML research program. Inf. Sci. 180, 71–94. doi: 10.1016/j.ins.2009.08.001
Li, L., Wu, L., and James, E. (2020). Social centralization and semantic collapse: hyperbolic embeddings of networks and text. Poetics 78, 101428. doi: 10.1016/j.poetic.2019.101428
Malhotra, A., Majchrzak, A., and Niemiec, R. M. (2017). Using public crowds for open strategy formulation: Mitigating the risks of knowledge gaps. Long Range Plann. 50, 397–410. doi: 10.1016/j.lrp.2016.06.004
Malone, T. W. (2018). Superminds: The Surprising Power of People and Computers Thinking Together. Boston, MA: Little, Brown.
Meyer, R., and Kunreuther, H. (2017). The Ostrich Paradox: Why we Underprepare for Disasters. Philadelphia, PA: Wharton Digital Press.
Miller, P. (2022). Does your organization assess risk culture? If not, it should. Here's how. Front. Res. Metr. Analyt. 7, 1–5. doi: 10.3389/frma.2022.891324
Mintzberg, H., and Waters, J. A. (1985). Of strategies, deliberate and emergent. Strateg. Manag. J. 6, 257–272. doi: 10.1002/smj.4250060306
Moss, D. A. (2002). When All Else Fails: Government as Ultimate Risk Manager. Cambridge, MA: Harvard University Press.
Murphy, J., Rhodes, M. L., Meek, J. W., and Denyer, D. (2017). Managing the entanglement: complexity leadership in public sector systems. Public Adm. Rev. 77, 692–704. doi: 10.1111/puar.12698
Nonaka, I., Hirose, A., and Takeda, Y. (2016). ‘Meso'-foundations of dynamic capabilities: Team-level synthesis and distributed leadership as the source of dynamic creativity. Global Strate. J. 6, 168–182. doi: 10.1002/gsj.1125
Office of Management and Budget (OMB) (2016). OMB Circular A-123: Management's Responsibility for Enterprise Risk Management (ERM) and Internal Control.
Overby, E., Bharadwaj, A., and Sambamurthy, V. (2006). Enterprise agility and the enabling role of information technology. Eur. J. Inform. Syst. 15, 120–131. doi: 10.1057/palgrave.ejis.3000600
Page, S. E. (2007a). The Difference: How the Power of Diversity Creates Better Groups, Firms, Schools, and Societies. Philadelphia, PA: Princeton University Press.
Page, S. E. (2007b). Making the difference: Applying a logic of diversity. Acad. Manage. Perspect. 21, 6–20. doi: 10.5465/amp.2007.27895335
Palumbo, R. (2022). Does digitizing involve desensitizing? Strategic insights into the side effects of workplace digitization. Public Manage. Rev. 24, 975–1000. doi: 10.1080/14719037.2021.1877796
Pentland, A. (2007). On the collective nature of human intelligence. Adapt. Behav. 15, 189–198. doi: 10.1177/1059712307078653
Peteraf, M. A., Di Stefano, G., and Verona, G. (2013). The elephant in the room of dynamic capabilities: bringing two diverging conversations together. Strateg. Manag. J. 34, 1389–1410. doi: 10.1002/smj.2078
Pfeifer, R., and Bongard, J. (2006). How the Body Shapes the Way We Think: A new view of intelligence. Cambridge, MA: MIT Press.
Phillips, W., Roehrich, J. K., and Kapletia, D. (2023). Responding to information asymmetry in crisis situations: Innovation at the time of the COVID-19 pandemic. Public Manag. Rev. 25, 175–198. doi: 10.1080/14719037.2021.1960737
Plesner, U., Justesen, L., and Glerup, C. (2018). The transformation of work in digitized public sector organizations. J. Organizat. Change Manage. 31, 1176–1190. doi: 10.1108/JOCM-06-2017-0257
Raine, J. W., and Lloyd, H. (2013). Public management reform and the regulation of private business: risk-driven, customer-centric, and all joined-up? Int. J. Public Admin. 36, 695–709. doi: 10.1080/01900692.2013.791313
Rana, T., Wickramasinghe, D., and Bracci, E. (2019). New development: Integrating risk management in management control systems—lessons for public sector managers. Public Money Manage. 39, 148–151. doi: 10.1080/09540962.2019.1580921
Reitzig, M., and Sorenson, O. (2013). Biases in the selection stage of bottom-up strategy formulation. Strateg. Manag. J. 34, 782–799. doi: 10.1002/smj.2047
Rodriguez, E., and Edwards, J. S. (2014). Knowledge management in support of enterprise risk management. Int. J. Knowl. Manage. 10, 43–61. doi: 10.4018/ijkm.2014040104
Sakellarios, N., Alonso, A. D., Kok, S. K., O'Brien, S., Fillis, I., and Vu, O. T. K. (2022). Resilience and coping with a long term crisis: the cases of Cypriot and Greek micro and small firms. Eur. Busin. Rev. 34, 605–623. doi: 10.1108/EBR-05-2021-0108
Sax, J., and Andersen, T. J. (2019). Making risk management strategic: Integrating enterprise risk management with strategic planning. Eur. Manage. Rev. 16, 719–740. doi: 10.1111/emre.12185
Schilke, O., Hu, S., and Helfat, C. (2018). Quo vadis, dynamic capabilities? A content-analytic review of the current state of knowledge and recommendations for future research. Acad. Manage. Annals 12, 390–439. doi: 10.5465/annals.2016.0014
Schut, A. C. (2010). On model design for simulation of collective intelligence. Inf. Sci. 180, 132–155. doi: 10.1016/j.ins.2009.08.006
Schwenk, C. H. (1984). Cognitive simplification processes in strategic decision-making. Strateg. Manag. J. 5, 111–128. doi: 10.1002/smj.4250050203
Seetoh, T., Liverani, M., and Coker, R. (2012). Framing risk in pandemic influenza policy and control. Glob. Public Health 7, 717–730. doi: 10.1080/17441692.2012.699541
Sheedy, E., and Griffin, B. (2018). Risk governance, structures, culture, and behavior: A view from the inside. Corp. Govern. Int. Rev. 26, 4–22. doi: 10.1111/corg.12200
Shefrin, H. (2016). “How psychological pitfalls generated the global financial crisis,” in The Routledge Companion to Strategic Risk Management, eds. T. J. Andersen. London: Routledge 269–295.
Shefrin, H. (2020). The psychology underlying biased forecasts of COVID-19 cases and deaths in the United States. Front. Psychol. 11, 1–11. doi: 10.3389/fpsyg.2020.590594
Simons, R. (2005). Levers of Organization Design: How Managers Use Accountability Systems for Greater Performance and Commitment. Boston, MA: Harvard Business Press.
Sokol-Hessner, P., and Rutledge, R. B. (2018). The psychological and neural basis of loss aversion. Curr. Direct. Psychol. Sci. 28, 1–8. doi: 10.1177/0963721418806510
Surowiecki, J. (2004). The Wisdom of Crowds: Why the Many are Smarter Than the Few and How Collective Wisdom Shapes Business, Economies, Societies, and Nations. New York, NY: Doubleday & Co.
Taylor, T. (2019). Artificial intelligence in defence. RUSI J. 164, 72–81. doi: 10.1080/03071847.2019.1694229
Teece, D. J. (2007). Explicating dynamic capabilities: the nature and microfoundations of (sustainable) enterprise performance. Strateg. Manag. J. 28, 1319–1350. doi: 10.1002/smj.640
Teece, D. J. (2018). Business models and dynamic capabilities. Long Range Plann. 51, 40–49. doi: 10.1016/j.lrp.2017.06.007
Teece, D. J., Peteraf, M., and Leih, S. (2016). Dynamic capabilities and organizational agility: risk, uncertainty, and strategy in the innovation economy. Calif. Manage. Rev. 58, 13–35. doi: 10.1525/cmr.2016.58.4.13
Teece, D. J., Pisano, G., and Shuen, A. (1997). Dynamic capabilities and strategic management. Strateg. Manag. J. 18, 509–533.
Thompson, E. (2007). Mind in Life: Biology, Phenomenology, and the Sciences of Mind. Boston, MA: Harvard University Press.
Torfing, J., and Ansell, C. (2017). Strengthening political leadership and policy innovation through the expansion of collaborative forms of governance. Public Manage. Rev. 19, 37–54. doi: 10.1080/14719037.2016.1200662
Torfing, J., Cristofoli, D., Gloor, P. A., Meijer, A. J., and Trivellato, B. (2020). Taming the snake in paradise: combining institutional design and leadership to enhance collaborative innovation. Policy Soc. 39, 592–616. doi: 10.1080/14494035.2020.1794749
Tost, L. P., Gino, F., and Larrick, R. P. (2013). When power makes others speechless: the negative impact of leader power on team performance. Acad. Manage. J. 56, 1465–1486. doi: 10.5465/amj.2011.0180
Trittin-Ulbrich, H., Scherer, A. G., Munro, I., and Whelan, G. (2021). Exploring the dark and unexpected sides of digitalization: toward a critical agenda. Organization 28, 8–25. doi: 10.1177/1350508420968184
Tuckett, D., and Nikolic, M. (2017). The role of conviction and narrative in decision-making under radical uncertainty. Theory Psychol. 27, 501–523. doi: 10.1177/0959354317713158
Uhl-Bien, M., and Arena, M. (2018). Leadership for organizational adaptability: a theoretical synthesis and integrative framework. Leadership Quart. 29, 89–104. doi: 10.1016/j.leaqua.2017.12.009
UK Cabinet Office (2022). Government Response to Preparing for Extreme Risks: Building a Resilient Society. Available online at: https://www.gov.uk/government/publications/government-response-to-preparing-for-extreme-risks-building-a-resilient-society (accessed September 27, 2023).
Varela, F. J., Thompson, E., and Rosch, E. (1992). The Embodied Mind: Cognitive science and human experience. MIT Press, Cambridge, MA. doi: 10.7551/mitpress/6730.001.0001
Venkatasubramanian, S., Bliss, N., Nissenbaum, H., and Moses, M. (2020). “Interdisciplinary approaches to understanding artificial intelligence's impact on society,” in The Computing Community Consortium (CCC). Available online at: https://cra.org/ccc/resources/ccc-led-whitepapers/#2020-quadrennial-papers (accessed September 27, 2023).
Viscelli, T. R., Beasley, M. S., and Hermanson, D. R. (2016). “Research insights about risk governance: implications from a review of ERM research,” in SAGE Open, 6, 1–17. doi: 10.1177/2158244016680230
Weick, K. E., Sutcliffe, K. M., and Obstfeld, D. (2005). Organizing and the process of sensemaking. Organizat. Sci. 16, 409–421. doi: 10.1287/orsc.1050.0133
Weigand, K., Flanagan, T., Dye, K., and Jones, P. (2014). Collaborative foresight: complementing long-horizon strategic planning. Technol. Forecast. Soc. Change 85, 134–152. doi: 10.1016/j.techfore.2013.08.016
Wenzel, M., Stanske, S., and Lieberman, M. B. (2020). Strategic responses to crisis. Strateg. Manag. J. 41, V7–V18. doi: 10.1002/smj.3161
Woolley, A. W., Aggarwal, I., and Malone, T. W. (2015). Collective intelligence and group performance. Curr. Dir. Psychol. Sci. 24, 420–424. doi: 10.1177/0963721415599543
Woolley, A. W., Chabris, C. F., Pentland, A., Hashmi, N., and Malone, T. W. (2010). Evidence for a collective intelligence factor in the performance of human groups. Science 330, 686–688. doi: 10.1126/science.1193147
Young, P. C., Grima, S., and Gonzi, R. D. (2022). “Public sector leadership in assessing and addressing risk,” in Emerald Studies in Finance, Insurance, and Risk Management. Abingdon, UK: Emerald Publishing.
Young, P. C., and Hoang, T. (2023). Implementing Enterprise Risk Management: Assessing Agency Readiness. Connecting Research to Practice Series. Washington: IBM Center for the Business of Government.
Yu, W., Chavez, R., Jacobs, M., Wong, C. Y., and Yuan, C. (2019). Environmental scanning, supply chain integration, responsiveness, and operational performance. Int. J. Operat. Prod. Manage. 39, 787–814. doi: 10.1108/IJOPM-07-2018-0395
Keywords: complexity, dynamic adaptive systems, interactive information processes, public risk management, strategic risk leadership, uncertainty
Citation: Andersen TJ and Young PC (2023) Enhancing public sector enterprise risk management through interactive information processing. Front. Res. Metr. Anal. 8:1239447. doi: 10.3389/frma.2023.1239447
Received: 13 June 2023; Accepted: 28 November 2023;
Published: 20 December 2023.
Edited by:
Natalie Houghtby-Haddon, George Washington University, United StatesReviewed by:
Temika Edwards, United States Department of Housing and Urban Development, United StatesAsish Satpathy, Arizona State University, United States
Copyright © 2023 Andersen and Young. This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY). The use, distribution or reproduction in other forums is permitted, provided the original author(s) and the copyright owner(s) are credited and that the original publication in this journal is cited, in accordance with accepted academic practice. No use, distribution or reproduction is permitted which does not comply with these terms.
*Correspondence: Torben J. Andersen, tja.egb@cbs.dk