Abstract
While risk management has been of fundamental interest to researchers and practitioners alike during the last decade, its limitations in today’s dynamically changing business environment become more and more obvious. A growing body of literature encourages and supports a clear differentiation between risk management and risk governance. Our contribution addresses the definition of risk governance from a general perspective. We do not intend to focus on a specific industry like financial institutions, but rather develop a more generic approach. By establishing the added benefits of a risk governance approach vis-a-vis corporate governance and risk management, we will develop a theoretical foundation covering a conceptual understanding and implicating major tasks. Risk governance bridges corporate governance and risk management and is fully aligned with the objective of long-term value optimization of companies. We will conclude by sketching out the risk governance research agenda ahead.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Aebi V, Sabato G, Schmid M (2012) Risk management, corporate governance, and bank performance in the financial crisis. J Bank Finance 36:3213–3226
Aguilera RV, Cuervor-Cazurra A (2009) Codes of good governance. Corp Gov Int Rev 17:376–387
Ahl V, Allen TFH (1996) Hierarchy theory: a vision, vocabulary, and epistemology. Columbia University Press, New York
Ahrne G, Brunsson N (2004) Soft regulation from an organizational perspective. In: Mörth U (ed) Soft law in governance and regulation. Edgar Elgar, Cheltenham, pp 171–190
Alces KA, Galle BD (2012) The false promise of risk-reducing incentive pay: evidence from executive pensions and deferred compensation. J Corp Law 38:53–100
Ammarapala V, Luxhøj JT (2007) A collaborative multi-criteria decision making technique für risk factor prioritization. J Risk Res 10:465–485
Anand P (1993) Foundations of rational choice under risk. Oxford University Press, Oxford
Andersen RC (2004) Risk management and corporate governance. https://www.oecd.org/corporate/ca/corporategovernanceprinciples/42670210.pdf. Accessed 24 Sept 2015
Anderson G, Goldberg L, Kercheval AN, Miller G, Sorge K (2005) On the aggregation of local risk models for global risk management. J Risk 8:25–40
Ansoff HI (1975) Managing strategic surprise by response to weak signals. Calif Manag Rev 18:21–33
Ashby WR (1956) An introduction to cybernetics. Chapman Hall, London
Austrian Standards (2014) ONR 49000. Risk management for organizations and systems – Terms and basics – Implementation of ISO 31000. https://shop.austrian-standards.at/Preview.action?preview=&dokkey=514131&selectedLocale=en, 01.01.2014. Accessed 24 Sept 2015
Aven T (2011) On risk governance deficits. Saf Sci 49:912–919
Ball DJ, Golob L (1999) Diverse conceptions of risk prioritization. J Risk Res 2:243–261
Barney JB (1991) Firm resources and sustained competitive advantage. J Manag 17:99–120
Barreto I (2009) Dynamic capabilities: a review of past research and an agenda for the future. J Manag 36:256–280
Barrieu P, Scandolo G (2015) Assessing financial model risk. Eur J Oper Res 242:546–556
Battaglia F, Gallo A (2015) Risk governance and Asian bank performance: an empirical investigation over the financial crisis. Emerg Mark Rev 25:53–68
Baumgartner D (2013) Risk adjusted performance management: an overview. J Perform Manag 25:3–15
Beasley MS, Branson BC, Hancock BV (2010) Developing key risk indiators to strengthen enterprise risk management. COSO, Durham
Beschorner T, Hajduk T (2015) Der ehrbare Kaufmann und Creating Shared Value. Eine Kritik im Lichte der aktuellen CSR-Diskussion. In: Schneider A, Schmidpeter R (eds) Corporate social responsibility. Verantwortungsvolle Unternehmensführung in Theorie und Praxis, 2nd edn. Springer, Berlin, Heidelberg, pp 269–280
Boholm Å, Corvellec H, Karlsson M (2012) The practice of risk governance: lessons from the field. J Risk Res 15:1–20
Bourgeois LJ (1981) On the measurement of organizational slack. Acad Manag Rev 6:29–39
Branson DM (2003) Enron—when all systems fail: creative destruction or roadmap to corporate governance reform? Villanova Law Rev 48:989–1021
Bromiley P, McShane M, Nair A, Rustambekov E (2015) Enterprise risk management: review, critique, and research directions. Long Range Plan 48:265–276
Brooks M (2006) Know your enemy. Financ Manag 84:55–56
Buehler K, Freeman A, Hulme R (2008) The new arsenal of risk management. Harvard Bus Rev 86:92–100
Callaly T, Arya D, Minas H (2005) Quality, risk management and governance in mental health: an overview. Aust Psychiatry 13:16–22
Chen C-A, Bozeman B (2012) Organizational risk aversion: comparing the public and non-profit sectors. Public Manag Rev 14:377–402
Clarke T, Branson D (2012) The SAGE handbook of corporate governance. SAGE, Thousand Oaks
Cohen MS (2015) Governance as the driver of culture change and risk management. J Risk Manag Financ Inst 8:347–357
Cohen J, Krishnamoorthy G, Wright AM (2002) Corporate governance and the audit process. Contemp Account Res 19:573–594
Cole CR, He E, McCullough KA, Sommer DW (2011) Separation of ownership and management: implications for risk-taking behavior. Risk Manag Insur Rev 14:49–71
Commission on Global Governance (1995) Our global neighbourhood. The report of the Commission on Global Governance. Oxford University Press, Oxford
COSO (Committee of Sponsoring Organizations of the Treadway Commission) (2004) Enterprise risk management – Integrated framework. http://www.coso.org/documents/COSO_ERM_ExecutiveSummary.pdf, September 2004. Accessed 24 Sept 2015
Cyert RM, March JG (1963) A behavioral theory of the firm. Prentice Hall, Englewood Cliffs
Davis S, Lukomnik J (2012) Governance & oversight in the era of complexity. Compliance Week 9:48–49
Davis KE, Fisher A, Kingsbury B, Merry SE (eds) (2012) Governance by indicators. Global power through classification and rankings. Oxford University Press, Oxford
De Marchi B (2003) Public participation and risk governance. Sci Public Policy 30:171–176
Dembo RS (1991) Scenario optimization. Ann Oper Res 30:63–80
Derman E (1996) Model risk. Goldman Sachs quantitative strategies research notes. http://www.emanuelderman.com/media/gs-model_risk.pdf. Accessed 24 Sept 2015
Deutsche Bank AG (2011) Deutsche Bank schafft internationals Zentrum für Risikomanagement in Berlin [Deutsche Bank establishs international center for risk management in Berlin]. https://www.deutsche-bank.de/medien/de/content/presse_informationen_2011_3431.htm, 31.01.2011. Accessed 24 Sept 2015
Dimick DE, Murray VV (1978) Correlates of substantive policy decisions in organizations. The case of human resource management. Acad Manag J 21:611–623
Dossani A, Jo H (2010) Corporate governance and the fall of Enron. Rev Bus Res 10:13–24
Doz Y, Kosonen M (2010) Embedding strategic agility: a leadership agenda for accelerating business model renewal. Long Range Plan 43:370–382
Egoavil M (2003) The intersection of corporate governance and operational risk. Bank Account Finance 16:43–48
Eisenhardt KM, Martin JA (2000) Dynamic capabilities: what are they? Strateg Manag J 21:1105–1121
Falkner EM, Hiebl MRW (2015) Risk management in SMEs: a systematic review of available evidence. J Risk Finance 16:122–144
Fama E, Jensen M (1983) Separation of ownership and control. J Law Econ 26:301–325
Fauver L, Fuerst ME (2006) Does good corporate governance include employee representation? Evidence from German corporate boards. J Financ Econ 82:673–710
Feldman DC (1984) The development and enforcement of group norms. Acad Manag Rev 9:47–55
Fink D (2013) Project risk governance. Managing uncertainty and creating organisational value. Gower, Farnham, Burlington
Florin M-V (2013) IRGC’s approach to emerging risks. J Risk Res 16:315–322
Ford R (2008) Complex adaptive systems and improvisation theory: toward framing a model to enable continuous change. J Change Manag 8:173–198
Froot KA, Scharfstein DS, Stein JC (1993) Risk management: coordinating corporate investment and financing policies. J Finance 48:1629–1658
GAO (United States Government Accountability Office) (2014) Challenges and options for responding to new and emerging risks. GAO Rep 14(10):2014
GAO (United States Government Accountability Office) (2015) Lessons learned and a framework for monitoring emerging risks and regulatory response. GAO Rep 25(06):2015
Gao SS, Sung MC, Zhang J (2013) Risk management capability building in SMEs: a social capital perspective. Int Small Bus J 31:677–700
Gibbons R, Kaplan RS (2015) Formal measures in informal management: can a balanced scorecard change a culture? Am Econ Rev 105:447–451
Glasserman P, Xu X (2014) Robust risk measurement and model risk. Quant Finance 14:29–58
Goodwin P, Wright G (2014) Decision analysis for management judgment, 5th edn. Wiley, Chichester
Gorden WI, Anderson CM, Bruning SD (1992) Employee perceptions of corporate partnership: an affective-moral quid pro quo. Empl Responsib Rights J 5:75–85
Gordon LA, Loeb MP, Tseng CY (2009) Enterprise risk management and firm performance: a contingency perspective. J Account Public Policy 28:301–327
Gormley TA, Matsa DA (2011) Growing out of trouble? Corporate responses to liability risk. Rev Financ Stud 24:2781–2821
Grimm V, Railsback SF (2005) Individual-based modeling and ecology. Princeton University Press, Princeton
Gupta PR (2015) The next frontier for boards: oversight of risk culture. Gov Dir 67:497–501
Hackman JR (1976) Group influences on individuals. In: Dunnette M (ed) Handbook of industrial and organizational psychology. Rand McNally, Chicago, pp 1455–1525
Hagner M, Helbing D (2013) Technologiegetriebene Gesellschaft oder sozial orientierte Technologie? Ein Gespräch. In: Edition Unseld (ed) Big data. Das neue Versprechen der Allwissenheit. Suhrkamp, Berlin, pp 238–272
Hakes C (2007) The EFQM excellence model to assess organizational performance—a management guide. Van Haren, Zaltbommel
Hardy C, Maguire S (2016) Organizing risk: discourse, power, and “riskification”. Acad Manag Rev 41:80–108
Hermann M, Pentek T, Otto B (2015) Design principles for Industrie 4.0 scenarios: A literature review. Technische Universität Dortmund Working Paper No. 01/2015
Hull JC (2015) Risk management and financial institutions, 4th edn. Wiley, Hoboken
Hurst DK (1995) Crisis & renewal. Meeting the challenge of organizational change. Harvard Business School Press, Boston
Hutchinson M, Seamer M, Chapple L (2015) Institutional investors, risk/performance and corporate governance. Int J Account 50:31–52
Ingram D, Underwood A, Thompson M (2014) Risk culture, neoclassical economics, and enterprise risk management. http://www.prmia.org/sites/default/files/references/iRisk_Dec2014.pdf. Accessed 24 Sept 2015
IRGC (International Risk Governance Council) (2009) Risk governance deficits: an analysis and illustration of most common deficits in risk governance. Report. IRGC, Geneva
IRGC (International Risk Governance Council) (2012) An introduction to the IRGC risk governance framework, Lausanne: IRGC. http://www.irgc.org/wp-content/uploads/2015/04/An_introduction_to_the_IRGC_Risk_Governance_Framework_final_v2012.pdf. Accessed 24 Sept 2015
IRGC (International Risk Governance Council) (2015) What is risk governance? http://www.irgc.org/risk-governance/what-is-risk-governance/. Accessed 24 Sept 2015
ISO (International Organization for Standardization) (2009) ISO 31000:2009. Risk management – Principles and guidelines. http://www.iso.org/iso/catalogue_detail?csnumber=43170. Accessed 24 Sept 2015
Jarrow RA, van Deventer DR (2015) Simulating and validating a multi-factor Heath, Jarrow and Morton model with negative interest rates. J Risk Manag Financ Inst 8:332–346
Jensen MC, Meckling WH (1976) Theory of the firm: managerial behavior, agency costs and ownership structure. J Financ Econ 3:305–360
Johnston M, Dixon D, Hart J, Glidewell L, Schröder C, Pollard B (2014) Discriminant content validity: a quantitative methodology for assessing content of theory-based measures, with illustrative applications. Br J Health Psychol 19:240–257
Jorion P (2007) Value at risk. The new benchmark for managing financial risk, 3rd edn. McGraw-Hill, New York
Kirkpatrick G (2009) The corporate governance lessons from the financial crisis. OECD J Financ Mark Trends 2009:61–87
Kitchin R (2014) Big data, new epistemologies and paradigm shifts. Big Data Soc 1:1–12
Kluckhohn FR, Strodtbeck FL (1961) Variations in value orientation. Row, Peterson and Company, Evanston, Elmsford
Kobi J-M (2012) Personalrisikomanagement. Strategien zur Steigerung des People Value, 3rd edn. Springer Gabler, Wiesbaden
Kooiman J (2003) Governing as governance. SAGE, Thousand Oaks
Lintner J (1965) The valuation of risk assets and the selection of risky investments in stock portfolios and capital budgets. Rev Econ Stat 47:13–37
LSE (London Stock Exchange) (1999) Principles of good governance and the code of best practice. Major extracts from the London Stock Exchange report. Corp Gov Int Rev 7:207–208
Lundquist SA (2015) Why firms implement risk governance—stepping beyond traditional risk management to enterprise risk management. J Account Public Policy 34:441–466
Mackay R, Moeller SB (2007) The value of corporate risk management. J Finance 62:1379–1419
Mars G (1996) Human factor failure and the comparative structure of jobs: the implications for risk management. J Manag Psychol 11:4–11
Merna T, Al-Thani FF (2008) Corporate risk management, 2nd edn. Wiley, Chichester
Miller KD (1992) A framework for integrated risk management in international business. J Int Bus Stud 23:311–331
Miller KD (1998) Economic exposure and integrated risk management. Strateg Manag J 19:497–514
Mirela G (2012) Risk management in the context of sustainable development. Ann Univ Oradea Econ Sci Ser 21:1248–1254
Mongiardino A, Plath C (2010) Risk governance at large banks: have any lessons been learned? J Risk Manag Financ Inst 3:116–123
Monks RAG, Minow N (2011) Corporate governance, 5th edn. Wiley, Chichester
Mossin J (1966) Equilibrium in a capital market. Econometrica 34:768–783
Moxter A (2003) Grundsätze ordnungsgemäßer Rechnungslegung. IDW, Düsseldorf
Nagasaka T (2006) New mode of risk governance enhanced by an e-community platform. In: Ikeda S, Fukuzono T, Sato T (eds) A better integrated management of disaster risks: Toward resilient society to emerging disaster risks in mega-cities. Tokyo, TERRAPUB, pp 89–107
Nagorniak J (1982) Risk adjusted equity performance measurement. J Finance 37:555–561
OECD (Organisation for Economic Co-operation and Development) (2004) OECD principles of corporate governance. OECD, Paris
OECD (Organisation for Economic Co-operation and Development) (2014) Risk management and corporate governance. OECD, Paris
Organ D (1988) Organizational citizenship behavior. The good soldier syndrome. Lexington Books, Lexington
Orton DJ, Weick KE (1990) Loosely coupled systems: a reconceptualization. Acad Manag Rev 15:202–223
Osterloh M, Frost J (1996) Prozessmanagement als Kernkompetenz. Gabler, Wiesbaden
Panning WH (2005) Rewards and risk. Best’s Rev 106:107
Picou A, Rubach M (2006) Does good governance matter to institutional investors? Evidence from the enactment of corporate governance guidelines. J Bus Ethics 65:55–67
Powell WW (2007) The new institutionalism. In: Clegg SR, Bailey JR (eds) The international encyclopedia of organization studies. Sage, Thousand Oaks, pp 974–979
Power M (2007) Organized uncertainty: designing a world of risk management. Oxford University Press, Oxford
Renn O (2005) Risk governance—towards an integrative approach. IRGC (International Risk Governance Council) White Paper No. 1, Geneva: IRGC
Renn O (2008) Risk governance. Coping with uncertainty in a complex world. Earthscan, London
Robu I-B, Robu M-A, Mironiuc M, Bălu FO (2014) The value relevance of financial distress risk in the case of RASDAQ companies. Account Manag Inf Syst 13:623–642
Ross SA (2004) Compensation, incentives, and the duality of risk aversion and riskiness. J Finance 59:207–225
Rossi CV (2011) Risk-adjusted performance: lessons from the financial crisis. J Struct Finance 17:28–35
Rossiter JR (2008) Content validity of measures of abstract constructs in management and organizational research. Br J Manag 19:380–388
Rothstein H, Huber M, Gaskell G (2006) A theory of risk colonization: the spiralling regulatory logics of societal and institutional risk. Econ Soc 35:91–112
Rothstein H, Borraz O, Huber M (2013) Risk and the limits of governance: exploring varied patterns of risk-based governance across Europe. Regul Gov 7:215–235
Saurabh A, Schwartz G, Hussain A (2013) In quest of benchmarking security risks to cyber-physical systems. IEEE Netw 27:19–24
Schierenbeck H, Lister L, Kirmße S (2014) Ertragsorientiertes Bankmanagement: Band 1: Messung von Rentabilität und Risiko im Bankgeschäft, 9th edn. Gabler, Wiesbaden
Schlegel GL (2015) Utilizing big data and predictive analytics to manage supply chain risks. J Bus Forecast 33:11–17
Schneider M, Valenti A (2011) A property rights analysis of newly private firms: opportunities for owners to appropriate rents and partition residual risks. Bus Ethics Q 21:445–471
Scholz C, Stein V (2015) Institutionalizing University Governance in the University of the Future. KORFU Working Paper No 18. Siegen—Saarbrücken. http://orga.uni-sb.de/korfu/wp-content/uploads/2015/04/KORFU_Arbeitspapier_18_Institutionalizing_University_Governance.pdf. Accessed 24 Sept 2015
Schuhmacher F, Eling M (2012) A decision-theoretic foundation for reward-to-risk performance measures. J Bank Finance 36:2077–2082
Schumpeter JA (1942) Capitalism, socialism and democracy. Harper & Bros, New York
Servaes H, Tamayo A, Tufano P (2009) The theory and practice of corporate risk management. J Appl Corp Finance 21:60–78
Shad MK, Fong-Woon L (2015) A conceptual framework for enterprise risk management performance measure through economic value added. Glob Bus Manag Res 7:1–11
Sharpe W (1964) Capital asset prices: a theory of market equilibrium. J Finance 19:425–442
Shleifer A, Vishny RW (1997) A survey of corporate governance. J Finance 52:737–783
Sibbertsen P, Stahl G, Luedtke C (2008) Measuring model risk. J Risk Model Valid 2:65–81
Siegrist M, Earle TC, Gutscher H (eds) (2007) Trust in cooperative risk management: uncertainty and skepticism in the public mind. London, Sterling, Earthscan
Simon P (2013) Too big to ignore—the business case for big data. Wiley, Hoboken
Skoglund J, Erdman D, Chen W (2013) A mixed approach to risk aggregation using hierarchical copulas. J Risk Manag Financ Inst 6:188–205
Smith CW, Stulz R (1985) The determinants of firms’ hedging policies. J Financ Quant Anal 20:391–405
Stein V, Klein T (2010) Organizational Slack als Dynamisierungsquelle organisationaler Kompetenzen. In: Stephan M, Kerber W (eds) Jahrbuch Strategisches Kompetenz-Management, Vol 4: „Ambidextrie“: Der unternehmerische Drahtseilakt zwischen Ressourcenexploration und -exploitation. Hampp, München, Mering, pp 59–79
Sterman JD (2000) Business dynamics: Systems thinking and modeling for a complex world. McGraw Hill, New York
Subramanian R, Kumar K, Strandholm K (2009) The relationship between market orientation and performance under different environmental conditions: the moderating effect of the top management team’s risk taking behavior. Acad Strateg Manag J 8:121–135
Teece DJ (2007) Explicating dynamic capabilities. The nature and microfoundations of (sustainable) enterprise performance. Strateg Manag J 28:1319–1350
The State of Queensland (Queensland Treasury) (2011) A guide to risk management. https://www.treasury.qld.gov.au/publications-resources/risk-management-guide/guide-to-risk-management.pdf. Accessed 24 Sept 2015
Tirole J (2001) Corporate goverance. Econometrica 69:1–35
Treasury Board of Canada (2012) Guide to integrated risk management. http://www.tbs-sct.gc.ca/tbs-sct/rm-gr/guides/girm-ggirtb-eng.asp. Accessed 24 Sept 2015
Turnbull S (1997) Corporate governance: its scope, concerns and theories. Corp Gov 5:180–205
Valentinov V (2012) System-environment relations in the theories of open and autopoietic systems: implications for critical systems thinking. Syst Pract Action Res 25:537–542
van Asselt MBA, Renn O (2011) Risk governance. J Risk Res 14:431–449
Vermeulen F (2005) On rigor and relevance: fostering dialectic progress in management research. Acad Manag J 48:978–982
Völker L (2010) Risk Governance für Genossenschaftsbanken. Arbeitspapier Nr. 100 des Instituts für Genossenschaftswesen der Westfälischen Wilhelms-Universität Münster
Wang CL, Ahmed PK (2007) Dynamic capabilities. A review and research agenda. Int J Manag Rev 9:31–51
Williams C (2006) Leadership accountability in a globalizing world. Palgrave Macmillan, London
Williams JC (2015) Macroprudential policy in a microprudential world. http://www.frbsf.org/economic-research/publications/economic-letter/2015/june/macroprudential-policy-in-a-microprudential-world/. Accessed 24 Sept 2015
Williamson OE (1996) The mechanisms of governance. Oxford University Press, New York, Oxford
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Stein, V., Wiedemann, A. Risk governance: conceptualization, tasks, and research agenda. J Bus Econ 86, 813–836 (2016). https://doi.org/10.1007/s11573-016-0826-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11573-016-0826-4