Establishing a framework for dynamic risk management in 'intelligent' aero-engine control

The behaviour of control functions in safety critical software systems is typically bounded to prevent the occurrence of known system level hazards. These bounds are typically derived through safety analyses and can be implemented through the use of necessary design features. However, the unpredictability of real world problems can result in changes in the operating context that may invalidate the behavioural bounds themselves, for example, unexpected hazardous operating contexts as a result of failures or degradation. For highly complex problems it may be infeasible to determine the precise desired behavioural bounds of a function that addresses or minimises risk for hazardous operation cases prior to deployment. This paper presents an overview of the safety challenges associated with such a problem and how such problems might be addressed. A self-management framework is proposed that performs on-line risk management. The features of the framework are shown in context of employing intelligent adaptive controllers operating within complex and highly dynamic problem domains such as Gas-Turbine Aero Engine control. Safety assurance arguments enabled by the framework necessary for certification are also outlined.

Strategic and operational risk in an international collaboration agency: a knowledge management solution

The International Cooperation Agency (identified in this article as IDEA) working in Colombia is one of the most important in Colombian society with programs that support gender rights, human rights, justice and peace, scholarships, aboriginal population, youth, afro descendants population, economic development in communities, and environmental development. The identified problem is based on the diversified offer of services, collaboration and social intervention which requires diverse groups of people with multiple agendas, ways to support their mandates, disciplines, and professional competences. Knowledge creation and the growth and sustainability of the organization can be in danger because of a silo culture and the resulting reduced leverage of the separate group capabilities. Organizational memory is generally formed by the tacit knowledge of the organization members, given the value of accumulated experience that this kind of social work implies. Its loss is therefore a strategic and operational risk when most problem interventions rely on direct work in the socio-economic field and living real experiences with communities. The knowledge management solution presented in this article starts first, with the identification of the people and groups concerned and the creation of a knowledge map as a means to strengthen the ties between organizational members; second, by introducing a content management system designed to support the documentation process and knowledge sharing process; and third, introducing a methodology for the adaptation of a Balanced Scorecard based on the knowledge management processes. These three main steps lead to a knowledge management “solution” that has been implemented in the organization, comprising three components: a knowledge management system, training support and promotion of cultural change.

The board of directors, executives and risk knowledge management

Enterprise Risk Management (ERM) and Knowledge Management (KM) both encompass top-down and bottom-up approaches developing and embedding risk knowledge concepts and processes in strategy, policies, risk appetite definition, the decision-making process and business processes. The capacity to transfer risk knowledge affects all stakeholders and understanding of the risk knowledge about the enterprise's value is a key requirement in order to identify protection strategies for business sustainability. There are various factors that affect this capacity for transferring and understanding. Previous work has established that there is a difference between the influence of KM variables on Risk Control and on the perceived value of ERM. Communication among groups appears as a significant variable in improving Risk Control but only as a weak factor in improving the perceived value of ERM. However, the ERM mandate requires for its implementation a clear understanding, of risk management (RM) policies, actions and results, and the use of the integral view of RM as a governance and compliance program to support the value driven management of the organization. Furthermore, ERM implementation demands better capabilities for unification of the criteria of risk analysis, alignment of policies and protection guidelines across the organization. These capabilities can be affected by risk knowledge sharing between the RM group and the Board of Directors and other executives in the organization. This research presents an exploratory analysis of risk knowledge transfer variables used in risk management practice. A survey to risk management executives from 65 firms in various industries was undertaken and 108 answers were analyzed. Potential relationships among the variables are investigated using descriptive statistics and multivariate statistical models. The level of understanding of risk management policies and reports by the board is related to the quality of the flow of communication in the firm and perceived level of integration of the risk policy in the business processes.

Forecasting and risk analysis applied to management planning and control

The aim of this research was to improve the quantitative support to project planning and control principally through the use of more accurate forecasting for which new techniques were developed. This study arose from the observation that in most cases construction project forecasts were based on a methodology (c.1980) which relied on the DHSS cumulative cubic cost model and network based risk analysis (PERT). The former of these, in particular, imposes severe limitations which this study overcomes. Three areas of study were identified, namely growth curve forecasting, risk analysis and the interface of these quantitative techniques with project management. These fields have been used as a basis for the research programme. In order to give a sound basis for the research, industrial support was sought. This resulted in both the acquisition of cost profiles for a large number of projects and the opportunity to validate practical implementation. The outcome of this research project was deemed successful both in theory and practice. The new forecasting theory was shown to give major reductions in projection errors. The integration of the new predictive and risk analysis technologies with management principles, allowed the development of a viable software management aid which fills an acknowledged gap in current technology.

The knowledge-based perspective of risk management in healthcare organisations

The aim of this research is to investigate how risk management in a healthcare organisation can be supported by knowledge management. The subject of research is the development and management of existing logs called "risk registers", through specific risk management processes employed in a N.H.S. (Foundation) Trust in England, in the U.K. Existing literature on organisational risk management stresses the importance of knowledge for the effective implementation of risk management programmes, claiming that knowledge used to perceive risk is biased by the beliefs of individuals and groups involved in risk management and therefore is considered incomplete. Further, literature on organisational knowledge management presents several definitions and categorisations of knowledge and approaches for knowledge manipulation in the organisational context as a whole. However, there is no specific approach regarding "how to deal" with knowledge in the course of organisational risk management. The research is based on a single case study, on a N.H.S. (Foundation) Trust, is influenced by principles of interpretivism and the frame of mind of Soft Systems Methodology (S.S.M.) to investigate the management of risk registers, from the viewpoint of people involved in the situation. Data revealed that knowledge about risks and about the existing risk management policy and procedures is situated in several locations in the Trust and is neither consolidated nor present where and when required. This study proposes a framework that identifies required knowledge for each of the risk management processes and outlines methods for conversion of this knowledge, based on the SECI knowledge conversion model, and activities to facilitate knowledge conversion so that knowledge is effectively used for the development of risk registers and the monitoring of risks throughout the whole Trust under study. This study has theoretical impact in the management science literature as it addresses the issue of incomplete knowledge raised in the risk management literature using concepts of the knowledge management literature, such as the knowledge conversion model. In essence, the combination of required risk and risk management related knowledge with the required type of communication for risk management creates the proposed methods for the support of each risk management process for the risk registers. Further, the indication of the importance of knowledge in risk management and the presentation of a framework that consolidates knowledge required for the risk management processes and proposes way(s) for the communication of this knowledge within a healthcare organisation have practical impact in the management of healthcare organisations.

The evolution and design of safety management systems

Research in safety management has been inhibited by lack of consensus as to the definitions of the terms with which it is concerned and, in general, the lack of an agreed theoretical framework within which to collate and contrast empirical findings. This thesis sets out definitions of key terms (hazard, risk, accident, incident and safety) and provides a theoretical framework. This framework has been informed by many sources but especially the Management Oversight and Risk Tree (MORT), cybernetics and the Viable System Model (VSM). Fieldwork designs are proposed for the empirical development of an analytical framework and its use to assist study of the development of safety management in organisations.

The effects of perceived business uncertainty, external consultants and risk management on organisational outcomes

Purpose: The purpose of this paper is to investigate the relations between perceived business uncertainty (PBU), use of external risk management (RM) consultants, formalisation of RM, magnitude of RM methods and perceived organisational outcomes. Design/methodology/approach: This paper is based on a questionnaire survey of members of the Chartered Institute of Management Accountants in the UK. Using AMOS 17.0, the paper tests the strength of the direct and indirect effects among the variables and explores the fit of the overall path model. Findings: The results indicate significant and positive associations exist between the extent of PBU and the level ofRMformalisation, as well as between the level ofRMformalisation and the magnitude of RMmethods adopted. The use of externalRMconsultants is also found to have a significant and positive impact on the magnitude of RM methods adopted. Finally, both the extent of RM formalisation and the magnitude of RM methods adopted are seen to be significantly associated with overall improvement in organisational outcomes. Research limitations/implications: The study uses perceptual measures of the level of business uncertainty, usage of RM and organisational outcomes. Further, the respondents are members of a management accounting professional body and the views of other managers, such as risk managers, who are also important to the governance process are not incorporated. Originality/value: This study provides empirical evidence on the impact ofRMdesign and usage on improvements in organisational outcomes. It contributes to the RM literature where empirical research is needed in order to be comparable with the traditional management control system literature.

"Ignorance was bliss, now I'm ignorant and that is far more difficult":transdisciplinary learning and reflexivity in responsible management education

Purpose – The collapse of world economic systems brought the interconnectedness between business and global events sharply into focus. As Starkey points out: “leading business schools need to overcome their fascination with a particular form of finance and economics […] to broaden their intellectual horizons […] (and to) look at the lessons of history and other disciplines”. The purpose of this paper is to provide evidence from three years of research on the Aston MBA suggesting that an emphasis on developing capabilities within a far broader, connected and reflexive business curriculum is what business students and practitioners now recognise as an essential way forward for responsible management education. Design/methodology/approach – This research paper examines the reflective accounts of 300 MBA students undertaking a transdisciplinary Business Ethics, Responsibility and Sustainability core module. Findings – As Klein argues, transdisciplinarity is simultaneously an attitude and a form of action. The student reflections provide powerful discourses of individual learning and report a range of outcomes from finding “the vocabulary or the confidence” to raise issues to acting as “change agents” in the workplace. Originality/value – As responsibility and sustainability requires learners, researchers and educators to engage with real world complexity, uncertainty and risk, conventional disciplinary study, especially within business, often proves inadequate and partial. This paper demonstrates that creative and exploratory frames need to be developed to facilitate the development of more connected knowledge – informed by multiple stakeholders, able to contribute heterogeneous skills, perspectives and expertise.

Risk management in enterprise resource planning implementation:a new risk assessment framework

Enterprise resource planning (ERP) projects are risky. But if they are implemented appropriately, they can provide competitive advantage to organisations. Therefore, ERP implementation has become one of the most critical aspects of today's information management research. The main purpose of this article is to describe a new ERP risk assessment framework (RAF) that can be used to increase the success of ERP implementation. In this article, through a case study based in a leading UK-based energy service provider, we demonstrate the new RAF, which has been shown to help identify and mitigate risks in ERP implementation. In contrast to other research, this RAF identifies risks hierarchically in external engagement, programme management, work stream and work package levels across technical, schedule, operational, business and organisational categories. This not only helped to develop responses to mitigate risks but also facilitates on-going risk control.

Project risk management using multiple criteria decision-making technique and decision tree analysis:a case study of Indian oil refinery

This study proposes an integrated analytical framework for effective management of project risks using combined multiple criteria decision-making technique and decision tree analysis. First, a conceptual risk management model was developed through thorough literature review. The model was then applied through action research on a petroleum oil refinery construction project in the Central part of India in order to demonstrate its effectiveness. Oil refinery construction projects are risky because of technical complexity, resource unavailability, involvement of many stakeholders and strict environmental requirements. Although project risk management has been researched extensively, practical and easily adoptable framework is missing. In the proposed framework, risks are identified using cause and effect diagram, analysed using the analytic hierarchy process and responses are developed using the risk map. Additionally, decision tree analysis allows modelling various options for risk response development and optimises selection of risk mitigating strategy. The proposed risk management framework could be easily adopted and applied in any project and integrated with other project management knowledge areas.

A contingency theory perspective on the risk management control system within Birmingham City Council

In recent years the topic of risk management has moved up the agenda of both government and industry, and private sector initiatives to improve risk and internal control systems have been mirrored by similar promptings for change in the public sector. Both regulators and practitioners now view risk management as an integral part of the process of corporate governance, and an aid to the achievement of strategic objectives. The paper uses case study material on the risk management control system at Birmingham City Council to extend existing theory by developing a contingency theory for the public sector. The case demonstrates that whilst the structure of the control system fits a generic model, the operational details indicate that controls are contingent upon three core variables—central government policies, information and communication technology and organisational size. All three contingent variables are suitable for testing the theory across the broader public sector arena.

Decision support for lifecycle planning and risk management of small-scale biomass combined heat and power (bCHP) projects in the UK

Biomass is projected to account for approximately half of the new energy production required to achieve the 2020 primary energy target in the UK. Combined heat and power (CHP) bioenergy systems are not only a highly efficient method of energy conversion, at smaller-scales a significant proportion of the heat produced can be effectively utilised for hot water, space heating or industrial heating purposes. However, there are many barriers to project development and this has greatly inhibited deployment in the UK. Project viability is highly subjective to changes in policy, regulation, the finance market and the low cost incumbent; a high carbon centralised energy system. Unidentified or unmitigated barriers occurring during the project lifecycle may not only negatively impact on the project but could ultimately lead to project failure. The research develops a decision support system (DSS) for small-scale (500 kWe to 10 MWe) biomass combustion CHP project development and risk management in the early stages of a potential project’s lifecycle. By supporting developers in the early stages of project development with financial, scheduling and risk management analysis, the research aims to reduce the barriers identified and streamline decision-making. A fuzzy methodology is also applied throughout the developed DSS to support developers in handling the uncertain or approximate information often held at the early stages of the project lifecycle. The DSS is applied to a case study of a recently failed (2011) small-scale biomass CHP project to demonstrate its applicability and benefits. The application highlights that the proposed development within the case study was not viable. Moreover, further analysis of the possible barriers with the DSS confirmed that some possible modifications to be project could have improved this, such as a possible change of feedstock to a waste or residue, addressing the unnecessary land lease cost or by increasing heat utilisation onsite. This analysis is further supported by a practitioner evaluation survey that confirms the research contribution and objectives are achieved.

Knowledge management and risk management

This article takes the perspective that risk knowledge and the activities related to RM practice can benefit from the implementation of KM processes and systems, to produce a better enterprise wide implementation of risk management. Both in the information systems discipline and elsewhere, there has been a trend towards greater integration and consolidation in the management of organizations. Some examples of this are: Enterprise Resource Planning (Stevens, 2003), Enterprise Architecture (Zachmann, 1996) and Enterprise Content Management (Smith & McKeen, 2003). Similarly, risk management is evolving into Enterprise Risk Management. KM’s importance in breaking down silos within an organization can help it to do so.

Before and after modelling:risk knowledge management is required

Risk and knowledge are two concepts and components of business management which have so far been studied almost independently. This is especially true where risk management is conceived mainly in financial terms, as, for example, in the banking sector. The banking sector has sophisticated methodologies for managing risk, such as mathematical risk modeling. However. the methodologies for analyzing risk do not explicitly include knowledge management for risk knowledge creation and risk knowledge transfer. Banks are affected by internal and external changes with the consequent accommodation to new business models new regulations and the competition of big players around the world. Thus, banks have different levels of risk appetite and policies in risk management. This paper takes into consideration that business models are changing and that management is looking across the organization to identify the influence of strategic planning, information systems theory, risk management and knowledge management. These disciplines can handle the risks affecting banking that arise from different areas, but only if they work together. This creates a need to view them in an integrated way. This article sees enterprise risk management as a specific application of knowledge in order to control deviation from strategic objectives, shareholders' values and stakeholders' relationships. Before and after a modeling process it necessary to find insights into how the application of knowledge management processes can improve the understanding of risk and the implementation of enterprise risk management. The article presents a propose methodology to contribute to providing a guide for developing risk modeling knowledge and a reduction of knowledge silos, in order to improve the quality and quantity of solutions related to risk inquiries across the organization.