Learning from risk : facilitating organisational learning through enterprise risk management

Amien, Ishtiaq (2014-04)

Thesis (MPhil)--Stellenbosch University, 2014.

Thesis

ENGLISH ABSTRACT: Modern business environments are characterized by rapid changes and organizations that are able to survive and to thrive in such environments must be able to adapt and respond to this environmental change. Risk management is an activity that strives to continuously evaluate and deal with changes to the environment. Organisational learning is the capability of organizations to evaluate stimuli from the environment, to interpret the signals and to learn. Organisational learning can thus be seen as the capability to adapt to environmental change. First the thesis considers the concepts of risk and risk management by looking at its historical development as a discipline. The concept is situated in a broader societal perspective of the risk society in which the individual is expected to carry a much greater burden of risk, where self-criticism is an inherent feature of life and risk management is essential for everyone. Current risk management practice has seen the establishment of enterprise-wide risk management as an extension of traditional risk management practice, which seeks to manage all the risks facing the organization, but also to manage it in an integrated manner. Increased regulation and policies, as a result of organizational failures such as Enron, has called for organizations to better manage risk in order to establish more resilient organizations and to protect shareholder value in an increasingly turbulent business environment. As a result we see development of enterprise risk management frameworks and standards. Most of these standards and frameworks recommend similar risk management activities, such as objective and context setting; risk assessment (risk identification, analysis and evaluation); risk treatment or response determination; and risk communication, monitoring and reporting. Next the thesis considers some of the defining features of organizational learning, such as the differences between organizational learning and learning organizations, the individual and organizational perspective on learning, and the role of the individual in organizational learning. Selected organizational learning models are described that focus on scanning, interpreting and learning, and the aspects that have an impact on organizational learning, including organizational memory and mental models, organizational culture, uncertainty and ambiguity, single and double loop learning, and tacit and explicit knowledge. Lastly the thesis identifies points of convergence in theory and practice between enterprise risk management and organizational learning. It is shown that principles and processes governing enterprise risk management activities and techniques can be utilized as management activities to formalise and support organizational learning.

AFRIKAANSE OPSOMMING: Die moderne besigheidsomgewing word deur vinnige veranderinge gekenmerk en organisasies wat in staat is om te oorleef in sulke omgewings moet noodwendig op omgewingsverandering kan reageer en aanpas. Risiko-bestuur is 'n aktiwiteit wat probeer om veranderinge in die omgewing deurlopend te monitor en daarop te reageer. Organisatoriese leer is die vermoë van organisasies om stimuli uit die omgewing te kan opmerk, evalueer en interpreteer ten einde te leer. Organisatoriese leer kan dus gesien word as die vermoë om by omgewingsverandering aan te pas. Die tesis oorweeg ten eerste die konsepte van risiko en risiko-bestuur deur na die historiese ontwikkeling van die dissipline te kyk. Die konsep word gesitueer in 'n breër samelewingsperspektief, naamlik die risiko samelewing wat gekenmerk word deur 'n groter risiko las vir individue, waar self-kritiek 'n inherente kenmerk van die lewe is en risikobestuur vir almal relevant word. Huidige risiko-bestuurspraktyk sluit die vestiging van ondernemingswye risiko-bestuur as 'n verlengde van tradisionele risiko-bestuur, wat poog om alle risikos waaraan 'n onderneming blootgestel is op 'n geïntegreerde manier te bestuur. Toenemende regulasie en strenger beleid, as 'n gevolg van organisatoriese skandale soos Enron, vra van organisasies om risiko beter te bestuur en sodoende meer volhoubare organisasies te bewerkstelling en aandeelhouers se waarde te beskerm in turbulente besigheidsomgewings. Die resultaat was die ontwikkeling van ondernemingsrisiko-bestuur raamwerke en standaarde. Die meeste van hierdie raamwerke en standaarde stel soortgelyke risiko-bestuursaktiwiteite voor, soos doel- en kontekstelling, risiko identifikasie, -analise, en –evaluasie, risiko behandeling of responsbepaling, en risiko kommunikasie, -monitering, en –verslagdoening. Die tesis oorweeg van die uitstaande kenmerke van organisatoriese leer, soos die verskil tussen organisatoriese leer en die lerende organisasie, die individuele en organisatoriese perspektiewe op leer, en die rol van die individu in organisatoriese leer. Geselekteerde organisatoriese leer modelle word beskryf wat fokus op skandering, interpretasie en leer, en die aspekte wat impak het op organisatoriese leer, insluitend organisatoriese geheue en wêreldbeelde, organisasie kultuur, onsekerheid en dubbelsinnigheid, enkel- en dubbellusleer , en versweë en eksplisiete kennis. Laastens word sameloopspunte in die teorie en praktyk tussen ondernemingsrisiko-bestuur en organisatoriese leer geïdentifiseer. Daar word getoon hoe beginsels en prosesse wat ondernemingsrisiko-bestuur se aktiwiteite en tegnieke onderlê, ook gebruik kan word as bestuurspraktyke om organisatoriese leer te formaliseer en te ondersteun.

Please refer to this item in SUNScholar by using the following persistent URL: http://hdl.handle.net/10019.1/86517
This item appears in the following collections: