Next Article in Journal
Relations among Bitcoin Futures, Bitcoin Spot, Investor Attention, and Sentiment
Previous Article in Journal
A Global Analysis of the COVID-19 Pandemic and Capital Structure in the Consumer Goods Sector
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
JRFM
Volume 16
Issue 11
10.3390/jrfm16110473
jrfm-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Triangulating Risk Profile and Risk Assessment: A Case Study of Implementing Enterprise Risk Management System

by
Abol Jalilvand
1,* and
Sidharth Moorthy
2
1
The Quinlan School of Business, Loyola University Chicago, 16 E. Pearson, Chicago, IL 60611, USA
2
Morgan Stanley, Mumbai 400013, India
*
Author to whom correspondence should be addressed.
J. Risk Financial Manag. 2023, 16(11), 473; https://doi.org/10.3390/jrfm16110473
Submission received: 15 September 2023 / Revised: 18 October 2023 / Accepted: 27 October 2023 / Published: 3 November 2023
(This article belongs to the Special Issue Organizational Risk Management)
Versions Notes

Abstract

:
Establishing an enterprise risk management (ERM) system is widely viewed as providing firms with the tools and processes needed to build resilience and expertise, enabling them to manage the consequences of crises that have led to the collapse of major firms across different industries globally. Intended for use in advanced accounting, auditing, and finance courses, this case study (of a true event) describes the development and implementation of an ERM system for a U.S. multinational nonprofit firm during the 2015–2021 period. The case study’s main learning objectives are several-fold. First, couched within the recent economic environment, it informs students on some of the more important academic and applied research on corporate risk management. Second, students will learn to analyze the content of a questionnaire designed to capture the integrated effects of the firm’s risk culture, risk structure, risk governance, and control for establishing its risk profile. Third, they will learn to create and apply multi-dimensional risk indices to measure and prioritize the firm’s risk exposures. Finally, the last learning outcome focuses on strategies to triangulate the firm’s overall risk profile and risk prioritization results to construct mitigation strategies that build resilience and create value through risk diversification, information signaling, the exploitation of natural hedges, and enhancing the board’s governing efficiency. The nonprofit nature of the firm in this case study introduces no methodological or conceptual constraints or limitations in applying the proposed risk management methodologies to for-profit or publicly traded firms.

1. Introduction

Beyond the disruptions from the 2007–2008 financial crisis and the recent COVID-19 pandemic, we continue to witness the demise of major firms across different industries resulting from known and unknown economic, social, and geopolitical risks. Recent evidence includes the collapse of the Silicon Valley Bank, the second largest bank failure in U.S. history after that of Washington Mutual in 2008, the failure of Bed Bath & Beyond, the fall of the Sears Holding Corp, and the acquisition of Credit Suisse by the Swiss investment bank UBS Group AG.1 In response, unprecedented levels of fiscal and monetary interventions have been introduced to protect the global economy from a total collapse. For example, in response to the economic challenges resulting from the recent pandemic, the U.S. Treasury was responsible for administering over USD 1 trillion in American Rescue Plan programs and tax credits to the industry and consumers during the 2020–2021 period. In tandem, the Federal Reserve aggressively maintained a near-zero interest rate policy, providing sustained liquidity for supporting economic activities. Similar arrays of monetary and fiscal policies were also implemented by other countries worldwide. While corporate risk management has been a popular topic in the academic and professional literature, the dynamics of the relationship between a firm’s risk profile and metrics to measure its overall risk exposure have received much less attention. There is a need for developing systematic approaches that triangulate such qualitative and quantitative characteristics, aiming to construct mitigation strategies that build resilience and create value through risk diversification, information signaling, the exploitation of natural hedges, and enhancing the board’s governing efficiency.
Based on an actual event, we provide a clinical case study to address this gap in the literature through the development, implementation, and post-implementation review of establishing an enterprise risk management (ERM) system for a U.S. multinational nonprofit firm during the 2015–2021 period. Despite this paper’s focus on a nonprofit firm, the proposed methodologies introduced in this case study are fully generalizable and scalable to any privately held or publicly traded firms. The firm is anonymized to protect the scope and scale of its operations, and its employees. The case study is designed to equip students in advanced accounting, auditing, and finance courses with the knowledge and tools to prioritize a firm’s risks and establish mitigation strategies, with their performance being reviewed post-ERM implementation. The key case-study learning objectives are listed below.
Couched within the recent economic environment, it informs students on some of the more important academic and applied research on corporate risk management.
Students will learn to analyze the content of a questionnaire designed to capture the integrated effects of the firm’s risk culture, risk structure, risk governance, and control for establishing its risk profile. In this sense, students understand that risk interactions and aggregations are key components of establishing an effective risk management system.
Students will learn to create and apply multi-dimensional risk indices to measure and prioritize the firm’s risk exposures. These indices cover a wider range of relevant risk parameters, including the difference between inherent and residual risks and the dispersion in cognitive perception of different risk exposures within the firm.
Finally, the last learning outcome focuses on strategies to triangulate the firm’s risk profile and risk prioritization results to construct mitigation strategies that build resilience and create value for the firm.
Despite its educational focus, the case study also contributes to the existing literature by advancing powerful statistical approaches for analyzing the dynamics of qualitatively based questionnaire data. Specifically, as discussed in more detail in Section 4, these techniques are applied to measure the convergence and implied informational content of different sets of questions in the questionnaire.
In the balance of the paper, Section 2 provides an overview of the studied firm’s operations and financial performance and the evolution of its risks in recent years. The literature on the institutional development and valuation implication of enterprise risk management (ERM) is provided in Section 3. Sample selection and the development of the questionnaire are discussed in Section 4. Methodologies to analyze the questionnaire data are explained in Section 5. Information on the observed drivers of risks and their influence in developing established mitigation strategies are provided in Section 6. Finally, the conclusion and the case requirements are detailed, respectively in Section 7 and Section 8. Detailed instructor’s notes are discussed in Appendix A.

2. Background on the Firm

The firm is a U.S. multinational nonprofit established in 1990 focused on developing and delivering educational, training, and student exchange programs for the public and private sectors in Asia, the Middle East, and North Africa, collectively serving over 100 countries. The firm’s total full-time and part-time staff comprise over 5000 people, distributed over 200 field offices throughout the world. With an annual revenue of USD 500 million in 2015, the firm has been consistently increasing its impact and revenue sources globally. Government and non-government grants, tuition fees, program administration fees, fundraising, and investment income have traditionally been the primary sources of revenue. The period from 2015 through 2017 highlighted the growing impact of different risks that diminished profitability and market share. As shown in Table 1, overall, government grants (accounting for approximately 60% of annual revenues), tuition income, and administrative fees were sharply reduced by approximately 12% during the 2015–2017 period. More broadly, the total revenue declined by 11.74% in the same period. Currency volatility increased the FX risk and the inability to maintain adequate levels of liquidity constrained operational efficiency. Restrained regulatory environment, enhanced visa restrictions, supply chain bottlenecks, and other geopolitical developments in the U.S. and abroad put further pressure on financial performance. Student-related data and other types of proprietary information were breached. As a result, overall activities were sharply reduced, destroying the firm’s net surplus by approximately 25.29% for 2015–2017. The need to establish a more formal approach to managing the firm’s exposures was emphasized by its board of directors in 2017.

3. ERM Literature Review

In early 2000, a coordinated regulatory and institutional effort in the U.S and Canada (Committee of Sponsoring Organizations of the Treadway Commission (COSO), the Toronto Stock Exchange Dey Report, the Risk Management and Insurance Society, and several global rating agencies, including Moody’s and Standard & Poor’s) introduced processes and metrics to increase the maturity of ERM systems.2
Academically, beginning with Miller and Modigliani (1958)’s classic article in 1958, there has existed an extensive literature in corporate finance that assumes a perfect market environment in which to analyze firm behavior. One logical conclusion of these perfect market analyses is that a firm’s debt-to-equity decision and, by implication, its risk management decision, is irrelevant and has no impact on firm value. While this “perfect market” analysis provides useful insights into the behavior of corporations, it has the disturbing feature of denying, by assumption, many of the features (“imperfections”) of financial and economic activity that give rise to corporations in the first place.
When perfect market assumptions are relaxed, different types of analytical and economic issues arise. The existence of market imperfections, such as corporate taxes, implies that financing decisions may affect the value of the firm through the risk–return tradeoffs inherent in the use of debt versus equity capital (Miller and Modigliani 1963). The differential personal taxes on interest versus dividend income provide a different picture of the risk–return tradeoffs in the use of debt versus equity capital (Miller 1977). Bankruptcy costs, costly information, external capital costs, and agency costs yet provide a strong incentive for a firm to search for an optimal debt-to-equity position by actively managing both its systematic and unsystematic risk exposures (Kraus and Litzenberger 1973; Ross 1977; Leland and Pyle 1977; Froot et al. 1993; Jensen and Meckling 1976).
At the level of the enterprise, researchers have argued that the evaluation of risk and return at the project level does not allow for optimization at the corporate level as risk diversification and correlations are ignored. Furthermore, risk interactions and aggregation are expected to improve internal decision-making, ultimately contributing to the firm’s value through more efficient capital allocation (Nocco and Stulz 2006; Rosenburg and Schuermann 2006; McShane et al. 2011; Hoyt and Liebenberg 2011). More specifically, Lindberg and Seifert (2011) and Farrell and Gallagher (2014) find a highly significant 25% value effect for firms that are considered mature in their ERM approach. Other sources of value creation through effective risk management include lowering a firm’s overall cost of capital (Samanta et al. 2004; Hoyt and Liebenberg 2011; Shad et al. 2022), signaling the firm’s overall risk profile (Hoyt and Liebenberg 2011), optimizing executive compensation (Grace et al. 2014), enhancing risk diversification, benefiting from natural hedges, and improving governance of the enterprise’s risk (Nocco and Stulz 2006; McShane et al. 2011; Hoyt and Liebenberg 2011; Beasley et al. 2005), among others. More recently, Hristov et al. (2022) used semi-structured interviews with a total of 75 senior and middle managers from 25 different Italian companies to provide an approach to integrate enterprise risk management (ERM) and a performance management system (PMS). They find that PMS processes, built on a specific set of key risk indicators (KRIs), could enable the companies to achieve economically and environmentally sound performance. Focusing on the oil and gas industry in Malaysia, Shad et al. (2022) find that an increase in the maturity of ERM implementation reduces the cost of capital, which they argue is a possible mechanism through which ERM increases firm value. Focusing on actual cases, Harrington et al. (2002) documented the risk management program at United Grain Growers (UGG), a Canadian agricultural services company. Their study shows that the company identified and prioritized its exposure to risks including environmental liability, weather-related effects, counterparty, credit policy, and commodity prices. The mitigation strategy also included a general integrated loss and liability insurance contract offered by Swiss Re-insurance. In a different case study, Aabo et al. (2005) described the risk management program at Hydro One, a large publicly traded Canadian utility company. Hydro One adopted an integrated approach to examine its overall risks in response to deregulation, emerging competition in the energy sector, and increased scrutiny on corporate governance. Further evidence on ERM maturity was developed by Fraser and Simkins (2010) and Fraser et al. (2014).

4. Sample and Questionnaire Data

As shown in Table 2, a plan of action was developed to determine the firm’s risk profile and establish an integrated risk management system. Key elements of the plan included the selection of a sample of risk owners, administering a risk management questionnaire, prioritizing potential risks, and, finally, constructing mitigation strategies. Specifically, a group of 30 participants was selected, representing senior executives (40%) and board members (10%), with the balance of 50% representing the field managers globally.
To identify the firm’s risk profile and measure the impact of its overall risk exposure, a questionnaire was developed addressing risk culture (14 questions), risk recognition (9 questions), risk organization (8 questions), risk governance (9 questions), and risk control (10 questions), Table 3. Both verbal and coded responses, using the 5-level scale from the RIMS RMM (Table 4), were requested. Furthermore, following the example of Aabo et al. (2005), the respondents’ input was continually circulated to arrive at an optimal level of consensus and a convergence of opinion.3 In addition, exploratory factor analysis (EFA) and Cronbach’s alpha (α) test (Fabrigar et al. 1999) were used to establish the internal consistency of the risk data (Jalilvand and Moorthy 2022).
Focusing on risk assessment, a set of 10 structural risk categories (Table 5) was considered: operations, financial and markets, regulatory and legal, strategic, human resources, innovation, geopolitics, credit, information security, and reputation. Identifying 3–5 risk events in each of the 10 risk categories, data on estimates of the likelihood of occurrence, impact on annual revenue growth, and the level of existing control were collected (Table 6).

5. Risk Profile and Risk Assessment

The returned questionnaires (100% response rate) were all usable. Following the example of Jalilvand and Moorthy (2022), for internal consistency and relevance, the questionnaire was further streamlined, resulting in 7 questions for risk culture, 5 questions for risk recognition, 6 questions for risk organization, 6 questions for risk governance, and 6 questions for risk control. Coded responses to questions were averaged across all respondents using the 5-level scale from the RIMS RMM, Table 7.
The risk measurements are reported in Table 8. These variables are the result of two averaging processes across 30 respondents and more than 10 risk categories, resulting in a range of 900 to 1500 observations for each variable. Furthermore, two new qualifying indices were added to the mix to provide measures of the convergence of opinion among respondents regarding likelihood, impact, and control, respectively, calculated as the ratios of the standard deviation of the expected impact on annual revenue growth and average control, divided by their means. Large values of these ratios signal a lack of convergence of opinion (the presence of input noise) among the respondents, thereby qualifying a particular risk category as being ranked low in the hierarchy of risk areas.
A conventional practice to depict the hierarchy of a firm’s risk exposures is to develop a risk map: a two-dimensional graph of likelihood and impact. While informative, the information contained in the risk map is quite limited. That is why the case requirement in Section 8 asks students to rank the ten risk categories by multiple criteria: expected impact, an equally weighted index of expected impact and average control, and an equally weighted index of expected impact and the two opinion convergence indices.

6. Mitigation Strategies

The board finally decided to focus on a subset of the ten risk areas (strategic, innovation, information and security, geopolitical, financial, and regulatory and legal). The statement of revenues and expenses in Table 1, the streamlined questionnaire results, and the quantitative risk metrics in Table 7 and Table 8 provided the key qualitative and quantitative information to establish a series of mitigation strategies for the top six risks selected by the board and review their effectiveness over time. Specifically, the consulting firm established mitigation strategies that were influenced by some observed drivers of risks in each category, which are listed below.
Lack of transparency, possible mission drifts, and weak alignment among mission, vision, and future strategies seemed to characterize the nature of the firm’s strategic risks.
Strategic projects, particularly non-governmental ones, were not competitively and commercially selected.
Project valuation techniques did not adequately account for the market and country-specific risks involved.4
Strategies for maintaining specific financial flexibility and liquidity were also lacking.
The global technology network was outdated and prone to information breaches.
The consequences of political, regulatory, and social changes in many regions of operations were poorly understood, and existing insurance policies were not optimally designed to cover the expected losses.
The firm was not fully taking advantage of the country risk information provided by global agencies such as the International Monetary Fund (IMF) and the World Bank (WB).
In early 2020, the COVID-19 pandemic significantly slowed down the pace of economic and social activity around the world. It seriously affected the operations of field offices, threatening the viability and continuity of upcoming contracts and existing programs, as well as the health and safety of participants and employees around the world.

7. Conclusions

Intended for use in advanced accounting, auditing, and finance courses, this case study, a true event, underscores the need for equipping students with an understanding and knowledge of developing effective risk management systems that identify, prioritize, and mitigate a firm’s overall risk exposures. The case details the development and implementation of an enterprise risk management (ERM) system for a U.S. multinational nonprofit firm during the 2015–2021 period. Students will learn to establish the firm’s risk profile through questionnaire-based data that capture the integrated effects of its structure, culture, processes, governance, and control. In this sense, students understand that risk interactions and aggregations are key components for establishing an effective risk management system. Students will also learn to create and apply multi-dimensional risk indices to measure and prioritize the firm’s risk exposures. These indices cover a wider range of relevant risk parameters, including the difference between inherent and residual risks and the dispersion in cognitive perception of different risk exposures within the firm. Finally, the last learning outcome focuses on strategies to triangulate the firm’s risk profile and risk prioritization results to construct mitigation strategies that build resilience and create value through risk diversification, information signaling, the identification of natural hedges, and creating board governing efficiency.
Beyond its educational focus, the case study also contributes to the existing literature by advancing powerful statistical approaches for analyzing the dynamics of qualitatively based questionnaire data. While the relatively small sample size of the risk owners and the focus on a nonprofit firm may have been a limitation of the case study, the proposed methodologies introduced in this study are fully generalizable and scalable to any for-profit or publicly traded firms. In fact, the nonprofit nature of the case-study firm introduces no methodological or conceptual constraints or limitations in applying our proposed framework to the risk management decisions of other types of firms.

8. Case Requirements

Assume you are a member of the consulting firm and that you are familiar with the plan of action for the ERM process (Table 3) and have had access to the information discussed in Table 7 and Table 8. You are asked to prepare a report that addresses the following issues.
  • Using the average coded responses to selected questions in each of the five risk areas in Table 7, provide a 500-word summary of the firm’s risk profile.
  • Complete the risk matrix in Table A1, below, by using the input measures from Table 8: average of likelihood, impact on annual revenue growth, and level of control, along with variance of the expected impact and average control.
  • Based on the results in Table 8 and Table A1 above:
    • rank the ten risk categories by (i) their expected impact, (ii) by an equally weighted index of expected impact and average control, and (iii) by an equally weighted index of three indices: expected impact, opinion convergence on expected impact, and opinion convergence on control.
    • create an equally weighted consolidated ranking of the above three rankings and re-rank the ten risk categories.
  • Develop a risk map of all ten risks identified for the firm.
  • Using the input in Table 1, the questionnaire results, and quantitative risk metrics in Table 7 and Table 8, along with the discussion on key sources and drivers of risk in Section 6, propose mitigation strategies for the top six risks selected by the board.

Author Contributions

All authors are participated equally on all dimensions mentioned above. All authors have read and agreed to the published version of the manuscript.

Funding

This paper received no external funding.

Data Availability Statement

Due to the confidentiality of this case study, a true event, data can not be made available.

Conflicts of Interest

The authors declare no conflict of interest.

Appendix A. Instructor’s Notes

Appendix A.1. Background and Introduction

Intended for use in advanced accounting, auditing, and finance courses, this case study, a true event, underscores the need for equipping students with an understanding and knowledge of developing effective risk management systems that identify, prioritize, and mitigate a firm’s overall risk exposures. The case study discusses the development and implementation of an enterprise risk management (ERM) system for a U.S. multinational nonprofit firm during the 2015–2021 period.
Students will learn to establish the firm’s risk profile through questionnaire-based data that capture the integrated effects of its structure, culture, processes, governance, and control. In this sense, students understand that risk interactions and aggregation are key components of establishing an effective risk management system.
Students will also learn to create and apply multi-dimensional risk indices to measure and prioritize the firm’s risk exposures. These indices cover a wider range of relevant risk parameters, including the difference between inherent and residual risks and the dispersion in cognitive perception of different risk exposures within the firm.
The final learning outcome focuses on strategies to triangulate the firm’s overall risk profile and risk prioritization results to construct mitigation strategies that build resilience and create value through risk diversification, information signaling, the identification of natural hedges, and creating board governing efficiency.
Beyond its educational focus, the case study also contributes to the existing literature by advancing powerful statistical approaches for analyzing the dynamics of qualitatively based questionnaire data. Furthermore, despite the paper’s focus on a nonprofit firm, the proposed methodologies introduced in this study are fully generalizable and scalable to any for-profit or publicly traded firm.

Appendix A.2. Case Requirements: Implementation

1.
Using the average coded responses to selected questions in each of the five risk areas in Table 7, provide a 500-word summary of the firm’s risk profile.
The results of the questionnaire are reported in Table 7. Relatively low values of the coded responses for the selected questions (average scores for risk administration and risk control of 2.70 and 3.1, respectively) indicate that the firm’s existing risk management system was ad hoc and uncoordinated. Also, significant barriers appeared to exist in risk reporting and communication. The low values on the average scores for risk culture and risk recognition of 2.7 and 2.85, respectively, emphasize the respondents’ inability to distinguish between the risk areas representing threats, those needing to be mitigated, and those representing opportunities to be seized upon for increasing future revenue growth. The average score for risk governance of 2.47 demonstrates that the board was poorly prepared to comprehend the firm’s overall risk exposure and that there was no risk committee on the board.
2.
Complete the risk matrix in Table A1 by using the following input measures from Table 8:
Average likelihood, impact on annual revenue growth, and level of control.
Variance of the expected impact and average control.
Table A1. Risk Matrix.
Table A1. Risk Matrix.
Risk CategoryAverage Expected ImpactOpinion Convergence (Expected Impact)Opinion Convergence (Control)
Strategic Risk
Innovation Risk
Information and Security Risk
Geopolitical Risk
Financial Risk
Regulatory and Legal Risk
Operational Risk
Credit and Product Risk
Human Resources Risk
Reputation Risk
To respond to this question, students need to calculate three well-known statistical indices: average expected impact on revenue growth, opinion convergence indices for the expected impact on revenue growth, and average risk control, respectively, for each risk area. Table 8 provides the relevant information to calculate the statistical indices. Examples are discussed below.
1.
(Average Expected Impact on Revenue Growth) risk (i) =
{(Average Probability) risk (i)) (Average Impact) risk (i))}
Example
(Average expected impact on revenue growth) Financial Risk = (0.4810) (−0.3534) = −0.17
2.
(Opinion Convergence Index on Expected Impact) risk (i) =
(Standard Deviation of Expected Impact) risk (i))/(Average expected impact) risk (i)
Note that in calculating the opinion convergence index on expected impact, we use the absolute value of the average expected impact to arrive at a non-negative value for achieving consistency and ease of comparison across different risk areas.
Example
(Opinion Convergence Index on Expected Impact) Financial Risk = (0.0023)1/2/0.17 = 0.28
3.
(Opinion convergence index on Average Control) risk (i) =
(Standard Deviation of Average Control) risk (i))/(Average Control) risk (i)
Example
(Opinion convergence index on expected impact) Financial Risk = (0.1781)1/2/4.05 = 0.1042
The final table for the risk areas is provided below.
As the results in Table A2 reveal, the average impacts on annual revenue growth across all risk categories are consistently negative, reflecting the respondents’ inability to distinguish between the risk areas representing threats, those needing to be mitigated, and those representing opportunities to be seized upon for increasing future revenue growth. The low scores on the “Risk Recognition” part of the questionnaire further confirm and underscore this observation.
Table A2. Risk matrix: the average expected impact is the product of average probability by average impact for each risk category across the sample. Opinion convergence (expected impact) represents the ratios of the standard deviation of expected impact for each risk category across the sample, adjusted by the absolute value of its mean. Opinion convergence (control) represents the ratios of the standard deviation of average control for each risk across the sample category, adjusted by its mean.
Table A2. Risk matrix: the average expected impact is the product of average probability by average impact for each risk category across the sample. Opinion convergence (expected impact) represents the ratios of the standard deviation of expected impact for each risk category across the sample, adjusted by the absolute value of its mean. Opinion convergence (control) represents the ratios of the standard deviation of average control for each risk across the sample category, adjusted by its mean.
Risk CategoryAverage ProbabilityAverage Expected ImpactAverage ControlOpinion Convergence (Expected Impact)Opinion Convergence (Control)
Strategic Risk46.46%−0.164.23 0.71 0.1313
Innovation Risk54.26%−0.154.30 0.4 0.1271
Information and Security Risk61.67%−0.144.00 0.74 0.1428
Geopolitical Risk51.30%−0.153.95 0.63 0.1427
Financial Risk48.10%−0.174.05 0.28 0.1042
Regulatory and Legal Risk45.56%−0.143.95 0.22 0.1227
Operational Risk44.81%−0.163.76 0.36 0.0949
Credit and Product Risk57.14%−0.193.76 0.51 0.1282
Human Resources Risk53.33%−0.153.65 0.3 0.1185
Reputation Risk42.08%−0.163.35 0.6 0.1282
Furthermore, the results in Table A2 show that both opinion convergence indices are negatively and significantly correlated with the absolute value of expected impacts across all risk areas. In other words, wide variations in the respondents’ estimates of likelihood and impact (high values for the convergence indices) in certain risk areas (strategic risk, geopolitical risk, and reputational risk) lower their position in the hierarchy of top risks. These results are consistent with our prior conjectures on the role of opinion convergence indices in prioritizing the risk areas.
4.
Based on the results in Table 8:
(a)
rank the ten risk categories by: (i) their expected impact, (ii) by an equally weighted index of expected impact and average control, and (iii) by an equally weighted index of three factors: expected impact, opinion convergence on expected impact, and opinion convergence on control;
(b)
create an equally weighted consolidated ranking of the above three rankings and re-rank the ten risk categories.
For this question, students should use the information included in the risk matrix above to rank the ten risk areas. Risk areas with higher values of expected impact and opinion convergence indices reflect higher level (top) risks (ranked first, second, third, etc.) The overall ranking of risk areas is presented in Table A3 below.
Table A3. Top risks by different ranking criteria: Rank 1: absolute value of the expected impact; Rank 2: equally weighted index of expected impact and average control; Rank 3: equally weighted index of expected impact, opinion convergence (expected impact), and opinion convergence (control).
Table A3. Top risks by different ranking criteria: Rank 1: absolute value of the expected impact; Rank 2: equally weighted index of expected impact and average control; Rank 3: equally weighted index of expected impact, opinion convergence (expected impact), and opinion convergence (control).
Risk CategoryRank (1)Rank (2)Rank (3)Consolidated Ranking
Strategic Risk3576
Innovation Risk46 56
Information and Security Risk55 97
Geopolitical Risk43 86
Financial Risk2311
Regulatory and Legal Risk54 35
Operational Risk32 22
Credit and Product Risk11 41
Human Resources Risk42 33
Reputation Risk31 64
5.
Develop a risk map including the ten risks identified for the firm.
Table 8 contains the information for drawing a risk map where the average probability of risk occurrence is plotted on the Y-axis and the average impact on annual revenue growth is plotted on the X-axis. Using the information in Table 8, a risk map of the ten risk areas is shown below.
6.
Using the input in Table 1, the questionnaire results, quantitative risk metrics, Table 7 and Table 8, and the discussion on key sources and drivers of risk in Section 6, propose mitigation strategies for the top six risks selected by the board.
Jrfm 16 00473 i001
This question is clearly a challenging one, as students need to use the information on the drivers of risks, given in Section 6, to construct mitigation strategies for the top six risks selected by the board. The discussion on the firm’s risk profile using the information in Table 7 is relevant to this requirement. There is a need to develop a strategic plan that aligns with the firm’s overall mission, regularly monitoring its progress according to measurable and transparent criteria. The board’s weaknesses in addressing the firm’s risks could be alleviated by creating a stand-alone risk committee. Reports from international field offices, coupled with those from the International Monetary Fund (IMF) and the World Bank (WB), are also helpful in addressing geographical risk exposure.
Hiring a Chief Information Officer (CIO) would change the firm’s communication and technology infrastructure and would be an effective step in dealing with the informational and security risk. Risk-adjusted capital budgeting techniques should be applied to successfully shift revenue sources from governmental grants to value-enhancing non-governmental ones. Specifically, a detailed set of mitigation strategies focused on the top six risks are summarized in Table A4 below. Overall, the proposed mitigation strategies are consistent and support the results of the earlier studies, showing positive valuation implications for fully engaged firms that are considered mature in their ERM approach.
Table A4. Mitigation strategies.
Table A4. Mitigation strategies.
Risk CategoriesKey Drivers of RisksMitigation Strategies
Strategic
-
Transparency
-
Mission Drift
-
Diversification
-
Alignment
Developed a new 5-year, 2017–2022, strategic plan establishing more clearly the firm’s mission and vision, creating strategies and tactics aligning the firm’s operational, financial, risk management, and marketing/communication goals. Created a stand-alone risk committee as a sub-committee of the board. Provided regular progress reports to the board on realizing the goals of the plan. Used risk-adjusted criteria to assess the valuation implications of new projects. Produced quarterly global economic and environmental scans to review the plan’s goals and strategies, recommending possible changes.
Innovation
-
Commercial Orientation
-
Competitiveness
-
Incentives
-
R&D Resources
Established a portfolio approach whereby the financial and human resources are allocated strategically and optimally to enhance innovation in core offerings, adjacent opportunities, and, particularly, transformational territories achieved through geographic diversification. Promoted a more effective dialog between staff, senior executives, and the board on new initiatives. Incentivized staff to experiment with new ideas. Aligned the R&D budget with best practices by comparable entities. Used risk-adjusted approaches to measure the value proposal of R&D projects.
Informational and Security
-
Data Privacy
-
System Obsolescence
-
Technical Issues
-
Data Loss
-
Multiple Platforms
Hired a Chief Informational Officer (CIO) who was responsible for developing and executing policies to manage the global network of information. Key steps included the synchronization and consolidation of email platforms, launching software and hardware for document management, establishing effective patches to detect and defuse cyber-attacks, and aligning information technology policies with strategic planning.
Geopolitical
-
Political Instability
-
Travel Bans and Visas
-
Trend Forecasting
-
Program closure
Incorporated country risk analysis information regularly published by the International Monetary Fund (IMF) and the World Bank (WB) to better assess geographic risks and their implications for ongoing and new initiatives. Established quarterly country-based reports from foreign field offices. Secured a global insurance contract against losses occurring from travel bans, visa restrictions, kidnappings, and nationalizations.
Financial
-
Fraud
-
Revenue Shortfall
-
Cost overruns
-
Liquidity
-
Currency Changes
-
Audit
Systematically shifted revenue sources, such that the contribution of non-governmental projects would increase to 30% from its existing level of 5% of annual revenues in 5 years. Planned to increase liquidity ratios by 30% over 5 years. Established quarterly revenue scenario exercises to stress test the financial health of the firm. Implemented an optimal currency model to manage the FX risk of foreign revenues. Developed and implemented risk-adjusted valuation approaches related to R&D investments.
Regulatory
-
Lawsuits and Liability
-
Registration Status
-
Noncompliance
-
Regulatory Forecasting
-
Third-party liability
Reported and regularly updated U.S. Federal/State- and country-specific compliance measures. Established quarterly country-based regulatory reports from foreign field offices. Secured a global insurance contract to cover the losses due to third-party liability.

Notes

1
Other examples include British Petroleum (oil and gas), Tokyo Electric (electricity), Lehman Brothers, Bear Stearns, Merrill Lynch, Wells Fargo (financial), Boeing (technology), Corinthian Colleges, and ITT (Educational Services), among others.
2
Founded in 1950, the Risk and Insurance Management Society (RIMS) is a global not-for-profit organization committed to advancing the practice of risk management throughout the world.
3
This is similar to the Delphi method, which was originally developed by the RAND Corporation.
4
In particular, conventional capital budgeting techniques (such as the net present value (NPV), the internal rate of return (IRR), or adjusted NPV)) were not used to evaluate strategic projects. See Jalilvand and Kostolansky (2016) for an approach to estimating the cost of capital for privately held firms.

References

  1. Aabo, Tom, John Fraser, and Betty Simkins. 2005. The Rise and Evolution of the Chief Risk Officer: Enterprise Risk Management at Hydro One. Journal of Applied Corporate Finance 17: 62–75. [Google Scholar] [CrossRef]
  2. Beasley, Mark, Richard Clune, and Dana Hermanson. 2005. Enterprise Risk Management: An Empirical Analysis of Factors Associated with the Extent of Implementation. Journal of Accounting and Public Policy 24: 521–31. [Google Scholar] [CrossRef]
  3. Fabrigar, Leandre, Duane Wegener, Robert MacCallum, and Erin Strahan. 1999. Evaluating the use of exploratory factor analysis in psychological research. Psychological Methods 4: 272–99. [Google Scholar] [CrossRef]
  4. Farrell, Mark, and Ronan Gallagher. 2014. The Valuation Implications of Enterprise Risk Management Maturity. The Journal of Risk and Insurance 82: 625–67. [Google Scholar] [CrossRef]
  5. Fraser, J., and B. Simkins. 2010. Enterprise Risk Management. Hoboken: John Wiley and Sons. ISBN 9780470499085. [Google Scholar]
  6. Fraser, John, Betty Simkins, and Kristina Narvaez. 2014. Implementing Enterprise Risk Management: Case Studies and Best Practices. Hoboken: John Wiley and Sons. [Google Scholar]
  7. Froot, Kenneth, David Scharfstein, and Jeremy Stein. 1993. Risk Management: Coordinating Investment and Financing Policies. Journal of Finance 48: 1629–58. [Google Scholar] [CrossRef]
  8. Grace, Martin, J. Tyler Leverty, Richard Phillips, and Prakash Shimpy. 2014. The Value of Investing in Enterprise Risk Management. The Journal of Risk and Insurance 82: 289–316. [Google Scholar] [CrossRef]
  9. Harrington, Scott, Greg Niehaus, and Kenneth J. Risko. 2002. Enterprise Risk Management: The Case of United Grain Growers. Journal of Applied Corporate Finance 14: 71–81. [Google Scholar] [CrossRef]
  10. Hoyt, Robert E., and Andre P. Liebenberg. 2011. The Value of Enterprise Risk Management. Journal of Risk and Insurance 78: 795–822. [Google Scholar] [CrossRef]
  11. Hristov, Ivo, Riccardo Camilli, Antonio Chirico, and Alessandro Mechelli. 2022. The Integration between Enterprise Risk Management and Performance Management System: Managerial Analysis and Conceptual Model to Support Strategic Decision-Making Process. Production Planning & Control, 1–14. [Google Scholar] [CrossRef]
  12. Jalilvand, Abol, and John W. Kostolansky. 2016. Le Beau Footwear: A Business Valuation Case for a Privately Held Firm. Issues in Accounting Education 31: 439–47. [Google Scholar] [CrossRef]
  13. Jalilvand, Abol, and Sidharth Moorthy. 2022. Enterprise Risk Management (ERM) Maturity: A Clinical Study of a U.S. Multinational Nonprofit Firm” (with S. Moorthy). Journal of Accounting, Auditing, and Finance. [Google Scholar] [CrossRef]
  14. Jensen, Michael C., and William H. Meckling. 1976. Theory of the Firm: Managerial Behavior, Agency Costs and Ownership Structure. Journal of Financial Economics 3: 305–60. [Google Scholar] [CrossRef]
  15. Kraus, Alan, and Robert Litzenberger. 1973. A State Preference Model of Optimal Financial Leverage. Journal of Finance 28: 911–22. [Google Scholar]
  16. Leland, Hayne E., and David H. Pyle. 1977. Informational Asymmetries, Financial Structure, and Financial Intermediation. Journal of Finance 32: 371–88. [Google Scholar] [CrossRef]
  17. Lindberg, Deborah L., and Deborah L. Seifert. 2011. A Comparison of U.S. Auditing Standards with International Standards on Auditing. The CPA Journal 81: 17–21. [Google Scholar]
  18. McShane, Michael K., Anil Nair, and Elzotbek Rustambekov. 2011. Does Enterprise Risk Management Increase Firm Value? Journal of Accounting, Auditing and Finance 26: 641–58. [Google Scholar] [CrossRef]
  19. Miller, Merton. 1977. Debt and Taxes. Journal of Finance 32: 261–75. [Google Scholar]
  20. Miller, Merton H., and Franco Modigliani. 1958. The Cost of Capital, Corporation Finance and the Theory of Investment. American Economic Review 48: 261–97. [Google Scholar]
  21. Miller, Merton H., and Franco Modigliani. 1963. Corporate Income Taxes and the Cost of Capital: A Correction. American Economic Review 53: 433–43. [Google Scholar]
  22. Nocco, Brian W., and René M. Stulz. 2006. Enterprise Risk Management: Theory and Practice. Journal of Applied Corporate Finance 18: 8–20. [Google Scholar] [CrossRef]
  23. Rosenburg, Joshua V., and Til Schuermann. 2006. A General Approach to Integrated Risk Management with Skewed, Fat-Tailed Risks. Journal of Financial Economics 79: 569–614. [Google Scholar] [CrossRef]
  24. Ross, Stephen A. 1977. The Determination of Financial Structure: The Incentive Signaling Approach. Bell Journal of Economics 8: 23–40. [Google Scholar] [CrossRef]
  25. Samanta, P., T. Azarchs, and J. Martinez. 2004. The PIM Approach to Assessing the TRM Practices of Financial Institutions. New York: Standard and Poor’s/McGraw-Hill. [Google Scholar]
  26. Shad, Muhammad Kashif, Fong-Woon Lai, Amjad Shamin, Michael McShane, and Sheikh Muhammad Zahid. 2022. The relationship between enterprise risk management and cost of capital. Asian Academy of Management Journal 27: 79–103. [Google Scholar]
Table 1. Consolidated statement of revenues and expenses: 2015–2017 (USD millions).
Table 1. Consolidated statement of revenues and expenses: 2015–2017 (USD millions).
Revenues2017201620152015–2017 Change
Government Grant275.0614295.4502313.2000−12.18%
Non-Government Grant22.065023.625025.0000−11.74%
Tuitions92.187698.7053104.4500−11.74%
Administrative Fees41.923544.887547.5000−11.74%
Fund Raising1.87002.25002.7500−32.00%
Investment Income3.25002.29001.5000116.67%
Other Income4.94265.29205.6000−11.74%
Total Revenues441.3000472.5000500.0000−11.74%
Expenses
Student Exchanges143.0067147.2570156.8825−8.84%
Program Expenses153.1890169.8350170.8000−10.31%
Salary and Pension88.617692.272098.2000−9.76%
Depreciation and Amortization2.26542.27002.3846−5.00%
Repair and Maintenance1.21801.31001.4329−15.00%
Transportation33.175737.281043.3500−23.47%
Taxes1.19001.30001.2000−0.83%
Miscellaneous Expenses5.93786.52508.7500−32.14%
Total Expenses428.600458.050483.000−11.26%
Net Surplus (Deficit)12.700014.450017.0000−25.29%
Table 2. Plan of action to develop the enterprise risk management (ERM) program.
Table 2. Plan of action to develop the enterprise risk management (ERM) program.
Sample of Risk OwnersIdentify a representative and diverse group of functional risk owners (managers/executives in field offices with major P/L responsibilities), senior executives, and board members.
EducationDevelop and deliver a short educational module for the sample group to create a uniform level of understanding on the dynamics and application of ERM.
QuestionnaireAdminister and analyze a focused questionnaire covering multiple risk management areas including risk culture, risk recognition, risk organization, risk governance, risk control, and risk measurement.
Synthesis and Risk AssessmentSynthesize and compile the results obtained from the questionnaire. Develop a detailed multidimensional risk table identifying and prioritizing the existing and potential risks.
MitigationDevelop mitigation strategies for the top risks.
ReviewReview and assess, on an ongoing basis, the effectiveness of the proposed risk management system.
Table 3. Key areas determining the risk profile.
Table 3. Key areas determining the risk profile.
Risk AreasDefinition
Risk CultureThe questions in this segment are designed to elucidate the interplay between the organization’s strategy, goals, decision-making processes, risk appetite, and risk management philosophy.
Risk GovernanceThe questions in this segment focus on the board structure, processes, and levels, and the effectiveness of the board’s involvement, knowledge, and transparency in devising strategies to carry out risk management decisions.
Risk OrganizationThis section focuses on the administrative and operational nature of capturing, communicating, reporting, monitoring, and compliance related to risk management actions.
Risk RecognitionThis segment is designed to elucidate the organization’s ability to identify risks, distinguish risks from opportunities, recognize risk metrics, and increase awareness of fraudulent activities.
Risk ControlThe questions in this segment have been designed to gauge the firm’s level of existing control regarding overall risk exposure.
Risk AssessmentDevise and implement consistent multi-dimensional risk indices, which are used to assess and prioritize potential categories of risks.
Table 4. The Risk and Insurance Management Society’s five-level risk maturity model: RIMS RMM a.
Table 4. The Risk and Insurance Management Society’s five-level risk maturity model: RIMS RMM a.
Maturity (Level)Maturity-Level Characteristics
Ad hoc (1)This implies an extremely primitive level of ERM maturity, where risk management typically depends on the actions of specific individuals, with improvised procedures and poorly understood processes.
Initial (2)Risk is managed in silos, with little integration or risk aggregation.Processes typically lack discipline and rigor. Risk definitions often vary across the silos.
Repeatable (3)A risk assessment framework is generally in place, with the Board of Directors being provided with risk overviews. Approaches to risk management are established and repeatable.
Managed (4)Enterprise-wide risk management activities, such as monitoring, measurement, and reporting, are integrated and harmonized, with measures and controls established.
Leadership (5)Risk-based discussions are embedded at a strategic level, such as long-term planning, capital allocation, and decision-making. Risk appetite and tolerances are clearly understood, with alerts in place to ensure that the board of directors and the executive management are made aware when risk thresholds are exceeded.
a Adapted from Lindberg and Seifert (2011), and Farrell and Gallagher (2014).
Table 5. General risk categories.
Table 5. General risk categories.
Operational RiskRisks resulting from inadequate or failed procedures, systems, processes, or policies. It includes employee errors, business interruptions, fraud or other criminal activity, equipment failure, logistical bottlenecks, third-party liability, employee safety, timeliness, and accuracy.
Financial and Market RiskRisks resulting from a shortfall in revenues and/or cost escalation, accumulated losses, diminished liquidity, problems in meeting financial obligations, diminished credit rating, forecasting and valuation errors, audit problems, portfolio losses, and poor hedging against market volatility (interest rates, exchange rates, and stock prices).
Regulatory and Legal RiskRisks resulting from lawsuits and unpredictable changes in the local and global regulatory environment and from noncompliance with statutory and accreditation rules.
Strategic RiskRisks resulting from poor articulation and communication of goals and strategies, misalignment of the strategic plan and corporate governance, an uninformed board, and a lack of established and effective review processes.
Human Resources RiskRisks resulting from problems in employee recruitment and retention, low labor productivity, and a sub-optimal compensation system.
Innovation RiskRisks resulting from inertia in identifying and implementing new products and services in local and foreign markets in response to political, macroeconomic, and market changes.
Geopolitical RiskRisks resulting from political changes, sanctions, travel bans, economic and political retaliation, and the nationalization of foreign assets and establishments.
Credit RiskRisks resulting from competition, economic slowdown/slow recovery, supply chain disruption, embargoes, customer attrition, changes in customers’ expectations and demand, and changes in customers’ financial capacity.
Informational/Security RiskRisks resulting from cyber security attacks and hacking, using outdated and inefficient information systems (technology obsolescence), and communication system failure.
Reputation RiskRisks resulting from a decline in or lack of brand and image, the loss of customers’ trust, negative publicity, recruitment challenges, and fundraising problems.
Table 6. Risk assessment metrics: likelihood, impact, and control a.
Table 6. Risk assessment metrics: likelihood, impact, and control a.
Panel A. Likelihood (P) Control (C) a
Very Low
p < 0.15		Low
0.15 < p < 0.3		Medium
0.3 < p < 0.5		High
0.5 < p < 0.75		Very high
p > 0.75		Ad hocInitialRepeatableManagedLeadership
Panel B. Impact on Revenue Growth (G) b
Very Negative
−25% < G < −50%		Negative
0% > G < −25%		Neutral
0%		Positive
0% < G < 40%		Very Positive
G > 40%
a Risk and Insurance Management Society five-level risk maturity model: RIMS RMM; b mid-point ranges for likelihood and impact are used to calculate the expected values.
Table 7. The questionnaire’s results.
Table 7. The questionnaire’s results.
Risk AreasAverage ScoreSectional Average
Risk Culture
Overall, is the firm willing to take any magnitude of risk in order to achieve strategic objectives?2.372.70
How are the critical competencies of the firm structured, in a range from “Operational” to “Entrepreneurial”?2.61
How do you describe the reward structure of the company, in a range from “Margins and Productivity” to “Milestones and Growth”?2.63
Is the organizational culture:2.98
-“Efficiency, Low Risk, Quality, Customers”,
-“Risk Taking, Speed, Flexibility, and Experimentation”, or
-somewhere in between?
Rate the leadership role from being “Authoritative and Top Down” to “Visionary and Involved”.2.77
How would you rank the strategic and related objectives defined by the organization, in a range from “Unclear and Unfocused” to “Planned and Transparent”?2.82
Based on the reflection above, rate the firm’s overall risk management culture.2.75
Risk Recognition
What type of forces, internal and external, impact the risk management culture described above, in a range from “Entirely Internal” to “Entirely External”?2.852.85
Rate the organization’s ability to distinguish risk vs. opportunity.2.19
What are the most relevant assessment metrics for quantifying significant measurable risks and incorporating them into the decision-making process, in a range from “Entirely Qualitative” to “Entirely Quantitative”?3.05
How susceptible is the firm to fraud? Which areas are most susceptible to the same?3.45
Based on the reflection above, rate your department’s overall risk recognition capabilities.2.69
Risk Organization
How effective is the organization in capturing risk information and communicating it to various constituencies (government, donors, clients, staff, and the board)? 1.822.70
Do communication barriers exist within the organization when addressing risk? 3.42
How often do you think the senior management involves the board and staff during the strategy-setting process, including when making decisions to accept or reject risk factors? 2.93
Rate the activities of writing down, prioritizing, and disseminating risk.3.56
Rate the risk monitoring and reporting system within the organization.2.36
Based on the reflection above, rate the firm’s risk management organizational capacity.2.12
Risk Governance
Rate the board’s understanding of the organization’s priority risks and how those risks should be addressed.2.372.47
How much do the senior executives involve the board in the assessment of strategic risks?3.07
Rate the frequency with which the company revisits its risk assessment to determine whether the circumstances and conditions have changed or whether there are new emerging risks.2.56
How confident are you about the organization not taking significant risks without the board’s knowledge?1.79
How effective do you consider the organization’s risk management culture and governance functioning to be?2.73
Based on the reflection above, rate the alignment between risk management and governance at the firm.2.32
Risk Control
How well-defined are the risk management goals in terms of ongoing strategic activities: in a range from “Unclear and Unfocused” to “Planned and Transparent”?3.123.10
How do you rate the quality, reliability, and relevance of the risk reporting?2.76
How effective are the ongoing monitoring activities (e.g., compliance monitoring, risk management group, board monitoring, etc.)? 2.93
Rate the risk measuring methodology adopted by the firm when each risk is measured, on an individual level.3.20
Rate the risk measuring methodology adopted by the firm when each risk is measured, on an enterprise level.2.09
Does the company have a rising learning curve with regard to its risk assessment and management process?4.47
Table 8. Risk matrix: the average expected impact is the product of the average probability by average impact for each risk category. Opinion convergence (expected impact) is the ratio of the standard deviation of expected impact for each risk category, adjusted by its mean. Opinion convergence (control) is the ratio of the standard deviation of average control for each risk category, adjusted by its mean.
Table 8. Risk matrix: the average expected impact is the product of the average probability by average impact for each risk category. Opinion convergence (expected impact) is the ratio of the standard deviation of expected impact for each risk category, adjusted by its mean. Opinion convergence (control) is the ratio of the standard deviation of average control for each risk category, adjusted by its mean.
Risk CategoryAverage ProbabilityAverage ImpactAverage ControlVariance
Expected Impact		Variance
Control
Strategic Risk46.46%−0.34444.230.01290.3085
Innovation Risk54.26%−0.27644.300.00360.2987
Information and Security Risk61.67%−0.22704.000.01070.3263
Geopolitical Risk51.30%−0.29243.950.00890.3177
Financial Risk48.10%−0.35344.050.00230.1781
Credit and Product Risk57.14%−0.33253.760.00940.2324
Operational Risk44.81%−0.35713.760.00570.1273
Regulatory and Legal Risk45.56%−0.30733.950.00090.2349
Human Resources Risk53.33%−0.28133.650.00200.1871
Reputation Risk42.08%−0.38023.350.00920.1844
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Jalilvand, A.; Moorthy, S. Triangulating Risk Profile and Risk Assessment: A Case Study of Implementing Enterprise Risk Management System. J. Risk Financial Manag. 2023, 16, 473. https://doi.org/10.3390/jrfm16110473

AMA Style

Jalilvand A, Moorthy S. Triangulating Risk Profile and Risk Assessment: A Case Study of Implementing Enterprise Risk Management System. Journal of Risk and Financial Management. 2023; 16(11):473. https://doi.org/10.3390/jrfm16110473

Chicago/Turabian Style

Jalilvand, Abol, and Sidharth Moorthy. 2023. "Triangulating Risk Profile and Risk Assessment: A Case Study of Implementing Enterprise Risk Management System" Journal of Risk and Financial Management 16, no. 11: 473. https://doi.org/10.3390/jrfm16110473

Article Metrics

Back to TopTop