Next Article in Journal
Effect of the Employees’ Mental Toughness on Organizational Commitment and Job Satisfaction: Mediating Psychological Well-Being
Next Article in Special Issue
Knowledge Production in a Territorial Network of Organizations: Identifying the Determinants in the Case of Moroccan Technopole
Previous Article in Journal
Predictors of Digital Competence of Public University Employees and the Impact on Innovative Work Behavior
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Factors Affecting Risk Management in Industrial Companies in Jordan

1
Business Management Department, The University of Jordan, Amman P.O. Box 11942, Jordan
2
Civil Engineering Department, The University of Jordan, Amman P.O. Box 11942, Jordan
*
Author to whom correspondence should be addressed.
Adm. Sci. 2023, 13(5), 132; https://doi.org/10.3390/admsci13050132
Submission received: 11 February 2023 / Revised: 12 April 2023 / Accepted: 19 April 2023 / Published: 12 May 2023
(This article belongs to the Special Issue Financial Technology Innovation and Risk Management)

Abstract

:
This study aims to identify and rank the critical factors affecting risk management from the perspective of top and Lower Management in Jordanian industrial companies. Based on a rigorous literature review, critical factors affecting risk management are factors related to (1) flexibility and adaptation in the economic environment; (2) company characteristics; (3) external audit quality; (4) government rules and regulations; (5) top management and the board of directors; (6) organizational structure; (7) internal audit effectiveness; (8) trust; (9) human resources efficiency and training (10); communications (11); information technology (12); and the company’s culture. Quantitative research methods were used. A questionnaire was developed and distributed to a random sample of senior managers of industrial companies in Jordan. Kendall and Mann–Whitney tests, RII, and EFA were used to analyze the acquired data. The results show that all discussed factors have an effect on risk management, and there is no difference between top and Lower Management’s opinions regarding the ranking of the importance of those factors on risk management. This study provides an original perspective on the concept of risk management and the factors that impact it. These findings have important implications for Jordanian industrial companies’ decision makers. Companies should apply the results to their strategies and policies to reduce risks.

1. Introduction

Jordan is a country with limited natural resources and a dependence on tourism, foreign investment, and human resources. The industrial sector in Jordan has been significantly affected by the restriction of the movement of basic inputs used to manage the production cycle, as well as the closing of markets to which products are sent.
(Jordan Investment Commission 2018The Investment Commission in Jordan mentioned that the industrial sector is one of the largest contributors to Jordan’s gross domestic product (GDP) (about 24% of the GDP), with about 18,000 industrial facilities and about 240,000 workers, mostly Jordanians.
The importance of the industrial sector is due to some factors, including Jordan’s competitiveness for industrial investors and its intermediate position between countries. The “Free Trade Agreements” (FTAs) support these, and finally, the agreement between Jordan and the European Union to ease the rules of origin to facilitate the arrival of Jordanian products on the European market. The International Labor Organization (ILO) and the United Nations Development Program (UNDP), in collaboration with FAFO, a Norwegian research institution and owner of the FAFO Institute for Labor and Social Research in Oslo, independently conducted two enterprise surveys in April 2020, about a month after the ban began in Jordan, resulting in a report in which the information from these two studies was consolidated to serve as the basis and justification for this study.
Risks are an essential component of all projects and businesses, and no organization, no matter how well it plans, can avoid them entirely. Risks have numerous impacts that may not show up straightaway or may appear out of nowhere during the execution of one of the stages of work, which directly influences the entire work. Risk management is defined, according to Oliveira et al. (2018), as “a coordinated process of identifying and analyzing risks through an incorporated methodology applied to the organization, so its strategies, activities, individuals, technology, and knowledge are adjusted by evaluating and managing risks to guarantee the accomplishment of organizational objectives”.
Risk management regards the following according to Na Ranong and Phuenngam (2009): (1) the process of eliminating, reducing, and controlling risks; (2) identifying, analyzing, assessing, monitoring, and controlling risks; (3) reducing negative opportunities; and (4) achieving business methods and goals.
Numerous studies have analyzed the effect of risks and their factors; however, there is still a shortage of studies that rank the factors affecting risk management according to their importance.
Due to the presence of this gap in the past literature in regard to this matter, this study aims to enrich the theoretical literature with recent studies in exploring and ranking the factors affecting risk management, thus making it important to know and determine the importance of several different factors in “risk management” in industrial companies in Jordan.
Consequently, there is an emerging need to identify these factors and determine which factors are the most significant from the viewpoint of experts and practitioners in the field, which helps managers take better decisions. Companies should enhance the less important factors to reduce risks and can apply the results in their strategies and policies. The objectives of this paper are (1) to identify factors that affect risk management by conducting a rigorous literature review. (2) Rank these factors from the viewpoint of experts for both upper and Lower Management in the industrial companies in Jordan. (3) Perform a comparison of viewpoints about factor importance between the opinions of upper and Lower Management in the industrial companies in Jordan. (4) To find out if the presence of an independent department or a special committee for “risk management” in industrial companies will help in predicting the upcoming risks and preserving the progress of work for the longest possible period.
The major contributions of this research are as follows:
  • The current study’s findings expand earlier research conclusions while also adding some new findings to the body of knowledge, particularly in the field of risk management.
  • This study on Jordanian industrial companies can be used as a sample to identify the most significant risk management factors and rank them according to their importance from the perspective of upper and Lower Management.
  • To find if there are any differences in the responses of lower and Upper Management in terms of their viewpoints on the importance of the factors.
  • This study can be considered the first to investigate all twelve factors that affect risk management and rank them based on their importance from the viewpoint of upper and Lower Management.
  • The result of this study provides several important implications for managers and decision makers in Jordanian industrial firms.
  • Identifying the least important factors will motivate companies to improve them to reduce risk.
In order to achieve the study’s aim and objectives, the following question was formulated:
Q1: What are the most important factors that affect “risk management” in industrial companies in Jordan?

2. Literature Review and Theoretical Framework

2.1. Literature Review

2.1.1. What Is a Risk?

Risks are vital to all projects and companies, and no company can overcome them all, regardless of its ability to plan. Therefore, risks are seen as uncertain cases, and if they occur, they may affect the objectives of the project positively or negatively (Hillson 2002; Ullah et al. 2021). Hence, risk is “an uncertain event or condition that affects the timeline, cost, and quality of projects” (Akhavan et al. 2019). Accordingly, there has been a rising awareness that risk management is essential. A risk management manager permits managers to effectively handle uncertainties (Yakob et al. 2022), as well as perceive some of these potential risks prior to starting the work, for instance, equipment breakdown or anticipated results, for instance, plan delay; yet, many risks are unpredictable and have results beyond imagination (Larson and Gray 2011).
Risk is not a factor of a certain procedure, division, or project. Nevertheless, a risk is a consequence of the overall segments in a firm. Consequently, risks are comprehensively viewed at the firm level (Fitriana and Wardhani 2020). The International Organization for Standardization (ISO, 2009) recommended companies make and improve their work frameworks by including a “risk management” process in their policies, governance, culture, strategic planning, management, and report production. Thaheem et al. (2014) classifies risks into two major types: Internal risks, which are those that are within the control of the industrial unit and are divided into two categories, technical risks and nontechnical risks. 2. External risks, which are outside the control of the industrial unit and are secluded into two sorts: (A) predictable risks and (B) unpredictable risks. Here, insurance may be a way to deal with the impact of some of these risks.

2.1.2. What Is Risk Management?

Firm “risk management” is defined as “a coordinated process of identifying and analyzing risks through an incorporated methodology applied to the organization, so its strategies, activities, individuals, technology, and knowledge are adjusted by evaluating and managing risks to guarantee the accomplishment of organizational objectives” (Oliveira et al. 2018). Moreover, depending on Akhavan et al. (2019), risk management is a “structured approach used for identifying, evaluating, and prioritizing risks after controlling probabilities and the impact of unplanned events”. In September 2004, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) issued “Enterprise Risk Management: An Integrated Framework”, to give a model framework for Enterprise Risk Management (ERM).
That framework defines ERM as:
“… a process, effected by an entity’s board of directors, management, and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity and manage risks to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives”.
Lately, attitudes toward risk management have changed and have tended to form a more comprehensive perspective. Although it is a new approach, several organizations have aimed to adopt it, as researchers believe that adopting risk management for the company improves its performance (Levine and Miller 2022). Because of the shortage of academic research on factors affecting risk management, interest in its role in companies and its use as a strategic instrument has increased (Gates and Hexter 2005). Lam (2001) claimed that organizational risk management improves a company’s proficiency to decrease loss, stabilize gaining volatility, and expand a firm’s return on equity and shareholder worth; therefore, it is a vital means to promote the success of the organization (Rehman and Anwar 2019).
Organizational risk management activities permit organizations to handle diverse risks such as “strategic risk, market risk, credit risk, operational risk, and financial risk, all of which can influence operations” (Banham 2004).
Since various social psychologists explain that natural disasters are less thought about by managers due to the popular perception that these disasters are “acts of God” that cannot be avoided or controlled, researchers have argued that informal cooperation across organizations may diminish the factors of “inactive risk” and crisis mitigation and response, inciting the need to understand and regulate disaster risk, postdisaster learning, and recovery (Chen et al. 2013). It is fundamental to approve using risk management in all stages of work and not to concede its implementation so as not to make it difficult to identify and overview, and in this manner, to conversely influence all stages of the company’s life (Korkmaz 2022).

2.1.3. Risk Types

Hayur and Khalas (2020) argued that there is a set of risks surrounding a company, for instance, the internal environment risks, which are risks achieved by events that occur inside a company that can be anticipated and controlled by the management. External environmental risks are the second sort of risk that comes about due to threats from outside factors. Hayur and Khalas (2020) assure the presence of various types of risks, including operational risks, informational risks from using misleading or mixed-up information in making decisions, and finally, financial risks.

2.1.4. Risk Management Procedures

Risk Identification

Risk identification is significant as it affects the next stages of the work of organizations (Petrovic 2017). Similarly, strategies ought to be developed that can simply identify risks to anticipate the opportunity of their occurrence, similarly to various strategies fit for dealing with risks once discovered (Potts and Ankrah 2008). Mhetre et al. (2016) show that we can review the risks that a company was previously exposed to, organized by its requirements, from the most dangerous to the least dangerous, which helps the company’s employees with knowing these risks and facilitating their identification.
Potts and Ankrah (2008) focused on the fact that this process is the most significant in risk management and has procedures and techniques for gathering information and making an exact database to obtain the best results. Several methodologies for identifying risks include brainstorming, holding workshops, analyzing scenarios, analyzing historical data, analyzing action plans (Klemetti 2006), and interviewing experts, which is considered the most beneficial (Steyn 2018).

Risk Evaluating (Assessment)

Saeidi et al. (2019) defined risk assessment as “permitting an entity to consider the impact and likelihood of events and analyze risk using quantitative and qualitative approaches. It examines the positive and negative effects of potential events all over the entity”. Therefore, the second stage is the primary strategy to examine for analyzing and evaluating risks. Thus, this process seeks to prioritize risks (Rovins et al. 2015). Risk evaluation is a high risk, and it should require the administration to operate effective techniques to deal effectively with these risks. Additionally, low risk should not be disregarded, whereas the amount of control should be less than for high risks (Serpell et al. 2015).
A—Qualitative analysis: It depends on the use of interviews, brainstorming, the Delphi Technique, and checklists, and here, the possibility and effect of risks can be applied negatively or positively to a company’s goals and expected outcomes (Banaitiene and Banaitis 2012). One of the qualitative methods for estimation is a “risk matrix”, as shown in Figure 1, which can be relied upon to decide the “probability of risk” (Serraino 2014), where the risks are isolated into three categories: high risk, medium risk, and low risk (Petrovic 2017).
B—Quantitative analysis is viewed as more unbiased than qualitative methods. The quantitative analysis depends on data to decide the degree of effect of each risk (low, medium, or high) and the probability of its appearance, which is why it is a significant process to decide the degree of effect of a risk on the company (Serpell et al. 2015). Petrovic (2017) argued that quantitative risk analysis methods include probability analysis, Monte Carlo simulation, sensitivity analysis, and scenario analysis.

Risk Response (Taking Measures)

It is the process of identifying the necessary procedures to decrease the adverse consequences of risks on the performance of companies and exploiting the opportunities that enhance their success. Alhassan (2016) indicated that it identifies risks through the optimal use of resources and activities in the budget. Multiple strategies can be operated to reduce the probability of risk intensity and the effects of risks. According to Petrovic (2017), there are four methods for risk response: (1) avoiding risks by effectively dealing with the reason, (2) reducing the risks by decreasing the risk cost through the utilization of emerging technology, (3) accepting the risks, and (4) dealing with risks effectively by designing an emergency scenario.
Figure 2 helps in decision making for the reaction to the likelihood and effect of the risk depending on two factors, the probability of the risk and the risk impact, and the actions could be as follows:

Risk Monitoring

In the last and most important step of risk management implementation, different subprocedures are used to keep track of found risks, keep an eye on remaining risks, and find new potential sources and their level of impact (Cooper et al. 2005; Korkmaz 2022). According to PMI (2017), risk monitoring and control is the “process of tracking identified risks, identifying and analyzing new risks, monitoring the implementation of risk response plans, and assessing the effectiveness of risk management processes throughout a project”. Chapman (2019) claimed that risk monitoring is constantly inadequately executed in building projects due to the lack of management and monitoring risks that have been determined.

2.2. Theoretical Framework

This section explores a foundational review of existing factors in the literature that serves as a roadmap for ranking relevant factors in the Jordanian context. Once the factors are ranked, we are able to draw connections, make predictions, and contextualize the research.

2.2.1. Factors Affecting “Risk Management”

Na Ranong and Phuenngam (2009) indicated a set of seven basic factors that they considered proof of their ability to influence risk management and increase the efficiency of its procedures. They characterized it with the following factors: (1) commitment and support from Upper Management; (2) communication; (3) culture; (4) information technology (IT); (5) organizational structure; (6) training; and (7) trust.
Table 1 summarizes the factors affecting risk management as described in the literature review, which led to an increase in the number of factors affecting risk management to twelve.

Factor 1: Upper Management and Board of Directors

Okello (2012) found that the commitment of Upper Management is a critical factor in managing risks and impacting the achievement of the organizational system. Important support of Upper Management includes several activities in the organization, including risk management, and as Young and Jordan (2008) proposed, “the essence of the support of Upper Management is related to efficient decision-making to manage risk and to delegate business process change”. While this support is considered essential for a successful project because it increases risk management decision making and, consequently, the success of any efforts within any company (Hasanali 2002), Upper Management details the objectives and procedures of all risk management activities and their general mission and goals (Henriksen and Uhlenfeldt 2006; Anton and Nucu 2020).
The significance and challenges of the board of directors and Upper Management’s role in establishing a risk management program to effectively secure the company’s resources were highlighted by (Lipton et al. 2011), as the company’s risk management is seen as a matter of governance and is subject to the Board of Directors’ oversight. The Board members must be persuaded that the risk management procedures are in line with the company’s strategies in order for them to take the necessary actions to raise the level of risk awareness and risk management skills in the organization in order to avoid or lessen the likelihood of risks occurring and their effects.
Boodman (1987) believes that the company’s directorate and Upper Management ought to be dynamic members in deciding and studying risk/reward tradeoffs, so that a risk management function is set up within the company’s structure with a clear delegation to manage the company’s risks.
According to BCBS (2006), the administrators of the risk management methods of Upper Management and the directorate should be convinced of their role in the company and should participate in identifying, evaluating, monitoring, and controlling risks, reducing risk, and everything else related to the risk profile.
Galorath (2006) and Hasanali (2002) emphasized that the commitment of Upper Management is vital to the degree of accomplishment of the risk management strategy at the company, as their commitment helps to embed risk management at the operational and strategic levels within the company. Beasley (1996) has demonstrated that the relationship between board characteristics and the degree of implementation of risk management in companies is positive.

Factor 2: External Audit Quality

External or traditional risks are not usually controlled by the company but depend on external and often complex dynamics. These risks include exchange rate fluctuations, forgery and fraud, and changing regulations (Giuffrida et al. 2019), which can cause unexpected cost increases (Li et al. 2020).
These types of risks can rarely be avoided but are typically mitigated, respectively, by hedging techniques, investment in cybersecurity measures, and cooperation with legal advisers and experts (Wang et al. 2020).
Similarly, according to Paape and Speklé (2011), companies that use high-quality auditors are more committed to risk management, which leads to enhanced good governance, because these companies are obliged to encourage their customers to improve their risk management procedures. While Desender (2011) and Anton and Nucu (2020) confirmed that there is a positive relationship between the quality of external audits and the degree of risk management implementation in companies.

Factor 3: Internal Audit Effectiveness

There should be strict internal control to avoid fines or the shipment of products that are not within the required standards (Jia 2020).
The Institute of Internal Auditors characterizes risk-based internal auditing as “a methodology that connects the internal audit framework within the general risk management framework of the organization, as it permits internal auditing to confirm to the directorate that the risk management program is managing risks adequately within worthy risk limits set by the Foundation “(Hayur and Khalas 2020). Beasley et al. (2006) asserted that internal auditors play an important role in giving confirmation and counseling services related to risk management in their organizations. The internal auditors’ competence increases based on their abilities, capabilities, knowledge, and goodness (Badara and Saidin 2014). Thus, it is evident that the relationship between the adequacy of internal audits and the degree of implementation of risk management in companies is positive.

Factor 4: Human Resources Efficiency and Training

Cardy and Selvarajan (2006) stated that there is currently a great interest in human resource efficiency and its role in risk management implementation, as efficient human resources play an important role in improving effective job performance, which leads to increased organizational competitiveness. Okello (2012) also sees training as a critical factor for training employees with appropriate skills to deal with risks. Since the success of any organization depends on the quality and competence of its employees, it is therefore important that it has a sufficient number of employees equipped with relevant skills in managerial positions.
Carey (2001) emphasized that the ability of employees to respond to the changing needs in the business environment is linked to the development of training courses on risks and encourages them to participate in responding to early warning systems, whereas increasing the competitiveness of the workforce in the organization enhances the chances of success, which confirms the existence of a positive relationship between the efficiency of human resources and the level of implementation of enterprise risk management.

Factor 5: Government Rules and Regulations

Okello (2012) indicated that government rules and regulations are the guiding principles that influence the formulation of risk management strategy because of the potential risks they represent to companies. Compliance with rules, regulations, and requirements for inclusion in risk management and corporate governance standards must be achieved, ensuring the maintenance of a solid and improved risk management system (Paape and Speklé 2011). Consequently, there is a positive relationship between compliance with rules and regulations and the level of implementation of risk management in companies.

Factor 6: Communication

Effective communication with members of the board of directors, management, senior management, and those concerned is critical for the risk manager’s role to be valuable and important, as stakeholders must understand the consequences that may result, as well as receive assistance in dealing with concerns and doubts, managers’ awareness of risk management decisions that affect all levels of business, creating a culture of transparency, and increasing credibility with stakeholders (-) (Doloi 2009).
Communication is an essential driver in achieving project objectives. Thus, it is hypothesized that reliable and efficient communication between members of the project team is a critical factor influencing relational partnering success (Williams and Lilley 1993).
Risk management needs to collect as much important information as possible to achieve its objectives of control and enable it to track actual performance and provide early warnings regarding potential events. (Frewer 2003)
Communication includes the flow of information from the top (Upper Management) to the bottom (employees) or vice versa and may include outside parties (Hayur and Khalas 2020). Communication helps to clearly define expectations, goals, and objectives and ensures that all company members support each other and the business strategy (Quirke 1996). The source must also be trusted, expert, honest, and unbiased for its message to contain clear, attention-grabbing, and easily interpretable content and influence decision making (Breakwell 2000; Chatterjee et al. 2020).

Factor 7: Flexibility and Adaptation in the Economic Environment

An ILO report indicated that the ability of companies to survive the economic crisis and most risks depends on several factors, such as the extent of their flexibility and adaptation to commercial operations, in addition to the existence of a business continuity plan, but only 25 percent of companies have one. As previously stated in the introduction survey, a small percentage of companies (25%) had plans to continue their work by managing and responding to risk, indicating that there is a positive relationship between the flexibility, adaptation, and existence of a business continuity plan and the level of risk management implementation in companies (ILO 2020).

Factor 8: Information Technology

As information technology has become an important factor in the presence of increasing competition, higher levels of performance, and globalization, Rolland (2008) suggests using information technology to enhance the effectiveness of risk management. Information technology tools also collect historical data, allowing the organization to learn from its mistakes and avoid making the same ones again.
Support should also be focused on accelerating the digital transformation of all enterprises, which includes technological transformation on the one hand, the integration of technology in all other areas of work on the other, and a radical change in business and organizational culture overall, which also requires government actions to assist and motivate companies to “build back better” (ILO 2020). Thus, there is a positive relationship between using information technology and accelerating digital transformation to enhance the effectiveness of risk management in companies.

Factor 9: Organizational Structure

Hasanali (2002) considers that the organizational structure is equally important because it provides understanding, direction, and support to employees. The structure provides prior researcherity to determine how employees work and provides concepts, guidelines, and support to employees (Hunter 2002). There is no ideal corporate structure, but rather successful structures that have strengths and weaknesses. Drucker (1999) asserted that there are organizations that contain more than one organizational structure that coexists side by side.

Factor 10: Trust

Trust is the key to cooperation and teamwork in an organization, and this is precisely what risk management needs. According to Grabowski and Roberts (1999), trust helps the members of the organization focus on their tasks without hindrance from doubts about the roles, responsibilities, and resources of others. Hasanali (2002) considered that trust is a key factor because risk management needs cooperation and teamwork to be successful. Earle (2010) argues that the effect of trust on risk management is greater when knowledge is little or missing, and this relationship may differ depending on whether respondents prefer or oppose management actions based on their judgments of trust. The researchers found that a final understanding of the contextual factors that influence the relationships between trust and the implementation of risk management still awaits further studies.

Factor 11: Culture

Hasanali (2002) defined culture as “a mixture of shared history, unwritten rules, and social customs that dictate behavior”. According to Grabowski and Roberts (1999), risk management requires the blending of different cultures; the organization must build a culture of reliability, so individuals must meet, interact, exchange ideas, share knowledge, and transfer it among themselves. Risk management implementation is linked to risk culture, as executives with a low-risk culture are usually not serious about weighing the benefits and harms of risk exposure, which leads to poor decision making and weak internal control (Selamat and Ibrahim 2018). Thus, it will be difficult to provide high-quality products or services without a positive risk management culture, so that customers do not ultimately lose confidence in the company as described by (Selamat and Ibrahim 2018).

Factor 12: Company’s Characteristics (Size)

According to Önder and Ergin (2012), the most important factors positively affecting the implementation of risk management are the size of the company and its financial leverage. Large firms will likely adopt enterprise risk management due to their need for a comprehensive risk management strategy (Anton and Nucu 2020). The type of industry also plays a role in increasing the use of risk management (Colquitt et al. 1999). Beasley et al. (2010) conducted a survey at North Carolina State University that shows that even though it is still relatively immature and is being developed, there is a positive relationship between the size of the company and risk management implementation.

2.2.2. List of Factors to Be Ranked

An extensive literature review was conducted to identify factors affecting risk management. The literature review was conducted using Scopus and Web of Science, which were determined to be the preliminary scholarly databases due to their comprehensive scope and faster indexing techniques. The papers were screened and filtered by title, keywords, and abstract, with “risk management”, “factors and risk”, and “factors affecting risk in industrial industries”.
To improve the superiority of the review, some acceptance and elimination criteria were formulated, and the determined papers depended on the following selection criteria: (1) the main theme of the paper was risk management, (2) it was in the industrial industry, and (3) it was written in English and published in an indexed journal. The factors of risk management were clustered into a set of twelve basic factors, as represented in Table 2, which is a list of ranked factors and their dimensions.

2.2.3. Hypothesis

The fundamental objective was to identify and rank factors affecting risk management. Additionally, we tested the following hypothesis, which relates to the comparison part of objective 3, which is to “perform a comparison of viewpoint about factor importance between the opinions of the Upper Management and Lower Management in the industrial companies in Jordan”:
H0: 
There are no significant differences in the opinions of the upper and Lower Management in the industrial companies in Jordan with regard to the importance of the factors affecting “risk management.”

3. Methodology

3.1. Research Population

This study covers 56 of the major publicly traded companies currently operating in the industrial sector in Jordan. The unit of analysis consists of Upper Management (chairman of the board of directors, chief executive officer “CEO”, senior executive vice president, and general directors), Lower Management (other departments’ managers), and risk management managers in Jordanian industrial companies. Higher-level management and stakeholders have different strategic objectives from those of the department’s managers in lower-level management. The study attempted to demonstrate that there is no conflict between the two management’s opinions on risk management implementation in industrial companies.

3.2. Research Sample

The sample was originally considered a census sample to cover the industrial companies in Jordan; therefore, the population is equal to the research sample. The list of the companies represented in Appendix B confirms this. The questionnaire was distributed to the senior managers of the selected industrial companies. The studied companies differ in their relative size, job structure, and therefore the number of their managers. It was not easy to obtain the exact number of all the managers working due to privacy issues. The researchers sent the questionnaires to all populations in the study via email and personally. The researchers received 312 questionnaires with a response rate of 62.4%. Additionally, from the 312 questionnaires received, 242 were valid and used for further analysis. Therefore, the census sample is considered a convenience sample.

3.3. Data Collection

Researchers used different sources of data to cover the need for variables for clarification on the one side and to enhance the study and give it greater reliability on the other side.
The data collection approach in this study is divided into two main categories:
(1)
Primary data sources: a questionnaire was created specifically for this study and distributed in both Arabic and English to guarantee a clear understanding of the questions.
(2)
Secondary data sources are textbooks and references; personal interviews or via email; articles; annual reports; specialized magazines; and internet sources; theories; previous research; and studies in the field, in addition to published research on the subject.
The questionnaire was used as a primary tool for data collection. The design of the questionnaire is consistent with the objectives of the study and is structured to assist the respondent in answering the research questions.
Ordinal scales were used in the questions that ask respondents to rank the factors, whereas Likert’s five-point response scale was used to measure the strength of the respondent’s opinion.
To collect the primary data, the researchers designed a closed questionnaire in which the participants include respondents from the senior managers of industrial sector companies, which represent the primary data for this study.
The design of the questionnaire is consistent with the objectives of the study, and it includes the following three sections:
A: A letter of introduction;
B: General and demographic information to shed light on the backgrounds of the companies;
C: Questions that ask respondents to rank the factors from 1 to 5.
Ordinal scales were used in this study, where Likert’s five-point response scale was also used to measure the strength of the respondent’s opinion (Sekaran and Bougie 2016).
The following table (Table 3) was used to assess and categorize the respondents’ level of agreement:

3.4. Validity and Reliability of Scales

Various approaches have been implemented to improve the validity and reliability of these research findings. The content validity of scale items was determined by sourcing questionnaire items, obtaining all references for each question, and then consulting one management Ph.D. holder to provide comments and evaluations for the questionnaires in both Arabic and English. He made the necessary adjustments to make the questionnaire as clear and simple to answer as possible. A reliability test of the factors was conducted before running exploratory factor analysis (EFA), and items of the factor loading below 0.6 were deleted. Cronbach’s alpha coefficient was conducted for all factors suggested that affect risk management and the number of items before calculating factor loading, as asserted by (Hair et al. 2014). Then, for each item in each factor of the study, a principal component analysis (PCA) with varimax rotation was performed. The loading of all items for all factors exceeded 0.60.
After conducting EFA, another reliability test of the instrument was performed to guarantee the instrument’s reliability after the removal of items with factor loadings of less than 0.6. In this study, two types of validity were analyzed: criterion validity and construct validity. In criterion validity, the Spearman coefficient and p-value are calculated between each item in one group, while in construct validity, they are calculated for each group. Because the p-value was less than 0.05, the correlation coefficient was statistically significant, indicating that the instrument is valid for measuring what it is intended to measure. Criterion validity was achieved for all factors, since the Spearman coefficient is significant for all items in the factors and the correlation coefficient is greater than 0.6 for all items in these factors (see Table in Appendix A).
This signifies that the items in the study questionnaire are highly related to one another and have a high level of internal consistency.

3.5. Data Analysis Techniques

To describe the attitude of respondents toward the factors affecting risk management, the Relative Importance Index (RII) was conducted for overall respondents. The RII was used to quantify the factors that may affect estimation accuracy. Thus, based on the RII values, the ranking of risk management factors was carried out. To calculate the RII, the following equation was used:
R I I = w A N × 100 %
where:
W is the weighting given to each factor by the respondent. Ranging from 1 (not important) and 5 (very important).
A is the highest weight (which is 5 in this study).
N is the total number of samples.
In addition to RII, the Coefficient of Variation (COV) is obtained to compare the relative variability of various responses. It represents the standard deviation as a percentage of the mean. Large COV means that evaluated bias is dispersed and unpredictable. COV was computed using the following equation from Elhag et al. (2005):
C O V = s x × 100 %
where S is the standard deviation and x is the mean.

4. Data Analysis

A questionnaire was built based on factors found in previous studies to measure the validity of the content. A factor analysis was performed to validate the instrument’s construction and determine the correlation between these factors (Hair et al. 1988). An exploratory factor analysis (EFA) was used to examine the interrelationships between factors. Accordingly, the Cronbach Alpha coefficient was measured for all factors, before and after EFA. After collecting the primary data, the data were analyzed using the Statistical Package for the Social Sciences (SPSS), version 24. The percentages and frequencies were obtained to describe the demographic profile of the sample, and the mean and standard deviation were obtained to describe the perceptions of the respondents regarding the factors affecting risk management in the industrial sector in Jordan.
In addition, the Mann–Whitney test and Kendall’s coefficient of concordance (W) were used to test the hypothesis of the study. The Mann–Whitney test was used to determine whether there is a statistically significant difference in ranking the factors affecting estimate accuracy at 0.05, while W was used to estimate the degree of agreement between upper and Lower Management opinions on the ranking of each of the tested factors and whether this agreement is statistically significant. To prioritize the risk management factors, simple ranking and the Relative Importance Index (RII) technique were used. The Relative Importance Index (RII) was calculated for each of the indicators and ranked accordingly.

4.1. Demographic Analysis

The demographic information section of the questionnaire in this study was designed to obtain the following information from respondents: Upper Management consists of the chairman of the board of directors, the chief executive officer, the senior executive vice president, and the general directors, while Lower Management consists of department managers **.
Frequencies and percentages were conducted to describe the profile information of the respondents, as shown in (Table 4).
According to Table 3, 160 of the respondents (66.12%) were upper managers, while the remaining 82 (33.88%) were lower managers. Demographic analysis revealed that a bachelor’s degree was the most frequent qualification in the sample, accounting for 50% of all qualifications. The second most frequent qualification was a master’s degree, with a frequency of 23.6%, while the least frequent qualification (others) had a frequency of 2.1%. The third part of the demographics section asked senior managers about their overall experience to determine their level of experience and how that would influence their practices.
According to the results, 61.2% of the managers questioned had more than 10 years of experience in this position, while 8.7% had worked for less than 3 years. The final part of the demographics section asked whether the company had a functionally independent risk management department, to which 55 % replied that they did not have any independent risk management department.

4.2. Descriptive Analysis

Table 5 shows that the RII values ranged between 85.28% and 77.33%. These values mean that all of these factors are considered important from the respondent’s perspective. As shown in the table, “factors related to the company’s characteristics” were ranked as the most important factor, while “factors related to the information technology” were ranked as the least important factor.
As shown in Table 5, the mean of the respondents was relatively high for all factors that affect risk management; the highest mean of respondents was for factor five (4.0592), which is related to government rules and regulations, which means most respondents agree that government rules and regulations strongly affect risk management. The lowest mean of the responses towards risk management was 3.5372, which is related to factor eight, which is related to the factor of information technology. The acceptable values of standard deviation, as asserted by Sekaran and Bougie (2016), ranged between −2 and 2; in this study, the standard deviation of all factors was acceptable because it ranged between 1.01838 and 0.82757.
In this study, the COV of all factors ranged between 25.05% for factors related to top management and the board of directors and 27.22% for factors related to company culture. The results of the COV for all factors indicated that the variations in respondents’ attitudes related to factors affecting cost estimation accuracy are relatively low. This is a good indication that there is a relatively high level of agreement among the respondents.

4.3. Hypotheses Testing

To reach the last goal of this study, which was already mentioned, one main hypothesis was presented. To test the hypothesis written below, two nonparametric tests, the Mann–Whitney test and Kendall’s coefficient of concordance (W), were conducted. The Mann–Whitney test is used here to investigate if there is a significant difference at α ≤ 0.05 in ranking the factors affecting the estimate accuracy, while W is used to estimate the degree of agreement between Upper Management and Lower Management opinions related to the ranking of each of the tested factors and if this agreement is statistically significant. The range of the value W is between 0 and 1:1 represents the perfect agreement between contractors and consultants, while 0 represents complete disagreement between upper and Lower Management.
H0: 
There are no significant differences in the opinions of the Upper Management and Lower Management in the industrial companies in Jordan, in regard to the importance of the factors affecting “risk management”.
The 12 factors achieved an RII between 84.61% and 72.28% according to Upper Management perception and an RII between 82.14% and 70.76% according to Lower Management perception. The relatively high values of RII for both upper and Lower Management indicate that these variables have a relatively high degree of influence on risk management. Table 6 shows that Mann–Whitney U = 106.5, and the p-value is 0.654, which is larger than the 0.05 significance level. The null hypothesis is therefore accepted at p > 0.05. Hence, there is no statistically significant difference between Upper Management and Lower Management regarding the factors that affected risk management. Moreover, Kendall’s Coefficient is 0.458, and the p-value is at the 0.00 < 0.05 significance level. The conclusion to be drawn here is that there is a significant and strong degree of agreement between Upper Management and Lower Management toward the factors related to risk management.
Consequently, the conclusion to draw here is that there is a significant and strong degree of agreement between top management and Lower Management toward the factors related to risk management, evidenced by Kendall’s coefficient = 0.458 and a p-value of 0.00 < 0.05 significance level.

5. Conclusions

Risks are a vital part of all projects and companies, and no company can overcome them all, regardless of its ability to plan. Therefore, risks are seen as uncertain cases, and if they occur, they may affect the objectives of the project positively or negatively (Hillson 2002; Ullah et al. 2021). Depending on Oliveira et al. (2018), risk management is defined as “a coordinated process of identifying and analyzing risks through an incorporated methodology applied to the organization so that its strategies, activities, individuals, technology, and knowledge are adjusted by evaluating and managing risks to guarantee the accomplishment of organizational objectives”.
Risk management procedures are the following: identification, evaluation, response, and monitoring of risks.
It is fundamental to approve using risk management in all stages of the work process and not to concede its implementation; therefore, it is not difficult to identify, overview, and, in this manner, conversely influence all stages of a company’s life (Albasara et al. 2018; Korkmaz 2022).
Industrial companies in Jordan are regarded as one of the most crucial areas that contribute to the national economy. The development of the industrial sector has become necessary, not a choice; this particularly stems from the changing conditions and other risks experienced by the world.
This study investigated the factors that affect risk management and ranked these factors based on the responses of the managers in the upper and Lower Management of industrial companies in Jordan. These factors are grouped according to the first research objective of this study, which was to identify factors that affect risk management by conducting a rigorous literature review. The critical factors affecting risk management are factors related to (1) flexibility and adaptation in the economic environment; (2) company characteristics; (3) external audit quality; (4) government rules and regulations; (5) top management and the board of directors; (6) organizational structure; (7) internal audit effectiveness; (8) trust; (9) human resources efficiency and training; (10) communications; (11) information technology; and (12) the company’s culture.
Many studies assert that a company’s characteristics affect risk management; this result is similar to the research conducted by Adam et al. (2016) and Alabdullah et al. (2021). Many studies’ results are similar to this recent study’s results, which prove that flexibility and adaptation in the economic environment have a positive effect on risk management, as the studies by Obrenovic et al. (2020) and Bartlett and Morse (2020) show. A lot of studies’ results are similar to this recent study’s results, which found that external audit quality affects risk management. This action implies that firms that employ auditors of high quality are more concerned and committed to risk management implementation and thereby improve good governance (Dabari and Saidin 2014). Therefore, there is a relationship between external audit effectiveness and the level of risk management implementation.
A lot of study results are similar to this recent study’s results, which prove that government rules and regulations have an effect on risk management, as shown in studies conducted by Hutter and Jones (2007) and Dang et al. (2020). The studies by Yang et al. (2018), Rothrock et al. (2018), and Shad et al. (2019) shared this study’s result, which is that top management and the board of directors have a positive impact on risk management. Many studies’ results are similar to this recent study’s results, which prove that organizational structure has an effect on risk management, as studied by Fan and Stevenson (2018) and Willumsen et al. (2019). The study by Smallman (2019) and the study by Akter (2020) share this study’s result that communications have a positive impact on risk management.
Regarding Internal audit effectiveness, the result of this study is similar to the result of the studies by Waseem-Ul-Hameed et al. (2017) and Alazzabi et al. (2020). Many studies’ results are similar to this recent study’ results, which show that trust has an effect on risk management (Boussard et al. 2019). The study by Shah et al. (2019) and the study by Lukovac et al. (2017) share this study’s result that human resources efficiency and training has a positive impact on risk management.
The result of this study is similar to the studies of Tranchard (2018) and Gamayuni (2018), which asserted that organizational culture can influence risk management in a company. These studies confirm the result of this study based on the responses of managers that information technology can affect risk management; this result comes from the study by Akatov et al. (2019) and the study by Samimi (2020).
Relating to the second research objective of this study, the ranking of the factors from the viewpoint of both upper and Lower Management in Jordanian industrial companies is listed in Table 7.
In many studies, these factors were found as factors that can influence risk management, but based on the current researchers’ knowledge, no study ranks these factors based on upper and Lower Management. This study fills this gap.
Regarding the third study objective, which is related to the differences in the opinions of upper and Lower Management about their ranking of the factors, this study’s results find that there are no differences in the opinions of upper and Lower Management about their ranking of the importance of the factors; this result is similar to the studies by Richter and Wilson (2020) and (Li et al. 2020).
The study’s findings revealed that all of the previous factors have an impact on risk management, and there is no difference in the opinions of upper and Lower Management when it comes to rating the effect of these factors on risk management and their importance.
Theoretically, it can be said that the findings of the present study extend the findings of previous studies and also contribute some new results to the body of knowledge, especially in the area of risk management. Using Jordanian industrial companies as a sample, this study aims to identify the most important risk management factors and rank them based on their importance from the perspectives of upper and Lower Management, as well as determine whether there are any differences in the responses of lower and Upper Management regarding the importance of the factors. Most previous studies found many factors that affect risk management, but there is no study that investigated all twelve factors investigated in this study and ranked them based on their importance from the viewpoint of upper and Lower Management.
The results of this study have a number of important implications for the managers and decision makers of industrial firms in Jordan. The findings generally can provide empirical research in the field of risk management related to the factors and their importance; for example, some factors that have less importance, such as organization culture and information technology, should be improved to decrease risk. Moreover, the result of the study confirms that there are no differences between upper and Lower Management in their responses to the importance of risk management. Firms can use this result in their plans and policies.

6. Research Limitations and Recommendations

This study presented some penetration into the importance of risk management and factors that can affect risk management in industrial firms in Jordan. However, the present study has numerous essential limitations, which should not demean the contribution of this research. Firstly, many difficulties were faced while conducting this research, such as difficulties in convincing companies to participate in this study, since the majority of the companies had privacy concerns or were busy most of the time. Secondly, this study employed a cross-sectional design of the data collection method, i.e., the survey method, which obtains the participant’s perceptions at a single point in time. Because of this, the current study is not suitable to prove causal relationships on a longitudinal basis, and hence, the explanation of factors influencing risk management is limited.
Thirdly, the findings may not be generalized in a broader context across cultures of other industries because the data collected from the current study were restricted to the Jordanian industrial firms’ sector. Different industries and business environments may have different factors that influence risk management, so other studies can explore their relationships in different contexts. Finally, concerning the study approach, the present study only employed a quantitative approach to defining the relationships between all factors and risk management.
Future research is suggested in the following aspects to overcome the limitations: Firstly, future research may have the advantage of recognizing longitudinal research designs to indicate a more accurate cause-and-effect relationship and widen the explanation of factors influencing risk management. Secondly, it would be desirable to test the cross-level model in other industries, cultures, or countries. As a result, it would be interesting to investigate whether the relative predictive power in this study applies to other industries or countries, as well as to compare any differences in results based on national background or cultural differences and their influences on risk management.
Thirdly, this study suggests that there should be more follow-up research emanating from this study, so that a comparison is made between the industrial companies in Jordan that contain in their functional structure a separate department for risk management and those that do not have a separate department for risk management, since, until now, there are few large companies that have independent risk management departments. Finally, future research in the field of risk management in Jordanian companies should focus on “depth” rather than “quantitative width”, as this study did.
Because this study applied quantitative methods in both its design and analysis, the collected information is limited to the responses to the questionnaire. On the other hand, a qualitative method could contribute to further insights and understanding of the problem set. Furthermore, integrating the use of both qualitative and quantitative methods, which are complementary to one another, could result in a more meaningful determination.

Author Contributions

Conceptualization, N.A.K. and R.S.; methodology, N.A.K. and R.S.; software, N.A.K. and R.S.; validation, G.S. and R.S.; formal analysis, N.A.K., R.S. and G.S.; investigation, N.A.K., R.S., G.S. and B.A.; resources, N.A.K., R.S. and B.A.; data curation, R.S. and B.A.; writing—original draft preparation, N.A.K. and R.S.; writing—review and editing, N.A.K., R.S. and B.A.; visualization, B.A.; supervision, R.S.; project administration, R.S. and G.S. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Informed consent was obtained from all subjects involved in the study.

Data Availability Statement

Not applicable.

Conflicts of Interest

The authors declare no conflict of interest.

Appendix A. Criterion Validity for all Factors

Factor ItemsCorrelation CoefficientSig
F11Openness to new ideas and initiatives from risk management team member0.745 0.000
2Establishment of risk management committees at various levels0.837 0.000
3 Clear statement of objectives to be met0.763 0.000
4Seeking employees’ opinions and ideas on strategic issues0.726 0.000
5The board of directors is informed about risks via separate risk reporting 0.767 0.000
6 Supervisions and reviews by the board of directors of the risk management system0.787 0.000
7Solo responsibility for identifying and assessing risks0.644 0.000
8Joint responsibility of both Upper Management and risk management for risks identifying and evaluating0.803 0.000
9 The independence of the members of the board of directors and their positive association with the deployment of the company’s risk management0.808 0.000
10Demonstration of high ethical standards0.676 0.000
11Strategies that are clearly communicated lead to decisions.0.735 0.000
12Subcommittee(s) responsible for oversight of risk and reporting back to the full board0.767 0.000
13Enterprise-wide risk monitoring by assigning a member of Upper Management formally0.766 0.000
14Regularly monitoring a robust set of key risk indicators tracking emerging risks0.804 0.000
F215Responsibility for risk identification and evaluation0.861 0.000
16The presence of an external auditor0.785 0.000
F317Solo responsibility for risk management in the company0.674 0.000
18Supervision and review risk management system0.822 0.000
19 Joint responsibility of both Upper Management and internal audit in an enterprise’s stage of risk management deployment0.792 0.000
20A continuous development of internal audit and review systems0.844 0.000
21Commitment to the professional standards for the practice of the profession contributes to the effective risk management of companies0.699 0.000
22Assisting in identifying risk levels, continuously assessing and responding to them0.819 0.000
23Reports are used as an essential tool in making decisions in relation to risk management0.747 0.000
24The presence of an audit committee 0.696 0.000
F425Investing in the skills of employees0.754 0.000
26Considering the interest of employees when making strategic decisions0.754 0.000
27Joint participation of both workshops and business units in an enterprise’s stage of risk management deployment0.802 0.000
28The necessary knowledge, skills, and training are possessed by employees to execute their work duties0.703 0.000
29Honesty and justice in behaving with all employees0.742 0.000
30Taking unjustifiable risks while employees are doing their work is not needed0.712 0.000
31Protection for employees who identify and inform Upper Management of risks0.767 0.000
32Ability of sharing opinion and feedback about how risks may affect coworkers’ tasks0.777 0.000
33Sharing possible risks or mistakes with Upper Management helps employees feel comfortable0.670 0.000
34Sharing expert opinions by experienced coworkers to generate insight for newcomers0.741 0.000
35Managers—of all levels—are involved in the development of risk management strategies0.708 0.000
37There is a training for educating managements in the use of risk management instruments0.735 0.000
F538Observing laws and regulations which affect management of the company0.767 0.000
39Government policies influence the formulation of risk management strategies in the company0.808 0.000
40Governance regulation is positively associated with the degree of ERM implementation0.842 0.000
F641Identifying, aggregating, and broadcasting correct information in a form and time frame that allows employees to fulfill their obligations0.724 0.000
42The quality of interaction between company’s Upper Management and employees helps us do our jobs effectively0.723 0.000
43Defined channels allow rapid, obstacle-free communication with Upper Management about potential risks and threats0.807 0.000
44The importance of risk management and risk measures are communicated to employees clearly and consistently by Upper Management0.812 0.000
46Warning signs about risks are communicated efficiently within the department 0.767 0.000
47Effective communication with Upper Management for applications exceeding risk limits0.826 0.000
48The reporting tools that are used enhance effective communication 0.793 0.000
49Efficiently communicated details to capture maximum information by related parties0.818 0.000
F750Economic changes influence development of risk management strategies0.646 0.000
51New entrants are considered in the industry when developing risk management strategies0.745 0.000
F852Decisions are usually made at the level where the best information is available0.713 0.000
53Upper Management access to qualitative reports on the implementation of risk managing is management in a suitable time0.701 0.000
54Necessary mechanisms and stimuli are used to improve risk management performance0.724 0.000
F955Organizational growth is positively associated with the degree of risk management implementation0.771 0.000
56More fully developed risk management systems for industrial sector firms0.849 0.000
57Less-developed risk management systems for public sector organizations0.785 0.000
F1058Confidence in the integrity of the risk manager0.710 0.000
59Confidence that company’s interests will be the main concern of the risk manager all the time0.793 0.000
60Confidence that employee’s interests will be protected by the risk manager all the time0.819 0.000
61Competency of risk managers and other employees0.838 0.000
62Professionalism and dedication of risk managers0.794 0.000
63Ulterior motives or hidden agendas for risk managers0.409 0.000
F1164 The way to do business in the organization is governed by a clear and consistent set of values0.803 0.000
65The company has a risk-awareness culture0.910 0.000
66Awareness sessions are conducted regularly in the company0.910 0.000
F1267Further-developed risk management deployments are more likely to be in larger firms0.892 0.000
68Organizational size is positively associated with the extent of risk management implementation0.887 0.000

Appendix B. The list of the industrial companies in Jordan

SerialCompany No.Reuters CodeCompany Name
1141002JPPCJordan Poultry Processing & Marketing
2141004JODAJordan Dairy
3141005GENMGeneral Mining
4141006AALUArab Aluminum Industry
5141009ICAGThe Industrial Commercial & Agricultural
6141011NASTNational Steel Industry
7141012DADIDar Al Dawa Development & Investment
8141014JOWMThe Jordan Worsted Mills
9141017JOPCJordan Paper & Cardboard Factories
10141018JOPHJordan Phosphate Mines
11141019JOPIThe Jordan Pipes Manufacturing
12141023APHCArab Center for Pharmaceuticals & Chemicals Industries
13141026JOICJordan Chemical Industries
14141029GENIGeneral Investment
15141038WOODJordan Wood Industries (jwico)
16141039WIRENational Cable & Wire Manufacturing
17141042JOCMJordan Cement Factories
18141043APOTArab Potash
19141052UMICUniversal Modern Industries for Edible Oil
20141055JOIRJordan Industrial Resources
21141059JNCCMiddle East Specialized Cables Company (mesc_jordan)
22141061ELZAElzay Ready Wear Manufacturing
23141065RMCCReady Mix Concrete & Construction Supplies
24141070JOSTJordan Steel
25141072AEINArab Electrical Industries
26141073MPHAMiddle East Pharmaceutical & Chemical Industries & Medical Appliances
27141074UTOBUnion Tobacco&cigarette Industries
28141086INOHComprehensive Multiple Projects
29141091NATANational Aluminium Industrial
30141094NDARNutridar
31141097MECEMiddle East Complex for Engineering, Electronics & Heavy Industries
32141098ASPMMArabian Steel Pipes Manufacturing
33141103NAPTNational Petroleum
34141130JMAGJordan Magnesia
35141141JVOIJordan Vegetable Oil Industries
36141170SLCAInternational Silica Industries
37141202SIRDAl-salhiah Investment And Real Estate Development
38141203TRAVTravertine
39141204JPHMThe Jordanian Pharmaceutical Manufacturing
40141208AQRMAl-quds Ready Mix
41141209MBEDThe Arab Pesticides & Veterinary Drugs Manufacturing
42141210HPICHayat Pharmaceutical Industries
43141213CJCCJordan Clothing
44141214ASASAssas For Concrete Products
45141215UCICUnited Cable Industries
46141216SHLENational Oil Shale
47141217IPCHIntermediate Petrochemicals Industries
48141219PHILPhiladelphia Pharmaceuticals
49141220MANSUnited Iron & Steel Manufacturing
50141222SNRASiniora Food Industries
51141223SHBASheba Metal Casting
52141224NCCONorthern Cement
53142041JOPTJordan Petroleum Refinery

References

  1. Adam, Mohamad, Mukhtaruddin Mukhtaruddin, Hasni Yusrianti, and Sulistiani Sulistiani. 2016. Company Characteristics and Enterprise Risk Management Disclosure: Empirical Study On Indonesia Listed Companies. International Journal of Applied Business and Economic Research 14: 1–18. [Google Scholar]
  2. Akatov, Nikolay, Zhanna Mingaleva, Ivana Klačková, Gulnara Galieva, and Nataliy Shaidurova. 2019. Expert technology for risk management in the implementation of QRM in a high-tech industrial enterprise. Management Systems in Production Engineering 4: 250–54. [Google Scholar] [CrossRef]
  3. Akhavan, Peyman, Mehdi Khodabandeh, Lila Rajabion, and Mohamad Reza Zahedi. 2019. Extracting and prioritizing knowledge risk components by considering the knowledge map: Case study of industrial organization. VINE Journal of Information and Knowledge Management Systems 49: 200–12. [Google Scholar] [CrossRef]
  4. Akter, Rukiya. 2020. Financial Counterparty Credit Risk Management Process of Banglalink Digital Communications Limited. Available online: http://dspace.uiu.ac.bd/handle/52243/1636 (accessed on 12 April 2023).
  5. Alabdullah, Tariq Tawfeeq Yousif, Essia Ries Ahmed, Mohammed Almashhadani, Sara Kadhim Yousif, Hasan Ahmed Almashhadani, Raghad Almashhadani, and Eskasari Putri. 2021. How Significantly Emerging Economies Benefit from Board Attributes and Risk Management in Enhancing Firm Profitability? Journal of Accounting Science 5: 104–13. [Google Scholar] [CrossRef]
  6. Alazzabi, Waled Younes E., Hasri Mustafa, and Ahmed Ibrahim Karage. 2020. Risk management, top management support, internal audit activities and fraud mitigation. Journal of Financial Crime 30: 569–82. [Google Scholar] [CrossRef]
  7. Albasara, Husam Mohammed Musaed, Bipin Kumar Singh, and Vikas Kumar Pandey. 2018. The impact of effective risk management on project success. International Journal for Technological Research in Engineering 5: 3193–6. [Google Scholar]
  8. Alhassan, Mohammad Mabruk. 2016. Exploring Project Risk Management Practices of Ghanaian Building Contractors. Kumasi: Kwame Nkrumah University of Science and Technology. [Google Scholar]
  9. Anton, Sorin Gabriel, and Anca Elena Afloarei Nucu. 2020. Enterprise Risk Management: A Literature Review and Agenda for Future Research. Journal of Risk and Financial Management 13: 281. [Google Scholar] [CrossRef]
  10. Badara, Mu’azu Saidu, and Siti Zabedah Saidin. 2014. Empirical evidence of antecedents of internal audit effectiveness from a Nigerian perspective. Middle-East Journal of Scientific Research 19: 460–69. [Google Scholar]
  11. Banaitiene, Nerija, and Audrius Banaitis. 2012. Risk management in construction projects. Risk Management-Current Issues and Challenges, 429–48. [Google Scholar] [CrossRef]
  12. Banham, Russ. 2004. Enterprising views of risk management. Journal of Accountancy 197: 65. [Google Scholar]
  13. Bartlett, Robert P., III, and Adair Morse. 2020. Small Business Survival Capabilities and Policy Effectiveness: Evidence from Oakland (No. w27629). National Bureau of Economic Research, July. Available online: https://www.nber.org/papers/w27629 (accessed on 12 April 2023). [CrossRef]
  14. Barton, Thomas L., William G. Shenkir, and Paul L. Walker. 2002. Making Enterprise Risk Management Pay Off: How Leading Companies Implement Risk Management. Upper Saddle River: Financial Times/Prentice Hall PTR. [Google Scholar]
  15. BCBS. 2006. Core Principles Methodology. Basel Committee on Telecommunication Supervision. Firm for International Settlements. Available online: https://www.bis.org/publ/bcbs130.pdf (accessed on 12 April 2023).
  16. Beasley, Mark. 1996. An empirical analysis of the relation between the board of director composition and financial statement fraud. Accounting Review 71: 443–65. [Google Scholar]
  17. Beasley, Mark, David Landsittel, and Jeff Thomson. 2010. COSO’s 2010 Report on ERM Current State of Enterprise Risk Oversight. American Institute of Certified Public Accountants (AICPA), December. Available online: https://erm.ncsu.edu/az/erm/i/chan/library/coso-erm-report-dec2010.pdf (accessed on 12 April 2023).
  18. Beasley, Mark, Richard Clune, and Dana Hermanson. 2005. Enterprise Risk Management: An Empirical Analysis of Factors Associated with the Extent of Implementation. Journal of Accounting and Public Policy 24: 521–31. [Google Scholar] [CrossRef]
  19. Beasley, Mark, Richard Clune, and Dana Hermanson. 2006. The Impact of Enterprise Risk Management on the Internal Audit Function. Journal of Foriensic Accounting 2006: 1–20. [Google Scholar]
  20. Boodman, David. 1987. Managing Business Risk. Interfaces 17: 91–96. [Google Scholar] [CrossRef]
  21. Boussard, Mathieu, Serge Papillon, Pierre Peloso, Matteo Signorini, and Erez Waisbard. 2019. STewARD: SDN and blockchain-based Trust evaluation for Automated Risk management on IoT Devices. Paper presented at the IEEE INFOCOM 2019-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Paris, France, April 29–May 2; pp. 841–46. [Google Scholar]
  22. Breakwell, Glynis. 2000. Risk communication: Fators affecting impact. British Medical Bulletin 56: 110–20. [Google Scholar] [CrossRef] [PubMed]
  23. Cardy, Robert L., and Thirumalai Thattai Selvarajan. 2006. Competencies: Alternative frameworks for competitive advantage. Business Horizons 49: 235–45. [Google Scholar] [CrossRef]
  24. Carey, Anthony. 2001. Effective risk management in financial institutions: The turnbull approach. Balance Sheet 9: 24–27. [Google Scholar] [CrossRef]
  25. Chapman, Robert James. 2019. Exploring the value of risk management for projects: Improving capability through the deployment of a maturity model. IEEE Engineering Management Review 47: 126–43. [Google Scholar] [CrossRef]
  26. Chatterjee, Ranit, Sukhreet Bajwa, Disha Dwivedi, Repaul Kanji, Moniruddin Ahammed, and Rajib Shaw. 2020. COVID-19 Risk Assessment Tool: Dual application of risk communication and risk governance. Progress in Disaster Science 7: 100109. [Google Scholar] [CrossRef]
  27. Chen, Justine, Ted Hsuan Yun Chen, Ilan Vertinsky, Lilia Yumagulova, and Chansoo Park. 2013. Public-private partnerships for the development of disaster resilient communities. Journal of Contingencies and Crisis Management 21: 130–43. [Google Scholar]
  28. Colquitt, L. Lee, Robert E. Hoyt, and Ryan B. Lee. 1999. Integrated Risk Management and the Role of the Risk Manager. Risk Management & Insurance Review 2: 43–61. [Google Scholar]
  29. Committee of Sponsoring Organizations (COSO). 2004. Enterprise “Risk Management”—Integrated Framework. New York: COSO. [Google Scholar]
  30. Cooper, Dale, Stephen Grey, Geoffrey Raymond, and Phil Walker. 2005. Project Risk Management Guidelines: Managing Risk in Large Projects and Complex Procurements, 1st ed. Chichester: John Wiley & Sons Ltd. ISBN 978-0470022818. [Google Scholar]
  31. Dabari, Ishaya John, and Siti Zabedah Saidin. 2014. A Theoretical Framework on the Level of Risk Management Implementation in the Nigerian Banking Sector: The Moderating Effect of Upper management Support. Procedia—Social and Behavioral Sciences 164: 627–34. [Google Scholar] [CrossRef]
  32. Dang, Quyen Thao, Pavlina Jasovska, and Hussain Gulzar Rammal. 2020. International business-government relations: The risk management strategies of MNEs in emerging economies. Journal of World Business 55: 101042. [Google Scholar] [CrossRef]
  33. Desender, Kurt. 2011. On the determinants of enterprise risk management implementation. In Enterprise IT Governance, Business Value and Performance Measurement. Hershey: IGI Global, pp. 87–100. [Google Scholar] [CrossRef]
  34. Doloi, Hemanta. 2009. Relational partnerships: The importance of communication, trust and confidence and joint risk management in achieving project success. Construction Management and Economics 27: 1099–109. [Google Scholar] [CrossRef]
  35. Drucker, Peter F. 1999. Knowledge-Worker Productivity: The Biggest Challenge. California Management Review 41: 79–94. [Google Scholar] [CrossRef]
  36. Earle, Timothy C. 2010. Trust in risk management: A model—Based review of empirical research. Risk Analysis: An International Journal 30: 541–74. [Google Scholar] [CrossRef] [PubMed]
  37. Elhag, Taha, Halim Boussabaine, and Tabarak Ballal. 2005. Critical determinants of construction tendering costs: Quantity surveyors’ standpoint. International Journal of Project Management 23: 538–45. Available online: https://www.sciencedirect.com/science/article/pii/S0263786305000529 (accessed on 12 April 2023). [CrossRef]
  38. Fan, Yiyi, and Mark Stevenson. 2018. A review of supply chain risk management: Definition, theory, and research agenda. International Journal of Physical Distribution & Logistics Management 48: 205–30. [Google Scholar]
  39. Fitriana, Shifana, and Ratna Wardhani. 2020. The effect of enterprise risk management and sustainability reporting quality on performance: Evidence from Southeast Asia countries. International Journal of Economic Policy in Emerging Economies 13: 344–55. [Google Scholar]
  40. Frewer, Lynn. 2003. 40 The public and effective risk communication. Toxicology Letters 144: s13–s14. [Google Scholar] [CrossRef]
  41. Galorath, Daniel. 2006. Risk Management Success Factors. PM World Today 8: 4. [Google Scholar]
  42. Gamayuni, Rindu Rika. 2018. Factors affecting internal audit function effectivity (internal auditor competence and objectivity, management support and organization culture) at local government. International Journal of Monetary Economics and Finance 11: 179–91. [Google Scholar] [CrossRef]
  43. Gates, Stephen, and Ellen Hexter. 2005. From Risk Management to Risk Strategy. New York: Conference Board. ISBN 0823708470/9780823708475. [Google Scholar]
  44. Gentzoglanis, Anastassios. 2010. Risk and regulatory reforms in the securities industry: A need for a paradigm shift? International Journal of Financial Markets and Derivatives 1: 452. [Google Scholar] [CrossRef]
  45. Giuffrida, Maria, Riccardo Mangiaracina, Alessandro Perego, and Angela Tumino. 2019. Cross-border B2C e-commerce to China: An evaluation of different logistics solutions under uncertainty. International Journal of Physical Distribution and Logistics Management 50: 355–78. [Google Scholar] [CrossRef]
  46. Grabowski, Martha, and Karlene H. Roberts. 1999. Risk mitigation in virtual organisations. Organisational Science 10: 704–22. [Google Scholar] [CrossRef]
  47. Hair, Joe, Marko Sarstedt, Lucas Hopkins, and Volker Kuppelwieser. 2014. Partial least squares structural equation modeling (PLS-SEM): An emerging tool in business research. European Business Review 26: 106–21. [Google Scholar] [CrossRef]
  48. Hair, Joseph, Rolph Anderson, Ronald Tatham, and William Black. 1988. Multivariate Data Analysis with Readings. The Statistician 37: 484. [Google Scholar] [CrossRef]
  49. Hasanali, Farida. 2002. Critical Success Factors of Knowledge Management. Available online: http://www.providersedge.com/docs/km_articles/Critical_Success_Factors_of_KM.pdf (accessed on 29 March 2009).
  50. Hayur, Nourhan, and Asmaa Khalas. 2020. The Role of Internal Audit in Helping to Manage Risks. Doctoral dissertation, Abdelhafid Boussouf University Center Mila, Hayur & Khalas, Mila, Algeria. [Google Scholar]
  51. Henriksen, Per, and Thomas Uhlenfeldt. 2006. Contemporary Enterprise-Wide Risk Management Frameworks: A Comparative Analysis in a Strategic Perspective, 1st ed. Edited by Torben Juul Andersen. Copenhagen Business School Press Printed in Denmark. Odder: Narayana Press. ISBN 87-630-0183-7. [Google Scholar]
  52. Hillson, David. 2002. Extending the risk process to manage opportunities. International Journal of Project Management 20: 235–40. [Google Scholar] [CrossRef]
  53. Hunter, Judy. 2002. Improving organizational performance through the use of effective elements of organizational structure. International Journal of Health Care Quality Assurance Incorporating Leadership in Health Services 15: xii–xxi. [Google Scholar] [CrossRef]
  54. Hutter, Bridget M., and Clive J. Jones. 2007. From government to governance: External influences on business risk management. Regulation & Governance 1: 27–45. [Google Scholar]
  55. ILO. 2020. COVID-19 Causes Devastating Losses in Working Hours and Employment. Available online: https://www.ilo.org/global/about-the-ilo/newsroom/news/WCMS_740893/lang–en/index.htm (accessed on 8 June 2020).
  56. Jia, Liu. 2020. Research on the cost control of cross-border e-commerce overseas warehouse from the perspective of big data technology and storage theory model. Paper presented at the Asia-Pacific Conference on Image Processing, Electronics and Computers (IPEC), Dalian, China, April 14–16; pp. 423–27. [Google Scholar]
  57. Jordan Investment Commission. 2018. Industry -Sector Profile, Fifth Circle: Musa Bin Nusir Street, Amman, Jordan. Available online: https://www.jic.gov.jo/wp-content/uploads/2018/07/Sector-Profile-Industry-Final-Mar-2018-JIC-1.pdf (accessed on 12 April 2023).
  58. Klemetti, Anna. 2006. Risk Management in Construction Project Networks (Report 2006/2). Helsinki: Laboratory of Industrial Management, Helsinki University of Technology. [Google Scholar]
  59. Korkmaz, Oya. 2022. Sustainability Risk Management: A Survey of the Literature. In Insurance and Risk Management for Disruptions in Social, Economic and Environmental Systems: Decision and Control Allocations within New Domains of Risk. Bingley: Emerald Publishing Limited, pp. 207–32. [Google Scholar] [CrossRef]
  60. Lam, James. 2001. The CRO is here to stay. Risk Management 48: 16. [Google Scholar]
  61. Larson, Erik, and Clifford Gray. 2011. Project Management: The Managerial Process, 5th ed. New York: The McGraw-Hill-Irwin. [Google Scholar]
  62. Levine, Jeffrey, and John Miller. 2022. Legal and Risk Management Considerations and Implications of Carelessly Drafted Game Contracts: Avoiding a Legal Hurricane. Journal of Legal Aspects of Sport 32: 95–120. [Google Scholar] [CrossRef] [PubMed]
  63. Li, Qun, Xuhua Guan, Peng Wu, Xiaoye Wang, Lei Zhou, Yeqing Tong, Ruiqi Ren, Kathy S.M. Leung, Eric H.Y. Lau, Jessica Y. Wong, and et al. 2020. Early Transmission Dynamics in Wuhan, China, of Novel Coronavirus–Infected Pneumonia. New England Journal of Medicine 382: 1199–207. [Google Scholar] [CrossRef] [PubMed]
  64. Lipton, Martin, Daniel A. Neff, Andrew R. Brownstein, Steven A. Rosenblum, Adam O. Emmerich, and Sebastian L. Fain. 2011. Risk management and the board of directors. Bank and Corporate Governance Law Reporter 45: 793–99. [Google Scholar]
  65. Lukovac, Vesko, Dragan Pamučar, Milena Popović, and Boban Đorović. 2017. Portfolio model for analyzing human resources: An approach based on neuro-fuzzy modeling and the simulated annealing algorithm. Expert Systems with Applications 90: 318–31. [Google Scholar] [CrossRef]
  66. Mhetre, Krantikumar, Konnur Amarsinh, and Landage Amarsinh. 2016. Risk Management in Construction Industry. International Journal of Engineering Research 5: 153–5. [Google Scholar]
  67. Na Ranong, Prapawadee, and Wariya Phuenngam. 2009. Critical Success Factors for Effective Risk Management Procedures in Financial Industries. A Study from the Perspectives of the Financial Institutions in Thailand. Umeå: Umeå University. [Google Scholar]
  68. Nocco, Brian W., and René M. Stulz. 2006. Enterprise Risk Management: Theory and Practice. Journal of Applied Corporate Finance 18: 1–8. Available online: https://u.osu.edu/stulz.1/files/2017/01/184_nocco-u7sc9u.pdf (accessed on 12 April 2023). [CrossRef]
  69. NSW Department of State and Regional Development. 2005. Risk Management Guide for Small Business. Global Risk Alliance on the instruction of the New South Wales Department of State and Regional Development, NSW Department of State and Regional Development. Available online: www.smallbiz.nsw.gov.au (accessed on 29 March 2021).
  70. Obrenovic, Bojan, Jianguo Du, Danijela Godinic, Diana Tsoy, Muhammad Aamir Shafique Khan, and Ilimdorjon Jakhongirov. 2020. Sustaining enterprise operations and productivity during the COVID-19 pandemic: “Enterprise Effectiveness and Sustainability Model”. Sustainability 12: 5981. [Google Scholar] [CrossRef]
  71. Okello, Veronica A. 2012. Factors influencing the development of risk management strategies by Safaricom Limited. D61/71219/2008. Doctoral dissertation, University of Nairobi, Nairobi, Kenya. [Google Scholar]
  72. Oliveira, Kyllbert, Mirian Méxas, Marcelo Meirino, and Geisa Drumond. 2018. Critical success factors associated with the implementation of enterprise “Risk Management”. Journal of Risk Research 22: 1–16. [Google Scholar] [CrossRef]
  73. Önder, Şerife, and Hüseyin Ergin. 2012. Determiners of enterprise risk management applications in Turkey: An empirical study with a logistic regression model of the companies included in ISE (Istanbul Stock Exchange). Business & Economic Horizons 7: 19–26. [Google Scholar]
  74. Paape, Leen, and Roland F. Speklé. 2011. The design and adoption of enterprise risk management practices: An empirical study. European Accounting Review 21: 533–64. [Google Scholar]
  75. Petrovic, Dario. 2017. Risk Management in Construction Projects: A Knowledge Management Perspective from Swedish Contractors. Available online: https://www.semanticscholar.org/paper/Risk-Management-in-Construction-Projects-%3A-A-from-Petrovi%C4%87/9ab4b371fc9a41a0b3bb6568bcfeeb0008cbdd20 (accessed on 12 April 2023).
  76. PMI. 2017. A Guide to Project Management Book of Knowledge (PMBOK Guide), 6th ed. Agile Guide. Newtown Square: PMI. [Google Scholar]
  77. Potts, Keith, and Nii Ankrah. 2008. Construction Cost Management: Leaning from Case Studies. London and New York: Taylor & Francis Group. ISBN 978-0-203-75294-4(EBK). [Google Scholar]
  78. PWC (Pricewaterhousecoopers). 2004. 7th Annual Global CEO Survey Managing Risk: An Assessment of CEO Preparedness. New York: PWC. [Google Scholar]
  79. Quirke, Bill. 1996. Putting communication on management’s Agenda. Journal of Communication Management 1: 67–79. [Google Scholar] [CrossRef]
  80. Rehman, Amin Ur, and Muhammad Anwar. 2019. Mediating role of enterprise risk management practices between business strategy and SME performance. Small Enterprise Research 26: 1–21. [Google Scholar] [CrossRef]
  81. Richter, Andreas, and Thomas Wilson. 2020. COVID-19: Implications for insurer risk management and the insurability of pandemic risk. The Geneva Risk and Insurance Review 45: 171–99. [Google Scholar] [CrossRef] [PubMed]
  82. Rolland, Holly. 2008. Using IT to drive effective risk management. Risk Management 55: 43. Available online: www.rmmag.com (accessed on 30 March 2009).
  83. Rothrock, Ray A., James Kaplan, and Friso Van Der Oord. 2018. The board’s role in managing cybersecurity risks. MIT Sloan Management Review 59: 12–15. [Google Scholar]
  84. Rovins, Jane E., Tom M. Wilson, Josh Hayes, and Steven J. Jensen. 2015. Risk Assessment Handbook. (GNS Science Miscellaneous Series; No. 84). GNS Science. Available online: https://www.research.ed.ac.uk/en/publications/risk-assessment-handbook (accessed on 12 April 2023).
  85. Saeidi, Parvaneh, Sayyedeh Parisa Saeidi, Saudah Sofian, Sayedeh Parastoo Saeidi, Mehrbakhsh Nilashi, and Abbas Mardani. 2019. The impact of enterprise risk management on competitive advantage by moderating role of information technology. Computer standards & interfaces 63: 67–82. [Google Scholar]
  86. Samimi, Amir. 2020. Risk Management in Information Technology. Progress in Chemical and Biochemical Research 3: 130–34. [Google Scholar] [CrossRef]
  87. Sekaran, Uma, and Roger Bougie. 2016. Research Methods for Business: A Skill-Building Approach, 7th ed. New York: John Wiley & Sons. ISBN 9781119165552(pbk)/9781119266846(ebk). [Google Scholar]
  88. Selamat, Mohamad Hisyam, and Othman Ibrahim. 2018. The Moderating Effect of Risk Culture in Relationship between Leadership and Enterprise Risk Management Implementation in Malaysia. Business Management and Strategy 9: 244. [Google Scholar] [CrossRef]
  89. Serpell, Alfredo, Ximena Ferrada, Larissa Rubio, and Sergio Arauzo. 2015. Evaluating Risk Management Practices in Construction Organizations. Procedia—Social and Behavioral Sciences 194: 201–10. [Google Scholar] [CrossRef]
  90. Serraino, Andrea. 2014. Introduction to Risk Assessment Terminology. Italian Journal of Food Safety 3. [Google Scholar] [CrossRef]
  91. Shad, Muhammad Kashif, Fong-Woon Lai, Chuah Lai Fatt, Jiří Jaromír Klemeš, and Awais Bokhari. 2019. Integrating sustainability reporting into enterprise risk management and its relationship with business performance: A conceptual framework. Journal of Cleaner Production 208: 415–25. [Google Scholar] [CrossRef]
  92. Shah, Ashfaq Ahmad, Rajib Shaw, Jingzhong Ye, Muhammad Abid, Syed Muhammad Amir, A.K.M. Kanak Pervez, and Shaista Naz. 2019. Current capacities, preparedness and needs of local institutions in dealing with disaster risk reduction in Khyber Pakhtunkhwa, Pakistan. International Journal of Disaster Risk Reduction 34: 165–72. [Google Scholar] [CrossRef]
  93. Smallman, Clive. 2019. Culture and communications: Countering conspiracies in organisational risk management. In Risk Management. Oxfordshire: Routledge, pp. 159–67. [Google Scholar]
  94. Steyn, Jurie. 2018. Introduction to Project Risk Management: Part 1-Planning for project risk management. Available online: https://www.researchgate.net/publication/327981091_Introduction_to_Project_Risk_Management_Part_1-Planning_for_project_risk_management (accessed on 12 April 2023).
  95. Thaheem, Muhammad Jamaluddin, Alberto De Marco, and Nur Atakul. 2014. Risk management for sustainable restoration of immovable cultural heritage, part 1: PRM framework. Journal of Cultural Heritage Management and Sustainable Development 4: 149–65. [Google Scholar] [CrossRef]
  96. Tranchard, Sandrine. 2018. Risk management: The new ISO 31000 keeps risk management simple. Governance Directions 70: 180–82. [Google Scholar]
  97. Ullah, Fahim, Siddra Qayyum, Muhammad Jamaluddin Thaheem, Fadi Al-Turjman, and Samad M. E. Sepasgozar. 2021. Risk management in sustainable smart cities governance: A TOE framework. Technological Forecasting and Social Change 167: 120743. [Google Scholar] [CrossRef]
  98. Wang, Ying, Fu Jia, Tobias Schoenherr, Yu Gong, and Lujie Chen. 2020. Cross-border e-commerce firms as supply chain integrators: The management of three flows. Industrial Marketing Management 89: 72–88. [Google Scholar] [CrossRef]
  99. Waseem-Ul-Hameed, Faiza Hashmi, Mohsin Ali, and Muhammad Arif. 2017. Enterprise risk management (ERM) system: Implementation problem and role of audit effectiveness in Malaysian firms. Asian Journal of Multidisciplinary Studies 5: 34–39. [Google Scholar]
  100. Williams, Rebecca, and Mike Lilley. 1993. Partner selection for joint-venture agreements. International Journal of Project Management 11: 233–7. [Google Scholar] [CrossRef]
  101. Willumsen, Pelle, Josef Oehmen, Verena Stingl, and Joana Geraldi. 2019. Value creation through project risk management. International Journal of Project Management 37: 731–49. [Google Scholar] [CrossRef]
  102. Yakob, Rubayah, Mohd Hafizuddin-Syah Bangaan Abdullah, Sajiah Yakob, Nooraida Yakob, Nurul Hidayah Md. Razali, and Hairolanuar Mohamad. 2022. Analysis of enterprise risk management practices in Malaysian waqf institutions. International Journal of Islamic and Middle Eastern Finance and Management 15: 569–85. [Google Scholar] [CrossRef]
  103. Yang, Songling, Muhammad Ishtiaq, and Muhammad Anwar. 2018. Enterprise risk management practices and firm performance, the mediating role of competitive advantage and the moderating role of financial literacy. Journal of Risk and Financial Management 11: 35. [Google Scholar]
  104. Young, Raymond, and Ernest Jordan. 2008. Upper management support: Mantra or necessity? International Journal of Project Management 26: 713–25. Available online: http://www.pmforum.org (accessed on 10 January 2012). [CrossRef]
Figure 1. Risk matrix.
Figure 1. Risk matrix.
Admsci 13 00132 g001
Figure 2. Choosing risk responses from types of risk control action.
Figure 2. Choosing risk responses from types of risk control action.
Admsci 13 00132 g002
Table 1. List of factors affecting risk management.
Table 1. List of factors affecting risk management.
Factors Affecting Risk Management
1. Factors related to Upper Management and Board of Directors
2. Factors related to External Audit Quality
3. Factors related to Internal Audit Effectiveness
4. Factors related to Human Resources Efficiency and Training
5. Factors related to Government Rules and Regulations
6. Factors related to Communication
7. Factors related to Flexibility and Adaptation in the Economic Environment
8. Factors related to Information Technology
9. Factors related to Organizational Structure
10. Factors related to Trust
11. Factors related to Culture
12. Factors related to Company Characteristics (size)
Table 2. List of factors to be ranked and their dimensions from the previous literature review.
Table 2. List of factors to be ranked and their dimensions from the previous literature review.
Comparisons between the Researchers’ Proposed Factors and the Other Studies
Researcher(s)Topic Dealt with
Commitment and Support from Upper Management and Board of Directors
Okello (2012)Senior management commitment is a key factor in managing risks
Daniel Galorath (2006)Upper Management commitment helps to embed risk management at the operational and strategic levels
Hasanali (2002)-Leadership
-Successful mitigation or bearing of risk is contingent upon commitment and support from Upper Management
Henriksen and Uhlenfeldt (2006)Upper Management formulates and decides objectives and strategies for organizational risk management activities, mission, and overall objectives
Young and Jordan (2008)Suggest “the essence of Upper Management support related to effective decision-making to manage risk and to researcherize business process change”
Barton et al. (2002)The Board of Directors should create a risk management program to protect assets
Gentzoglanis (2010)Increase the measures taken, such as hedging the risks, depending on the point of view of senior management and level of confidence
External audit quality
Paape and Speklé (2011)Firms that hire high-quality auditors are more committed to risk management
Beasley et al. (2005)The involvement of auditors has a great impact on the implementation of risk management.
Desender (2011) There is a positive relationship between the quality of external audits and the level of implementation of risk management
Internal audit effectiveness
Hayur and Khalas (2020)A methodology allows internal auditing to provide assurance to the board of directors that the risk management program is managing risks effectively
Beasley et al. (2006)Internal auditors play an important role in providing assurance and consulting services related to risk management
Human resources efficiency and Training
(Cardy and Selvarajan 2006)A great interest currently in human resource efficiency and its role in implementing risk management
(Badara and Saidin 2014)There is a positive relationship between the efficiency of human resources and the level of implementation of enterprise risk management
Okello (2012)Training is a critical factor for training employees with appropriate skills to deal with risks
NSW Department of State and Regional Development (2005)Training staff appropriately
Government rules and regulations
Okello (2012)Any change in government rules and regulations can be dangerous to business
(PWC 2004)Cooperation between corporate governance, risk management, and compliance is essential
(Paape and Speklé 2011)Compliance with rules and regulations in risk management and corporate governance must be achieved
Communication
Grabowski and Roberts (1999)Communication
Carey (2001)Verifying your judgments
Quirke (1996)Good communication helps employees to receive and deliver the correct message from risk management
Breakwell (2000)-Communication in risk management depends on the characteristics of the audience and the source of the message and its content
-The source must be trusted in order for the risk management message to be effective
(Hayur and Khalas 2020)Risk management collects information to achieve its objectives of control and provide early warnings
Economic environment
Na Ranong and Phuenngam (2009) Focusing on the strategies in place within the economic environment
(ILO 2020)The ability of companies to survive the economic crisis and most risks depends on flexibility and adaptation to commercial operations
Information Technology
Farida Hasanali (2002)Information technology infrastructure
Organizational Structure
Farida Hasanali (2002)-Structure, roles, and responsibilities
- Organizational structure is equally important because it provides direction and support to employees
NSW Department of State and Regional Development (2005)Setting clear objectives and guidelines for risk management
Hunter (2002)The structure provides prior researcherity to determine how employees work
Trust
Grabowski and Roberts (1999)Trust makes the members of the organization focus on their tasks without doubts
Hasanali (2002)Risk management needs trust in order to cooperate, have teamwork, and to be successful
(Earle 2010)The effect of trust on risk management is greater when knowledge is little or missing
Culture
Grabowski and Roberts (1999)Organizational culture
(Selamat and Ibrahim 2018)The implementation of risk management is linked to a risk culture
(Nocco and Stulz 2006)Three factors associated with ERM are usually grouped under the leadership construct
Farida Hasanali (2002)Culture
Company Characteristics (size)
Önder and Ergin (2012)The most important factors positively affecting the implementation of risk management are the size of the company and its financial leverage
Colquitt et al. (1999)Large firms will likely adopt enterprise risk management due to their need for a comprehensive risk management strategy
Beasley et al. (2010)There is a positive relationship between the size of the company and risk management implementation
Table 3. Level of agreement about items according to mean value.
Table 3. Level of agreement about items according to mean value.
Mean Values1–1.801.81–2.62.61–3.43.41–4.24.21–5.00
Agreement LevelVery lowLowModerateHighVery High
Table 4. Profile of the respondents.
Table 4. Profile of the respondents.
Respondents’ InformationFrequency%
Job Position
Upper Management 16066%
Lower Management 8233%
Total242
Qualifications
Technical/Vocational Certificate104%
Diploma167%
Bachelor’s degree12150%
Master’s degree5724%
PhD3313%
Others52%
Total242
Years of Experience
Less than 3 years219%
less than 5 years125%
5 to 10 years6125%
10 years and more14861%
Total242
Is there a functionally independent department for risk management
Yes10945%
No13355%
Total242
Table 5. Descriptive Analysis of Factors affecting Risk Management.
Table 5. Descriptive Analysis of Factors affecting Risk Management.
FactorMeanStandard DeviationCOVRIIOverall
Rank
1Factors related to Top Management and Board of Directors3.84150.9622125.05%77.93%5
2Factors related to External Audit Quality3.93391.0183825.89%82.97%3
3Factors related to Internal Audit Effectiveness3.83920.8679122.61%75.86%8
4Factors related to Human Resources Efficiency and Training3.83920.8679122.61%75.37%10
5Factors related to Government Rules and Regulations4.05920.8980722.12%81.48%4
6Factors related to Communications 3.84890.8706022.62%76.11%7
7Factors related to Flexibility and Adaptation in the Economic Environment3.98970.9272823.24%83.80%2
8Factors related to the Information Technology3.53720.8275723.40%70.33%12
9Factors related to the Organizational Structure 3.89810.9313423.89%77.68%6
10Factors related to Trust 3.72730.8881723.83%75.53%9
11Factors related toCompany culture 3.73971.0179127.22%75.28%11
12Factors related to the Company’s Characteristics4.01110.9854223.92%85.28%1
Table 6. The Results for the study Hypothesis.
Table 6. The Results for the study Hypothesis.
FactorsUpper ManagementLower Management
RIIRankRIIRank
Factors related to Top management and Board of Directors80.93%579.22%6
Factors related to External Audit Quality83.97%381.16%2
Factors related to Internal Audit Effectiveness76.25%774.98%10
Factors related to Human Resources Efficiency and Training74.22%975.89%9
Factors related to Government Rules and Regulations83.48%480.54%4
Factors related to Communications 74.11%1077.44%7
Factors related to Flexibility and Adaptation in the Economic Environment84.61%180.17%5
Factors related to the Information Technology 72.33%1170.76%12
Factors related to the Organizational Structure 78.68%680.79%3
Factors related to Trust 74.54%876.87%8
Factors related to the Company Culture 72.28%1273.53%11
Factors related to the Company’s Characteristics 84.28%282.14%1
Mann–Whitney106.5
Sig0.654
Kendall’s Coefficient0.458
Sig0.000
Table 7. The rank of factors for Upper Management and Lower Management.
Table 7. The rank of factors for Upper Management and Lower Management.
For Upper ManagementFor Lower Management
1—Factors related to Flexibility and adaptation in the economic environment1—Factors related to Company’s Characteristics
2—Factors related to Company’s Characteristics 2—Factors related to External Audit Quality
3—Factors related to External Audit Quality3—Factors related to Organizational Structure
4—Factors related to Government Rules and Regulations4—Factors related to Government Rules and Regulations
5—Factors related to Top Management and Board of Directors5—Factors related to Flexibility and Adaptation in the Economic Environment
6—Factors related to Organizational Structure 6—Factors related to Top Management and Board of Directors
7—Factors related to Internal Audit Effectiveness7—Factors related to Communications
8—Factors related to Trust 8—Factors related to Trust
9—Factors related to Human Resources Efficiency and Training9—Factors related to Human Resources Efficiency and Training
10—Factors related to Communications 10—Factors related to Internal Audit Effectiveness
11—Factors related to Information Technology 11—Factors related to the Company’s Culture
12—Factors related to the Company’s Culture12—Factors related to Information Technology
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Abu Kwaik, N.; Sweis, R.; Allan, B.; Sweis, G. Factors Affecting Risk Management in Industrial Companies in Jordan. Adm. Sci. 2023, 13, 132. https://doi.org/10.3390/admsci13050132

AMA Style

Abu Kwaik N, Sweis R, Allan B, Sweis G. Factors Affecting Risk Management in Industrial Companies in Jordan. Administrative Sciences. 2023; 13(5):132. https://doi.org/10.3390/admsci13050132

Chicago/Turabian Style

Abu Kwaik, Nadia, Rateb Sweis, Baraa Allan, and Ghaleb Sweis. 2023. "Factors Affecting Risk Management in Industrial Companies in Jordan" Administrative Sciences 13, no. 5: 132. https://doi.org/10.3390/admsci13050132

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop