Enterprise Risk Management Measurement: Insights from an Interdisciplinary Literature Review

  • Arthur Linke
  • Cristina FlorioEmail author
Conference paper
Part of the Springer Proceedings in Business and Economics book series (SPBE)


Enterprise Risk Management (ERM) represents a paradigm envisioned to provide an organization both resilience and opportunity in the face of uncertainty. The debate around ERM’s value contribution to the organization has led to key ERM research questions arising, highlighting the need for further investigation of empirical measurement of ERM and its implementation. Calls from several scholars specifically request extending the academic body of knowledge on ERM measurement. Motivated by the above calls, this study presents the findings of a systematic review of the ERM literature. The review examines the academic discipline of journals existing ERM studies are published in, these journals’ H-indices, the location of the studies, and the methodology of how ERM is measured in the studies. The review establishes that the ERM literature cuts across several academic research disciplines such as accounting, finance and strategy. Moreover, the extant literature underscores that it is very difficult to quantify and measure ERM in practice within organizations. Consequential to this, most empirical studies of ERM have emphasized either a qualitative approach focusing in depth on specific organizations, or a quantitative approach relying on accessible, basic secondary data available in company reports. A gap in knowledge is presented around extending ERM measurement, in particular in terms of methodologies based on primary data collection and analysis. This paper concludes that further development of empirical measurement scales based on primary data, whereby direct, first-hand input from members of organizations implementing ERM is collected, will augment the ERM body of knowledge. Such scales will allow for important aspects of ERM as it is implemented in the organization to be empirically measured.


Enterprise risk management Empirical measurement Literature review Qualitative research Quantitative research Primary data 


  1. Aebi, V., Sabato, G., Schmid, M.: Risk management, corporate governance, and bank performance in the financial crisis. J. Bank. Finance 36(12), 3213–3226 (2012)CrossRefGoogle Scholar
  2. Altuntas, M., Berry-Stölzle, T.R., Hoyt, R.E.: Implementation of enterprise risk management: evidence from the German property-liability insurance industry. Geneva Pap. Risk Insur. Issues Pract. 36(3), 414–439 (2011)CrossRefGoogle Scholar
  3. Andersen, T.J.: The performance relationship of effective risk management: exploring the firm-specific investment rationale. Long Range Plan. 41, 155–176 (2008)CrossRefGoogle Scholar
  4. Arena, M., Arnaboldi, M., Azzone, G.: The organizational dynamics of enterprise risk management. Acc. Organ. Soc. 35(7), 659–675 (2010)CrossRefGoogle Scholar
  5. Arena, M., Arnaboldi, M., Azzone, G.: Is enterprise risk management real? J. Risk Res. 14(7), 779–797 (2011)CrossRefGoogle Scholar
  6. Baxter, R., Bedard, J.C., Hoitash, R., Yezegel, A.: Enterprise risk management program quality: determinants, value relevance, and the financial crisis. Contemp. Acc. Res. 30(4), 1264–1295 (2013)CrossRefGoogle Scholar
  7. Beasley, M.S., Clune, R., Hermanson, D.R.: Enterprise risk management: an empirical analysis of factors associated with the extent of implementation. J. Acc. Public Policy 24(6), 521–531 (2005)CrossRefGoogle Scholar
  8. Beasley, M., Pagach, D., Warr, D.: Information conveyed in hiring announcements of senior executives overseeing enterprise-wide risk management processes. J. Acc. Auditing Finance 23(3), 311–332 (2008)CrossRefGoogle Scholar
  9. Bromiley, P., McShane, M., Nair, A., Rustambekov, E.: Enterprise risk management: review, critique, and research directions. Long Range Plan. 48(4), 265–276 (2015)CrossRefGoogle Scholar
  10. Churchill Jr., G.A.: A paradigm for developing better measures of marketing constructs. J. Mark. Res. 16(1), 64–73 (1979)CrossRefGoogle Scholar
  11. COSO: Enterprise risk management (2004). Available on the internet at Last accessed 18 Sept 2017
  12. COSO: Enterprise Risk Management—Integrating with Strategy and Performance (2017). Available on the internet at Last accessed 21 June 2018
  13. Dickinson, G.: Enterprise risk management: its origins and conceptual foundation. Geneva Pap. Risk Insur. Issues Pract. 26(3), 360–366 (2001)CrossRefGoogle Scholar
  14. Drucker, P.F.: Long-range planning: challenge to management science management science, vol. 5, no. 3, pp. 238–249 (1959), April 1959Google Scholar
  15. Eckles, D.L., Hoyt, R.E., Miller, S.M.: The impact of enterprise risk management on the marginal cost of reducing risk: evidence from the insurance industry. J. Bank. Finance 43, 247–261 (2014)CrossRefGoogle Scholar
  16. Florio, C., Leoni, G.: Enterprise risk management and firm performance: the Italian case. Br. Acc. Rev. 49(1), 56–74 (2017)CrossRefGoogle Scholar
  17. Fraser, J., Simkins, B.: Enterprise risk management: today’s leading research and best practices for tomorrow’s executives, vol. 3. Wiley, Hoboken (2010)Google Scholar
  18. Gates, S., Nicolas, J.-L., Walker, P.L.: Enterprise risk management: a process for enhanced management and improved performance. Manage. Acc. Q. 13(3), 28–38 (2012)Google Scholar
  19. Gordon, L.A., Loeb, M.P., Tseng, C.: Enterprise risk management and firm performance: a contingency perspective. J. Acc. Public Policy 28, 301–327 (2009)CrossRefGoogle Scholar
  20. Grace, M.F., Leverty, J.T., Phillips, R.D., Shimpi, P.: The value of investing in enterprise risk management. J. Risk Insur. 82(2), 289–316 (2015)CrossRefGoogle Scholar
  21. Hoyt, R.E., Liebenberg, A.P.: The value of enterprise risk management. J. Risk Insur. 78(4), 795–822 (2011)CrossRefGoogle Scholar
  22. International Standards Organization (ISO). 31000: 2009 Risk management – Principles and guidelines. International Organization for Standardization, Geneva, Switzerland (2009)Google Scholar
  23. ISO: Risk management—guidelines (2018). Available on the internet at Last accessed 10 Sept 2018
  24. Kaplan, R.S.: Accounting scholarship that advances professional knowledge and practice. Acc. Rev. 86(2), 367–383 (2011)CrossRefGoogle Scholar
  25. Kimbrough, R.L., Componation, P.J.: The relationship between organizational culture and enterprise risk management. Eng. Manage. J. 21(2), 18–26 (2009)CrossRefGoogle Scholar
  26. Liebenberg, A.P., Hoyt, R.E.: The determinants of enterprise risk management: evidence from the appointment of chief risk officers. Risk Manage. Insur. Rev. 6(1), 37–52 (2003)Google Scholar
  27. Lin, Y., Wen, M., Yu, J.: Enterprise risk management. N. Am. Actuarial J. 16(1), 1–28 (2012)CrossRefGoogle Scholar
  28. Lim, C.Y., Woods, M., Humphrey, C., Seow, J.L.: The paradoxes of risk management in the banking sector. Brit. Acc. Rev. 49(1), 75–90 (2017)CrossRefGoogle Scholar
  29. Lundqvist, S.A.: An exploratory study of enterprise risk management. J. Acc. Audit. Financ. 29(3), 393–429 (2014)CrossRefGoogle Scholar
  30. MacKenzie, S.B., Podsakoff, P.M., Podsakoff, N.P.: Construct measurement and validation procedures in MIS and behavioral research: integrating new and existing techniques. MIS Q. 35(2), 293–334 (2011)CrossRefGoogle Scholar
  31. Massaro, M., Dumay, J., Guthrie, J.: On the shoulders of giants: undertaking a structured literature review in accounting. Acc. Auditing Accountability J. 29(5), 767–801 (2016)CrossRefGoogle Scholar
  32. McShane, M.K., Nair, A., Rustambekov, E.: Does enterprise risk management increase firm value? J. Acc. Auditing Finance 26(4), 641–658 (2011)CrossRefGoogle Scholar
  33. Meidell, A., Kaarbøe, K.: How the enterprise risk management function influences decision-making in the organization—a field study of a large, global oil and gas company. Br. Acc. Rev. 49, 39–55 (2017)CrossRefGoogle Scholar
  34. Mikes, A.: Risk management and calculative cultures. Manage. Acc. Res. 20(1), 18–40 (2009)CrossRefGoogle Scholar
  35. Mikes, A.: From counting risk to making risk count: Boundary-work in risk management. Acc. Organ. Soc. 36, 226–245 (2011)CrossRefGoogle Scholar
  36. Mikes, A., Kaplan, R.S.: When one size doesn’t fit all: evolving directions in the research and practice of enterprise risk management. J. Appl. Corp. Finance 27(1), 37–40 (2015)CrossRefGoogle Scholar
  37. Nair, A., Rustambekovb, E., McShane, M., Fainshmidta, S.: Enterprise risk management as a dynamic capability: a test of its effectiveness during a crisis. Manag. Decis. Econ. 35, 555–566 (2014)CrossRefGoogle Scholar
  38. Oliva, F.L.: A maturity model for enterprise risk management. Int. J. Prod. Econ. 173, 66–79 (2016)CrossRefGoogle Scholar
  39. Paape, L., Speklé, R.F.: The adoption and design of enterprise risk management practices: an empirical study. Eur. Acc. Rev. 21(3), 533–564 (2012)Google Scholar
  40. Pagach, D., Warr, R.: The characteristics of firms that hire chief risk officers. J. Risk Insur. 78(1), 185–211 (2011)CrossRefGoogle Scholar
  41. Power, M.: The risk management of nothing. Acc. Organ. Soc. 34(6), 849–855 (2009)CrossRefGoogle Scholar
  42. South Africa’s King IV Report (2017) available on the internet at Last accessed 10 Sept 2018
  43. UK Corporate Governance Code (2018) available on the internet at Last accessed 10 Sept 2018
  44. Woods, M.: A contingency theory perspective on the risk management control system within Birmingham city council. Manage. Acc. Res. 20(1), 69–81 (2009)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.University of Stellenbosch Business SchoolBellvilleSouth Africa
  2. 2.University of VeronaVeronaItaly

Personalised recommendations