Contemporary organizations are increasingly challenged by the expanding variety of risks and threats posed by turbulent and complex business environments. This paper addresses the importance of organizations having the ability to cope with risks and uncertainties by exploring IT-enabled enterprise risk management (ERM) capability as a means of achieving organizational resilience. Based on the synthesis of prior risk management theoretical frameworks, we posit that information technology is a key enabler of enterprise risk management capability that integrate risk management into enterprise-wide business processes, with organizational commitment as a complementary enabler. By examining the relationship of IT-enabled ERM capability and organizational resilience under the moderating effect of business network structure strength, this study provides insights on how to ensure continued survival of organizations in today’s volatile operating climate where risks extend beyond the organizational boundaries. Empirical findings from a survey of 185 organizations in Singapore show that IT assets and organizational commitment play significant roles in building up IT-enabled ERM capabilities. Organizational resilience is also found to be strongly impacted by the organization’s IT-enabled ERM capabilities, while the firm’s business network structure strength negatively moderates this relationship to a small extent. Managerial implications stemming from the empirical findings are discussed and directions for future research on enterprise risk management as a burgeoning research area for IS researchers are also offered.
Oh, Lih-Bin and Teo, Hock-Hai, "An Empirical Study of IT-enabled Enterprise Risk Management and Organizational Resilience" (2009). CONF-IRM 2009 Proceedings. 19.