case study on strategic evaluation and control

Strategy Evaluation and Control

Evaluation and control in strategic management (adsbygoogle = window.adsbygoogle || []).push({});.

The strategic management process results in decisions that can have significant, long-lasting consequences. Erroneous strategic decisions can inflict severe penalties and can be exceedingly difficult, if not impossible, to reverse.

Thus, these strategic decisions must be evaluated and controlled properly. Successful strategies combine patience with a willingness to promptly take corrective actions when necessary. There always comes a time when corrective actions are needed in an organization.

Strategy evaluation and control are essential to ensure that stated business objectives are being achieved. It is vital to an organization’s well-being.

In many organizations, strategy evaluation is simply an appraisal of how well an organization has performed. Timely evaluation and control can alert management to problems or potential problems before a situation becomes critical.

Strategy evaluation and control are important because organizations face dynamic environments in which key external and internal factors often change quickly and dramatically.

An organization should never be lulled into complacency with success. Countless firms have thrived one year only to struggle for survival the following year.

If not careful, strategy evaluation and control can provide no better result than the information on which it is based. Strategy evaluation can be a complex and sensitive undertaking and is becoming increasingly difficult with the passage of time. The reasons are as follows.

First, domestic and world economies were more stable in years past, product life cycles were longer, product development cycles were longer, technological advancement was slower, changes occurred less frequently, there were fewer competitors, foreign companies were weak, and there were more regulated industries.

Second, strategy evaluation and control are more difficult today because of the following trends: (1) A dramatic increase in the environment’s complexity; (2) The increasing difficulty of predicting the future with accuracy; (3) The increasing number of variables; (4) The rapid rate of obsolescence of even the best plans; (5) The increase in the number of both domestic and world events affecting organizations; and (6) The decreasing time span for which planning can be done with any degree of certainty.

Evaluation and control in strategic management consist of performance data and activity reports.

If undesired performance results because the strategic management processes are inappropriately used, operation management must know about it so that they can correct the employee activity whereas top management would not have to involve. 

If undesired performance results from the processes themselves, top management must know about it so they can develop new implementation programs or procedures.

Adequate and timely feedback is the cornerstone of effective strategy evaluation.  However, too much emphasis on evaluating strategies may be expensive and counterproductive. 

Too much pressure from top managers may result in lower managers contriving numbers they think will be satisfactory. The more managers attempt to evaluate the behavior of others, the less control they have.

Yet too little or no evaluation and control can create even worse problems.

It is impossible to demonstrate conclusively that a particular strategy is optimal or even to guarantee that it will work. 

One can, however, evaluate it for critical flaws. There are four criteria that could be used to evaluate a strategy: consistency, consonance, feasibility, and advantage.

Consonance and advantage are mostly based on a firm’s external assessment, whereas consistency and feasibility are largely based on an internal assessment.

One of the obstacles to effective control is the difficulty in developing appropriate measures of important activities and outputs.

The Process of Strategy Evaluation and Control (adsbygoogle = window.adsbygoogle || []).push({});

Strategy evaluation and control are necessary for all sizes and kinds of organizations.

Strategy evaluation  and control process should  (1) initiate managerial questioning of expectations and assumptions,  (2) trigger a review of objectives and values, and  (3) stimulate creativity in generating alternatives and formulating criteria of evaluation.

If assumptions and expectations deviate significantly from forecasts, then the firm should renew strategy formulation activities, perhaps sooner than planned.

During the implementation of strategy evaluation and control, firms look to answer certain questions.

Have the firm’s assets increased? Has there been an increase in profitability? Have sales increased? Have productivity levels increased? Have profit margin, return on investment, and earnings-per-share ratios increased? 

Even when the answers to these types of questions are affirmative, there is no guarantee that these strategies are correct.

The strategy or strategies may have been correct, but this type of reasoning can be misleading because strategy evaluation must have both a long-run and short-run focus. Strategies often do not affect short-term operating results until it is too late to make needed changes.

Strategy evaluation activities should be performed on a continuing basis, rather than at the end of specified periods of time or just after problems occur.

Evaluating strategies on a continuous rather than on a periodic basis allows benchmarks of progress to be established and more effectively monitored.

Some strategies take years to implement; consequently, associated results may not become apparent for years.

In strategy evaluation and control processes, like strategy formulation and strategy implementation, people make a difference.

As critical success factors change, organizational members should be involved in determining appropriate corrective actions.

Regardless of the size of the organization, a certain amount of management by wandering around at all levels is essential to effective strategy evaluation.

Through involvement in the process of evaluating strategies, managers and employees become committed to keeping the firm moving steadily toward achieving objectives.

Managers and employees of the firm should be continually aware of progress being made toward achieving the firm’s objectives.

Characteristics of an Effective Evaluation System (adsbygoogle = window.adsbygoogle || []).push({});

Strategy evaluation and control must meet several basic requirements to be effective. 

There is no one ideal strategy evaluation system. The unique characteristics of an organization, including its size, management style, purpose, problems, and strengths, can determine a strategy evaluation and control system’s final design.

Strategy evaluation and control activities must be economical.

Too much information can be just as bad as too little information; and too many controls can do more harm than good. 

Strategy evaluation and control activities also should be meaningful.

They should specifically relate to a firm’s objectives. They should provide managers with useful information about tasks over which they have control and influence. 

Strategy evaluation and control activities should provide timely information.

On occasion and in some areas, managers may daily need information. Approximate information that is timely is generally more desirable as a basis for strategy evaluation than accurate information that does not depict the present. Frequent measurement and rapid reporting may frustrate control rather than give better control. The time dimension of control must coincide with the time span of the event being measured.

Strategy evaluation and control should be designed to provide a true picture of what is happening.

Information derived from the strategy evaluation process should facilitate action and should be directed to those individuals in the organization who need to take action based on it. Controls need to be action-oriented rather than information-oriented.

Strategy evaluation and control process should not dominate decisions. 

It should foster mutual understanding, trust, and common sense. No department should fail to cooperate with another in evaluating strategies. Strategy evaluations should be simple, not too cumbersome, and not too restrictive. Complex strategy evaluation systems often confuse people and accomplish little. The test of an effective evaluation system is its usefulness, not its complexity.

Large organizations require a more elaborate and detailed strategy evaluation system because it is more difficult to coordinate efforts among different divisions and functional areas. Managers in small companies often communicate daily with each other and their employees and do not need extensive evaluative reporting systems. 

Familiarity with local environments usually makes gathering and evaluating information much easier for small organizations than for large businesses. But the key to an effective strategy evaluation system may be the ability to convince participants that failure to accomplish certain objectives within a prescribed time is not necessarily a reflection of their performance.

A Strategy Evaluation and Control Framework (adsbygoogle = window.adsbygoogle || []).push({});

Strategy evaluation and control include 3 basic activities.

They are: (1) examining the underlying bases of a firm’s strategy, (2) comparing expected results with actual results, and (3) taking corrective actions to ensure that performance conforms to plans.

Activity 1: Reviewing Bases of Strategy

Reviewing the underlying bases of an organization’s strategy could be approached by developing a revised  (1) EFE Matrix and  (2) IFE Matrix.

Numerous external and internal factors can prevent firms from achieving long-term and annual objectives. 

A revised EFE Matrix should indicate how effective a firm’s strategies have been in response to key opportunities and threats.

This analysis could also address such questions as the following: (1) How have competitors reacted to our strategies? (2) How have competitors’ strategies changed? (3) Have major competitors’ strengths and weaknesses changed? (4) Why are competitors making certain strategic changes? (5) Why are some competitors’ strategies more successful than others? (6) How satisfied are our competitors with their present market positions and profitability? (7) How far can our major competitors be pushed before retaliating? and (8) How could we more effectively cooperate with our competitors?

Externally, actions by competitors, changes in demand, changes in technology, economic changes, demographic shifts, and governmental actions may prevent objectives from being accomplished. 

A revised IFE Matrix should focus on changes in the organization’s management, marketing, finance/accounting, production/operations, R&D, and management information systems strengths and weaknesses.

Internally, ineffective strategies may have been chosen or implementation activities may have been poor.

Business objectives may have been too optimistic.

Thus, failure to achieve objectives may not be the result of unsatisfactory work by managers and employees. All organizational members need to know this to encourage their support for strategy evaluation activities.

Organizations desperately need to know as soon as possible when their strategies are not effective. Sometimes managers and employees on the front lines discover this well before strategists.

External opportunities and threats and internal strengths and weaknesses that represent the bases of current strategies should continually be monitored for change.

It is not really a question of whether these factors will change but rather when they will change and in what ways.

Here are some key questions to address in evaluating and controlling strategies: (1) Are our internal strengths still strengths? (2) Have we added other internal strengths? If so, what are they? (3) Are our internal weaknesses still weaknesses? (4) Do we now have other internal weaknesses? If so, what are they? (5) Are our external opportunities still opportunities? (6) Are there now other external opportunities? If so, what are they? (7) Are our external threats still threats? (8) Are there now other external threats? If so, what are they? and (9) Are we vulnerable to a hostile takeover?

Activity 2: Measuring Organizational Performance

Another important strategy evaluation  and control activity is measuring organizational performance. 

This activity includes comparing expected results to actual results, investigating deviations from plans, evaluating individual performance, and examining progress being made toward meeting stated objectives. Both long-term and annual objectives are commonly used in this process. 

Criteria for evaluating and controlling strategies should be measurable and easily verifiable. Criteria that predict results may be more important than those that reveal what already has happened.

Failure to make satisfactory progress toward accomplishing long-term or annual objectives signals a need for corrective actions.

Determining which objectives are most important in the evaluation of strategies can be difficult.

Many factors, such as unreasonable policies, unexpected turns in the economy, unreliable suppliers or distributors, or ineffective strategies, can result in unsatisfactory progress toward meeting objectives. Problems can result from ineffectiveness (not doing the right things) or inefficiency (poorly doing the right things).

Strategy evaluation is based on both quantitative and qualitative criteria. Selecting the exact set of criteria for evaluating strategies depends on a particular organization’s size, industry, strategies, and management philosophy. 

Quantitative criteria are commonly used to evaluate strategies.

They are financial ratios, which management uses to make three critical comparisons: (1) comparing the firm’s performance over different time periods, (2) comparing the firm’s performance to competitors, and (3) comparing the firm’s performance to industry averages.

But some potential problems are associated with using quantitative criteria for evaluating strategies: (1) most quantitative criteria are geared to annual objectives rather than long-term objectives; (2) different accounting methods can provide different results on many quantitative criteria; and (3) intuitive judgments are almost always involved in deriving quantitative criteria. 

Qualitative criteria are also important in evaluating strategies. 

Human factors such as high absenteeism and turnover rates, poor production quality and quantity rates, or low employee satisfaction can be underlying causes of declining performance. Marketing, finance/accounting, R&D, or management information systems factors can also cause financial problems.

Some additional key questions that reveal the need for qualitative or intuitive judgments in strategy evaluation are as follows: (1) How good is the firm’s balance of investments between high-risk and low-risk projects? (2) How good is the firm’s balance of investments between long-term and short-term projects? (3) How good is the firm’s balance of investments between slow-growing markets and fast-growing markets? (4) How good is the firm’s balance of investments among different divisions? (5) To what extent are the firm’s alternative strategies socially responsible? (6) What are the relationships among the firm’s key internal and external strategic factors? and (7) How are major competitors likely to respond to particular strategies?

Activity 3: Taking Corrective Actions

The final strategy evaluation activity, taking corrective actions, requires making changes to competitively reposition a firm for the future. 

Changes that may be needed are altering an organization’s structure, replacing one or more key individuals, selling a division, or revising a business mission.

Other changes could include establishing or revising objectives, devising new policies, issuing stock to raise capital, adding additional salespersons, differently allocating resources, or developing new performance incentives. 

Taking corrective actions does not necessarily mean that existing strategies will be abandoned or even that new strategies must be formulated.

The probabilities and possibilities for incorrect or inappropriate actions increase geometrically with an arithmetic increase in personnel. Any person directing an overall undertaking must check on the actions of the participants as well as the results that they have achieved. If either the actions or results do not comply with preconceived or planned achievements, then corrective actions are needed.

Taking corrective actions is necessary to keep an organization on track toward achieving stated objectives.

Strategy evaluation enhances an organization’s ability to adapt successfully to changing circumstances.

Taking corrective actions raises employees’ and managers’ anxieties.

Participation in strategy evaluation activities is one of the best ways to overcome individuals’ resistance to change. Individuals accept change best when they have a cognitive understanding of the changes, a sense of control over the situation, and an awareness that necessary actions are going to be taken to implement the changes.

Strategy evaluation can lead to strategy formulation changes, strategy implementation changes, both formulation, and implementation changes, or no changes at all. Management cannot escape having to revise strategies and implementation approaches sooner or later.

Resistance to change is often emotionally based and not easily overcome by rational argument. Resistance may be based on such feelings as loss of status, implied criticism of present competence, fear of failure in the new situation, annoyance at not being consulted, lack of understanding of the need for change, or insecurity in changing from well-known and fixed methods. It is necessary, therefore, to overcome such resistance by creating situations of participation and full explanation when changes are envisaged.

Corrective actions should place an organization in a better position to capitalize upon internal strengths; take advantage of key external opportunities; avoid, reduce, or mitigate external threats; and improve internal weaknesses. 

Corrective actions should have a proper time horizon and an appropriate amount of risk. They should be internally consistent and socially responsible. 

Corrective actions strengthen an organization’s competitive position in its basic industry.

Continuous strategy evaluation keeps management close to the pulse of an organization and provides information needed for an effective strategic management system.

Contingency Plan in Strategy Evaluation and Control (adsbygoogle = window.adsbygoogle || []).push({});

A basic premise of good strategic management is that firms plan ways to deal with unfavorable and favorable events before they occur. 

Too many organizations prepare contingency plans just for unfavorable events. This is a mistake because both minimizing threats and capitalizing on opportunities can improve a firm’s competitive position.

Regardless of how carefully strategies are formulated, implemented, and evaluated, unforeseen events, such as strikes, boycotts, natural disasters, the arrival of foreign competitors, and government actions, can make a strategy obsolete. 

To minimize the impact of potential threats, organizations should develop contingency plans as part of their strategy evaluation process.

Contingency plans can be defined as alternative plans that can be put into effect if certain key events do not occur as expected. 

Only high-priority areas require the insurance of contingency plans. Management cannot and should not try to cover all bases by planning for all possible contingencies. But in any case, contingency plans should be as simple as possible.

Some contingency plans are commonly established by firms.

They are: (1) If a major competitor withdraws from particular markets as intelligence reports indicate, what actions should our firm take? (2) If our sales objectives are not reached, what actions should our firm take to avoid profit losses? (3) If demand for our new product exceeds plans, what actions should our firm take to meet the higher demand? (4) If certain disasters occur such as loss of computer capabilities; a hostile takeover attempt; loss of patent protection; or destruction of manufacturing facilities because of earthquakes, tornadoes or hurricanes, then what actions should our firm take? and (5) If a new technological advancement makes our new product obsolete sooner than expected, what actions should our firm take?

Alternative strategies not selected for implementation can serve as contingency plans in case the strategy or strategies selected do not work.

Too many organizations discard alternative strategies not selected for implementation although the work devoted to analyzing these options would render valuable information. 

When strategy evaluation activities reveal the need for a major change quickly, an appropriate contingency plan can be executed in a timely way. Contingency plans can promote a management’s ability to respond quickly to key changes in the internal and external bases of an organization’s current strategy.

In some cases, external or internal conditions present unexpected opportunities. When such opportunities occur, contingency plans could allow an organization to quickly capitalize on them. 

Contingency planning gave users  3 major benefits .

They are: (1) It permitted quick response to change, (2) it prevented panic in crisis situations, and (3) it made managers more adaptable by encouraging them to appreciate just how variable the future can be. 

The effective contingency planning process involves 7 steps.

They are: (1) Identify both beneficial and unfavorable events that could possibly derail the strategy or strategies; (2) Specify trigger points. Calculate when contingent events are likely to occur; (3) Assess the impact of each contingent event. Estimate the potential benefit or harm of each contingent event; (4) Develop contingency plans. Be sure that contingency plans are compatible with the current strategy and are economically feasible; (5) Assess the counter-impact of each contingency plan. That is, estimate how much each contingency plan will capitalize on or cancel out its associated contingent event. Doing this will quantify the potential value of each contingency plan; (6) Determine early warning signals for key contingent events. Monitor the early warning signals; and (7) For contingent events with reliable early warning signals, develop advance action plans to take advantage of the available lead time.

Further Reading

• Strategic Evaluation And Control Overview (cioinsiderindia.com)
• Strategic Evaluation and Control – Types of Control, Strategic Evaluation Process, Importance (bbamantra.com)
• The Process of Strategic Evaluation and Control (qsstudy.com)
• Strategy Evaluation And Control (introduction-to-management.24xls.com)
• Strategy Evaluation (businessmanagementideas.com)
• Strategic Control: Breaking Down The Process & Techniques (clearpointstrategy.com)
• Strategy Evaluation – Process Guide (cascade.app)
• Strategy Evaluation and Control (hahuzone.com)
• What Is the Meaning of Evaluation and Control? (bizfluent.com)

Even More Reading

• The Complete Guide to Strategy Evaluation (creately.com)
• Techniques of Strategy Evaluation (smallbusiness.chron.com)
• Strategic Control (yourarticlelibrary.com)
• Strategy Evaluation Process and its Significance (managementstudyguide.com)
• Strategy Evaluation: Necessity, Requirements, Strategy Evaluation Framework (iedunote.com)
• Why Evaluation and Control are Important in Strategic Management? (talentedge.com)
• Strategy Evaluation & Control (indiafreenotes.com)

Related Concepts

• Nature of Organizational Controls
• Strategy Performance Measurement
• Hitt, M. A., Ireland, D. R., & Hoskisson, R. E. (2019). Strategic Management: Concepts and Cases: Competitiveness and Globalization (MindTap Course List) (13th ed.). Cengage Learning.
• Hill, C. W. L., & Jones, G. R. (2011). Essentials of Strategic Management (Available Titles CourseMate) (3rd ed.). Cengage Learning.
• Mastering Strategic Management. (2016, January 18). Open Textbooks for Hong Kong.

Strategy Evaluation Process: Comprehensive Guide + Examples

The process of strategy evaluation is often overlooked in the overall strategic management process . After the flurry of activity in the initial planning stages, followed by the reality check of executing your strategy alongside business-as-usual, strategy evaluation is often neglected.

When this happens, strategies quickly become outdated and out-of-sync with the changing face of the organization.

On the contrary, when an efficient strategy evaluation process is set in place, businesses can benefit from insights and learnings from past performance to inform more efficient decision-making .

What Is Strategy Evaluation?

Strategy evaluation is the process of analyzing a strategy to assess how well it's been implemented and executed. It’s an internal analysis tool and should be used as part of a broader strategic analysis for the organization when making strategic decisions.  

Typically, the strategy evaluation process involves answering questions such as:

• Are we moving forward towards achieving our core business metrics ?
• How much progress have we made towards our Vision ?
• Are our Strategic Focus Areas still relevant?
• Which of our Objectives have we completed?
• Do we have sufficient Projects to deliver incomplete Objectives?
• Are our KPIs still effective for measuring progress towards our Objectives?
• Where did we fall short of our targets? Why did this happen?

At the very least, you need to evaluate your strategy twice a year—or better yet, every quarter. Even if you feel as though your existing company strategy is 'too far gone' and needs a fresh start, you'll want to perform a thorough strategy evaluation to understand what went wrong and use this information for your new strategy.

The mistake that people often make when it comes to strategy execution , is thinking of their strategy as a linear set of steps. In reality, the strategic planning process requires constant iteration and evolution, with strategy evaluation serving as a pivotal factor in shaping strategy formulation.

💡 Pro Tip: A good strategy should never really 'end'. Rather, it should morph into something more ambitious and sophisticated as goals are met.

Steps For a Successful Strategy Evaluation Process

There is no one-size-fits-all in terms of strategy evaluation, so we encourage you to think about how your own process would look like. However, after working on countless strategies with our customers, these are the steps we suggest you follow for a successful evaluation process.

Step 1: Evaluation starts at the start

It may sound counter-intuitive, but ideally, you'll be kicking off your strategy evaluation process back in the planning stage . Strategy evaluation is essentially the process of figuring out:

• What did we do well?
• How can we improve upon what we did well?
• What did we learn about ourselves and the external environment along the way?

One of the best ways to answer these questions is by setting effective KPIs (Key Performance Indicators) in your planning stage so you’ll be able to clearly measure performance in the following stages.

Let’s look at an example:

Imagine "EcoWise," a company with a vision to lead global sustainable living. One of their core business metrics is market share , and they aim to expand their eco-friendly products into new international markets.

One of their focus areas could be “International Market Expansion” driven by the following objectives:

• Enter and secure a 5% market share in Europe.
• Launch at least five new eco-friendly products annually.

To understand progress towards the objectives, they set the following KPIs:

• Market Share Growth
• Product Adoption Rate
• Sustainability Ratings

By having clear KPIs that set a benchmark and allow to measure actual results, EcoWise will be able to answer fundamental questions during the strategy evaluation process:

• Did we meet our KPI?
• Why did we fall short?
• Was this even the right KPI?

👉🏻 How Cascade can help?

With Cascade’s planner feature, you can ensure you set all the important elements of your strategic plan with structure and ease and assign measurable targets at the initiative and project levels.

Step 2: Implement consistent processes and tools

Not to sound too much like a broken record, but effective strategy evaluation requires planning that goes beyond the setting of good KPIs. You'll also need to plan out your 'strategy rhythm'—things like:

• How often will we measure progress against our goals?
• What standardized set of reports will be used throughout the business?
• What level of detail shall we capture in our written commentary on progress against the plan?

💡 Pro Tip: It’s important to determine these types of things up front and implement a regime of meetings and reports throughout the organization.

We like to call this process your ' strategy rhythm ' as it should form the backbone of your organization's activities, and be maintained regularly and consistently throughout the year.

Here is an example you can use provided by Cascade’s team of experts:

Step 3: Empower teams to evaluate their own strategies

Empowerment plays a critical role in the strategy evaluation process. Rather than have the leadership team alone participate in your strategy evaluation, invite stakeholders from different areas and departments to prepare their own evaluation of how the team performed against the strategy.

Provide them with a simple framework to conduct the analysis and address essential questions like:

• Did we meet our goals?
• What was it that helped us to succeed?
• What challenges made us fall short?
• Were our goals well set, and have they brought us closer to achieving our overall vision?

Ideally, you'll have your teams present using the tools you defined in step 2 . This includes any strategic dashboards or standardized reports that you agreed on previously.

Cascade’s dashboards and reports in real-time give you and your teams an accurate picture of the strategic performance to aid in your strategy evaluation process.

Step 4: Take corrective action

Steps 4 and 5 (below) are somewhat intertwined and should be performed largely in conjunction with each other. If you find that you're not meeting one of your goals, you'll want to do two things:

• Start by figuring out if the goal is still the right one.
• If it is, take corrective action to address any shortcomings.

Assuming you're still convinced the goal you've set is the right one, you need to implement an action plan to get yourself back on track.

There are many reasons why you might be struggling to hit your goals, ranging from relatively simple issues such as:

• Lack of resource allocation (human or financial)
• Conflicting priorities
• Ineffective tracking of targets
• Misalignment or understanding of the goal

Or your challenges may be more complex and relate to:

• Increased competition
• A significant capital shortfall
• Regulatory pressures
• Lack of internal innovation

Whatever the case, the sooner you can identify these issues, the sooner you can start to take corrective action to ensure a more effective strategy implementation that will get you closer to achieving your desired results.

How to identify the issue?

There are tools and frameworks you can use during the strategy evaluation process that can give you more information about internal and/or external factors that may be hindering your progress.

For example, a SWOT analysis can be useful to reveal what you excel at and where you need improvement. Identifying your weaknesses is key to understanding what might be holding your strategy back.

Another best practice is conducting a competitive analysis to gain insights into what your competitors are doing better. By comparing your strengths and weaknesses against theirs, you can understand where you hold the competitive advantage and where you have gaps that need addressing.

Step 5: Iterate your plan

There are two scenarios where you'll want to iterate your plan as part of your strategy evaluation—one being significantly more positive than the other:

Scenario 1: When you achieve your goals

In an ideal world, your plan evolves because you've successfully checked off some or all of your strategic goals. Your plan isn't set in stone; it's flexible and can take unexpected turns.

For instance, you might reach certain goals much earlier than anticipated. When that happens, you shouldn't wait around for the entire plan to play out. Instead:

• If you've met all your goals, it's time to ask if your broader focus area is complete. If not, it's time for new goals within that focus area.
• Or, if you've successfully nailed all your focus areas, it's time to ponder if you're closer to your vision. If not, new focus areas should come into play.

Scenario 2: When you fall short of your goals

Now, let's consider a different scenario, where you didn't quite hit all your goals. But here's the thing: just because you missed a goal doesn't automatically mean you need to take immediate corrective action.

One of the key outcomes of effective strategy evaluations is the recalibration of Key Performance Indicators (KPIs).

Going back to the example in step 1 , let’s say that EcoWise effectively launched 5 new products, but this did not effectively translate into them gaining significant market share (which was the key metric they were aiming for).  

In this case, it suggests the original KPI might not have been quite right. But you wouldn't have known that without either the KPI in the first place or the process of strategic evaluation.

The platform allows for a flexible setup of your strategy to easily make changes to the plan if needed after the insights learned from your strategic evaluation process. By providing full visibility, your teams and other stakeholders will be aware of the changes in real-time!

Step 6: Celebrate successes

We've saved the most fun part of the strategy evaluation process for last—celebrating success.

Given that your strategy will never ‘finish,’ it’s important to celebrate the successes along the way to keep your teams motivated and engaged. The first time you achieve a KPI or even focus areas— enjoy it!

Celebrating the success of a strategic goal is not only great for morale, but it also sends a strong message that the execution of the plan really really matters .

Strategy Evaluation Framework Example

Let's imagine how a supply chain company could tackle the evaluation of its quarterly supply chain plan:

• KPIs analysis : First, they examine their KPIs to decipher which goals they've attained and which ones are still a work in progress.
• Team performance report : The teams get to work on crafting performance reports, offering insights into their achievements and areas requiring additional focus.
• Further analysis : When certain KPIs fall short, they conduct a deeper analysis to uncover the root causes of these performance gaps. In some cases, they even realize that the initial KPIs might not have been the best fit.
• KPI evolution : If they’ve successfully met a KPI, they adapt and introduce a new one to further advance toward key business metrics.
• Evolving the plan : With insights and learnings from their strategy evaluation, they refine their strategic plan, making tweaks and adjustments as needed.

Centralized Observability: The Key To Effective Strategy Evaluation

In the realm of strategic business management, the journey to success is all about adaptability, evolution, and continuous improvement. A pivotal aspect of this journey is the capability to gain a holistic, centralized view of your strategy.

Centralized observability plays a pivotal role in successful strategy evaluation, empowering organizations to:

• Monitor KPIs and goals in real time.
• Understand how teams work together toward achieving the overarching business goals.
• Quickly spot areas that may need adjustments.
• Foster a culture of transparency and accountability, as teams can see how their efforts impact the broader strategy.

This unified perspective simplifies the process of assessing strategy effectiveness and provides invaluable insights for more effective decision-making.

This is where Cascade , the world’s leading Strategy Execution Platform , comes into play as your strategic ally. Cascade enables centralized observability by offering key features for goal management, performance tracking, and strategy alignment. It streamlines the strategy evaluation process, providing real-time data for confident decision-making.

Discover how Cascade can help! Sign up today for free or book a guided 1:1 product tour with one of Cascade’s in-house strategy execution experts.

Popular articles

Viva Goals Vs. Cascade: Goal Management Vs. Strategy Execution

What Is A Maturity Model? Overview, Examples + Free Assessment

How To Implement The Balanced Scorecard Framework (With Examples)

The Best Management Reporting Software For Strategy Officers (2024 Guide)

Your toolkit for strategy success.

Academia.edu no longer supports Internet Explorer.

To browse Academia.edu and the wider internet faster and more securely, please take a few seconds to  upgrade your browser .

Enter the email address you signed up with and we'll email you a reset link.

• We're Hiring!
• Help Center

Techniques of Strategic Evaluation and Control in Practices -A Case of Indian Companies

Strategic evaluation and control is the last phase of strategic management process which provides a substantial amount of information and experience to CEOs/Strategists that can be helpful for new strategic planning. Strategic evaluation and control helps to keep a check on the validity of strategic choice. It also helps to assess whether the decisions match the intended strategy requirements. Strategic evaluation and control is becoming increasingly difficult in the changing environment due to many reasons. The paper covers the concept and barriers of strategic evaluation and control, role of organization system in strategic evaluation and control and techniques used in strategic evaluation and control by the selected units. Introduction: It is generally believed that strategic management should be treated as an imperative area for top management in the contemporary fast changing, complex and turbulent environment Strategic management is considered as either decision making and planning, or a set of activities related to the formulation and implementation of strategies to achieve organizational objectives. In strategic management the emphasis is on those general management responsibilities which are essential to relate the organization to the environment in such a way that its objectives may be achieved. Strategic management has been given relevance in Indian organization only after liberalization, privatization and globalization phases. Strategic evaluation and control include evaluation of the appropriateness of the objectives and the strategies, as well as subsequent control of performance in accord with plan. Strategic evaluation and control is the last phase of strategic management process which provides a substantial amount of information and experience to CEOs/Strategists that can be helpful for new strategic planning. Strategic evaluation and control helps to keep a check on the validity of strategic choice. An ongoing process of evaluation would, in fact provide feedback on the continued relevance of the strategic choice made during the formulation phase. This is due to the efficacy of strategic evaluation to determine the effectiveness of strategy. It also helps to assess whether the decisions match the intended strategy requirements. This is due to the inherent nature of any administrative system, which leaves some amount of discretion in the hands of managers. In the absence of such evaluation, managers would not explicitly know how to exercise such discretion.

Related Papers

Chijioke Nwachukwu

Strategy evaluation process enables firms to continuously assess current practices and their contribution to strategy implementation. This study has examined strategy evaluation process and strategic performance of mobile telecommunication firms operating in Nigeria. The study provides new insights into the effect of strategy evaluation process on strategic performance of large firms in an emerging market such as Nigeria. The authors used theoretical insights from strategic management literature to better understand how a firm process of strategy evaluation affects strategic performance. The research has been done in a single industry, using quantitative methods and survey to obtain information from employees of four mobile telecommunication MNCs operating in Nigeria. The findings suggest that a mobile telecommunication firm adopts a systematic approach to strategy evaluation which has a significant and positive impact on their strategic performance. This study contributes to the ex...

Živan Ristić

Information acquired by measuring and evaluation are a necessary condition for good decision making in strategic management. This work deals with : (a) Methodological aspects of evaluation (kinds of evaluation, metaevaluation) and measurement (supposition of isomor-phism in measurement, kinds and levels of measurement, errors in measurement and the basic characteristics of measurement). (b) Evaluation and measurement of potential and accomplishments of the organization in Kaplan-Norton perspectives (in the perspectives of learning and development, perspectives of internal processes, perspectives of the consum-er/user, and in financial perspectives). (c) Systems and IT solutions of evaluation and measuring performances of the organization in strategic analysis and control.

Tamás Kozák

The implementation of each strategic decision involves investment of a large amount of capital, human resources and managerial efforts. An incorrect decision often means the failure of an investment. Risks of strategic decisions can be reduced if we can re-examine or identify whether the strategic decisions that have been made are consistent with the actual situation of the company and with the external environment and industry development. Based on the basic principles of strategic decision-making presented in this book, this chapter puts forward the basic logic and thinking of the evaluation of strategic decision-making from the standpoint of the three elements of strategy.

Management and Administrative Sciences Review ISSN: 2308-1368

There is a huge gap between the development of successful strategies and success. This gap can only be filled up with the concept of a successful implementation. Thus, if strategy implementation is the main, what is the main in it? In this article, it is believed that people are at the heart of strategy implementation. accordingly, it is in a set of complex social actions. And, also, is a process which start from upper level to lower level. In this process, there are many implementers, by hierarchy, comprised of top management, middle management, lower management and non-management. our primary aim is to indicate vital role of them. With the idea that certain skills are needed at every level.

Dony Antunes

odufeso tajudeen

Doina Popescu

Strategic control represents that sequence of the strategic management process in which the strategy to be applied is followed,existing and potential problems are being identified and neccessary corrections are being made in order to ensure compliance of the achieved performance with set standars. Strategic control should allow the identification of problems generated by these changes and correction of the course of action based on intermediate performance that is registered succesively in the process of applying the strategic management model and then in that of full operation of the company based on the new model. This is achieved by permanent monitoring of the way in which the provisions of strategic plans are being administered, comparing achieved performance with the standards set by the plans. When the performance gaps exceed certain limits, corrective measure are take in order to restore the envisaged course of action on track. As the application of the strategic model progre...

Tony Bovaird

New Directions for Evaluation

Michael Patton

RELATED PAPERS

Karla de Souza Patrao

Cornel Samoila

Physical Review B

Ioannis Rousochatzakis

Joachim Götz

Kindlers Literatur Lexikon (KLL)

ESTUDO DE CASO LA CASA DE PAPEL: ESTRATÉGIAS CRIATIVAS DE VISUALIZAÇÃO DE CONHECIMENTO, MÍDIA E DESIGN THINKING NO PROCESSO DE INOVAÇÃO

Nárima Alemsan

European Journal of Internal Medicine

laura velasco

Supplier Besar Tally Underwear

Science Talks

Hossein Pourrahmani

Örjan Wikforss

29th International Meeting on Organic Geochemistry

Clifford Walters

Australasian Journal on Ageing

Revista Ceres

claudia crosa

Sexual Health

Patricia Galarza

İstanbul Bilgi Üniversitesi BİLGİ Avrupa Çalışmaları Mükemmeliyet Alanı Avrupa Birliği Enstitüsü Jean Monnet Mükemmeliyet Merkezi BİLDİRİ ÖZETİ KİTABI

Vildan Taştemel Kapucu

Erwerbs-obstbau

Michael Blanke

Bezpieczeństwo. Teoria i Praktyka

Joanna Ciesielska-Klikowska

arXiv (Cornell University)

Fernando Abalos

USMAN BARA'U AHMAD

European Psychiatry

elena monducci

Organic Letters

Kris Gunsalus

RePEc: Research Papers in Economics

Henrik Sigstad

arief surachman

Pablo Trindade

See More Documents Like This

RELATED TOPICS

•   We're Hiring!
•   Help Center
• Find new research papers in:
• Health Sciences
• Earth Sciences
• Cognitive Science
• Mathematics
• Computer Science
• Academia ©2024

• Free Case Studies
• Business Essays

Write My Case Study

Buy Case Study

Case Study Help

• Case Study For Sale
• Case Study Service
• Hire Writer

Strategy Review, Evaluation, and Control

OVERVIEW The best formulated and implemented strategies become obsolete as a firm’s external and internal environments change. It is essential, therefore, that strategists systematically review, evaluate, and control the execution of strategies. Chapter 9 presents a framework that can guide managers’ efforts to evaluate strategic-management activities, to make sure they are working, and to make timely changes. Computer information systems being used to evaluate strategies are discussed. Guidelines are presented for formulating, implementing, and evaluating strategies.

I. THE NATURE OF STRATEGY EVALUATION A. Importance of Strategy Evaluation 1. The strategic-management process results in decisions that can have significant, long-lasting consequences. Erroneous strategic decisions can inflict severe penalties and can be exceedingly difficult, if not impossible, to reverse. 2.

We Will Write a Custom Case Study Specifically For You For Only $13.90/page!

Most strategists agree, therefore, that strategy evaluation is vital to an organization’s well-being; timely evaluations can alert management to problems or potential problems before a situation becomes critical. 3.Strategy evaluation includes three basic activities: a. Examining the underlying bases of a firm’s strategy. b. Comparing expected results with actual results.

c. Taking corrective actions to ensure that performance conforms to plans. 5. 4. Strategy evaluation can be a complex and sensitive undertaking. Too much emphasis on evaluating strategies may be expensive and counterproductive.

Yet, too little or no evaluation can create even worse problems. Strategy evaluation is essential to ensure that stated objectives are being achieved. 6. . It is impossible to demonstrate conclusively that a particular strategy is optimal, but it can be evaluated for critical flaws. As described in Table 9-1, here are four criteria to use in evaluating a strategy: a.

consistency b. consonance c. feasibility d. advantage 7. 6. These trends make strategy evaluation difficult: a.

dramatic increase in environmental complexity b. difficult in predicting future c. increasing number of variables d. rapid rate of obsolescence e. increase in the number of world events affecting organization f. ecreasing time spans for planning B.

The Process of Evaluating Strategies 1. Strategy evaluation is necessary for all sizes and kinds of organizations. a. Strategy evaluation should initiate managerial questioning of expectations and assumptions, trigger a review of objectives and values, and stimulate creativity in generating alternatives and formulating criteria of evaluation. 2. Evaluating strategies on a continuous rather than a periodic basis allows benchmarks of progress to be established and more effectively monitored.

. Managers and employees of the firm should continually be aware of progress being made toward achieving the firm’s objectives. As critical success factors change, organizational members should be involved in determining appropriate corrective actions. II. A STRATEGY-EVALUATION FRAMEWORK Table 9-3 summarizes the strategy-evaluation activities in terms of key questions that should be addressed, alternative answers to those questions, and appropriate actions for an organization to take.

A. Reviewing Bases of Strategy 1.As shown in Figure 9-2, by developing a revised EFE Matrix and IFE Matrix, the underlying bases of an organization’s strategy can be approached and reviewed. a. A revised IFE Matrix should focus on changes in the organization’s management, marketing, finance/accounting, production/operations, R, and MIS strengths and weaknesses. b.

A revised EFE Matrix should indicate how effectively a firm’s strategies have been in response to key opportunities and threats. B. Measuring Organizational Performance 1. Another important strategy-evaluation activity is measuring organizational performance.This activity includes comparing expected results to actual results, investigating deviations from plans, evaluating individual performance, and examining progress being made toward meeting stated objectives.

Both long-term and annual objectives are commonly used in this process. 2. Failure to make satisfactory progress toward accomplishing long-term or annual objectives signals a need for corrective action. 3. Quantitative criteria commonly used to evaluate strategies are financial ratios, which strategists use to make three critical comparisons: a. omparing the firm’s performance over different time periods, b.

comparing the firm’s performance to competitors, and c. comparing the firm’s performance to industry averages. 4. Key financial ratios for measuring organizational performance: a. return on investment b.

return on equity c. profit margin d. market share e. debt to equity f. earnings per share g. sales growth h.

asset growth C. Taking Corrective Action 1. The final strategy-evaluation activity, taking corrective action, requires making changes to reposition a firm competitively for the future. . Examples of changes that may be needed are altering an organization’s structure, replacing one or more key individuals, selling a division, or revising a business mission.

3. Taking corrective action raises employees’ and managers’ anxieties. Research suggests that participation in strategy-evaluation activities is one of the best ways to overcome individuals’ resistance to change. III. PUBLISHED SOURCES OF STRATEGY-EVALUATION INFORMATION A. Examples of Helpful Publications 1.

A number of publications are helpful in evaluating a firm’s strategies.For example, Fortune annually identifies and evaluates the Fortune 1,000 (the largest manufacturers) and the Fortune 50 (the largest retailers, transportation companies, utilities, banks, insurance companies, and diversified financial corporations in the United States). 2. Another excellent evaluation of corporations in America, “The Annual Report on American Industry,” is published annually in the January issue of Forbes. Business Week, Industry Week, and Dun’s Business Month also periodically publish detailed evaluations of American businesses and industries.

IV. CHARACTERISTICS OF AN EFFECTIVE EVALUATION SYSTEMA. Strategy evaluation must meet several basic requirements to be effective. 1. Strategy-evaluation activities must be economical; too much information can be just as bad as too little information. 2.

Strategy-evaluation activities should also be meaningful; they should specifically relate to a firm’s objectives. 3. Strategy-evaluation activities should provide timely information; on occasion and in some areas, managers may need information daily. 4. Strategy evaluation should be designed to provide a true picture of what is happening. B.

There is more than one ideal strategy-evaluation system.The unique characteristics of an organization, including its size, management style, purpose, problems, and strengths can determine a strategy-evaluation and control system’s final design. V. CONTINGENCY PLANNING A. Essence of Contingency Planning 1. A basic premise of good strategic management is that firms plan ways to deal with unfavorable and favorable events before they occur.

2. Contingency plans can be defined as alternative plans that can be put into effect if certain key events do not occur as expected. B. Effective Contingency Planning Involves These Steps: 1.Identify both beneficial and unfavorable events that could possibly derail the strategy or strategies.

2. Specify trigger points. Estimate when contingent events are likely to occur. 3. Assess the impact of each contingent event.

Estimate the potential benefit or harm of each contingent event. 4. Develop contingency plans. Be sure that the contingency plans are compatible with current strategy and financially feasible. 5.

Assess the counterimpact of each contingency plan. That is, estimate how much each contingency plan will capitalize on or cancel out its associated contingent event. . Determine early warning signals for key contingent events. Monitor the early warning signals. 7.

Develop advanced action plans to take advantage of the available lead time. VI. AUDITING A. Auditing is defined by the American Accounting Association (AAA) as “a systematic process of objectively obtaining and evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between those assertions and established criteria, and communicating the results to interested users. ” 1.People who perform audits can be divided into three groups: independent auditors, government auditors, and internal auditors.

2. Two government agencies, the General Accounting Office (GAO) and the Internal Revenue Service (IRS), employ government auditors responsible for making sure that organizations comply with federal laws, statutes, and policies. B. The Environmental Audit 1. For an increasing number of firms, overseeing environmental affairs is no longer a technical function performed by specialists; rather, it has become an important strategic-management concern.It should be as rigorous as a financial audit.

2. It should include training workshops in which staff help design and implement the policy. It should be budgeted and have funds allocated to ensure its viability. 3. A Statement of Environmental Policy should be published periodically.

VII. USING COMPUTERS TO EVALUATE STRATEGIES When properly designed, installed, and operated, a computer network can efficiently acquire information promptly and accurately. Networks can allow diverse strategy-evaluation reports to be generated for, and responded by different levels and types of managers.ISSUES FOR REVIEW AND DISCUSSION 1. Why has strategy evaluation become so important in business today? Answer: Strategy evaluation is critically important today because internal and external factors often change quickly and dramatically.

Key factors need to be monitored during strategy-evaluation activities. For example, technology is shortening the product life cycle in nearly all industries. The low value of the dollar is opening up many foreign markets to American exports and is fostering foreign acquisition of U. S. assets and companies. 4.

2.As owner of a local, independent supermarket explain how you would evaluate the firm’s strategy. Answer: For small businesses such as a local supermarket, strategy evaluation is less formal than in large organizations. However, both qualitative and quantitative criteria should be used to evaluate the small supermarket’s strategies, because large supermarket stores that offer one-stop shopping for virtually everything are proliferating across the country. 5.

3. Under what conditions are corrective actions not required in the strategy-evaluation process?Answer: The only time corrective actions would not be required in strategy evaluation is when major changes have not occurred in the firm’s internal or external strategic position and the firm is progressing satisfactorily towards achieving its stated objectives. 6. 4. Identify the types of organizations that may need to evaluate strategy more frequently than others. Justify your choices.

Answer: Organizations that compete in more turbulent industries may need to evaluate strategies more often than others. Several examples of turbulent industries are the computer industry, the communications industry, and the aerospace industry. . 5. As executive director of the state forestry commission, in what way and how frequently would you evaluate the organization’s strategies? Answer: Strategy evaluation should be an ongoing, continuous process rather than conducted at the end of a specified period of time, such as at the end of each year or at the end of every three years. The need exists to continually re-evaluate the forestry commission’s strategies as legislative actions evolve and as constituency groups align for or against important issues facing the state.

8. 6. Identify some key financial ratios that would be important in evaluating a bank’s strategy.Answer: In a bank, two key financial items are demand deposits (checking accounts) and time deposits (savings accounts). Other important items are commercial loans and consumer loans.

The ratio of these items to total bank assets and total bank profits could be particularly important in evaluating the strategies of a bank. 9. 7. As owner of a chain of hardware stores, describe how you would approach contingency planning. Answer: Effective contingency planning involves these steps: ?Identify both beneficial and unfavorable events that could possibly derail the strategy or strategies.

?Specify trigger points.Estimate when contingent events are likely to occur. ?Assess the impact of each contingent event. Estimate the potential benefit or harm of each contingent event. ?Develop contingency plans. Be sure that contingency plans are compatible with current strategy and financially feasible.

?Assess the counterimpact of each contingency plan. That is, estimate how much each contingency plan will capitalize on or cancel out its associated contingent event. ?Determine early warning signals for key contingent events. Monitor the early warning signals. Develop advanced action plans to take advantage of the available lead time.

Related posts:

• An Evaluation of the Marketing Strategy of Nestl Yorkie Chocolate Bars
• Critically review the development of the strategy of the Thatcher government toward the trade unions and assess their effectiveness
• A Reflection on Plan Evaluation
• Evaluation of Canon’s Strategies
• Case Study on Job Evaluation
• Program Evaluation Issues
• Leadership Strategy

Quick Links

Privacy Policy

Terms and Conditions

Testimonials

Our Services

Case Study Writing Service

Case Studies For Sale

Our Company

Welcome to the world of case studies that can bring you high grades! Here, at ACaseStudy.com, we deliver professionally written papers, and the best grades for you from your professors are guaranteed!

[email protected] 804-506-0782 350 5th Ave, New York, NY 10118, USA

Acasestudy.com © 2007-2019 All rights reserved.

Hi! I'm Anna

Would you like to get a custom case study? How about receiving a customized one?

Haven't Found The Case Study You Want?

For Only $13.90/page

Phone Login

Looks like you already have an account with this ID. You can try logging in

Forgot password?

Back to login

Register Now

This Email id already exist please try loging in

Create an account to find courses best suited to your profile

Why Evaluation and Control are Important in Strategic Management?

• Strategic Management

A strategy is not the endpoint or consequence of planning; rather, it is the beginning.

Without a strategy, a business has no way of steering the ship in the right direction. It attempts to coordinate and bring business resources and actions in line with the organization’s vision and mission. Strategic plans outline the necessary steps required to achieve strategic business goals.

But, what is the need for evaluation and control? And what will happen if you don’t evaluate your strategies or control your environment?

Let’s find out.

The Need for Evaluation and Control

Strategic evaluations are the mode for testing the efficiency and effectiveness of business strategies , and a way to determine whether the strategy that is being implemented is moving in the right direction or not. Evaluations also help identify the areas of improvement and the actions necessary to bring the performance back in line with organizational objectives. After you have successfully evaluated the changes required, you try to take control by implementing measures to help you get back on track. In conclusion, without evaluation and control, there is no way of knowing where you went wrong and how you could have done things contrarily.

The ideal way to gain in-depth knowledge in this domain is to pursue strategy & leadership online executive programs . These strategy & leadership online executive programs can expose you to advance contemporary themes in strategy and their application in real-world scenarios so you can be extremely relevant to the current business environment.

The need for evaluation and control can be further broken down to three primary reasons:-

Performance measurement.

The first step of strategic management includes defining a performance ideal as per the business objectives. This includes setting both qualitative and quantitative performance benchmarks to which all team members’ actual performance will be compared.

Ongoing Analysis

Strategic evaluation work under the assumption that as the business environment today is so dynamic, variances will exist between the set performance benchmark and the actual performance. This is also known as ongoing analysis, which can only be done if there are continuous evaluation and control processes in an organization.

Corrective Actions

When strategic evaluations are used, they pinpoint areas where the business is not meeting strategic objectives, allowing managers and leaders to take corrective actions to solve the problem. If such corrective actions are not taken timely, there’s a high chance of failure.

Also Read:  Know how certification in strategic management  

Bottom Line

Now, the importance of evaluation and control is evident. So, naturally, the next question is how to control and evaluate such strategies effectively? The answer lies in strategy & leadership online executive programs. One such program you can pursue is the online executive strategic management program by IIM Lucknow. The online executive strategic management program by IIM Lucknow covers all the pertinent and dynamic aspects of strategic management. What’s more is that you get the opportunity to learn from the expert and eminent faculty of IIM Lucknow , one of the top B-schools in the country. So, there’s that.

What are you waiting for? Sign up and start learning!

More Information:

What Are the Functions of Strategic Management?

What is Strategic management and why you need it?

Senior Executive Development CXO Programme by XLRI

Executive Development Program In Strategic Management

Executive Development Program In Transformational Leadership

Recent Post

How Digital Marketing will impact Businesses in 2022?

Presently, there are approximately 3.2 Billion internet...

How AI is Transforming The Future Of Digital Marketing?

The recent advancements in the field of...

Marketing Analytics vs Business Analytics: Basic Concepts in the World of Big Data

Analytics can be applied to anything that...

Upcoming Trends for Digital Marketing in 2023

Do you ever wonder how those big...

5 Benefits of Digital Marketing Vs Traditional Marketing

In the recent years digital marketing has...

• Brand Management
• Digital Marketing Courses
• Human Resource Management
• Leadership and Strategic Management
• Media & Entertainment Management

Know More about the Course

• Mobile Number *
• EXPERIENCE * Work Experience* 0-2 years 2-5 years 5-10 years 10-15 years 15+ years I am a graduate & a fresher I am currently pursuing a degree/diploma
• I accept Terms and Conditions
• Stay updated. Receive course information & updates on whatsapp

Talk to our counsellors to find a course best for your career

• Will get in touch with you soon
• State * State* Andaman and Nicobar Andhra Pradesh Arunachal Pradesh Assam Bihar Chandigarh Chhattisgarh Dadra and Nagar Haveli Daman and Diu Delhi Goa Gujarat Haryana Himachal Pradesh Jammu and Kashmir Srinagar Jharkhand Karnataka Kerala Lakshadweep Madhya Pradesh Maharashtra Manipur Meghalaya Mizoram Nagaland Odisha Puducherry Punjab Rajasthan Sikkim Tamil Nadu Telangana Tripura Uttar Pradesh Uttarakhand West Bengal

Let us call you back

We'll contact you asap.

• Select a Course Select a course Post Graduate Diploma In Finance Doctor Of Business Administration Doctorate of Business Administration Certificate Program in Applied Data Science and Deep Learning Executive Development Programme in Leadership in Sales & Marketing – The CMO Programme Postgraduate Certificate In Business Analytics B- 6 New Digital Marketing Job Linked Bootcamp Executive Development Programme in Strategic Decision Making in the Digital Era Professional Certificate Program in Health Care Management with immersion Advanced Certificate in Digital Marketing and Communication S4 Advanced Certificate in Digital Marketing and Communication S3 Advanced Certificate in Digital Marketing and Communication S2 Executive Development Programme in Applied Finance Executive Development Programme in Talent Management Executive Certificate Program in HR Analytics Advanced Certificate in Supply Chain Management MBA from Staffordshire Business School Professional Certificate program in Cyber Security Doctor of Business Administration in Emerging Technologies Executive Development Program in HR Analytics from XLRI B6 Executive Development Programme in Digital HR Transformation & AI-Driven HR Analytics MICA-MBMC-14-1223 Professional Certificate Program in Business Analytics B8 Professional Certificate Program In Marketing And Sales Management Executive Development Program in Advanced Financial Management MS in Full Stack Artificial Intelligence and Machine Learning MS in Full Stack Artificial Intelligence and Machine Learning MS in Full Stack Artificial Intelligence and Machine Learning Advanced Program in Strategic Management for Business Excellence -B4 Executive Certificate Program in Supply Chain Management and Analytics Master of Business Administration (MBA) Liverpool Business School -immersion MBA (Global) | Deakin Business School- With immersion Executive Development Program in Human Resource Management from XLRI Jamshedpur -B15(Copy) Advanced Certificate in Sales Forecasting and Demand Planning EXECUTIVE DEVELOPMENT PROGRAMME IN DIGITAL TRANSFORMATION STRATEGIES Executive Development Program in Human Resource Management from XLRI Jamshedpur -B15 Executive Development Program in Financial Analytics B-6 Full Stack Development Bootcamp Professional Certificate Program in Health Care Management Executive Development Program in Talent Management from XLRI- B12 Executive Certificate Programme in Advanced Strategic Management & Innovation Executive Development Programme in Driving Growth – The CXO Programme B-2 Executive Development Program in Project Management For Senior Professionals from XLRI Jamshedpur -B10 Ecommerce Supply Chain Management and Analytics Professional Certificate Program in General Management Batch 6 Master of Science in Computer Science Master of Science in Data Science Executive Post Graduate Programme in Machine Learning & AI Executive Development Programme in Strategic Marketing Management (Batch 2) Advanced Certificate Programme in Big Data Programming Advanced Certificate Program in Devops Advanced Certificate Programme in Cloud Backend Development Advanced Certificate Programme in Blockchain Executive Development Programme in Strategic Brand Management -B2 Advanced Certificate Programme in Cyber Security Executive Program in Supply Chain Management During Uncertain Times -B3 Executive Program in Marketing Strategy -B4 Executive Post Graduate Program in Full Stack Software Development Post Graduate Diploma in Management Post Graduate Certificate in Product Management Leadership and Management in New Age Business Executive Development Program in Data Science using Python, R & Excel B-10 Postgraduate Certificate In Business Analytics B- 6 Postgraduate Certificate in Human Capital Leadership -B-2 Executive Development Program in Digital Marketing B-7 100% Job-Guarantee Post Graduate Certificate in Software Engineering Full Stack Development Bootcamp - 100% job opportunities in MAANG/Top product companies Advanced General Management Program Professional Certificate Programme in HR Management and Analytics Executive Post Graduate Programme in Data Science Executive Post-Graduate Programme in Human Resource Management Professional Certificate Program in Data Science and Business Analytics Executive Post Graduate Program in Data Science and Machine Learning PROFESSIONAL CERTIFICATE PROGRAM IN MARKETING AND SALES MANAGEMENT -BATCH 8 Advanced Program in Leadership in the Digital Era -b3 Executive Development Program in Transformational Leadership -B5 Executive Program in Business Management - Batch 3 Professional Certificate Program in Business Analytics from IIM Kozhikode -B7 Executive Development Program in Strategic Management from XLRI -Batch6 Executive Development Programme In Business Analytics and Big Data Executive Certificate Program in Business Analytics and Big Data Advanced Certificate in Managing Brands and Marketing Communication -B-13 Executive Development Program in Human Resource Management from XLRI Jamshedpur -B14 Executive Development Program in Leadership & Change Management b-9 Certificate Programme In Operations Management And Analytics Professional Certificate Program in Supply Chain Strategy and Management - B5 Executive Development Program in Advanced Financial Management Executive Certificate Program in Applied Financial Risk Management -batch-3 Advanced Certificate in Digital Marketing and Communication Global Doctor of Business Administration Executive Development Programme in Strategic Marketing Management (Batch 1) Executive Development Program in HR Analytics -Batch 5 Executive Development Programme in Strategic Brand Management Master of Business Administration (MBA) Liverpool Business School Professional Certificate Program in Business Analytics from IIM Kozhikode Advanced Program in Strategic Management for Business Excellence Executive Development Program in Financial Analytics Advanced Certificate in Advertising Management and Public Relations Executive Development Programme Digital HR Transformation & AI-Driven HR Analytics Executive Program in Business Management Executive Program in Supply Chain Management During Uncertain Times CERTIFICATE PROGRAMME IN STARTUP BOOT CAMP Professional Certificate Program in Supply Chain Strategy and Management CERTIFICATE PROGRAMME IN INDUSTRIAL DESIGN, INNOVATION AND ENTREPRENEURSHIP Executive Development Program in HR Analytics B4 Executive Program in Marketing Strategy

Call us to get more information

Our counsellors will call you back in next 24 hours to help you with courses best suited for your career

• Human Capital Leadership XLRI Jamshedpur

*I hereby authorize Talentedge to contact me. It will override my registry on the NCPR.

Fee Structure

Program Fees

INR /- +GST

EMI Partners

No Cost EMI - 9 Months

Standard emi - 12 months, standard emi - 18 months, standard emi - 24 months.

* I accept Privacy Policy and Terms & Conditions. I appoint MyMoneyMantra as authorized representative to receive my credit information from Experian for the purpose of providing access to credit & targeted offers ('End Use Purpose') as defined in given Terms & Conditions.

* Loan Processing fee to be paid directly to the Loan Provider.

Request a call back

Let us help you guide towards your career path

• Non-biased career guidance
• Counselling based on your skills and preference
• No repetitive calls, only as per convenience

Strategic Management: Formulation, Implementation, and Control in a Dynamic Environment

International Journal of Commerce and Management

ISSN : 1056-9219

Article publication date: 29 June 2010

• Strategic management
• Management strategy
• Corporate strategy
• Globalization

Ramsey, R.D. and Duhe, S.J. (2010), "Strategic Management: Formulation, Implementation, and Control in a Dynamic Environment", International Journal of Commerce and Management , Vol. 20 No. 2, pp. 188-189. https://doi.org/10.1108/10569211011057281

Emerald Group Publishing Limited

Copyright © 2010, Emerald Group Publishing Limited

Strategic management has become a necessity rather than an advantage. Increased dynamics and globalization of the business environment favor firms that plan and manage strategically. This book is a great tool for anyone in a managerial role. In this text, Alkhafaji covers the entire framework of strategic management including environmental scanning, strategy formulation, implementation, control, and evaluation.

Abbass Alkhafaji was a Professor in the Business School at the Slippery Rock University in Pennsylvania. Before his 2007 death at age 59, he had become one of the world most productive scholars in the study of strategic management and international business. Alkhafaji received many awards for his research and writing. He founded the International Academy of Business Disciplines. As one of his last books, Strategic Management: Formulation, Implementation, and Control in a Dynamic Environment gives a mature explanation and analysis of every aspect of strategic management and planning.

This book has ten chapters, organized into four parts: Environmental Scanning, Strategy Formulation, Implementation, and Control . Part 1 comprises Chapters 1 and 2, which constitute a comprehensive introduction, and Chapter 3, titled “Assessing the Environment.” Alkhafaji emphasizes how globalization has added to the complexity of organizational environments. He defines a dynamic environment as one that is constantly changing – and likewise obliging organizations constantly to change. He discusses, in depth, the aspects environments which are external to an organization as well as those which are internal. He discusses the costs, benefits, and techniques of environmental scanning, the astute manager's practice of reading the environmental signals.

Part 2, Strategy Formulation , is Chapters 4 through 6. Chapter 4, “Corporate Strategy,” treats the importance of a long‐term corporate strategy. Alkhafaji discusses strategies such as specialization, diversification, and entrenchment. Chapter 5, “Business and Functional Strategies,” covers strategic management on the functional level of a firm and the formulation of a business strategy. Chapter 6, “Strategic Management in the International Environment,” touches on the trends and advantages of internationalization. Alkhafaji goes into detail about the complexity of international strategic management and the need for a systematic approach to entering foreign markets.

Chapters 7 and 8 make up Part 3, Implementation . In Chapter 7, “Corporate Structure and Implementation,” Alkhafaji explains the process of putting a management strategy into action. He also discusses the roles of managers in implementation such as resource management and establishment of an organization‐wide commitment to the strategic plan. Chapter 8, “Corporate Culture, the General Manager, and Implementation,” mainly covers the implementation of internal support systems and leadership.

Part 4, Evaluation and Control , is wholly composed of Chapter 9, “The Control Function.” This chapter identifies the purpose of control, which is to measure outcomes and outputs to see whether they are in line with the strategic plan. Alkhafaji also identifies and explains different levels and measurement methods of control and evaluation.

The book has three important strengths: its structure, emphasis on the subject's importance, and cases. Alkhafaji organized this text well, so that it is easy to follow. He takes the reader step‐by‐step through the phases of strategic management from introduction to evaluation. He also does a great job of emphasizing why strategic management is a topic worth studying. The introduction of the book especially convinces readers that strategic planning and management are necessary for businesses today. Alkhafaji refers to many other studies and authors throughout this book; his eclecticism gives readers the opportunity to see various viewpoints and also gives readers of various backgrounds points of relationship to the subject of strategic management. Strategic Management: Formulation, Implementation, and Control in a Dynamic Environment contains 21 cases, giving readers real‐world examples of the book's concepts. These cases are about well‐known corporations like Nike and Microsoft, and they reinforce the points made by the author in the text. A remaining point is that the book is rigorously researched and referenced – an exceptional example of scholarship combined with business applications.

The one weakness of Alkhafaji's book is in the area of international strategic management. Although the book does emphasize this topic in Chapter 3, it could be explained more thoroughly. Possibly Alkhafaji was relying on reader access to his numerous publications on international aspects of strategic management and consequently chose not to repeat himself here.

Strategic Management: Formulation, Implementation, and Control in a Dynamic Environment is interesting and well written. Alkhafaji's experience in the subject comes through, as well as the reasons for the esteem in which he is held in the academic community. Alkhafaji comprehensively covers the increasingly important realm of strategic management. This book is highly recommended to managers at any point in their careers as well as to any individual interested in strategic management.

Corresponding author

Richard David Ramsey can be contacted at: [email protected]

Related articles

We’re listening — tell us what you think, something didn’t work….

Report bugs here

All feedback is valuable

Please share your general feedback

Join us on our journey

Platform update page.

Visit emeraldpublishing.com/platformupdate to discover the latest news and updates

Questions & More Information

Answers to the most commonly asked questions here

Want to create or adapt books like this? Learn more about how Pressbooks supports open publishing practices.

QUALITATIVE METHODS

13 Case Studies

Valéry Ridde, Abdourahmane Coulibaly, and Lara Gautier

Case studies consist of an in-depth analysis of one or more cases, using a variety of methods and theoretical approaches. The choice of cases (single or multiple) studied is crucial. Case studies are particularly suitable for studying the emergence and processes involved in policy implementation and for contributing to theory-based evaluations.

Keywords: Qualitative methods, quantitative methods, mixed methods, case study, theoretical approaches, single/multiple cases, empirical triangulation, analytical generalisation

I. What does this method consist of?

Also used in anthropology, the case study approach has long been used in evaluation, where it is considered not as a method but as a research strategy (Yin 2018). By studying a policy in context and using multiple lines of evidence, the case study (single or multiple) seeks to answer ‘how’ and ‘why’ questions from a systems approach and with the support of theoretical approaches. Conducting a case study for a public policy evaluation follows a standard evaluation process: planning, drafting the protocol, preparing the field, collecting and analysing data, sharing results and making recommendations for policy improvement (Gagnon 2012). As with all evaluations, the choice of methods should follow the objectives and the evaluation question, not the other way around. A case study may thus mobilise qualitative, quantitative and different mixed methods designs.

The case study strategy is therefore appropriate when organising an evaluation of policy emergence, process, relevance or adaptation. It is often mobilised when evaluation teams have little or no control over the events and context that influence policy actions. This is often the case outside of experimental situations, which are rare in the field of public policy. It is therefore mostly recommended for understanding a contemporary, often complex, phenomenon organised in a real context.

The case study approach can be used to explain a public policy, describe it in depth or illustrate a specific situation, which can sometimes be original and enlightening for decision-making. The advantage of case studies is that they can be adapted to different situations where there are multiple variables of interest around a policy. It is also about being able to use multiple sources of data, both quantitative and qualitative, which allow for empirical triangulation. The case study strategy allows theoretical propositions and the state of scientific knowledge to guide data collection and analysis. It fits perfectly with, but is not limited to, theory-based evaluation approaches (see separate chapter on theory-based evaluation ).

There are a myriad of proposals for the types of case studies that are possible. Firstly, it is possible to use single/single case studies (involving one policy) or multiple case studies (several policies in the same organisational context or one policy in different contexts). Secondly, these cases can be studied holistically (the policy as a whole) or at different levels of analysis (the dimensions of the policy that the intervention theory will have specified or the particular regional contexts). The choice of case studies should be heuristic (to learn from the study) and strategic (to have data available within the available budget, to answer useful questions). A key criterion for case selection is to have sufficiently relevant information to understand the policy in depth and complexity. Case sampling should therefore be explicit, rigorous and transparent. The selection of case studies can thus be critical, unique, typical, revealing, instrumental, etc. This selection can also be carried out in collaboration between the research and policy teams to ensure that the choices are relevant and feasible. The selection can also be based on prior quantitative analyses to obtain the starting situation of the cases and, for example, choose cases that are very contrasting or very similar in their performance with regard to the policy being analysed.

Sometimes it can also be useful to have a diachronic approach in order to produce longitudinal case studies. For example, analysing a policy over time can reveal the influences of changes in the context or in the strategies of those implementing it, or of those benefiting from it. Starting with cases with similar initial conditions and then studying their evolution is referred to as ‘racing cases’ by Eisenhardt (Gehman et al. 2018).

When analysing the data, the case study approach requires, in addition to the usual analyses specific to the methods (content analysis, thematic analysis, descriptive or inferential statistics, etc.), to mobilise a replication logic. The idea is to compare, in a systematic and rigorous way, the empirical data and the theory, be it the theory of the policy intervention or a theoretical or conceptual framework used to understand the policy. This process is referred to by Yin as analytical generalisation. When several cases support the same theory, it is possible to suggest the presence of a replication logic ( Yin 2010).

Configurations can be heuristic tools for this analysis, whether they are organisational or rooted in critical realism (see separate chapter on realistic evaluation ). Furthermore, finding similar patterns, or situations, in different contexts strengthens the ability to generalise the results of case studies. Yin believes that analytical generalisation requires the construction of a very strong case that will be able to withstand the challenges of logical analysis. Thus, it is essential to specify this theoretical rationale at the outset of the case study, either by mobilising a theory or from the state of the art without it being entirely specific to the public policy being analysed. At the beginning of a case study, it is therefore necessary to remain at a relatively high conceptual level, at least higher than the policy under study. Secondly, the empirical results of the case study must show how they align (or not) with the theoretical argument at the outset. Finally, it will be necessary to discuss how this theoretical thinking, based on this particular policy, can also be applied to other situations and policies in the particular case study. The fact that, even at the beginning of the case study, a counter-argument (rival hypotheses) was also formulated, and that empirical evidence was sought during the data collection process (which refutes them), reinforces the validity of this process of analytical generalisation. Finally, the power of multiple case studies is that this analytical generalisation is strengthened when the results of one case are similar to those of other cases.

Some research teams even propose that case studies can lead to theory-building, especially when analysing complex objects such as public policies.

II. How is this method useful for policy evaluation?

Before deciding to embark on a case study approach, two preliminary questions should be asked which will determine the appropriateness of the approach:

Does the phenomenon I am interested in need the case(s) to be understandable? (e.g., Theory-building case studies)

Does the case(s) represent an empirical window that informs the analysis of the wider phenomenon?

Once one or the other has been answered positively, the evaluative questions can be defined:

Under what real-life conditions can public policy X, piloted in context A, be scaled up in contexts B, C, and D?

How did the controversy about public policy Y in context B emerge?

What are the success factors for the implementation of public policy X in context A?

How were public policies Y and Z implemented in context B?

Why did public policy X in context A and B fail, while it had positive effects in context C?

Why did public policy X implemented in context A fail, while public policy Y implemented in the same context A succeeded?

What is it about the characteristics of public policy Z implemented in contexts A, B, and C that informs μ theory-building case studies?

The case study can be used at any point in the evaluation process, ex ante (at the time of policy design), in itinere (during implementation), or ex post (e.g. to better understand the results produced).

III. An example of the use of this method in Burkina Faso

Simple and multiple longitudinal case studies were mobilised to study a public health financing policy in Burkina Faso (Ridde 2021).

The World Bank encouraged the government to test in a dozen districts a modality for financing health centres in addition to the state budget. The idea was to organise a performance-based payment system in which health centres and health professionals received additional funds based on the achievement of activity results. For example, for each delivery performed in the centre with a partographer, they received 3.2 euros to be shared between the structure and the staff, according to complex procedures and indicators. Verification and control processes were organised to ensure the reliability of payment claims.

To study the emergence of this new policy, we conducted a single case study (focusing on the policy) to better understand its origin, ideas, proposed solutions, people who proposed it, power issues, etc. We employed a literature review and 14 qualitative in-depth interviews with policy makers, funding agencies and experts on the subject. Using an analytical generalisation approach, we compared this emergence to understand whether what happened in Burkina Faso was also happening in Benin.

To study the implementation of the policy in Burkina Faso, we then used multiple longitudinal case studies. For reasons of time and budget, we selected three districts representing the diversity of situations in which the policy was implemented. Then, within each of these districts, we selected six cases from the primary health centres (about 30 per district) and one case that was the referral hospital (only one per district). The six cases were selected according to the three types of financing strategies that the policy wished to test, so two cases per type. We decided to select two cases with the greatest possible contrast within each of the three types: one very performant health centre and one not at all. Performance was calculated using a quantitative method (time series) on the basis of indicators of health centre attendance in the years preceding the policy. This etic analysis (from the external perspective) ranked all the health centres according to their order of performance to support case selection. The latter also benefited from the emic opinion (from the internal point of view) of local health system managers in order to take into account their own perception of the performance of the centres, beyond the quantitative approach which only gives a partial view of performance. Thus, for each of the seven cases selected per district (7×3 = 21), we used multiple sources of data to understand the challenges of policy implementation: analysis of documentation, formal qualitative interviews (between 114 and 215 per district) and informal interviews (between 26 and 168 per district), and observations of situations. A data collection grid was also used to measure the fidelity of policy implementation. In order to better understand the evolution of policy implementation, and in particular adaptations over time, three data collection moments were carried out over a 24-month period, thus following the longitudinal multiple case study approach.

Finally, these case studies have also been fruitful in studying, with a qualitative approach and a long immersion in the field, the unexpected consequences (positive or negative) of this policy. Although this dimension of the evaluation is still too little understood, its implementation in Burkina Faso has shown the relevance of this approach (Turcotte-Tremblay et al. 2017). Limiting oneself to the expected effects, which is often implied by an extreme focus on the sole theory of intervention developed by the teams that define the policy, reduces the heuristic scope of the evaluation. While successes are essential, challenges may also be necessary to improve public policies with the help of case studies.

For all these approaches, the analysis was carried out in a hybrid manner, both deductive (with respect to the intervention theory or a conceptual framework) and inductive (original empirical data). The comparison between cases, between districts and between countries allowed for an increase in abstraction in an analytical generalisation process.

IV. What are the criteria for judging the quality of the mobilisation of this method?

Judging the quality of a complex approach such as case studies requires a global vision, going beyond the specific but essential reflections of the usual methods (quantitative and qualitative). To this end, Yin (2018) proposes to study the quality of case studies in terms of four dimensions:

Construct validity (studying the expected policy and not something else): using multiple sources of evidence, describing and establishing a causal chain, involving stakeholders in the validation of the protocol and reports;

Internal validity (confidence in results): compare empirical data with each other and with theory, construct explanatory logics, account for competing and alternative hypotheses, use logical frameworks/theories of intervention;

External validity (ability to generalise results): use theories, use the logic of analytical replication;

Reliability (for the same case study, the same findings): use a policy study protocol, develop a case database.

V. What are the strengths and limitations of this method compared to others?

The main strength of the case study is its ability to ‘incorporate the unique characteristics of each case and to examine complex phenomena in their context’, i.e. in real-life conditions (Stiles 2013, 30).

The case study strategy, due to the abundance and variety of the corpus of data mobilised, and the research methods employed (qualitative, quantitative or mixed), most often allows for a rich description of the public policy(ies) being evaluated and the contexts of implementation. This is particularly true of single case studies, which allow for in-depth analysis. With regard to multiple case studies, the main advantage is that it allows for more potential variation, which increases the robustness of the explanation. The downside is that these strategies require a significant time commitment. Thus, the sheer volume of work can be problematic, especially if the deadlines set by the sponsors are short. In addition, if there are several evaluative questions, or a question that invites the linking of implementation issues to outcomes, then it may be necessary to consider combining the case study (which may focus on process analysis, for example) with another complementary research strategy, such as quasi-experimental approaches (Yin and Ridde, 2012). Finally, several biases may arise – the biased choice of case(s), low statistical power when conducting quantitative analyses. These biases may erode comparability across cases or contexts. The rich justification of the choice of cases (public policies) (Stake 1995) and the description of the context(s), as well as the process of analytical generalisation, described above, help to reduce the impact of these biases.

With regard to theory-building case studies, both advantages and disadvantages of the case study are identified (Stiles 2013). The case study strategy here consists of comparing different statements from theory with one or more observations. This can be done by describing the few cases in theoretical terms. Thus, although each detail can only be observed once, they can be very numerous and therefore useful for theory building. However, the same biases mentioned above are likely to occur (biased case selection, low statistical power). Confidence in individual statements may be eroded by these biases. On the other hand, as many statements are examined – reflecting a variety of contexts and therefore possible variations – the overall strengthening of confidence in the theory may be just as important as in a hypothesis testing study.

Some bibliographical references to go further

Gagnon, Yves-Chantal. 2012. L’étude de cas comme méthode de recherche . 2nd ed. Québec: Presses de l’Université du Québec.

Gehman, Joel. and Glaser, Vern L.. and Eisenhardt, Kathleen M.. and Gioia, Denny. and Langley, Ann. and Corley, Kevin G.. 2018. “Finding Theory–Method Fit: A Comparison of Three Qualitative Approaches to Theory Building.” Journal of Management Inquiry, 27(3): 284‑300. https://doi.org/10.1177/1056492617706029 .

Ridde, Valéry, éd. 2021. Vers une couverture sanitaire universelle en 2030? Éditions science et bien commun. Québec: Canada: Zenodo. https://doi.org/10.5281/ZENODO.5166925 .

Stake, Robert E. 1995. The Art of Case Study Research . Thousand Oaks, CA: SAGE Publications.

Stiles, William B. 2013. “Using Case Studies to Build Psychotherapeutic Theories.” Psychothérapies , 33(1): 29‑35. https://doi.org/10.3917/psys.131.0029 .

Turcotte-Tremblay, Anne-Marie. and Ali Gali-Gali, Idriss. and De Allegri, Manuela. and Ridde, Valéry. 2017. “The Unintended Consequences of Community Verifications for Performance-Based Financing in Burkina Faso.” Social Science & Medicine , 191: 226‑36. https://doi.org/10.1016/j.socscimed.2017.09.007 .

Yin, Robert K. 2010. “Analytic Generalization.” In Encyclopedia of Case Study Research , by Albert Mills, Gabrielle Durepos, and Elden Wiebe, 6. 2455 Teller Road, Thousand Oaks California 91320 United States: SAGE Publications, Inc. https://doi.org/10.4135/9781412957397.n8 .

Yin, Robert K. 2018. Case study research and applications: design and methods . Sixth edition. Los Angeles: SAGE.

Policy Evaluation: Methods and Approaches Copyright © by Valéry Ridde, Abdourahmane Coulibaly, and Lara Gautier is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License , except where otherwise noted.

Share This Book

Strategy Evaluation And Control

• Harvard Case Studies

Harvard Business Case Studies Solutions – Assignment Help

In most courses studied at Harvard Business schools, students are provided with a case study. Major HBR cases concerns on a whole industry, a whole organization or some part of organization; profitable or non-profitable organizations. Student’s role is to analyze the case and diagnose the situation, identify the problem and then give appropriate recommendations and steps to be taken.

To make a detailed case analysis, student should follow these steps:

STEP 1: Reading Up Harvard Case Study Method Guide:

Case study method guide is provided to students which determine the aspects of problem needed to be considered while analyzing a case study. It is very important to have a thorough reading and understanding of guidelines provided. However, poor guide reading will lead to misunderstanding of case and failure of analyses. It is recommended to read guidelines before and after reading the case to understand what is asked and how the questions are to be answered. Therefore, in-depth understanding f case guidelines is very important.

Harvard Case Study Solutions

STEP 2: Reading The Strategy Evaluation And Control Harvard Case Study:

To have a complete understanding of the case, one should focus on case reading. It is said that case should be read two times. Initially, fast reading without taking notes and underlines should be done. Initial reading is to get a rough idea of what information is provided for the analyses. Then, a very careful reading should be done at second time reading of the case. This time, highlighting the important point and mark the necessary information provided in the case. In addition, the quantitative data in case, and its relations with other quantitative or qualitative variables should be given more importance. Also, manipulating different data and combining with other information available will give a new insight. However, all of the information provided is not reliable and relevant.

porter’s five forces model

When having a fast reading, following points should be noted:

• Nature of organization
• Nature if industry in which organization operates.
• External environment that is effecting organization
• Problems being faced by management
• Identification of communication strategies.
• Any relevant strategy that can be added.
• Control and out-of-control situations.

When reading the case for second time, following points should be considered:

• Decisions needed to be made and the responsible Person to make decision.
• Objectives of the organization and key players in this case.
• The compatibility of objectives. if not, their reconciliations and necessary redefinition.
• Sources and constraints of organization from meeting its objectives.

After reading the case and guidelines thoroughly, reader should go forward and start the analyses of the case.

STEP 3: Doing The Case Analysis Of Strategy Evaluation And Control:

To make an appropriate case analyses, firstly, reader should mark the important problems that are happening in the organization. There may be multiple problems that can be faced by any organization. Secondly, after identifying problems in the company, identify the most concerned and important problem that needed to be focused.

Firstly, the introduction is written. After having a clear idea of what is defined in the case, we deliver it to the reader. It is better to start the introduction from any historical or social context. The challenging diagnosis for Strategy Evaluation And Control and the management of information is needed to be provided. However, introduction should not be longer than 6-7 lines in a paragraph. As the most important objective is to convey the most important message for to the reader.

After introduction, problem statement is defined. In the problem statement, the company’s most important problem and constraints to solve these problems should be define clearly. However, the problem should be concisely define in no more than a paragraph. After defining the problems and constraints, analysis of the case study is begin.

STEP 4: SWOT Analysis of the Strategy Evaluation And Control HBR Case Solution:

SWOT analysis helps the business to identify its strengths and weaknesses, as well as understanding of opportunity that can be availed and the threat that the company is facing. SWOT for Strategy Evaluation And Control is a powerful tool of analysis as it provide a thought to uncover and exploit the opportunities that can be used to increase and enhance company’s operations. In addition, it also identifies the weaknesses of the organization that will help to be eliminated and manage the threats that would catch the attention of the management.

This strategy helps the company to make any strategy that would differentiate the company from competitors, so that the organization can compete successfully in the industry. The strengths and weaknesses are obtained from internal organization. Whereas, the opportunities and threats are generally related from external environment of organization. Moreover, it is also called Internal-External Analysis.

• Pest analysis

In the strengths, management should identify the following points exists in the organization:

• Advantages of the organization
• Activities of the company better than competitors.
• Unique resources and low cost resources company have.
• Activities and resources market sees as the company’s strength.
• Unique selling proposition of the company.

WEAKNESSES:

• Improvement that could be done.
• Activities that can be avoided for Strategy Evaluation And Control.
• Activities that can be determined as your weakness in the market.
• Factors that can reduce the sales.
• Competitor’s activities that can be seen as your weakness.

OPPORTUNITIES:

• Good opportunities that can be spotted.
• Interesting trends of industry.
• Change in technology and market strategies
• Government policy changes that is related to the company’s field
• Changes in social patterns and lifestyles.
• Local events.

Following points can be identified as a threat to company:

• Company’s facing obstacles.
• Activities of competitors.
• Product and services quality standards
• Threat from changing technologies
• Financial/cash flow problems
• Weakness that threaten the business.

Following points should be considered when applying SWOT to the analysis:

• Precise and verifiable phrases should be sued.
• Prioritize the points under each head, so that management can identify which step has to be taken first.
• Apply the analyses at proposed level. Clear yourself first that on what basis you have to apply SWOT matrix.
• Make sure that points identified should carry itself with strategy formulation process.
• Use particular terms (like USP, Core Competencies Analyses etc.) to get a comprehensive picture of analyses.

STEP 5: PESTEL/ PEST Analysis of Strategy Evaluation And Control Case Solution:

Pest analyses is a widely used tool to analyze the Political, Economic, Socio-cultural, Technological, Environmental and legal situations which can provide great and new opportunities to the company as well as these factors can also threat the company, to be dangerous in future.

Pest analysis is very important and informative.  It is used for the purpose of identifying business opportunities and advance threat warning. Moreover, it also helps to the extent to which change is useful for the company and also guide the direction for the change. In addition, it also helps to avoid activities and actions that will be harmful for the company in future, including projects and strategies.

To analyze the business objective and its opportunities and threats, following steps should be followed:

• Brainstorm and assumption the changes that should be made to organization. Answer the necessary questions that are related to specific needs of organization
• Analyze the opportunities that would be happen due to the change.
• Analyze the threats and issues that would be caused due to change.
• Perform cost benefit analyses and take the appropriate action.

PEST FACTORS:

• Next political elections and changes that will happen in the country due to these elections
• Strong and powerful political person, his point of view on business policies and their effect on the organization.
• Strength of property rights and law rules. And its ratio with corruption and organized crimes. Changes in these situation and its effects.
• Change in Legislation and taxation effects on the company
• Trend of regulations and deregulations. Effects of change in business regulations
• Timescale of legislative change.
• Other political factors likely to change for Strategy Evaluation And Control.

ECONOMICAL:

• Position and current economy trend i.e. growing, stagnant or declining.
• Exchange rates fluctuations and its relation with company.
• Change in Level of customer’s disposable income and its effect.
• Fluctuation in unemployment rate and its effect on hiring of skilled employees
• Access to credit and loans. And its effects on company
• Effect of globalization on economic environment
• Considerations on other economic factors

SOCIO-CULTURAL:

• Change in population growth rate and age factors, and its impacts on organization.
• Effect on organization due to Change in attitudes and generational shifts.
• Standards of health, education and social mobility levels. Its changes and effects on company.
• Employment patterns, job market trend and attitude towards work according to different age groups.

case study solutions

• Social attitudes and social trends, change in socio culture an dits effects.
• Religious believers and life styles and its effects on organization
• Other socio culture factors and its impacts.

TECHNOLOGICAL:

• Any new technology that company is using
• Any new technology in market that could affect the work, organization or industry
• Access of competitors to the new technologies and its impact on their product development/better services.
• Research areas of government and education institutes in which the company can make any efforts
• Changes in infra-structure and its effects on work flow
• Existing technology that can facilitate the company
• Other technological factors and their impacts on company and industry

These headings and analyses would help the company to consider these factors and make a “big picture” of company’s characteristics. This will help the manager to take the decision and drawing conclusion about the forces that would create a big impact on company and its resources.

STEP 6: Porter’s Five Forces/ Strategic Analysis Of The Strategy Evaluation And Control Case Study:

To analyze the structure of a company and its corporate strategy, Porter’s five forces model is used. In this model, five forces have been identified which play an important part in shaping the market and industry. These forces are used to measure competition intensity and profitability of an industry and market.

porter’s five forces model

These forces refers to micro environment and the company ability to serve its customers and make a profit. These five forces includes three forces from horizontal competition and two forces from vertical competition. The five forces are discussed below:

• THREAT OF NEW ENTRANTS:
• as the industry have high profits, many new entrants will try to enter into the market. However, the new entrants will eventually cause decrease in overall industry profits. Therefore, it is necessary to block the new entrants in the industry. following factors is describing the level of threat to new entrants:
• Barriers to entry that includes copy rights and patents.
• High capital requirement
• Government restricted policies
• Switching cost
• Access to suppliers and distributions
• Customer loyalty to established brands.
• THREAT OF SUBSTITUTES:
• this describes the threat to company. If the goods and services are not up to the standard, consumers can use substitutes and alternatives that do not need any extra effort and do not make a major difference. For example, using Aquafina in substitution of tap water, Pepsi in alternative of Coca Cola. The potential factors that made customer shift to substitutes are as follows:
• Price performance of substitute
• Switching costs of buyer
• Products substitute available in the market
• Reduction of quality
• Close substitution are available
• DEGREE OF INDUSTRY RIVALRY:
• the lesser money and resources are required to enter into any industry, the higher there will be new competitors and be an effective competitor. It will also weaken the company’s position. Following are the potential factors that will influence the company’s competition:
• Competitive advantage
• Continuous innovation
• Sustainable position in competitive advantage
• Level of advertising
• Competitive strategy
• BARGAINING POWER OF BUYERS:
• it deals with the ability of customers to take down the prices. It mainly consists the importance of a customer and the level of cost if a customer will switch from one product to another. The buyer power is high if there are too many alternatives available. And the buyer power is low if there are lesser options of alternatives and switching. Following factors will influence the buying power of customers:
• Bargaining leverage
• Switching cost of a buyer
• Buyer price sensitivity
• Competitive advantage of company’s product
• BARGAINING POWER OF SUPPLIERS:
• this refers to the supplier’s ability of increasing and decreasing prices. If there are few alternatives o supplier available, this will threat the company and it would have to purchase its raw material in supplier’s terms. However, if there are many suppliers alternative, suppliers have low bargaining power and company do not have to face high switching cost. The potential factors that effects bargaining power of suppliers are the following:
• Input differentiation
• Impact of cost on differentiation
• Strength of distribution centers
• Input substitute’s availability.

STEP 7: VRIO Analysis of Strategy Evaluation And Control:

Vrio analysis for Strategy Evaluation And Control case study identified the four main attributes which helps the organization to gain a competitive advantages. The author of this theory suggests that firm must be valuable, rare, imperfectly imitable and perfectly non sustainable. Therefore there must be some resources and capabilities in an organization that can facilitate the competitive advantage to company. The four components of VRIO analysis are described below: VALUABLE: the company must have some resources or strategies that can exploit opportunities and defend the company from major threats. If the company holds some value then answer is yes. Resources are also valuable if they provide customer satisfaction and increase customer value. This value may create by increasing differentiation in existing product or decrease its price. Is these conditions are not met, company may lead to competitive disadvantage. Therefore, it is necessary to continually review the Strategy Evaluation And Control company’s activities and resources values. RARE: the resources of the Strategy Evaluation And Control company that are not used by any other company are known as rare. Rare and valuable resources grant much competitive advantages to the firm. However, when more than one few companies uses the same resources and provide competitive parity are also known as rare resources. Even, the competitive parity is not desired position, but the company should not lose its valuable resources, even they are common. COSTLY TO IMITATE: the resources are costly to imitate, if other organizations cannot imitate it. However, imitation is done in two ways. One is duplicating that is direct imitation and the other one is substituting that is indirect imitation. Any firm who has valuable and rare resources, and these resources are costly to imitate, have achieved their competitive advantage. However, resources should also be perfectly non sustainable. The reasons that resource imitation is costly are historical conditions, casual ambiguity and social complexity. ORGANIZED TO CAPTURE VALUE: resources, itself, cannot provide advantages to organization until it is organized and exploit to do so. A firm (like Strategy Evaluation And Control)  must organize its management systems, processes, policies and strategies to fully utilize the resource’s potential to be valuable, rare and costly to imitate.

STEP 8: Generating Alternatives For Strategy Evaluation And Control Case Solution:

After completing the analyses of the company, its opportunities and threats, it is important to generate a solution of the problem and the alternatives a company can apply in order to solve its problems. To generate the alternative of problem, following things must to be kept in mind:

• Realistic solution should be identified that can be operated in the company, with all its constraints and opportunities.
• as the problem and its solution cannot occur at the same time, it should be described as mutually exclusive
• it is not possible for a company to not to take any action, therefore, the alternative of doing nothing is not viable.
• Student should provide more than one decent solution. Providing two undesirable alternatives to make the other one attractive is not acceptable.

Once the alternatives have been generated, student should evaluate the options and select the appropriate and viable solution for the company.

STEP 9: Selection Of Alternatives For Strategy Evaluation And Control Case Solution:

It is very important to select the alternatives and then evaluate the best one as the company have limited choices and constraints. Therefore to select the best alternative, there are many factors that is needed to be kept in mind. The criteria’s on which business decisions are to be selected areas under:

• Improve profitability
• Increase sales, market shares, return on investments
• Customer satisfaction
• Brand image
• Corporate mission, vision and strategy
• Resources and capabilities

Alternatives should be measures that which alternative will perform better than other one and the valid reasons. In addition, alternatives should be related to the problem statements and issues described in the case study.

STEP 10: Evaluation Of Alternatives For Strategy Evaluation And Control Case Solution:

If the selected alternative is fulfilling the above criteria, the decision should be taken straightforwardly. Best alternative should be selected must be the best when evaluating it on the decision criteria. Another method used to evaluate the alternatives are the list of pros and cons of each alternative and one who has more pros than cons and can be workable under organizational constraints.

STEP 11: Recommendations For Strategy Evaluation And Control Case Study (Solution):

There should be only one recommendation to enhance the company’s operations and its growth or solving its problems. The decision that is being taken should be justified and viable for solving the problems.

Have a language expert improve your writing

Run a free plagiarism check in 10 minutes, generate accurate citations for free.

• Knowledge Base

Methodology

• What Is a Case-Control Study? | Definition & Examples

What Is a Case-Control Study? | Definition & Examples

Published on February 4, 2023 by Tegan George . Revised on June 22, 2023.

A case-control study is an experimental design that compares a group of participants possessing a condition of interest to a very similar group lacking that condition. Here, the participants possessing the attribute of study, such as a disease, are called the “case,” and those without it are the “control.”

It’s important to remember that the case group is chosen because they already possess the attribute of interest. The point of the control group is to facilitate investigation, e.g., studying whether the case group systematically exhibits that attribute more than the control group does.

Table of contents

When to use a case-control study, examples of case-control studies, advantages and disadvantages of case-control studies, other interesting articles, frequently asked questions.

Case-control studies are a type of observational study often used in fields like medical research, environmental health, or epidemiology. While most observational studies are qualitative in nature, case-control studies can also be quantitative , and they often are in healthcare settings. Case-control studies can be used for both exploratory and explanatory research , and they are a good choice for studying research topics like disease exposure and health outcomes.

A case-control study may be a good fit for your research if it meets the following criteria.

• Data on exposure (e.g., to a chemical or a pesticide) are difficult to obtain or expensive.
• The disease associated with the exposure you’re studying has a long incubation period or is rare or under-studied (e.g., AIDS in the early 1980s).
• The population you are studying is difficult to contact for follow-up questions (e.g., asylum seekers).

Retrospective cohort studies use existing secondary research data, such as medical records or databases, to identify a group of people with a common exposure or risk factor and to observe their outcomes over time. Case-control studies conduct primary research , comparing a group of participants possessing a condition of interest to a very similar group lacking that condition in real time.

Receive feedback on language, structure, and formatting

Professional editors proofread and edit your paper by focusing on:

• Academic style
• Vague sentences
• Style consistency

See an example

Case-control studies are common in fields like epidemiology, healthcare, and psychology.

You would then collect data on your participants’ exposure to contaminated drinking water, focusing on variables such as the source of said water and the duration of exposure, for both groups. You could then compare the two to determine if there is a relationship between drinking water contamination and the risk of developing a gastrointestinal illness. Example: Healthcare case-control study You are interested in the relationship between the dietary intake of a particular vitamin (e.g., vitamin D) and the risk of developing osteoporosis later in life. Here, the case group would be individuals who have been diagnosed with osteoporosis, while the control group would be individuals without osteoporosis.

You would then collect information on dietary intake of vitamin D for both the cases and controls and compare the two groups to determine if there is a relationship between vitamin D intake and the risk of developing osteoporosis. Example: Psychology case-control study You are studying the relationship between early-childhood stress and the likelihood of later developing post-traumatic stress disorder (PTSD). Here, the case group would be individuals who have been diagnosed with PTSD, while the control group would be individuals without PTSD.

Case-control studies are a solid research method choice, but they come with distinct advantages and disadvantages.

Advantages of case-control studies

• Case-control studies are a great choice if you have any ethical considerations about your participants that could preclude you from using a traditional experimental design .
• Case-control studies are time efficient and fairly inexpensive to conduct because they require fewer subjects than other research methods .
• If there were multiple exposures leading to a single outcome, case-control studies can incorporate that. As such, they truly shine when used to study rare outcomes or outbreaks of a particular disease .

Disadvantages of case-control studies

• Case-control studies, similarly to observational studies, run a high risk of research biases . They are particularly susceptible to observer bias , recall bias , and interviewer bias.
• In the case of very rare exposures of the outcome studied, attempting to conduct a case-control study can be very time consuming and inefficient .
• Case-control studies in general have low internal validity  and are not always credible.

Case-control studies by design focus on one singular outcome. This makes them very rigid and not generalizable , as no extrapolation can be made about other outcomes like risk recurrence or future exposure threat. This leads to less satisfying results than other methodological choices.

If you want to know more about statistics , methodology , or research bias , make sure to check out some of our other articles with explanations and examples.

• Student’s  t -distribution
• Normal distribution
• Null and Alternative Hypotheses
• Chi square tests
• Confidence interval
• Quartiles & Quantiles
• Cluster sampling
• Stratified sampling
• Data cleansing
• Reproducibility vs Replicability
• Peer review
• Prospective cohort study

Research bias

• Implicit bias
• Cognitive bias
• Placebo effect
• Hawthorne effect
• Hindsight bias
• Affect heuristic
• Social desirability bias

A case-control study differs from a cohort study because cohort studies are more longitudinal in nature and do not necessarily require a control group .

While one may be added if the investigator so chooses, members of the cohort are primarily selected because of a shared characteristic among them. In particular, retrospective cohort studies are designed to follow a group of people with a common exposure or risk factor over time and observe their outcomes.

Case-control studies, in contrast, require both a case group and a control group, as suggested by their name, and usually are used to identify risk factors for a disease by comparing cases and controls.

A case-control study differs from a cross-sectional study because case-control studies are naturally retrospective in nature, looking backward in time to identify exposures that may have occurred before the development of the disease.

On the other hand, cross-sectional studies collect data on a population at a single point in time. The goal here is to describe the characteristics of the population, such as their age, gender identity, or health status, and understand the distribution and relationships of these characteristics.

Cases and controls are selected for a case-control study based on their inherent characteristics. Participants already possessing the condition of interest form the “case,” while those without form the “control.”

Keep in mind that by definition the case group is chosen because they already possess the attribute of interest. The point of the control group is to facilitate investigation, e.g., studying whether the case group systematically exhibits that attribute more than the control group does.

The strength of the association between an exposure and a disease in a case-control study can be measured using a few different statistical measures , such as odds ratios (ORs) and relative risk (RR).

No, case-control studies cannot establish causality as a standalone measure.

As observational studies , they can suggest associations between an exposure and a disease, but they cannot prove without a doubt that the exposure causes the disease. In particular, issues arising from timing, research biases like recall bias , and the selection of variables lead to low internal validity and the inability to determine causality.

Sources in this article

We strongly encourage students to use sources in their work. You can cite our article (APA Style) or take a deep dive into the articles below.

George, T. (2023, June 22). What Is a Case-Control Study? | Definition & Examples. Scribbr. Retrieved March 20, 2024, from https://www.scribbr.com/methodology/case-control-study/

Schlesselman, J. J. (1982). Case-Control Studies: Design, Conduct, Analysis (Monographs in Epidemiology and Biostatistics, 2) (Illustrated). Oxford University Press.

Is this article helpful?

Tegan George

Other students also liked, what is an observational study | guide & examples, control groups and treatment groups | uses & examples, cross-sectional study | definition, uses & examples, unlimited academic ai-proofreading.

✔ Document error-free in 5minutes ✔ Unlimited document corrections ✔ Specialized in correcting academic texts

The role of enterprise risk management in enabling organisational resilience: a case study of the Swedish mining industry

• Original Paper
• Open access
• Published: 23 March 2024

Cite this article

You have full access to this open access article

• Aynaz Monazzam   ORCID: orcid.org/0000-0002-1886-9172 1 &
• Jason Crawford   ORCID: orcid.org/0000-0003-2092-6196 1  

This study empirically examines the role of enterprise risk management (ERM) in developing and maintaining resilience resources and capabilities that are necessary for an organisation’s strategic transformation towards sustainability. Data was collected through 25 semi-structured interviews, one non-participant observation, and secondary sources in the context of a Swedish mining company undergoing a high-risk strategic transformation towards full decarbonisation. Following the temporal bracketing approach (Langley in Academy of Management Review 24:691–70, 1999) and employing thematic analysis (Gioia in Organizational Research Methods 16:15–31), the data was structured and analysed according to three phases from 2012 to 2023. The findings show: first, different ERM practices, such as risk governance frameworks, risk culture, risk artefacts, and risk awareness, influence resilience resources and capabilities. Second, the evolution of risk management practices from traditional risk management to ERM is an ongoing developmental process to ensure that risk management continues to be aligned with the company’s strategy. Third, in tandem with strategic changes, resilience in terms of resources and capabilities emerges over time and develops through a series of events, gradually enhancing the company’s ability to manage risks and uncertainties associated with multidimensional sustainability challenges. These results contribute to the ERM literature that follows the dynamic capability approach and also focuses on the relationship between ERM and strategy by adding more detailed empirical evidence from the risk management literature in relation to resilience resources and capabilities. Additionally, the results contribute to the resilience literature that follows a developmental perspective.

Avoid common mistakes on your manuscript.

1 Introduction

The steel industry is responsible for approximately 5% of CO2 emissions in the EU and 7% globally (Somers, 2022 ). While facing environmental, social, economic, and political challenges, companies operating in this strategic sector need to accelerate the decarbonisation processes to meet the EU’s ambitions for 2030 and the climate targets for 2050 (McKinsey, 2020 ). Therefore, a transformational change towards decarbonisation is essential for the long-term survival of mining, iron, and steel companies. If companies fail to achieve sustainable operations, their value-creating capacity, as well as their operating licence, which is critical to their business continuity, will be threatened. The necessity of the transformational change towards decarbonisation has prompted some of the Swedish iron and steel companies Footnote 1 to take the lead in [re]formulating their strategies towards more sustainable business models, adapting to an increasingly challenging business environment, and raising global awareness concerning sustainability-related issues.

However, as a part of the transformational process towards implementing sustainable strategies, companies face sustainability-related risks that have some characteristics of novel risks Footnote 2 in terms of being unexpected, and thus traditional risk management would be ineffective in handling these types of risks (Kaplan et al., 2020 ). Therefore, companies need to invest in their capabilities (Kaplan et al., 2020 ) and activate, combine, and reconfigure their resources to be able to respond to uncertainties and create value (Andersen et al., 2022 ). In this regard, enterprise risk management (ERM), which “constitutes a dynamic capability” (Nair et al., 2014 , p. 558), can support companies in avoiding undesirable events, minimising losses, and most importantly, finding creative answers to disruptions (Bogodistov & Wohlgemuth, 2017 ). Nonetheless, striking a balance between short-term efficiency and long-term development can be challenging in practice (Andersson et al., 2019 ).

Some studies implicitly show ERM enables companies to employ various resources that can contribute to a company’s resilience capacity. For instance, Lundqvist ( 2015 ) claims that ERM includes risk governance frameworks that establish a structured approach to the management of risks by defining risk responsibilities within the organisation. ERM also includes designing and using risk artefacts to promote risk communication (Klein & Reilley, 2021 ), integrating risk information into strategic decision-making (Giovannoni et al., 2016 ), and sharing risk information across the organisation (Arnold et al., 2011 ), all of which eventually lead to increased risk awareness in an organisation (Braumann, 2018 ). The findings of these studies are in line with the three categories of resilience resources proposed by (Richtnér & Södergren, 2008 ), namely structural, relational, and cognitive resources (see Table  1 ). However, there is a scarcity of studies that explicitly explain how ERM, as dynamic capability, influences a company’s resilience resources and resilience capabilities in the context of strategic change. This could be due to the fact that ERM as a concept remains obscure (Bromiley et al., 2015 ), as does resilience (Andersson et al., 2019 ; Linnenluecke, 2017 ). Furthermore, considering the complexity of sustainability challenges, the lack of integration of resilience thinking into risk assessment practices and the ERM literature may further contribute to the ambiguity surrounding the relationship between risk management and resilience (Wassénius & Crona, 2022 ). A more integrated understanding of risk management, that includes resilience thinking, could help in overcoming the limitations of traditional risk management approaches in particular, when dealing with uncertainty.

In the context of a Swedish mining company undergoing a high-risk transformational strategic change, this study aims to empirically examine the role of ERM in developing and maintaining resilience capabilities in daily practice and over time (Andersson et al., 2019 ). We do so in order to understand how risk management practices can evolve and not only help organisations avoid undesirable events and "bounce back" when they occur, but also "bounce forward" (Jaeger, 2010 ) by discovering new creative solutions (Richtnér & Löfsten, 2014 ) in situations characterised by high levels of environmental complexity. This aim leads to the following research question:

How does ERM contribute to developing and maintaining the resilience necessary for the strategic transformation of an organisation towards sustainability?

We answer the research question by conducting a single case study at one of the mining companies currently involved in the decarbonisation project in Sweden where we gathered data via 25 semi-structured interviews, a non-participant observation, and secondary sources.

This study makes the following contributions to the literature. First, it contributes to our understanding of how ERM can be perceived as a dynamic capability (Andersen et al., 2022 ; Bogodistov & Wohlgemuth, 2017 ; Nair et al., 2014 ) by showing how various elements of ERM, such as risk governance frameworks, risk culture, risk artefacts, and risk awareness, influence resilience capacity-derived resources and action-derived capabilities. Second, this study contributes to our understanding of the relationship between ERM and strategy (Sax & Andersen, 2019 ), by showing that the evolution of risk management practices from traditional risk management to ERM is an ongoing developmental process to ensure that risk management continues to be aligned with the organisation’s strategy. Third, by drawing on the resilience literature that follows a developmental perspective (Richtnér & Södergren, 2008 ; Sutcliffe & Vogus, 2003 ) we find that in tandem with strategic changes, resilience in terms of resources and capabilities, emerged overtime and developed through a series of events, gradually enhancing the company’s ability to manage risk and uncertainties associated with sustainability challenges that are complex and multidimensional (Wassénius & Crona, 2022 ). Additionally, following the resilience literature (i.e., Van der Vegt et al., 2015 ), our findings also show that capacity-derived resources and action-derived capabilities have dynamic relationships between and across their domains.

The remainder of the paper is structured as follows. Section  2 reviews the literature on enterprise risk management, resilience and also presents the theoretical coordinates that guides this research. Section  3 , provides an overview of the research methods. The empirical findings are presented in Sect.  4 , followed by a discussion in Sect.  5 . Finally, the conclusions and contributions are presented in Sect.  6 .

2 Literature review and theoretical coordinates

This section begins with a review of the literature on risk management, with a specific focus on understanding how enterprise risk management is increasingly being recognised as an enabler of organisational resilience. In doing so, we first outline the main attributes of ERM and differences between ERM and traditional risk management. Thereafter, we examine the relationship between ERM, strategy, and sustainability prior to analysing how resources and capabilities are presented in the ERM literature. Finally, we take a closer look at the resilience concept, its origins, and interpretations, and end the section with a presentation of the theoretical coordinates that are used in the analysis of the empirical case.

2.1 Enterprise risk management

ERM has emerged as a leading paradigm for good corporate governance and risk management globally (Anton & Nucu, 2020 ). It is supported by regulators and rating agencies and requires the alignment of traditional risk management (TRM) with risk governance and strategy. The concept of ERM lacks a universally accepted definition, and evidence from empirical studies shows that it does not manifest in a standardised format when implemented in practice (Mikes & Kaplan, 2015 ). However, based on an extensive review of the literature, Bromiley et al. ( 2015 ) point out that there is an emerging consensus that ERM has three core attributes. 1. “ERM assumes that managing the risk of a portfolio (the corporation) is more efficient than managing the risks of each of the individual subsidiaries (parts of the corporation or activities).” 2. “ERM incorporates not only traditional risks like product liability and accidents, but also strategic risks…” 3. “ERM assumes firms should not look at risk as a problem to mitigate. Firms with a capability for managing a particular risk should seek competitive advantage from it.” (Bromiley et al., 2015 , p. 268).

In contrast to ERM, TRM is conceptualised as a process which according to Lundqvist ( 2015 , p. 442) “entails individually or in a silo identifying risk, measuring risk, monitoring, and perhaps reporting on risk but with little formality, structure, or centralization; simple examples being an isolated group of individuals in the finance department hedging currency risk or a factory floor manager tracking incidents of injury on the job”. Hence, ERM signifies a more comprehensive approach to risk management in comparison to TRM and it is widely accepted in the literature that ERM adoption enables organisations to employ a wider variety of risk management strategies. These may include the use of insurance and derivatives for risk transfer and financial risk management; the inclusion of scenario analysis to forecast emerging risks; and the appointment of chief risk officers (CRO) to promote risk culture and enhanced risk awareness (Braumann, 2018 ; Mikes, 2009 ). In other words, ERM may enable organisations to identify the need to reconfigure resources and capabilities which are necessary when attempting to respond to increasingly complex, ambiguous, and rapidly evolving environments (Nair et al., 2014 ).

ERM has taken on a new emphasis in light of recent failures to manage strategic risks, including regulatory and compliance risks, competitor risks, economic risks, political risks, technology risks, and partnership and/or collaboration risks (Dhlamini, 2022 , pp. 2–3). Organisations, especially those that undergo a strategic transformation, are exposed to novel and strategically significant risks that are difficult to anticipate and quantify. While the literature suggests that an increasing number of organisations engage in some form of risk envisionment which according to Mikes ( 2011 , p. 235) is “an alternative style of risk control which does not privilege risk measurement over judgement and soft instrumentation”, Kaplan et al. ( 2020 , p. 42) remind us that even if that is the case, organisations may still not be willing to “invest in the capabilities and resources to cope with them [novel risks] because they seem so unlikely.” In such instances, the value-creating potential of ERM (see Baxter et al., 2013 ; Jabbour & Abdel-Kader, 2016 ) may be inhibited. One possible explanation for this is that the link between ERM and strategic planning has not been formalised in a manner that leads to the establishment of practices to identify, mitigate, and manage strategic risks and opportunities and, in turn, increase organisational risk awareness (Sax & Andersen, 2019 ).

The relationship between ERM and sustainability has become a central topic for practitioners in light of the transition to a low-carbon economy and the strategic challenges this transition poses (WBCSD, 2016 ). ERM has also been discussed in the literature in terms of its potential contribution to sustainable decision-making (Liu, 2019 ) and its integration with sustainability reporting to enhance business performance (Shad et al., 2019 ). In essence, sustainability, according to Antoncic ( 2019 , p. 208), “is the latest evolutionary development on the very same continuum of risk management we have watched unfold for decades.” Sustainability-related risks exhibit many of the characteristics of novel risks in terms of being difficult to imagine and quantify. They can arise from distance events, e.g., at a supplier, through the development and introduction of new and more complex products which are derived from new ideas, features, systems and technologies, or from a rare event e.g., plant damage emerging from an earthquake (Antoncic, 2019 ). Therefore, it is reasonable to assume that integrating sustainability risks into the ERM process will require the type of investments in resources and capabilities outlined by Kaplan et al. ( 2020 ).

Drawing on the existing literature, we argue that in order for an organisation to effectively use ERM to develop and maintain resilience, it needs to recognise the strategic value-creating capabilities of ERM. These capabilities should extend beyond compliance with external requirements, such as regulations for the purpose of establishing legitimacy (Power, 2009 ). Nevertheless, it is important to recognise that compliance-type processes, e.g., risk control, disaster recovery plans, and business continuity planning, can have a significant and positive impact on resilience if applied quickly in times of crises (Bhamra et al., 2011 ). Furthermore, it is important that sustainability risks are integrated into the organisation’s ERM framework to enable their assessment and management from a more strategic perspective (Antoncic, 2019 ; Wassénius & Crona, 2022 ). Through this approach, the literature suggests that ERM can be perceived as a dynamic capability when resources and capabilities are configured in such a way as to enable organisations to identify and act upon opportunities that emerge in situations of rapid environmental change and turbulent and uncertain business contexts (Andersen et al., 2022 ). In detailing how, resources and capabilities are configured Andersen et al. ( 2022 , p. 4) state that “the resources are combined in unique ways and deployed by the firm through different capabilities to generate specific types of valuable output, e.g., products, services, and organisational processes.” In addition, they suggest that the effectiveness of dynamic capabilities is contingent on, the organisational structure, e.g., the establishment of standardised routines and processes; on non-routine strategizing and entrepreneurial activities, e.g., in groups or networks; and managerial cognition, e.g., idea generation, learning, and sensing. The resources and capabilities described above closely reflect the resources proposed by Richtnér and Södergren ( 2008 ) and the capabilities put forward by Jaeger ( 2010 ) (see Table  1 ).

2.1.1 ERM as a dynamic capability: Insights from the literature

Taking the departure point that, “the overlapping attributes of ERM and dynamic capabilities strongly point to the conclusion that ERM constitutes a dynamic capability”, (Nair et al., 2014 , p. 558); that by definition dynamic capabilities are “a firm’s ability to integrate, build, and reconfigure internal and external competencies to address rapidly changing environments” (Nair et al., 2014 , citing Teece et al., 1997 , p. 516); and that a dynamic capability perspective supports organisations in moving beyond the ex-ante prediction of risky events e.g., in compliance and due diligence processes, to providing managers with the tools to recover from risky events that may occur (Bogodistov & Wohlgemuth, 2017 ), we turn to empirical studies for further insights how those resources and capabilities may emerge in the context of ERM in practice.

The transition from TRM to ERM, according to Zhivitskaya and Power ( 2016 ), redirects the emphasis of organisations from developing robust formal processes that are independent from the business and adhere to policy objectives, to developing and deploying competences that serve the needs of the board and executive management. The risk governance framework, which establishes a formalised and structured approach to the management of risk with clear lines of responsibility and accountability, as well as the role and mandate of the chief risk officer (CRO) and the risk function within the overall organisational structure (Lundqvist, 2015 ) is a foundational element in enabling ERM as a dynamic capability. Risk governance can be a source of competitive advantage, and it determines to what extent ERM will be integrated into strategic planning and other control processes (Lundqvist, 2015 ; Sax & Andersen, 2019 ). Boholm et al. ( 2012 ) further emphasise the importance of risk governance in terms of integration, suggesting that risk governance shapes interconnected activities within and between organisations, the reproduction of practices, and sense making and sense giving (see also Meidell & Kaarbøe, 2017 ).

Risk culture is also an important element in enabling ERM as a dynamic capability, as risk culture has been found to influence managerial preferences for various ERM practices (Diab & Metwally, 2021 ). Mikes ( 2011 ) draws attention to two quite distinct risk cultures: risk measurement and risk envisionment. In a culture characterised by risk measurement, risk experts focus on developing and using sophisticated risk calculation and aggregation techniques that are applied to prevent or control known risks; they tend to work within their own silos, and they have little influence on strategic decision-making. In a culture characterised by risk envisionment, risk experts develop, use, and share a wider array of anticipatory techniques (e.g., scenario planning, materiality analysis) in interactions with others, e.g., business managers, in dynamic and reflexive social spaces, e.g., committees and workshops, where individual difficulties in terms of understanding risk and uncertainty can be overcome (Tekathen & Dechow, 2013 ), where risk awareness can be increased (Braumann, 2018 ), and influence on decision-making can take place (Hall et al., 2015 ).

The contrast between the two approaches—measurement and envisionment—also highlights the challenges that senior risk officers face in balancing the tensions between compliance and business partnering, where in the latter approach, risk managers are expected to proactively assess and communicate uncertainty as opposed to acting as reactive control agents (Mikes & Zhivitskaya, 2017 ). These approaches necessitate distinct sets of competencies. Mikes et al. ( 2013 ) find that individuals who exhibit and are able to combine trailblazing (“finding new opportunities to use expertise”), toolmaking (“developing and deploying tools that embody and spread expertise”), teamwork (“using personal interaction to take in others’ expertise and convince people of the relevance of your own”), and translation (“personally helping decision makers understand complex context”) competencies are best equipped to gain organisational-wide influence. As Braumann et al. ( 2024 ) point out, the role that risk experts take is closely related to the integration of ERM with other controls that make up the organisational control package and the extent to which ERM influences other controls such as strategic planning.

The design and use of risk artefacts, i.e., tools, is another significant aspect in enabling ERM as a dynamic capability. The ERM process is a tool-rich environment, and the literature shows that, depending on how risk artefacts are designed and used, their contribution to ERM in terms of dynamic capabilities varies considerably. As an illustration, the implementation of ERM artefacts may lead to knowledge conflicts between groups and reduced discretionary decision-making (Wahlström, 2009 ) or support the emergence of risk communication (Klein & Reilley, 2021 ), operationalise risk aggregation techniques (Arena et al., 2017 ), and facilitate the inclusion of risk information into strategic decision-making forums (Giovannoni et al., 2016 ). Additionally, ERM artefacts may facilitate knowledge circulation (Tekathen & Dechow, 2013 ) and either reduce or increase decision uncertainty (Mikes, 2011 ). Thus, it is important to consider the manner in which ERM, functioning as a dynamic capability and source of strategic value creation, utilises various technological solutions or what Crawford and Jabbour ( 2024 ) refer to as ERM artefacts, to support ongoing activities, promote risk awareness, increase responsiveness to threats and opportunities, and enhance information sharing across the organisation (Arnold et al., 2011 ).

Finally, given that the cognitive capabilities of managers within organisations have been credited in the literature with effective dynamic capabilities (Andersen et al., 2022 ; citing Helfat & Peteraf, 2015 ), it is therefore critical to acknowledge the significance of human cognition. Upon revisiting the definition of dynamic capabilities presented at the beginning of this section—“a firm’s ability to integrate, build, and reconfigure internal and external competencies to address rapidly changing environments”—and drawing insights from relevant literature, it is evident that in order for organisations to embrace new ERM ideas that would result in ERM becoming a dynamic capability, human cognition may need to be adapted to realise the integration, building, and reconfiguration of competencies (Nair et al., 2014 ). While the complexity of cognitive processes is often overlooked in the risk management literature (Rooney & Cuganesan, 2015 ), a few studies offer valuable insights into the diverse mechanisms through which cognitive adaptation can occur.

Cognitive resources should be reallocated from box-ticking to the actual management of risks, according to Power ( 2009 ). Consistency in perceptions is important for the success of the risk control process according to Woods ( 2009 ), and Caldarelli et al. ( 2016 ) contend that communication is necessary for the emergence of shared perceptions, otherwise there is a risk that individual autonomous conflicting opinions persist. Achieving consistency in perceptions may be difficult however given the multiplicity of perceptions that exist in relation to risk and how it should be managed (Klein & Reilley, 2021 ). According to Mikes ( 2009 ), interactive controls should be used to increase actor’s awareness of emergent risks in order to share discretionary decision-making and emergent strategies. Corvellec ( 2010 , p. 146) asserts that risk conceptualisation, according to the cognitive view, is “contingent on, comes from, and develops within practice”. Arnold et al. ( 2011 ) and Braumann ( 2018 ) highlight the significance of technological solutions, i.e., risk artefacts, in facilitating risk awareness. However, Christiansen and Thrane ( 2014 ) caution that although individuals may be more risk aware, this does not automatically lead to action. As stated by the authors, to generate action further translation is needed, i.e., assessing operational consequences or suggesting possible responses (Christiansen & Thrane, 2014 , p. 436). The literature shows that CROs who engage in business partnering are more likely to engage with business managers in the translation activities, thus sharing the cognitive burden that ERM presents for actors, in terms of sense making and sense giving (Meidell & Kaarbøe, 2017 ).

2.2 Resilience

The term resilience is becoming increasingly prevalent in research, public policy, and the media, and it is widely regarded as a desirable trait for organisations to possess in order to deal with a variety of adversities (Linnenluecke, 2017 ). A comprehensive literature review of business and management research reveals how fragmented the concept’s conceptualisation and operationalisation has become, as it is associated with significantly different approaches to dealing with adversity, that range from rigidity on one end of the spectrum to agility on the other (Linnenluecke, 2017 ). Nevertheless, the increasing prevalence of the resilience concept across a variety of scientific disciplines and practitioner communities suggests that it is an essential concept, as it is strongly related to environmental and societal change phenomena such as unexpected and disruptive events (Hillmann & Guenther, 2021 ). Additionally, since resilience has been linked to environments characterised by uncertainty, complexity, and turbulence (Hillmann & Guenther, 2021 ), it is a relevant concept from a risk management perspective.

Resilience can trace its roots back to the 1970s in ecology. Early scientific definitions refer to resilience as “a measure of the persistence of systems and their ability to absorb change and disturbance and still maintain the same relationship between populations or state variables” (Holling, 1973 , p. 14). According to this definition, resilience refers to its original connotation of persistence. With the passage of time, the concept of resilience has developed further within different disciplines (Linnenluecke, 2017 ). In social ecology study, for instance, the resilience concept expanded and embraced the capacity of a system to adapt and transform in the face of change (Walker et al., 2006 ). In the same vein, management scholars define resilience as “…the ability of systems to absorb and recover from shocks, while transforming their structures and means for functioning in the face of long-term stresses, change, and uncertainty” (Van der Vegt et al., 2015 , p. 972). Finally, from an organisational resilience perspective, “resilience is more than mere survival; it involves identifying potential risks and taking proactive steps to ensure that an organisation thrives in the face of adversity” (Baird et al., 2023 , p. 171, citing Somers, 2009 , p. 13) Footnote 3 . Thus, it can be argued that resilience is not only limited to a system’s ability to bounce back from disturbances and stay in the same state. It can also refer to a system’s capability to undergo transformational change and bounce forward, to a new state. According to Andersson et al. ( 2019 , p. 37), this implies that in achieving resilience, organisations maintain a balance between ‘opposing forces’, i.e., between short-term efficiency and long-term development.

Although resilience is typically conceptualised in terms of post-disturbance outcome states related to performance (Munoz et al., 2022 ), this study views resilience as an ongoing and dynamic process through which organisations continually adapt in order to meet the current challenges that complex environments present, thereby increasing their capacity to meet future challenges also. This developmental perspective recognises that resilience does not emerge solely from managing one-time exceptional events, instead, it emerges from the ongoing management of risks and the ability to activate, combine, and recombine resources in response to new challenges that arise over time (Sutcliffe & Vogus, 2003 ). Therefore, we follow the argument that resilience—in terms of resources and capabilities—“can be formed over time, strengthened and developed through a series of experiences, mutual learning and the gradual build-up of competence to handle challenge, stress and strain” (Richtnér & Södergren, 2008 , p. 262, citing Sutcliffe & Vogus, 2003 ).

As Van der Vegt et al. ( 2015 , p. 973) point out, “to understand a system’s [organisation’s] resilience, it is important to identify the capabilities and capacities [resources] of important parts of the system, and to examine how they interact with one another and their environment”. Thus, in line with taking a developmental perspective, this study focuses on resilience as capacity-derived resources (Richtnér & Södergren, 2008 ) and action-derived capabilities (Jaeger, 2010 ). As a starting point, we draw on Richtnér and Södergren’s ( 2008 ) definitions of resilience resources which are based on the work of Sutcliffe and Vogus ( 2003 ). We subsequently enrich these definitions, where possible, by drawing on work which examines resilience in relation to creativity (Richtnér & Löfsten, 2014 ), transformation (Lengnick-Hall & Beck, 2005 ; Lengnick-Hall et al., 2011 ), and balancing organisational structures (Andersson et al., 2019 ).

Structural resources are defined as “clear organisational structures which facilitate activity, solid visions and plans, adequate financial resources, a legitimate position, a clear mandate, enough formal power, or a platform to act from” (Richtnér & Södergren, 2008 , p. 269). By providing a formal setting, structural resources play an important role in the integration and development of relational and cognitive resources at the individual, group, and organisational levels (Lengnick-Hall & Beck, 2005 ). At the individual level, structures can facilitate the exercise of discretion and judgment. At the group level, they can facilitate learning, skill development, and reinforce a learning orientation. At the organisational level, structures that promote flexibility can support the transfer of expertise and other resources via ad-hoc problem-solving networks and through the development of social capital (Sutcliffe & Vogus, 2003 ).

Relational resources are defined as “networks that can be mobilised, people who in practice will welcome being contacted, and who can, for instance, open the right doors, or contribute with material or immaterial support. This type of resources can include colleagues in other organisations, good relations with external partners, and significant others such as subcontractors, consultants, customers, and politicians” (Richtnér & Södergren, 2008 , p. 269). If these networks interact in mutually reinforcing ways, they facilitate the acquisition of new skills, the mastery of new situations, and competence enhancement (Gittell, 2000 ; Gittell et al., 2006 ). They also enable the accumulation of existing knowledge which in turn enables the development of new knowledge. The expansion of a group’s collective knowledge in conjunction with a diverse group composition, can according to Sutcliffe and Vogus ( 2003 , p. 102), foster resilience “by influencing the group’s capabilities to sense, register, and regulate complexity”.

Cognitive resources are defined as having “adequate skills, knowledge, and competence, either in the team, or easy access to the skills of others, for instance expert knowledge, mentors with earlier experience or smart people to discuss crucial issues with” (Richtnér & Södergren, 2008 , p. 269). As indicated above, cognitive resources, such as risk expertise, are crucial to the development of organisational resilience, and supportive structural and relational resources play a significant role in the emergence and development of cognitive resources over time. Lengnick-Hall and Beck ( 2005 , p. 750) emphasise the importance of cognition in their conceptualisation of ‘cognitive resilience’, and its role in noticing, interpreting, analysing, and formulating responses to complex challenges and unprecedented events that go beyond simply surviving an ordeal, i.e., bouncing back. This suggests that the cognitive resources needed to enable organisations to transform, i.e., bounce forward, are different because in bouncing forward there is an emphasis on ingenuity rather than standardisation and the need for control (Lengnick-Hall & Beck, 2005 ). Thus, cognitive resilience is regarded as “an intricate blend of expertise, opportunism, creativity and decisiveness despite uncertainty” (Lengnick-Hall et al., 2011 , p. 246).

While we take the position that resilience is a developmental process, drawing on Jaeger’s ( 2010 ) work enables us to link the developmental and processual aspects of resilience, with resilience capabilities, which is important when examining the relationship between resilience and strategy, and it also avoids conceptual fragmentation (Andersson et al., 2019 ). The three forms or orders of resilience are defined as follows.

First-order resilience “is based on patterns of conventions and norms that keep solving coordination problem in the face of perturbations” (Jaeger, 2010 , p. 14). In other words, first-order resilience is rooted in the probability-utility framework and refers to a system’s ability to avoid undesirable but known events and can therefore maintain coordination in the face of disturbances (Jaeger, 2010 ). This form of resilience is primarily associated with robust patterns, norms and conventions, where systems [organisations] have learned to manage preventable and controllable risks in stable conditions, and is effective under predictable circumstances (Jaeger, 2010 ). Second-order resilience Footnote 4 is “the capability to handle the breakdown until the system can switch back into its normal way of operation” (Jaeger, 2010 , p. 15). This refers to a system’s [organisation’s] capacity to bounce back after a breakdown (i.e., where risks and uncertainties exceed the coping capacity of first-order resilience) to the “previous state of normality” and thus depends on the firm’s capability to improvise (Jaeger, 2010 , p. 15). Third-order resilience is related to “the capability of a system [organisation] to find a creative answer to the disruption it has experienced” (Jaeger, 2010 , p. 15). In doing so, the system finds ways to learn from the disruption and reduce the vulnerabilities it encountered. Achieving third-order resilience is contingent on organisations treating disruptive events as opportunities rather than threats (Vogus & Sutcliffe, 2007 ) and requires the mobilisation of relational and cognitive resources in particular, where networks within and outside the organisation are mobilised, and actors’ skills, knowledge, and competencies are leveraged to create innovative solutions (Richtnér & Löfsten, 2014 ). This form of resilience is closely related to what Mikes and Kaplan ( 2015 , p. 40) refer to as risk “envisionment”, which relies heavily on “experience, intuition, and imagination”.

A summary of our theoretical coordinates is provided in Table  1 , followed by a discussion on their applicability in analysing our empirical case in Sect.  2.3 .

2.3 Applying the theoretical coordinates to ERM

Following resilience thinking, several researchers have attempted to establish a link between resilience and risk management (e.g., Aven, 2019 ; Van der Vegt et al., 2015 ), thus promoting the widespread notion of risk-resilient organisations (Aven, 2019 ; Bogodistov & Wohlgemuth, 2017 ). This notion, which is also the focus of the dynamic capability perspective, suggests that organisations should be able to rapidly reconfigure their resources in response to changes in environmental uncertainty (Winter, 2003 ). The latter argument is consistent with what we discussed earlier (i.e., in Sect.  2.1.1 ) on how resources and capabilities emerge in the context of ERM practices in terms of developing risk governance frameworks (i.e., structural resources), risk culture, the design and use risk artefacts (i.e., relational resources), and risk cognitive capabilities (i.e., cognitive resources). In a similar vein, Van der Vegt et al. ( 2015 ) argue that in conditions of uncertainty, organisational structures should be more organic, new forms of corporation developed, decision-making should be decentralised, and greater interconnectedness amongst employees fostered, all with the aim of creating adaptive problem-solving capabilities (i.e., first-, second-, and third-resilience capabilities). Moreover, Van der Vegt et al. ( 2015 ) emphasise the importance of individual’s behaviour, abilities, skills, and cognitions. In doing so, they underscore once again the significance of relational and cognitive resources in addressing uncertainties commonly associated with high-risk strategic transformations. Thus, risk-resilient organisations can thrive Footnote 5 and flourish despite volatility and uncertainties (Munoz et al., 2022 ; Taleb, 2012 ). It is against this background that we believe unpacking resilience ‘capacity-derived resources’ and ‘action-derived capabilities’ (Table  1 ) is useful in further bridging the gap between ERM and resilience for the following reasons:

First, the identified capacity-derived resources (i.e., structural, relational, and cognitive resources) emphasise the importance of establishing formal structures and control activities, encouraging collaborative effort, and enhancing cognitive processes, so that risks and uncertainties can be better governed and managed. These factors have been receiving increasing attention in the risk management literature. While the literature focusing on risk governance emphasises the importance of structural resources as a means of controlling (undesired-) behaviour (Lundqvist, 2015 ), other literature within the domain of risk management increasingly emphasises relational and cognitive resources in terms of enhancing behaviour to create more reflexive and intelligent risk management practices in daily organisational life (Crawford & Jabbour, 2024 ; Tekathen & Dechow, 2020 ). These resources manifest, for instance, when actors use social capital (i.e., networks of relationships) to influence decision-making (Hall et al., 2015 ), or when value systems are modified intentionally to instil new risk ideas in the minds of employees (Metwally & Diab, 2021 ).

Second, the three distinct orders of resilience action-derived capabilities emerged as an attempt to advance the development of risk management theory and practice (Jaeger, 2010 ), which makes them highly relevant for advancing our theoretical and practical understanding of how ERM contributes to resilience in the context of a high-risk strategic transformation. An underlying facet of action-derived capabilities is that they indirectly acknowledge the role and importance of risk governance, risk culture, risk artefacts, and cognition in achieving first-, second-, and third-order resilience. To illustrate our point, risk governance is central to ensuring that an organisation has a formalised and structured approach in place to manage preventable/controllable risks (Lundqvist, 2015 ) (first-order resilience), as well as having the capability to bounce back after a breakdown by having disaster recovery plans and business continuity plans in place (second-order resilience) (Bhamra et al., 2011 ). In addition, given that risk governance also influences interconnected activities and the extent to which organisational actors engage with each other in sense making and sense giving (Boholm et al., 2012 ) it is reasonable to assume that risk governance has a role in supporting the emergence of creativity and learning (third-order resilience).

Similar connections between resilience and ERM can be made for risk culture, risk artefacts, and cognition. For example, given that risk culture influences managerial preferences for various ERM practices (Diab & Metwally, 2021 ), risk culture can limit action-derived capabilities to first-order resilience or extend them to include all three orders of resilience. Risk artefacts may be predominately designed and used in the assessment and mitigation of preventable/controllable risks, but they can also be designed and used to augment improvisation in social spaces shared by risk experts and business managers, or to enhance organisational learning by improving risk communication across distributed organisational actors (Klein & Reilley, 2021 ). Human cognition can be limited to focusing on risk prevention and control from a compliance perspective (Power, 2009 ), or extended to include creative problem solving to enter a new state by engaging in strategic decision-making (Corvellec, 2010 ).

Third, the literature suggests (e.g., Van der Vegt et al., 2015 ), and we argue, that it is not only likely that the three types of resources, and the three orders of resilience have a dynamic relationship within their own domain (e.g., structural resources are related to relational resources, or first-order resilience is related to second order resilience). It also appears plausible that capacity-derived resources and action-derived capabilities may have a dynamic relationship across domains, especially as risk governance matures sufficiently to achieve ‘integrated’ enterprise risk management, which connects internal systems, processes, techniques, and people (Lundqvist, 2015 , p. 442). Given that organisations who engage in strategic transformations must strike a balance between current governance issues and future-orientated transformation strategies (Carmeli & Markman, 2011 ), it is likely that organisations via their ERM processes need to mobilise several of the resources simultaneously, in order to achieve action-derived capabilities (Table  1 ) and thus develop resilience as they enter, change, and emerge from the strategic transformation.

3 Research method

The research purpose outlined in the introduction is addressed by using a qualitative methodology and a single case study approach. Due to the relationship-based nature of our research question, a case study was selected to facilitate the detailed investigation that is typically required to answer why and how questions (Gerring, 2004 ; Rowley, 2002 ), and to understand complex dynamics in a specific context (Yin, 2009 ).

3.1 Case selection

In line with our research purpose (Rowley, 2002 ; Siggelkow, 2007 ), we selected NordMine. It is one of Sweden’s oldest industrial companies, which is state owned, and produces approximately 85 percent of all the iron ore in Europe. As Europe’s largest iron ore producer and fourth largest source of CO2 emissions in Sweden, it reformulated its strategies toward full decarbonisation in 2020 which coincided with the EU’s adoption of legislative proposals to achieve climate neutrality by 2050 and an intermediate target of a minimum 55% net reduction in greenhouse gas emissions by 2030 (European Commission, 2023 ). As a result, NordMine’s risk and uncertainty landscape is changing dramatically, as are its risk management practices to ensure the achievement of its strategic ambitions. Due to the nature of NordMine’s core business, financial risks and business interruption risks have historically been the company’s primary risk management priorities however, due to the strategic transformation towards sustainability, the company has been faced with new strategic risks and uncertainties that require it to change its capacity-derived resources and action-derived capabilities and maintain alignment between risk management and strategy (Sax & Andersen, 2019 ). Therefore, the case company provides a valuable empirical context to increase our knowledge of how risk management practices can evolve over time and thus enable resilience in an organisation.

3.2 Data collection

We gathered empirical data from a variety of sources: (1) semi-structured interviews, (2) non-participant observation, and (3) secondary data from the company’s official documents Footnote 6 . From June 2022 to September 2023, the corresponding author conducted 25 semi-structured interviews (see Appendix 1 ). Interviewees were selected using snowball sampling based on recommendations from previously interviewed participants. Before the interviews began, we outlined a set of issues that needed to be explored with each respondent. Footnote 7 All interviews were recorded and transcribed verbatim.

Additionally, as a non-participant observer, the corresponding author was present at one of the company’s risk meetings alongside local risk managers and a group of international risk standard-setters. This observation allowed for a more in-depth contextual understanding of the company’s integrated risk management approach, the key objects in risk identification and assessment processes, the essential tools for assessing different risks, and the policies and requirements for risk management.

Lastly, secondary data was gathered from public and confidential company documents. This data comprised of the company’s sustainability and annual reports from 2012 to 2022, the internal risk policy, the company’s risk management handbook for business interruptions, strategic planning documents, annual risk grading reports, strategic meetings’ PowerPoint slides, and archival data included in the company’s websites and business publications.

To understand how enterprise-wide risk management has evolved and influenced the development and maintenance of structural, relational, and cognitive resources of the company as well as its strategic transformation process, we collected and thereafter analysed data from different organisational levels including executive Footnote 8 , group management Footnote 9 , business areas Footnote 10 , and operational levels Footnote 11 . This enabled us to understand ERM practices from multiple perspectives and get closer to the resources that facilitated the emergence of resilience capabilities (Dooley, 2002 ; Klein et al., 1994 ). Thus, we could better understand the interactions and dynamics between and across the resilience capacity-derived resources and action-derived capabilities (Table  1 ).

3.3 Data analysis

Since we utilised an abductive approach, data collection and data analysis were iterative processes and we went back and forth between data, emerging results, and the theoretical framework (Christensen et al., 2002 ; Gehman et al., 2018 ; Van de Ven, 2007 ; Van Maanen et al., 2007 ). For data analysis, we followed the temporal bracketing approach (Langley, 1999 ) and employed thematic analysis (Braun & Clarke, 2006 ; Gioia et al., 2013 ). The combination of these methods was essential for answering the research question due to the following considerations.

Firstly, the temporal bracketing approach helped us to structure our data in a way that illustrated the historical evolution of ERM practices from 2012 to 2023, based on critical events and interactions (see Fig.  1 ) in the context of transformative change happening at NordMine. According to this, we began to dissect and reorganise the original interview transcripts, field notes, and secondary data around the events that were significant to our understanding of the change processes in the company. Thus, temporal bracketing facilitated the transformation of our empirical findings into a series of independent but connected blocks (Langley, 1999 ), namely Phase 1 (2012–2016): managing controllable risks in a stable environment, Phase 2 (2017–2021): strategic transformation and the emergence of ERM, and Phase 3 (2021–2023): ERM at work: balancing rigidity and flexibility in the headwinds of strategic transformation. We identified each phase based on the key events that occurred in those time periods as they related to the company’s risk management and changes in strategy. This, in turn, enabled us to analyse the events of each phase within the different theoretical coordinates. Although each of the phases separately describe the risk management processes and practices during a specific period, there is continuity between different phases (Langley, 1999 ). For instance, as illustrated in Table  2 , resilience capacity-derived resources and action-derived capabilities have been developed during different phases, strengthened through a series of events, and thus gradually built up NordMine’s ability to manage risk and uncertainties (Richtnér & Södergren, 2008 ).

Three phases of risk management at NordMine

Secondly, using thematic analysis enabled us to find the pattern of interpretation within three phases of our empirical findings with reference to the theoretical coordinates presented in Table  1 . According to this, our data extracts were grouped and coded according to first-order analysis (Gioia et al., 2013 ) themes, namely resilience structural, relational, and cognitive resources as well as resilience capabilities including first-, second-, and third-order resilience. As the data analysis progressed, during the second-order analysis (Gioia et al., 2013 ), we found interrelationships between and across the themes related to capacity-derived resources and action-derived capabilities. Thereafter, our empirical storyline was developed based on those themes and connected to our theoretical framework.

4 Empirical results

This section presents the empirical results from our study. In Sect.  4.1 , we begin with a brief overview of the case study setting, three phases of risk management in NordMine, and then elaborate upon ERM development in Sects.  4.2.1 through to 4.2.3 .

4.1 NordMine

NordMine as one of the world’s leading suppliers of upgraded iron ore products, carries out its operations in two main business areas, namely Iron Ore and Special Products. While the former encompasses the company’s mines and the related processing plants, the latter develops and markets industrial minerals, drilling technology, and full-service solutions for the mining and construction industries. In 2020, external factors, such as regulation and changing stakeholder demands for sustainability, and a vision for the future of mining, became important drivers for NordMine to incorporate sustainability into its strategies. From a market perspective, the sustainability transformation would provide the company with a long-term competitive advantage and value creating opportunities, particularly in business areas that deal with a large number of customers. Furthermore, reformulating strategy according to sustainability objectives would enable NordMine to move toward resource efficiency and also broaden its business. However, this also presented the company with various types of risks. Thus, as a consequence of undergoing a transformative change, NordMine moved from traditional risk management towards risk governance as a stepping stone for developing ERM practices (see Fig.  1 ). In Phase 1—2012 to 2016—the company’s primary risk management priorities have been financial and business interruption risks with the aim of securing access to iron ore resources, stabilising availability in high-volume production, and ensuring profitability despite market fluctuations.

Later, in Phase 2, i.e., 2017–2021, group risk attempted to improve the risk management system and thus improve and expand how it identified and acted on risks and opportunities influencing the company’s competitiveness and its value creating capabilities. In doing so, group risk tried to design and implement ERM mainly by trial and error. Eventually, alongside the formulation of the new strategy, a new risk management policy was approved by the board and this important step helped group risk to bridge the gap between the company’s risk management and strategic planning process in phase 3. Finally, from late 2021 to 2023, the company was about to move into a key phase (i.e., Phase 3), as they entered into the thrust of the strategic transformation process, in which tensions between short-term efficiency characterised by stability, and long-term survival characterised by innovation, emerged. As a consequence, during this period, ERM has been tested in terms of contributing to NordMine resilience resources and capabilities as the strategic transformation began in earnest.

4.2 From risk management to ERM

This section provides empirical evidence of how risk management practices at NordMine developed from traditional risk management to enterprise risk management over the 12-year period, providing insights into how ERM contributed to developing and maintaining the resilience necessary for NordMine’s strategic transformation towards sustainability.

4.2.1 Phase 1—Managing controllable risks in a stable environment

The finance department managed the majority of the company’s financial risks by adhering to policy documents, e.g., the finance policy to guide the identification, analysis, and mitigation of price, currency, interest rate, credit, and financing risks so that robust financial performance and profitability could be maintained. As price volatility in the global iron ore market impacted the company’s earnings and cash flows, cash flow analysis was performed on an ongoing basis as well as a sensitivity analysis to consider external changes and thus manage risks accordingly. Additionally, in periods when the company was expected to have high outflows, longer hedging of the iron ore price was considered.

For managing currency risk (i.e., the USD/SEK exchange rate), which was also known as transaction and translation exposure, the company followed the group’s finance policy and hedged the risk in accounts receivable. To handle the interest rate risk which referred to how the return on an interest-bearing asset would be affected by a change in interest rates, the company decided to allocate its total assets to three portfolios and thus the finance policy governed the maximum average duration in each asset portfolio. Moreover, some frameworks were set in relation to each portfolio’s purpose as well as in relation to a range of risk measures and restrictions. Regarding financing risk, which might result in the company’s inability to meet its obligations due to a lack of liquidity or the inability to raise external loans for operating activities, the finance group defined investment and financing needs in accordance with the company’s strategy and developed a long-term plan for financing the investments by evaluating the costs and benefits. Therefore, prudent management of these financial risks, based on the risk policy, was essential to ensuring that the company had adequate financial resources to fund its activities as well as improving the company’s stability to continue its business as usual, and in case a disturbance occurred, the company could control and minimise the losses. In a similar vein, handling business interruption risks which were also related to preventing and minimising financial losses (e.g., reduced sales due to lack of production, increased costs of insurance and repairs to facilities) when a disruption happened, was the core focus of NordMine’s risk management between 2012 and 2016.

In 2012, the company’s insurance captive within group finance created the risk management handbook Footnote 12 to legally demonstrate that its operations had been designed to proactively avoid incidences and, as a result, qualify to purchase business interruption insurance. The handbook facilitated the implementation and adherence to certain standards (e.g., Swedish rules for fire protection and technical safety equipment for work machines/vehicles in the mining industry), and more importantly, it was a means of communicating with insurers that NordMine could effectively manage its business interruption risks, and in doing so, kept premiums down.

The insurance captive role was formally positioned within the finance department and reported to the chief financial officer (CFO). They ensured that NordMine had the most efficient insurance coverage in place, and conducted a yearly risk workshop in order to visit different business areas and unit (e.g., mine, above-ground processing, logistics, and harbour) managers in order to identify and assess what incidents would stop their production process. Accordingly, the insurance captive together with business managers developed risk metrics to measure the probabilities and impacts. This process was done in a very consistent manner, and the value for the risk assessment was mainly based on the “production volume”. The insurance captive together with the CFO consolidated the risk reports for the company’s main business areas, and thereafter the management of each business area received the risk metrics for the entire area which enabled them to understand what the main business interruption risks in their areas were, what would happen if the interruption risks were to materialise, and finally, they could see which combination of high probability and high risk was assigned to the risk metrics. These activities were complemented by site visits where the insurance captive—under the supervision of CFO—and together with internal and external operational risk specialists and engineers as well as some contacts from the insurance company, visited their different plants and production sites. Thus, the mobilisation of the network of actors, together with the site visits, in turn, helped the insurance captive to understand first-hand the risks in those plants or production sites which were later represented in the risk metrics. However, it should be noted that, in this risk management process, the insurance captive and the CFO—as they were within the finance group—were primarily responsible for identifying, assessing, and mitigating risks.

Since there was a strong link between business interruption risks and the company’s insurance policy, as a part of this process, the insurance captive of the company used the “risk grading” model (see Fig.  2 ), where different colours represented and visualised the level of risk in a particular area Footnote 13 , and if there were deviations from the legal and insurance requirements, recommendations for further work were given to the plant managers.

NordMine’s risk grading model (In the risk grading model, blue indicates that the operation area fully complies with the requirements for planned or new facilities in the company risk handbook; green illustrates the operation area fully complies with the requirements for existing facilities in the company risk handbook; yellow and red indicate a deviation from the requirements for which a recommendation for immediate actions is given; and finally, grey indicates that the risk is not applicable.)

NordMine conducted this risk process annually for many years, and it was considered successful due to its familiarity with all organisational actors, it was integral to managers’ understanding of the risks that the company was exposed to leading to the reduction or elimination of business interruption risks as awareness in relation to this risk type increased. Thus, those involved in the process contributed to it not because they were required to, but because they found it useful for the stability and continuity of their work. Furthermore, since this risk management template made it easier for managers to capture, visualise, and in some cases quantify the risks related to business interruption, this process attracted the attention of many managers and in turn, facilitated the process of risk communication, i.e., risk talk, for all organisational actors. Moreover, this risk management template contributed to stable levels of customer satisfaction given that by managing business interruption risks, NordMine could deliver high quality products to the customers without delays. The risk management handbook facilitated the mobilisation of different organisational actors, enabling NordMine to manage preventable/controllable risks and continue its business as usual, and in the event that an incident did occur, the company was able to minimise its losses and return to normal operations . The CRO explains:

The purpose of the risk management handbook is that we have the appropriate equipment and protection in place, so that, the incident never occurs [in the first place], and if there was an incident anyway, the consequence of that incident should be minimal, as little as possible. And that is where the active protection comes in, where we have firewalls or active fire extinguishing systems, alarms, cameras, etc. So, if an incident happens, it only impacts a small part of operations, it does not impact [the whole] production. So, it is both ensuring incidents do not happen and minimising the effect if they do.

Despite the fact that this risk management template was successful for many years and had the support of the managers, in 2013, the company’s finance group, especially the insurance captive together with the CFO, began to realise that while having an insurance captive was necessary, it was no longer sufficient given the company as part of its strategy, aimed to expand its mining and processing operations rapidly, at the same time as it was operating in an increasingly turbulent environment with increasing risk reporting requirements. While the insurance captive would safeguard operations from incidents and minimise losses, it did not add value to the company despite having many advantages such as tax benefits, low premiums, complying with regulatory requirements, building trust and efficient communication with insurers, and expanding the network within the insurance market. Towards the end of 2013, the finance group decided to change the risk management template in order to re-align risk management with the changing strategy and thus create value.

As a consequence, in 2014, NordMine established the CRO role which was an important and early step in developing the company’s structural resources that, in turn, facilitated solid visions, legitimate position and clear mandate. In doing so, the insurance captive role was extended to include the management of strategic risks that might affect the company’s ability to achieve its overall financial and sustainability objectives. As the person who had the insurance captive role already had extensive skills, knowledge, and competence in governing and managing insurable risks, she/he became the natural candidate for the new CRO position. As this was essentially a hybrid position at first, the new CRO spent 70–75 percent of her/his time on insurance-related work (i.e., administrative tasks related to insurance coverage and ensuring that documents such as risk management handbook were up to date, conducting business interruption risk workshops, and performing site visits), and the rest on strategic risk management, namely identifying and reporting critical risks.

As a result, having an insurance captive was a good foundation for advancing NordMine’s risk management since, in 2015, the CRO began to map and analyse risks, and submit proposals to the finance group and the board regarding how strategically important risks could be avoided, reduced, or even accepted by various company divisions and group management. This process evolved further in 2016, as a new CRO who was also responsible for insurance process of the company, took over from the previous CRO. In 2016, as NordMine’s business and mining operations expanded, the company made changes to its organisational structure meaning that most of the decision-making processes became decentralised. As a consequence, the responsibilities for identifying risks changed and more organisational actors became involved in the company’s risk work. In this regard, the CRO was tasked with coordinating the company’s risk management process and informing group management of the company’s risk exposures during the quarterly strategic meetings. As part of that coordination process, interactions between group risk (i.e., the CRO and the CFO) and managers in the business areas began to increase and in addition to financial and business interruption risks, strategic risks were also included in the risk management process.

In sum, during phase 1, NordMine had developed its structural resources (e.g., finance policy, risk management handbook), relational resources, such as collaboration between insurance captive and business area mangers, as well as other internal and external operational risk specialists and engineers, to identify and respond to business interruption and financial risks. Furthermore, NordMine’s cognitive resources began to expand during this phase as the insurance captive and the CFO who had expert knowledge in risk, consolidated the risk reports, thereafter shared the risk results with different business areas managers and mentored them to better understand the business interruption risks, and more importantly, anticipate what would happen if business interruption risks were to materialise. As a result of developing these resources, NordMine could improve its first- and second-order capabilities during phase 1, because risk management enabled the company to have robust financial performance by stabilising the production process and ensuring profitability, as well as minimising losses and returning to normal operations (i.e., continuity of the business) if an interruption occurred. However, as the findings shows, in addition to stability and continuity, value creation through risk management became a crucial issue for NordMine during phase 1, and as a result group risk aimed to advance the risk management process by considering strategic risks and developing the structural, relational, and cognitive resources further.

4.2.2 Phase 2—Strategic transformation and the emergence of ERM

Between 2017 and 2019, group risk worked to revise the existing risk management process, an exercise which was done mainly through trial and error, for instance, by trying to use the ISO 31000 framework or other common trends in risk management and reporting to establish which practices would best fit NordMine’s needs. The intention, from group risk’s perspective, was to create a high level of risk awareness throughout the company by involving all the business areas in the risk management process. If this intention were to be accomplished, NordMine would be able to identify and act upon risks and opportunities more quickly, thus affecting the company’s competitiveness and value creation capabilities. But everything did not go smoothly at first. When the CRO received the quarterly risk reports from the business managers, they were unstructured and contained a great deal of information, not all of which was relevant. The reason for this lack of quality according to the CRO was that risk management tasks were not prioritised by the risk managers as part of their role at that stage.

In November 2020, NordMine made the most significant strategic change in its 130-year history. According to the new strategy, the company aimed to achieve zero carbon emissions from its processes and products by 2045 by shifting to innovative and competitive mining as well as iron ore and mineral processing to produce climate-efficient quality products. Once the strategic goals were set, this necessitated a significant change to existing procedures, values, and mindset on risk and uncertainty governance and management in order to transform from an old industrial company, to becoming a world leader in innovation in this area. As a consequence, NordMine faced many new challenges. The CRO explains:

In setting the new strategic goals, the board increased the challenges faced by the business, which also means introducing a higher level of risk than before. By setting these strategies our company decided to say that is prepared to take much higher risks.

The level of risk and uncertainty had increased significantly as a result of the new strategy and the aggressive timeline, i.e., how to continue mining in a safe and economic way in the short-term while surviving and thriving in a climate-challenged environment in the long-term. Not only had new sustainability-related risks emerged, but new facets of existing risks such as finance and investment risks also emerged. This prompted group risk to rethink their approach, and NordMine decided to implement a new holistic ERM template, resulting in extensive changes to existing processes, techniques and roles, in order to support strategic decision-making and increase the likelihood of achieving the strategic transformation that was at the core of their new strategy and crucial for their long-term survival.

As a first step, group risk, including the CRO and CFO, initiated and engaged the wider organisation in reviewing all of NordMine’s steering documents, including policies and guidelines, to assess their validity. More specifically, in regard to the risk policy Footnote 14 , group risk aimed to see if the company’s steering documents were dealing with the crucial risk areas that NordMine was faced with, and to assess if it was easy for managers at different levels to understand what the company expected from them concerning the risk management process. The CRO explains:

The policies and guidelines [of the company] are all important tools to ensure that we are steering the company in the right direction and that the company has internal control of major risks. By reviewing the old policies, group risk noticed a gap [between the new strategy and risk management] and this is how the new risk management policy of the company came about in February 2021.

Therefore, the risk management policy document, which was created and developed in 2020 by the CRO and CFO, was sent to the board of directors and received their approval in February 2021. Formal approval of the risk policy by the board helped to establish the “ tone from the top ”, and this further help facilitate the ERM implementation process.

The primary objective of creating the risk policy was to promote the notion that risk needed to be conceptualised as part of every decision, and risk management had to be a part of the strategic planning and follow-up process, and how, in general, NordMine controlled and steered the company. Therefore, to achieve this objective, the CRO cooperated with the CFO to develop the risk management policy. The CFO had a key role in this process since she/he could open the right door for the CRO by helping her/him to have access to top-level managers and importantly take part [as a listener] in the executives’ strategic planning meetings. As a result, by developing the new risk management policy and linking it to the strategic planning process, not only did group risk close the gap between risk management and the strategy formulation and implementation processes, but also attempted to improve the company’s resilience capabilities by defining a clear organisational structure and mandate which in turn would facilitate the mobilisation of different managers who could contribute to the risk management and strategic planning processes given their special expertise.

By 2021, ERM had officially become a part of the group’s strategic planning process and it was monitored by the group’s management system in the company. The integration of ERM and strategic planning would help managers ensure the balance of risk-taking in relation to the goals at the strategic, tactical, and operational levels according to the risk appetite. Moreover, the identification, prioritisation, description, and follow-up of strategic risks needed to be carried out annually by the business areas and staff functions as a part of their business planning process and be reported to the CRO. The CRO, in turn, was responsible for consolidating quarterly risk management reports to group management and the board as well as updating the company group’s strategic risk register. Accordingly, group risk would be able to identify the main risks so that they could connect them to the overall goals of the company, and as a result, would identify the main areas that they needed to focus on, and take action in order for NordMine to be able to achieve their objectives.

Consequently, the risk management policy became a convention for determining and supporting the ERM process, by informing business areas and staff functions what was expected of them, and more importantly, distributing risk ownership amongst managers at different organisational levels. This also encouraged the managers to have a risk mentality, i.e., adequate risk knowledge, and ensure that they have a dynamic process in place in order to always be prepared to deal with risks and survive in an ever-changing environment. In fact, due to the emergence of new sustainability-related risks, the CRO alone was unable to identify and assess all types of risks and integrate them with the strategy formulation process on her/his own. Therefore, she/he needed to involve different managers with diverse competencies in a truly holistic and integrated ERM process. The CRO elaborates:

I cannot be strong enough on my own, I can be the ambassador for the risk management process, [but]it needs to be the managers’ priority to work with risk, understand risk, and push that out through the organisation.

In sum, during phase 2, NordMine concentrated mainly on improving its resilience resources. For instance, in 2020, efforts to revise the company’s steering guidelines and adding the risk policy show how the structural resources of the company have strengthened in line with the strategic transformation. In a similar vein, the findings show that in 2021, by developing risk policy—as a convention for supporting ERM—group risk aimed to distribute the risk ownership among different managers, which in turn would contribute to developing relational resources by establishing relationships within the company to address strategic risks and environmental challenges. By developing the risk policy, group risk had also aimed to influence the company’s cognitive resources to expand them further. The intention of encouraging managers to have a “risk mentality” emphasised the importance of having adequate risk knowledge within organisational groups in order to make better strategic decisions. Finally, due to strategic changes happening in 2020, NordMine needed to equip itself with structural, relational, and cognitive resource development to not only continue and survive in a climate-challenged environment—that is related to first- and second-order resilience capabilities—, but to also facilitate the emergence of third-order capabilities to thrive in a turbulent environment and influence the company’s long-term success.

4.2.3 Phase 3—ERM at work: balancing rigidity and flexibility in the headwinds of strategic transformation

Although introducing the policy and having it approved by the board in 2021 was an important step in facilitating the implementation of ERM in NordMine, it was only an overall framework and therefore did not provide detailed guidance on how risk management should be carried out within the business areas. The CRO clarifies:

The risk management policy [can be regarded] as the umbrella at the top. The policy does not go as far as saying what business areas and support functions need to do. Each business area and support function need to figure out how they should implement it to ensure that they are getting a meaningful picture of their risks in the strategic planning process, how they identify the prioritised activities and how they follow them.

Even though the company designed and began implementing ERM in 2021, it is still in the learning phase regarding how to work with the various types of risk and how to increase its success rate in achieving strategic goals during a period of rapid change and transformation. In practice, this has been difficult and triggered some issues. On the one hand, group risk needed to monitor current operations for financial and business interruption risks and minimise those risks, because that is how they finance the transformation and expansion strategies. On the other hand, they needed to focus on strategic risks and find new ways to identify, assess, and prioritise those risks in order to create value for the company as well its stakeholders. The latter requires advanced risk management processes at different organisational levels, in order to comply with the risk management policy, and to lead to different resilience capabilities.

Delegating responsibility to the business areas to develop their own guidelines in line with the risk policy was considered a necessary step in integrating risk management into the strategic planning process. Even though three years has passed since the introduction of the risk policy supporting the shift to the ERM template, no such guidelines had been developed and implemented in the company’s various business units and the quality of business area reports was still not at the level they were supposed to be. As a result, embedding ERM in business areas’ [daily] operations is an issue that still needs to be solved. The CRO explains:

I think that’s the problem, I have been in contact with the business areas. I stretched out my hand to the business areas at their leadership level. I suggested we run workshops with them to see together how we can meet the risk policy requirements, and how they can work in their business areas in a way that [when] they come to the top level [meetings] they are more prepared [concerning]what their top risks are and how their activities would handle those risks. I felt that they were very interested and grateful for that, but there are always other things that are more urgent [concerning the transformation process] right now for the managers.

While extending the roles of business managers to include risk management tasks was considered by group risk to be an essential aspect of linking ERM and strategy, and extending risk management skills, knowledge, and competence to the wider organisation, the transformation is an attention-demanding process in which there are numerous emerging issues with higher priorities both for business managers and the executive management team. While much work had gone into changing the risk governance framework and risk management processes so that they would be aligned with the new strategy, ERM was struggling to gain influence on executive and operational decision-making. However, this issue did not hinder the development process of structural, relational, and cognitive resources in NordMine.

In February 2022, the board of directors adapted the finance policy that historically defined financing needs in terms of operating capital, fluctuations in cash flow, and planned expenditure for commitments, e.g., pensions and remediation, as well as strategic investments. In doing so, they introduced a new capital buffer requirement in the form of a specific liquidity ratio. The aim of establishing the capital buffer was to manage the increased financing risks that were emerging as part of the transformation journey. Thus, by creating a solid plan and ensuring adequate financial resources, the group finance policy contributed to the further development of organisational resources, positively influencing the company’s capabilities in terms of preventing finance-related risks and minimising losses.

In addition, and in tandem to the implementation of the strategy for sustainable transformation, and adhering to the EU Taxonomy regulation, which steers investments in a sustainable direction, another change to the risk governance framework was made. ERM had become an integral part of the life of mine planning process which focuses on the following issues: (1) the analysis of the future financial and operational status of the company’s mines, (2) the assessments of the company’s current mineral reserves and planning future production accordingly, (3) the identification of what improvements the company will make in the future and how that will affect the mining, (4) deciding on necessary future investments, and (5) determining potential revenues and costs from current mining as well as the expansion plans. As a result of this change, the CFO’s role and task in the life of mine planning process also changed. The CFO of one of the business areas explains:

When I started doing the life of mine planning many years ago, it was only [about] financial and production [assessments]. Now we start looking at the production plan and the investments we are going to make, and also how we see the carbon footprint from that. I would say that the risk [assessment] part is taking a major role in business planning now, since risk is: not reaching our goals.

As a consequence, from 2021, the company’s life of mine planning process Footnote 15 has evolved to include a greater emphasis on discussing investment risks and analysing various contingencies and scenarios. It has also facilitated the mobilisation of managers who could contribute in the business planning process with their support and various domains of expertise. During the risk scenario analysis related to the life of mine planning, for instance, the finance group, especially the CFO, along with other management groups try to determine if investments will pay off in the future, how NordMine should obtain investment financing, what the overall risks will be, and how investment risks can be minimised. The CFO of one of the business areas clarifies:

I guess the [implementation of] new strategy has changed my role, now I spend a lot of time in the business planning process and discussing risks, and what we need to do. We do a lot of assessments on what the new strategy implies for us. I get involved in how we get the current baseline; and how we can feed that into our [business] model in future […] Business planning is about how are we going to reach our targets. So, not reaching our target is a risk for us, from this point of view, I will say there have been a lot more in business planning work today; we need to describe: what do different types of risks mean to us? And, what can we do to mitigate it? From that, comes many new activities that we did not need to do before.

Moreover, as of 2021, NordMine is required by regulatory and market demands on sustainability disclosures, to revise its values and metrics, and add a more structured and detailed sustainability-related risk assessment to the due diligence process prior to entering into a contract with a supplier. Therefore, before selecting a supplier, NordMine must now conduct a broader risk analysis to determine the global situation and, for example, the political situation in the countries of its suppliers. In the past, the major focus of the qualification process of suppliers was based on factors such as price, quality, and the existence of a long-term and stable relationship. However, due to the change in strategy towards sustainability, working environment and safety, human rights, the geopolitical situation, EU sanction requirements, corruption issues, and CO2 emissions, have become crucial metrics in the assessment process of suppliers. The senior manager of corporate sustainability of one of the business areas explains:

We cannot only work with our own production and say that we are sustainable. We also need to ensure that all the partners we have around us, including suppliers and customers also work in the same direction as we follow our code of conduct [...] It is not only about whether the business is profitable enough, or not; we have high requirements to act in an ethical way in all aspects.

Previously, for the qualification of suppliers, NordMine used an audit process and sent questionnaires to the suppliers based on what the company believed to be significant from the suppliers’ perspective, as well as the company’s requirements and expectations. However, from 2021, as a part of the new structured due diligence process to reduce sustainability-related risks, NordMine uses databases and digital services in addition to the survey method which provides facts on companies’ sustainability activities. Company managers now also visit the suppliers’ operations to gain a first-hand understanding of how suppliers work (or not) in accordance with NordMine’s sustainability values. As of 2022, NordMine also helps suppliers improve their operations by adding a third-party audit. This helps the suppliers reduce risks and increase opportunities such as using energy in a smart way and enhancing their market share through sustainable products. However, if the suppliers refuse to participate in the transition process towards sustainability, NordMine would stop collaborating with them. Although this change poses significant challenges for NordMine operations (e.g., spending time and resources to perform a more comprehensive due-diligence process, and ending business relationships with some suppliers), in 2022 the company raised its ambitions yet again, moving into a new area of development in relation to realising resource efficiencies, and thus it could improve its resilience capabilities in terms of finding creative solutions .

Since the majority of critical minerals are typically produced in high-risk regions of the world with the minimum sustainability concerns, the new risk analysis contributed to NordMine’s capacity to find new opportunities, and also move towards the elimination of dependencies on suppliers with sustainability issues. While the former would lead to third-order resilience capabilities and thus be able to thrive and find creative answers, the latter could contribute to first-order resilience capabilities as it prevented business interruption and losses resulting from a lack of value chain risk management.

NordMine began utilising new techniques from 2022 to extract critical minerals, such as phosphor, from residual mining waste. This new opportunity potentially enables the company to maximise the value of its mined resources and move toward implementing its sustainability strategies Footnote 16 by expanding its business, which finances its strategic transformation, and thus enables the company to bounce forward. The sustainability strategist explains:

[The price of] iron ore in the market is fluctuating; it goes up and down. If our entire business is based on iron ore, the [financial performance] results will also fluctuate. So, the ability to find a second leg to stand on and balance, is one of the drivers for the [new sustainability] strategy. Assets fluctuations could be a trigger for looking at what other value we have besides iron ore […] that has been a motivation for us to look at what we have – phosphor – as well. So, phosphor moves from an asset that has no value to something that we can actually make money on, and that makes it possible to build the business on it.

Therefore, from 2022, extracting critical minerals from mining waste has enabled NordMine to begin moving from being a single-product company—mainly focusing on iron ore production—towards a multi-product company, and as a result of this change, the company’s production flexibility would increase, resulting in wider revenue streams for NordMine. This, in turn, helps the company in two ways: firstly, by being less affected by iron ore market fluctuations and having stability; secondly, through new sources of revenue, it develops new technologies and mining processes, and thus accelerates its transformative change.

The strategic transformation was beginning to place significant and, in some instances, conflicting demands on the organisation, necessitating an increase in organisational resources. While the risks associated with the old strategy (Phase 1) were predictable/controllable, had clear boundaries, and could be solved using standardised practices and controls, the new strategy produced risks and uncertainties that presented the organisation with unexpected challenges with no obvious solutions on an ongoing basis, for which standardised practices and controls were either not in place, or were inappropriate and required creative, flexible, and innovative responses instead. Those responses relied heavily on the availability of new skills, knowledge, and competences in several areas. Therefore, competence supply risks were becoming a significant issue for NordMine.

In 2022, group HR established new structured methods and networks to facilitate the strategic workforce planning process, ensuring that NordMine has sufficient human resources and thus the company can manage competence supply risks. In doing so, group HR has taken the following steps. First, in order to maintain a low staff turnover rate, they focus on retaining experts Footnote 17 and enhancing the competencies of existing employees who are instrumental in running current operations while the transformation gets underway. Second, group HR aims to attract and recruit new competences because the implementation of NordMine’s ambitious strategy requires the company to find and attract a large number of new specialists, mechanical and electrical engineers, and experts who are able to work with automation and new technologies. In practice, group HR started to implement talent management programs on a yearly basis. Through this program, group HR asks different business area managers once a year to identify the main talents such as key contributors, high potentials Footnote 18 , successors to leadership positions, and experts in their business areas. The feedback from the managers, in turn, helps group HR identify the main competences and understand which managers need a training program to develop their skills. Finally, if a business area lacks specific competencies, group HR assists them in recruiting a competence internally or externally. Thus, the talent management program has led to the mobilisation of various actors (i.e., different business area managers) with special knowledge who can contribute with their material or immaterial support to the transition process. In a similar vein, in early 2023, group HR developed a risk map of competence supply risks which focused on developing and maintaining human (i.e., competence) resources in the company. The senior HR manager clarifies:

Conducting workshops is a collaboration to see what our focus areas are, and which are the prioritised activities in the short-term and in the long-term, and then of course, there are many people who need to work with the competence supply risk. It is not just [saying] we have three strategists in our group, they cannot work with everything, leaders must do the work with local HR organisations and different departments. So, this is a joint challenge for our organisation, it is not for one person [or one group]. Every leader has to think about which types of competency she/he needs [in her/his group] for the future. So, we are enabling a different tool.

The use of new methods and increased interactions in identifying, assessing, and mitigating competence supply risks provides valuable input into the strategic planning process and assists the board and senior management in being better equipped to manage the strategic transformation process by ensuring that the organisation anticipates and meets future competency needs, thereby increasing the organisation’s ability to bounce forward.

As a result of the changes made to the risk governance framework and, consequently, the ERM template that emerged during the period 2021–2023, the number of collaborations and level of interactions between internal and external parties has increased significantly. Historically, for instance, business area project managers reported their investment needs to the business area CFO, who then calculated and aggregated the investment needs, assessed and ranked the risks associated with them, and prepared the major investment decisions report for the board. However, as ERM became integrated with the sustainability strategy, this procedure has developed further since 2022 and now the CRO is also involved in the business areas’ major investment decisions that need to be sent to the board.

The aim of involving the CRO is to include her/his holistic risk perspective in the investment decision-making process as she/he works closely with project managers from different areas. In doing so she/he is aware of NordMine’s overall risks. Therefore, in addition to CFOs and business area project managers, the management groups (e.g., the sustainability group) and the CRO are now involved in the new investment risk management process. As a result, ERM has mobilised different organisational actors who can contribute to strategic investment decisions with their specific knowledge and expertise.

Similarly, two additional examples of cross-functional and group collaborations, are related to: (1) Group HR, in addition to collaborating with business area managers through the talent management program and risk mapping techniques, has increased its interactions with the communication department to mitigate competence supply risks. Communication department managers assist group HR with employment branding, using social media as a recruiting channel, and raising global awareness of NordMine’s transformation. (2) Collaboration between the corporate sustainability and purchase departments has recently increased as a result of the new risk assessments which are integrated with due diligence process. This collaboration has an impact on NordMine’s strategic decisions involving its main suppliers.

Moreover, in 2022, NordMine recalibrated its risk control practices to reduce social licence and permit risks Footnote 19 and maintain the support of local communities and authorities. In doing so, the company started to use a structured method based on a systematic approach to identify the company’s main stakeholders and understand their core expectations. To achieve this, the senior vice president of sustainability proposed a cooperation plan amongst support functions such as finance, HR, communication, and sustainability to integrate all the units in a “steering group”, which she/he explains as follows:

I am adding a new topic, I am going to put the four support functions as the steering group for the people in the sustainability department who work with the social licence [risks], because social licence to [be able to] operate is a broad area. Those are HR issues, some are related to financial issues, and we have also legal issues, communication issues, and sustainability issues. So, we need to cooperate and manage these [interrelated] issues together. Instead of everybody running around one issue. These risks should be handled with a steering group.

Since social licence and permit issues are related to the various groups of stakeholders, this requires collaboration and communication between diverse strategists at the group management level and experts in different business areas in order to focus on different dimensions of the analysis work. The senior manager of corporate sustainability of one of the business areas explains:

If we ensure that we bring in different people with different competencies, then we will have different perspectives in our [stakeholder analysis] discussion. And, that helps us to get a more realistic picture of the expectations and requirements of the company. I think it is really important to mix different groups of people and ensure that you have not only one group of people working on the same matters and thinking the same way.

To identify and assess the risks related to social licence and permit, the steering group uses stakeholder analysis and materiality analysis to understand what kind of expectations and legal requirements different stakeholders have on NordMine. Accordingly, through stakeholder dialogue with authorities and different stakeholders, the company tries to ensure that good practices based on the interpretation and application of regulations on permitting matters take place. This work is also related to regulatory and public affairs which focus on communication and engagements between NordMine’s top managers, policymakers, and the regulatory bodies in Sweden and at the European level. Thus, dealing with social licence and permit risks illustrates how NordMine started to work systematically in order to have a clear structure that facilitates collaboration among different actors who can provide support and open doors with their adequate knowledge and expertise . As a result, the company can determine which areas are of most importance to its stakeholders and incorporate them into its strategic planning process. This, in turn, creates opportunities for NordMine such as increasing credibility and controlling business interruption risks caused by not having permits. Additionally, the company can improve its competitiveness and get a premium on products by showing the market that it is operating under some of the strictest environmental laws in the world, and thus through the transparent and efficient permitting processes, it extracts the critical minerals.

As of 2021, NordMine’s sustainability specialists and external audits have systematically measured various types of environmental impacts and emissions levels for managing environmental risks Footnote 20 which have become important components for obtaining legal permits. The main aim behind mobilising a network of sustainability experts is to ensure that the current environmental impacts of the operations are within authorised levels . Simultaneously, NordMine’s research and development teams work intensively to develop new and innovative mining methods to reduce the emission levels further. This, in turn, enables NordMine to prepare for more stringent sustainability requirements in the future and to continue operations without interruptions, minimising the risk of not getting permits, and also learning and thriving on uncertainties.

In order to identify and assess environmental and climate-related risks, NordMine ran a workshop and used the scenario analysis suggested by TCFD in 2022. By using this new method, the company could not only identify risks, but also opportunities and their strategic impacts. During the workshop which facilitated the mobilisation of a network of actors with expert knowledge, group risk together with different managers from the sustainability group, energy group, CFOs of business areas, and strategic business planners gathered to analyse various sustainability-related risks, develop different scenarios in relation to the strategy and, discuss what those scenarios mean for the company’s strategy implementation . This, in turn, helped strategic decision-makers to be more aware of the possible futures and think about alternative solutions in the case that some of those scenarios occur. The CRO explains:

We had a lot of discussions. It was more a reaction to the fact that we had not looked at our future from that lens. And it was good for us as a company to be able to summarise our [risk] findings in a very visual way, depending on what sort of future we are looking at. It is interesting to realise that if what we expect is going to happen, does not happen, our opportunities [can] become risks. We were able to look further into the future from a climate[-change] perspective on a high level and what that will mean for us.

Using the scenario analysis method during the workshop promoted different managers to follow a new structure and according to that, they gathered information from different sources, attempting to foresee what would happen in the future and how that would influence the company’s operations and its market position, and more importantly reach a consensus on possible futures and handling risks in those futures. In other words, scenario analysis enabled the emergence of organisational resources by proposing a new structured plan and solid vision. It should be noted, however, that NordMine is still in the early stages of integrating environmental and climate-related risks into the new ERM template. Therefore, the extent to which ERM will continue to contribute to developing and maintaining resilience in the long-term at NordMine remains to be seen.

In sum, during phase 3, despite all the challenges associated with the ERM implementation, the findings demonstrate how resilience resources, namely structural, relational, and cognitive resources, have strengthened and developed significantly. Integrating ERM with the life of mine planning as well as due diligence processes, updating the finance policy based on a new capital buffer requirement, and using structured methods such as the talent management program, stakeholder analysis, and scenario analysis, are a few examples of structural resource development during the third phase, which in turn facilitated solid visions and plans for managing emerging risks. Moreover, relational resource expansion—mainly through establishing closer relationships inside the organisation to manage risk and uncertainties—was illustrated in many new forms of collaboration in NordMine. This includes, for instance, the involvement of the CRO and the sustainability team in the investment decision-making process of the business areas, inactions between group HR and the communication department as well as the corporate sustainability department and the purchase department, and the formation of a steering group.

In regard to cognitive resource growth, the findings show how the expert [risk-related] knowledge of individuals within different organisational groups began to play an important role in discussing crucial issues related to the strategic transformation as well as managing various risks and uncertainties. For instance, the CRO’s holistic risk knowledge led her/him to be involved in the strategic decision-making process of the business areas. Similarly, diverse strategists at the group management level (e.g., HR, finance and sustainability) and different business areas managers who had special knowledge and expertise, could focus on different dimensions of the risk analysis work related to managing social licence and permit risks. Moreover, since different business areas’ leaders knew more about the competence and talents in their specific teams, they were considered valuable contributors to the competence supply risk management process that was supervised by group HR. In tandem with the development of different resources, NordMine’s first- and second-order resilience capabilities started to sustain and improve, and the company’s third-order resilience capabilities began to flourish. While managing some risks such as value chain, environmental, and social licence and permit risks led NordMine to stabilise its business without interruptions and ensure the continuity of its operations, the company could also bounce forward and find creative solutions such as extracting critical minerals from mining waste and expanding the company’s business, and developing innovative mining methods to reduce the emission levels further.

5 Discussion

The empirical results illustrate that in phase 1, NordMine operated in a relatively stable environment and the limited number of risks faced by the organisation could be managed by internal risk specialists (Mikes & Kaplan, 2015 ) using standardised and quantitative risk management approaches, indicating a culture of quantitative enthusiasm (Mikes, 2011 ). As there was limited pressure from the external environment for change, first- and second-order resilience (Jaeger, 2010 ) was sufficient and could be achieved by leveraging structural resources (Richtnér & Södergren, 2008 ) in the form of administrative risk controls, such as the finance policy and risk management handbook which were essentially a set of normative principles informing actors how to deal with risks (Van Asselt & Renn, 2011 ). Even though workshops were held annually to identify, assess, and mitigate business interruption risks, which required some development of relational resources (Richtnér & Södergren, 2008 ), the risk template (Giovannoni et al., 2016 ) in use prior to 2013 emphasised the management of risks in silos, in a rather traditional and precautionary manner (Vogus & Sutcliffe, 2007 ), where there was a reliance on robust formal processes that were largely independent from the business (Zhivitskaya & Power, 2016 ). However, it is also evident, at least to some degree, in the annual process for managing business interruption risks where the workshop was an important social space, managers started to develop their relational and cognitive resources in relation to this specific risk type by engaging in risk talk with the insurance captive (Mikes, 2016 ), which is important when attempting to raise risk awareness (Braumann, 2018 ). Interactions in such social spaces illustrate the emergence of interconnected activities (Boholm et al., 2012 ) and sense making and sense giving (Meidell & Kaarbøe, 2017 ). In addition, by employing risk artefacts (e.g., the risk grading model) as mediating devices (Jordan et al., 2013 ), NordMine initiated the conditions for risk communication (Klein & Reilley, 2021 ) and risk awareness to emerge (Arnold et al., 2011 ).

However, in 2013 it became apparent to the CFO (and the finance group), who is considered an important agent in determining the extent to which ERM is implemented (Jeitziner et al., 2017 ), that the risk management template in use up to that point was no longer aligned with the changing strategic direction of the organisation (Sax & Andersen, 2019 ), and thus no longer suitable for creating value (i.e., third-order resilience capability). Therefore, the appointment of a CRO in 2014, marked the beginning of a shift from traditional risk management to a commitment to implementing ERM (Lundqvist, 2015 ), and more importantly was a crucial step towards reconfiguration of resilience structural resources.

The empirical results illustrate that in phase 2, NordMine embarked on the biggest strategic change in the company’s history and this necessitated significant adjustments to the company’s existing structural, relational, and cognitive resources in relation to risk and uncertainty management since in addition to novel risks, new facets of existing risks emerged. Therefore, during phase 2, the company aimed to strengthen capacity-derived resources to not only continue and bounce back after distruptive events (i.e., first- and second-order capabilities), but also create values and thrive in a turbulent environment which is related to the third-order capabilities (Jaeger, 2010 ).

The risk policy created by group finance—mainly the CFO and CRO—helped NordMine as a resilience structure resource to have a solid vision and plan (Richtnér & Södergren, 2008 ) and to integrate ERM into the strategic planning and follow-up processes. During this phase, the findings also show two examples of relational resources improvements in NordMine. First, the CFO opened the right doors for the CRO (Richtnér & Södergren, 2008 ) to have access to executive managers for approving the risk policy, and take part in the strategic planning meeting which in turn facilitated the ERM implementation process. Second, according to the risk policy, different managers needed to be mobilised as part of the strategic risk management process to contribute their material and immaterial support (Richtnér & Södergren, 2008 ) to holistic risk management. Finally, during phase 2, NordMine managers were encouraged to have a risk mentality and adequate risk management knowledge and skills in order to improve the company’s resilience cognitive resources. These developments can be interpreted in a change of risk culture at NordMine, where managerial preferences for ERM practices were evolving (Diab & Metwally, 2021 ).

The empirical results illustrate that in phase 3, NordMine entered into the thrust of the strategic transformation process, and as a result, ERM was put into practice—as a dynamic capability (Nair et al., 2014 )—to help the company develop resilience resources (Richtnér & Södergren, 2008 ) and capabilities. Clear organisational structures, such as integrating ERM with life of mine planning as well as due diligence processes, updating the finance policy, talent management program, establishing a steering group and using scenario analysis, facilitated sustainability-related risk management in NordMine, and thus improved resilience structural resources. Relational resources had also strengthened during phase 3 through various collaborations among colleagues inside the organisation (e.g., the involvement of CFO and management groups in the business planning process; the CRO and sustainability team contributions to the business areas investment decision making, HR collaborations with business area managers, the mobilisation of supports functions in form of steering group) as well as outside the organisation (e.g., using digital service providers for due diligence process; visiting the suppliers to gain first hand understanding of their sustainability works; asking for external audits to systematically measure environmental impacts and emissions). Several of these examples illustrate that the range of competencies in terms of trailblazing , toolmaking , teamwork and translation were developing rapidly (Mikes et al., 2013 ). Finally, cognitive resources had grown considerably during phase 3. As the findings show, due to their extensive expertise and risk knowledge, the CFO and the CRO had become important business partners in terms of discussing crucial issues (Richtnér & Södergren, 2008 ) in various planning processes, i.e., investments, and life of mine planning. Similarly, different business areas’ managers who had adequate risk knowledge about competencies within their groups, started to contribute to the competence supply risk management process, and help group HR to develop a risk map. Moreover, sustainability-related risk knowledge of the corporate sustainability department—as cognitive resources—had become crucial for strategic decision making of the purchase department to reduce the value chain risks. Not only do these examples indicate that an increasing consistency in perceptions about risk and uncertainty was taking hold (Caldarelli et al., 2016 ; Woods, 2009 ) but that the development of cognitive resources, as Corvellec ( 2010 , p. 146) asserts, is “contingent on, comes from and develops within practice”.

Having adequate risk knowledge and competence in the team to discuss crucial issues (Richtnér & Södergren, 2008 ), was also evident in our findings about the steering group. Developing the steering group facilitated communication between diverse strategists who had special risk knowledge and as a result, they could contribute to the social licence and permit risk management. These findings indicate a shift towards business partnering and cognitive burden sharing (Meidell & Kaarbøe, 2017 ). In a similar vein, scenario analysis as a risk artefact for managing environmental risk, had facilitated the mobilisation of expert risk knowledge from different managers (e.g., finance group, sustainability group, energy group, CFOs of business areas) to analyse the various sustainability-related risks and by developing different scenarios understand how those risks would affect the company’s strategy implementation. This finding demonstrates the various ways in which risk artefacts can contribute to the ERM process (Crawford & Jabbour, 2024 ) as well as the emergence of risk communication (Tekathen & Dechow, 2013 ). Overall, in phase 3, the ERM process shifts from merely measuring risks to a process that includes risk envisionment (Mikes, 2011 ), in which strategic foresight tools (e.g., scenario analysis) play an increasingly important mediating role in increasing interactions and developing resilience cognition resources. In phase 3, a shift to holistic enterprise risk management connected to strategic and operational decision-making resulted in increasing creativity (e.g., extracting critical minerals from mine waste, increasing competitiveness and get a premium on products, developing innovative mining methods) while at the same time reducing organisational vulnerabilities which is in line with third-order resilience (Jaeger, 2010 ).

The empirical results illustrate the relationship and dynamics between and across capacity-derived resources and action-derived capabilities during different phases. In phase 1, the empirics show how structural resources, namely the risk management handbook, provided a platform for developing relational resources that was related to conducting yearly risk workshops by the insurance captive for business area managers, and how this led to the development of cognitive resources since the insurance captive and CFO consolidated risk reports and shared the results with business area managers, and this, in turn, helped the managers to increase their risk awareness by understanding the main risks of their areas. This finding is in line with Braumann’s ( 2018 ) study that shows that risk artefacts influence risk awareness. As a result of developing resources during phase 1, NordMine improved its first- and second-order resilience capabilities (Jaeger, 2010 ). Managing preventable and controllable risks (i.e., financial and business interruption risks) enabled NordMine to maintain robust financial performance and continue business as usual, and if an accident happened it minimised losses and bounced back to normal operations. While there has been some criticism of compliance and siloed type approaches to risk management (Power, 2009 ), the findings from our study show that they provided an important foundation from which third-order resilience could be subsequently achieved and competitive advantage realised (Bromiley et al., 2015 ).

In phase 2, the development of risk management policy as a structural resource facilitated the distribution of risk ownership among different managers (Lundqvist, 2015 ) and that was a crucial step in mobilising managers who could contribute to the ERM process with their risk reports (i.e., relational resources). Additionally, the structural resources encouraged managers to have a risk mentality and adequate risk knowledge i.e., cognitive resource in order to be able to survive in an ever-changing environment. This finding demonstrates how structural resources commonly associated with risk governance can influence human cognition so that actors become more cognizant of risks and develop a risk mindset (Crawford & Jabbour, 2024 ). Thus, the development of structural, relational, and cognitive resources in phase 2, would prepare the company to not only strengthen first- and second-order capabilities, but also facilitate the emergence of third-order resilience and create value by managing risks.

In phase 3, the empirics show how further developing the finance policy as a structural resource influenced first- and second-order capabilities in terms of preventing finance-related risks and minimising losses. Moreover, as ERM has become the part of due diligence process, this structural resource has encouraged the mobilisation of internal and external actors who could contribute to the ERM process (i.e., relational resources). This, in turn, influenced the company’s first-order resilience since it prevented business interruption and losses resulting from the lack of value chain risk management. In 2022, however, as extracting critical minerals enabled the company’s third-order resilience by becoming a multiproduct company, we could see how first-order resilience capabilities provided a foundation to achieve third-order resilience.

Establishing the steering group to handle social licence and permit risks was another empirical example that shows how ERM influences structural, relational, and cognitive resources that are intertwined, and more importantly how these resources contribute to first- and third-order resilience capabilities (Jaeger, 2010 ), as the company could prevent business interruption risks caused by lack of permits and also improve its competitiveness by getting a premium on the products. Finally, in the case of managing environmental risks, the empirics show how structural resources in terms of the scenario analysis suggests a solid vision and plan that facilitates the development of cognitive resources as it leads to having adequate risk knowledge in teams. As a consequence, these resources could influence first-, second- and third-order resilience (Jaeger, 2010 ) since it enabled the company to operate without interruption, minimise the lack of permit risk and find a creative answer to the disruption if happens in the future. These and other examples from this phase illustrate how ERM can emerge as a dynamic capability when resources and capabilities are configured in such a way as to enable the organisation to identify and act upon opportunities (not just risks) that emerge during periods of rapid environmental change (Andersen et al., 2022 ).

6 Conclusion

In this study, we aimed to empirically address the research question: How does ERM contribute to developing and maintaining the resilience necessary for the strategic transformation of an organisation towards sustainability? within the context of a Swedish mining company undergoing strategic transformational change. By drawing on the ERM and resilience literature, and theoretical coordinates therein, (Jaeger, 2010 ; Richtnér & Södergren, 2008 ) we add to our understanding of how ERM contributes to an organisation’s ability to respond to a variety of strategic challenges associated with risk and uncertainty (Hardy & Maguire, 2020 ; Sax & Andersen, 2019 ). Based on our findings, this requires continuously activating, combining, and reconfiguring structural, relational, and cognitive resources (Richtnér & Södergren, 2008 ) to generate resilience capabilities (Jaeger, 2010 ) suited to the anticipated and/or unexpected disruptions by the organisation at any given time. Our key findings and contributions are as follows.

First, we find that different ERM practices, such as risk governance frameworks, risk culture, risk artefacts, and risk awareness, influence resilience capacity-derived resources and action-derived capabilities. This contributes to the literature stream that focuses on how ERM can be perceived as dynamic capability (Andersen et al., 2022 ; Bogodistov & Wohlgemuth, 2017 ; Nair et al., 2014 ) by adding more detailed empirical evidence from the risk management literature in relation to resilience resources and capabilities. Second, we find that the evolution of risk management practices from traditional risk management to ERM is an ongoing developmental process to ensure that risk management continues to be aligned with the organisation’s strategy. This finding contributes to our understanding of the relationship between ERM and strategy, and answers Sax and Andersen’s ( 2019 ) call for longitudinal case studies that provide more detailed insights into the ERM and strategy relationship. Third, we find that in tandem with strategic changes, resilience in terms of resources and capabilities, emerged overtime and developed through a series of events, gradually enhancing the company’s ability to manage risk and uncertainties associated with sustainability challenges that are complex and multidimensional (Wassénius & Crona, 2022 ). This result contributes to the resilience literature that follows a developmental perspective (Richtnér & Södergren, 2008 ; Sutcliffe & Vogus, 2003 ). Additionally, drawing on resilience literature (i.e., Van der Vegt et al., 2015 ), our findings also show that capacity-derived resources and action-derived capabilities have dynamic relationships between and across their domains.

Aside from the various contributions of findings, our study is subject to limitations that could be addressed in future research. Given that our case company is at an early stage in its strategic transformation process, any insights into the outcomes of resilience are limited. Thus, it would advance our understanding to undertake similar research in a different context to examine how ERM through its impacts on resources and capabilities, influences resilience outcomes in the long term. The second limitation concerns resilience post-disturbance outcome states (Munoz et al., 2022 ), as they are excluded from the theoretical framework of our study. Therefore, we suggest future research extend the theoretical framework by including the resilience outcome states and examine the dynamic relationships across resilience capacity-derived resources, action-derived capabilities and post-disturbance outcome states related to company performance.

Data availability

The data gathered and analysed during the current study are not publicly available because of confidentiality reasons. However, if there is a reasonable request from the editors and reviewers, the corresponding author can provide the data.

Sweden is becoming a pioneer in developing a fossil-free value chain for iron and steel production globally through the HYBRIT Development initiative (Steel Times International, 2021).

“Novel risks arise from unforeseen events, from complex combinations of apparently routine events, and from apparently familiar events occurring at unprecedented scale and speed” (Kaplan et al., 2020 , p. 2).

In this study, we follow the definition of resilience from organisational resilience perspective.

Jaeger ( 2010 ) posits that high-reliability organisations, tend to be characterized by high-second order resilience, but may have weaker first-order resilience than their average competitors.

Munoz et al. ( 2022 ) suggest a distinct contrast from resilience: antifragility. By referring to Taleb’s ( 2012 ) article, the authors define antifragility as “a performance gain when exposed to adversity”.

During the data collection process, the corresponding author established contacts with key decision-makers within the company and this allowed us to get access to valuable information sources and to communicate with key organisational actors who were crucial for the verification of our research problem as well as giving different forms of feedback.

A combination of a general interview guide and standardized open-ended interview methods were used to conduct the interviews (Patton, 2002 ). The issues in the outline consisted of a set of questions carefully worded and arranged with the intention of taking each interviewee through the same sequence. However, some types of questions were not the same for different interviews.

Executive managers report to the CEO of NordMine.

Group management in NordMine includes mangers who report to executive managers.

Business area managers of NordMine report to executive managers.

Site managers who report to the business area managers of NordMine, are regarded as operational level managers.

The risk management handbook is updated annually by the finance group.

To give an overview and enable benchmarking between the different sites and facilities of the company, the results of the risk grading process were presented in a matrix, and this in turn, enabled the insurance captive and the finance group to prioritise and make decisions concerning actions and investments.

NordMine did not have a risk policy document until 2021.

Life of mine planning is a main component of NordMine’s strategic and business planning process.

NordMine aims to have zero carbon emissions from its processes and products by 2045 by shifting to innovative and competitive mining as well as the processing of iron ore and minerals to produce climate-efficient quality products.

NordMine in collaboration with a technology university provides special engineering courses. Additionally, as a part of skill development programs, from 2022 group HR has created a new digital learning platform where they provide many global online courses with different subjects (e.g., finance management, sustainability management) to employees who are interested in expanding their knowledge in specific areas. NordMine has also started to run the International Management Program together with high-potential leaders. Through this program, top managers such as finance controllers, business partners, and communication managers will be challenged based on their position and get more business knowledge related to their management work.

High potentials are employees with the ability, engagement, and aspiration to rise to and succeed in more senior and/or critical positions.

The social licence and permits are related to the approval of authorities and other stakeholders, such as the Swedish state as the owner of the company, national and local politicians, courts and local communities (e.g., municipalities) for the company’s operating procedures. The company needs to update its permits on a regular basis for its existing operations, and apply for new permits in order to expand its business which includes new ways of mining. Thus, getting permits in time is a crucial issue for the company’s credibility, and the lack of the permit can face NordMine with a huge risk such as business interruption.

As sustainability became the main component of NordMine’s new strategy in 2020, any environmental and climate-related effects that would occur through the direct and indirect mining practices of the company are considered as risks. Thus, identifying and mitigating risks associated with the loss of biodiversity, the contamination of water by oil spills, carbon emission and air pollution through the mining process become crucial for the company’s business planning process, nevertheless, these risks are highly integrated with the mining operations.

Andersson, T., Cäker, M., Tengblad, S., & Wickelgren, M. (2019). Building traits for organizational resilience through balancing organizational structures. Scandinavian Journal of Management, 35 (1), 36–45.

Article   Google Scholar  

Anton, S. G., & Nucu, A. E. A. (2020). Enterprise risk management: A literature review and agenda for future research. Journal of Risk and Financial Management, 13 (11), 281. https://doi.org/10.3390/jrfm13110281

Antoncic, M. (2019). Why sustainability? Because risk evolves and risk management should too. Journal of Risk Management in Financial Institutions, 12 (3), 206–216.

Google Scholar  

Arena, M., Arnaboldi, M., & Palermo, T. (2017). The dynamics of (dis) integrated risk management: A comparative field study. Accounting, Organizations and Society, 62 , 65–81. https://doi.org/10.1016/j.aos.2017.08.006

Arnold, V., Benford, T., Canada, J., & Sutton, S. G. (2011). The role of strategic enterprise risk management and organizational flexibility in easing new regulatory compliance. International Journal of Accounting Information Systems, 12 (3), 171–188. https://doi.org/10.1016/j.accinf.2011.02.002

Aven, T. (2019). The call for a shift from risk to resilience: What does it mean? Risk Analysis, 39 (6), 1196–1203.

Baird, K., Su, S., & Munir, R. (2023). The mediating role of levers of controls on the association between sustainable leadership and organisational resilience. Journal of Management Control, 34 (2), 167–200. https://doi.org/10.1007/s00187-023-00354-1

Baxter, R., Bedard, J. C., Hoitash, R., & Yezegel, A. (2013). Enterprise risk management program quality: Determinants, value relevance, and the financial crisis. Contemporary Accounting Research, 30 (4), 1264–1295. https://doi.org/10.1111/j.1911-3846.2012.01194.x

Bhamra, R., Dani, S., & Burnard, K. (2011). Resilience: The concept, a literature review and future directions. International Journal of Production Research, 49 (18), 5375–5393. https://doi.org/10.1080/00207543.2011.563826

Bogodistov, Y., & Wohlgemuth, V. (2017). Enterprise risk management: A capability-based perspective. The Journal of Risk Finance . https://doi.org/10.1108/JRF-10-2016-0131

Boholm, Å., Corvellec, H., & Karlsson, M. (2012). The practice of risk governance: Lessons from the field. Journal of Risk Research, 15 (1), 1–20. https://doi.org/10.1080/13669877.2011.587886

Braumann, E. C. (2018). Analyzing the role of risk awareness in enterprise risk management. Journal of Management Accounting Research, 30 (2), 241–268. https://doi.org/10.2308/jmar-52084

Braumann, E. C., Hiebl, M. R., & Posch, A. (2024). Enterprise risk management as part of the organizational control package: Review and implications for management accounting research. Journal of Management Accounting Research . https://doi.org/10.2308/JMAR-2021-071

Braun, V., & Clarke, V. (2006). Using thematic analysis in psychology. Qualitative Research in Psychology, 3 (2), 77–101. https://doi.org/10.1191/1478088706qp063oa

Bromiley, P., McShane, M., Nair, A., & Rustambekov, E. (2015). Enterprise risk management: Review, critique, and research directions. Long Range Planning, 48 (4), 265–276.

Caldarelli, A., Fiondella, C., Maffei, M., & Zagaria, C. (2016). Managing risk in credit cooperative banks: Lessons from a case study. Management Accounting Research, 32 , 1–15. https://doi.org/10.1016/j.mar.2015.10.002

Carmeli, A., & Markman, G. D. (2011). Capture, governance, and resilience: Strategy implications from the history of Rome. Strategic Management Journal, 32 (3), 322–341. https://doi.org/10.1002/smj.880

Christensen, C. M., Carlile, P., & Sundahl, D. (2002). The process of theory building. Harvard Business School, Cambridge, MA, Harvard University, 17 , 1–22.

Christiansen, U., & Thrane, S. (2014). The prose of action: The micro dynamics of reporting on emerging risks in operational risk management. Scandinavian Journal of Management, 30 (4), 427–443. https://doi.org/10.1016/j.scaman.2014.08.006

European Commission. (2023). European green deal: The EU is fighting climate change through ambitious policies at home and close cooperation with international partners. Retrieved May 23 2023, from https://climate.ec.europa.eu/eu-action/european-green-deal_en

Corvellec, H. (2010). Organizational risk as it derives from what managers value: A practice-based approach to risk assessment. Journal of Contingencies and Crisis Management, 18 (3), 145–154. https://doi.org/10.1111/j.1468-5973.2010.00611.x

Crawford, J., & Jabbour, M. (2024). The relationship between enterprise risk management and managerial judgement in decision-making: A systematic literature review. International Journal of Management Reviews, 26 (1), 110–136. https://doi.org/10.1111/ijmr.12337

Dhlamini, J. (2022). Strategic risk management: A systematic review from 2001 to 2020. Journal of Contemporary Management, 19 (2), 212–237. https://doi.org/10.35683/jcm22008.165

Diab, A., & Metwally, A. B. M. (2021). The Biopolitics of Transformation to ERM Technologies: A Case From Egypt. International Journal of Customer Relationship Marketing and Management (IJCRMM), 12 (4), 31–45. https://doi.org/10.4018/IJCRMM.2021100103

Dooley, L. M. (2002). Case study research and theory building. Advances in Developing Human Resources, 4 (3), 335–354. https://doi.org/10.1177/1523422302043007

Gehman, J., Glaser, V. L., Eisenhardt, K. M., Gioia, D., Langley, A., & Corley, K. G. (2018). Finding theory–method fit: A comparison of three qualitative approaches to theory building. Journal of Management Inquiry, 27 (3), 284–300. https://doi.org/10.1177/1056492617706029

Gerring, J. (2004). What is a case study and what is it good for? American Political Science Review, 98 (2), 341–354. https://doi.org/10.1017/CBO9780511803123.005

Gioia, D. A., Corley, K. G., & Hamilton, A. L. (2013). Seeking qualitative rigor in inductive research: Notes on the Gioia methodology. Organizational Research Methods, 16 (1), 15–31. https://doi.org/10.1177/1094428112452151

Giovannoni, E., Quarchioni, S., & Riccaboni, A. (2016). The role of roles in risk management change: The case of an Italian bank. European Accounting Review, 25 (1), 109–129. https://doi.org/10.1080/09638180.2014.990475

Gittell, J. H. (2000). Organizing work to support relational co-ordination. International Journal of Human Resource Management, 11 (3), 517–539. https://doi.org/10.1080/095851900339747

Gittell, J. H., Cameron, K., Lim, S., & Rivas, V. (2006). Relationships, layoffs, and organizational resilience: Airline industry responses to September 11. The Journal of Applied Behavioral Science, 42 (3), 300–329. https://doi.org/10.1177/0021886306286466

Hall, M., Mikes, A., & Millo, Y. (2015). How do risk managers become influential? A field study of toolmaking in two financial institutions. Management Accounting Research, 26 , 3–22. https://doi.org/10.1016/j.mar.2014.12.001

Hardy, C., & Maguire, S. (2020). Organizations, risk translation, and the ecology of risks: The discursive construction of a novel risk. Academy of Management Journal, 63 (3), 685–716. https://doi.org/10.5465/amj.2017.0987

Helfat, C. E., & Peteraf, M. A. (2015). Managerial cognitive capabilities and the microfoundations of dynamic capabilities. Strategic Management Journal, 36 (6), 831–850. https://doi.org/10.1002/smj.2247

Hillmann, J., & Guenther, E. (2021). Organizational resilience: A valuable construct for management research? International Journal of Management Reviews, 23 (1), 7–44. https://doi.org/10.1111/ijmr.12239

Holling, C. S. (1973). Resilience and stability of ecological systems. Annual Review of Ecology and Systematics . https://doi.org/10.1146/annurev.es.04.110173.000245

Jabbour, M., & Abdel-Kader, M. (2016). ERM adoption in the insurance sector: Is it a regulatory imperative or business value driven? Qualitative Research in Accounting & Management, 13 (4), 472–510. https://doi.org/10.1108/QRAM-03-2015-0035

Jaeger, C. (2010). Risk, rationality, and resilience. International Journal of Disaster Risk Science, 1 (1), 10–16.

Jeitziner, J., Mikes, A., & Oyon, D. (2017). Risk management: Towards a behavioural perspective. The Routledge companion to behavioural accounting research (pp. 459–470). Routledge.

Chapter   Google Scholar  

Jordan, S., Jørgensen, L., & Mitterhofer, H. (2013). Performing risk and the project: Risk maps as mediating instruments. Management Accounting Research, 24 (2), 156–174. https://doi.org/10.1016/j.mar.2013.04.009

Kaplan, R. S., Leonard, H. B. D., & Mikes, A. (2020). The risks you can’t foresee: What to do when there’s no playbook. Harvard Business Review, 98(6).

Klein, V. H., Jr., & Reilley, J. T. (2021). The temporal dynamics of enterprise risk management. Critical Perspectives on Accounting . https://doi.org/10.1016/j.cpa.2021.102363

Klein, K. J., Dansereau, F., & Hall, R. J. (1994). Levels issues in theory development, data collection, and analysis. Academy of Management Review, 19 (2), 195–229. https://doi.org/10.2307/258703

Langley, A. (1999). Strategies for theorizing from process data. Academy of Management Review, 24 (4), 691–710. https://doi.org/10.2307/259349

Lengnick-Hall, C. A., & Beck, T. E. (2005). Adaptive fit versus robust transformation: How organizations respond to environmental change. Journal of Management, 31 (5), 738–757. https://doi.org/10.1177/0149206305279367

Lengnick-Hall, C. A., Beck, T. E., & Lengnick-Hall, M. L. (2011). Developing a capacity for organizational resilience through strategic human resource management. Human Resource Management Review, 21 (3), 243–255. https://doi.org/10.1016/j.hrmr.2010.07.001

Linnenluecke, M. K. (2017). Resilience in business and management research: A review of influential publications and a research agenda. International Journal of Management Reviews, 19 (1), 4–30. https://doi.org/10.1111/ijmr.12076

Liu, X. (2019). The role of enterprise risk management in sustainable decision-making: A cross-cultural comparison. Sustainability, 11 (10), 2939. https://doi.org/10.3390/su11102939

Lundqvist, S. A. (2015). Why firms implement risk governance–Stepping beyond traditional risk management to enterprise risk management. Journal of Accounting and Public Policy, 34 (5), 441–466. https://doi.org/10.1016/j.jaccpubpol.2015.05.002

McKinsey. (2020). How the European Union could achieve net-zero emissions at net-zero cost. Retrieved December 16 2022, from https://www.mckinsey.com/capabilities/sustainability/our-insights/how-the-european-union-could-achieve-net-zero-emissions-at-net-zero-cost

Meidell, A., & Kaarbøe, K. (2017). How the enterprise risk management function influences decision-making in the organization—a field study of a large, global oil and gas company. The British Accounting Review, 49 (1), 39–55. https://doi.org/10.1016/j.bar.2016.10.005

Metwally, A. B. M., & Diab, A. (2021). Risk-based management control resistance in a context of institutional complexity: Evidence from an emerging economy. Journal of Accounting & Organizational Change, 17 (3), 416–435. https://doi.org/10.1108/JAOC-04-2020-0039

Mikes, A. (2009). Risk management and calculative cultures. Management Accounting Research, 20 (1), 18–40. https://doi.org/10.1016/j.mar.2008.10.005

Mikes, A. (2011). From counting risk to making risk count: Boundary-work in risk management. Accounting, Organizations and Society, 36 (4–5), 226–245. https://doi.org/10.1016/j.aos.2011.03.002

Mikes, A. (2016). The triumph of the humble chief risk officer. In M. Power (Ed.), Riskwork: Essays on the organizational life of risk management (pp. 253–273). Oxford University Press.

Mikes, A., & Kaplan, R. S. (2015). When one size doesn’t fit all: Evolving directions in the research and practice of enterprise risk management. Journal of Applied Corporate Finance, 27 (1), 37–40. https://doi.org/10.1111/jacf.12102

Mikes, A., & Zhivitskaya, M. (2017). Managing ambiguity: Changes in the role of the chief risk officer in the UK’s financial services sector. The Routledge companion to performance management and control (pp. 198–206). Oxford: Routledge.

Mikes, A., Hall, M., & Millo, Y. (2013). How experts gain influence. Harvard Business Review, 91 (7/8), 70–74.

Munoz, A., Billsberry, J., & Ambrosini, V. (2022). Resilience, robustness, and antifragility: Towards an appreciation of distinct organizational responses to adversity. International Journal of Management Reviews, 24 (2), 181–187. https://doi.org/10.1111/ijmr.12289

Nair, A., Rustambekov, E., McShane, M., & Fainshmidt, S. (2014). Enterprise risk management as a dynamic capability: A test of its effectiveness during a crisis. Managerial and Decision Economics, 35 (8), 555–566. https://doi.org/10.1002/mde.2641

Patton, M. Q. (2002). Qualitative research & evaluation methods . Sage.

Power, M. (2009). The risk management of nothing. Accounting, Organizations and Society, 34 (6–7), 849–855. https://doi.org/10.1016/j.aos.2009.06.001

Richtnér, A., & Löfsten, H. (2014). Managing in turbulence: How the capacity for resilience influences creativity. R&D Management, 44 (2), 137–151.

Richtnér, A., & Södergren, B. (2008). Innovation projects need resilience. International Journal of Technology Intelligence and Planning, 4 (3), 257–275. https://doi.org/10.1504/IJTIP.2008.020097

Rooney, J., & Cuganesan, S. (2015). Leadership, governance and the mitigation of risk: A case study. Managerial Auditing Journal, 30 (2), 132–159.

Rowley, J. (2002). Using case studies in research. Management Research News . https://doi.org/10.1108/01409170210782990

Sax, J., & Andersen, T. J. (2019). Making risk management strategic: Integrating enterprise risk management with strategic planning. European Management Review, 16 (3), 719–740.

Shad, M. K., Lai, F. W., Fatt, C. L., Klemeš, J. J., & Bokhari, A. (2019). Integrating sustainability reporting into enterprise risk management and its relationship with business performance: A conceptual framework. Journal of Cleaner Production, 208 , 415–425. https://doi.org/10.1016/j.jclepro.2018.10.120

Siggelkow, N. (2007). Persuasion with case studies. Academy of Management Journal, 50 (1), 20–24. https://doi.org/10.5465/amj.2007.24160882

Somers, S. (2009). Measuring resilience potential: An adaptive strategy for organizational crisis planning. Journal of Contingencies and Crisis Management, 17 (1), 12–23. https://doi.org/10.1111/j.1468-5973.2009.00558.x

Somers, J. (2022). Technologies to decarbonise the EU steel industry. JRC Technical Report 127468. Europäische Kommission–Joint Research Centre, Luxemburg und Petten

Sutcliffe, K. M., & Vogus, T. J. (2003). Organizing for resilience. In K. S. Cameron, I. E. Dutton, & R. E. Quinn (Eds.), Positive organizational scholarship (pp. 94–110). Berrett-Koehler.

Steel times international. (2021). Sweden: A pioneer in green steel production. Retrieved October 15 2022, from https://www.steeltimesint.com/news/sweden-a-pioneer-in-green-steel-production

Taleb, N. N. (2012). Antifragile: How to live in a world we don’t understand (Vol. 3). Allen Lane.

Teece, D. J., Pisano, G., & Shuen, A. (1997). Dynamic capabilities and strategic management. Strategic Management Journal, 18 (7), 509–533. https://doi.org/10.1002/(SICI)1097-0266(199708)18:7%3C509::AID-SMJ882%3E3.0.CO;2-Z

Tekathen, M., & Dechow, N. (2013). Enterprise risk management and continuous re-alignment in the pursuit of accountability: A German case. Management Accounting Research, 24 (2), 100–121. https://doi.org/10.1016/j.mar.2013.04.005

Tekathen, M., & Dechow, N. (2020). Semantic narrowing in risk talk: The prevalence of communicative path dependency. Management Accounting Research, 48 (1), 1–18. https://doi.org/10.1016/j.mar.2020.100692

Van Asselt, M. B., & Renn, O. (2011). Risk governance. Journal of Risk Research, 14 (4), 431–449.

Van Maanen, J., Sørensen, J. B., & Mitchell, T. R. (2007). The interplay between theory and method. Academy of Management Review, 32 (4), 1145–1154. https://doi.org/10.5465/amr.2007.26586080

Van de Ven, A. H. (2007). Engaged scholarship: A guide for organizational and social research . Oxford University Press.

Van Der Vegt, G. S., Essens, P., Wahlström, M., & George, G. (2015). Managing risk and resilience. Academy of Management Journal, 58 (4), 971–980. https://doi.org/10.5465/amj.2015.4004

Vogus, T. J., & Sutcliffe, K. M. (2007). Organizational resilience: Towards a theory and research agenda. In 2007 IEEE international conference on systems, man and cybernetics. IEEE pp 3418–3422

Wahlström, G. (2009). Risk management versus operational action: Basel II in a Swedish context. Management Accounting Research, 20 (1), 53–68. https://doi.org/10.1016/j.mar.2008.10.002

Walker, B., Gunderson, L., Kinzig, A., Folke, C., Carpenter, S., & Schultz, L. (2006). A handful of heuristics and some propositions for understanding resilience in social-ecological systems. Ecology and Society . https://doi.org/10.5751/ES-01530-110113

Wassenius, E., & Crona, B. I. (2022). Adapting risk assessments for a complex future. One Earth, 5 (1), 35–43. https://doi.org/10.1016/j.oneear.2021.12.004

WBCSD. (2016). Sustainability and enterprise risk management: The first step towards integration. Retrieved January 06 2024, from WBCSD_Risk_Publication_2016.pdf

Winter, S. G. (2003). Understanding dynamic capabilities. Strategic Management Journal, 24 (10), 991–995. https://doi.org/10.1002/smj.31

Woods, M. (2009). A contingency theory perspective on the risk management control system within Birmingham City Council. Management Accounting Research, 20 (1), 69–81. https://doi.org/10.1016/j.mar.2008.10.003

Yin, R. K. (2009). Case study research: Design and methods (Vol. 5). Sage.

Zhivitskaya, M., & Power, M. (2016). The Work of Risk Oversight. In M. Zhivitskaya & M. Power (Eds.), Riskwork: Essays on the Organizational Life of Risk Management (pp. 91–109). Oxford University Press.

Download references

Acknowledgements

The corresponding author gratefully acknowledges support from the Swedish Research School Management and IT (MIT). The co-author gratefully acknowledges the financial support of the Jan Wallander and Tom Hedelius Foundation, and the Tore Browaldhs Foundation, project numbers W18-0016 and P18-0224, in this work. We are also very thankful to everyone from NordMine who participated in our research. Finally, we would like to thank all those in the Accounting Sector at Uppsala University who provided feedback on earlier drafts of this paper.

Open access funding provided by Uppsala University. The Swedish Research School Management and IT (MIT) [corresponding author]. Jan Wallander and Tom Hedelius Foundation, and the Tore Browaldhs Foundation [co-author].

Author information

Authors and affiliations.

Department of Business Studies, Uppsala University, Box 513, 751 20, Uppsala, Sweden

Aynaz Monazzam & Jason Crawford

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Aynaz Monazzam .

Additional information

Publisher's note.

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix 1 List of interviewees

Rights and permissions.

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ .

Reprints and permissions

About this article

Monazzam, A., Crawford, J. The role of enterprise risk management in enabling organisational resilience: a case study of the Swedish mining industry. J Manag Control (2024). https://doi.org/10.1007/s00187-024-00370-9

Download citation

Accepted : 22 February 2024

Published : 23 March 2024

DOI : https://doi.org/10.1007/s00187-024-00370-9

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Dynamic capability
• Enterprise risk management
• Find a journal
• Publish with us
• Track your research