Abstract
Approaches to risk governance are not homogeneous across organizations. Some organizations invest heavily in building formal and strategically focused enterprise-wide risk governance processes whereas others exhibit reduced formality and focus, allowing risk governance to be less structured. We argue that risk governance may best be described as a service dependent upon a network (or ecosystem) of participants who include users of risk information and providers who design and implement risk governance processes. Using a survey sample of 2,380 observations from 2011 to 2016, we find that external calls for enhanced risk governance are positively associated with risk governance processes having greater formality and strategic focus. We find this relationship is partially mediated by internal demands for enhanced risk governance. Further, we find that the positive association between internal demands and enhanced risk governance is reduced by resource constraints and that a risk-seeking attitude is negatively associated with enhanced risk governance.
Original language | English |
---|---|
Pages (from-to) | 99-128 |
Number of pages | 30 |
Journal | The Accounting Review |
Volume | 98 |
Issue number | 5 |
Early online date | 1 Sept 2023 |
DOIs | |
Publication status | Published - Sept 2023 |
Bibliographical note
Publisher Copyright:© 2023 American Accounting Association. All rights reserved.
Keywords
- board oversight
- enterprise risk management
- risk governance
- strategic risk management