Culture in Risk Management development

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.


Risk management is one of those concepts within management all over the world these days. Compliance with well-recognized risk management standard is important for all most every organization. Virtually, deal with risks and make risk management effective are complex issues. Wrong decisions could directly or indirectly lead to adverse consequences, not only decision-makers, shareholders, but also employees, customers, suppliers and citizens as well. Risk management provides reasonable assurance on objective achievement which implemented by people in the organization (Moeller, 2007). According to the statement of Mottershead and Godfrey (2001), Moeller (2007) asserted that risk management is a core which involves into every branch and process of an organization. Therefore, risk management manages risks all over the organization, aiming at achieves their causes and effects which could influence the object (ibid). There are many ways could help managers to develop risk management all over their organizations. According to Ward (2004), there are six dimensions of risk management development which including 'what', 'when', 'why', 'whichway', 'who' and 'wherewithal'. Virtually every dimension runs in an organization is embed with people. Due to risk managers will contact with a wide range of work colleagues, when they are doing risk management in an organization, they will encounter a lot of 'cognitive bias' (ibid). Different people have different attitudes towards risk based on different cultures. Therefore, it is useful for risk managers to understand the way their colleagues actually think when they do something and why should it do that way. In this case, culture, a difficult and elusive concept, plays an essential role in risk management (Waring and Glendon, 2000). This paper is aiming at explore the importance of culture in risk management.

Culture virtually has hundreds of definitions and reveals different features of itself which depending on who is looking, how and why (Kroeber and Kluckhom, 1952). According to Tylor (1871), 'culture or civilization, taken in its wide ethnographic sense, is that complex whole which includes knowledge, belief, art, morals, law, customs, and any other capabilities and habits acquired by man as a member of society'. Due to the permeability of cultures on the whole but 'defensive boundaries between polities' (Said, 1989), culture is a useful concept links to risk. Wildavsky and Dake (1990) asserted that culture virtually a fundamental of self-regulation. This means, individuals in various cultures within their norms see risks in different ways. The way people react to information is reflected by culture (Rozakis, 2007). Hence, culture virtually could be seen as social behavior. In this case, culture is the concept of describing a particular population and offering a system of ideas with social groups (ibid). Virtually culture could be discussed in nationality, religion, region, economics, education, and political beliefs (ibid). Different kind of culture provides roles, standards of individual and conducts their beliefs, attitudes and behaviors at the same time (Mars and Nicod, 1983). Based on one exact cultural norm, individuals exhibit themselves that obey the rule of the culture (Thompson, 1990).

Culture Theory

Cultural theory is 'a method of analysis which can be used for evaluating the influence of organizational structure on behavior and attitudes, including the cognition of risk' (Vaughan, 1997). It concentrated in two dimensions to classify culture: 'group' and 'grid' (Douglas, 1992). The group of the grid built on people who meet face to face and focus on the constraints give by other members of this kind of culture (Mars, 1994). According to Douglas (1992), there are four ways of life in cultural theory. Fatalist, stratified individuals, is isolated and subordinate (Slovic, 1992). In this case, even tiny shift of the nature, it could lead serious consequences to fatalists (Skipper and Kwon, 2007). This kind of people understands life is a destiny, risks are out of their control and safety is matter of luck (Slovic, 1992). In addition, for individualists, nature is a robust environment which encourages individual experimentation, expansion and technological development (Skipper and Kwon, 2007). Individualists see risks could offer opportunities and should be accepted in exchange for benefits (ibid). In this case, for stratified individuals and individualists where group is weak, individuals depend on themselves because of the limitation of interaction (Douglas, 1992). Due to the capability of fatalists, people seek to avoid risk but not very effective (Ward, 2004). At the same time, individualists conjecture risks and try to get opportunities from risks (ibid). Meanwhile, hierarchists view the world based on 'bounded and graded' (Slovic, 1992). Nature is powerful to some extent but with limitation (Skipper and Kwon, 2007). Therefore, risks are acceptable if institutions have the routines to control them (Slovic, 1992). Small risks could be handled in this stage, but too big risks could make the stable situation sink (Skipper and Kwon, 2007). Furthermore, egalitarianism describes society bounded but equal (Slovic, 1992). Egalitarians do not have any theory when they are facing the changing nature that exists anywhere of their lives and they have no idea about what should they do next (Skipper and Kwon, 2007). This kind of people believe that risk unless inevitable ones, it should be avoided to protect the public (Slovic, 1992). Different from fatalists and individualists, hierarchists and egalitarians with strong group which provide wide range of activities to individuals to large extent help the interaction of them (Skipper and Kwon, 2007). Therefore, hierarchist tends accept risks based on the views of risk experts and authorities (Ward, 2004). Whereas, egalitarians prefer expand risks based on their mutual view and persuade other kind of people with the expanding risks (ibid). Each of these categories seeks information with their particular view which could help them confirm their view and reject contrary ones at the same time (Skipper and Kwon, 2007).

However, Pidgeon (1996) maintained that cultural theory which based on four types of culture to some extent is too simple. The real culture virtually is much more complex and complicated (ibid). The author combined the ideas form both Johnson (1988) and Bellaby (1990) in his article and insisted that people should think about individuals move form one culture to another (ibid).

Scarman Centre (2002a) identified the various aspects of culture at different levels refer to different risk issue. Rozakis (2007) asserted that all organizations must have some degree of both grid and group dimension. This means, probably culture theory can not describe individuals wholly, it is fit for organizations identify their organizational culture. In this case, organizations could use culture as a control tool which helps organizations evaluate employees and their beliefs (Ward, 2004). It also offers the idea of build an organizational culture which could identify the organization itself.

Organizational Culture

Lundberg (1988) defined that organizational culture is 'a phenomenon of reality construction-allowing members to see and comprehend particular events, actions, objectives, utterances and whole situations, including their own behaviors, in an acceptable way that is sensible and meaningful'. In this case, culture is a key factor which identified by organizations in their success or failure of enterprises (Waring and Glendon, 1998). Amsa (1986), Hofstede (1986), Neuijen, Ohayv and Sanders (1990) were all identified the importance of organizational culture in an organization. Organizational culture influenced by a lot of potential variables: organizational structure and purpose, organizational values, task organization, climate, and individual values and beliefs (Marcoulides and Heck, 1993). Based on the culture theory, Pidgeon et al. (1992) asserted that each of the group in culture has its own bias and social relations and which represent the risk perception in different aspects. Organizations should firstly identify their organizational culture which virtually is one of those four types of culture. In this case, organizations' actions obey the identified organizational culture. Meanwhile, organizational culture impenetrate the six dimensions of risk management development exhibits in a lot of ways (Ward, 2004). For instance, organizational culture could influence the attitudes of planning, formal procedures, regulations, criticism, mistakes, uncertainty, and risk (ibid). Due to this: risk management is designed to identify potential events that may affect the organization based on its achievement (Ward, 2004). The culture to a large extent guides the risk appetite of the organization which in turn restricts the level of achievement of the organization because resources will not be channeled into projects that are beyond the risk appetite of the organization which then foregoes the benefits. Hence in some aspects it means organizational culture is the guidance of the whole organization. Therefore, virtually organization culture is a value system (Hopkin, 2010). Within beliefs and the guides in the value system, organization culture helps organizations achieve their objectives.

For risk management development, besides culture, information is also a vital element. For information, it does not mean the more the better. Organization should firstly consider the accuracy and timeliness of the information they have gotten. Based on the accuracy and timeliness of the information, to a large extent, the more information an organization has, the easier for it know the environment. However, according to the statement of Levy (1994), Cunha, Clegg and Kamoch (2005) asserted that it is impossible for an organization has all information that it needs surrounding it. This means, with limited information development of risk management virtually depends on people and the ways people use information they have get (Ward, 2004). The point is, the way people thinking virtually are generated cognitively (Starbuck, 1993). This means, sometimes managers only focus on the information they want to notice and ignore the others. The ways managers get and analyze information are all full with biases. Furthermore, the biases of managers are based on either their value or their organizational value. Meanwhile, managers' value based on their culture and their organizational value based on their organizational culture. This identifies the importance of culture in risk management again.


Risk management was is and will always be one of the most essential topical in organization. It is using to analyze risks faced by organization and trying to reduce the impact of unpredictable issues. Culture which could influence both individuals and groups is playing an important role of risk management. It provides belief, principle and value to human beings who virtually followed the culture for the way their thinking or action. Hence, culture directly or indirectly offers the attitudes toward risks to people who are in it. This means, for risk management, culture is a useful concept for organizations both manage and dominate people who involved into the management process. The culture theory which illustrated four types of culture is one of the basic theories for organizations understand different kinds of actors. Although culture theory to some extent can not describe individuals fully, it is a useful way to understand organizational culture. Furthermore, organizational culture, a fundamental element, is the basic principle of an organization. It identifies the risk appetite of an organization which virtually is the guidance of every action of the organization and its employees. It also helps organizations choose their strategy which will be used to achieve their every target. Meanwhile, it seems that information is as importance as culture in an organization. However, the use of information is virtually based on the way managers use it. Furthermore, the way managers use information is based on both their individual culture and organizational culture. In this case, culture is the key factor of an organization for its implementation and regulation. Therefore, culture is the core of risk management development.

Word count: 1889