This article presents a critical literature review that pools information on risk management of complex construction-infrastructure projects in the UK. The main goal is to assess and compare current risk management frameworks against the dynamic and politically charged, multi-stakeholder complexity typical for UK megaprojects. The specific purpose of the review is to justify the necessity of integrated and adaptive governance using digital technologies to achieve the objective, thus forming the theoretical basis and the primary research gap for the dissertation.
The review starts from the evaluation of the conceptualization of risk as it moves from control-oriented with CPMT, PMBOK, PRINCE2, and ISO 31000 to adaptive systems, accepting that the world is full of ambiguity. Prior scholarship, whilst often treating risk management conceptually and procedurally (e.g. ISO 31000), fails to address such practical issues of governance resulting from large UK projects. Turner and Zolin (2020) criticize this approach as legacy frameworks fail to capture the emergent, poorly structured risks such as project-embedded politics and multi-stakeholder scenarios, which contribute to underperformance. These traditional frameworks, by virtue of their theorized nature as generic and context-independent frameworks, are limited in addressing the deep institutional fragmentation in the UK infrastructure sector (Pryke & Smyth, 2020).
The current literature displays a critical inconsistency: it does not explain the problems of implementation of the standard frameworks in the face of interdependent risks – financial, political and technological. Most of the empirical work is currently descriptive, focusing on local surveys or single project failures, hence overlooking the risk at a systems level. In the light of the review, best-practice approaches, which include adaptive governance and digital integration, are contrasted with governance failures in UK megaprojects, which are well documented. However, a coordinated investigation to link the issues of long term governance, stakeholder engagement and the digital governance divide is still lacking. This missing link is the justification for the research gap: the need to empirically explore the integration of adaptive governance and digital intelligence in a politically and institutionally fragmented environment of UK megaprojects.
Traditional Risk Management Frameworks
The development of risk management theory indicates that there is a clear path away from control-oriented models, moving towards the management of ambiguity and complexity. However, for high-profile UK megaprojects such theoretical progress has been far outweighed by the straitlaced nature of heavily embedded traditional frameworks.
The Rigidity of Classical Theory vs. Megaproject Complexity
Classical Project Management Theory (CPMT) – prominent since the mid-20th century, within this concept, projects were viewed as linear and predictable systems that could be managed through controlled planning and control (Turner & Muller, 2022). This is a control-oriented paradigm that is critically insufficient for modern megaprojects because of their unpredictable socio-political setting and the high levels of internal complexity (Williams & Samset, 2022). Flyvbjerg (2023) bluntly questions the fundamental assumptions behind CPMT, including the notion of stability, which is attributed to external and behavioural factors such as political underestimation and optimism bias, which are completely ignored in the traditional CPMT literature. In essence, CPMT doesn’t work because it tries to constrain systems which are essentially open and politically motivated.
Inconsistencies In Regulatory Frameworks (Pmbok, Prince2, Iso 31000)
Contemporary regulatory frameworks aim to build risk into structural systems, yet the procedural nature of these frameworks opens up huge blind spots when applied to complex projects:
Comparison of Risk Management Frameworks
| Framework | Emphasis | Critique for Complex Megaprojects | Contrast/Synthesis |
| PMBOK Guide (PMI, 2021) | Process & Documentation (Lessons Learned) | Overly prescriptive; leads to siloed efforts and documentation becoming a proxy for genuine learning rather than promoting flexibility (Hillson, 2019). | Contrasts with ISO 31000’s holistic, organizational scope by focusing narrowly on the project level. |
| PRINCE2 (Axelos, 2023) | Governance & Accountability (Escalation & Review) | Becomes compliance-driven and inflexible; fails to address emergent, project-embedded political and regulatory risks (Martinsuo & Hoverfält, 2018). | Contrasts with PMBOK’s documentation focus by emphasizing clear management structures, yet suffers from similar systemic rigidity. |
| ISO 31000:2018 | Integration & Continuous Improvement (Organizational Scope) | Plagued by excessive abstraction, provides little actionable guidance for politically sensitive or institutionally complicated scenarios (Aven, 2022). | Agrees with the need for organizational integration, but its lack of practical guidance exposes the difficulty in moving from theoretical mandates to dynamic implementation (Ward & Chapman, 2023). |
The underlying pressure is that while frameworks including ISO 31000 support the administrative integration of risk management, PMBOK also emphasises prescriptive documentation and this creates tension between satisfying the procedural requirements while simultaneously satisfying the very real and practical need to provide dynamic and fluid risk management. This is manifested in the rigidity evident in governance failure in UK projects due to the practices of bounded risk management that fail to account for the political and evolved complexities in the multi-stakeholder environment (Turner & Zolin, 2020).
Megaproject Risk: Dependencies and Inadequate Categorization
Megaprojects are fundamentally categorised by interconnected, overlapping and complex risk sets (Flyvbjerg, 2023; NAO, 2023).1 Although the literature does a good job of identifying risk categories, a critical failing is that it struggles to capture and synthesise the systemic interdependencies of the politics, technology and stakeholder action.
The Narrow Scope of Risk Analysis
Traditionally, risk identification has addressed mainly financial and technical feasibility. Locatelli et al. (2022) are an ideal example of this, limiting the financial risks to economic volatility and funding instability. Critically, this does not acknowledge the fact that financial outcomes are often influenced by exogenous political factors. For example, the analysis of such projects as the Heathrow expansion (Coughlan et al., 2022) proves that policy withdrawals and changes to laws are political variables that directly increase financial uncertainty. The current literature therefore is inadequate since it addresses financial risk as a purely economic issue, when in the UK context, it is politically highly debated.
Technological Risk versus Maturity of Governance
The literature accepts that technological advancements such as BIM, AI, and digital twins can provide real-time risk data acquisition (Osei-Kyei et al., 2023; Succar & Kassem, 2021), but the analysis of technological risks is too optimistic and incomplete.
Technological Benefits and Gaps in Risk Management
| Author/Concept | Technological Benefit | Critical Gap Identified | Contrast |
| Succar & Kassem (2021), Darko et al. (2023) | Enhanced predictive analytics and real-time monitoring via BIM/AI. | Overdependence Risk: Fails to account for risks related to cybersecurity, data integrity, and liability (Pryke & Smyth, 2020). | Focuses on tools, overlooking the institutional prerequisites. |
| Matarneh et al. (2022) | Need for digital integration. | Governance Divide:Advises, a supportive culture and governance systems must exist; otherwise, automation risks addressing peripheral issues while systemic problems persist. | Contrasts the technological optimism by stressing the primacy of organizational culture and governance. |
The overwhelming focus on the technical capacity of tools is a distraction from the critical organisational maturity necessary for their good governance (Matarneh et al., 2022). The literature thus jumps to the conclusion that technology adoption is equal to risk mitigation without ever having a look into the lack of cultural and governance frameworks needed.
The Primacy of Stakeholder and Governance Failure
In the UK context, the link to poor governance and accountability is often associated with poor governance, where (as Davies et al. (2023) point out) the soloed contractual structures and fragmented collaboration are evident. However, previous studies mostly focus on the symptoms instead of the structural fragmentation. The criticism here is that even though formal processes are studied, the literature ignores informal governance practices, trust, partnership, alignment, etc. which are required to build transparency and enable cooperation (Too & Weaver, 2021). The institutional misalignment where the short-term politics lead to discontinuity (Brady & Davies, 2024) emphasizes the lack of adequacy of current risk categorization.
Future research will need to focus on developing holistic, integrated frameworks for risk management that explicitly account for the interdependencies of these disparate risk categories, moving beyond the traditional, siloed financial focus.
Governance, Best Practices and the Need for Adaptively
The inadequacy of conventional risk management frameworks (Section 2.2) has led to a desired conceptual move towards flexible and adaptive governance and technology-enabled practices. However, the greatest weakness in the contemporary literature is its inability to consider seamlessly integration of these practices and analyze their sustainability in the difficult political situation of UK megaprojects.
The major challenge of megaproject risk governance is the gap between necessary formal processes and necessary informal practices. Systematic documentation carried by PRINCE2 and the reporting required by the NAO (2023) after mega projects address the accountability of projects after the event. In contrast, megaprojects require complementary informal practices such as trust, partnership and alignment of interests, crucial for risk uncertainty management in time (Too, & Weaver, 2021). The literature, unfortunately, is still strongly skewed towards the study of rigid structures with no regard for the soft, behavioral elements that contribute to the construction of essential cooperation.
Muller et al. (2022) present empirical evidence that collaborative governance structures substantially improve project outcomes by promoting collective risk ownership. However, this ideal is badly hampered in the context of the UK, which has issues of institutional misalignment. Short-term political objectives and bureaucratic laziness create discontinuity in governance establishments as argued by Brady & Davies (2024). This structural problem is the fundamental cause of the problem: politics pursue short-term goals and this means that the basis for long-term, trust-based, informal collaboration can no longer exist, which makes formal frameworks ineffective. The resulting bias in governance scholarship with its emphasis on rigid structures is inadequate in systems dealing with the complexity and uncertainty in need of networked collaboration and resilient frameworks (Ostrom, 2010).
Digital Transformation vs. Governance Maturity: The Integration Gap
The technology of digital transformation and BIM, to be more precise, has excellent opportunities: the literature focuses on the desire to write about the opportunities of a specific kind of technology, thus, ignoring the main organizational and cultural requirements that are to be fulfilled in order to ensure that technology would be in the most successful context (Darko et al., 2023).
Also Read: Cultural Adaptability Research Goal
Matarneh et al. (2022) in a critical warning: technology is not the guarantee of progress; it needs a supportive culture and a mature governance system. Without these, projects may be automating around peripheral risks and leaving profound systemic risks (e.g. political volatility, stakeholder misalignment) unaddressed. This is a critical point of contrast: while in BIM, for example, clashes can be accurately predicted (technical risk), contrasts between a policy change and breakdown in collaboration cannot be mitigated (political/stakeholder risk). The lack of empirical research in the area of the intersection between digital technology and the supporting governance mechanism (data trust, decision transparency) is a glaring gap.
The Sustainability Challenge of Best Practices
While practices such as early stakeholder involvement, integrated governance, and digital risk intelligence make good sense, the literature is disproportionately focused on implementation as opposed to sustainment. Research has neglected the long-term impacts of these practices on cultural alignment, institutional resilience, and sustained leadership during a project lifecycle, spanning a decade (Olander et al., 2021; Clegg et al., 2023).
For example, when early involvement of stakeholders is encouraged, early involvement facilitates legitimacy, and yet, the prior research pays little attention to the fact that cultural differentials between stakeholders play a crucial role in retaining legitimacy (Davies et al., 2023). Similarly, the assessment enables real-time evaluation, although in the literature, the effectiveness of such digital tools (complexity, adaptability) and their combination with adaptive governance has not been empirically investigated and whether these tools mitigate the systemic project risks to a considerable extent (Darko et al., 2023). This leads to a conclusive observation, to move beyond descriptive best practice and develop an integrated and adaptive governance model, future research will need to focus on the adaptation and implementation challenges related to political instability, stakeholder fragmentation and technology learning in the context of UK megaprojects.
Theoretical Framework: Complexity, Adaptive Governance, and Digital Integration
The three theoretical frameworks that the current study will be based on to provide a definitive answer to the complexity of infrastructure in the UK include Complexity Theory, Adaptive Governance, and Digital Integration to mitigate the weaknesses of classical, top-down control-focused literature and directly challenge the complexity of the UK infrastructure. The unification of these two places presents a new analysis of the control factors isolating and uniting them into resilient factors.
Complexity Theory (The ‘Why’ Risk Emerges)
The complexity Theory is crucial in the refinancing of risk. It considers risk as an emergent occurrence due to the non-linear interaction between the technical, social, and political sub-systems of a project, instead of a predictable factor to be managed (as in CPMT) (Remington and Pollack, 2022; Padalkar and Gopinath, 2023). It goes beyond the analysis of risk within the limited contexts (e.g., finance, scheduling) but it offers the niche required to dissect the dependencies and feedbacks that define UK megaproject underperformances (e.g. the effect of a political decision on a technological risk). This systems view is vital in the comprehension of why inflexible structures never work in handling the outcomes of UK megaprojects.
Adaptive Governance (The ‘How’ to Manage Complexity)
The behavioural and structural answer to the diagnosis of the Complexity Theory is Adaptive Governance. Put into perspective by Parker et al. (2023) and Brady and Davies (2024), this strategy prioritises non-compliant and flexible aims to learn and make a decision jointly instead of focusing on compliance, strict attitudes, and rigid behaviours. The framework itself is the required instrument in terms of solving the institutional fragmentation and political instability of the UK environment (Ostrom, 2010). It changes the increase in emphasis of the fixed, inflexible structures to connected systems that have the ability to absorb instability, assist in the process of learning and risk sharing to promote institutional resilience.
Digital Integration (The ‘Tool’ for Adaptive Management)
Digital Integration fills in between the technical monitoring and strategic adaptive governance. As the authors demonstrate, the opportunity to link digital tools (BIM, AI, digital twins), which track the risks in real-time and offer more insights into systems, becomes possible (Darko et al., 2023). This notion is implemented to operationalize the adaptive framework by making use of the real-time and intelligence-driven data needed to facilitate flexible decisions. As the Digital Integration introduces risk management as a constant, data-driven mechanism, whereby a periodic, paper-based endeavour is replaced by a continuous, data-centred system, this becomes the foundation of learning and adaptation among the organisation members, which is the basis of the Adaptive Governance.
Research Gaps and Conclusion
The critical synthesis made above has found that though there has been a substantial literature on project risk management, there are still considerable gaps, especially in the UK megaproject construction environment. These loopholes create a need to conduct an empirical study in an attempt to fill them based on the existing theoretical framework.
The Implementation Gap (Theory versus Practice): The literature is overwhelmingly about the theoretical model (PMBOK, PRINCE2), which does not provide empirical support on the ability of these inflexible frameworks to deal with the political instability and institutional siloing that are critical to the failures of the UK megaprojects (Flyvbjerg, 2023; Davies et al., 2023). The lack of empirical studies that explain the actual operational breakdown of inflexible structures in a state of political forces and a disintegrated group of stakeholders is pronounced.
The Digital Governance Gap: There is no empirical research on the most important such place of intersection of digitalization and governance. Although articles explain BIM and AI technical potential, they fail to constructively address the most important organisational and governance conditions, namely, the leadership, data credibility, and decision visibility, without which the implementation may be problematic (Matarneh et al., 2022). The literature does not identify the need to differentiate the automation of processes and improve risk intelligence by having effective data governance.
The Adaptive Framework Gap in Public Megaprojects: There is a particularly marked lack of empirical usage of adaptive, resilient governance structures applied to the specific limitations of publicly funded UK megaprojects (politically accountable/budget constrained/stakeholder complex). Although Adaptive Governance is theoretically supported (Parker et al., 2023), no empirical evidence supports applying this specific model to the study, and all aspects related to the need to escape rigid, conventional risk reduction methods are not studied at all, which is a weakness of the area.
The Research Aim
These issues represent empirical and theoretical gaps to which this dissertation is directly addressing. It is sought to investigate the impact of Digital Integration on the effectiveness of Adaptive Governance systems to reduce the impact of systemic risk in the highly fragmented political and institutional settings of UK construction mega projects. Such an amalgamated interest will give the practical knowledge needed to close the long-running divide between the prescriptive risk theory and the multifaceted project reality.
Summary
This chapter conducted a critical synthesis of risk management literature, demonstrating that traditional, control-based frameworks of risk management (PMBOK, PRINCE2) are found vitally inadequate in the management of emergent, non-linear impacts of risks in UK construction megaprojects. Such failures are due to the fact that the literature has too much focused on the prescriptive processes, and overlooked the fragmentation inherent to the institutions and the complex interdependence of politics and the economy (Flyvbjerg, 2023; Brady and Davies, 2024).
To address this inadequacy, the chapter identified a comprehensive theoretical foundation: Complexity Theory outlines the reasons why risk occurs; Adaptive Governance stipulates the structural how to dealing with it; and Digital Integration outlines the tools one is required to have (real-time intelligence) (Darko et al., 2023).
Three essential gaps in the empirical analysis included the Implementation Gap of inflexible frameworks to work in the dynamic UK environment; thematic analysis, the Digital Governance Gap that involves integrating technologies with organisational culture (Matarneh et al., 2022); and the absence of experimentation with Adaptive Governance in publicly funded initiatives.
This theoretical framework directly presents itself in the methodology’s Chapter 3. Methodology will shift to an empirical stage, where a qualitative method will be adopted to explore the practical collapse of structures within the existing systemic risk in the distributed UK infrastructure sector and verify the hypothesis that Digital Integration increases the effectiveness of Adaptive Governance in the risk reduction of the sector.