The chapter provides the findings and discussion of the study with special emphasis on the effect of risk management frameworks on the decision-making in the projects of the private sectors, specifically, the construction, IT and finance sectors. This chapter aims to critically discuss the most important findings of the secondary data based on a systematic literature review (SLR). Synthesising data was implemented to identify the recurring themes that came out of the existing literature on risk management practices, in addition to their integration into decision-making processes (Fenton et al., 2016; Hillson and Simon, 2021). Thematic analyses, as described in Chapter 3, synthesised the data and identify recurring themes.
This chapter is based on the research objectives, which include the investigation of the role of risk management on the various phases of the project lifecycle and the role of organisational culture and leadership (Kerzner, 2023; Tan and Zhang, 2023). These goals were handled by examining the topics of risk identification, risk response planning, and how leadership and organisational culture play a role in the decision-making process (Frigo & Anderson, 2018; Mikes and Kaplan, 2015).
Key findings are described and discussed in the subsequent sections. The findings will be contrasted to the research questions and matched with the literature available that had already been reviewed in Chapter 2. Through the analysis of the data, this chapter reveals both practical and theoretical implications of the integration of risks management in the decision-making process, which could help project managers and decision-makers to manage risks effectively during the project lifecycle (Venkatesh and Shankar, 2018; Young and McDonald, 2021).
Findings
Here, results of the research study are critically outlined and discussed based on the major themes and sub-themes that were identified on the basis of the data. The theoretical basis of these themes was based on the systematic literature review (SLR), which was analysed using a thematic analysis. The results are presented and discussed with references to the literature available, using the major examples and quotes of the secondary sources.
The table given below presents the major themes, sub-themes, and main highlights in terms of thematic analysis of the literature review. The table presented above showcases some of the most important works that underlie all the themes and sub-themes to offer theoretical justification and endorse the perspectives obtained in the process of data analysis.
Table Themes, Sub-themes, Key References, and Core Insights
| Themes | Sub-Themes | Key References | Core Insights |
| Theme 1: Risk Identification | T1: 1 Risk Registers and Site Inspections | Kerzner (2023); Hillson (2017) | Risk registers help track and monitor risks, while site inspections identify physical and environmental risks early in project lifecycles. |
| T1: 2 Brainstorming Sessions | Hillson (2017); Kerzner (2023) | Brainstorming aids in uncovering risks that formal tools might miss, especially in complex projects. | |
| Theme 2: Risk Response Planning | T2: 1 Contingency Planning | Frigo & Anderson (2018); Tufano (2018) | Contingency plans are crucial to address high-impact risks in sectors like construction and IT, ensuring quick adaptation. |
| T2: 2 Mitigation Strategies (Safety Training & Buffer Resources) | Tufano (2018); Hillson (2017) | Safety training and buffer resources are essential strategies to mitigate risks, particularly in the construction and IT sectors. | |
| Theme 3: Leadership and Organisational Culture | T3: 1 Transformational Leadership | Venkatesh & Shankar (2018); Mikes & Kaplan (2015) | Transformational leadership promotes risk management integration into strategic decisions, fostering proactive and innovative risk management practices. |
| T3: 2 Organisational Culture | Venkatesh & Shankar (2018); Hillson & Simon (2021) | An organisational culture of open communication and trust enhances the effectiveness of risk management strategies. |
Source: Self-Created
Risk Identification
Severance
The success of risk management strategy in project management depends on the effective identification of risk. The risk identification tools can be a key variable of the level of recognising risks early in a project lifecycle. Risk register is one of the most frequent tools that allow recording identified risks and monitoring them throughout the project (Kerzner, 2023). Based on the findings, risk registers are frequently applied by organizations in the various industries to make sure that impending risks are raised as early as possible.
An example to explain is that one of the participants (P1) stated, we have risk registers and site inspection which show the possible hazards before these may grow out of control. This means that risk registers are an important instrument of risk identification being proactive, especially when it comes to construction projects. Likewise, site inspection is mentioned as the critical practice in such industries as the construction field and information technology, where physical and environmental hazards can appear at any time.
The other common risk identification technique is the brainstorming sessions; these assist in the identification of risks that are not present in the first instance using formal tools. According to one of the respondents (P2), we have brainstorming meetings with the project team members that aid us to identify the risks early. This interactive strategy promotes creativity in the process of risk identification, whereby every opinion is taken into consideration.
Risk Identification Common Tools
| Tool/Method | Description | Industry Use |
| Risk Register | A documented list of identified risks, along with their impact and mitigation plans. | Construction, IT, Finance |
| Site Inspections | Regular checks on project sites to identify environmental or operational risks. | Construction, IT |
| Brainstorming | Collaborative sessions to identify less obvious risks. | All industries |
Comparing the Degree of Injury
Identification of risks is followed by assessing and quantifying the risk in terms of severity and risk probability. The process is essential in terms of ranking risks and deciding which ones are to be followed. One of the most used tools in this regard is a risk matrix that is used by project managers to classify risks in terms of their likelihood and effect on the project’s success (Tufano, 2018).
It was observed in the research that risk matrices are broadly applied in other industries, and project managers divide risks into low, medium, and high risks based on their ability to affect them. P3 added that we classify risks according to probability and impact through a risk matrix. This practice helps the project managers to be able to give priority to their response, which involves allocating resources to risks whose impact is paramount and those with high probability. Moreover, severity assessment assists project teams not only in determining the probability of the occurrence of a risk but also in determining the possible impacts of a risk on the project. This overall evaluation process enables more effective distribution of resources and decisions can be made.
Risk Matrix
The results support risk matrices as essential in appraising and addressing risks in the most efficient way, which underlies the prioritization process and allows the decision-making process to be more effective, particularly among the projects under the complex and uncertain ambience (Frigo and Anderson, 2018; Anderson et al., 2023).
Risk Response Planning
Contingent Planning
Contingency planning is important in reducing the effects of risks that cannot be fully eradicated. Project managers are to anticipate those risks with a high likelihood of happening, and that could adversely affect the project. As P4 pointed out, we make contingency plans on high-impact risks as a way of minimizing disruption. The contingency plans are to develop alternative courses of action and extra resources are allocated to take care of the project being set back should the risks identified occur. Cogency planning is also crucial in the construction and IT industries because of the changing characteristics of these industries. The high impact risks include regulatory changes in construction or IT technological changes and these are supposed to have their backup plans elaborated, to activate in case of delays or cost increase. An illustration of this is in the IT sector, where the project is usually threatened by the risks of technological disturbance and market uncertainty. A well-documented contingency plan entails that the project teams are able to react quickly when unexpected changes arise and thereby reduce the probability of the project’s failure.
CPR mitigation strategies
After the risks are identified and analyses, project teams should also put measures in place to reduce these. The mitigation strategies are usually planned to minimize the chances of a risk happening or to minimize the effects of the risk in the project. One of the measurements taken in the data gathered was to find that high-risk industry mitigation measures predominantly include safety training and buffer resources. As P6 observed, the mitigation strategies involve more and additional safety training and buffer resources. This method is common in construction and IT projects, in which the unforeseen risks may lead to a major disruption. Safety training minimizes the human error risk while bearing resources (e.g., supplementary workforce or equipment) that maintain a project schedule regardless of the unexpected difficulties. Among such strategies, technical innovations and re-scheduling of the projects are also included in the mitigation toolkit. Software patches and updates are commonly made on IT project software in order to mitigate the risk of data breaches or system breakdown.
Comparison of Risk Management Practices across Sectors
In Figure 4.2, the risk management practices of mitigation strategies are shown to be widespread across the Construction, Information Technology and Finance industries. Construction (as given in the graph) shows the greatest use of Contingency Planning and Mitigation Strategies, which is the result of the high degree of uncertainty and complexity in this sector. Mitigation Strategies are also applied in IT, although more emphasis is laid on Risk Registers in identifying the risk. This information establishes the need to have sector-specific mitigation plans to combat risks and challenges presented by the sector.
Leadership and Organizational Culture
Transformational Leadership
The styles of leadership play a significant role in the implementation of risk management practices when it comes to the decision-making process. Transformational leadership that fosters innovation and proactive decision-making has been established to be very effective in integrating risk management in project decisions. As we have described with P2, our transformational leaders make risk management integrated in strategic decisions. Such a kind of leadership not only creates an atmosphere where risk management is viewed as a proactive strategy that is capable of generating value in the uncertain environment, but also as a reactive tool. Transformational leadership compels the staff to be out of the box so that these take calculated risks, which results in innovative solutions. This type of leadership makes sure that risk management is an important aspect of the strategic decision-making process not an independent department.
Organizational Culture
The organisational culture is very crucial to the perception and management of risks. An organisational culture of open communication and transparency would help ease the decision-making process since all the stakeholders would be aware of risks and their possible effects. Our organisational culture, as P5 pointed out, focuses on open communication that will assist in the management of risks in an effective manner.
In companies that have a high collaboration and trust culture, risk management is a collective effort and not an assignment of a certain department. Such a culture enables the efficient communication of possible risks and enables more rapid responses to the emerging issues. Such environments make it easier to engage the stakeholders, so that the risk management strategies should be consistent with the organisational objectives and expectations of the stakeholders.
Summary of the Section
This section also provides a critical analysis of the findings in line with the current literature and the relationship with the research questions. The researchers note that risk identification, response planning, and leadership play a vital role in making decisions about projects that are privately owned. The thematic analysis demonstrated the importance of such tools as risk registers and risk matrices in the process of risk identification and risk evaluation, the change of risk management to the strategic decision-making process through transformational leadership and organisational culture. These findings are aligned with the results of previous research and help to further understand that risk management practices can enhance decision-making in the high-risk sectors such as building, IT, and finance.
Moreover, the present study findings are mostly consistent with previous works performed on the risk management structure and how it can be implemented during the decision making. Regarding the risk identification, such tools as risk registers and site inspections were discovered to be highly important in terms of timely identification of risks, which correlates with the work by Kerzner (2023) regarding risk registers. The research also found brainstorming sessions to be an important tool for unearthing risks, especially when it comes to complex projects. This is in line with Hillson (2017), who proposed the use of collaborative techniques like brainstorming, as these may help to identify less noticeable risks that formal tools could be unable to detect.
As part of the risk response planning, the study also discovered that contingency planning and mitigation plans were essential in the planning and implementation process. According to Frigo and Anderson (2018), contingency planning is helpful to address high-impact risks, and it corresponds to the results of the study. In the same way, the involvement of buffer resources and extra safety training to reduce risks contributes to the conclusions by Tufano (2018) and Hillson (2017), focusing on the significance of proactive strategies to deal with risks when performing.
Nevertheless, this research brings new dimensions because it is based on the significance of organisational culture and leadership in the assimilation of risk management in decision-making, which is minimally covered in the existing literature (Hillson & Simon, 2021). Transformational leadership was discovered to spur the introduction of risk management within the strategic decision-making process, which is consistent with the literature of Venkatesh and Shankar (2018) and Mikes and Kaplan (2015) on the role of leadership in integrating risk management.
Results versus Research Questions
With response to Research Question 1 (What is the impact of risk management in decision making at various project lifecycle phases in projects in the private sector?), the results of this study prove that risk management is a critical factor at every stage of the project lifecycle. Identifying risks involves the use of the risk registers and site visits, which are essential and play a vital role during the early decision-making, as Kerzner (2023) recommends. These tools assist project teams in detecting risks that can occur in project objectives that affect early project planning and resource allocation. Since risks are considered during the planning stage, contingency plans are made, and this enables the teams to prepare against any uncertainties. During the execution phase, mitigation can be used to allow project managers to adopt the arising risks as the resources buffer and other mitigation strategies can assist in a smoother flow of the project (Frigo & Anderson, 2018).
Regarding Research Question 2 (Which risk factors contribute to the decision-making that prevails in the construction, IT, and finance industries?), this study helps find a number of risk factors that are shared by these sectors. External risks in the construction business, like regulatory modifications and environmental conditions, are common in the construction industry, which proves Hillso’s (2017) emphasize about external uncertainty in construction projects. Postponements and instability of technologies were reported as major threats of IT projects, which is in line with Tan and Zhang (2023), who have noted the problem of the rapid changes in technology. The analysis also supports the research by Rad (2018) and declares financial instability and market volatility as the main risks that impact the way of making decisions on a financial basis.
Referring to the Research Question 3 (What is the level of success of the current risk management principles in facilitating and optimising the quality of decisions made in these sectors of the private?), the results indicate that ERM and RAROC models are useful in enhancing decision-making because these offer systematic procedures of identifying, assessing, and eliminating risks. These structures, especially risk matrices and risk assessment tools, assist decision-makers to priorities the risk on the basis of its impact and probability (Mikes and Kaplan, 2015). It is evident in the study that these frameworks are valuable, but possibly, one can still do more, especially in real-time decision-making where decision-makers require quick alterations (Tufano, 2018).
About Research Question 4 (How do the organisational culture and leadership contribute to the successful implementation of the risk management process in the decision-making process?), this research paper reveals the very large role of leadership and organisational culture in the process of embedding risk management in the decision-making process. Transformational leadership emerged as the force behind the inclusion of risk management strategies in the process of decision-making to bring about innovation and active decision-making. According to P2, our transformational leaders are the ones who push the practice of risk management to become part of the strategic decisions. This correlates with the efforts of Hillson and Simon (2021), who emphasise the role of the leadership in the process of making sure that the scope of risk management is no longer a technical role but rather a component of strategic planning. Moreover, the organisational culture, which enables open communication, assists in the proper management of the risks to guarantee that the stakeholders are informed and aligned with the project objectives (Venkatesh & Shankar, 2018).
This analysis has also substantiated that risk management models, specifically, ERM and RAROC, have remarkable impacts on decision-making in different phases of the project lifecycle undertakings in high-risk areas of construction, IT, and finance. These frameworks, combined with transformational leadership and a conducive organisational culture, are very important in making sure that the risks are handled in a proactive manner, which results in more successful decision outcomes and increased project performance.
Contribution of the Study
The research contributes substantially to the scholarly research on risk management and decision-making of projects in the private sector, especially high-risk sectors such as construction, IT and finance. Among the contributions, one can also point out the focus on incorporating risk management frameworks (including ERM and RAROC) within the scope of real-time decision-making, which is an aspect that has not been deeply examined within the current literature. Although the prior investigations mostly featured the theoretical characteristics of the risk identification and assessment, the proposed study dwells upon the manner in which these frameworks are proactively supported in making decisions at different project lifecycle phases, such as initiation, planning, and execution (Hillson, 2017; Mikes & Kaplan, 2015).
More than that, the study advances the knowledge about the organisational culture and leadership role to incorporate just the risk management effectively in the decision-making process, and this contribution provides the literature with a behavioural and organisational facet. Although the previous research has covered the risk management concept technically, the current work illuminates how the leadership style, especially the transformational leadership concept, affects the adoption and integration of the risk management practices in the decision-making processes (Venkatesh and Shankar, 2018; Hillson and Simon, 2021).
The research also contributes to the body of knowledge by exploring sector-specific risk management practices, which will provide an idea of how some industries, such as construction, have specific problems that necessitate risk management strategies. This industry-based concentration has not been researched in past literature, particularly regarding decision-making and its incorporation with risk management (Olawale and Sun, 2021).
Conclusion
Conclusively, this chapter has reported the results of the research, where the major contribution of risk management frameworks to better decision-making in the different phases of the project lifecycle is brought out. The paper has highlighted the role of leadership and organisational culture in the assimilation of risk management across strategic decision-making. Although the results provided valuable information in the academic literature and practice in the industry, the drawbacks of using secondary information and the focus on specific industries were noted. The next chapter will highlight a summary of the study and give recommendations on the basis of the findings, and also suggest the course of future research.