Knowledge Risk Management: From Theory to Praxis (Management for Professionals) 9783030351205, 3030351203

Table of contents :
Preface
Introduction
Outline
Structure of the Book
Part I
Part II
Part III
Part IV
Part V
Conclusion
Contents
Editors and Contributors
Knowledge Risk Management—State of Research
1 Knowledge Risk Management—State of Research
Abstract
1 Introduction
2 Risks
3 Knowledge Risks
4 Risk Management and Knowledge Risk Management
5 The Current Body of Knowledge Regarding KRM
6 Conclusion
References
Knowledge Risk Management in Private Organizations
2 Knowledge Risk Management in Companies Offering Knowledge-Intensive Business Services
Abstract
1 Introduction
2 Knowledge Risks and Their Management
3 Methodology and Research Questions
4 Research Results
5 Concluding Remarks
Acknowledgements
References
3 Toyota Kata Approach—A Way to Mitigate Knowledge Risks in Start-Ups
Abstract
1 Introduction
2 Theoretical Background
2.1 Knowledge Management
2.2 Knowledge Risk Management
2.3 The Toyota Kata Concept
2.3.1 The Improvement Kata—a Standard of How to Develop a Continuous Improvement Capability Systematically
2.3.2 The Coaching Kata
3 Methodology
4 Results
4.1 First Kata Cycle
4.2 Second Kata Cycle
4.3 Third Kata Cycle
4.4 Fourth Kata Cycle
5 Final Thoughts
References
4 Knowledge Risk Management in Two-Tier HRM Structures
Abstract
1 Introduction
2 Theoretical Support
2.1 Knowledge Risk Management
2.2 Two-Tier HRM Structures
2.3 The Areas and Types of Knowledge Risk and Management Strategies in Two-Tier HRM Structures
2.3.1 Knowledge Risk Areas Framework
2.3.2 Customer-Related Knowledge Risk
2.3.3 Knowledge Risk Taxonomy
2.3.4 Knowledge Risk Management Strategies
3 Research Method
4 Results
4.1 The Consciousness About the Effects of Two-Tiered HRM Structures on Knowledge Risks
4.2 Areas of Knowledge Risks
4.3 Types of Knowledge Risk
5 Discussion and Conclusion
5.1 Theoretical Implications, Limitations and Recommendations
5.2 Managerial Implications Checklist
References
5 Practical Aspects of Knowledge Risk Management in Corporate Finance for Family Firms
Abstract
1 Introduction
2 Financing Processes in Family Firms
2.1 The Definition of a Family Firm
2.2 The Finance Function Within the Family Firm
2.3 The Financing Process in Family Firms
3 Critical Knowledge Risk Factors and Their Practical Impact in a Financing Process
3.1 Internal Knowledge Risks
3.1.1 Knowledge Attrition
3.1.2 Knowledge Waste
3.1.3 Knowledge Hoarding and Knowledge Hiding
3.1.4 Unlearning and Forgetting
3.1.5 Knowledge Gaps
3.2 External Knowledge Risks
3.2.1 Knowledge Leakage
3.2.2 Knowledge Spillover
3.3 Intersectional Knowledge Risks
3.3.1 Knowledge Outsourcing Risks
3.3.2 Knowledge Loss
4 Knowledge Risk Mitigation Management for Financing Processes
4.1 The Concept
4.2 The Framework
4.2.1 People
4.2.2 Management
4.2.3 Governance
4.2.4 Infrastructure
5 Framework Overview
6 Conclusion
References
Knowledge Risk Management in Public Organizations
6 Knowledge Risk Management for State-Owned Enterprises-Indian Scenario
Abstract
1 Introduction
2 Knowledge Management (KM) in the State-Owned Enterprises
2.1 Knowledge Management (KM) in the SoEs—Generic Framework
2.1.1 Need for a Generic Framework
2.1.2 Elements of an SoE KM Framework
People
Process
Technology
2.1.3 Global Examples—Asian
2.1.4 Local Examples—Indian
3 Knowledge Management Risks
3.1 Risk of Failure
3.2 Creation of Silos Within the Organization
3.3 Reluctance to Embrace New Technologies
3.4 Overdependence on Consultants for Driving Improvements
3.5 Long Learning Curve of New Employees
3.6 Culture of Knowledge Hoarding
3.7 Performance Gaps Across Units Within Same Organization (Resulting in Opportunity Loss)
4 Dimensions for Enhanced Sustainability of KM
4.1 Intra-organizational and Inter-organizational Mentoring as a Tool for Transfer of Knowledge
4.2 Benchmarking
4.3 Inter-organizational Projects Influencing KM
4.4 Employee Alumni as a KM Tool
5 Conclusion
References
7 Knowledge Communication and Communication Risks in Healthcare—Professional Amateur Patients with Thyroid Disease Show the Way
Abstract
1 Introduction
2 The Frame of Reference
3 Methodology
4 Findings and Discussion
5 Conclusions, Implications, and Suggestions for Future Research
References
8 Blockchain: A New Disruptive Innovation for Knowledge Risk Management
Abstract
1 Introduction
2 How Blockchain Works
3 Knowledge Risk Management
4 Knowledge Acquisition
5 Knowledge Transfer
6 Knowledge Integration
7 Conclusion
References
Interviews
Knowledge Risk Management in Different Sectors/Industries/Business Functions
9 An Integrated Research Methodology to Identify and Assess Knowledge Risk in a Corporation with Application to a Financial Institution
Abstract
1 Introduction
2 Related Background
3 Objectives of the Chapter
4 Research Methodology
4.1 Overview of Methodology
4.2 Construction of Knowledge Risk Assessment Model
4.2.1 Structure of the Model
4.2.2 Construction Methods
Reasons for Selecting Semi-structured Interview
Interview Guide
Data Sampling Method
4.3 Knowledge Risk Assessment Methods
4.3.1 Basic Rating Process
Survey Approach
Risk Scoring
4.3.2 Evidential Reasoning-Based Enhanced Rating Process
Structured Interview
Evidential Reasoning Approach
More Concepts About the Evidential Reasoning Approach
Risk Scoring Using Evidential Reasoning Approach
5 A Hypothetical Evidential Reasoning Approach Example
6 Conclusions and Future Work
Acknowledgements
References
10 Knowledge Risk Management in German Leasing Companies
Abstract
1 Introduction
2 Theoretical Background
2.1 Definition of Selected Knowledge Risks
2.2 Impact of Knowledge Risks
3 Methodology
3.1 Reasons for Applying Qualitative Research
3.2 Sample Selection
4 Research on Enterprise-Wide Risk Management in the Leasing Industry
4.1 Development of a Framework in Enterprise Risk Management (ERM)
4.2 Status Quo of Risk Management
5 Consideration of Knowledge Risks
6 Framework on Knowledge Risk Management (KRM) for Leasing Firms
7 Self-assessment on KRM
8 Conclusion
References
11 Port Knowledge Risk Management
Abstract
1 Introduction
2 Literature Review
3 Quantitative Analysis Methods for Knowledge Risk: Fault Tree
4 Quantitative Analysis Methods for Knowledge Risk: Event Tree
5 Steps in Knowledge Risk Management
6 Conclusion
References
12 Knowledge Risk Management During Implementation of Open Innovation
Abstract
1 Introduction
2 Creation of Successful Open Innovation Environments for Companies
3 Archetypes of Open Innovation
3.1 Outside-In Process
3.2 Inside-Out Process
3.3 Coupled Process
4 The Positive Implication of Open Innovation
5 Knowledge and Risk Management in Open Innovation Ecosystem
5.1 Managing Risks for Outside-In Open Innovation
5.2 Managing Risks with Inside-Out Open Innovation
5.3 Managing Risks with Coupled Innovation
6 Discussion and Conclusion
References
13 Handling Knowledge Risk Management Supported by ISO Standards
Abstract
1 Introduction
1.1 Knowledge, Knowledge Management and Knowledge Management System
2 ISO 30401 Knowledge Management System—Requirements
3 ISO 31000 Risk Management—Guidelines
3.1 Establishing the Framework
3.2 Establishing the Process
3.3 Implementing and Executing the RM Loop
3.4 Defining Knowledge Risk
4 The Road Map for the Management of Knowledge Risk
4.1 Knowledge Loss
4.2 Knowledge Spillover
4.3 Knowledge Waste
4.4 Knowledge Forgetting
4.5 Knowledge Outsourcing
4.6 The Road Map
5 Conclusion
References
Conclusions and Outlook
14 Conclusions and Outlook
Abstract
1 Conclusions
2 Avenues for Further Research
Index

Citation preview

Management for Professionals

Susanne Durst Thomas Henschel Editors

Knowledge Risk Management From Theory to Praxis

Management for Professionals

The Springer series Management for Professionals comprises high-level business and management books for executives. The authors are experienced business professionals and renowned professors who combine scientific background, best practice, and entrepreneurial vision to provide powerful insights into how to achieve business excellence.

More information about this series at http://www.springer.com/series/10101

Susanne Durst
Thomas Henschel Editors

Knowledge Risk Management From Theory to Praxis

123

Editors Susanne Durst Department of Business Administration Tallinn University of Technology Tallinn, Estonia

Thomas Henschel Faculty of Business and Law Hochschule für Technik und Wirtschaft Berlin, Germany

Supplementary Materials for this title will be found on http://www.wee-consult.de/knowledgeriskmanagement. ISSN 2192-8096 ISSN 2192-810X (electronic) Management for Professionals ISBN 978-3-030-35120-5 ISBN 978-3-030-35121-2 (eBook) https://doi.org/10.1007/978-3-030-35121-2 © Springer Nature Switzerland AG 2020 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations. This Springer imprint is published by the registered company Springer Nature Switzerland AG The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland

To Guido Susanne Durst To Hannah, Helena, and Halvar Thomas Henschel

Preface

Knowledge risk management has emerged as an area of attracting increasing interest in the literature and practice as well. In the past decades, the risk was shown to be an inescapable reality of modern business. Until very recently, systematic research into knowledge risk management has been very dense. This book will address these shortcomings and provides a detailed analysis of the main barriers in developing effective knowledge risk management systems in public and private organizations. This book consists of fourteen chapters, identifies the major elements for the successful development of a knowledge risk management framework and provides researchers and practitioners with insights on how to introduce an effective knowledge risk management. Risk management is a relatively well-established research topic, but this book is unusual in its focus on the integration of knowledge risks into the holistic risk management of organizations. We hope you will enjoy reading the book as much as we have enjoyed reading the individual chapters of this book. We like to thank our universities that made possible this project. In particular, we would like to thank the research assistant Raphael Klei for his technical support in this project. Tallinn, Estonia Berlin, Germany

Prof. Susanne Durst Prof. Thomas Henschel

vii

Introduction

Outline This book aims to shed light on the interplay between risk management and knowledge management issues. The study of knowledge risk management or risks related to knowledge, in general, is still in its infancy, which is surprising against the strategic importance that is assigned to knowledge and means a clear contrast to the study of risk management. By bringing together a number of selected experts from academia and practice, the book will provide an in-depth introduction to knowledge risk management, methods and cases as to how to address risk management against the background of the increasing number of knowledge risks. Thereby, the book will not be limited to a specific type of organization or sector but will cover small and large companies, the public sector as well as different sectors. This approach will provide the readers with a unique mutual comparative research and learning opportunity.

Structure of the Book Throughout the book, readers will obtain a broad overview of the knowledge risk management concept and its possible application in theory and practice. Recent research will be presented by international researchers and practitioners in the field, which will help readers to develop and/or expand their understanding of this emerging phenomenon. The broad approach taken in this book can also support in broadening, even changing, the mindset regarding the topic under investigation and its application. Thereby, this book places a focus on knowledge risk management applications in both private and public organizations. In order to achieve the above-mentioned, the book consists of 14 chapters that are divided into four parts. The idea behind Part I is to introduce the main concept of knowledge risk management and its interplay with traditional risk management. This is followed by Part II, which provides empirical research insights into the application of knowledge

ix

x

Introduction

risk management in private organizations. In Part III of the book, the use of knowledge risk management in public organizations will be presented. Part IV deals with the application of knowledge risk management in different business sectors. The book concludes with Part V, which addresses promising future avenues regarding the study of knowledge risk management in private and public organizations. In the following, the content of the individual chapters is briefly highlighted.

Part I In Chap. 1, “Knowledge Risk Management—State of Research”, Susanne Durst and Thomas Henschel introduces the readers to the concept of knowledge risk management, its theoretical foundations and linkage to risk management in general. It also provides a short account of the research undertaken in this area so far.

Part II Malgorzata Zieba continues with Chap. 2, “Knowledge Risk Management in Companies Offering Knowledge-Intensive Business Services”, in which she presents how small knowledge-intensive business services from Poland can use knowledge risk management as a way to become more collaborative and competitive in knowledge-intensive business sectors. Helio Aisenberg Ferenhof presents in Chap. 3 “Toyota Kata Approach—A Way to Mitigate Knowledge Risks in Start-Ups”, an approach to how Brazilian start-ups can easily identify and assess the relevant knowledge risks with the application of the “Toyota Kata” method. Muhammad Shujahat and colleagues give in Chap. 4, “Knowledge Risk Management in Two-Tier HRM Structures”, an introduction to how knowledge risks can be handled in human resource management in Pakistani banks. This part commences with Chap. 5, “Practical Aspects of Knowledge Risk Management in Corporate Finance for Family Firms”, by Mark Hill. The chapter shows how German family firms can systematically handle the knowledge risks in their financing processes.

Part III Next, turning to the public sector, in Chap. 6 “Knowledge Risk Management for State-Owned Enterprises-Indian Scenario”, Sanjay Kumar focuses on the theoretical side of knowledge risk management, in particular, the application of this concept in state-owned organizations using examples from India and Asia.

Introduction

xi

Chapter 7, “Knowledge Communication and Communication Risks in Healthcare—Professional Amateur Patients with Thyroid Disease Show the Way”, by Pia Ulvenblad focuses on the successful handling of knowledge risks in the healthcare sector. By using data from Sweden, the author highlights the importance of sound risk communication to successfully implement knowledge risk management in health care. Ethem Ilbiz in Chap. 8, “Blockchain: A New Disruptive Innovation for Knowledge Risk Management”, proposes a framework that shows how companies interested in adopting blockchain can mitigate their knowledge risks whilst adopting and maintaining blockchain operations. The author highlights, in particular, the need for developing a KRM capacity or improving it respectively.

Part IV By focusing on the financial sector, Haley Wing Chi Tsang and Wing Bun Lee, in Chap. 9, “An Integrated Research Methodology to Identify and Assess Knowledge Risk in a Corporation with Application to a Financial Institution”, propose a new and comprehensive methodology showing how financial institutions can evaluate and mitigate their relevant knowledge risks. In Chap. 10, “Knowledge Risk Management in German Leasing Companies”, Christian Glaser presents a practical framework for implementing knowledge risk management in leasing firms. This framework can be used by small and large leasing firms. Morrison Handley-Schachler, in Chap. 11, “Port Knowledge Risk Management” provides insights into typical knowledge risks of ports and presents useful tools to mitigate them. In Chap. 12, “Knowledge Risk Management During Implementation of Open Innovation”, Serdal Temel and Wim Vanhaverbeke highlight the inevitable knowledge risks that companies face when implementing open innovation. The chapter provides some tools for better managing open innovation-related knowledge risks. This will be round up with Chap. 13, “Handling Knowledge Risk Management Supported by ISO Standards”. Frank Herdmann shows how the guidelines from the International Standard Organization can support knowledge risk management activities in private and public organizations.

Part V In the final and concluding Chap. 14 “Conclusions and Outlook”, Susanne Durst and Thomas Henschel present a number of promising future research directions for the study of knowledge risk management.

xii

Introduction

Conclusion In sum, we are very proud of having produced a book that targets readers from different levels, students to professors and staff to managers. We are convinced that they all will find this book a useful aid during their daily work dedicated to enhancing the long-term success of organizations. Finally, and yet importantly, we hope that this book will also encourage researchers for entering into more rigour research projects on knowledge risk management.

Contents

Knowledge Risk Management—State of Research Knowledge Risk Management—State of Research . . . . . . . . . . . . . . . . . Susanne Durst and Thomas Henschel

3

Knowledge Risk Management in Private Organizations Knowledge Risk Management in Companies Offering Knowledge-Intensive Business Services . . . . . . . . . . . . . . . . . . . . . . . . . . Malgorzata Zieba

13

Toyota Kata Approach—A Way to Mitigate Knowledge Risks in Start-Ups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Helio Aisenberg Ferenhof

33

Knowledge Risk Management in Two-Tier HRM Structures . . . . . . . . . M. Shujahat, A. Akhtar, F. Nawaz, M. Wang and M. S. Sumbal Practical Aspects of Knowledge Risk Management in Corporate Finance for Family Firms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mark Hill

49

69

Knowledge Risk Management in Public Organizations Knowledge Risk Management for State-Owned Enterprises-Indian Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Sanjay Kumar

89

Knowledge Communication and Communication Risks in Healthcare—Professional Amateur Patients with Thyroid Disease Show the Way . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 Pia Ulvenblad Blockchain: A New Disruptive Innovation for Knowledge Risk Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 Ethem Ilbiz

xiii

xiv

Contents

Knowledge Risk Management in Different Sectors/Industries/Business Functions An Integrated Research Methodology to Identify and Assess Knowledge Risk in a Corporation with Application to a Financial Institution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135 Haley Wing Chi Tsang and Wing Bun Lee Knowledge Risk Management in German Leasing Companies . . . . . . . . 159 Christian Glaser Port Knowledge Risk Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 Morrison Handley-Schachler Knowledge Risk Management During Implementation of Open Innovation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 Serdal Temel and Wim Vanhaverbeke Handling Knowledge Risk Management Supported by ISO Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229 Frank Herdmann Conclusions and Outlook Conclusions and Outlook . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255 Susanne Durst and Thomas Henschel Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

Editors and Contributors

About the Editors Susanne Durst is Full Professor of Management at the Department of Business Administration at Tallinn University of Technology (Estonia). Her research interests include small business management, SME succession/transfers, knowledge (risk) management and corporate governance. She has been conducting several national and international research projects. Her work has been awarded different awards and has been published in international peer-reviewed journals. Before joining academia, she worked with private enterprises. Thomas Henschel is Professor in Management Accounting in the Business School, Hochschule für Technik und Wirtschaft Berlin. He has held visiting positions at universities in Sweden and the UK. His research and teaching are in the areas of cost accounting and corporate governance. His specific research interests are in the areas of risk management and crisis management in small- and medium-sized enterprises. He has published widely in academic journals and serves on the editorial board of the Journal of International Business and Economic Affairs.

Contributors A. Akhtar The Department of Management Sciences, COMSATS University Islamabad, Attock Campus, Attock, Pakistan Susanne Durst Department of Business Administration, Tallinn University of Technology, Tallinn, Estonia Helio Aisenberg Ferenhof Federal University of Santa Catarina, Santa Catarina, Brazil Christian Glaser University of Portsmouth, Portsmouth, UK

xv

xvi

Editors and Contributors

Morrison Handley-Schachler Edinburgh Napier University Business School, Edinburgh, UK Thomas Henschel Hochschule für Technik und Wirtschaft Berlin, Berlin, Germany Frank Herdmann Auxilium Management Service, Berlin, Germany Mark Hill KPMG AG Wirtschaftsprüfungsgesellschaft, Frankfurt am Main, Germany Ethem Ilbiz Visiting Research Fellow, International Centre for Policing and Security, University of South Wales, Maltepe, Istanbul, Turkey Sanjay Kumar Director (Personnel), Western Coalfields Ltd., Nagpur, Maharashtra, India Wing Bun Lee Department of Industrial and Systems Engineering, Knowledge Management and Innovation Research Centre, The Hong Kong Polytechnic University, Kowloon, Hong Kong F. Nawaz The Department of Management Sciences, COMSATS University Islamabad, Attock Campus, Attock, Pakistan M. Shujahat KM&EL Lab, Faculty of Education, The University of Hong Kong, Pokfulam Road, Hong Kong M. S. Sumbal NUST Business School, National University of Sciences & Technology, Islamabad, Pakistan Serdal Temel Ege University, Izmir, Turkey Haley Wing Chi Tsang Department of Industrial and Systems Engineering, Knowledge Management and Innovation Research Centre, The Hong Kong Polytechnic University, Kowloon, Hong Kong Pia Ulvenblad Halmstad University, Halmstad, Sweden Wim Vanhaverbeke Surrey Business School, Guildford, UK; ESADE Business School, Barcelona, Spain M. Wang KM&EL Lab, Faculty of Education, The University of Hong Kong, Pokfulam Road, Hong Kong Malgorzata Zieba Gdansk University of Technology, Gdansk, Poland

Knowledge Risk Management—State of Research

Knowledge Risk Management—State of Research Susanne Durst and Thomas Henschel

Abstract

The aim of this chapter is to set the frame for the book’s topic, namely knowledge risk management. In order to do so, the chapter starts broadly and introduces the topics of risks and risk management and knowledge risks and knowledge risk management, respectively. This is followed by a brief summary of the current body of knowledge with regard to knowledge risk management from a research point of view. The outcome shows that there is a clear need for more systematic research; thus, this chapter opens the door for the subsequent chapters presented in this book and intended to further our understanding of knowledge risk management. Keywords

Risks

1


Knowledge risks
Knowledge risk management
Risk management

Introduction

This chapter is a general introduction to the topic which provides the background to the book. This chapter provides an overview of the relevant terms and explores the meaning, concept and scope of knowledge risk management. There is no single S. Durst (&) Department of Business Administration, Tallinn University of Technology, Ehitajate Tee 5, 19086 Tallinn, Estonia e-mail: [email protected] T. Henschel Hochschule für Technik und Wirtschaft Berlin, Treskowallee 8, 10318 Berlin, Germany © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_1

3

4

S. Durst and T. Henschel

definition of the concept of knowledge risk management or one right way to pursue the concept, and the book is designed to help you think strategically rather than to provide specific plans to suit particular situations. It considers the whole concept of knowledge risk management and its importance within organizations and the economy in general.

2

Risks

People have actively managed risks for centuries. However, it was mainly in the last century that they increased their efforts in systematically understanding and mitigating past events as well as their attempts to shape the future (Mohun 2016; Vasvári 2015). The knowledge has been turned into science related to decision-making (Myšková and Doupalová 2015). Despite the long existence and management of risk, there is no single definition in the discipline of management studies. However, there is agreement that risk is mainly something negative; therefore, it is closely related to the idea of uncertain developments (Henschel and Heinze 2018), and the different definitions of the term risk are very diverse. They range from quantifiable or measurable uncertainty (Knight 1921) to complex measures of risk such as “speculative risk” (Leitner 1915). Risk in a wide definition describes uncertain future events. They can be positive as well as negative (Brustbauer 2016). According to the definition of the ISO 31000: 2018 standard, the risk is “the effect of uncertainty on objectives” (ISO 2018). Risk according to this definition is not just limited to harmful events, but it focuses more on the impact of an organization’s objectives (Leitch 2010). Risk in a close definition is mainly seen as financial loss due to uncertainty. Risk and uncertainty are closely connected as the former do not exist without the latter (Hetland 2003). Figure 1 classifies the term risk and presents it in a wide and close definition (Henschel and Heinze 2018; Mowbray et al. 1969; Vasvári 2015). The acceptance of risk is part of every entrepreneurial activity (Henschel and Heinze 2018) and therefore closely connected to decision-making. With regard to the types of risks, firms should focus on both financial and non-financial risks and their management (Henschel and Durst 2016). Currently, it seems that firms prefer

Risk Pure/insurable risk (danger of threats)

Speculative risk Risk in a wide definition (financial gain)

Risk in a close definition (financial loss)

Fig. 1 Classification of the term “risk”. Source Adapted from Glaser (2018), Kless (1998)

Knowledge Risk Management—State of Research

5

to focus on financial risks and thus quantitative approaches to risk management (RM), because of greater experience in dealing with such risks (Louisot 2004). Additionally, risk management should also look into the impact of different sorts of risks on one another (Vargas-Hernández 2011). Managing risks, however, must not mean that business activities are stopped but that they are facilitated in a more manageable and proactive way (Durst and Ferenhof 2016). Recent research also shows an increasing interest in the study of risks related to knowledge and intangibles (e.g. Durst 2013; Durst and Zieba 2018). In considering risk related to tangibles and intangibles, such as knowledge risks, it is expected to have a more balanced and holistic picture of firms’ operations and its risk-bearing capacity (Durst and Zieba 2018).

3

Knowledge Risks

Knowledge risk can be viewed as a measure of the probability and severity of adverse effects of any activities engaging or related somehow to the knowledge that can affect the functioning of an organization on any level (Durst and Zieba 2018). In fact, any organization is exposed to several different knowledge risks. Durst and Zieba (2018) propose a division of knowledge risks into human, technological and operational ones. According to the authors, human knowledge risks refer to an individual and his or her personal, social, cultural and psychological factors. Thus, this knowledge risk dimension addresses issues related to human resources management in particular. An example of this knowledge risk dimension is the risk of knowledge hiding. The next dimension, technological knowledge risks, could be the result of using various technologies, including information and communication technologies (ICTs). Risks assigned to this dimension may also be triggered by the use of old and outdated software and/or hacker attacks. Eventually, the operational dimension of knowledge risks covers all the risks resulting from organizations’ day-to-day operations as well as their overall functioning, e.g. entering into collaborative agreements, outsourcing certain business functions or applying wrong or obsolete knowledge in business operations (Durst and Zieba 2018). Like any risk, knowledge risks should be actively managed, while at the same time acknowledging that not all of them can be eliminated. Moreover, the map proposed by Durst and Zieba (2018) illustrates that knowledge risks should not be addressed in isolation, but one should always have in mind that one knowledge risk is likely to be connected with another knowledge risk. Thus, organizations will need to take an integrative approach.

6

4

S. Durst and T. Henschel

Risk Management and Knowledge Risk Management

The aim of risk management is therefore to control and manage the existing and future risks of a company so that, given reduced risks and continuing opportunities for earnings, the value of a company increases and that there is an assurance that the risk position of a company (i.e. the sum of the risks entered into by a company) does not exceed its risk-bearing capacity (Henschel 2008). The risk-bearing capacity is the ability of the company to bear losses arising from the risks it has entered into without becoming insolvent. Risk management is thus an important aspect of value-based management (Dickinson 2001). It is generally accepted that the RM process basically consists of the following four steps (see Vaughan and Vaughan 2001): Identification of risks Quantification and thus evaluation of risks Management and control of risks Continued reporting on the development of risks. As part of the organization of risk management, the board of directors, therefore, has to set out the basic strategies for risk management and to nominate the personnel in the company to be responsible for the steps outlined above. Over the years, the requirements for risk management approaches have increased significantly and calls for broader more integrative approaches have been made (Bromiley et al. 2015). According to ISO, the purpose of risk management is now “…the creation and protection of value. It improves performance, encourages innovation and supports the achievement of objectives” (ISO 31000:2018). The risk management is seen as an integral part of all organizational activities. Therefore, the term holistic risk management was coined in. However, no general and widely accepted concept for holistic risk management has developed yet (Lundqvist 2015; McShane 2018). There is an agreement in the literature that at least the following aspects should be covered in a holistic risk management system. The first aspect is the continuous monitoring of all sources of risk (Smallman 1996; COSO 2017). The monitoring should span across the entire organization, aimed at identifying possible events that can adversely affect the company such as market, strategic, human, operational, technological and financial risks (Verbano and Venturini 2013). This will try to avoid the so-called silo approach, looking only at easily quantifiable risks which the company is familiar and failing to identify critical factors early enough (McShane 2018). The second aspect is to use a combination of qualitative and quantitative techniques for the risk assessment and risk monitoring to support the identification and management of the critical success factors of an enterprise (Gatzert and Martin 2015; Khan et al. 2016). The third aspect is concerned with organizational learning (Smallman 1996; Lundqvist 2015). As empirical studies have revealed, a

Knowledge Risk Management—State of Research

7

participative leadership style has a positive effect on risk management performance (Sax and Torp 2015). Thus, holistic risk management should include both a holistic, formalized enterprise risk management system and organizational initiatives that enhance the strategic responsiveness through employee involvement (Sax and Torp 2015; Heinze and Henschel 2019). To make this happen, it is important to establish an organizational environment in the company that allows the learning from past errors and disasters and where culture is established in the company that allows for a positive approach to dealing with mistakes and does not punish employees for mistakes. In this vein, proper knowledge management will be an important cornerstone for holistic risk management (Smallman 1996, 1999; Bogodistov and Wohlgemuth 2017). KRM can be defined as a systematic way of applying tools and techniques to identify, analyse and respond to risks associated with the creation, application and retention of organizational knowledge (Durst et al. 2016). Similar to knowledge management, KRM should have a long-term orientation and different KM practices can be expected to support continued risk management of an organization’s knowledge that is up to date and relevant. Durst and Ferenhof (2016) proposed a knowledge risk management process which is composed of four activities. The first activity “risk identification” is designed to continuously detect the risks the organization in question is exposed to, e.g. risk of losing human capital and relational capital due to ownership and/or management succession or risk of unintentionally losing knowledge through conversations with suppliers. This is followed by the activity “qualitative and quantitative analysis” which analyses the risks identified in the previous activity 1 according to their risk level (i.e. the risk’s probability of occurrence). Durst and Ferenhof (2016) further highlight that the people in charge of KRM should be prepared to include measures that are based on a non-monetary denominator as well. Activity number 3 “management and control of the present and future risks” deals with the development and implementation of actions to deal with the critical knowledge risks. This means that the actions behind this item should contribute to a reduction of risk probability. Additionally, it shall guarantee that all actions underway are being executed properly. Eventually, the last activity “continued risk reporting” is about the reporting of the risks identified, the measures taken and the outcomes achieved; thus, it keeps the organization informed about its knowledge risk management activities. Taking into consideration time constraints as well as the intention to produce reports that are actually read and used, according to Durst and Ferenhof (2016), the reports should be short and straightforward but long enough to provide the basis for informed decisions.

5

The Current Body of Knowledge Regarding KRM

The study of KRM or risks related to knowledge is still in its infancy (Massingham 2010; Durst and Zieba 2017; Durst et al. 2019), which is surprising against the strategic importance that is assigned to knowledge (Grant 1996). It also means a

8

S. Durst and T. Henschel

clear contrast to the study of risk management (Alhawari et al. 2012). For example, Durst et al. (2016) conducted a literature review of KRM and identified 24 papers of which the authors assigned 14 papers to the topic frameworks and methodologies. The remaining papers addressed KRM-related issues such as KRM awareness, KRM complexity, KRM identification and classification, KRM strategy, KRM protection and KRM practices. In a more recent paper, Durst (2019) reviewed the extant literature on knowledge risks and related issues. Her study covered 52 papers and were assigned to ten broad subject matters: awareness-raising, conditions for improved KM/KRM, frameworks for improved knowledge risk management, knowledge loss, measurement, relationship between KRM and performance, theory development, tools supporting the dealing with knowledge risks in business operations, trade-off between investment in KRM and benefits, and other types of knowledge risks. The extant body of knowledge clearly shows that there is a strong need for more systematic research on risks related to knowledge and the risk management of these particular risks. And this research should be conducted in all types of organizations and not only in those organizations that have historically invested in risk management due to heavy regulation, such as utilities, banking or insurance. Durst et al. (2019) who examined the effect of KRM on organizational performance showed that public and private organizations can benefit from KRM.

6

Conclusion

The introductory chapter has shown that the management of risks has gained in breadth and depth over the years. Against present and future challenges, all types of organizations are exposed to, and a holistic, integrated and forward-looking risk management has to take account of a different number of traditional risks but also new ones. Many of the present and new risks are knowledge-related underlying the need for more rigour research in this area. The present book addresses this need by emphasizing the relevance of risk management for public and private organizations in general and by raising awareness for risk-related knowledge and in turn the need for new risk management methods, tools and approaches to take advantage of this additional type of risks and leverage their value.

References Alhawari, S., Karadsheh, L., Talet, A. N., & Mansour, E. (2012). Knowledge-based risk management framework for information technology project. International Journal of Information Management, 32(1), 50–65. https://doi.org/10.1016/j.ijinfomgt.2011.07.002. Bogodistov, Y., & Wohlgemuth, V. (2017). Enterprise risk management: A capability-based perspective. Journal of Risk Finance, 18(3), 234–251. https://doi.org/10.1108/JFR-10-20160131. Bromiley, P., McShane, M., Nair, A., & Rustambekov, E. (2015). Enterprise risk management: Review, critique, and research directions. Long Range Planning, 48(4), 265–276.

Knowledge Risk Management—State of Research

9

Brustbauer, J. (2016). Enterprise risk management in SMEs: Towards a structural model. International Small Business Journal, 34(1), 70–85. https://doi.org/10.1177/026624261454 2853. Committee of Sponsoring Organizations of the Treadway Commission (COSO). (2017). Enterprise risk management—integrating with strategy and performance. Retrieved 22.11.2018 https:// www.coso.org/Documents/2017-COSO-ERM-Integrating-with-Strategy-and-PerformanceExecutive-Summary.pdf. Dickinson, G. (2001). Enterprise risk management: Its origins and conceptual foundation. The Geneva Papers on Risk and Insurance, 26(3), 360–366. Durst, S. (2019). How far have we come with the study of knowledge risks? VINE Journal of Information and Knowledge Management Systems. https://doi.org/10.1108/VJIKMS-10-20180087. Durst, S. (2013). An exploratory study of intangibles risk disclosure in annual reports of banking companies from the UK, US, Germany and Italy—Some descriptive insights. Financial Reporting (Vol. 1, pp. 81–120); Durst, S. (2012). Innovation and intellectual capital (risk) management in small and medium-sized enterprises. International Journal of Transitions and Innovation Systems, 2(3/4), 233–246. Durst, S., & Ferenhof, H. A. (2016) Knowledge risk management in turbulent times. In K. North, & G. Varvakis (Eds.), Competitive strategies for small and medium enterprises increasing crisis resilience, agility and innovation in turbulent times (pp. 195–209). Springer International Publishing, Cham. Durst, S., & Zieba, M. (2018). Mapping knowledge risks: Towards a better understanding of knowledge management. Knowledge Management Research & Practice. https://doi.org/10. 1080/14778238.2018.1538603. Durst, S., & Zieba, M. (2017). Knowledge risks—towards a taxonomy. International Journal of Business Environment, 9(1), 51–63. Durst, S., Bruns, G., & Henschel, T. (2016). The management of knowledge risks: What do we really know? International Journal of Knowledge and Systems Science (IJKSS), 7(3), 19–29. Durst, S., Hinteregger, C., & Zieba, M. (2019). The linkage between knowledge risk management and organizational performance. Journal of Business Research, 105, 1–10. https://doi.org/10. 1016/j.jbusres.2019.08.002. Gatzert, N., & Martin, M. (2015). Determinants and value of enterprise risk management: empirical evidence from the literature. Risk Management and Insurance Review, 18(1), 29–53. Glaser, C. (2018). Risikomanagement im Leasing: Grundlagen, rechtlicher Rahmen und praktische Umsetzung (2nd ed.). Wiesbaden: Springer Gabler. Grant, R. M. (1996). Toward a knowledge-based theory of the firm. Strategic Management Journal, 17, 109–122. Heinze, I., & Henschel, T. (2019). Risk(ing) sophistication: Towards a structural equation model for risk management in small and medium-sized enterprises. International Journal of Entrepreneurship and Small Business, in press. Henschel, T. (2008). Risk management practices of SMEs: Evaluating and implementing effective risk management systems. Berlin: Erich Schmidt. Henschel, T., & Durst, S. (2016). Risk management in Scottish, Chinese and German small and medium-sized enterprises: A country comparison. International Journal of Entrepreneurship and Small Business, 29(1), 112–132. https://doi.org/10.1504/IJESB.2016.078048. Henschel, T., & Heinze, I. (2018). Governance, risk and compliance. In W. Schmeisser, Becker, W., Beckmann, M., Brem, A., Eckstein, P., & Hartmann, M. (Eds.), Neue Betriebswirtschaft. Theorien, Methoden, Geschäftsfelder. UVK Publishing, München (pp. 339–370). Hetland, P. W. (2003). Chapter eight uncertainty management. In N. J. Smith (Ed.), Appraisal, risk and uncertainty: Construction management series (pp. 59–88). London: Thomas Telford. ISO 31000. International Organisation of Standardisation. (2018). Principles and generic guidelines on risk management. Retrieved 22.11.2018 https://www.iso.org/standard/43170. html.

10

S. Durst and T. Henschel

Khan, M. J., Hussain, D., & Mehmood, W. (2016). Why do firms adopt enterprise risk management (ERM)? Empirical evidence from France. Management Decision, 54(8), 1886– 1907. Kless, T. (1998). Beherrschung der Unternehmensrisiken: Aufgaben und Prozesse eines Risikomanagements. Deutsches Steuerrecht, 36(3), 93–96. Knight, F. H. (1921). Risk, uncertainty and profit. New York: Hart, Schaffner and Marx. Leitner, F. (1915). Die Unternehmensrisiken—Einzelwirtschaftliche Abhandlungen, Heft 3. Berlin: Friedrich Reimer. Leitch, M. (2010). ISO 31000: 2009—the new international standard on risk management. Risk Analysis, 30(6), 887–892. Louisot, J.-P. (2004). Managing intangible asset risks: Reputation and strategic redeployment planning’. Risk Management: An International Journal, 6(3), 35–50. Lundqvist, S. A. (2015). Why firms implement risk governance—stepping beyond traditional risk management to enterprise risk management. Journal of Accounting and Public Policy, 34(5), 441–466. https://doi.org/10.1016/j.jaccpubpol.2015.05.002. Massingham, P. (2010). Knowledge risk management: A framework. Journal of Knowledge Management, 14(3), 464–485. McShane, M. (2018). Enterprise risk management: History and a design science proposal. The Journal of Risk Finance, 19(2), 137–153. https://doi.org/10.1108/JRF-03-2017-0048. Mohun, A. P. (2016). Constructing the history of risk. Foundations, tools, and reasons why. Risikogeschichte: Wie, warum und zu welchem Ende schreiben wir eine Geschichte des Risikos? Historical Social Research, 41, 30–47. https://doi.org/10.12759/hsr.41.2016.1.30-47. Mowbray, A. H., Blanchard, R. H., & Williams, C. A. (1969). Insurance: Its theory and practice in the United States (6th ed.). New York: McGraw-Hill. Myšková, R., & Doupalová, V. (2015). Approach to risk management decision-making in the small business. Procedia Economics and Finance, 34(1), 329–336. Sax, J., & Torp, S. S. (2015). Speak up! Enhancing risk performance with enterprise risk management, leadership style and employee voice. Management Decision, 53(7), 1452–1468. Smallman, C. (1996). Risk and organizational behaviour: A research model. Disaster Prevention and Management, 5(2), 12–26. Smallman, C. (1999). Knowledge management as risk management: A need for open governance? Risk Management, 1(4), 7–20. Vargas-Hernández, J. (2011). Modeling risk and innovation management. ACR, 19(3/4), 45–57. Vaughan, E. J., & Vaughan, T. (2001). Essentials of risk management and insurance. New York, Chichester, Weinheim, Brisbane, Singapore, Toronto, John Wiley & Sons. Verbano, C., & Venturini, K. (2013). Managing risks in SMEs: A literature review and research Agenda. Journal of Technology Management & Innovation, 8(3), 186–197. Vasvári, T. (2015). Risk, risk perception, risk management—a review of the literature. Public Finance Quarterly, 60(1), 29–48.

Knowledge Risk Management in Private Organizations

Knowledge Risk Management in Companies Offering Knowledge-Intensive Business Services Malgorzata Zieba

Abstract

The aim of this chapter is to present and analyze knowledge risks and their management in companies offering knowledge-intensive business services. The chapter illustrates potential knowledge risks, with a special emphasis on risks related to firms offering knowledge-intensive business services, and then discusses the results of a case study research conducted among 13 small KIBS firms from Poland. The study is of a novel character, as there is hardly any study devoted to a plethora of knowledge risks in companies, and therefore, it contributes to the development of the research field of knowledge risks. It also takes a look at the perspective of KIBS firms, which is still an underexplored topic. As the study shows, the most frequently indicated risk was the loss of knowledge associated with the departure of an employee. This result confirms the expectations that for KIBS firms’ human resources are important, and the risks related to them are of special interest. At the same time, leaving employees often supply competitive organizations or even establish their own companies to provide similar services. This is due to a large specialization in a given area of knowledge, necessary to perform tasks at KIBS firms. Other risks identified by the respondents include: problems in communication and knowledge flow, lack of codified/documented knowledge, theft of knowledge (e.g., by competitors), possession of false knowledge or inability to properly use true knowledge (e.g.,

M. Zieba (&) Gdansk University of Technology, ul. Narutowicza 11/12, 80-233, Gdansk, Poland e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_2

13

14

M. Zieba

in the case of clients), contradiction of knowledge obtained from various sources, lack of acquiring knowledge or even disowning by the customer receiving knowledge, aging knowledge, and excess of knowledge. Keywords







Knowledge-intensive business services KIBS Knowledge risk management Knowledge risks

1




Introduction

This chapter presents a case study research of knowledge risk management in small companies offering knowledge-intensive business services (KIBS). Nowadays, knowledge starts to be perceived not only as a source of potential competitive advantage of organizations (Berman et al. 2002; Quintas et al. 1997; Victer 2014), but also as a source of various risks and hazards (Durst and Zieba 2017; Zieba and Durst 2018; Durst et al. 2016; Bratianu 2018; Hurmelinna-laukkanen 2015). On the basis of a systematic literature review devoted to knowledge risks, Durst (2019) stated that “without an understanding of knowledge risks and their possible consequences for both public and private organizations, the specified knowledge strategies and KM approaches cannot be effective.” It seems unquestionable that knowledge risks are paid more and more attention in the literature and they require to be further examined. Knowledge-intensive business service companies are firms whose basic value-added activity consists in the accumulation, creation, and dissemination of knowledge in order to develop such a solution (tailored service or product) that will meet the client’s needs (Bettencourt et al. 2002). Such companies are characterized by the ability to receive information from outside the company and transform this information together with knowledge in the company into specialized services for their clients (Hipp 1999). Knowledge for these companies is an especially significant resource and that is why they should pay attention to its management and protection against various risks. Therefore, the topic of this chapter is devoted to knowledge risk management in this particular type of companies. The remaining part of this chapter is structured as follows. First, a short review of knowledge risks and their management is presented, with a special emphasis on risks particularly valid for KIBS firms. Second, the methodology is described and research questions are formulated. Third, research results are delivered and discussed. Finally, the concluding remarks are provided, together with research limitations and further research avenues.

Knowledge Risk Management in Companies Offering …

2

15

Knowledge Risks and Their Management

The research on knowledge risks and their management is still in its infancy. First of all, there is hardly any definition of knowledge risk available. One of the few definitions was offered by Perrott (2007), who defined a knowledge risk as a likelihood of any loss resulting from the identification, storage, or protection of knowledge that may decrease the operational or strategic benefit of the company (Perrott 2007). Another one was proposed by Zieba and Durst (2018), who stated that “knowledge risk is a measure of the probability and severity of adverse effects of any activities engaging or related somehow to the knowledge that can affect the functioning of an organization on any level” (Zieba and Durst 2018). Knowledge risk is understood in this second way in this chapter. There are also only a few studies available on knowledge risks, and they present only fragmented insights into the topic. For example, there are some studies devoted to knowledge loss (e.g., Durst et al. 2017; Norman 2004; Parise et al. 2006; Schmitt et al. 2012); knowledge leakage (e.g., Ahmad et al. 2014; Annansingh 2012; Mohamed et al. 2007; Parker 2012); knowledge spillovers (e.g., Audretsch and Feldman 2004; Feinberg and Gupta 2004; Fernandes and Ferreira 2013); knowledge hiding (e.g., Arshad and Ismail 2018; Cerne et al. 2014; Connelly et al. 2012; Hernaus et al. 2018; Kumar Jha and Varkkey 2018; Wang et al. 2018), etc. However, there is no study so far related to all the potential knowledge risks faced by knowledge-intensive business services. According to the taxonomy proposed by Zieba and Durst (2018), there are the following categories of knowledge risks: human, technological, and operational. Human knowledge risks relate to an individual’s personal, social, cultural, and psychological factors and human resources management. Technological knowledge risks originate from the application of technologies (also information and communication technologies) and other issues related to technology in general (e.g., hacker attacks). The last category, the operational category of knowledge risks concerns risks that appear as a consequence of everyday operations and functioning of organizations (e.g., cooperation with other entities, outsourcing, basing on wrong knowledge, etc.) (Zieba and Durst 2018). Among human knowledge risks, there are knowledge hiding, knowledge hoarding, unlearning, forgetting, and missing/ inadequate competencies of organizational members; among technological knowledge risks, one can list risks related to cybercrime, old technologies, digitalization, and social media; and finally, among operational knowledge risks, there are knowledge waste, risks related to knowledge gaps, relational risks, knowledge outsourcing risks, risk of using obsolete/unreliable knowledge, risk of improper knowledge application, espionage, continuity risks, communication risks, knowledge acquisition risks, knowledge transfer risk, and Merger and Acquisition risks (Zieba and Durst 2018). Taking into account knowledge and its importance for KIBS firms, which rely on the knowledge and its proper application (Hertog 2000; Miles et al. 1995), some particular knowledge risks might be especially valid for these companies. KIBS

16

M. Zieba

firms are reliant on their employees, who collect, share, disseminate, and generate knowledge, and therefore, it might be expected that human knowledge risks will be of special importance in the case of such firms. Another characteristic feature of KIBS companies is that they create their services in close relation with their customers, who deliver their knowledge for a better realization of the service. This phenomenon can be called co-production, where the customer is engaged in the creation and delivery of service (Ordanini and Pasini 2008). The required level of this co-production is different for various types of KIBS services (Lehrer et al. 2012), but it can cause some potential operational knowledge risks resulting from this cooperation. Among such risks, one can list improper knowledge application or knowledge transfer risk. Finally, as among KIBS firms there are IT companies, it can be expected that for them, technological knowledge risks will be of high importance (e.g., risks related to cybercrime or social media). Some of these risks may have a strategic impact on the KIBS firms, meaning that their occurrence may hinder seriously the functioning of the KIBS firm or even its closure. An example of such a risk might be the loss of reputation for an accounting company, due to a fake news spread in social media.

3

Methodology and Research Questions

The main aim of the presented study was to investigate knowledge risk management practices in companies from the knowledge-intensive business services sector. On the basis of the literature review presented above, the following research questions were formulated: R1. What kind of knowledge risks can be identified in KIBS firms? R2. How do KIBS firms manage the indicated knowledge risks? To answer these research questions, the case study method was applied. This type of methodology is suitable when little is known about the explored area, as is the case for knowledge risks and their management (Durst 2019). Therefore, an inductive methodology involving a multiple case study method seemed to be the best choice (Yin 2009). As indicated in the introduction, small KIBS firms were selected for the study. They were chosen from a database with KIBS firms located in one of the regions in Poland, the Pomerania region. KIBS sector encompasses the following types of economic activities according to the NACE 2.0 classification: 62 —computer programming, consultancy, and related activities; 63—information service activities; 69—professional, scientific, and technical activities; 70—activities of head offices; management consultancy activities; 71—architectural and engineering activities; technical testing and analysis; 72—scientific research and development; and 73—advertising and market research (Schnabl and Zenker 2013). A total of 13 small companies from the KIBS sector were selected for the study, offering various types of services (including consultancy, legal, accounting,

Knowledge Risk Management in Companies Offering …

17

Table 1 Characteristics of the examined companies Firm

Offered services

No. of Date of Person employees establishment interviewed

Firm A

Tax advisory services and accounting and accounting services Advertising services Services for the production of dedicated software Software development and implementation services Advertising services Accounting and accounting and management services Technical design services Technical design services

13

1990

Owner

9 15

2005 2015

Owner Owner

12

1992

Owner

7 7

2006 1999

Owner Manager

20 40

1992 1992

Accounting services 5 Accounting and bookkeeping services 20 Geodetic services (the legal aspect) 6 Geological, geotechnical, and 20 geohydrological services Firm M Advertising services 20 Source Research results

2003 2004 1995 1988

Owner President of the board Owner Manager Owner Technical director Owner

Firm B Firm C Firm D Firm E Firm F Firm G Firm H Firm Firm Firm Firm

I J K L

2007

advertising, surveying, IT, research and development) and employing a diverse number of employees. Detailed characteristics of the sample are presented in Table 1. The structure of the surveyed companies in relation to their size was as follows: five micro-enterprises and eight small companies. It is worth noting that one of the companies (Company H) employed 40 employees, so it approached the size of the medium-sized company. The number of surveyed companies was limited by issues of access to the surveyed entities, available resources, and time for research, although other authors dealing with the area of knowledge management (e.g., Bishop et al. 2008) also studied a similar number of cases. The owners or managers of the surveyed companies were invited to participate in the study because in the case of small enterprises, they are perceived as key informants and a similar approach was applied in research related to knowledge management in this type of companies (Desouza and Awazu 2006; PalaciosMarqués et al. 2013; Wong and Aspinwall 2005). In addition, in the case of smalland medium-sized companies, owners and managers are often well informed in the activities undertaken by employees and the way the organization operates because they themselves take part in the implementation of everyday tasks. As it can be seen in Table 1, in the case of nine companies, the owner took part in the research, in two cases it was the manager, and in the remaining two cases, it was the president

18

M. Zieba

of the board and a technical director. Before each interview, the respondents were presented with the purpose of the research and information about the confidentiality of the collected materials was provided. Before taking part in the study, each of the participants gave a written consent to conduct it and to record the interview (the consent could be revoked at any time during the interview, but none of the respondents took advantage of this possibility). The identity of persons participating in interviews has been coded to preserve the anonymity of the surveyed companies. Afterward, the interviews were accurately recorded, with all the details, such as sighs, repetitions, and exclamations, and also verified with other acquired materials, such as research notes or information taken from the Web sites of the surveyed companies. All these elements allowed the validation of the obtained results (Suter 2011). Interviews lasted from 20 to 60 min—some respondents answered the questions very briefly and did not develop their statements, while others broadened particular topics. The data obtained (from both interviews and from other sources) has been coded and analyzed with the support of quality analysis software (NVIVO 11 Professional). The analysis was carried out on the basis of stages proposed by Creswell (Creswell 2013, pp. 201–205). In the first stage, data for analysis was organized and prepared, namely interviews were transcribed, paper materials were scanned, web pages and social profiles were saved in the PDF version, handwritten notes collected during the research were entered into the computer, and the data was divided them into various categories. In the second stage, all data was reviewed to get a general orientation and extract the common meaning of the information obtained. The third stage involved starting a detailed analysis of the coding process. The research drew on the developed theoretical framework; therefore, in creating the analytical codes, the research questions were raised and the theoretical perspective adopted. Coding was therefore partially closed. At the same time, data that did not match the created codes constituted the basis for creating open codes. After sorting the collected information according to the categories, they were analyzed within particular categories and relations between them. For this purpose, a cross-case analysis technique was selected, organizing data from individual cases according to the same code categories. In the fourth stage, the coding process was used to describe the phenomena analyzed, and in the next one, the manner of presenting the description and thematic ranges was determined. In order to summarize the results obtained and analyzed, it was decided to use tables.

4

Research Results

Respondents were asked about risks related to knowledge and ways of managing them. Considering the significance of knowledge for KIBS companies, they should be aware of the risks involved, and they should try to eliminate them and try to counteract them. The risks associated with knowledge can include, among others: knowledge hiding, knowledge waste, or risks related to the knowledge gap.

Knowledge Risk Management in Companies Offering …

19

The surveyed companies pointed to several different threats related to knowledge. Only one (Firm F) indicated the lack of such threats. The company’s manager said that she does not see the risks associated with knowledge and even distributes knowledge, because thanks to this she knows how others work. It is an interesting attitude to knowledge and knowledge sharing, consistent with the approach presented by the well-known expert on knowledge management, David Gurteen. In his video1 concerning knowledge sharing, he points out that this process is accompanied by trade or exchange of knowledge—if we share our knowledge with someone, we always receive something in return, even if the benefit is not material (e.g., obtaining knowledge from the interlocutor, better understanding of the context of the conversation). Ways of knowledge loss presented by respondents, along with examples and methods of counteracting this phenomenon, are depicted in Table 2. The human factor may be associated with the loss of valuable knowledge held by the employee, which the employee takes with him when he or she leaves, and may also mean the loss of secret knowledge about customers (e.g., in the case of Firm I). The owner of Firm A (similarly to the respondent from Firm E) pointed to good possibilities of securing knowledge inside the company in terms of technical aspects (data security issues, used IT solutions, etc.), but as a problem perceives the human factor—the company experienced the loss of two employees that not only went away, taking away key knowledge, but also set up a competitive company. A similar situation took place in the case of Firm J—people who left it also run similar activities. One of the reasons for this is that employees of KIBS often have to have certain specific knowledge or must be trained to do their job well. This specialist knowledge is useful for starting their own business after leaving KIBS or performing duties at a competitive company. The problem of an employee leaving a KIBS firm is the more severe the smaller the company is. According to the owner of Firm B, in the case of small team size, the departure of each person disrupts the work. The threat of loss of an employee is a matter of not only losing his knowledge but also the temporary loss of the ability to carry out tasks or orders and the need to find (and often train) a new person. Although many companies are aware of the risk of losing knowledge due to the loss of an employee, there are not many ways to deal with this situation (the exception is Firm H). In addition, the need to specialize in a specific area, necessary to provide KIBS services, makes working in another area difficult and requires learning new things. Employees who leave a KIBS firm have such specialized and often niche knowledge that it may be difficult for them to use it somewhere else than in a company offering KIBS services. This is confirmed by the manager of Firm J, who believes that signing a loyalty agreement with an employee prohibiting him from working in the same profession is unfair.

1

David Gurteen, We do not share our knowledge—we trade it, https://youtu.be/m3x5LbMCLOA (access date: 12.03.2018).

20

M. Zieba

Table 2 Knowledge loss and ways of eliminating it indicated by KIBS firms Code

Quotation

Knowledge loss

“Unfortunately, we had a case two years ago, that two employees decided, behind our back, to set up a company - accounting office and then some clients were convinced by them to go to them and then the clients told us. They terminated the contract as if for family and health reasons. Then it turned out by chance that they work somewhere else”. [Firm A] “The risk of losing knowledge is very large. Then the process of introducing a new person, training. This is a small company, so any loss of any element of the team leads to work disruption”. [Firm B] “The biggest problem is that knowledge is not spread in the company, only in the head of one or two people. I have experienced this many times that a key person was leaving. This is a difficult moment. I would like to point out that this may be knowledge about this project, e.g. That means that we are implementing a project that is specific to a client and satisfies his needs, then there must always be a person in our company who understands our client’s business, how this system should work, etc, etc. (…) Now the moment when the key person from the project leaves. Even if it goes away with a fairly long period of notice, let it be up to three months, it will never pass that knowledge on. Why? Because she is the only person in this project and she still has to lead the project, and that’s not enough it’s not that she can give this knowledge to anyone. It must be a person who has similar competences to her. Well, this is a very big risk”. [Firm C] “There is a risk that with this size of organization there are people who have a certain key knowledge. There is not always time and the possibility to disseminate it [knowledge]. There is also some specialization narrow, that someone specializes in something, and other people do other things. In this respect, there is some danger for sure”. [Firm D] “Sometimes someone decides to leave. Almost all those who have separated from us currently operate in a similar profile. (…) So that unfortunately we had to deal with it. The last such case was 3 years ago, but from now on, fortunately, the market is so big that all these companies will find a place for themselves. (…) Unfortunately, this knowledge [specialist] departs with trained people, but it cannot be avoided. Because in order to do their job well, employees must be well trained, they must have the right knowledge to be able to help their clients”. [Firm J] “For us, this is not a problem [leaving of the employee], because we think that we do not associate with the employee forever. Every employee has the right to live as he wants. However, we expect a certain loyalty and honesty, because we also have to provide it to our clients, and it is only in this respect that we look after it very much. If there are any negative experiences, then we draw conclusions and introduce appropriate statements, documents or some restrictions in the system, e.g. information technology, access, etc.”.[Firm A] (continued)

Ways of eliminating knowledge loss

Knowledge Risk Management in Companies Offering …

21

Table 2 (continued) Code

Quotation “Signing loyalty agreements with employees means that the employer must pay for it later. There is no good way to avoid this. It is known that everyone decides what he does with his life, we are also for everyone to develop. We have been working together for quite some time here with this team, but we know sometimes the paths diverge somewhere, we do not have a grudge and we cannot blame ourselves for choosing that one way and not another. And besides, it is very often that as a result of the fact that such a large amount of knowledge has been acquired and this knowledge is that and not the other, this person simply cannot do anything else. At the moment, I think that a loyal girl would be a plunging of such a person here. I understand the ban on working with our clients for some time. However, to prohibit work in the same profession, to prohibit doing the same is a huge injustice”. [Firm J] “At the moment when some go, they take away some part of knowledge, but for some time we have been building a company in such a way that there would be no one-person cells that monopolize knowledge. We always try to ensure that everyone has at least one deputy to go somewhere behind these competences. We started from the competence matrix and on the basis of this competence matrix we saw which competences we lack, which we do not have enough, which are not duplicated, double, and where we noticed problems, we started to build these skills in people who were potentially predisposed to develop in these directions. We also made a career development path, because there was also a problem such that the employees did not really know what was waiting for them, what they could count on and what direction to follow. On the basis of this competence matrix and career development path, we started to prepare a pay grid”. [Firm H]

Source Research results

Firm H was the only company that introduced a number of solutions aimed at preventing loss of knowledge with the departure of an employee. One of them is to ensure that each employee has at least one deputy. The company developed a matrix of employees’ competencies; on this basis, it identified potential gaps in competence and started to build them with employees who showed a predisposition to possess them. Another applied solution was to create a career path through which employees can find out about their chances of promotion in the company and the possibility of increasing their salary. These solutions have meant that the threat of employee loss and knowledge has been minimized. Sometimes the loss of knowledge can be temporary, e.g., in a situation where an employee with relevant knowledge is on sick leave or on vacation. In the absence of more experienced people, those less experienced have problems with the implementation of tasks, resulting from the lack of necessary knowledge. This type of risk related to knowledge results from the difference in the experience of people who work in a given organization. Such cases are indicated by the technical director of the Firm L.

22

M. Zieba

The respondents pointed to several types of knowledge-related risks, such as problems in communication and knowledge flow, lack of documented/codified knowledge, theft of knowledge, false knowledge or inability to properly use knowledge, contradiction of knowledge acquired from various sources, lack of knowledge acquisition by customer/displacement of knowledge, aging of knowledge, and excess of knowledge. Some respondents were able to provide ways to deal with these threats. Both threats and ways of dealing with them were presented using quotes from respondents’ statements in Table 3.

Table 3 Knowledge risks indicated by KIBS firms and ways of handling them Code

Quotation

Problems in communication and the flow of knowledge

“The biggest risk at all and the biggest problem probably in most companies such as ours is communication and knowledge; knowledge does not really flow smoothly from an employee to an employee. We still have accretions from the previous system, where people try to build their positions without sharing knowledge”. [Firm H] “The risk is related to the difference between urgent and important. There is always a discussion between making the project as cheap as possible and the second thing as good as possible. (…) I will give an example now - the cheapest is not to document knowledge. It means assuming that she is in the heads of the right people and she is actually revealed at the right moment (…). I know that this is a wrong assumption, it cannot be done. The most expensive, but perhaps it is best to keep a full documentation, which is updated literally at the end of each day, when something changes. A lot of money, unprofitable projects by definition. IT departments can afford such things in large companies that do not have budget constraints, they are simply kept within a fixed budget. And the challenge that I just see is to find the golden mean to document this knowledge as much as it is needed in this minimal degree. In a way that will allow any person who comes to work or comes to the project, quickly implement and start working”. [Firm C] “Training activities and activities related to creativity are in total two areas where the theft of knowledge occurs very often. That’s why I have a dilemma for some time. What to show on the site, just to not lose it in a moment, because it turns out that someone will pick up this idea, and it will not be my idea for innovation. (…) I for many years collaborated as a creative person with training companies here in the Tri-City and they always had (continued)

No codified/documented knowledge

Theft of knowledge

Knowledge Risk Management in Companies Offering …

23

Table 3 (continued) Code

Possessing false knowledge or inability to properly use true knowledge

Contradiction of knowledge obtained from various sources

Lack of knowledge acquisition by the client/displacement of knowledge

Quotation a problem of this kind, that if they placed an agenda, not even an agenda, only detailed information about some online training, it suddenly turned out to be that competition was able to point almost to the point, so it seems to me that there are types of services where you have to be very careful, because this knowledge can be easily lost. Either it is clever to sneak, just give, throw a hook for a potential customer, and already give the client information, and not to discover completely on the site, because it ends badly”. [Firm M] “It must be remembered that in the era of today’s technology in the last two years, a lot of groups have grown up, even on Facebook, where people answer certain questions for themselves, try to do something. And then we get matters with an even bigger problem. Because someone waited too long before he came to us, because he thought someone would help him, read something somewhere, and tried to deal with it himself, instead of getting professional advice. This then results in the fact that we have more to handle”. [Firm J] “Someone misleads someone and later he calls us, because a friend told me, because you know, I heard that… And then we just have to straighten such a person, that you heard so, it does not mean that it really is. Or that maybe something is, but it is distorted by the other person. But all this results, unfortunately, from the ignorance of these people, and our task is just then to realize what it really looks like”. [Firm J] “Sometimes you have to invest money to find out what others teach, even though we know it is not real. This is the worst thing that the administration often, as we see now, acquires knowledge on a completely scandalous level and according to scandalous rules, but it must be known to understand their motives, otherwise it would be absurd”. [Firm K] “Sometimes knowledge is contradictory. Ladies print, read and do not know what to do. One article says yes, the other is completely different and what to do, then we have to make decisions. It is practically happening”. [Firm A] “I found, after many ailments, that the spoken word does not exist. Simply, the customers then deny that they understood differently and interpreted differently. That they spoke well to us and said badly. And that’s why everything is on the e-mail (continued)

24

M. Zieba

Table 3 (continued) Code

Obsolete knowledge

Excess of knowledge

Quotation route, and more problematic correspondence is printed and put into the customer’s file folder. All of these customer binders are built in the same way: at the beginning they have current documents, then VAT, ZUS cases, insurance matters, VAT correspondence with the tax office, foundations these are such compartments, at the end there is correspondence with our company. And we put in this strategic information there. We sometimes even ask the customer to sign that he knows it and take the copy”. [Firm F] “The problem is that some knowledge is outdated. We already have a new one, we could go for new knowledge, but no one has the time or strength to think about how to implement this knowledge, so we use solutions that we know are already bad or obsolete”. [Firm C] “There is too much knowledge. The point is that this is probably a problem for all, lawyers also, that in Poland, and probably not only in Poland, the number of legal acts that is produced within a year is enormous. No man can even read the titles”. [Firm A] “The problem with the huge amount of information. In the sense that sometimes when you need to decide on the choice of a tool, it suddenly turns out that these solutions, these tools are a whole bunch, and therefore you have to break through, you need to make a decision”. [Firm D]

Source Research results

The owner of Firm H pointed to the first problem—in the communication and flow of knowledge. In his opinion, the problem is hoarding knowledge by employees who do not want to share it because they are afraid of losing their position in the organization. In such cases, knowledge can be perceived as a source of competitive advantage within the organization—the more an employee knows, the better his position and greater chances of maintaining his position. On the other hand, deliberate hiding of knowledge, which colleagues need, can have negative effects not only for those who need knowledge (reducing their creativity and effectiveness), but also for people retaining knowledge (lack of trust and willingness to share knowledge among colleagues) (Cerne et al. 2014; Connelly et al. 2012). Therefore, it is worth creating a climate conducive to the sharing of knowledge among employees, especially in KIBS firms, and eliminating signs of an internal competition encouraging retention of knowledge.

Knowledge Risk Management in Companies Offering …

25

The second risk is the lack of codified/documented knowledge. This risk, according to the owner of Firm C, is associated with a lack of resources and time to document knowledge during the implementation of daily tasks. Documenting knowledge is both time- and cost-intensive, so the cheapest is not to do it at all. However, the lack of codified knowledge can be very severe when a key person with relevant knowledge suddenly leaves the company. The challenge pointed out by the owner of Firm C is the documentation of knowledge to the extent that allows for the rapid implementation of a new person in the event of a worker leaving, without the need to allocate many resources. In turn, the owner of Firm M pointed to the threat of theft of knowledge, which takes place especially in the case of training and creative KIBS services. For example, when it comes to training activities, it is possible to copy the training program and develop your own on this basis. Therefore, the owner of this company is always careful to reveal details about the services offered, trying to show their part rather than details. One cannot ignore the phenomenon of industrial espionage2, known for a long time in the manufacturing industry, officially banned in the USA by President Clinton as early as 1996, but still posing a threat to the organization. Not only production companies are exposed to the theft of knowledge, but also service companies (especially innovative companies from the high technology sector) along with the development of technology. The fourth risk is having false knowledge or the inability to properly use true knowledge. This problem is perceived by the respondent from Firm J. In her opinion, the availability of social media (e.g., Facebook) makes companies try to solve their problems based on the advice of various groups dealing with a given issue and later often turns out that the recommended solution is not appropriate or does not match a given specific situation. It is important to use knowledge in the right way and not just to possess it (Jennex 2010). The costs of using improper knowledge or the misapplication of true knowledge can be very high, and at the same time, it is difficult for clients to judge how well the recommended solution on the web is appropriate. This raises problems for organizations such as Firm J, which must later correct the wrong customer steps, taken by him before applying for help to the company. The owner of Firm K noted the interesting phenomenon, which stated that companies sometimes use training, but to find out what other people learn. The respondent is aware that the knowledge given during the training is false, but he must still learn it in order to know how other entities think. Usually, a positive impact of knowledge on the functioning of the organization is assumed—knowledge and access to it allow for making the right decisions, increasing efficiency of actions, etc. However, there are some risks associated with knowledge as well (Zieba and Durst 2018). Firm K tries to reach knowledge, being aware that it is not of adequate quality because the risk of ignoring this knowledge is too large and negatively affects the functioning of the organization.

2

Industrial espionage is about appropriating information using improper means (Chan 2003).

26

M. Zieba

Another risk associated with knowledge is various sources from which it can be obtained and which can be contradictory. The owner of Firm D draws attention to this kind of problem. According to him, there are cases when regulations at the national level are contrary to regulations at the local level or differ from one administration to another. Then, the criteria for choosing a solution should be adopted and justified. This raises decision-making dilemmas, which regulation should be used, being aware of differences with other regulations. The respondents from Firm A and from Firm F indicated similar problems. Another risk related to knowledge in relation with the client is related to the client’s refusal to receive knowledge or transfer it to a KIBS firm. The respondent from Firm F points to such a case. In her opinion, clients are able to deny the receipt of some information or transfer them to the Firm F. The way to deal with this threat turned out to document all relevant information and obtain signatures from customers that, for example, they got acquainted with an important document. Although the basis for creating the KIBS service is trust (Scarso and Bolisani 2012), it cannot be unlimited and sometimes special measures are required to minimize the risk of misunderstanding with the client. The next risk identified by the respondents was the aging of knowledge. The owner of Firm C paid attention to this problem. Interestingly, although the firm was aware that the knowledge it used was outdated, it did not have the time and opportunity to acquire a new one because it had to perform current tasks. The use of obsolete knowledge may have negative effects in the clients’ companies, e.g., if the solution implemented is not compatible with other used systems or if this solution will be based on old and already non-binding legal regulations. The last risk identified by the respondents was the excess of knowledge—mainly companies complaining about it, which are very dependent on legal regulations (Firm A, Firm F, Firm K), because they had problems with assimilation of a huge number of new documents and regulations, which they had to know and according to which they had to act. In manufacturing companies that offer tangible products, it is common to introduce quality control solutions (e.g., quality management system according to ISO 9001). In the case of companies offering knowledge-intensive business services, the situation is more difficult—how can you check the quality of knowledge? What dimensions of knowledge should be examined or taken into account? For example, you can focus on confirming/verifying knowledge in various sources, checking its update, how old it is still valid, whether it is outdated, etc. It is also possible to determine the extent to which knowledge applies in a given case— whether it can be used or not. Additionally, there is even a recent ISO standard, namely ISO 30401 (2018), which discusses the requirements for the knowledge management systems. This standard can be used by KIBS firms as well. In order for KIBS companies to be able to ensure the quality of their knowledge, they must be aware of the risks associated with knowledge and, if necessary, make attempts to verify it. Examples of ways to counteract threats related to knowledge are listed below:

Knowledge Risk Management in Companies Offering …

27

Checking knowledge in various sources and consciously choosing the most reliable ones (especially in the case of discrepancies in knowledge received from various sources); An attempt to acquire “certified” knowledge, official, not subjective, or subjectively understood/interpreted—this is of particular importance in the case of KIBS services heavily dependent on legal regulations (e.g., accounting or legal); Dealing with the excess of knowledge by focusing on the one that is currently necessary to provide services; Saving knowledge (confirming knowledge)—key knowledge must be codified and saved, it may also be necessary to obtain confirmation of acquiring knowledge or taking it into account (e.g., by signing); The principle of limited trust—KIBS companies cannot rely on full trust in the client and believe in his good intentions, because one day, it may turn out that the customer will displace some action/conversation or arrangements; Making attempts to share knowledge by making it available in an internal database to which each employee has access and can use the materials contained therein while being aware that not everything can be codified in this way and put in a database; Meetings in working groups, during which there are people who have to replace people dealing with a given area during their absence; Proper motivating of employees and ensuring that all team members have the maximum knowledge to prevent a situation where one employee is irreplaceable. These methods allow reducing the occurrence of threats related to knowledge or to eliminate their negative effects. Awareness of the risks associated with knowledge and methods of dealing with them is important for the functioning of KIBS companies.

5

Concluding Remarks

The most frequently indicated risk was the loss of knowledge associated with the departure of an employee. It should be remembered that in the case of companies from the SME sector, even a short absence of an employee may lead to significant threats resulting from difficulties in replacing an absent resource with another employee (Durst and Wilhelm 2011). This result confirms the expectations that for KIBS firms, human resources are important and the risks related to them are of special interest. At the same time, leaving employees often supply competitive organizations or even establish their own companies to provide similar services. This is due to a large specialization in a given area of knowledge, necessary to perform tasks at KIBS firms. Other risks identified by the respondents include: problems in communication and knowledge flow, lack of codified/documented knowledge, theft of knowledge (e.g., by competitors), possession of false knowledge or inability to properly use

28

M. Zieba

true knowledge (e.g., in the case of clients), contradiction of knowledge obtained from various sources, lack of acquiring knowledge or even disowning by the customer receiving knowledge, aging knowledge, and excess of knowledge. As far as the methods of eliminating threats related to knowledge are concerned, the surveyed companies indicated, among others, such solutions as follows: verification of knowledge sources, concentration on knowledge necessary to perform services, confirmation of knowledge receipt by the client, sharing knowledge within the KIBS company, meetings in working groups, or appropriate motivation of employees (e.g., not to look for other employment options). There are some limitations to the presented study. First of all, the sample size was relatively small. Thirteen case studies do not stand for large research material, although a similar number of cases had been analyzed in other qualitative KM research on small companies (Bishop et al. 2008; Nunes et al. 2006). Another limitation concerns the special kind of firms examines—small companies from the KIBS sector. This limitation restricts the possibility of extending research results to some other groups of companies (e.g., manufacturing ones). Additionally, there was just one interview conducted in each company, so the picture might not be comprehensive. Finally, the study is preliminary and some further studies are required. As far as potential research avenues are concerned, one can list here a quantitative study examining the popularity of particular knowledge risks and ways of managing them among KIBS firms. Additionally, this research could be extended to other sectors and companies’ sizes. Another potentially interesting research theme would be to prepare and test the taxonomy of knowledge risks devoted to the KIBS firms. Acknowledgements The author gratefully acknowledges support from the National Science Centre (Poland) in the context of a research project “Knowledge management strategies and their determinants in companies from the knowledge-intensive business service sector” (No. 2016/21/B/HS4/03051).

References Ahmad, A., Bosua, R., & Scheepers, R. (2014). Protecting organizational competitive advantage: A knowledge leakage perspective. Computers and Security, 42, 27–39. https://doi.org/10.1016/ j.cose.2014.01.001. Annansingh, F. (2012). Exploring the risks of knowledge leakage: An information systems case study approach. In Huei Tse Hou (Ed.), New Research on Knowledge Management Models and Methods. InTech. Retrieved from http://cdn.intechopen.com/pdfs-wm/33417.pdf. Arshad, R., & Ismail, I. R. (2018). Workplace incivility and knowledge hiding behavior: Does personality matter? Journal of Organizational Effectiveness: People and Performance, 5(3), 278–288. https://doi.org/10.1108/JOEPP-06-2018-0041. Audretsch, D., & Feldman, M. (2004). Knowledge spillovers and the geography of innovation, In Handbook of Regional and Urban Economics (pp. 2713–2739). https://doi.org/10.1016/S01697218(04)07061-3. Berman, S. L., Down, J., & Hill, C. W. L. (2002). Tacit knowledge as a source of competitive advantage in the national basketball association. The Academy of Management Journal, 45(1), 13–31.

Knowledge Risk Management in Companies Offering …

29

Bettencourt, L. A., Ostrom, A. L., Brown, S. W., & Roundtree, R. I. (2002). Client co-production in knowledge-intensive business services. California Management Review, 44(4), 100–128. https://doi.org/10.2307/41166145. Bishop, J., Bouchlaghem, D., Glass, J., & Matsumoto, I. (2008). Ensuring the effectiveness of a knowledge management initiative. Journal of Knowledge Management, 12(4), 16–29. https:// doi.org/10.1108/13673270810884228. Bratianu, C. (2018). A holistic approach to knowledge risk. Management Dynamics in the Knowledge Economy, 6(4), 593–607. https://doi.org/10.25019/MDKE/6.4.06. Cerne, M., Nerstad, C. G. L., Dysvik, A., & Skerlavaj, M. (2014). What goes around comes around: Knowledge hiding, perceived motivational climate, and creativity. Academy of Management Journal, 57(1), 172–192. https://doi.org/10.5465/amj.2012.0122. Chan, M. (2003). Corporate espionage and workplace trust/distrust. Journal of Business Ethics, 42 (1), 45–58. https://doi.org/10.1023/A:1021611601240. Connelly, C. E., Zweig, D., Webster, J., & Trougakos, J. P. (2012). Knowledge hiding in organizations. Journal of Organizational Behavior, 33, 64–88. https://doi.org/10.1002/job.737. Creswell, J. W. (2013). Projektowanie badań naukowych: metody jakościowe, ilościowe i mieszane. Kraków: Wydawnictwo Uniwersytetu Jagiellońskiego. Desouza, K. C., & Awazu, Y. (2006). Knowledge management at SMEs: Five peculiarities. Journal of Knowledge Management, 10(1), 32–43. Durst, S. (2019). How far have we come with the study of knowledge risks? VINE Journal of Information and Knowledge Management Systems. https://doi.org/10.1108/VJIKMS-10-20180087. Durst, S., Bruns, G., & Edvardsson, I. R. (2017). Retaining knowledge in smaller building and construction firms. International Journal of Knowledge and Systems Science, 8(3), 1–12. https://doi.org/10.4018/IJKSS.2017070101. Durst, S., Bruns, G., & Henschel, T. (2016). The management of knowledge risks: What do we really know? International Journal of Knowledge and Systems Science, 7(3), 19–29. Durst, S., & Wilhelm, S. (2011). Knowledge management in practice: Insights into a medium-sized enterprise’s exposure to knowledge loss. Prometheus, 29(1), 23–38. https:// doi.org/10.1080/08109028.2011.565693. Durst, S., & Zieba, M. (2017). Knowledge risks—towards a taxonomy. International Journal of Business Environment, 9(1), 51–63. Feinberg, S. E., & Gupta, A. K. (2004). Knowledge spillovers and the assignment of R&D responsibilities to foreign subsidiaries. Strategic Management Journal, 25(89), 823–845. https://doi.org/10.1002/smj.396. Fernandes, C. I., & Ferreira, J. J. M. (2013). Knowledge spillovers: Cooperation between universities and KIBS. R and D Management, 43(5), 461–472. https://doi.org/10.1111/radm. 12024. Hernaus, T., Cerne, M., Connelly, C., Poloski Vokic, N., & Škerlavaj, M. (2018). Evasive knowledge hiding in academia: When competitive individuals are asked to collaborate. Journal of Knowledge Management, JKM-11-2017-0531. https://doi.org/10.1108/JKM-11-2017-0531. Hertog, P. D. (2000). Knowledge-intensive business services as co-producers of innovation. International Journal of Innovation Management, 4(4), 491–528. Hipp, C. (1999). Knowledge-intensive business services in the new mode of knowledge production. AI & SOCIETY, 13(1–2), 88–106. https://doi.org/10.1007/BF01205260. Hurmelinna-laukkanen, P. I. A. (2015). Proactive HRM for reducing knowledge risks—evaluating commitment and trustworthiness. International Journal of Innovation Management, 19(6), 1– 20. https://doi.org/10.1142/S1363919615400113. Jennex, M. E. (2010). Ubiquitous Developments in Knowledge Management: Integrations and Trends: Integrations and Trends. IGI Global. Kumar Jha, J., & Varkkey, B. (2018). Are you a cistern or a channel? Exploring factors triggering knowledge-hiding behavior at the workplace: Evidence from the Indian R&D professionals. Journal of Knowledge Management. https://doi.org/10.1108/JKM-02-2017-0048.

30

M. Zieba

Lehrer, M., Ordanini, A., DeFillippi, R., & Miozzo, M. (2012). Challenging the orthodoxy of value co-creation theory: A contingent view of co-production in design-intensive business services. European Management Journal, 30(6), 499–509. https://doi.org/10.1016/j.emj.2012. 07.006. Miles, I., Kastrinos, N., Bilderbeek, R., Den Hertog, P., Flanagan, K., Huntink, W., & Bouman, M. (1995). Knowledge-intensive business services: Users, carriers and sources of innovation. European Innovation Monitoring System (EIMS) Reports. Mohamed, S., Mynors, D., Andrew, G., Chan, P., Coles, R., & Walsh, K. (2007). Unearthing key drivers of knowledge leakage. International Journal of Knowledge Management Studies, 1(3–4), 456–470. Norman, P. M. (2004). Knowledge acquisition, knowledge loss, and satisfaction in high technology alliances. Journal of Business Research, 57(6), 610–619. https://doi.org/10.1016/ S0148-2963(02)00395-8. Nunes, B. M., Annansingh, F., Eaglestone, B., & Wakefield, R. (2006). Knowledge management issues in knowledge-intensive SMEs. Journal of Documentation, 62(1), 101–119. https://doi. org/10.1108/00220410610642075. Ordanini, A., & Pasini, P. (2008). Service co-production and value co-creation: The case for a service-oriented architecture (SOA). European Management Journal, 26(5), 289–297. https:// doi.org/10.1016/j.emj.2008.04.005. Palacios-Marqués, D., Peris-Ortiz, M., & Merigó, J. M. (2013). The effect of knowledge transfer on firm performance: An empirical study in knowledge-intensive industries. Management Decision, 51(5), 973–985. https://doi.org/10.1108/MD-08-2012-0562. Parise, S., Cross, R., & Davenport, T. H. (2006). Strategies for preventing a knowledge-loss crisis. MIT Sloan Management Review, 47(4), 31–38. Parker, H. (2012). Knowledge acquisition and leakage in inter-firm relationships involving new technology-based firms. Management Decision, 50(9), 1618–1633. https://doi.org/10.1108/ 00251741211266714. Perrott, B. E. (2007). A strategic risk approach to knowledge management. Business Horizons, 50 (6), 523–533. https://doi.org/10.1016/j.bushor.2007.08.002. Quintas, P., Lefrere, P., & Jones, G. (1997). Knowledge management: A strategic agenda. Long Range Planning, 30(3), 385–391. https://doi.org/10.1016/S0024-6301(97)90252-1. Scarso, E., & Bolisani, E. (2012). Trust in knowledge exchanges between service providers and clients: A multiple case study of KIBS. Knowledge Management Research & Practice, 10(1), 16–26. http://dx.doi.org/10.1057/kmrp.2011.28. Schmitt, A., Borzillo, S., & Probst, G. (2012). Don’t let knowledge walk away: Knowledge retention during employee downsizing. Management Learning, 43(1), 53–74. https://doi.org/ 10.1177/1350507611411630. Schnabl, E., & Zenker, A. (2013). Statistical classification of knowledge-intensive business services (KIBS) with NACE Rev. 2. EvoREG Research Note. June 25, 1–11. Retrieved from papers3://publication/uuid/7AB446C4-BC91-44AF-8EB2-A5BC5950EB04. Suter, W. N. (2011). Introduction to educational research: A critical thinking approach. Thousand Oaks, CA: SAGE publications. Victer, R. (2014). The strategic implication of knowledge attributes: Understanding the conditions in which knowledge matters to performance. Management Decision, 52(3), 505–525. https:// doi.org/10.1108/MD-04-2013-0235. Wang, Y., Han, M. S., Xiang, D., Hampson, D. P., Wang, Y., Han, M. S., et al. (2018). The double-edged effects of perceived knowledge hiding: Empirical evidence from the sales context. Journal of Knowledge Management. https://doi.org/10.1108/JKM-04-2018-0245.

Knowledge Risk Management in Companies Offering …

31

Wong, K. Y., & Aspinwall, E. (2005). An empirical study of the important factors for knowledge-management adoption in the SME sector. Journal of Knowledge Management, 9 (3), 64–82. https://doi.org/10.1108/13673270510602773. Yin, R. K. (2009). Case study research. Design and methods (4th ed.). Sage publications. Zieba, M., & Durst, S. (2018). Knowledge risks in the sharing economy. In Knowledge Management in the Sharing Economy. Cross-Sectoral Insights into the Future of Competitive Advantage (pp. 253–270).

Toyota Kata Approach—A Way to Mitigate Knowledge Risks in Start-Ups Helio Aisenberg Ferenhof

Abstract

Start-ups are created based on risk and have to deal with knowledge risk every day. The founders see one opportunity and seek ways to transform it into reality. They are entrepreneurs who have a way to solve a real problem. The literature presents some works that deal with knowledge risks. However, none of them exposed an organized way of dealing with those risks, one by one. Specifically, this chapter seeks to answer the following research question: Can Toyota Kata be a scientific way to deal with those risks? This work aims to answer this question, for that, an action research into a Brazilian start-up was conducted. Through the action research, it was verified that the Toyota Kata approach use enabled the mitigation of knowledge at risk that may occur into start-ups. It is possible to perceive the benefits of this approach, by the learning in executing the planned and comparing of that was realized. The coach interactions after the planned execution of each cycle revel as effective to mitigate the knowledge risks. The experience exchange between coach and learner proved to be a differential in learning and mitigation process. It is perceived that the approach deals with many obstacles, by systematizing and structuring a way of dealing with them one at a time, indicating to be effective in dealing with knowledge at risk. Keywords










Start-up Knowledge risk Toyota Kata approach Knowledge management Knowledge risk management Action research







H. A. Ferenhof (&) Federal University of Santa Catarina, Santa Catarina, Brazil e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_3

33

34

1

H. A. Ferenhof

Introduction

Start-ups are created based on risk and have to deal with knowledge risk every day. The founders see one opportunity and seek ways to transform it into reality. They are entrepreneurs who have a way to solve a real problem. They test the problem and solution in the real market (problem interview, solution interview, and then building a minimum viable product [MVP]) (Ries 2011). Knowledge Risk Management (KRM) provides a systematic way of applying tools and techniques to identify, analyze, and respond to risks associated with the creation, application, and retention of organizational knowledge (Durst et al. 2016); this may assist start-ups to deal with risk, which is defined as an event that has a probability and a positive (opportunity) or negative (threat) impact (PMBOK 2017). There are works, such as Durst and Ferenhof (2014) that present a framework for addressing knowledge leakage; Durst and Ferenhof (2016), provide a Framework for Knowledge Risk Management in SMEs; Ferenhof (2016) delivers a conceptual framework to understand knowledge spillover leakage and promote responsiveness. However, none of them exposed an organized way of dealing with those risks, one by one. Specifically, this chapter seeks to answer the following research question: Can Toyota Kata (TK) be a scientific way to deal with those risks? This work aims to answer this question; for that, an action research into a Brazilian start-up was conducted.

2

Theoretical Background

In order to achieve the aim, this work is based on three concepts: Knowledge Management (KM), Knowledge Risk Management, and Toyota Kata (TK).

2.1 Knowledge Management Knowledge Management is defined as a collective expression of a group of processes and practices used in organizations to increase their value, improving the efficiency of the generation and application of their intellectual capital (Marr et al. 2003). It can also be understood as the processes and activities management that promote knowledge to increase competitiveness, through better use and creation of individual and collective knowledge sources (CEN 2004). In Bounfour’s (2003) perspective, it is a systematic way of creating, sharing, and leveraging knowledge within and around organizations. The tools and techniques provided by KM should assist start-ups to deal with knowledge risk and also other issues.

Toyota Kata Approach—A Way to Mitigate …

35

2.2 Knowledge Risk Management As already stated, KRM provides ways to deal with knowledge at risk like: (1) knowledge loss—the result of personnel missing, e.g., a company loses a key organization member, by turnover, death, or any other reason that the person is not part of the company or cannot be contacted (Delong 2004; Durst and Wilhelm 2011; Brito et al. 2012); (2) knowledge leakage—firm’s private knowledge is intentionally appropriated by or unintentionally transferred to others (Jiang et al. 2013; Durst and Ferenhof 2016); (3) knowledge waste—can be understood as not using existing knowledge or not supporting the use of the full knowledge capacity (Durst and Ferenhof 2016). It is defined by Ferenhof (2011), as any failure in the process of knowledge conversion, better known as the spiral of knowledge creation as proposed by Nonaka and Takeuchi (1997); (4) knowledge spillover—means knowledge overflows that, from a positive perspective, can support innovation and contribute to productivity growth and/or competitiveness. However, in the negative sense provide core knowledge to outsiders. Occurs when firms typically transfer knowledge, technology, know-how intentionally or not intentionally, which is absorbed by partners or competitors (Albornoz et al. 2009; Ferenhof 2016); and (5) among others.

2.3 The Toyota Kata Concept Ichijo and Nonaka (2006, p. 285) state “It combines explicit and tacit knowledge among its workers in the unique way that Toyota has developed over the decades.” This statement exposed the Toyota Kata Concept as a way to put knowledge management to work in practice. The TK concept comprises schooling routines used to preserve and breed knowledge to and pass on know-how. The term Kata comprehends on “how” Toyota deals with “things,” and according to Rother (2009), it is a new mindset, denoting a pattern or shape which can be practiced to acquire particular skills. These behavior patterns are not described and not evident in Toyota documents, and to recognize them, it requires “skilled eyes”; it required time and effort. Nevertheless, these patterns are essential to the way Toyota manages and leads its employees. TK goal is to grow scientific and systematic ways to develop solutions in uncertain and dynamic situations, matching exactly the start-up needs. TK is grounded on two concepts, Improvement Kata and the Coaching Kata (Rother 2009; Kosaka 2013), and is linked with the KM and KRM concepts presented.

2.3.1 The Improvement Kata—a Standard of How to Develop a Continuous Improvement Capability Systematically The leadership should learn this standard in order to capacitate the entire organization by teaching and training. Rother (2009) established Improvement Kata in four stages:

36

H. A. Ferenhof

(1) Define the challenge: Previously any group action, the organization long-term vision should be remembered and then a challenge aligned with it must be defined. (2) Understand the current situation: Comparing to the challenge, check where you are now; it means prudently review facts and data. (3) Set the next target condition: Establish the goal, meaning where you want to be next. A target condition illustrates an attribute combination of what you want on a specific future date. Previously, you do not know precisely how to get there, so a target condition is a learning task. (4) Aim toward the target condition: The Improvement Kata encompasses a systematic and interactive routine to cross the unpredictable gray area among the current condition and the target condition. Executing plan, do, check, and act (PDCA) cycles and fast experiments, mentees while strive to achieve their target condition can comprehend and adapt based on what they are learning in the PDCA process. Those stages can assist in mitigating start-ups’ knowledge risks. The Improvement Kata four stages are shown in Fig. 1. The PDCA cycles assist the start-up in creating organizational knowledge. The way of every obstacle that is pierced is learned. The company internalizes the apprenticeship of it. Organizational knowledge creation “is a never-ending process that upgrades itself continuously” (Ichijo and Nonaka 2006, p. 279). However, how does it work? Based on current state knowledge, the coach and learner define a desirable but achievable target condition and an achievement to date. Regarding the target condition, the mentee firstly suggests a condition and the mentor gives feedback in a back-and-forth manner, an ongoing iterative process. To facilitate the process, also for a better visualization, Toyota Kata prescribes a storyboard (Fig. 2). The suggested target condition is written concerning process output changes. On the obstacles parking lot, the mentee writes down what blocks him from accomplishing the target. At that point, not all obstacles could be known, but as the PDCA process begins, improvements should come; and as soon as they appear, it must be added to the parking lot. Take in mind that every obstacle should not be formulated as a missing solution, but as a problem. Furthermore, each of them should be supplemented by a notion of how it can be measured.

Fig. 1 Four steps for Improvement Kata Source Adapted from Rother (2009)

Toyota Kata Approach—A Way to Mitigate …

37

Fig. 2 Storyboard. Source Adapted from Rother (2009)

With a target condition defined, the mentee is questioned “How can we get there?”. The target condition route can be seen as a blur zone. The way to navigate it is by performing PDCA cycles, as a prediction-actionevidence-evaluation cycle, through the experimentation method. The mentee interacts with the “PDCA Cycles Record” section, and the mentor guides him by inquiring. To ensure the process success, one and only one obstacle must be addressed at a time, chosen from list registered in the previous step. Again, each PDCA cycle must be meant at making one improvement at a time. If more things are changed in the process at a time, it will be difficult to ensure that leads to the result. Furthermore, the mentee needs to update as the cycles progress the “current condition” with new data and also the “Obstacles Parking Lot” as he is learning about the process. The continuous improvement cyclical routine can be summarized in the PDCA cycle.

38

H. A. Ferenhof

After a reflection, it is possible to indicate if there was or not a learning and to use it as base for the next experiment

The Hypothesis / Action or Step that was planned (along with what is expected)

What was observed

Experimenting Records

Conducting the experiment

Fig. 3 PDCA cycle. Source Based on (2009)

The stages that compose each cycle are planning (P—plan), execution (D—do), check (C—check), and performance corrective/learning (A—action). Every part of the cycle can be shown in Fig. 3.

2.3.2 The Coaching Kata Is how the Improvement Kata is taught. The mentor, also identified as coach, conduces the learning process guiding the mentee or learner. The mentor presence supports the affectivity actions in practice during the process, with the goal of creating a new standard domain changing the mindset (Kosaka 2013). The mentor role is to confirm that the mentee employs and respects all the Improvement Kata stages and also should assist the mentee to establish target conditions. The link between the Coaching Kata and Improvement Kata can be better shown in Fig. 4. In order to teach and assist the mentee to know how to implement the Improvement Kata, cyclically, the Coaching Kata was created. The Coaching Kata and Improvement Kata approach addressed to problem-solving regularly over time, continuous improvement, should become a habit (Rother 2009). The approach stipulates five questions to be asked in each cycle as shown in Fig. 5. As stated by Ferenhof et al. (2018), the use of the TK approach to KM should seem like an instinct. Moreover, why not use it as a KRM solution?

3

Methodology

To verify if Toyota Kata can be used to mitigate knowledge risks at start-ups’ action research (AR) was conducted in a Brazilian start-up, in which all the Toyota Kata approach steps were followed. Action research has the technical objective of solving the problem itself and the scientific objective of knowledge production or

Toyota Kata Approach—A Way to Mitigate …

39

Fig. 4 Improvement Kata and coaching. Source Adapted from Rother (2009)

Fig. 5 Questions asked on each coaching cycles. Source Adapted from Rother (2009)

development (Tripp 2005). The technical objective was to mitigate knowledge leakage/spillover from the start-up and the scientific objective to verify the TK effectiveness. According to Kirwan (2009, p. 239), in an AR, “the high involvement of the researcher with the research subjects allows for access to rich and in-depth research data.” Kirwan (2009, p. 239) also highlights that “researchers can overcome the

40

H. A. Ferenhof

problem of trying to understand the ill-structured, fuzzy world of complex organizations by applying action research.” Having this explanation in mind, the opportunity was taken by the researcher to verify if Toyota Kata can be used to mitigate knowledge risks when his undergraduate student, the founder of the start-up, was going to participate in a start-up contest for university students, pitching to financial angels. The researcher, in the contest, has the role of his advisor, and in the TK approach, he took place as the coach and the entrepreneur the learner role, and in the contest the start-up founder/entrepreneur. Each experiment TK cycle was recorded on the storyboard, as shown in Fig. 2. Initially, the learner records the current condition, target condition, and obstacles that are preventing from reaching the target condition. With this established, he defines what he plans to do to attack a specific obstacle and what he expects of this action. After each cycle, the learner records what happened and what he learned before speaking again with coaching. It is important to highlight that AR is not without limitations. Kirwan (2009) presented in his work a table with possible limitations that how to overcome them and also how, in his work, he achieved it. Inspired by Kirwan (2009), Table 1 presents them, but the last column was adapted, revealing how this work dealt with those issues.

4

Results

In order to participate in the contest without leaking or spillover knowledge, the Toyota Kata approach was initiated.

4.1 First Kata Cycle Initially, it was defined as challenge/vision to elaborate a pitch that should “sold” the product idea, without spillover or leaking knowledge. Thus, following the methodology, the current condition of the pitch was diagnosed, and the results were described in the storyboard as shown in Table 2. In the sequence, the target condition was established and written on the storyboard, and the obstacles that prevented us from having the target condition were identified. The obstacle “Put the pitch text ideas into the paper” was selected to be attacked in the first cycle; with this, an action was planned and what was expected was described with the accomplishment of this action. After these definitions, the first cycle of coaching was done in the learner told/explained to the coach the storyboard. With the endorsement of this, they began the first cycle of experimentation, carrying out the proposed action.

Toyota Kata Approach—A Way to Mitigate …

41

Table 1 Limitations of using action research and how the researcher overcame these Possible limitations of AR

How to address the limitation

How this was achieved in this work

Achieving stringency/rigor —the way of assuring the quality of the data collected

Use of action research cycles to provide adequate iterations Planning of methodical data collection methods

The AR cycles were aligned with TK cycles TK was used as the data collection method. The researcher as coach was careful not to influence the learner/entrepreneur answers, to minimize researcher bias The collaboration started since the invitation to be the contest advisor. This collaboration continued throughout the research process in each of the TK cycles The researcher and entrepreneur developed interpretations together. In each TK cycle coming into a result consensus The literature was accessed to support the obstacles found by the TK approach

Careful nurturing of collaboration with subjects

Interpretations will be developed as part of the data collections

The relevant literature will be accessed as part of the interpretation, to widen the dialectic Multiple data sources will be accessed to provide a dialectic

Establish an ethical client-system infrastructure and research environment

Validity—are the findings really about what they appear to be about?

Conscious and deliberate enactment of the action research cycles

The researcher and entrepreneur interpreted the primary data sources together. Supported by relevant academic literature, the contest rules and also the internal start-up documents It was agreed that the start-up would be used as the proposed research environment, and the researcher would have unlimited access to any document, information, or relevant data related to the research project Each action research cycles was aligned with TK cycles following with intended purpose the TK approach method (continued)

42

H. A. Ferenhof

Table 1 (continued) Possible limitations of AR

How to address the limitation

How this was achieved in this work

Researcher bias/lack of impartiality

The researcher needs to consider the extent to which the story is a valid presentation of what has taken place

Generalizability—the extent to which the findings are equally applicable in other settings

It will not be a problem if the researcher does not claim that the results, conclusions, or theory can be generalized

The researcher was meticulous to follow TK approach not prompting the entrepreneur for some previews established answers. The entrepreneur was free to answer by his own will This study was concerned with this start-up in this specific contest. However, it seems to be reasonable that can occur with other start-ups

Source Adapted from Kirwan (2009)

Table 2 Storyboard first cycle Process: create a pitch Target condition: Develop a clear pitch text that “sells” the product without leaking or spilling-over knowledge

Current condition: Have and product Idea, without a text to pitch it

Challenger: pitch clear without knowledge risk What was What was planned? expected? 1. Describe 1. Have a pitch the product without and needs knowledge risk and clear What What was happened? learned? Obstacles: Put the pitch text ideas into the paper

Source Primary data

4.2 Second Kata Cycle With the experiment realization, the entrepreneur recorded in the storyboard the new condition, what happened and what was learned as shown in Table 3. In this register, it was verified that now there is a pitch text, which describes the product and the investment needs, but it would need to adequate it due to the fact of being confused and also containing information about core knowledge that should not be passed on. In this way, the actions for the second cycle were described in the storyboard and after the coaching cycle.

Toyota Kata Approach—A Way to Mitigate …

43

Table 3 Storyboard second cycle Process: Create a Pitch Target Condition: Develop a clear pitch text that "sells" the product without leaking or spilling-over knowledge.

Current Condition: Have and product Idea, without a text to pitch it; Have a pitch that is leaking / spilling-over knowledge; Have an unclear pitch text.

Challenger: Pitch clear without knowledge risk What was planned? What was expected? 1- Describe the prod- 1- Have a pitch withuct and needs out knowledge risk 2 – Remove any men- and clear tion of how to develop 2- Have a pitch withthe product out knowledge risk What happened? What was learned? 1- The pitch text was 1-The need of paying developed, but with attention in not deknowledge at risk scribing how or howto develop the product. Obstacles: Put the pitch text ideas into the paper. Was challenging to describe what without how and or how-to. The pitch text was not clear.

Source Primary data

During the coaching cycle, the learner was asked by the coach how would he suit the text. The apprentice reported the following procedures: Look in the text for any indication of how the product is developed and remove it. After these explanations, the planned action was put into practice, carrying out the third cycle of experiments.

4.3 Third Kata Cycle The apprentice recorded the pitch new current condition, as well as what happened concerning what was planned and what they learned as shown in Table 4. During this cycle course, the learner, when modifying the text, realized that the drafting the form and content of the pitch text would save time and effort. Still, it was realized that the text could be improved for clarity. In the sequence, a new application with new guidelines is planned for the new cycle. During the coaching cycle, the learner was asked by the coach how would he improve the text regarding clearness. The apprentice reported the following procedures: Describe in a logical order, real market problem, a real solution; what is already developed, financial needs. After these explanations, the planned action was put into practice, carrying out the third cycle of experiments.

44

H. A. Ferenhof

Table 4 Storyboard third cycle Process: Create a Pitch Target Condition: Develop a clear pitch text that "sells" the product without leaking or spilling-over knowledge.

Current Condition: Have and product Idea, without a text to pitch it; Have a pitch that is leaking / spilling-over knowledge; Have an unclear pitch text.

Challenger: Pitch clear without knowledge risk What was planned? What was expected? 1- Describe the prod- 1- Have a pitch withuct and needs out knowledge risk 2 – Remove any men- and clear tion of how to develop 2- Have a pitch withthe product out knowledge risk 3- Organize the text 3- Have a clear pitch What happened? What was learned? The pitch text was de- 1-The need of paying veloped, but with attention in not deknowledge at risk scribing how or howThe pitch text was up- to develop the product. dated to remove how 2-Planing the text and how-to. could save time and efforts. Obstacles: Put the pitch text ideas into the paper. Was challenging to describe what without how and or how-to. The pitch text was not clear.

Source Primary data

4.4 Fourth Kata Cycle The logical text restructuring was executed, and this round learning was recorded in the storyboard, according to Table 5. This round was of results only, by having achieved the target condition, having a pitch text clear and without knowledge at risk.

5

Final Thoughts

Through the action research, it was verified that the Toyota Kata approach use enabled the mitigation of knowledge at risk that may occur into start-ups. It is possible to perceive the benefits of this approach, by the learning in executing the planned and comparing of that was realized. The coach interactions after the planned execution of each cycle revealed to be effective to mitigate the knowledge risks. The experience exchange between coach and learner proved to be a differential in learning and mitigation process.

Toyota Kata Approach—A Way to Mitigate …

45

Table 5 Storyboard fourth cycle Process: Create a Pitch Target Condition: Develop a clear pitch text that "sells" the product without leaking or spilling-over knowledge.

Current Condition: Have and product Idea, without a text to pitch it; Have a pitch that is leaking / spilling-over knowledge; Have an unclear pitch text. The pitch text is clear and not presenting knowledge risks

Challenger: Pitch clear without knowledge risk What was planned? What was expected? 1- Describe the prod- 1- Have a pitch without knowledge risk uct and needs 2 – Remove any men- and clear tion of how to develop 2- Have a pitch without knowledge risk the product 3- Have a clear pitch 3- Organize the text What was learned? What happened? The pitch text was de- 1-The need of paying veloped, but with attention in not describing how or howknowledge at risk The pitch text was up- to develop the product. dated to remove how 2-Planing the text could save time and and how-to. The pitch was logical- efforts. 3-The text structure ly organized makes a difference for clarity. Obstacles: Put the pitch text ideas into the paper. Was challenging to describe what without how and or how-to. The pitch text was not clear.

Source Primary data

It is perceived that the approach deals with many obstacles, by systematizing and structuring a way of dealing with them one at a time, indicating to be effective in dealing with knowledge at risk. It was also realized that the entrepreneur after the experiment is considered fit to create a clear pitch that does not offer knowledge leakage or knowledge spillover. This fact indicates that occurs knowledge internalization since it is evident that he learned and acquired the know-how during these experiments. It is highlighted that the most significant contribution of this work is to present the Toyota Kata approach, as a way to mitigate knowledge at risk, as well as to internalize knowledge. Stating that, start-ups are expected to use the Toyota Kata approach to mitigate knowledge at risk.

46

H. A. Ferenhof

The author is aware that the present study is not without limitations, because of choosing AR method and in a single start-up. It seems reasonable to assume that the procedures to mitigate the method limitations were followed. Also, suitable to assume that the knowledge risk found and overcame in this work can occur and be trespassed by other start-ups. Finally, this chapter proposes some as future research to analyze the use of the Toyota Kata approach to mitigate knowledge at risk in other start-ups and also in another kind of companies.

References Albornoz, F., Cole, M. A., Elliott, R. J. R., & Ercolani, M. G. (2009). In search of environmental spillovers. World Economy, 32(1), 136–163. https://doi.org/10.1111/j.1467-9701.2009.01160.x. Bounfour, A. (2003). The management of intangibles: The organization’s most valuable assets. London: Routledge. Brito, L. M. P., De Oliveira, P. W. S., & Castro, D. (2012). A. B. C. Knowledge management in a public institution for technical assistance and rural extension of nonheastem Brazil. Revista de Administração Pública, 46(5), 1341–1366. CEN (2004). Comité Européen De Normalisation: European Guide to Good. In Practice in knowledge management CWA 14924. Retrieved 09/30, 2004 from ftp://cenftp1.cenorm.be/ PUBLIC/CWAs/e-Europe/KM/CWA14924-04-2004Mar.pdf. Delong, D. W. (2004). Lost knowledge: Confroming the threat of an aging workforce. Oxford: Oxford University Press. Durst, S., Bruns, G., & Henschel, T. (2016). The management of knowledge risks: What do we really know? International Journal of Knowledge and Systems Science (IJKSS), 7(3), 19–29. Durst, S., & Ferenhof, H. A. (2014). Knowledge leakages and ways to reduce them in small and medium-sized enterprises (SMEs). Information, 5, 440–450. Durst, S., & Ferenhof, H. A. (2016). Knowledge risk management in turbulent times. In K. North & G. Varvakis (Eds.), Competitive strategies for small and medium enterprises. Berlin: Springer International Publishing. Durst, S., & Wilhelm, S. (2011). Knowledge management in practice: Insights into a mediumsized enterprise’s exposure to knowledge loss. Prometheus, 29(1), 23–38. Ferenhof, H. A. (2016). Recognizing knowledge leakage and knowledge spillover and their consequences. International Journal of Knowledge and Systems Science (IJKSS), 7, 46–58. Ferenhof, H. A. (2011). Uma sistemática de identificação de desperdícios de conhecimento visando à melhoria do processo de criação de novos serviços. Mestrado em Engenharia e Gestão do Conhecimento: Universidade Federal de Santa Catarina. Ferenhof, H. A., Cunha, A. H. D., Bonamigo, A., & Forcellini, F. A. (2018). Toyota Kata as a KM solution to the inhibitors of implementing lean service in service companies. VINE Journal of Information and Knowledge Management Systems, 48, 404–426. Ichijo, K., & Nonaka, I. (2006). knowledge creation and management: New challenges for managers. Oxford: Oxford University Press. Jiang, X., Li, M., Gao, S., Bao, Y., & Jiang, F. (2013). Managing knowledge leakage in strategic alliances: The effects of trust and formal contracts. Industrial Marketing Management, 42(6), 983–991. Kirwan, O. (2009). An action research case study of the facilitators and inhibitors of e-commerce adoption. In Business web strategy: design, alignment, and application (pp. 236–247). IGI Global. Kosaka, D. (2013). Kata: criando a cultura da melhoria contínua. Available at www.Lean.org.br/ comunidade/clipping/clipping_265.pdf. Accessed March 1, 2016.

Toyota Kata Approach—A Way to Mitigate …

47

Marr, B., Gupta, O., Pike, S., & Roos, G. (2003). Intellectual capital and KM effectiveness. Management Decision, 41(8), 771–781. Nonaka, I., & Takeuchi, H. (1997). Criação de conhecimento na empresa. Rio de Janeiro: Campus. PMBOK. (2017). A guide to the project management body of knowledge (PMBOK® Guide) (6th ed.). Pennsylvania, PA: Project Management Institute, Four Campus Boulevard. Ries, E. (2011). The lean startup: How today’s entrepreneurs use continuous innovation to create radically successful businesses. Crown Books. Rother, M. (2009). Toyota Kata: Managing people for improvement, Adaptiveness and Superior Results. New York, NY: McGraw-Hill. Tripp, D. (2005). Pesquisa-ação: uma introdução metodológica. Educação e pesquisa, 31(3), 443–466.

Knowledge Risk Management in Two-Tier HRM Structures M. Shujahat, A. Akhtar, F. Nawaz, M. Wang and M. S. Sumbal

Abstract

Differential two-tier HRM structures are characterised by their lower organisational investment (lower training and development and compensations and benefits) in second-tier employees relative to first-tier employees. This discrepancy leads to a conflict between the two tiers and negative attitudes among second-tier employees. From the perspective of knowledge risks, this study proposes that the two-tier HRM structure generates on-the-job knowledge risks, especially between the two tiers of employees. In worst-case scenarios, if there is high sector mobility, there can be high turnover rates among second-tier employees, thereby putting the organisation’s knowledge at risk. However, the types, areas and strategies of knowledge risks have not been theorised and explored in the literature. Exploratory interviews were conducted with six managers at private Pakistani banks where two-tier HRM structures are applied to investigate the associated dynamics of knowledge risks in practice. The results suggest that customer-related knowledge is the primary area and locus of risk that subsumes the network and management knowledge. However, the types of knowledge risk on-the-job are knowledge hoarding and knowledge hiding. In turnover or intra-sector mobility, second-tier employees may exhibit knowledge loss, knowledge spillover and knowledge leakage, especially in the area of customer-related knowledge. M. Shujahat
M. Wang KM&EL Lab, Faculty of Education, The University of Hong Kong, Pokfulam Road, Hong Kong e-mail: [email protected] A. Akhtar
F. Nawaz (&) The Department of Management Sciences, COMSATS University Islamabad, Attock Campus, Kamra Road, Attock, Pakistan M. S. Sumbal NUST Business School, National University of Sciences & Technology, Kashmir Highways Road, Islamabad, Pakistan © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_4

49

50

M. Shujahat et al.

Keywords







Two-tier HRM structures Two-tier wage structures Knowledge risks types Knowledge risk management Knowledge risks areas

1







Introduction

Knowledge risk management is a relatively new field that diverges from the traditional knowledge-based view of the firm (Grant 1996) to study the adverse or negative dimensions of knowledge, i.e. knowledge as a liability or cost rather than a resource (Davenport and Prusak 1998). Knowledge risk management calls for the effective management of knowledge risks, irrespective of their level, area or type, within an organisation (Davenport and Prusak 1998; Durst and Zieba 2018; Massingham 2010). This study builds on equity and justice theories to argue that two-tier human resource management (HRM) structures are inherently differential and can thus become a source of knowledge risk, such as knowledge hoarding and knowledge spillover (Durst and Zieba 2018). These types of risks can be incurred in a number of areas, such as customer-related knowledge (Joe et al. 2013; Sumbal et al. 2018), and across contexts, i.e. on-the-job or during turnover (Lee and Martin 1991; Townsend and Partridge 1999). Two-tier HRM structures were first introduced in the 1980s to cut labour costs during the financial crisis (Martin and Peterson 1987). They are characterised by their differential investment in employee classes, including recruitment and selection, training, career development and advancement opportunities, performance appraisal and compensation (such as pay, rewards and bonuses). In two-tier organisations, first-tier (or core) employees enjoy greater benefits than second-tier employees (Harris 1983; Martin and Peterson 1987; Obaid 2013; Townsend and Partridge 1999). Using equity (pay) theory (Adams 1963, 1965), several studies have suggested that workers in two-tiered HRM structures are likely to compare wages, both internally and externally (Heetderks and Martin 1991; Lee and Martin 1991; Martin and Peterson 1987; McFarlin and Frone 1990; Obaid 2013; Townsend and Partridge 1999). When such comparisons are made intra-organisationally, two-tier HRM structures create a conflict between the two workforces that negatively affect second-tier employees’ job-related attitudes, such as psychological contract and job satisfaction (Dickinson 2006; Martin and Peterson 1987; Obaid 2013; Townsend and Partridge 1999). Townsend and Partridge (1999) found that in sectors with high mobility, i.e. where alternative and better employment opportunities are available, there are high rates of turnover among second-tier employees. This empirical observation is supported by Drucker’s knowledge-worker productivity theory (Drucker 1999), which postulates that in twenty-first-century knowledge economies, organisations need knowledge-workers more than knowledge-workers need

Knowledge Risk Management in Two-Tier HRM Structures

51

organisations: workers own the primary organisational means of production— knowledge. If organisations treat knowledge-workers as a cost rather than an asset, then workers are likely to leave the organisation for better opportunities; consequently, their job-related knowledge becomes a risk, as it is now available for competitors to exploit (Drucker 1999). In contrast to neoclassical human capital theory (Schultz 1961), two-tier HRM structures find theoretical justification in classical labour market segmentation theory and are generally used to cut labour-related costs (Cain 1976). However, labour market segmentation theory fails to account for the knowledge risks generated by turnover among knowledge-workers and especially among second-tier workers in two-tier HRM organisations. To the best of the author’s knowledge, no studies or theories investigate the effects of two-tier HRM structures on knowledge risk. Although knowledge risk management is a nascent field (Durst and Zieba 2018), this scarcity is nonetheless astonishing given that two-tier structures are increasingly common in both developed (Neil 2013; O’Brady 2018) and developing countries (Obaid 2013), especially after the 2007 financial crisis. To address this research gap, this study theorises whether and how two-tier HRM structures expose organisations to knowledge risks, both on-the-job and during and after turnover. It also explores organisations’ awareness of knowledge risk, as it relates to two-tier HRM structures and whether knowledge risk management strategies are used in practice. The study builds on the findings of Joe et al. (2013) and Sumbal et al. (2018) to conceptualise probable knowledge risk areas (e.g. customer-related knowledge) and uses Durst and Zieba’s (2018) taxonomy to conceptualise knowledge risk types (e.g. knowledge hiding) in each area on-the-job and during the turnover. Exploratory interviews were conducted with the six managers of Pakistan’s six private banks because, as Obaid (2013) showed, two-tier HRM structures have been used in the Pakistani private banking sector since the government reforms of the 2000s and have resulted in conflicts between workers and negative perceptions of equity and organisational justice among second-tier employees. The study investigates the following research questions to develop a theory of the knowledge risk in two-tier HRM structures. How prevalent are two-tier HRM structures in Pakistan’s private banking sector? Do these structures lead to negative job attitudes among second-tier workforces in this context? Do second-tier employees use first-tier employees as a reference to measure organisational investment? What types of on-the-job and turnover-related knowledge risk areas and types are known to bank managers? What strategies are used to overcome these knowledge risks?

52

2

M. Shujahat et al.

Theoretical Support

2.1 Knowledge Risk Management Knowledge risk management refers to the systematic exploration and application of tools and techniques to identify, analyse and respond to risks associated with knowledge processes in organisational contexts (Davenport and Prusak 1998; Durst and Ferenhof 2016; Durst et al. 2018; Durst and Zieba 2018; Massingham 2010). The term “knowledge risk” (Durst and Zieba 2018) refers to the probability and severity of a phenomenon, action or activity related to the knowledge that impedes organisational functioning at any level, from the individual or group to the entire organisation (Johns 2006). In contrast to knowledge-based view of the firm theory, knowledge risk management postulates that knowledge can be both a resource and a cost or liability, and as such may have negative or adverse outcomes for organisations, such as obsolete knowledge utilisation and its effects (Davenport and Prusak 1998; Drucker 1999; Durst and Wilhelm 2013; Durst and Zieba 2018; Massingham 2010). Grasping the potential negative aspects of knowledge, organisations develop strategies to manage relevant knowledge risks. After a critical review of the literature, Durst and Zieba (2018) conclude that there are three categories of knowledge risk: human, operational and technological. Human knowledge risks relate to an employee’s intrinsic personal, cognitive and social development within an organisation. The current study is primarily concerned with human knowledge risks in two-tier HRM structures and builds on neoclassical theories of the organisation, such as human capital theory (Schultz 1961), the resource-based view of HRM (Wright et al. 1994) and Drucker’s knowledge-worker productivity theory (Drucker 1999).

2.2 Two-Tier HRM Structures Two-tier HRM structures are defined by their differential levels of investment, such as recruitment and selection, training and development (promotion), performance appraisal, compensation (pay, rewards and bonuses) in different employee classes, with higher levels of organisational investment made for first-tier (or core) employees than second-tier workers1 (Harris 1983; Martin and Peterson 1987; Obaid 2013; Townsend and Partridge 1999). In twentieth-century literature on industrial relations, the two-tier structure explicitly designates two-tiered wages based on the date of selection during the 1980s financial crisis (Martin and Peterson 1987; Townsend and Partridge 1999). More recently, however, research has suggested that this differential structure affects not only pay but also all HRM practices (Dickinson 2006; Obaid 2013). Two-tier HRM structures find justification in classical labour market segmentation theory, in which human resources are viewed The tier that is aggregately privileged is known as the first-tier (A-tier or high-tier), while the other one is called the second-tier (B-tier or low-tier) (Greenberg 1987; Martin and Peterson 1987).

1

Knowledge Risk Management in Two-Tier HRM Structures

53

as a cost rather than as a resource or an asset to be managed and which supports the division of labour markets to cut costs based on each segment’s characteristics (Cain 1976). Two-tiered wage structures became common in the 1980s in response to the financial crisis. However, several studies (e.g. Laroche et al. 2018; Neil 2013; O’Brady 2018; Obaid 2013) suggest that two-tiered structures are increasingly common in both developed (e.g. Canada, the USA, Sweden and Germany) and developing economies (e.g. India and Pakistan). With the exception of Obaid (2013), studies of two-tier HRM structures have been surprisingly absent in recent management literature. Obaid (2013) analysed the impacts of multi-tier HRM structures on the psychological contract of employees in Pakistan’s banking sector. These structures emerged following the open market and performance-oriented legal reforms that the Government of Pakistan initiated in the 2000s. Obaid found that these differential HRM structures, and especially differential pay, had led to a rise in negative perceptions of organisational justice and psychological contract among the second-tier workforce in addition to increasing conflicts between worker classes. The Pakistani banking sector’s two-tiered structure is organised as follows (Obaid 2013). First-tier employees (Management Trainee Officers): Following the legal reforms of the 2000s, private banks began hiring recent university graduates to entry-level/frontline management positions. The hires were made in batches and the employees were expected to progress to middle and top management positions through the newly implemented performance-based system. These workers are called trainee officers (TOs) or management trainee officers (MTOs) and were recruited across a number of areas (administrative, marketing and sales, revenue, human resources, information systems, risk management and auditing, etc.). These workers had all been awarded at least a master’s degree in the previous two years from an institution of a good repute. They were all hired using rigorous intellectual and personality tests and were provided in-depth off- and on-the-job training opportunities for their first year and a half in addition to career development and promotion opportunities, such that a majority are now middle management. They receive higher salaries and other pay benefits, such as performance-based bonuses and rewards. Second-tier employees (individually hired employees): Second-tier employees in Pakistan’s private banking sector were hired individually as part of a wide-ranging customer relations-oriented overhaul, targeting, in particular, marketing, sales and revenue departments. In comparison with first-tier MTO employees, second-tier employees were hired based on referrals or recommendations, especially those made by branch managers to regional offices. Typically, these employees have higher levels of cultural, intellectual and social capital, which helps them to attract and retain new and existing customers. In some cases, they hail from rich and/or landlord families, and may thus be expected to transfer their families’ business or personal accounts to the bank branch. Individually hired employees are not required to obtain a master’s degree, receive only two to four weeks’ worth of training, are offered no clear path to promotion or career

54

M. Shujahat et al.

development and receive lower pay and fewer benefits. Their performance is evaluated based on sales (deposits and new accounts), but perform duties similar to the MTOs at individual bank branches. This group does not include “incumbent employees.” While Pakistan’s legal reforms were ongoing, incumbent employees were given an opportunity to opt into the performance-based pay structures, voluntarily retire or remain in the traditional seniority-based pay and development structure. Those employees who opted for seniority-based structures are now known as incumbent employees, although there are not many left due to scheduled or voluntary retirement or simple turnover (Obaid 2013). Therefore, the current study does not include incumbent employees as second-tier employees. Consistent with previous studies (e.g. Heetderks and Martin 1991; Lee and Martin 1991; Martin and Peterson 1987; McFarlin and Frone 1990; Townsend and Partridge 1999), Obaid (2013) found that two-tier HRM structures lead to conflicts between workforces and negatively impact second-tier employee attitudes, such as organisational commitment, psychological contract and sense of job satisfaction, as might be predicted by equity theory (Adams 1963, 1965), psychological contract theory (Rousseau 1989) or distributive justice theory (Greenberg 1987). According to equity theory (Adams 1963, 1965), employees are likely to compare their ratio of output to input against their peers to evaluate pay equity. Referents might be other employees at the same organisation, in the same or different positions or at another organisation (Martin and Peterson 1987). Studies (e.g. Heetderks and Martin 1991; Lee and Martin 1991; Martin and Peterson 1987; McFarlin and Frone 1990; Townsend and Partridge 1999) have found that second-tier employees are likely to use first-tier employees as their referent for evaluating pay equity, although there are exceptions to this finding (e.g. Cappelli and Sherer 1988). Lee and Martin (1991) found that lower-tier employees can have both internal and external referents simultaneously. Taken together, the literature suggests that second-tier employees (in this study, individually hired employees) are likely to compare themselves to their first-tier counterparts (MTOs), in terms of the relationship between input (the tasks that they perform) and output (the training, development and promotion opportunities available to them; pay and other benefits), either within the organisation or externally. Such comparisons are likely to increase perceptions of inequity and injustice. Regardless of the figure serving as a pay equity referent, the perception of inequity or injustice among second-tier employees may push them to leave their organisations. Townsend and Partridge (1999) found that in sectors with high rates of worker mobility (external employment opportunities), the negative effect of two-tier structures (permanent or temporary) leads to high rates of turnover among second-tier employees. Obaid’s (2013) findings suggest that Pakistan’s private banking sector has high rates of worker mobility due to the performance-based structures. One may thus expect there to be high rates of turnover among the sector’s second-tier employees. Among other neoclassical theories, such as knowledge-worker mobility theory (Wright et al. 2018) and human capital theory (Schultz 1961), this expectation is consistent with Drucker’s knowledge-worker

Knowledge Risk Management in Two-Tier HRM Structures

55

productivity theory (Drucker 1999), which postulates that if knowledge-workers are treated as a cost rather than an asset, then they will leave and thereby deprive the organisation of its means of production—knowledge.

2.3 The Areas and Types of Knowledge Risk and Management Strategies in Two-Tier HRM Structures Based on these empirical findings and theoretical predictions, this study proposes that two-tiered HRM structures expose organisations to several areas and types of knowledge risk that are mediated by complex interactions (such as employee conflicts and negative effects on employee attitudes). Specifically, these knowledge risks stem from one of two situations, which can be formalised as follows: On-the-job knowledge risk, resulting from interactions between the two employee tiers; Negotiation and turnover knowledge risk, incurred before, during or after an employee chooses to leave his or her current organisation for a better employment opportunity with a competitor within the same sector.

2.3.1 Knowledge Risk Areas Framework Building on the work of Joe et al. (2013) and Sumbal et al. (2018), knowledge risks areas can be organised into the following categories: technical, customer-related, procedural (knowledge of business processes), institutional (knowledge of the organisation’s history), management (administration) and network (knowledge of business relationships) (Obaid 2013). For example, Sumbal et al. (2018) studied the oil and gas sector and found that employee turnover resulted in the loss of technical, network, train wrecks, institutional, management and procedural knowledge. Similarly, Joe et al. (2013) explored knowledge risk resulting from expert retirements in New Zealand’s five small and medium-sized enterprises (SMEs), including the loss of procedural (business processes, systems and value chains), management, institutional (company history), network and technical knowledge. 2.3.2 Customer-Related Knowledge Risk Both anecdotal evidence and Obaid’s (2013) findings suggest that customer-related knowledge is likely to be the most critical risk within two-tiered HRM structures because of the relationships formed between second-tiered employees and customers. Building on market-orientation and modern sales theories, several studies (e.g. Bellenger et al. 2007; Jones et al. 2003; Williams 1998) have found that customers evaluate organisational performance based on interactions with salespersons, who adopt either a functional orientation, focusing on service delivery, or a relational orientation, attention to personal relations and trust. Because of the nature of their job, however, the second-tier employees in Pakistan’s private bank sector are expected to adopt both orientations simultaneously, ensuring that services are

56

M. Shujahat et al.

delivered to the customers’ satisfaction (functional) and developing and exploiting existing personal relations and trust with customers (relational) to attract them. When employees perform those duties well, customers may become more likely to give their loyalty to individually hired employees than the bank itself. Further, in societies such as Pakistan, characterised by collective cultures (Homburg et al. 2011; Saxe and Weitz 1982), the strength of personal ties between customers and employees is likely to moderate those relationships (Tsai and Ghoshal 1998). With high rates of turnover, individually hired employees may ask customers to transfer their business to competing banks when the employee decides to leave. As such, customer-related knowledge is likely the most probable and critical area of knowledge risk in the two-tiered HRM structures of Pakistan’s private banks.

2.3.3 Knowledge Risk Taxonomy There are multiple taxonomies of the types of knowledge risk (e.g. Bratianu 2018; Durst and Zieba 2018). However, this study adapts Durst and Zieba’s (2018) taxonomy because it explicitly deals with knowledge risks related to human resource management. In this framework, organisational knowledge risk takes three forms: human, operational and technological. Considered together, these risks can lead to various types of knowledge risk outcomes for the organisation. Based on the research context of Pakistan’s private banking sector, this study considers the following types of knowledge risk as the most likely to occur across each knowledge risk area: knowledge hiding, hoarding, forgetting, loss, spillover, attrition and leakage, in addition to insufficient skill or competency development (Obaid 2013). 2.3.4 Knowledge Risk Management Strategies To manage knowledge risks per see the human resource in two-tiered HRM structures, organisations can adopt one or more of the following three approaches or tools. First, knowledge maps indicate the knowledge locations where knowledge or information is placed or stored within the organisation; this can be used to identify and manage the strategic human knowledge at risk (Davenport and Prusak 1998). Second, Durst and Wilhelm (2013) developed a scale to measure the knowledge at risk along four dimensions (human, social, structural and relational capital) for SMEs. This scale could be adapted to measure human knowledge risks at different levels, from the individual or group to the entire organisation (Johns 2006). Finally, Durst and Ferenhof (2016) proposed a four-phased approach to knowledge risk management for SMEs, which includes risk identification, qualitative and quantitative analysis, controlling existing and potential risks and proactive risk monitoring and reporting. For example, Obaid (2013) found that Pakistani banks used exit interviews for employees leaving the organisation (p. 161), which suggests that the banks might have been using at least some components of this knowledge risk management strategy.

Knowledge Risk Management in Two-Tier HRM Structures

3

57

Research Method

We used semi-structured interviews as primary data. Given the scant research on two-tiered HRM structures, we found that qualitative interviews were appropriate for examining knowledge risk in this context. Qualitative methods, including interviews, are appropriate for gaining a deeper understanding of phenomena (Berg and Bruce 2001; Gill et al. 2008). Further, semi-structured interviews provide researchers with greater latitude to deviate from pre-written questions, and respondents are able to provide more robust responses than if the interview followed a strict or narrowly defined interview rubric (Berg and Bruce 2001). The target population for data collection was second-tier employees of private banks in the District Attock, Pakistan. Private banks were selected because as Obaid (2013) reported, they adopt a two-tiered HRM structure. The District Attock was chosen because the area receives large volumes of cash remittances from Pakistani migrants working abroad, such as in the Gulf states, the USA, the UK, Europe, Hong Kong and Malaysia, among other places. According to the country’s 6th census conducted by Pakistan Bureau of Statistics, the district’s total population is 1,883,556. According to Pakistan’s Bureau of Emigration and Overseas Employment, 151,590 Pakistani citizens of this district, and particularly its subdistrict, Hazro, proceeded abroad for employment from 1981 to 2017. Although many of the migrants are now expatriates residing in the USA, the UK or Hong Kong, they also send a portion of their income to their families in Pakistan (Rehman 2015). Private banks recruit thus second-tier employees locally from the district for their social, human and cultural capital to attract local customers receiving remittances from abroad. Second-tier bank employees were recruited with personal references from the second and third author in the private banking sector in the District Attock. Studies on knowledge management and HRM in Pakistan (e.g. Hussain et al. 2017; Kianto et al. 2018) have indicated that a mix of snowball and convenience sampling techniques is appropriate for recruiting research participants at Pakistani firms. In collectivist cultures, such as Pakistan, personal relationships make it easier to collect in-depth data collection while maintaining confidentiality on sensitive topics (Lee 1993). To corroborate interviews with second-tier employees, the authors also recruited strategists, such as regional managers, and other first-tier employees to triangulate findings for higher reliability. However, because of information secrecy issues for strategists and potential job security issues for first-tier employees, two potential participants declined to participate. This refusal, however, can be seen as indirect evidence of the problems associated with two-tiered HRM structures in the banking sector. The first three authors decided the content, sequence and style of the interview questions and then discussed the questionnaire with two HRM faculty members at a Pakistani university. The suggestions addressed the instrument (the content, sequence and style of questions, such as double-barrelled or affectively worded questions). Finally, the instrument was pre-tested on two respondents. The feedback

58

M. Shujahat et al.

from this final step further shaped the questions’ vocabulary, style and sequence. The pre-test respondents were more likely to exhibit affective behaviour (heightened verbal and nonverbal emotions). Therefore, affectively worded questions were noted and rewritten accordingly. The instrument was categorised into two parts (Lee 1993). The first part consisted of descriptive demographic questions and addressed whether the employee perceived their organisation to have adopted a two-tiered HRM employee structure, while the second part consisted of more probing questions about the knowledge risks and their management. The second author conducted semi-structured, audio-recorded interviews with six second-tier employees working at six distinct private banks. Field notes were also taken during the interviews. The first two authors separately analysed the interview data and field notes for each research question. They then compared their findings; any contradictions between the authors’ interpretations were solved through dialogue and with recourse to the data. Further ambiguities and conflicts were discussed and cleared with the respondents. This method is consistent with other studies within the knowledge risk management (Durst et al. 2018) and knowledge management (Sumbal et al. 2017) literature. Table 1 shows demographics for the six respondents. Five of the six respondents reported having left their previous jobs before being hired at their current position. All respondents were male. It is therefore noteworthy that Obaid (2013) did not report the effects of gender in the two-tiered HRM structures. Other than respondent E, who had two years’ worth of experience, the respondents had at least six years of experience. The average amount of on-the-job experience was seven years. In the Pakistani private banking sector, a branch is managed by the branch manager. Within the corporate hierarchy, branch managers are middle managers; but within the branch hierarchy, the manager is at the apex. In branch hierarchy, two respondents were branch managers (top management position), three were operations managers (middle management positions) and one was a relationship manager (frontline manager with two years of experience). This hierarchical distribution reflects that the data were triangulated from three levels of the bank branch hierarchy and that the informants were experienced and knowledgeable of the subject matter under study.

4

Results

The results are organised by research question and are summarised in Fig. 1.

4.1 The Consciousness About the Effects of Two-Tiered HRM Structures on Knowledge Risks The interview data suggest first that the banks’ officers are aware of conflicts between the two workforce groups, i.e. the first- and second-tier workers, and

Knowledge Risk Management in Two-Tier HRM Structures

59

Table 1 Demographics of the interviewees/respondents Interviewee

Position

Total experience (years)

Number of turnovers

A B C D E F

Operations manager Operations manager Branch manager Operations manager Relationship manager Branch manager

9 6 10 7 2 8

1 1 2 1 3 None

Fig. 1 Knowledge risk types in different areas

second that second-tier employees (individually hired employees) compare themselves with their first-tier counterparts, both internally (at their own bank) and externally (workers at other organisations), to determine their sense of parity and equity. There are two observations that support these claims. The first is the fact that first-tier employees and managers refused to participate in our research, although this is largely indirect evidence. Second, all of the interviewees explained that the

60

M. Shujahat et al.

HRM department conducts exit interviews to obtain feedback about the factors driving turnover, in addition to offering various compensation and benefits packages for their retention. The interviewees were generally discontent with these practices. As Respondent D explained, Yes! The banks conduct the exit interviews. But that is just a formality! The HRM department announces increases in, and/or the unscheduled bonuses. However, all of these actions are just for the sake of formality.

The interviewees were cognizant of the differential HRM practices and the effect that these discrepancies had on their attitudes towards the job. They suggested, specifically, that differential pay and compensation rates along with uneven promotion or advancement opportunities led to feelings of inequity, injustice and dissatisfaction, rather than recruitment and selection. Respondent E, having left two jobs within the span of his first two years working in the banking sector, described the disadvantage that second-tier employees experienced as a result of differential HRM practices. The differential recruitment and selection do not affect me either. I got the job that I wanted, by any means. However, pay- and promotion-related things affect and sadden me a lot. If I [as a second-tier employee] switch to another bank for a good opportunity, the expected salary increase would be 25% to 30% plus benefits [from sales commission on customers bank accounts]. However, the annual raise in salary as an employee in a bank is usually 5% to 6% only. If I were at my previous jobs, I would not have been promoted to the marketing manager position yet. However, the good thing about this bank [his current job] is that if you perform up-to-the mark here, you have more chances for promotion. Regarding the training, it affects me. This bank provided me 22 days of training when I started here.

4.2 Areas of Knowledge Risks The areas of knowledge risk are incurred both on-the-job and through turnover. The interview data illustrate the importance of the area of customer-related knowledge and social capital, whereby network knowledge (knowledge of the present and potential customers or business relationships) is viewed as part of the customer-related knowledge. When second-tier employees intend to leave their jobs, they first seek better opportunities. Using referrals and individual-hiring means, they make informal deals with management at competing banks branches, whereby workers must demonstrate their potential to bring present and new customer accounts, i.e. knowledge of the customers and networks. Thus, during this transaction, knowledge is leaked and potentially exploited (Fig. 1). If the deal is successful, then not only will the employee leave his previous place of employment for a competitor; he or she will also invite loyal customers to switch their accounts to the new bank. This was the case for Respondent B, an operations manager with eight years of experience. He summarised his recent decision to leave his bank for a competitor and how this led to knowledge risk.

Knowledge Risk Management in Two-Tier HRM Structures

61

Based on eight years of banking experience, I concluded that knowledge risk hits hardest in the banking sector because of the two-tiered HRM structures. For example, when I switched to this bank, during and after the turnover period, I asked my customers with close personal relations to switch their deposits and accounts from my previous bank to this new bank [knowledge loss]. Even during the negotiation with the current bank branch manager, I told him that I can bring so many customers and their large deposits here [Knowledge leakage]. They transferred their accounts to this current bank because these customers started their bank accounts because of my personal relationship, trust and fast service delivery. Over time, I served their transactions [physical bank transactions during operating hours] quickly, on priority basis, even during the busiest periods.

When interviewees were asked about other possible areas of knowledge risk, they maintained that no other knowledge would be useful for competitors. After such comments, the interviewer showed the participants a copy of the taxonomy of knowledge risks described above (cf. Joe et al. 2013; Sumbal et al. 2018). They responded by denying any alternative area of knowledge risk on-the-job and during turnover. Procedural, technical and institutional knowledge was far less critical than customer-related knowledge. Respondent C summarised his perspective as follows. The other areas of knowledge risks that you are showing are irrelevant or indifferent to the banking sector. Because the State Bank of Pakistan – the regulatory authority on the behalf of the Government of Pakistan – has clearly defined the basic procedures, i.e. necessary to perform an activity, such as necessary documents for crediting a consumer’s account. The processes and software to perform business activities are the same, in essence, across all of the banks in Pakistan. Maybe knowledge of administering to customers [knowledge of administration or customer relationships management] during transactions during operating hours or skills of building new customers and entertaining and retaining the present customers [Knowledge of customer relationships management], especially those who were attracted because of my personal relations, could be used at the other bank. However, these customer management knowledge and skills are part of a banker’s job and customer-related knowledge … As I told you earlier, the most important thing is that the banks care about is their sales matters – the number and amount of deposits (customer-related knowledge) an employee may bring!

4.3 Types of Knowledge Risk Without using technical names for the types of knowledge risk, participants reported that knowledge hoarding and knowledge hiding were the most critical knowledge risks on-the-job, while knowledge loss, knowledge leakage and knowledge spillover were the most pressing during and after a turnover (see Fig. 1). The interviewees also suggested that they do not have a problem with knowledge attrition related to task completion. Interestingly, they claimed to hide customer-related knowledge about the potential customers not only from first-tier employees but also from their second-tier peers. Knowledge of potential customers are hoarded and hidden from both employee tiers; this has the potential to impede the individual performance and reflects underlying perceptions of organisational culture regarding knowledge behaviours, especially knowledge sharing. Respondent E summarised his perspective as follows.

62

M. Shujahat et al. Yes, we hide knowledge of potential customers from anyone, except the branch manager, such that new customers accounts are tagged to me in the information system and counted in my performance appraisal. Sometimes, when the MTOs, especially with whom I do not have good personal relations, ask me for help [knowledge sharing], I only offer help to the extent required by my official duties. Regarding the depletion of knowledge, banking is my job. As far as I am doing my job, how can I forget knowledge? If my bank asks me to go for a training, especially on weekends and without any acknowledgement in performance appraisal, I do not put any effort into acquiring knowledge (knowledge acquisition) or skills that are not beneficial or part of my job.

Finally, the respondents suggested that there are certain types of knowledge risk (such as knowledge leakage and knowledge spillover) that manifest during and after a turnover in terms of customer-related knowledge. For example, Respondent C, quoted above, acknowledged that whether and how he shared customer-related knowledge affected his ability to change jobs, implying that a certain level of knowledge leakage is necessary while introducing the possibility for knowledge spillover. After turnovers, the initial bank loses this knowledge such that the knowledge loss occurs.

5

Discussion and Conclusion

Research on two-tiered HRM structures has found that uneven organisational structures create and foster conflict between the two workforce groups. They also negatively impact second-tier employees’ job attitudes, such as perceptions of equity and justice. Building on this conjecture, this study examined how such conflicts and negative attitudes expose organisations to knowledge risk. Building on several theories to conceptualise knowledge risk within two-tiered HRM structures (i.e. equity theory, knowledge-based view of HRM and Drucker’s knowledgeworker productivity theory), we developed our framework of areas of knowledge risk based on the empirical findings of Sumbal et al. (2018) and Joe et al. (2013) and adapted Durst and Zieba’s (2018) knowledge risk taxonomy to conceptualise the types of knowledge risk. Our semi-structured interviews with six second-tier HRM structure informants supported our propositions. The results suggest that because of the two-tiered HRM structure in the Pakistani private banking sector, conflicts between the two worker tiers are indeed prevalent. Furthermore, second-tier employees harbour negative job-related attitudes, such as a sense of inequity, because of the uneven HR practices, in terms of both compensation (salary and other forms of compensation and benefits) and development or advancement opportunities. Consistent with several previous studies (e.g. Heetderks and Martin 1991; Lee and Martin 1991; Martin and Peterson 1987; McFarlin and Frone 1990; Townsend and Partridge 1999), the respondents compared themselves to both first-tier employees—internal referents—and external referents, in turn exposing organisations to several human knowledge risks. However, this study expanded upon previous findings, revealing that second-tier employees were not only concerned with pay equity but also with equitable

Knowledge Risk Management in Two-Tier HRM Structures

63

promotion opportunities and other issues of distributive justice that arise due to uneven HRM practices. In this context, the less emphasis on other HR practices (such as recruitment and training) may stem from the fact that these practices are not a direct source of marginalisation for second-tier employees. As Obaid (2013) argued for the banking sector in Pakistan (i.e. the State Bank), banking employees had to adhere to minimum standard operating procedures; as such, training opportunities, and especially knowledge acquisition related to business processes or procedures, were not likely to be a relevant concern. Nonetheless, after securing a job and developing sufficient experience, second-tier employees begin to compare themselves with both internal and external referents (Obaid 2013). Our findings also reflect the relative importance of distributive justice within organisational justice theory. This is consistent with previous studies (McFarlin and Frone 1990; Obaid 2013), which considered distributive justice as pertaining only to pay. Furthermore, findings on the use of both internal and external referents corroborate previous studies (Lee and Martin 1991; Obaid 2013; Townsend and Partridge 1999), while providing counter-evidence to Cappelli and Sherer’s (1988) results. Finally, our results also suggest that uneven HRM structures can lead to high rates of turnover among second-tier employees, especially if the organisational sector has ample employment opportunities (high rates of mobility). These findings are supported by neoclassical organisational theories, such as human capital theory (Schultz 1961), knowledge-worker theory (Drucker 1999) and resource-based perspectives on HRM (Wright et al. 1994), but run counter to labour market segmentation theory’s conjectures (Cain 1976). This may suggest, more broadly, that differential HR practices and knowledge-workers (labour) market segmentation cannot be supported in the post-industrial knowledge-intensive economy: the means of organisational production—knowledge—are owned by the workers and can thus be lost if treated as a cost rather than a resource. The study’s goal was to theorise the types, areas and management of knowledge risk associated with two-tiered HRM structures. The results suggest that in Pakistan’s private banking sector, the identification and management of knowledge risk generally take place in exit interviews. This complements what Durst and Ferenhof (2016) outline as the first out of four steps to a rational approach to the management of knowledge risk, i.e. knowledge risk identification. While Durst and Ferenhof’s (2016) strategies were explicitly aimed at SMEs, our findings suggest that larger organisations, such as private banks, use a similar strategy. Furthermore, employees perceived the exit interviews as a mere formality, whereby no subsequent actions were taken to analyse and manage concerns and associated knowledge risk. Such policy implementation failures, i.e. knowledge utilisation, are an endemic issue in developing economies, such as Pakistan (Makinde 2005). However, these perspectives must be taken with caution, as strategists who refused to participate in our study may practise the other steps and other strategies, such as knowledge maps (Davenport and Prusak 1998). Overall, the results suggest that organisations obtain valuable data during employee turnover, which may be extremely valuable for future knowledge risk management.

64

M. Shujahat et al.

The results also suggest that two-tiered HRM structures are primarily associated with the area of customer-related knowledge risk—although this issue remains connected to other knowledge domains, including knowledge of management and networks, i.e. business relationships. Customer-related knowledge risk is most critical when second-tier employees leave their jobs for other organisations in pursuit of better workplace opportunities. These results complement and somewhat contrast the findings of Joe et al. (2013) and Sumbal et al. (2018), in which the most pressing risks stemmed from procedural and technical knowledge. This contrast can probably be explained by the context of the present study. For example, procedural knowledge (knowledge of business processes) did not emerge as an important risk factor because, in Pakistan, banks must follow standard operating procedures imposed from above by the regulatory authority—the State Bank of Pakistan—such that the business processes do not differ significantly across the banks (Obaid 2013). In contrast to other research, we found that customers, management and network knowledge risks were subsumed within the more important locus of customer-related knowledge. This result supports our conjecture that customer-related knowledge is the most critical risk in the context of Pakistan’s private banking sector: the collective culture, market reforms and second-tier employees’ job specifications, such as higher levels of intellectual, cultural, and social capital and greater orientation to customers (Obaid 2013), all suggest the importance of customer-related knowledge. During and after employee turnover, Pakistani banks are exposed to several types of knowledge risk. For example, when negotiating for a new position, second-tier employees may leak customer-related knowledge to competing banks’ branch managers, thereby involving the knowledge leakage and knowledge spillover. Employee turnover thus results in not only knowledge loss, but also loss of business. Finally, the results suggest that second-tier employees hide and hoard customer-related knowledge (e.g. new networks or potential customers) from other employees, regardless of the tier that he or she belongs to, on-the-job. These contrasting results suggest that knowledge risks are highly idiosyncratic and context-dependent and that their management calls developing and adapting the context—and discipline-specific strategies and theories. This recommendation echoes similar calls, such as Sergeeva and Andreeva’s (2015) argument for bringing context back into the discipline of knowledge management. There are also far less critical on-the-job types of knowledge risk, such as knowledge attrition and unlearning. Unlearning—intentional rejection of knowledge acquisition and creation —was an issue for second-tier employees when they felt that a training session was not particularly relevant to his or her performance appraisal (Obaid 2013).

5.1 Theoretical Implications, Limitations and Recommendations Our findings have implications for future theory and research. First, concepts developed and practised in the twentieth-century industrial economy context, such

Knowledge Risk Management in Two-Tier HRM Structures

65

as two-tiered wage structures, present opportunities for theory-building; old concepts can be evaluated in the post-industrial knowledge economy of the twenty-first-century and assessed in relation to more recent concepts, such as knowledge risk. Second, the evolution and nature of those twentieth-century industrial era organisational practices should be traced. For example, the current study showed that second-tier knowledge-workers were concerned with both pay and promotion equity, suggesting a larger bundle of uneven HRM practices. Third, as currently practised, two-tiered HRM structures may not only have implications in terms of knowledge risk but may also have negative implications for individual and organisational issues, such as organisational culture and employee performance; this should be explored further. Fourth, two-tiered organisational structures can vary depending on numerous factors, such as the date of recruitment and wage rates. Researchers should thus examine whether different types of two-tiered structures will have different implications for knowledge risk and management. We note that there are limitations to our study. Caution should be taken before generalising from our findings, given that the senior managers and first-tier employees we approached to participate in the study refused our invitation. Similarly, our sample size was low and gender-biased. Future studies should be designed to avoid these pitfalls.

5.2 Managerial Implications Checklist In the light of the study’s findings, we offer a knowledge risk management technique for managers of two-tiered HRM structures if the answer to each of the following three questions is yes. Does your organisation implement a two-tiered HRM structure? Are there conflicts between the two worker tiers and negative attitudes on the part of second-tier employees? Are there high levels of knowledge-worker mobility within your business sector? The following are steps for implementing this knowledge risk management technique. Determine the areas where knowledge is at risk, both on-the-job and during and after employee turnover. Determine the types of knowledge risks that can be incurred in each area identified in step 1. Pursue the appropriate knowledge risk management strategy; this may entail rethinking the two-tier HRM structure because knowledge-workers are crucial to the growth and survival of knowledge-intensive organisations.

66

M. Shujahat et al.

References Adams, J. S. (1963). Towards an understanding of inequity. The Journal of Abnormal and Social Psychology, 67(5), 422–436. https://doi.org/10.1037/h0040968. Adams, J. S. (1965). Inequity in social exchange. In L. Berkowitz (Ed.), Advances in Experimental Social Psychology (Vol. 2, pp. 267–299): Academic Press. Bellenger, D. N., Brashear, T. G., Rigdon, E. E., & Cross, M. E. (2007). Customer orientation and salesperson performance. European Journal of Marketing, 41(7/8), 821–835. https://doi.org/ 10.1108/03090560710752410. Berg, B., & Bruce, M. (2001). Qualitative research methods for the social sciences. Needham Heights, MA: Allyn and Bacon. Bratianu, C. (2018). Hannibal ante portas and the knowledge risk framework. Paper presented at the Proceedings of the 13th International Forum on Knowledge Asset Dynamics, Delft University of Technology, Delft, Netherlands. Cain, G. G. (1976). The challenge of segmented labor market theories to orthodox theory: A survey. Journal of Economic Literature, 14(4), 1215–1257. Cappelli, P., & Sherer, P. D. (1988). Satisfaction, market wages, and labor relations: An airline study. Industrial Relations: A Journal of Economy and Society, 27(1), 56–73. https://doi.org/ 10.1111/j.1468-232X.1988.tb01046.x. Davenport, T. H., & Prusak, L. (1998). Working knowledge: How organizations manage what they know. Boston, Massachusetts: Harvard Business Press. Dickinson, J. (2006). Employees’ preferences for the bases of pay differentials. Employee Relations, 28(2), 164–183. https://doi.org/10.1108/01425450610639383. Drucker, P. F. (1999). Knowledge-worker productivity: The biggest challenge. California Management Review, 41(2), 79–94. https://doi.org/10.2307/41165987. Durst, S., & Ferenhof, H. A. (2016). Knowledge risk management in turbulent times. In K. North & G. Varvakis (Eds.), Competitive strategies for small and medium enterprises: Increasing crisis resilience, agility and innovation in turbulent times (pp. 195–209). Cham: Springer International Publishing. Durst, S., Lindvall, B., & Bruns, G. (2018). Knowledge risk management in the public sector: Insights into a Swedish municipality. Journal of Knowledge Management. https://doi.org/10. 1108/JKM-12-2017-0558. Durst, S., & Wilhelm, S. (2013). Do you know your knowledge at risk? Measuring Business Excellence, 17(3), 28–39. https://doi.org/10.1108/MBE-08-2012-0042. Durst, S., & Zieba, M. (2018). Mapping knowledge risks: Towards a better understanding of knowledge management. Knowledge Management Research & Practice, 1–13. https://doi.org/ 10.1080/14778238.2018.1538603. Gill, P., Stewart, K., Treasure, E., & Chadwick, B. (2008). Methods of data collection in qualitative research: Interviews and focus groups. Bdj, 204, 291. https://doi.org/10.1038/bdj. 2008.192. Grant, R. M. (1996). Toward a knowledge-based theory of the firm. Strategic Management Journal, 17(S2), 109–122. https://doi.org/10.1002/smj.4250171110. Greenberg, J. (1987). A taxonomy of organizational justice theories. Academy of Management Review, 12(1), 9–22. https://doi.org/10.5465/amr.1987.4306437. Harris, R. (1983). More concerns set two-tier pacts with unions, penalizing new hires. Wall Street Journal, 202, 33. December 15. Heetderks, T. D., & Martin, J. E. (1991). Employee perceptions of the effects of a two-tier wage structure. Journal of Labor Research, 12(3), 279–295. https://doi.org/10.1007/BF02685464. Homburg, C., Müller, M., & Klarmann, M. (2011). When do salespeople’s customer orientation lead to customer loyalty? The differential effects of relational and functional customer orientation. Journal of the Academy of Marketing Science, 39(6), 795–812. https://doi.org/10. 1007/s11747-010-0220-7.

Knowledge Risk Management in Two-Tier HRM Structures

67

Hussain, S., Shujahat, M., Malik, M. I., Iqbal, S., & Mir, F. N. (2017). Contradictory results on the mediating roles of two dimensions of trust between transformational leadership and employee outcomes. Journal of Organizational Effectiveness: People and Performance, 5(1), 39–63. https://doi.org/10.1108/JOEPP-11-2016-0063. Joe, C., Patel, K., & Yoong, P. (2013). Knowledge loss when older experts leave knowledge-intensive organisations. Journal of Knowledge Management, 17(6), 913–927. https://doi.org/10.1108/JKM-04-2013-0137. Johns, G. (2006). The essential impact of context on organizational behavior. Academy of Management Review, 31(2), 386–408. https://doi.org/10.5465/amr.2006.20208687. Jones, E., Busch, P., & Dacin, P. (2003). Firm market orientation and salesperson customer orientation: Interpersonal and intrapersonal influences on customer service and retention in business-to-business buyer–seller relationships. Journal of Business Research, 56(4), 323–340. https://doi.org/10.1016/S0148-2963(02)00444-7. Kianto, A., Shujahat, M., Hussain, S., Nawaz, F., & Ali, M. (2018). The impact of knowledge management on knowledge worker productivity. Baltic Journal of Management. https://doi. org/10.1108/BJM-12-2017-0404. Laroche, M., Lauzon Duguay, F., & Jalette, P. (2018). When collective bargaining leads to inequality: Determinants of two-tier provisions in Canadian collective agreements. ILR Review, 0019793918813363. https://doi.org/10.1177/0019793918813363. Lee, R. M. (1993). Doing research on sensitive topics. Thousand Oaks, CA, US: Sage Publications Inc. Lee, R. T., & Martin, J. E. (1991). Internal and external referents as predictors of pay satisfaction among employees in a two-tier wage setting. Journal of Occupational Psychology, 64(1), 57– 66. https://doi.org/10.1111/j.2044-8325.1991.tb00541.x. Makinde, T. (2005). Problems of policy implementation in developing nations: The Nigerian experience. Journal of Social Sciences, 11(1), 63–69. https://doi.org/10.1080/09718923.2005. 11892495. Martin, J. E., & Peterson, M. M. (1987). Two-tier wage structures: Implications for equity theory. Academy of Management Journal, 30(2), 297–315. https://doi.org/10.5465/256275. Massingham, P. (2010). Knowledge risk management: A framework. Journal of Knowledge Management, 14(3), 464–485. https://doi.org/10.1108/13673271011050166. McFarlin, D. B., & Frone, M. R. (1990). A two-tier wage structure in a nonunion firm. Industrial Relations: A Journal of Economy and Society, 29(1), 145–154. https://doi.org/10.1111/j.1468232X.1990.tb00748.x. Neil, M. M. (2013). Two-tier workplace compensation: Issues and remedies. Canadian Labour & Employment Law Journal, 17(1), 181–224. O’Brady, S. (2018). Rethinking precariousness and its evolution: A four-country study of work in food retail. European Journal of Industrial Relations, 0959680118814339. https://doi.org/10. 1177/0959680118814339. Obaid, A. (2013). Changes in the pay structures and systems in the banking sector of Pakistan: Implications for a differentiated workforce and the employee psychological contract. Manchester: University of Manchester. Rehman, A. (2015). Empirical essays on migration and remittances in Pakistan. UK: University of East Anglia. Rousseau, D. M. (1989). Psychological and implied contracts in organizations. Employee Responsibilities and Rights Journal, 2(2), 121–139. https://doi.org/10.1007/BF01384942. Saxe, R., & Weitz, B. A. (1982). The SOCO scale: A measure of the customer orientation of salespeople. Journal of Marketing Research, 19(3), 343–351. https://doi.org/10.2307/3151568. Schultz, T. W. (1961). Investment in human capital. The American Economic Review, 51(1), 1–17. Sergeeva, A., & Andreeva, T. (2015). Knowledge sharing research: Bringing context back in. Journal of Management Inquiry, 25(3), 240–261. https://doi.org/10.1177/1056492615618271.

68

M. Shujahat et al.

Sumbal, M. S., Tsui, E., Cheong, R., & See-to, E. W. K. (2018). Critical areas of knowledge loss when employees leave in the oil and gas industry. Journal of Knowledge Management, 22(7), 1573–1590. https://doi.org/10.1108/JKM-08-2017-0373. Sumbal, M. S., Tsui, E., & See-to, E. W. K. (2017). Interrelationship between big data and knowledge management: An exploratory study in the oil and gas sector. Journal of Knowledge Management, 21(1), 180–196. https://doi.org/10.1108/JKM-07-2016-0262. Townsend, A. M., & Partridge, D. M. (1999). Revisiting multi-tier wage structures: Equity, employment mobility, and tier effects. Journal of Labor Research, 20(4), 605–619. https://doi. org/10.1007/s12122-999-0024-z. Tsai, W., & Ghoshal, S. (1998). Social capital and value creation: The role of intrafirm networks. Academy of Management Journal, 41(4), 464–476. https://doi.org/10.5465/257085. Williams, M. R. (1998). The influence of salespersons’ customer orientation on buyer-seller relationship development. Journal of Business & Industrial Marketing, 13(3), 271–287. https:// doi.org/10.1108/08858629810222298. Wright, M., Tartari, V., Huang, K. G., Di Lorenzo, F., & Bercovitz, J. (2018). Knowledge worker mobility in context: Pushing the boundaries of theory and methods. Journal of Management Studies, 55(1), 1–26. https://doi.org/10.1111/joms.12316. Wright, P. M., McMahan, G. C., & McWilliams, A. (1994). Human resources and sustained competitive advantage: A resource-based perspective. The International Journal of Human Resource Management, 5(2), 301–326. https://doi.org/10.1080/09585199400000020.

Practical Aspects of Knowledge Risk Management in Corporate Finance for Family Firms Mark Hill

Abstract

Family firms show in many aspects a different profile compared to (listed) corporates, primarily (a) because of their complex decision-making process that involves owner-managers who might have to consider non-rational decision factors and (b) the lean operational teams for the execution. These differences become of particular interest when looking at corporate finance activities of family firms, where confidentiality and execution speed, as well as the availability of specific and critical knowledge, is key. Therefore, knowledge risk management in family firms requires peculiar management attention and must be carefully considered when setting up the finance function of the company. The chapter discusses the broad variety of relevant knowledge risk factors and presents practical examples of critical situations in corporate finance. It proposes a framework that is intended to help decision-makers in developing an integrated view on knowledge risk management in corporate finance. Keywords




Corporate finance Financing decisions (knowledge) risk management matrix


Financing process
Family firm


M. Hill (&) KPMG AG Wirtschaftsprüfungsgesellschaft, The Squaire Am Flughafen, 60549 Frankfurt am Main, Germany e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_5

69

70

1

M. Hill

Introduction

Family-owned businesses are representing the dominant ownership structure in many economies, for example, in the European Union (Berent-Braun and Uhlaner 2012). They do not comprise small- and medium-sized enterprises (“SMEs”) solely, but also midcap companies with significantly larger scale (Reinemann 2011). Research by Craig and Moores (2010) showed that decision-making processes are of particular interest in family firms because they may be not based predominantly on economic factors. The decision-making is more complex and influenced by family, social and emotional factors. The acceptance of risk is part of the entrepreneurial activity (Henschel and Heinze 2018) and therefore closely connected to decision-making. With regard to the types of risk, it seems that firms focus on financial risks, and thus quantitative approaches to risk management, given the greater experience in dealing with such risks (Louisot 2004). Nevertheless, managers have to consider non-financial risks and their management, leading to a broader and holistic perspective on risk types and structure in firm’s operations (Henschel and Durst 2016). Recent research by Zieba and Durst (2018) shows an increasing interest in the study of non-financial risks related to knowledge to add to the holistic view on risk-bearing capacity. Furthermore, managers in family firms (particularly in SMEs) tend to consider critical factors such as risk management in their mind, while responsible employees within the functions are not involved (Henschel 2010). In combination with their often resource-constrained businesses (Hauser et al. 2019), this becomes even more crucial in situations, where risk management is assessed through third parties. Such an assessment is performed by banks or other financing partners in a corporate finance process, emphasizing the need for a holistic risk management system (Henschel and Durst 2016). Financing decisions are representing one of the most critical decision-making processes within an organization as they significantly change the risk position of a firm. Therefore, this chapter will present various aspects of knowledge risk in corporate finance with a particular focus on family firms. Following a principal introduction on typical aspects of financing processes in family firms, the chapter will emphasize on critical knowledge risk factors in a financing situation. Each critical risk factor will be described by using practical cases and examples as well as potential protection mechanisms. The chapter will then introduce a framework that has been developed from practical investigations to address and mitigate these typical knowledge risk factors throughout the financing process.

2

Financing Processes in Family Firms

The following section introduces the term family firm and summarizes relevant factors of the finance function that have been observed in practical situations. The section then presents aspects of a financing process and shows the constraints of

Practical Aspects of Knowledge Risk Management in Corporate …

71

family firms. These aspects form the basis for the upcoming discussion in the next\ section regarding critical knowledge risk factors in financing decisions.

2.1 The Definition of a Family Firm As already discussed in the introduction, the term family firm is not synonymous with small- and medium-sized enterprises (“SMEs”). SMEs are defined on a European level as companies with a staff headcount of below 250 persons employed and either an annual turnover not exceeding € 50 million or its total annual balance sheet does not exceed € 43 million (EU Commission 2003, 2005). However, many firms that are family-owned exceed these quantitative thresholds significantly. Therefore, quantitative and qualitative criteria have been developed for that cluster of family firms that provide a more suitable classification: the midcap companies. Looking at the quantitative criteria, the German Kreditanstalt für Wiederaufbau (“KfW”), the promotional bank of the Federal Republic of Germany, defines in its subsidy and state-backed lending programs companies to be qualified as medium-sized if their annual sales are not exceeding € 500 million (KfW Bankengruppe 2018). The qualitative criteria to categorize family firms are primarily focussing on the “unity of capital and management” (Reinemann 2011, p. 5). According to Naldi et al. (2007), a company can be classified as family-owned, if (a) one family group owns a significant majority of the company’s common stock, and (b) members of the family are also members of the top management team.

2.2 The Finance Function Within the Family Firm The finance function within a family firm is typically kept very lean as owner-managers are more focusing on other core functions, such as marketing, production or research and innovation (Lutz and Schraml 2011). Therefore, the first manager position that is handed over to an external manager is in most cases the position of the Chief Financial Officer (“CFO”), as the owner-family can no longer provide the skillset that is necessary for the CFO position (Hiebl 2013, 2014). As a result, the finance department of many family firms shows a fragile staffing structure and often works with a non-consistent set of tools and software (Welsh and Zellweger 2010). In larger and more international family firms, financing is in numerous cases not centralized at a holding level or at the dominant operating company but has grown historically (Börner et al. 2010; Mateev et al. 2012). Every group company arranges own external financing, when it is required, e.g., for setting up new production facilities. In the end, family firms show many different layers of external financing, which lies within subsidiaries in different jurisdictions, comprising different terms and conditions and have been negotiated with a broad variety of banks and other

72

M. Hill

financing partners (Beck and Demirguc-Kunt 2006). In many such cases, there is no database or storage system that centralizes all these different financing agreements. The corporate finance department has to approach the local teams every time to ask for the required information.

2.3 The Financing Process in Family Firms Even in centralized corporate finance teams, frequent practical examples show a lack of a financing strategy and of executing financing processes on a regular basis and a lack of having knowledge about all possible external financing markets to form an educated decision (Börner et al. 2010; Lichtblau and Utzig 2002). In particular in economies with an underdeveloped stock market and a strong relationship lending with core banks (Ampenberger et al. 2013; Burgstaller and Wagner 2015), family firms are missing to generate respective knowledge regarding potentially suitable financing structures or instruments and to set up alternative financings. The second aspect that could lead to knowledge risk in family firms is the infrequent execution of financing processes. As many financing agreements provide tenors of three to five years (Hernandez-Canovas and Koeter-Kant 2011), corporate finance teams do not have to perform refinancings on a frequent basis. They are more reacting to specific events such as the management’s decision to set up a new production site or once the maturity of the existing financings requires to run a refinancing process. The lack of performing financing processes on a regular basis, the dominance of some groups of financing partners (e.g., banks) in numerous economies and the particular design of finance departments in family firms show that knowledge risk can occur in many situations and require specific handling. The next section will highlight some of these knowledge risk factors based on practical examples and present potential protection actions.

3

Critical Knowledge Risk Factors and Their Practical Impact in a Financing Process

Knowledge risks define any risk that is associated with the creation, application and retention of organizational knowledge (Durst et al. 2016). As outlined in Chap. 1, Durst and Zieba (2017) present in their research categories to classify individual knowledge risks. In their proposed typology, internal knowledge risks are grouping situations or factors that derive from the inside of an organization, whereas external knowledge risks present factors that are related to “the external environment and the company’s interactions” (Durst and Zieba 2017, p. 58). Furthermore, the proposed taxonomy introduces a third category of knowledge risk factors that could be based on external as well as on internal situations, the intersectional knowledge risks.

Practical Aspects of Knowledge Risk Management in Corporate …

73

3.1 Internal Knowledge Risks The internal knowledge risks form the largest and most diversified category.

3.1.1 Knowledge Attrition Knowledge attrition describes situations, where existing knowledge becomes either obsolete, e.g., by changes in best practice approaches or corrupted by inappropriate use of the knowledge. Knowledge attrition is probably one of the most common risk factors within the corporate finance of family firms. Typically, these firms are executing external financing processes every three to five years (Hernandez-Canovas and Koeter-Kant 2011), such as refinancing existing syndicated loans, issuing of new bonds or debt certificates. However, debt markets have undergone significant changes in recent years, driven by aggressive funding supply and by the development of alternative lenders, such as debt funds (Kraus et al. 2014; Meier and Esmatyar 2015). Therefore, company management and employees might not be able to overlook all these developments and might base their new financing decision upon outdated knowledge regarding financing instruments that suit their needs best. An example would be the Unitranche financing, which was introduced by debt funds and has become quite popular in acquisition financing processes lately (Josenhans and Danzmann 2017). Another example of knowledge attrition in company financing is the involvement of financial covenants. Only a few years ago, a typical syndicated loan financing contract would involve three financial covenants. The aggressive debt markets have led to a situation, where investment-grade financing has no or only one financial covenant involved. But this development was not directly available, it had to be negotiated on an individual firm’s basis. A family firm has several instruments to mitigate knowledge attrition risks (Culasso et al. 2018). Regular training is offered by external professionals, banks, accounting firms or specialized lawyers. Even though these trainings are in some cases intended to serve as a marketing and sales platform for those firms. They can provide knowledge transfer, and the team members have the chance to create their own network of experts to discuss the newest developments in financing. A second mitigant would be to ensure regular usage of the knowledge by secondments or by the delegation of corporate finance employees to support local financing processes. Both protection mechanisms will be described in more detail in Sect. 4.1. 3.1.2 Knowledge Waste The risk of not making use of the full knowledge capacity that is available in a family firm is also quite common. Reorganization of team structures and responsibilities might lead to a situation, where employees that could contribute profound financing knowledge to a financing process are not involved. For example, the former head of treasury was promoted to CFO of an important subsidiary of the family firm. During the next financing process, her know-how was not available to

74

M. Hill

the team so that the new negotiating team was not aware of the last round’s negotiation details. A second example would be that the firm hires an external, who has worked in a structured finance department of a bank or in the debt advisory of a consulting firm. He still has access to his broad network of former bankers and financing experts. However, as he joined the firm as regional CFO for Latin America, he is neither involved in the development of the new group-wide financing strategy of the organization nor in the later execution of a financing process because the treasury team just did not know that he had such resources and know-how available. Several protection mechanisms could be suitable from a corporate finance perspective. The first element would be the setup of an employee suggestion scheme as outlined in Sect. 3.1.4. The second mechanism would be to develop skillset profiles for every employee to get a full picture of the knowledge capacity in the firm. Therefore, the skillset profile as it is mentioned in this section varies from the proposed skillset profile in Sect. 4.2.1 where the term is used to discuss job descriptions as a mitigant.

3.1.3 Knowledge Hoarding and Knowledge Hiding Knowledge hoarding and hiding are both situations of withholding knowledge. Knowledge hiding is an active and intended attempt to not reveal available knowledge when it has been asked for, knowledge hoarding describes the risk of knowledge being accumulated that might or might not be shared at a later stage and which has not been asked for. Even though there are typically very small teams and there is a personal interaction between relevant functions such as treasury, controlling and accounting, family firms are particularly endangered by knowledge hoarding and hiding as knowledge is often concentrated in single persons given their lean team structures. Various aspects might help to mitigate these risk factors. Set up interdisciplinary teams for financing processes, e.g., controlling to have a detailed view on the corporate performance and planning, accounting for precise definitions of relevant financial covenants that properly reflect the individual firm’s situation and—of course—treasury for the market approach, overall process management and the negotiation of the financing instrument. Develop a technical environment where available knowledge is achieved and accessible for all relevant employees. This might be a critical mitigation factor as in some cases, strictly confidential information might be included. Therefore, the management must implement safeguards, e.g., via separate confidentiality levels. Introduce an employee suggestion scheme to create incentives for employees who use their (hidden) knowledge to improve existing processes and benefit from the introduction of their suggestion into the financing process. 3.1.4 Unlearning and Forgetting Whereas unlearning is described by Durst and Zieba (2017) as the intentional loss of old knowledge to make room for new which is a necessity for change or renewal, forgetting is considered more critical for family firms. Forgetting can occur

Practical Aspects of Knowledge Risk Management in Corporate …

75

accidentally because the knowledge is used infrequently, or deliberately as the knowledge that was obtained by a small group is not transferred to the wider organization due to a lack of institutionalization. In a financing process, forgetting could become relevant in those family firms, where financing processes are not centralized, but several group entities are allowed to negotiate and sign individual financing agreements rather than having a group-wide financing structure. A second risk comes with the frequency of executing financing processes. As firms typically execute financing processes not every year, the knowledge about critical aspects of the last financings could become forgotten. Again, one protection mechanism could be the development of a technical environment to achieve knowledge, as already described in Sect. 3.1.3. A second aspect would be to establish governance structures, that even in decentralized organizations, at least one individual from the holding finance function must be involved in every decentralized financing process. This expert can share his knowledge regarding other financing processes with the local team, present best practice examples and also limitations that are relevant for every group subsidiary.

3.1.5 Knowledge Gaps This knowledge risk is crucial as it is difficult to protect against a risk that the organization might not be aware of at all. For example, the finance department of a family firm is very familiar with raising and executing funding via bank loans. Based on a growth strategy, the top management now intends to access further financing markets, such as the corporate bond market. The corporate finance team signals to the top management that it is capable of executing a bond process based on its existing knowledge but has not executed a single transaction so far. In the end, the company was not able to place the intended corporate bond because the corporate finance team underestimated the complexity of the bond process, how to handle institutional investors in contrast to corporate banks and the specific requirements of a bond process. In the end, the bond process had to be pulled, significant internal and external cost occurred. To mitigate knowledge gaps, someone needs to put the firm in front of a mirror to show inefficiencies and the relevant gaps. Therefore, the involvement of external experts might be considered, such as advisors, investment banks and lawyers. As family firms are particularly cautious regarding cost (Hauser et al. 2019; March and Shapira 1987), another idea would be regular training or to allow the corporate finance employees to attend relevant conferences. Even though they will not get the required level of knowledge on such occasions, they generate an understanding of the potential knowledge gap and can identify more precisely and focused, where external advice is needed.

76

M. Hill

3.2 External Knowledge Risks In contrast to the presented internal knowledge risk factors, external knowledge risk factors in corporate finance require a different set of tools and are in some types harder to protect against.

3.2.1 Knowledge Leakage Leakage of knowledge is probably the most critical risk factor besides knowledge loss. Knowledge leakage in a corporate finance context could be, for example, the accidental sharing of confidential company data during a financing or M&A process. An example would be the provision of an overview of the company’s top customers by revenue share and profitability to financiers who are currently considering to invest in a new financing instrument. These overviews are regularly requested and provided solely on an anonymous basis. However, the employee accidentally distributed the version with clear names. And to escalate the situation, the financing division of the company’s largest client participated in the financing process (e.g., the bank division of General Electric or Siemens). So in the end, one of the firm’s top clients now exactly knows the internal profitability levels from products and services provided to him and whether it can be considered as attractive pricing compared to competitors. In an extreme situation, this could severely endanger the overall client relationship. To avoid knowledge leakage, the formulation of clear communication and responsibility guidelines in the governance setup can be a helpful instrument. Critical information must be reviewed by a second person (“four-eye principle”) prior to its release to external addressees. 3.2.2 Knowledge Spillover The spillover of critical financing know-how to competitors might not be seen as critical at first sight. But assume a situation, where the head of treasury of family firm A joins a competitor right after she has successfully negotiated a financing contract with a bank consortium. Within her new role, she knows every detail of the existing financing, e.g., that the contract includes a covenant that limits potential acquisitions to a certain amount. Shortly afterward, family firm A is competing with their former head of the treasury’s new employer regarding a strategic acquisition. Now she can deliver critical knowledge to the M&A team by knowing that family firm A is not capable to provide a firm offer to the seller in the required timeframe as they need to ask their bank consortium to amend the acquisition covenant first. Typically, patenting is described as a useful protection strategy. However, this is obviously not useful in corporate finance, except for the development of finance algorithms. But family firm A could have included non-competition clauses in the employment contract and/or non-disclosure agreements. Nevertheless, these are rather weak protection mechanisms.

Practical Aspects of Knowledge Risk Management in Corporate …

77

3.3 Intersectional Knowledge Risks 3.3.1 Knowledge Outsourcing Risks Cost-sensitiveness might be one reason for a family firm to transfer its corporate finance activities to an external servicer. This strategic decision is observable in family firms, where the frequency of executing financing transactions is relatively low (Hernandez-Canovas and Koeter-Kant 2011). A second reason for outsourcing corporate finance activities can be practically seen in firms, where a minority external shareholder acts in addition to the family shareholders and requires such a transfer to an external contractor to ensure certain professionalism. It must not be misunderstood with the involvement of external advisors to support specific transactions. Outsourcing leads to the depletion of the knowledge and permanent transfer to an external party, whereas the advisor’s role is limited to a certain time period. Unfortunately, knowledge outsourcing risk is hard to protect against as the outsourcing of the activity might result in dependency from the servicer. The family firm loses the required skillsets and capacities. If the management later decides to insource the corporate finance function, the required knowledge must be hired externally which is time- and cost-intensive. 3.3.2 Knowledge Loss Knowledge loss is probably the most critical knowledge risk factor. It can occur unexpected due to employee turnover, accident or a loss of a database, but also expected due to employee retirement. In corporate finance, this risk factor could become valid in a situation, where key employees leave the firm during a critical phase of a refinancing process or prior to planned bond issuance. As knowledge is concentrated in one or two employees, this could endanger or at least delay complete transactions. A second example describes the loss of a database. During the preparation phase of a potential family firm IPO, the owner-manager requested that confidential data and documents had to be stored on an external USB hard disk and not on a centralized server system. The owner-manager was suspicious that the server administrators could read the information and this could result in a knowledge leak. So the internal project team had to share this external hard drive whenever one person wanted to work with the data, and unfortunately, it was dropped by an employee. And this example does not come from ancient times of IT, but from the year 2017. The good aspect of knowledge loss is that there are a variety of protection mechanisms that can cover at least some aspects (Massingham 2010). Probably, the easiest one is to ensure that four-eye principle and deputy structures are installed in the organization. So at least two employees have the same knowledge regarding a specific financing process or financing agreement. The second mitigant is to ensure comprehensive documentation is available that could be understood by a third party. In a financing process, this would mean that important correspondence and each relevant document is filed by using an understandable storage system (e.g.,

78

M. Hill

chronological or by defined subsections). A third protection mechanism would be to have an appropriate technical setup. Again, family firms tend to be of particular cost-sensitiveness. Nevertheless, critical knowledge must be stored in redundant systems and not on a single external hard drive. The last protection mechanism is probably the most expensive one and tries to cover the knowledge risk caused by employee turnover. But in particular, in family firms, where employee stock programs are not favored or possible, other forms of long-term employee retention programs need to be considered. The broad variety of risk factors presented in this section is difficult to anticipate and manage adequately, but the described protection mechanisms show that some factors can cover several knowledge risks and allow for further categorization.

4

Knowledge Risk Mitigation Management for Financing Processes

Following the presentation of individual knowledge risks in financing processes and potential mitigants for each individual risk, this chapter introduces a conceptional framework that is designed to help the management team to implement a setup of measures, instruments and routines to respond to these risk factors.

4.1 The Concept By looking at the individual risk factors, it became obvious that some mitigation factors could help to moderate more than just one risk aspect. Therefore, several categories have been established that allow to group the individual protection factors and to show where to tackle the relevant mitigant. These four categories are: People, Management, Governance, and Infrastructure. Each category and the individual relevant aspects to protect against knowledge risk will be presented in the next section. Nevertheless, this framework should be seen as a basic concept that needs to be adjusted, reshaped and expanded to meet individual requirements.

Practical Aspects of Knowledge Risk Management in Corporate …

79

4.2 The Framework 4.2.1 People Employees are by far the most important factor in trying to avoid knowledge risk. Three aspects could be identified by looking at the several protection mechanisms in corporate finance. Skillset profiles and job descriptions present the probably most basic mechanism as it formalizes requirements for a specific job in the corporate finance department in one guideline or handbook. In case a new employee needs to be hired, the skillset profile helps to clearly identify the candidate suited best for the position from a professional perspective. In some cases, family firms have shown to be particularly susceptible to not focusing on the adequate professional skillset, but more on social aspects. An exemplary situation is a decision to hire a candidate because other family members are working for the firm already or that an employee who had served the firm for decades is not able to cope with the increasing complexity of international financial markets. Regular training and secondments are continuous instruments to broaden employee knowledge and keep it up to date (Yang et al. 2018). Even though these mechanisms seem costly at first sight (which is an enabling issue for the management that will be discussed in the next section), they cover several risk mitigation aspects (Agarwal and Kallapur 2018; Hiebl et al. 2019). Regular training in specific training slots and individualized training courses allows the finance team to have space where they can refresh and expand their knowledge in an environment free from daily tasks interfering with the training results. Secondments can be structured as internal secondments to send members of the corporate finance team to other relevant functions, such as other treasury areas, controlling or finance. But also secondments to major subsidiaries are extremely helpful to create a firm-wide network for the individual employee. A second type would be an external secondment of an employee to an advisor, lawyer or investment bank. Even though it could be argued that this might influence later decisions by the employee (e.g., by preferring this investment bank in granting attractive corporate finance mandates to them), the effect of giving employees this out-of-the-box experience on their knowledge base should not be underestimated. Retention programs as an instrument to cope with knowledge loss and knowledge leakage form the third mitigant in the people section. Despite the fact that the identification of employees with a family firm is higher compared to large-cap companies (Busenitz and Barney 1997), economic components in form of retention programs become more and more important in a working environment, where human capital is a limited resource. 4.2.2 Management Management of the finance team must be ensurers and enablers. Right-sizing of the corporate finance team is the basic duty for them to ensure proper execution of the corporate finance tasks and to ensure smooth and professional financing processes (Hiebl and Mayrleitner 2017). This covers several protection mechanisms. The first

80

M. Hill

protection mechanism is that only in an appropriate team setup with sufficient staff, every process or task is understood by at least two employees. So in case that one employee had to call in sick or—even worse—quits the firm, a second employee can cover the relevant tasks and avoid delays or risk. The second protection mechanism is an advancement of the first and requires that a clear team structure with deputies for every position is established. The team structure should be communicated to all relevant internal and external addressees. In the case of an employee accident, the external party knows the employee who acts as deputy and accesses him directly. So delays in critical process elements can be avoided. Owner-managers sometimes focus more on production, marketing and other critical success factors of their firm, rather than to have a top priority for the finance function. So the task for the management is to constantly highlight the importance of the financing function to the top level of the firm. Just a recent example: A highly profitable family firm with strong and famous brands prepared to enter into a new market segment. Marketing and production were preparing the launch, but the required financing for the significant increase in working capital due to the pre-produced products was not discussed in detail with the financing department. Four weeks prior to the anticipated launch, the increased inventories led to a liquidity crisis because available revolving credit facilities were not sufficient to pay all invoices. So the market launch had to be scaled down just because the finance department was not informed properly and had the chance to arrange some kind of bridge financing or an alternative solution. Ensure regular usage of knowledge and avoid underutilization to protect against the risks of knowledge attrition and knowledge waste is the third relevant aspect. The management’s role is to secure that training and secondments take place on a regular basis and are attended by the team as discussed in Sect. 4.2.1. The second duty for the management is to re-assess the responsibilities within the finance team and on specific project tasks on a regular basis to make sure that employees with a congruent skillset are execution the process. Enable reinvention is the last but very critical management aspect, as reinvention can protect against knowledge waste and can prevent knowledge hiding as new knowledge is acquired by the whole team or a project group. A good example of a reinvention process is that prior to every corporate finance transaction, the finance team assesses the existing financing strategy and current financing structure. The team critically discusses identified weaknesses or improvement areas, e.g., the inclusion of new and alternative financing instruments or of additional financing partners, and formulates improvement measures.

4.2.3 Governance The governance category is institutionalizing some of the aspects previously mentioned. But these aspects are so important that the need to be explicitly concerned.

Practical Aspects of Knowledge Risk Management in Corporate …

81

The four-eye principle is the easiest aspect to mitigate knowledge risk (Hiebl 2015). Even though this governance policy should be implemented in every critical process or function across the organization, e.g., to avoid corruption, many cases show that the practice is different. It is of particular importance in lean organizations, where there are difficulties to identify an appropriate employee or manager for the second authorization or signature. The four-eye principle ensures that necessary knowledge regarding every critical process step and its content is covered by two members of the finance team at least. Furthermore, it forms the structural basis for the protection aspects of right-sizing of the team as, outlined in Sect. 4.2.2, and the implementation of deputy structures, the following aspect. Deputy structures are a further risk protection element. They avoid process delays or risks connected with illness, employee accidents or just holiday absence. Deputy structures are again difficult to establish and to maintain in lean organizations and require particular management attention. Furthermore, management needs to develop adequate secrecy and authority levels so that there is no frictions as the deputy might have not the same access to confidential information. This also interlinks with the third relevant aspect of deputy structures, authorization. Authorization is nevertheless not looking at hierarchy in this particular case but on qualification. The organization must ensure that critical actions can only be executed by employees that are qualified to judge the decision. Communication policies might be seen too rigid when not looking at listed companies, but they are even more critical for family firms. Family firms are extremely sensitive in communicating sensitive or confidential information to external partners, in particular to financiers (Minichilli et al. 2016). So the communication policy should include general guidelines on how and when there will be reporting to the financing partners, such as regular financial information, annual bank meetings or capital market days. In addition, there should be specific guidelines for external financing processes setting out key processual elements (request for proposal, term sheet format, negotiation phases) and documentation.

4.2.4 Infrastructure Digitalization is on everybody’s mind but not necessarily the most important aspect by thinking about the right infrastructure for mitigating knowledge risk. Nevertheless, the usage of sharepoints and filing systems is key in avoiding knowledge hoarding, knowledge hiding and forgetting (Brustbauer and Peters 2013). It is crucial to ensure that these filing systems are not deteriorating to a data graveyard but being a vital memory system to achieve prior financing processes, keep important information in a single source that allows to collect and update relevant knowledge (Calvo-Mora et al. 2016). The second mitigant in the infrastructure section is the availability of relevant external databases. Again, this is a rather costly element, but when the financing of a family firm reaches a certain complexity in instruments used or financing markets

82

M. Hill

approached, critical data, such as development of interest rates, relevant sector multiples and available competitor data are basic information in providing professional corporate finance (Meier and Esmatyar 2015; Tappeiner et al. 2012). Investment banks and advisors offer these data in their presentations to the family firm. Nevertheless, an own and independent view on relevant datapoints is crucial for corporate finance to base uninfluenced and objective decisions upon (Adam et al. 2014).

5

Framework Overview

Following the discussion of the various risk mitigation categories and the respective protection mechanisms, the graphical overview below tries to summarize the most important aspects and may serve as a sample for developing an individual, firm-specific corporate finance knowledge risk mitigation matrix (Fig. 1).

1

2

People

Management

Develop skillset profiles

Right-sizing of the finance team

■ A skillset profile is developed for each position

■ Every process / task is understood and can be executed by at least two individuals

Regular training / Secondments ■ Internal and external trainings are available

■ Deputy structures and execution processes are established and communicated

■ Enable employees to create their internal and external network and to generate an understanding regarding the dynamics

Transport importance of the financing function to the Top level

Employee retention

■ Financing and treasury are not only cost centres, but one of the critical strategic functions within the firm

■ To mitigate fluctuation and to maintain critical knowledge within the firm

Ensure regular usage of the knowledge and avoid underutilization ■ Establish internal office trainings and re-assess responsibilities on a regular basis Establish an environment that allows for reinvention

Knowledge Risk MiƟgaƟon Matrix 3

Governance

■ Prior to every financing process / transaction, existing financing structure and process should be discussed and identified weaknesses should be adjusted

4

Infrastructure

Four-eyes principle

Knowledge-sharepoints and filing systems

■ Knowledge regarding every process step or approach is at least covered by two members of the finance team

■ Knowledge can be shared through a standardised system and every documentation is easily available to all relevant team members

Deputy structures

Availability of external databases

■ Absence because of illness or holiday does not lead to any frictions within process execution

■ Not every necessary information is available for free through the internet

■ Secrecy and authority levels

■ Critical data must be available on a reliable basis

■ Ensure that critical actions can only be executed by people that are qualified to judge the decision Communication policies to external financing partners ■ How and when will be reported to financing partners (reporting, process guidelines for each financing round, capital market day or regular bank meetings)

Fig. 1 Matrix to mitigate knowledge risk within corporate finance of a family firm

Practical Aspects of Knowledge Risk Management in Corporate …

6

83

Conclusion

Knowledge risk management requires careful consideration within the finance function of family firms, given the particular setup of those firms. The practical examples have shown that knowledge risk can occur in various forms and at any stage during a financing process. Owner-managers, as well as external managers in family firms, are requested to set up clear structures and mitigation elements to cover the individual knowledge risks. The presented knowledge risk mitigation matrix is intended to serve as a basic concept for a family firm to develop such an individual knowledge risk management framework and to assist in the practical implementation of protection mechanisms. It responds to the need for holistic management of knowledge risk by introducing general categories and individual protection mechanisms that can be easily adopted to various company structures. Given the expanding discussion on knowledge risk and intangible risks in general, the presented knowledge risk mitigation matrix might be seen as an idea to structure risk mitigation and protection elements that could help in future research. The framework could be adopted in other situations and processes for further development. Furthermore, the matrix would benefit from further research on specific risk factors and relevant protection mechanisms across firms and industries to gain a better understanding of the efficiency of the individual protection instrument.

References Adam, T. R., Burg, V., Scheinert, T., & Streitz, D. (2014). Managerial optimism and debt contract design. Berlin. Agarwal, R., & Kallapur, S. (2018). Cognitive risk culture and advanced roles of actors in risk governance: A case study. The Journal of Risk Finance, 19(4), 327–342. Ampenberger, M., Schmid, T., Achleitner, A.-K., & Kaserer, C. (2013). Capital structure decisions in family firms: Empirical evidence from a bank-based economy. Review of Managerial Science, 7(3), 247–275. Beck, T., & Demirguc-Kunt, A. (2006). Small and medium-size enterprises: Access to finance as a growth constraint. Journal of Banking & Finance, 30(11), 2931–2943. Berent-Braun, M. M., & Uhlaner, L. M. (2012). Responsible ownership behaviors and financial performance in family owned businesses. Journal of Small Business and Enterprise Development, 19(1), 20–38. Börner, C., Grichnik, D., & Reize, F. (2010). Finanzierungsentscheidungen mittelständischer Unternehmer -Einflussfaktoren der Fremdfinanzierung deutscher KMU [Financing decisions of midcap companies—influencing factors on debt financing of German SMEs]. Zeitschrift Für Betriebswirtschaftliche Forschung, 62(3), 227–250. Brustbauer, J. K., & Peters, M. (2013). Risk perception of family and non-family firm managers. International Journal of Entrepreneurship and Small Business, 20(1), 96–116. Burgstaller, J., & Wagner, E. (2015). How do family ownership and founder management affect capital structure decisions and adjustment of SMEs? Evidence from a bank-based economy. The Journal of Risk Finance, 16(1), 73–101.

84

M. Hill

Busenitz, L. W., & Barney, J. A. Y. B. (1997). Differences between entrepreneurs and managers in large organizations: Biases and heuristics in strategic decision-making. Journal of Business Venturing, 12, 9–30. Calvo-Mora, A., Navarro-Garcia, A., Rey-Moreno, M., & Perianez-Cristobal, R. (2016). Excellence management practices, knowledge management and key business results in large organisations and SMEs: A multi-group analysis. European Management Journal, 34(6), 661–673. Craig, J., & Moores, K. (2010). Strategically aligning family and business systems using the Balanced Scorecard. Journal of Family Business Strategy, 1(2), 78–87. Culasso, F., Giacosa, E., Manzi, L. M., & Dana, L.-P. (2018). Professionalization in Family Businesses. How to strengthen strategy implementation and control, favouring succession. Management Control. Durst, S., Bruns, G., & Henschel, T. (2016). The management of knowledge risks: what do we really know? International Journal of Knowledge and Systems Science, 7(3), 19–29. Durst, S., & Zieba, M. (2017). Knowledge risks—Towards a taxonomy. International Journal of Business Environment, 9(1), 51–63. EU Commission. (2003). Commission recommendation of 6 May 2003 concerning the definition of micro, small and medium-sized enterprises. Official Journal of the European Union, (L 124), 36–41. EU Commission. (2005). The new SME definition—User guide and model declaration. Hauser, A., Eggers, F., & Güldenberg, S. (2019). Strategic decision-making in SMEs: Effectuation, causation, and the absence of strategy. Small Business Economics, 1–16. Henschel, T. (2010). Typology of risk management practices: An empirical investigation into German SMEs. International Journal of Entrepreneurship and Small Business, 9(3), 264. Henschel, T., & Durst, S. (2016). Risk management in Scottish, Chinese and German small and medium-sized enterprises: A country comparision. International Journal of Entrepreneurship and Small Business, 29(1), 112–132. Henschel, T., & Heinze, I. (2018). Small and Medium-sized Enterprises (SMEs). In S. Durst, S. Temel, & H. A. Ferenhof (Eds.), Open innovation and knowledge management in small and medium-sized enterprises. New Jersey, London, Singapore: World Scientific Publisher. Hernandez-Canovas, G., & Koeter-Kant, J. (2011). SME financing in Europe: Cross-country determinants of bank loan maturity. International Small Business Journal, (September). Hiebl, M. R. W. (2013). Bean counter or strategist? Differences in the role of the CFO in family and non-family businesses. Journal of Family Business Strategy, 4(2), 147–161. Hiebl, M. R. W. (2014). A finance professional who understands the family: family firms’ specific requirements for non-family chief financial officers. Review of Managerial Science, 8(4), 465–494. Hiebl, M. R. W. (2015). Applying the four-eyes principle to management decisions in the manufacturing sector: Are large family firms one-eye blind? Management Research Review, 38 (3), 264–282. Hiebl, M. R. W., Duller, C., & Neubauer, H. (2019). Enterprise risk management in family firms: Evidence from Austria and Germany. The Journal of Risk Finance, 20(1), 39–58. Hiebl, M. R. W., & Mayrleitner, B. (2017). Professionalization of management accounting in family firms: The impact of family members. Review of Managerial Science, 1–32. Josenhans, M., & Danzmann, M. (2017). Unitranche—Kreditfonds und Banken als neue Finanzierungspartner. Recht Der Finanzinstrumente, 11(1), 38–41. KfW Bankengruppe. (2018). KfW-Mittelstandspanel 2018. Frankfurt am Main. Kraus, T., Schröder, J., & Schnutenhaus, D. (2014). Finanzierungslandschaft im Umbruch: neue Finanzierungsstrategien für den Mittelstand [Changes in the financing landscape: new financing strategies for midcaps]. Corporate Finance, 2(4), 192–200. Lichtblau, K., & Utzig, S. (2002). Die Finanzierung des Mittelstands in der New Economy [The financing of SME in the New economy] (p. 272). Köln: Institut der deutschen Wirtschaft (Beiträge zur Wirtschafts- und Sozialpolitik, Bd.

Practical Aspects of Knowledge Risk Management in Corporate …

85

Louisot, J.-P. (2004). Managing intangible asset risks: Reputation and strategic redeployment planning. Risk Management, 6(3), 35–50. Lutz, E., & Schraml, S. (2011). Family firms: should they hire an outside CFO? Journal of Business Strategy, 33(1), 39–44. March, J. G., & Shapira, Z. (1987). Managerial perspectives on risk and risk taking. Management Science, 33(11), 1404–1418. Massingham, P. (2010). Knowledge risk management: A framework. Journal of Knowledge Management, 14(3), 464–485. Mateev, M., Poutziouris, P., & Ivanov, K. (2012). On the determinants of SME capital structure in central and Eastern Europe: A dynamic panel analysis. Research in International Business and Finance. Meier, J.-H., & Esmatyar, W. (2015). Managementoptimismus, Finanzierungspolitik und Kapitalkosten [Management optimism, financing policy and cost of capital]. Corporate Finance, 6(5), 135–140. Minichilli, A., Brogi, M., & Calabrò, A. (2016). Weathering the storm: Family ownership, governance, and performance through the financial and economic crisis. Corporate Governance: An International Review, 24(6), 552–568. Naldi, L., Nordqvist, M., Sjöberg, K., & Wiklund, J. (2007). Entrepreneurial orientation, risk taking, and performance in family firms. Family Business Review, 20(1), 33–47. Reinemann, H. (2011). Mittelstandsmanagement [Midcap management]. Stuttgart: Schäffer-Poeschel Verlag für Wirtschaft, Steuern, Recht GmbH & Co. KG. Tappeiner, F., Howorth, C., Achleitner, A.-K., & Schraml, S. (2012). Demand for private equity minority investments: A study of large family firms. Journal of Family Business Strategy, 3(1), 38–51. Welsh, D. H. B., & Zellweger, T. (2010). Can we afford it? Investment decisions of family and nonfamily owners. Academy of Entrepreneurship Journal, 16(2), 21–41. Yang, S., Ishtiaq, M., & Anwar, M. (2018). Enterprise risk management practices and firm performance, the mediating role of competitive advantage and the moderating role of financial literacy. Journal of Risk and Financial Management, 11(3), 35. Zieba, M., & Durst, S. (2018). Knowledge risks in the sharing economy. In E. M. Vatamanescu & I. M. Pinzaru (Eds.), Knowledge management in the sharing economy—Cross-sectoral insights into the future of competitive advantage (pp. 253–270). Cham: Springer.

Dr. Mark Hill is Director in the Deal Advisory department of KPMG in Germany, with a focus on corporate finance for family businesses, in particular on complex financing and debt capital market transactions. Prior to that, he worked for several financial institutions in the corporate finance divisions. In addition, Mark is as a lecturer for corporate finance at various universities of applied science. His research concentrates mainly on capital structure theories and financing of midcap companies in Germany.

Knowledge Risk Management in Public Organizations

Knowledge Risk Management for State-Owned Enterprises-Indian Scenario Sanjay Kumar

Abstract

Knowledge risk management (KRM) has emerged as a mechanism for risk assessment and response associated with organizational knowledge. Evolution of KRM being in its infancy, it was decided to study KRM in state-owned enterprises (SOEs) where the implementation of KM too is rather underdeveloped. Idea was to use SOEs as platforms for KM practice and also study them in the context of KRM. SOEs are important contributors to GDP in countries like India and China, and this study aims to provide an exploratory insight into the KM and KRM practices in SOEs. The approach towards this chapter involved studying literature about KM models in India and elsewhere besides impact study of KRM and amelioration strategies. The chapter introduces new dimensions that ring-fence KM initiatives from the Risks and enhance sustainability of KM by contributing towards converting organizational ‘tacit knowledge’ to ‘explicit knowledge’ with the help of ‘Intra-organizational and Inter-Organizational Mentoring as a tool for transfer of knowledge’, ‘Benchmarking for transfer of knowledge about best practices prevailing in different organizations’, ‘Factors influencing KM in cross-organizational projects’ and ‘Employee Alumni as a KM tool’. Keywords







Knowledge management Knowledge risk management State-owned enterprises Mentoring Benchmarking Knowledge outsourcing










S. Kumar (&) Director (Personnel), Western Coalfields Ltd., Nagpur, Maharashtra 440001, India e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_6

89

90

1

S. Kumar

Introduction

We live in uncertain times—an era characterized by turbulence where constant change and discontinuity are the order of the day. In a scenario where uncertainty is the only certainty, knowledge is increasingly becoming the greatest asset of organizations. Knowledge is the source of innovation, growth and value addition and primary source of sustainable competitive advantage. Human knowledge has been subject of importance since the evolution of human beings and organizations that have passed knowledge and skills to following generations since times immemorial through traditional and formal ways. However, organizations in the modern era of globalization and increasing competitiveness are making strides towards knowledge age from information age and knowledge is constantly being regarded as the most important asset that organizations can possess. As a natural corollary, with the basis of growth of modern society shifting from natural resources and physical assets to intellectual capital, organizations adopted knowledge management (KM) as a strategy for the institutionalization of knowledge and management thereof. Public sector enterprises (PSEs) are business entities whose ownership rests with the government. Being state-owned enterprises (SOEs) they are under control of the state which exerts control through total, majority or significant minority ownership. The state-owned enterprises (SoEs) are known as public sector enterprises in India, and however, considering the fact that this chapter will be part of a publication which will be presented to the global audience, the term state-owned enterprises (SoEs) shall be used for uniform understanding. In the last seven decades, the Indian economy has grown over the manifold. State-owned enterprises (SoEs) have provided continuous momentum to this growth story and have laid sound industrial and infrastructural foundations. It has helped India attain technological prowess to be placed among the fastest growing global economies (Choubey 2017). State-owned enterprises (SoEs) contribute a significant percentage to the nation’s GDP thereby playing a prominent role in the growth and development of the country (Agarwal 2001). State-owned enterprises (SoEs) over the last half a century have accumulated a lot of experience and acquired huge amounts of knowledge which is immensely valuable and state-owned enterprises (SoEs) need to invest in knowledge management (KM) significantly. Thus far, KM interventions in Indian SoEs are far and few which makes the knowledge acquired by them vulnerable. This is where the need to identify the reasons for the limited success of KM interventions becomes relevant, i.e. the risks faced while institutionalizing KM practices need to be addressed and also the ameliorating factors. This paper will present sample cases of knowledge management risks in public sector institutions in India and those from around the world. Additionally, this paper discusses some original ideas based on the practical experience of the author which can help organizations navigate the risks that may be encountered by them while drawing out tacit knowledge and help convert them to explicit knowledge as part of institutionalizing of KM process.

Knowledge Risk Management for State-Owned Enterprises-Indian …

2

91

Knowledge Management (KM) in the State-Owned Enterprises

Knowledge management (KM) is a term that has been loosely defined as “broad collection of organizational practices related to generating, capturing, disseminating know-how and promoting knowledge sharing within an organization, and the outside world” (OECD 2003). These include organizational changes, personnel development, technological innovation, transfer of competencies and incentives for staff to share knowledge. Hedlund (1994) suggests that knowledge management addresses the generation, representation, storage, transfer, transmission, application embedding and protecting of organizational knowledge. Academics and practitioners have not been able to stabilize the phenomenon of KM enough to make sense of what it is and what it comprises (Sutton 2007). To many, KM is an enigma of sorts—though it does not fit into the definition of discipline yet draws its definition from a multitude of disciplines ranging from conventional branches of social sciences like psychology, sociology, etc., on one side to information systems and artificial intelligence on the other. As a consequence of its being a multi-disciplinary and multi-dimensional concept, knowledge has numerous definitions with a common premise running through all that says “knowledge enhances the capacity for effective action” (Asian Productivity Organization-APO 2013). There are two types of knowledge—explicit and implicit. From an organizational perspective, knowledge is typically captured in processes, practices as well as documents and repositories (Cong and Pandya 2003). This type of formal, tangible knowledge that is codified is known as explicit knowledge (Brown and Duguid 1998). Explicit knowledge allows for easy storage and retrieval (Wellman 2009). The other knowledge, tacit, at times referred to as know-how (Brown and Duguid 1998) is hard to define, intuitive and mainly experience-based. Chronologically, it was Polanyi (1958) who coined the term “tacit” and divided knowledge into tacit knowledge and explicit knowledge. Tacit knowledge is often difficult to communicate and is dependent on action, commitment and involvement (Nonaka 1994). In fact, tacit knowledge has also been defined as a typical personal characteristic too abstract to be transferred or expressed in words (Nonaka and Takeuchi 1995). Additionally, it is considered among the most valuable knowledge source with the potential to lead to organizational breakthroughs (Wellman 2009). Organizations are facing twin threats of knowledge walking out due to large number of retirements and also the migratory nature of the workforce. Consequently, sharing and codification of tacit knowledge have assumed importance (Dormer 2016). In the present era, Knowledge is not only the most critical asset for the sustained competitive advantage of an organization but also a tool for innovation and continuous improvement thereof. KM, in general, is concerned with the intended set of practices and processes designed to optimize the use of knowledge, to increase allocative efficiency in the area of knowledge creation, distribution and use (Asian Productivity Organization 2013). Effective KM for organizations is indeed very critical as organizations strive

92

S. Kumar

to increase their competitiveness and gain an economic edge. From the core competencies of the businesses, KM can be helpful in creating value, achieve goals, develop greater value and bring innovative solutions (Tiwana 2000). An increasing number of firms today realize that management of knowledge is a key to business sustainability and competitiveness. This has led to increased interest in creating and understanding knowledge which is considered as a greatest asset for strategic decision-making (Keskin 2005).

2.1 Knowledge Management (KM) in the SoEs—Generic Framework A necessary feature of successful KM practice is cascading its awareness to all managers including the frontline ones. The concept of KM needs to be understood and benefits discussed by all employees in the organization to create an enabling ground for the institutionalization of knowledge management in any organization. The concept of KM, though not articulated in such nomenclature, had always been used by organizations (Hansen et al. 1999). Essentially, the newness and uniqueness of KM was attributed to organizations being conscious of about existence of KM as a formal process (Sarvary 1999).

2.1.1 Need for a Generic Framework The SoEs are supposed to have unique features of their own. They are dependent on stakeholders—citizens, state and local government, financial institutions, customers and suppliers, lobby groups and so on. They have an obligation of discharging their responsibilities towards stakeholders in equal measure. 2.1.2 Elements of an SoE KM Framework People, processes and technology are the three elements of the KM framework. KM focuses on people and prevalent culture for use of knowledge; on processes or methods to identify, create, capture and share knowledge; and on technology to store and make knowledge available and easily accessible. People KM is primarily a people issue. Success or otherwise of KM initiative depends on people’s participation, their motivation and their ability to adopt the process. It is the people who act as process enablers or barriers. People are generally afraid of and resistant to change. But with the help of a properly designed internal communication strategy backed up by staggering implementation, the KM or any new initiative is implemented on a “pilot” basis and is gradually scaled up as the people get used to and familiarized with the new system and accept it. Once they accept the new system and there is buy-in, KM system can be easily internalized (Reinmann-Rothmeier and Mandl 1999). Some steps to help implement the KM initiative are as under:

Knowledge Risk Management for State-Owned Enterprises-Indian …

93

• Raise awareness through internal communication • Develop internal champions to institutionalize the initiative • Dispel negative news about the KM initiative through communication, handouts, address to employees and FAQs • Establish formal rewards and recognition mechanism for knowledge sharing and knowledge use • Celebrate success—the organization must inculcate a culture of recognizing and celebrating the smallest of successes. Process KM is a system for creating or identifying, capturing, organizing, disseminating and using knowledge in all its forms within an organization (Cong and Pandya 2003). The stages are listed below: Identify or Create—Knowledge is created in the organization’s resources in one of the following ways: Dedicated Resources—Some of the organization’s resources are dedicated towards the creation of knowledge. A good example is R&D—close interactions between R&D team with line managers and marketing generates knowledge. Investment—Knowledge can be bought from consultants or leading organizations. Cross-Functional Teams—When employees of the cross-functional area meet and work on a problem, they create knowledge. Network of People—Knowledge gets generated when people of the same area meet together and discuss subjects/problems. Capture and Organize—Knowledge deteriorates very fast and must be used as quickly as possible after it is created. Disseminate—After knowledge is identified and captured, it is important to disseminate it to users. Use—Use is the ultimate goal of knowledge management. Organizational culture and structure play an important role in motivating people to use knowledge. Organizational culture should enable and support reading, adapting and usage of knowledge. Technology Technology is a significant part of any KM process and various options are available in the market. However, it must be borne in mind that technology is at best an enabler, it is not a means to an end. Technology provides connectivity, easy storage and retrieval mechanism but is not the final solution. A typical technology framework will comprise of the following: • appropriate software and hardware, • organization-wide intranet with extensive communicating and collaboration capabilities to share explicit knowledge,

94

S. Kumar

• knowledge portal, a virtual knowledge platform that is accessible via the intranet to share tacit knowledge through email, discussion groups, chat rooms and videoconferences. • organize and store knowledge assets in an appropriate electronic medium so as to enable faster access and retrieval. KM for the public sector, a report on the Asian Productivity Organization (APO) Research on KM for public sector productivity provides details of case studies that show practical and exemplary applications of KM in public sector organizations in the real world (Asian Productivity Organization 2013). Following is a brief summary that highlights KM practices in each case.

2.1.3 Global Examples—Asian 1. International Enterprise Singapore: The agency provides advisory services to Singapore-based companies to promote expansion of their international trade. Their KM initiatives focus on tacit knowledge transfer from well-experienced staff to junior staff via various efforts such as storytelling sessions, Retention of All Critical Knowledge (RACK) programme, and knowledge centre. 2. Korea Customs Service: The agency has broad responsibilities in imposing custom duties, and managing regulations of imports and exports to contribute to economic development. Its long history in KM initiatives is based on holistic approaches that combine four management techniques: balanced scorecard, Six Sigma, human resource management and customer relation management. 3. Taphanhin Crown Prince Hospital (Thailand): This is a community hospital with about 300 staff in a rural area in Thailand. The hospital faced a challenging situation to maintain its service quality for a number of patients with limited workforce. Hence, the hospital effectively combined knowledge management and quality management by embedding its KM procedures into their daily PDCA (plan, do, check, act) cycle. 4. Malaysian Agricultural Research and Development Institute: MARDI has driven innovative research in agro-based industry under the Ministry of Agriculture. Its KM initiatives combined various KM tools and techniques such as coaching and mentoring, innovative and creative circle, public lectures and assignment analysis to meet its organizational goal of increasing agricultural productivity. 5. Agency for Science, Technology and Research (Singapore): A*STAR is the lead agency fostering world-class scientific research for an innovation-driven Singapore economy under the Ministry of Trade and Industry. Its KM focuses on creating knowledge ecosystems that drive knowledge creation for supporting the national strategy to make Singapore Asia’s innovation capital.

Knowledge Risk Management for State-Owned Enterprises-Indian …

95

2.1.4 Local Examples—Indian 1. Bharat Electronics Limited: The organization is an enterprise of the Government of India under its Ministry of Defence. It develops and manufactures a variety of military electronic components. Their KM initiative started with a systematic approach in identifying knowledge gaps, developed a knowledge portal and utilized self-assessments for collective gauging of the KM process (Asian Productivity Organization 2013). 2. NTPC Ltd: It is the largest thermal power generating company. NTPC’s KM imperatives are derived from its strategic objectives and HR vision of becoming a “learning organization”. KM in NTPC is designed around three strategic objectives of planning and expediting in implementation of power projects, economic and efficient operation of power stations, and diversification and growth into new areas. 3. Coal India Ltd: The organization is an enterprise of the Government of India under its Ministry of Coal. Coal India Ltd does not have an institutionalized KM system. It has expressed the intention of implementing KM and the initiative is in its initial stages.

3

Knowledge Management Risks

Security experts alarmed by the scope of a data breach at the Marriott hotel empire worry that stolen information on specific hotel stays could be used for burglary, espionage or reputational attacks. Hackers stole information of as many as 500 million guests of the Marriott hotel empire over four years, obtaining credit card and passport numbers and other personal data, including arrival and departure dates (Economic Times, 01 December 2018). In the past, the website of Antrix, Indian Space Research Organization’s commercial arm, was hacked on 12 July 2015. Though denied by authorities, there was news about the hacking of the website of India’s Ministry of Defence. Similarly, there are unconfirmed reports about data theft from the Unique Identification Authority of India (UIDAI), which too have been denied by authorities. These attacks symbolize the threats modern-day organizations are exposed to and symbolize the emergence of a new type of knowledge risk (KR). Considering the magnitude of the threat, organizations are re-calibrating their approaches to knowledge management inasmuch as it is necessary for them to plan the contingencies in the aftermath of knowledge risks (KR). Knowledge risk (KR), paradoxically, finds limited mention in the literature survey. Though there have been attempts by various researchers in this area to come up with concepts and definitions, there is practically non-existential evidence of any research on knowledge risk in state-owned enterprises in India. Consequently, this

96

S. Kumar

paper attempts to cull out and crystalize experience-based learning and identify them with examples from published literature. Following paragraphs discuss the risks.

3.1 Risk of Failure Potentially, there are a number of reasons for KM approaches to fail. However, considering the scope of this chapter main factors of failure were considered appropriate for being highlighted. I. Creation of Monolithic Repositories—KM Strategies aimed at creating monolithic memories as knowledge repositories for the whole organization have led to failure (Ackerman and Halverson 2000) for the simple reason that many such organizations have distributed structure and function with conflicting goals. Naturally, one size fits all does not work in such situations. II. Among the reasons for the possible failure of KM, approaches are when they fail to integrate humans, processes and technology (Abecker et al. 2000). This is justified by the limitations and importance of each of these components. On a standalone basis, human effort may have limited result and would require to adopt a processes and appropriate technology which in turn combine to deliver organizational goals. III. KM implementation methodologies must consider inputs from multiple stakeholders. In the absence thereof, there is a likelihood of resistance to the implementation. Collaboration constitutes an important basis for learning and sharing (Laycock 2005). As a natural corollary, KM approaches may not succeed unless they promote collaboration. IV. Lack of support from organizational leadership is one major factor for failure of KM initiative (Disterer 2001). Scepticism with regard to the benefits of knowledge sharing on the part of community leaders also forms a reason for the failure of many a KM initiative (Nonaka and Konno 1998). V. KM approaches are likely to fail when they are unable to lead to tangible benefits (Alavi and Leidner 1999).

3.2 Creation of Silos Within the Organization Silos have been omnipresent in organizations including state-owned enterprises (SoEs). Silos are a direct manifestation of insecurity prevalent in individuals, departments and corporate business houses which discourages them to share information, knowledge, technology and the likes. Presence of such mentality leads to the creation of a trust deficit environment in business organizations which in turn impact the morale of employees.

Knowledge Risk Management for State-Owned Enterprises-Indian …

97

Organizational silos are naturally resistant to change, create impediments aimed at blocking easy access to any kind of information. In multi-unit organizations with silos, communication and collaboration across units are severely impacted. Consequently, efforts to capture knowledge and preserving the same in KM platforms are negatively impacted.

3.3 Reluctance to Embrace New Technologies India has taken to digitalization in a big way. The new digital transformation and business innovations are revolutionizing almost all industries including the state-owned enterprises—the SoEs. A large number of SoEs are still oblivious to the need and advantages of transforming their businesses by adapting to digitalization. Indian Technology Congress (2018). Though SoEs acknowledge the virtues of KM, ERP, cloud technologies and the likes, when it comes to actual implementation many of them are found wanting in terms of resource commitment, presence of state-of-the-art technology, investing in training to create a digitally literate workforce and so on. The reasons are one or more of the following: Senior management buy-in: In almost all SoEs, new initiatives are top driven. This naturally requires that top management or the managing leadership should firmly believe in the efficacy and benefits that would accrue by institutionalizing the intended initiative. Having done so they lead from the front to ensure successful implementation of a new initiative(s) (Sirkin et al. 2005). Work processes: Notwithstanding large-scale penetration of IT in SOEs, most workflows, official noting and decisions are still rooted in the old-world pen and paper. This is further reinforced by the legal system, vigilance mechanism and the Right to Information (RTI) which relies totally on physical documentation and hard copies (Gupta et al. 2018).

3.4 Overdependence on Consultants for Driving Improvements External consultants and internal consultants can be found in organizations. The former are normally consultants employed by third-party firms who are engaged by the organization. The latter are employees of the organization who may be functioning in a consultative role advising others in such areas as systems, accounting, human resources, marketing, and operations (Davison 2009). Like any other organization, SOEs resort to the hiring of external consultants who along with internal consultants (employees) work on problems, new initiatives, innovation, etc. It is recognized that internal consultants possess many of the skills deployed by their external counterparts (Armstrong 1992; Duncan and Nixon 1999; Laabs 1997). Even if they are not part of the study by external consultant more

98

S. Kumar

often than not, it is the team of employees who perform the role of internal consultants to implement the recommendations or findings of the external consultant. Of course, it takes a committed and engaged team of employees to ensure effective implementation. However, the SOEs suffer from a serious problem of non-continuity of thoughts which lead to partial or non-implementation of best of recommendations. At times, change in the top leadership of the department or a division leads to large-scale shuffling of the team. When the new team takes over a department or a division, the immediate priority of jobs takes precedence over the consultant’s recommendations which remain consigned to archives. With the passage of time, it may so happen that the study already conducted by one consultant remains unimplemented and the same or similar assignment is awarded to an external consultant.

3.5 Long Learning Curve of New Employees There are essentially two types of learning curves. The “basic curve” is the learning curve necessary for an untrained worker to acquire training, knowledge and skills fundamental to a particular trade. This curve is necessary in order for the worker to achieve an average level of proficiency. In contrast, the “experience curve” is the worker’s attainment of the specialized skill set required to perform a specific repetitive activity. Experience curves for repetitive tasks apply to both individual workers as well as to crews. The “experience curve” is the curve most likely to have an impact on productivity because it is more project-specific (Drewry 2012). The learning curve denotes the rate at which individuals progress as they acquire new skills or experiences people in an organization learn through methods that are internal to the organization or external to it. Internal methods include doing something repeatedly, using the equipment regularly, or taking advantage of scientific or technological advancements. External learning methods include interactions with others, active searching, and inter-industry spillovers. Professional HR teams can influence, encourage and enable staff learning using both internal and external methods (Bihani 2018; Johnson 2018; Hirschmann 1964). Almost all SOEs have very elaborate training setup where they run a large number of courses. But outdated syllabus, lack of latest generation training simulators and barely motivated training and development personnel hardly help in reducing the learning curve.

3.6 Culture of Knowledge Hoarding Knowledge hoarding, by definition, is simple withholding of knowledge, which has not been requested by any specific individual (Webster et al. 2008). Knowledge hoarding also encompasses dimensions of knowledge that are not necessarily explicit and understood by others (Evans et al. 2014). Such knowledge may be difficult to requisition although essential for the success of an organization.

Knowledge Risk Management for State-Owned Enterprises-Indian …

99

Hoarding of knowledge or information is all-pervasive in SOEs. Employees hoard information as they believe “Information is Power”. Experienced employees of the yesteryears who might have acquired experiential knowledge feel threatened by the presence of Gen Next employees who are often impatient and aggressive in their approach which may not conform to the behavioural norms of the employees of the older generation. Resultantly, they are reluctant to share information as they fear that sharing the information which they have acquired over the years will undermine their expertise (Szulanski 1995), or worse, earn credit to those where it may not be due. Then, there are employees who hoard information because they have a sense of “high” when others seek their advice regularly. Lastly, the prevalent culture does not encourage information sharing and collaboration. The consequences of hoarding are twofold—firstly, information remains in tacit form and undocumented and is lost when the employees holding the information retire or leave the organization. Resultantly, organizations face a risk of losing valuable information along with loss of productivity.

3.7 Performance Gaps Across Units Within Same Organization (Resulting in Opportunity Loss) Conventional wisdom states that knowledge can be transferred among units of an organization. Going forward it is natural to assume that if similar or same knowledge is available to individual units their performance must be identical. However, the study of SOEs has indicated that the level of penetration of knowledge, comprehension and resultant performance varies across different units of the same organization. One reason for such variance is the presence of dissimilar if not different cultures among the different units of the same organization. Consequently, there are different performances within the same organization thus resulting in an opportunity loss to the overall organizational performance. 4.0 Considering that presence of Knowledge risk obstructs the implementation and institutionalizing of knowledge systems, the author proposes to introduce the readers to a knowledge risk checklist as a diagnostic tool for preliminary assessment of efficacy and robustness of institutionalized systems to facilitate amelioration of knowledge risk (Table 1).

100

S. Kumar

Table 1 Knowledge management risk amelioration checklist KM risk amelioration checklist S. No. Statement and underlying philosophy 1.

2.

3.

4.

5.

6.

7.

8.

9.

Yes/no

Remarks, if any

Does the organization have an institutionalized mechanism for the capture of new knowledge? {New knowledge vanishes fast, if not recorded or captured soon} Should organizations implement technologies for knowledge mining? {Knowledge remains with people (tacit) until it is mined (explicit)} Does the company have a system of allowing employees to pursue knowledge sharing initiatives like publications, case studies and sharing of expertise? (No proper system to convert tacit knowledge into explicit through sharing of case studies, publications, expertise etc) What is the company philosophy for engaging training faculty–only In-house, only external, mix of both in-house and external faculty? (Creating an imaginary wall, for example, no outside faculty for a training programme in the organization) Is there a practice of visits to other companies from the same industry or different industry? (No visit to other organization) Does the company sponsor its employees for participating in conferences? (No organized participation of employees in conference— local/global?) Does the company incentivize: Updating of knowledge? Innovation? Upgrade knowledge through training, self-study, publications, higher studies? Out-of-box thinking? (Does the company encourage employees to adopt systems aimed at updating knowledge?) Does the company have an institutionalized system for capturing knowledge from the environment? (Not capturing emerging knowledge in the environment Through a system dedicated to capture knowledge through the internet or paid body (McKinsey—KM System) Liberal visit of employees of industrial, government and business organizations world over) Does the organization have robust systems for ensuring data security and safety of intellectual property? (Appropriate Security set up Data regarding products/processes to be protected (IP) (continued)

Knowledge Risk Management for State-Owned Enterprises-Indian …

101

Table 1 (continued) KM risk amelioration checklist S. No. Statement and underlying philosophy

10.

11.

4

Yes/no

Remarks, if any

Careful watch/security over the individuals connected with sensitive matters) Has the company experienced a frequent change of leadership? (Frequent leadership changes and vacant leadership positions) Does the company encourage risk-taking in its employees? (Limited risk culture and risk mind-set)

Dimensions for Enhanced Sustainability of KM

Public sector enterprises/SOEs in India play a very important role. They are one of the largest contributors to the nation’s GDP and are among the country’s largest providers of employment (Public Enterprise Survey 2017–2018). Public sector enterprises have also ensured regional development of undeveloped areas by setting up of Industry. As the business horizon changes and future realities like the Fourth Industrial Revolution (4IR) (Schwab 2017) or Industry 4.0 catch on, public sector enterprises would also be impacted. Naturally, they will have to renew, re-invent and re-discover themselves to be able to match up with the future trends. We discussed the risks in the preceding paragraphs. Discussed in the foregoing are some new dimensions that cannot only ring-fence KM initiatives from the risks but also enhance the sustainability of KM.

4.1 Intra-organizational and Inter-organizational Mentoring as a Tool for Transfer of Knowledge Considering the fact that though all SOEs operate in same and similar socio-economic environment, there are noticeable differences in their economic performance and organizational cultures. With a view to leverage best practices across SOEs, it would be a good idea to introduce a system of mentoring system for SOEs. This mentoring is different from mentoring as an HR tool—this mentoring is a part of the business strategy. The business strategy mentoring can be intra-organizational where a successful division can mentor an unsuccessful division or a profit-making division can mentor the not so profitable division. Similarly, it can be inter-organizational where one SOE can mentor another SOE. This type of mentoring can be of two types:

102

S. Kumar

A. Operational perspective: As part of this, select profit-making and operationally robust SOEs can mentor operationally and financially weak PSEs to ensure that they are nursed back to becoming viable business entities. B. Knowledge perspective: Under this system, mentoring would be designed keeping in view the SOEs’ knowledge management perspective. Such mentoring is based on the premise that SOEs can learn from each other which would help in mentor-mentee SOEs to institutionalize preservation of core competence and domain knowledge, best practices in project execution, innovation, disaster management, cost management, people management, change management strategies and so on including risk management to address the possible downsides of knowledge resources. Surely, this will strengthen KM initiative of SOEs.

4.2 Benchmarking Benchmarking is a mechanism of comparing the performance of a business unit or organization vis-a-vis other units elsewhere. Benchmarking is a very useful tool for the transfer of knowledge with regard to best practices prevailing in different organizations. Benchmarking can be “Internal” or “External”. Currently, Indian SOEs are classified as Ratnas (jewels)—Maharatna (Maha— Great), Navratna (Nav-New) and Miniratna (Mini-Small) based predominantly on financial parameters. In order to be compliant with 4IR standards, SOEs must evolve global performance parameters in terms of operating efficiency, cost, throughput, etc. This would require a study of worldwide best practices and evolving global benchmarks and institutionalizing robust KM systems as a repository for best in class knowledge. Though useful on its own, benchmarking delivers improved organizational performance when coupled to organizational learning and KM.

4.3 Inter-organizational Projects Influencing KM Studies have shown that inter-organizational cooperation can create new knowledge (Li et al. 2009). The location of the cooperating businesses and the degree of their cooperation can determine how much they can improve their competitive positions through cross-organizational cooperation. Such cooperation can be implemented in various ways depending upon what knowledge or resources each side needs are known to create new knowledge. Considering that there is a dearth of studies on the use of KM in cross-organizational collaboration, this concept of the study of inter-organizational projects or cross-organizational projects was explored as a tool for creating knowledge and hence useful as KM tool.

Knowledge Risk Management for State-Owned Enterprises-Indian …

103

4.4 Employee Alumni as a KM Tool SOEs are usually the largest employers in countries like India and China. SOE employees collectively possess potentially a large amount of tacit knowledge waiting to be tapped. Establishing a corporate alumni network, which requires almost negligible to little investment is considered a useful step in maintaining a relationship of trust and mutual benefit (Hoffman 2014). Advantage in forming employee alumni is that members collectively possess huge amount of information about operation and maintenance, project execution experience, information about internal and external best practices, experience with regard to disaster management and crises management, etc. which is worth its value in gold and in fact a knowledge repository which can be leveraged as a knowledge management (KM) tool.

5

Conclusion

Knowledge management in SOEs offers many challenges for academics and practitioners alike. SOEs occupy a pride of place in many countries inasmuch as the total economy of some countries is dependent on the performance public sector. Some of the SOEs in countries like India, China and Malaysia are iconic and straddle the world. Notwithstanding their economic and social importance, it is found that SOEs are not at the forefront of knowledge management initiatives. It is a paradox of sorts that institutions which are of such strategic importance should have such low level of KM exposure. With the Fourth Industrial Revolution or Industry 4.0 becoming a reality, the entire way of doing business is expected to undergo radical or disruptive change. Unless the public sector adopts or rather imbibes knowledge management as a way of life, they would be severely impacted by the vortex. Knowledge management caters to critical issues of the organizational adaptation, survival and excellence in the face of increasingly discontinuous environmental changes. Public sector should take appropriate measures to effectively deal with the KM risks so as to be able to strengthen KM which in turn can function as a beacon for navigating through the ever-approaching disruption and turbulence in the global business environment.

References Abecker, A., Decker, S., & Maurer, F. (2000). Organizational memory and knowledge management, guest editorial. Information Systems Frontiers, 2(3), 251–252. https://doi.org/ 10.1023/a:1026512526827. Accessed 8 Mar 2019. Ackerman, M. S., & Halverson, C. A. (2000). Reexamining organizational memory. Association for Computing Machinery, Communications of the ACM, 43(1), 58–64. https://doi.org/10. 1145/323830.323845. Accessed 9 Mar 2019.

104

S. Kumar

Agarwal, R. N. (2001). Technical Efficiency and Productivity Growth in the Central Public Sector in India during 1990s. Delhi Discussion Papers, Institute of Economic Growth. Alavi, M., & Leidner, D. (1999). Knowledge management systems: Issues, challenges and benefits. Communications of the Association for Information Systems 1(7), 2–36. https://aisel. aisnet.org/cais/vol1/iss1/7. Accessed 8 Mar 2019. Armstrong, M. (1992). How to be an internal consultant human resources. Winter, 3, 26–29. Asian Productivity Organization. (2013). Knowledge management for the public sector. Report on the APO Research on Knowledge Management for Public Sector Productivity (11-RP-09-GE-RES-B). http://www.apo-tokyo.org/publications/wp-content/uploads/sites/5/ Knowledge-Management-for-the-Public-Sector-2013.pdf. Accessed 6 Mar 2019. Bihani, R. (2018). 7 ways that professional HR facilitate the learning curve. https:// peopledevelopmentmagazine.com/2018/04/13/professional-hr-facilitate-learning-curve/. Brown, J. S., & Duguid, P. (1998). Organizing knowledge. California Management Review, 40(3), 90–111. https://doi.org/10.2307/41165945. Accessed 7 Mar 2019. Choubey, U. D. (2017). New-age public sector enterprises. Financial Express, April 15, 2017. Cong, X., & Pandya, K. (2003). Issues of knowledge management in the public sector. Electronic Journal of Knowledge Management 1(2), 25–33. http://www.ejkm.com/issue/download.html? idArticle=17. Accessed 5 Mar 2019. Davison, M. L. (2009). The challenges we face managing those external (and internal) consultants! Paper presented at PMI® Global Congress 2009—North America, Orlando, FL. Newtown Square, PA: Project Management Institute. https://www.pmi.org/learning/library/ challenges-managing-external-internal-consultants-6670. Accessed 3 Mar 2019. Disterer, G. (2001). Individual and social barriers in knowledge transfer. In Proceedings of the 34th Annual Hawaii International Conference on System Sciences (HICSS-34) Vol. 8, p. 8025, January 03–06, 2001, IEEE. https://dl.acm.org/citation.cfm?id=822043. Accessed 6 Mar 2019. Dormer, R. (2016). Organizational management in New Zealand’s public service. Public Money and Management 36(6), 433–440. https://www.tandfonline.com/doi/abs/10.1080/09540962. 2016.1206752. Accessed 6 Mar 2019. Drewry, D. M. (2012). Loss of productivity and learning curves, Feb 24, 2012, Drewry Simmons Vornehm, LLP. https://dsvlaw.com/loss-of-productivity-learning-curves/. Accessed 5 Mar 2019. Duncan, J. R., & Nixon, M. (1999). From watchdog to consultant. Strategic Finance, 80(10), 42–46. Evans, J. M., Hendron, M. G., & Oldroyd, J. B. (2014). Withholding the ace: the individual-and unit-level performance effects of self-reported and perceived knowledge hoarding. Organization Science, 26(2), 494–510. https://doi.org/10.1287/orsc.2014.0945. Accessed 5 Mar 2019. Gupta, V., Kulkarni, S., & Khatri, N. (2018). Leadership and management of public sector undertakings in an emerging economy. W. P. No. 2018-01-04, Research and Publications, Indian Institute of Management, Ahmadabad, India. https://web.iima.ac.in/assets/snippets/ workingpaperpdf/17499772842018-01-04.pdf. Accessed 6 Mar 2019. Hansen, M. T., Nohria, N., Tierney, T. (1999). Whats your strategy for managing knowledge. Harvard Business Review, March–April 106–116. https://hbr.org/1999/03/whats-yourstrategy-for-managing-knowledge. Accessed 5 Mar 2019. Hedlund, G. (1994). A model of knowledge management and the N-form Corporation, Strategic. Hirschmann, W. B. (1964). Profit from the learning curve. Harvard Business Review, January 1964. https://hbr.org/1964/01/profit-from-the-learning-curve. Accessed 6 Mar 2019. Hoffman, R. (2014). Four reasons to invest in a corporate alumni network, Sept 2014, Linkedin Blog. https://business.linkedin.com/talent-solutions/blog/2014/09/four-reasons-to-invest-in-acorporate-alumni-network. Accessed 5 Mar 2019. Indian Technology Congress. (2018). Sept 5–6 2018, Blog—Transforming the enterprise for a digital age.

Knowledge Risk Management for State-Owned Enterprises-Indian …

105

Johnson, W. (2018). Using learning to engage your team. Harvard Business Review, May 2018. https://hbr.org/ideacast/2018/05/use-learning-to-engage-your-team.html. Accessed 6 Mar 2019. Keskin, H. (2005). The relationship between explicit and tacit oriented KM strategy, and firm performance. Journal of American Academy of Business 7(1), 169–175. http://www.citeulike. org/user/widgetenator/article/11775374. Accessed 4 Mar 2019. Laabs, J. J. (1997). Stay a step ahead with 5 key skills. Workforce, 76(10), 56–58. Laycock, M. (2005). Collaborating to compete: Achieving effective knowledge sharing in organizations. The Learning Organization, 12(6), 523–538. https://doi.org/10.1108/ 09696470510626739. Accessed 6 Mar 2019. Li, H., Chen, J., Yu, X., & Mei, X. (2009). Factors influencing knowledge management within inter-organizational projects. European Journal of Management 9(4). Nonaka, I., & Takeuchi, H. (1995). The knowledge creating company: how Japanese companies create the dynamics of innovation. New York: Oxford University Press. Nonaka, I., Takeuchi H., & Umemoto, K. (1994). A theory of organizational knowledge creation. Organizational Science 5(1). https://www.inderscienceonline.com/doi/abs/10.1504/IJTM. 1996.025472. Accessed 8 Mar 2019. Nonaka, I., Konno, N. (1998). The concept of ‘Ba’: Building a foundation for knowledge creation. California Management Review 40(3), 40–54. https://doi.org/10.2307/41165942. Accessed 7 Mar 2019. OECD. (2003). Conclusions from the results of the survey of knowledge management practices for ministries/Departments/Agencies of Central Government in OECD Member Countries, 3–4 Feb 2003, GOV/PUMA/HRM (2003) 2. http://www.oecd.org/officialdocuments/publicdisplay documentpdf/?cote=GOV/PUMA/HRM(2003)2&docLanguage=En. Accessed 6 Mar 2019. Polanyi, M. (1958). The Tacit Dimension. New York: ME Sharp Inc. Press Trust of India (PTI). (2018). Step Up Performance to Match Private Players: Parliamentary Panel to SAIL (Steel Authority of India), Financial Express, January 7, 2018. https://www. financialexpress.com/industry/step-up-performance-to-match-private-players-parliamentarypanel-to-sail/1005079/. Accessed 7 Mar 2019. Public Enterprise Survey. (2017–2018). Department of Public Enterprises, Ministry of Heavy Industries & Public Enterprises, Government of India. https://dpe.gov.in/public-enterprisessurvey-2017-18. Accessed 5 Mar 2019. Reinmann-Rothmeier, G., & Mandl, H. (1999). Wissensmanagement: Modewort oder Element der lernenden Organisation? Personalführung 12, 18–23. https://www.researchgate.net/profile/ Heinz_Mandl/publication/293464736_Wissensmanagement_Modewort_oder_Element_der_ lernenden_Organisation/links/570cb4eb08aee0660351c994/Wissensmanagement-Modewortoder-Element-der-lernenden-Organisation.pdf. Accessed 8 Mar 2019. Sarvary, M. (1999). Knowledge management and competition in the consulting industry. California Management Review 41(2), 95–107. https://doi.org/10.2307/41165988. Accessed 8 Mar 2019. Schwab, K. (2017). The fourth industrial revolution. Penguin: Portfolio. Sirkin, H. L., Keenan, P., & Jackson, A. (2005). Hard side of change management. Harvard Business Review, October 2005. https://hbr.org/2005/10/the-hard-side-of-change-management. Accessed 9 Mar 2019. Sutton. M. (2007). Accepting knowledge management into the LIS fold: An interdisciplinary approach. Library Student Journal, McGill University, Canada. http://web.archive.org/web/ 20130816161126/http://www.librarystudentjournal.org/index.php/lsj/article/view/47/62. Accessed 9 Mar 2019. Szulanski, G. (1995). Unpacking stickiness: An empirical investigation of the barriers to transfer best practice inside the firm. Academy of Management Journal (Special Issue), 437–441. https://journals.aom.org/doi/10.5465/ambpp.1995.17536715. Accessed 8 Mar 2019. Tiwana, A. (2000). The knowledge management toolkit: Practical techniques for building a knowledge management system. Upper Saddle River, New Jersey: Prentice Hall PTR.

106

S. Kumar

Webster, J., Brown, G., Zweig, D., Connelly, C. E., Brodt, S., & Sitkin, S. (2008). Beyond knowledge sharing: Withholding knowledge at work. Research in Personnel and Human Resources Management 27(1), 1–37. https://www.emeraldinsight.com/doi/abs/10.1016/S07427301%2808%2927001-5. Accessed 8 Mar 2019. Wellman, J. L. (2009). Organizational learning: How companies and institutions manage and apply knowledge. Palgrave Macmillan.

Dr. Sanjay Kumar is Director (Personnel) with Western Coalfields Ltd., a subsidiary of Coal India Ltd. He possesses three decades of experience with leading Public Sector Enterprises (State Owned Enterprises) of which two decades have been with Oil-Gas/Energy companies like ONGC and GAIL. He has dealt with HR policies, performance management systems, manning strategies, project HR, restructuring, change management, HRD initiatives, managing manpower surpluses and shortages. He has also been part of teams executing mega-projects like cross-country Gas and LPG pipeline, Petrochemical, City Gas and Coal Mining projects. His varied experience at project and corporate levels has enabled understanding of the energy value chain and associated impact on stakeholders. Dr. Kumar is interested in training, teaching, pro-bono consulting and publications. He has published articles in leading Indian newspapers and journals.

Knowledge Communication and Communication Risks in Healthcare—Professional Amateur Patients with Thyroid Disease Show the Way Pia Ulvenblad

Abstract

This chapter advances our understanding of knowledge communication and communication risks with its focus on the diagnosis and treatment of patients with thyroid disease. The chapter reports on an exploratory pilot study in which ten thyroid patients were interviewed about the communications related to their disease that they received and sought. The interviews, which were semi-structured, gave the respondents the opportunity to offer suggestions and to ask questions that might be useful in the subsequent research. Content analysis was used to analyse the interview data. Owing to their dissatisfaction with the amount and nature of the knowledge communicated to them by the professional medical community, the respondents report they seek alternative information sources online (e.g. websites, patient forums, research literature). Both internal and external risks are identified with the professional and amateur sources of knowledge. Among the internal risks is the risk of receiving inadequate and erroneous information. Among the external risks is the loss of trust in physicians and the healthcare system. The chapter calls for greater recognition of patients’ potential to contribute to their diagnosis and treatment. The patients’ perspective is too often under-appreciated or even ignored by the professional medical community. Keywords

Knowledge communication amateur Thyroid disease





Communication risk
Healthcare
Professional

P. Ulvenblad (&) Halmstad University, Box 823, 301 18 Halmstad, Sweden e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_7

107

108

1

P. Ulvenblad

Introduction

This chapter examines knowledge communication and communication risks in healthcare for patients with thyroid disease. This is a timely and important topic for several reasons. First, society pays a high price when individuals cannot work because they have this disease. Second, in addition to the direct medical costs, there are the economic costs from a slowdown in growth and productivity (Finkelstein and Corso 2003; Tarricone 2006). Third, thyroid patients themselves pay a high economic and social price: decreases in income and increases in alienation or loneliness (Bosma et al. 2015). The fourth reason for the relevance of this topic is the advent of digital technology that allows thyroid patients (and others) relatively easy access to personal and general healthcare information online. A number of researchers have studied patients and others who search the Internet for health information. Diaz et al. (2002), for example, found that these patients are more educated and have higher incomes than patients who do not conduct such searches. Moreover, those who searched online for health information were generally satisfied with the information they obtained. They thought it was the same or even better than the information they received from their physicians. According to research by Seçkin et al. (2019), older adults who search online for health information are more satisfied than middle-aged adults who make the same searches. The correlation between self-care and quality of life is also stronger among these older adults. Research shows that caregivers also seek health information using their computers, smartphones, or other electronic devices more frequently than non-caregivers (Bangerter et al. 2019). Easy online access to health information seems to explain much of the recent shift in the patient role from the passive receiver of health information to the active consumer of health information. McMullan (2006) addressed this shift in an article that explores how patients’ use of the Internet influences the patient–health professional relationship and patients’ access to health information. He pointed to recent developments from this shift: (i) the threat to the ‘health professional-centred relationship’, (ii) the new ‘patient-centred relationship’, and (iii) the use of reliable ‘Internet prescription’ websites. Researchers have also addressed patients’ digital access to health information with respect to how healthcare professionals view this recent phenomenon. For example, in a study of patient management in the age of ‘information overload’, Mundluru et al. (2019, p. 76) state: ‘Physicians must respect patients’ autonomy in regard to their ability to gather information and assess their medical needs’. Much of this research concludes that healthcare professionals should pay greater attention to the patient perspective. The traditional reliance by healthcare professionals on their own (exclusive) perspective can be limiting because this perspective does not include the patients’ experiences, some of which may lead to improvements in healthcare.

Knowledge Communication and Communication Risks in Healthcare …

109

Although Yen et al. (2011) do not directly address the use of digital technology by patients, they support the importance of highlighting the patient perspective. In their study of healthcare professionals’ reactions to patients’ perceptions of health issues, they identified general themes in the care of a chronic illness that patients and professionals agree on: (i) competing demands in self-management, (ii) financial pressure, and (iii) co-morbidity. However, in the examination of personal patient challenges, they found that professionals pointed to attitudinal and structural themes: (i) compliance or service fragmentation and (2) insufficient resources for professionals, while the patients focused on their personal challenges and possibilities. This new patient role also calls for new concepts. The Institute for Language and Folklore (2017) in Sweden listed ‘spetspatient’ (in English: expert patient) as an approved word in its new words list for 2017. Sara Riggare, a doctoral student, invented this Swedish word based on her experience as a Parkinson patient (Riggare 2018; Riggare and Unruh 2015). The claim is that an expert patient has more understanding of her/his disease than the average patient typically has. Expert patients, therefore, can contribute to decisions on their treatment. In this chapter, ‘expert patient’ and ‘professional amateur patient’ (Andreassen et al. 2014) are used synonymously. Thyroid diseases are among the most common pathologies in the world (Maniakas et al. 2018). According to the American Thyroid Association (ATA) (2019), approximately 20 million Americans have some form of thyroid disease, and more than 12% people in the USA are expected to develop some form of thyroid disease. In Sweden, more than 450,000 people (approximately 4% of the population) have been diagnosed with a thyroid disorder (Sköldkörtelförbundet 2019), and 80% of them are woman. According to the Office on Women’s Health (2019)—US Department of Health and Human Services—women are more likely than men to have a thyroid disease. Because the symptoms develop gradually, it is often difficult to diagnose the disease in its early stages. In a study of patient-reported outcomes, Watt et al. (2006) show that the quality of life for thyroid patients is substantially impaired in both the untreated and the treated phases of the disease. Several professional amateurs (Pro-Ams) are involved in disseminating information about thyroid diseases. Jones (2010), who identifies these people as ‘patient advocates’, states that thyroid patients challenge traditional forms of authority in healthcare. Despite the patient advocacy movement, however, research on patients who seek medical information and digital healthcare sources reveals that little is really known about how and why thyroid patients acquire information about their disease and how they communicate their knowledge about their disease. The aim of this chapter is to increase our understanding of knowledge communication and communication risks in healthcare by exploring how thyroid patients receive and search for information about their disease. This chapter seeks to answer the following questions: How do thyroid patients obtain information about their disease? How do they communicate their knowledge of their disease? What are the risks in knowledge communication in healthcare?

110

P. Ulvenblad

The chapter is structured as follows. The next section presents the chapter’s frame of reference with specific attention to the research on knowledge communication, professional amateurs, and the risks associated with knowledge communication. The methodology, findings, and discussion sections follow. The chapter concludes with practical and theoretical implications and suggestions for future research.

2

The Frame of Reference

Typically, research organizations and healthcare organizations control the dissemination of new healthcare research, which is often communicated through a unidirectional transfer process (Graham et al. 2006). Criticism of this process of knowledge communication as too slow has led researchers to propose new concepts such as the knowledge-to-action (KTA) framework. This framework includes multiple concepts (e.g. knowledge translation, knowledge transfer, and knowledge exchange), several of which are nevertheless consistent with the unidirectional process of how knowledge transfers. Other research focuses on the many aspects of knowledge communication. In their synthesis of the knowledge transfer and exchange (KTE) literature, Mitton et al. (2007) review how researchers have examined the interactive process of communication between research users and research producers. In a study on the decision-making effect of health research by research funders and organizations, Lavis et al. (2003) propose that the unidirectional transfer process of knowledge is insufficient. They propose that more interaction is needed among researchers, decision-makers, and other stakeholders when knowledge communication is in focus. In an article on the developments and achievements of the European Association for the Communication of Healthcare (EACH) with respect to knowledge transfer and communication, Rubinelli et al. (2019) explore how EACH can increase its impact by, among other things, engaging with patients, promoting member networks, and extending knowledge-sharing as widely as possible. Another interesting development in knowledge communication is the increase in the numbers of people who are broadly defined as Professional Amateurs (Pro-Ams). The Pro-Am movement has been described as the historic shift from the dominance by professionals in numerous fields (notably medicine, science, and education) to the inclusion of non-professionals in these fields. Bruns et al. (2012) state that Pro-Ams bridge the non-commercial world with the commercial world. In a report based on in-depth interviews with a wide range of Pro-Ams, Leadbeater and Miller (2004, p. 20) describe the activities and contributions of Pro-Am groups. In their definition, a Pro-Am ‘pursues an activity as an amateur, mainly for the love of it, but sets a professional standard’. In many cases, however, the Pro-Ams in healthcare are motivated less by the love of the activity and more by the fact that their disease or illness drives their need to learn more about their condition. Pro-Ams in healthcare (i.e. expert patients) are

Knowledge Communication and Communication Risks in Healthcare …

111

said both to consume health and to produce health (Lorig 2002). According to Donaldson (2003), in research on expert patients in the NHS, some patients know more about their disease than their physicians. It is only recently that the ‘wisdom and experience’ of patients have been recognized as potential contributors to successful treatment and care. In a related study of service user involvement in healthcare and social services in Norway, Andreassen et al. (2014) examine the professionalization of voluntary workers who nevertheless remain amateurs. Various researchers have studied the risks associated with knowledge communication. Durst and Zieba (2017), who take an organizational perspective, divide general knowledge risks into internal and external risks. In healthcare, the internal risks are associated with poor or insufficient physician communications and with patients’ low level of compliance with prescribed treatment (see also Zolnierek and DiMatteo 2009). The external risks are associated with decisions and outcomes for patients (see also O’Connor et al. 2003; Spatz et al. 2016; Stacey et al. 2017) and with the digitalization of healthcare. In the former case, the risk is that some patients lose trust in their physicians and confidence in the information provided by their physicians (Hesse et al. 2005). In the latter case, a serious risk relates to the often-questionable reliability of Internet and web page information (McMullan 2006).

3

Methodology

The empirical data for this chapter derived from a Swedish social media portal that patients and others may access in a search for information about health issues with a focus on thyroid disorders. The portal also permits users to ask questions and post comments. For the explorative pilot study that this chapter reports on, ten semi-structured interviews were conducted by telephone with patients diagnosed with thyroid disease. These patients agreed to participate in the study after reading the introductory text on the social media portal that explains the study. The ten patients were woman, between the ages of 30 and 67 years, who were from various areas in Sweden. They had been diagnosed with a thyroid disease between one year and 26 years prior to this study. Their diagnoses varied from hypothyroidism to hyperthyroidism with Graves’ disease or goitre. The patients in total have 136 years of experience with their disease. The interviews, which were conducted in January 2019, lasted from 15 to 30 min each. An interview guide was used that dealt with three thyroid disease phases: (i) diagnostic phase, (ii) untreated phase, and (iii) current (treated) phase. The interviews focused on the respondents’ knowledge, asked for and received, during the process of their thyroid disease. In addition, the respondents were asked to indicate (by checking boxes) how they searched for information about their disease. The choices were physician, other health professionals, friends, relatives, research, literature, social media, or others. In the interaction with the respondents, the researchers exercised care, sensitivity, and respect in accordance with the ethical considerations of the research design.

112

P. Ulvenblad

For the analysis of the interview data, a matrix was created with various categories. The content analysis used in this study is predominantly conventional content analysis in which the conventional step is based on the limited research on a particular subject (in this study, the research on patients with thyroid disease). Therefore, the categories are based on empirical findings (Hsieh and Shannon 2005). However, another aspect of content analysis is the directed content analysis of the research design. In this step of content analysis, the researcher focuses on the number of times the respondents’ answers connect to the knowledge communication from previous research. The categories are thus predefined. For the current research, this is the step when the respondents indicated the sources they used to search for information about their disease. Reliability and validity in this qualitative study are confirmed by its trustworthiness, rigour, and quality (Golafshani 2003). Trustworthiness refers to confidence in the research process, in the respondents, and in their interview information. Rigour refers to the thoroughness of the research process. Quality refers to the extent of the subjectivity and reflexivity in the social interaction in the interviews (Davies and Dodd 2002). Subjectivity is accomplished by a stepwise procedure for data collection and data analysis. Reflexivity refers to the researchers’ redefinition and reinterpretation of ideas. The respondents in the study were encouraged to propose additional interview questions based on their relevant experiences (in particular, experiences the semi-structured interview guide did not address). The respondents were also asked for suggestions on how the researchers could improve knowledge communication in the diagnosis and treatment of thyroid diseases. These questions and suggestions will be used in the next round of data collection that follows this pilot study.

4

Findings and Discussion

The findings from this research are first presented in three phases: (i) the diagnostic phase, (ii) the untreated phase, and (iii) the current phase. Next, the respondents’ ideas and opinions related to knowledge communication and their use of the Internet as a source of medical information are presented. The ten respondents have fictive names in the presentation. The three phases of thyroid disease diagnosis and treatment The diagnostic phase. Eight respondents said they received information about their disease from a diagnosing physician. Caroline was too ill to remember how she received this information. Harriet was too young to remember how she received this information. The knowledge received pertained to the diagnosed disease and the prescribed medications. Bertha and Gretel received their information from the specialist in endocrinology. The other respondents received their information from the practising physician at the healthcare centres.

Knowledge Communication and Communication Risks in Healthcare …

113

Annie and Eve received similar information about their disease. They learned they had lifelong diseases and would take medication for the rest of their lives. Annie said: ‘I received no other information’. Eve’s physician said her recovery would take a very long time. Some respondents said their physicians told them they would regain their health. Diana was advised to start her medications gradually and was told that she would recover. Isabelle, who was told she should not be seriously concerned about her disease, said she received no other information. Bertha, Fiona, and Jana said they were only given the name of their disease and its prescribed medications. Gretel, who said she received very little information about her disease, learned later that some of this information was erroneous. Several respondents began to search for information on their disease and medications. They thought the information they had been given was insufficient. The untreated phase. This phase began in different ways for the respondents. Except for Harriet, the respondents had various symptoms of the disease for many years before their diagnosis. Harriet’s disease was diagnosed quite quickly when she was still young. Caroline, Eve, Isabelle, and Jana said they had never received detailed information about their disease and treatment. Annie, who reported her physician advised her to exercise more because of her weight gain, said that more exercise had no beneficial effect on her thyroid disorder. Bertha, who had consulted a specialist in endocrinology seven years before her diagnosis, was told she should have started treatment at that time. Diana and Gretel, who were prescribed anti-depressant medications, said these medications had no beneficial effect. The current phase. The respondents have been searching for, and are now searching actively for, information about their disease. They read the research literature available on the Internet. They use social media to contact and interact with patients who have the same disease. Diana said: ‘All I know, I learned myself. I was able to confirm my symptoms using an E-reader’. In explaining her reasons for trying to learn more about her disease, Jana simply said: ‘I was forced to’. However, the respondents also request information from the various physicians they meet during their treatment. In some cases, they request a change in treating physician. Annie contacted a private medical practice after dissatisfaction with the treatment she received in public healthcare. Bertha requested treatment by a specialist. Eve reported that when her physician said to her, ‘I cannot care about you because you don’t listen to me’, she answered ‘Thank you, the same to you’ and immediately requested a new physician. By this, she received better treatment. Fiona and Gretel have changed physicians several times in a search for better treatment. The respondents’ ideas on knowledge communication The respondents offered several suggestions for how to improve communication of healthcare knowledge in the areas of (i) medications, (ii) development of the disease, (iii) quality of life, and (iv) follow-up on the disease. These suggestions are directed towards the information needed when first diagnosed with thyroid disease and the information needed during the progression and treatment of their disease.

114

P. Ulvenblad

Medications. Annie wants more detailed information about her medications. Eve and Jana want to know more about alternative medications and alternative treatment methods. Jana also thinks it is important to know the effects and side effects of her medications. Development of the disease. Bertha and Gretel want much more information about how their disease will progress. Caroline wants a better description of the thyroid disease condition and experience. Eve wants more information about thyroid disease as an autoimmune disease. Isabelle thinks that patients should be told about possible changes in their disease when they are first diagnosed. Quality of life. How you should live your life and way of life when you have the disease is of importance for all of the respondents. Bertha and Gretel want more information on how people live with thyroid disease. Harriet wants more information about the relationships between thyroid diseases and other medical conditions (e.g. allegories such as gluten intolerance) that may have dietary implications. Follow-up on the disease. Several of the respondents point to the importance of follow-up on the disease. Fiona thinks more investigations of thyroid disease symptoms are needed. She especially mentions the need for frequent sampling and careful investigations of the symptoms related to the thyroid disease. Harriet emphasizes the need to conduct more research on the levels of thyroid hormones and rethink the interpretation of the levels of thyroid hormones. Diana states that there is research today showing that we cannot see all the facts about thyroid symptoms in the blood. Other procedures are needed in the follow-up on the disease. In short, the respondents point to several areas where knowledge communication for thyroid patients could be improved. In particular, they point to the pre-diagnosis period when they experience symptoms of possible thyroid problems and to the post-diagnosis period when their medications do not seem to alleviate their symptoms. Caroline said: ‘The worst is when you are not examined when you feel bad’. She thinks the medical community should treat the whole human being (i.e. the practice of holistic medicine) in the search for wellness and health. Annie thinks physicians have a limited understanding of thyroid diseases. Diana would like to see a ‘total change in healthcare as far as the treatment of thyroid diseases’. She suggests that patients should be involved in the review of medical guidelines. The respondents’ use of the Internet to find medical information In recent years, the respondents have often sought information about their disease outside the usual physician–patient channels. For example, they have used the Internet to locate social websites, research literature, and patient forums. Like patients in other researches who use the Internet to search for health information (e.g. Diaz et al. 2002), the respondents in this study report positive results when they search for information about their thyroid diseases. They then use this information in a variety of ways. They discuss their findings with their physicians, they blog about their disease and its treatment, and they have online conversations with other people with the same disease. They do their best to spread their knowledge in an effort to improve thyroid disease diagnosis and treatment as well as to provide

Knowledge Communication and Communication Risks in Healthcare …

115

comfort to others and to themselves. They become ‘patient advocates’ (Jones 2010) and professional amateurs (Pro-Ams) (Andreassen et al. 2014; Leadbeater and Miller 2004). The risks in knowledge communication in healthcare The risks in knowledge communication are both internal and external. The respondents have expressed several risks related to the outcome of their diseases as patients. The internal risks are the risks associated with the progression and outcome of diseases, in particular the risks associated with erroneous information, poor communications, and delays in medical treatment (O’Connor et al. 2003; Spatz et al. 2016; Stacey et al. 2017; Zolnierek and DiMatteo 2009). The external risks are the risks associated with a lack of trust and confidence in physicians and the healthcare system in the respondents’ expressions. This is also found in previous research focusing on the possibilities with digital information for patients (Hesse et al. 2005). Other external risks are associated with the unreliability at times of Internet sources and websites (McMullan 2006). However, the respondents discuss how they value different sources and choose sources that are reliable, such as research reports and information from the Thyroid Association [Sköldkörtelförbundet] in Sweden.

5

Conclusions, Implications, and Suggestions for Future Research

This chapter’s main purpose is to advance our understanding of knowledge communication (including digital dissemination) and communication risks by its report on thyroid patients’ perceptions of how they receive and seek information about their disease. To supplement the information provided by their medical caregivers, the patients in this study acquired information about their disease from alternative sources. They turned to the Internet, social media websites, and research literature in an effort to learn more about their disease. They became, in the language of contemporary, patient-centred advocacy, professional amateurs (Pro-Ams). They shared information with their physicians in consultations and with others (with the same disease) via blogs and social media. Both internal and external risks are associated with knowledge communication (as well as with non-communication of knowledge). The internal risks to patients derive from the physicians’ confusing or insufficient explanations of the disease in all phases of diagnosis and treatment. The delay in prescribing medication and the patients’ low level of compliance with prescribed treatment pose other internal risks. The external risks derive from the patients’ lack of confidence in their physicians and their mistrust of the healthcare system. In addition, patients who search online for information on how to diagnose/treat their diseases are at risk of misdiagnosis and delayed treatment if their sources are unreliable. However, the information, they receive from reliable sources e.g. peer-reviewed journal articles

116

P. Ulvenblad

and official medical groups such as the Swedish Thyroid Association [Sköldkörtelförbundet], may reduce this risk. Even Internet discussion forums may provide information that is not otherwise available. This study of the patient perspective can influence clinical practice. Both caregivers and patients benefit when more attention is paid to Pro-Ams. The patient advocacy movement aims to encourage the professional medical community to listen to patients’ experiences, to recognize the value of patients’ contribution to their treatment, and to allow patients to participate in the development of guidelines for specific areas of healthcare. It is essential that knowledge communication about diseases, throughout the diagnostic and treatment phases, take the patients’ quality of life, response to medications, and follow-up experience into careful consideration. Healthcare policies and practices and physician–patient relationships would benefit from an increased understanding of how patients create their own knowledge of their disease. For future research, more investigation of patients’ experiences is recommended. Patients are the best resource for honest descriptions of how they have received and sought information on their disease. The patients’ perspective is too often under-appreciated or even ignored by the professional medical community.

References American Thyroid Association (ATA) (2019). General information/press room. Retrieved 2019-01-30 from https://www.thyroid.org/media-main/press-room/. Andreassen, T. A., Breit, E., & Legard, S. (2014). The making of ‘professional amateurs’ Professionalizing the voluntary work of service user representatives. Acta Sociologica, 57(4), 325–340. Bangerter, L. R., Griffin, J., Harden, K., & Rutten, L. J. (2019). Health information–seeking behaviors of family caregivers: Analysis of the health information. National Trends Survey. JMIR Aging, 2(1), e11237. Bosma, H., Jansen, M., Schefman, S., Hajema, K. J., & Feron, F. (2015). Lonely at the bottom: A cross-sectional study on being ill, poor, and lonely. Public Health, 129(2), 185–187. Brigden, A., Barnett, J., Parslow, R. M., Beasant, L., & Crawley, E. (2018). Using the internet to cope with chronic fatigue syndrome/myalgic encephalomyelitis in adolescence: A qualitative study. BMJ Paediatrics Open, 2(1). Brodie, M., Flournoy, R. E., Altman, D. E., Blendon, R. J., Benson, J. M., & Rosenbaum, M. D. (2000). Health information, the Internet, and the digital divide. Health Affairs, 19(6), 255–265. Bruns, A. (2012). Reconciling community and commerce? Collaboration between prod usage communities and commercial operators. Information, Communication and Society, 15(6), 815–835. Davies, D., & Dodd, J. (2002). Qualitative research and the question of rigor. Qualitative Health Research, 12(2), 279–289. Diaz, J. A., Griffith, R. A., Ng, J. J., Reinert, S. E., Friedmann, P. D., & Moulton, A. W. (2002). Patients’ use of the Internet for medical information. Journal of General Internal Medicine, 17(3), 180–185. Durst, S., & Zięba, M. (2017). Knowledge risks-towards a taxonomy. International Journal of Business Environment, 9(1), 51–63.

Knowledge Communication and Communication Risks in Healthcare …

117

Finkelstein, E., & Corso, P. (2003). Cost-of-illness analyses for policy making: A cautionary tale of use and misuse. Expert Review of Pharmaco economics & Outcomes Research, 3(4), 367–369. Retrieved 2019-01-14 https://doi.org/10.1586/14737167.3.4.367 Golafshani, N. (2003). Understanding reliability and validity in qualitative research. The Qualitative Report, 8(4), 597–606. Graham, I. D., Logan, J., Harrison, M. B., Straus, S. E., Tetroe, J., Caswell, W., et al. (2006). Lost in knowledge translation: time for a map? Journal of Continuing Education in the Health Professions, 26(1), 13–24. Gray, N. J., Klein, J. D., Noyce, P. R., Sesselberg, T. S., & Cantrill, J. A. (2005). Health information-seeking behaviour in adolescence: The place of the internet. Social Science and Medicine, 60(7), 1467–1478. Hesse, B. W., Nelson, D. E., Kreps, G. L., Croyle, R. T., Arora, N. K., Rimer, B. K., et al. (2005). Trust and sources of health information: The impact of the Internet and its implications for health care providers: Findings from the first health information national trends survey. Archives of Internal Medicine, 165(22), 2618–2624. Hsieh, H. F., & Shannon, S. E. (2005). Three approaches to qualitative content analysis. Qualitative Health Research, 15(9), 1277–1288. Institute for Language and Folklore (2017). New word list 2017. Retrieved 2018-11-03 from https://www.sprakochfolkminnen.se/download/18.7c5fa521167c5a973837e6c8/ 1545838729302/Nyordslista%202017.pdf Jones, A. (2010). Patient advocates in the Internet age: A threat to traditional notions of authority in health care? Journal of Digital Research and Publishing 137. Lavis, J., Ross, S., McLeod, C., & Gildiner, A. (2003). Measuring the impact of health research. Journal of Health Services Research and Policy, 8(3), 165–170. Leadbeater, C., & Miller, P. (2004). The Pro-Am revolution: How enthusiasts are changing our economy and society. London: Demos. Lorig, K. (2002). Partnerships between expert patients and physicians. The Lancet, 359(9309), 814–815. Maniakas, A., Davies, L., & Zafereo, M. E. (2018). Thyroid disease around the world. Otolaryngologic Clinics of North America, 51(3), 631–642. McMullan, M. (2006). Patients using the Internet to obtain health information: How this affects the patient–health professional relationship. Patient Education and Counseling, 63(1–2), 24–28. Mitton, C., Adair, C. E., McKenzie, E., Patten, S. B., & Perry, B. W. (2007). Knowledge transfer and exchange: Review and synthesis of the literature. The Milbank Quarterly, 85(4), 729–768. Mundluru, S. N., Werbaneth, K., Therkelsen, K. E., Larson, A. R., & Santini, V. E. (2019). “But doctor, I googled it!”: The “three Rs” of managing patients in the age of information overload. Clinics in Dermatology, 37(1), 74–77. Nyordslistan (2017) Retrieved 2018-11-03 from https://www.sprakochfolkminnen.se/download/ 18.7c5fa521167c5a973837e6c8/1545838729302/Nyordslista%202017.pdf. O’Connor, A. M., Légaré, F., & Stacey, D. (2003). Risk communication in practice: The contribution of decision aids. BMJ, 327(7417), 736–740. Office on Women’s Health (OWH). (2019). U.S. Department of Health and Human Services. Retrieved 2019-01-30 from https://www.womenshealth.gov/a-z-topics/thyroid-disease. Riggare, S. (2018). E-patients hold key to the future of healthcare. BMJ, 360, k846. Riggare, S., & Unruh, K. T. (2015). Patients organise and train doctors to provide better care. BMJ, 351, h6318. Rubinelli, S., Silverman, J., Aelbrecht, K., Deveugele, M., Finset, A., Humphris, G., … & van Weel-Baumgarten, E. (2019). Developing the International Association for Communication in Healthcare (EACH) to address current challenges of health communication. Patient Education and Counseling. Seçkin, G., Hughes, S., Yeatts, D., & Degreve, T. (2019). Digital pathways to positive health perceptions: Does age moderate the relationship between medical satisfaction and positive health perceptions among middle-aged and older internet users? Innovation in Aging, 3(1), igy039.

118

P. Ulvenblad

Sköldkörtelförbundet. (2019). Retrieved 2019-01-30 from https://skoldkortelforbundet.se/battrevard/statistik/. Spatz, E. S., Krumholz, H. M., & Moulton, B. W. (2016). The new era of informed consent: Getting to a reasonable-patient standard through shared decision making. JAMA, 315(19), 2063–2064. Stacey, D., Légaré, F., Lewis, K., Barry, M. J., Bennett, C. L., Eden, K. B., … & Trevena, L. (2017). Decision aids for people facing health treatment or screening decisions. Cochrane Database of Systematic Reviews, (4) Art. No. CD001431. Tarricone, R. (2006). Cost-of-illness analysis: What room in health economics? Health Policy, 77 (1), 51–63. Tulbert, B. H., Snyder, C. W., & Brodell, R. T. (2011). Readability of patient-oriented online dermatology resources. The Journal of Clinical and Aesthetic Dermatology, 4, 27–33. Watt, T., Groenvold, M., Rasmussen, A. K., Bonnema, S. J., Hegedüs, L., Bjorner, J. B., et al. (2006). Quality of life in patients with benign thyroid disorders: A review. European Journal of Endocrinology, 154(4), 501–510. Yen, L., Gillespie, J., Kljakovic, M., Brien, J. A., Jan, S., Lehnbom, E., et al. (2011). Health professionals, patients and chronic illness policy: A qualitative study. Health Expectations, 14 (1), 10–20. Zolnierek, K. B. H., & DiMatteo, M. R. (2009). Physician communication and patient adherence to treatment: A meta-analysis. Medical Care, 47(8), 826.

Pia Ulvenblad is Associate Professor at the School of Business, Engineering and Science at Halmstad University (Sweden). She is also the coordinating leader of the research group Knowledge, Enterprise and Entrepreneurship (KEEN) at Halmstad University. She has been working as a project leader in several research- and education projects. She has been studying the innovation support system and leadership together with sustainable business models in the agri-food industry. Her research interests include entrepreneurship, communication strategies, self-leadership and leadership development as well as sustainable business model innovation. In recent years her research interest has developed to also include entrepreneurship in the health sector and knowledge communication and communication risks in health care. Further, the role of professional amateurs in health care is of interest.

Blockchain: A New Disruptive Innovation for Knowledge Risk Management Ethem Ilbiz

Abstract

This chapter aims to examine blockchain technology, which is a disruptive innovation of recent years, in the context of knowledge risk management (KRM). It discusses how tacit knowledge of blockchain can be retained in organizations and integrated to production or service process. The chapter examines the KRM process in three knowledge retention stages, namely knowledge acquisition, knowledge transfer and knowledge integration. The core argument of this study is organizations intending to adopt blockchain should improve their KRM capacity before initiating this technology in their business process, whilst this technology is still in its nascent years. Otherwise, there is a huge knowledge management risk for them because they may lose their first-mover advantage against their competitors if they lose their knowledge assets. Their pioneering role can be seized by their rivals. Keywords

Blockchain capacity

1




Disruptive innovation




Knowledge risk management




KRM

Introduction

Disruptive innovation is one of the fashionable terms of recent years to define new technological developments that impose a change in traditional business models. According to Christensen (1997), disruptive innovation is a creative initiative that E. Ilbiz (&) Visiting Research Fellow, International Centre for Policing and Security, University of South Wales, Girne Mah. Ciftlikli Sok. 21/5, Maltepe, Istanbul, Turkey e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_8

119

120

E. Ilbiz

disrupts existing knowledge equilibrium in the market and value of the network. It enables challenging with fewer sources against strong incumbent businesses and can also be hurtful to the dominance of strong market players. Therefore, disruptive innovations should be followed closely by the owners and managers of the incumbent businesses to evaluate how this phenomenon can influence their competitiveness. In the case of adoption of disruptive innovation, senior business executives need a strategy to integrate it at the most convenient time (Markides 2006). In this respect, the blockchain is one of the disruptive innovations of recent years. It is a distributed ledger system where peers can make value transactions without any intermediary, and these transactions are recorded by other members of the network (Nakamoto 2008). Since its first appearance as a virtual currency in the name of Bitcoin, there is an increasing hype about blockchain technology (Kshetri 2018). It is considered as a revolutionary solution to many problems of traditional business practices such as improving transparency and diminishing the cost of mediation (Swan 2015). This new innovation can undermine the role of many intermediaries, such as banks, brokers, a middleman who are vital in supply and demand circle (Magrann 2018). Even though blockchain is still in its infancy years, it is expected to change business models of many industries including retail, technology, financial services, healthcare in the following years (Carson et al. 2018). Blockchain as a disruptive innovation has strong potential to upset the knowledge equilibrium in many industries, and it may create a dilemma for many companies. If companies tend to ignore it and blockchain becomes a prominent technology in their industry, there is a risk for lagging behind in the market competition. They might lose their leading positions to their existing rivals and new competitors who will have first-mover advantage. On the other hand, if they adapt blockchain without considering its knowledge components those are vital for business, there are risks to be encountered such as knowledge loss, knowledge attrition, knowledge leakage, knowledge spillover (Durst and Zieba 2017). Therefore, companies who are new to this innovation need to develop an in-depth understanding of blockchain with its likely positive and negative consequences before adopting it to use their scarce resources in the best possible way. In the existing literature, disruptive innovation is described as a strategic tool for sustainable growth (Christensen 1997; Adner 2002), and in the competitive global business environment, it is found to be a critical factor that can either be a threat or opportunity for companies (Cheng et al. 2010; Hüsig et al. 2005). Disruptive innovation is also presented as a process which has strong potential to enforce change for incumbent business (Gilbert and Bower 2002). Individuals are also emphasized as a major knowledge source in disruptive innovations (Argote et al. 2003; Birkinshaw et al. 2002). However, within the literature colliding with disruptive innovations and management of individual knowledge, there is a remarkable gap about blockchain technology.

Blockchain: A New Disruptive Innovation for Knowledge …

121

In this vein, this chapter aims to examine blockchain technology through the lenses of KRM and provides a framework for how companies interested in adaption of blockchain can mitigate their knowledge risks whilst adapting and maintaining this technology. The core argument of this chapter is that incumbent businesses who are intended to adopt blockchain should evaluate, first, their KRM capacity whether they can manage knowledge risks of blockchain. If they are capable, then, they should adapt blockchain technology before it becomes mainstream to benefit from first-mover advantages. Otherwise, they may lose the pioneering advantages of this disruptive technology to their rivals because of their inaction. Due to blockchain being still immature technology, identifying all knowledge risks is not easy at this stage. Therefore, the analysis made in this chapter for blockchain KRM includes three major stages of knowledge retention. They are knowledge acquisition, knowledge transfer and knowledge integration. These three phases will be discussed in the context of blockchain technology, and a comprehensive knowledge retention strategy will be provided to incumbent businesses who are willing to adapt blockchain. The qualitative data used in this article involves document analysis of white papers of various blockchain applications, mass media resources and semi-structured interviews those held with experts in the Turkish blockchain community. With a combination of different data sources, the data used in this chapter aims to complement each other. This chapter starts with a section explaining how blockchain works. It is followed by a section in which the theoretical framework of KRM is detailed. The section following examines three knowledge retention processes in the firms that how knowledge risks regarding the blockchain can be managed. The concluding section provides a KRM road map for organizations who are interested in adapting blockchain, and future projections about blockchain KRM will be shared how this framework can be extended both practically and theoretically.

2

How Blockchain Works

The blockchain as its name implies is a data structure comprises chained data blocks. It has two essential components in the transaction process. The first of these is a hash function that is also named as a digital fingerprint. It turns any of length input data to an output of fixed length (256 bit). The hash function is a one-way algorithm that makes it almost impossible to derive the input text from output string. The other is cryptographic key pairs, namely public and private keys those address and authorize the transaction. The public key is the account address where transactions are sent. The private key is the signature that authorizes transactions (Sundaramoorthy 2017).

122

E. Ilbiz

The transaction data between peers comprises a hash value which is a combination of the hash value of the previous transaction, the public key of destination account and the private key of sender (Nakamoto 2008). When a transaction is completed between peers, this data is aggregated in a data block by nodes who act as validator and keeping records of transactions. However, this is not enough to close the data block. It needs to be chained with previous blocks. To do this, a timestamp is needed which is formed with hash of previous block and a random number called nonce that verifies the hash (Nofer et al. 2017). The nodes who strive to link an open block with previous block use their computational power to guess relevant nonce that is combined with the hash of previous block and the hash of new transactions. The node that predicts the correct nonce closes the block and broadcasts its accomplishment to the blockchain network (D’Aliessi 2016). This process is followed by creating a new block to aggregate new transactions. Consecutive blockchain creation is repeated through the same process in each block following. This blockchain structure was first introduced with Bitcoin in 2009. By the time, however, different models of blockchain developed. They are categorized as permissionless/permissioned and private/public. Permissionless/public blockchains are open to anyone who wants to participate in the network. When participants download all transaction ledger, they become a node. They can both create blocks and validate transactions. Permissioned/public blockchains set pre-defined conditions for nodes. If they met these criteria, they can download the ledger and become a node to create blocks and validate transactions. Permissionless/private blockchains also allow anyone to be the node of the network. Nodes can verify transactions. However, in this blockchain model, blocks can only be created by authorized nodes, rather than anyone in the network. In permissioned/private blockchains, only authorized members of the network can validate transactions and create blocks (Voshmgir and Kalinov 2017). The smart contracts are another transaction protocol that is enriched with the addition of another layer on the blockchain that enables value transaction fulfilment of further arbitrary conditions (Szabo 1997). These protocols work such a vending machine. The value transaction between two parties is kept in an escrow account in blockchain, and the pre-determined conditions (scripts) dictate how the transaction process will take place. When consensus protocol is fulfilled by contracting parties, transaction executed autonomously without any intermediary (Reyna et al. 2018). In view of these different types of blockchain, companies who need blockchain may use one of these options. Their employed software specialists or the contractors who provide blockchain service are responsible for choosing and maintaining an appropriate platform for the company that responds their business needs. The technical knowledge embedded to these people inevitably becomes an important asset for the organization. It must be carefully managed not to losing it.

Blockchain: A New Disruptive Innovation for Knowledge …

3

123

Knowledge Risk Management

Knowledge is one of the important resources of business enterprises (Ambrosini and Bowman 2001; Grant 1996; Haldin-Herrgard 2000; Lubit 2001; Zack 1999). It needs to be carefully managed because companies, who are not able to control their knowledge, cannot manage their operational risks (Neef 2005). This kind of negligence is no more acceptable by external investors or shareholders (Emblemsvåg and Kjølstad 2002). Moreover, globalization and growing competitive business environment also pose many market challenges to the companies. In order to respond to these challenges, companies are required to be more innovative to compete with their rivals (Alhawari et al. 2012). In this respect, knowledge has become an important asset for companies to keep their competitive advantages (Spender 1996). Therefore, owners and executive directors of companies need to find strategies to eliminate the risks surrounding their knowledge assets (Brunold and Durst 2012). Nevertheless, managing knowledge, in general, is not an easy task for companies because it is not easy to control. Especially, tacit knowledge is not directly appropriable, and its transfer is highly difficult for organizations (Grant 1996). It is an individual knowledge and generally its context-specific (Nonaka 1994). Hence, companies need a comprehensive strategy to manage tacit knowledge to evaluate their core process, integrate it to their skills and experiences and use it for innovation (Du Plessis 2005). Knowledge retention has been defined as “maintaining, not losing, the knowledge that exists in the minds of people (tacit, not easily documented) and knowing (experiential action manifesting in behaviour) that is vital to the organization’s overall functioning” (Martins and Meyer 2012). It aims to transform expert knowledge to an organizational asset (Levy 2011). In order to keep knowledge in the organization, a systematic approach is needed for knowledge retention. If companies can manage knowledge retention, they are less dependent on an external source of knowledge (Durst et al. 2017). There are no monolithic knowledge risks for organizations that they are exposed whilst maintaining their business operations. According to the taxonomy provided by Durst and Zieba (2017), knowledge risks can be associated with employees, co-operant’s or competitors (Durst and Zieba 2017). As a disruptive technology, blockchain is still in its immature years. Its success is not proved in many industries because of unstructured blockchain experiments and absence of feasibility analysis (Fogliadini 2018). Therefore, knowledge risks for blockchain are either at the employee or co-operant levels such as hiring blockchain developers or outsourcing from an external contractor like buying blockchain maintaining service. In this vein, this chapter examines these two knowledge risks regarding the blockchain within three knowledge retention stages: knowledge acquisition, knowledge transfer and knowledge integration.

124

4

E. Ilbiz

Knowledge Acquisition

One of the biggest challenges of KRM is that knowledge resides in employees, and knowledge creation is an individual activity rather than organizational because organizational knowledge is created through interactions of the people (Grant 1996). Thus, knowledge risk management is integrated with the recruitment of qualified employees that have creative skills. In order to find appropriate candidates, an effective recruitment strategy is needed (Lepak and Snell 1999; Lubit 2001). According to Massingham (2010), organizations aiming to employ the best applicants, they have to attract qualified experts. The higher the qualification of the employee, there is a higher knowledge acquisition risk for companies because human capital cannot be easily bought. Qualified experts require more salaries and better working conditions than less qualified employees. In this respect, as a disruptive innovation, blockchain is not grasped comprehensively in many industries. Not many people know how blockchain works even by the people who are in blockchain-related businesses (Popper 2018). Furthermore, blockchain developers need to be qualified in other areas such as network security or microservices. It is often hard to find and employ people qualified in all areas (Interview_1). Due to absence of employees qualified in blockchain, companies aiming toadapt this technology heavily depend on coders who can write and maintain blockchain protocols (Morabito 2017). This tacit nature of blockchain knowledge increases the knowledge acquisition risks for organizations. Apart from that, blockchain technology is still in its infancy years. Due to its immaturity, there is a limited number of schools and institutions providing blockchain courses and what exactly should be taught and who will make the teaching is still in question (Murphy 2018). The scarcity of blockchain courses inevitably causes a limited number of blockchain developers in the market. The shortage of these employees increases knowledge risks for many companies interested in adapting blockchain due to the absence of alternative employees and the knowledge asymmetry in favour of developers. This dependency will and may not reduce until this job becomes more popular and more people became a blockchain developer (Interview_2). The other important knowledge risk for organizations who desire to employ blockchain experts is, there is an increasing demand for these employees, and firms are fighting to hire the best talent candidates (Del Castillo 2017). Increasing demand is consequently increasing their salary range. For instance, in Silicon Valley, the USA, the annual wage of a blockchain is approximately $150K to $175K, which is higher than senior hardware developers (Rodriguez 2018). Furthermore, some cryptocurrency firms offer profit-sharing models for these employees that increase their income a lot higher (Blockgeeks 2018). In that sense, companies with budget constraints possibly challenge to hire people who own this knowledge until a highly competitive job market arises and the recruitment cost of these developers reduces (Interview_1). If they convince blockchain developers to work with them, they need

Blockchain: A New Disruptive Innovation for Knowledge …

125

a strategy to integrate their tacit knowledge to organizational learning. Otherwise, if their employee departs, the money paid for this knowledge will evaporate. Using cloud technologies of an external contractor is the other way of adapting blockchain into business and production process. Companies such as Microsoft, IBM or Oracle provide blockchain environments for other companies in their platforms (Patrizio 2018). These companies generally share their blockchain library as an open-source, and they only charge if their cloud services are used. Their membership plans can be much reasonable prices in comparison with the company investments made on a blockchain project that include employing blockchain experts and investing IT infrastructure. Companies, who do not have their own blockchain infrastructure, still need to rely on cloud technologies of above-mentioned contractors. This will double their expenses (Interview_3). Even though open-source library of external contractors reduces the knowledge retention risks for companies, they still need to hire people to customize their blockchain operations (Interview_1). Their dependency on these experts will increase knowledge acquisition risks for these companies. They have to adapt appropriate risk management strategies to obtain knowledge.

5

Knowledge Transfer

The tacit character of knowledge increases knowledge retention risks for the companies because it is not easy to formalize and transfer. On the other hand, without knowledge transfer and making it more accessible by other employees, companies are vulnerable to the loss of knowledge if their employee left the job (Lee et al. 2014). Or, their outsourcing contractor walks out with the knowledge needed to perform business operations (Agndal and Nordin 2009). Therefore, organizations concerned with their knowledge assets need to find feasible methods to knowledge transfer to keep their knowledge assets in their organization. Employing blockchain developers or finding a highly professional external contractor qualified in the blockchain are not enough to keep their knowledge assets in the organization. It needs to be internalized by the organization to maintain blockchain operations in their absence. The first method to ease knowledge transfer is engaging with the blockchain developer or contractor using different communication channels and regularly scheduled meetings. The major reason for closer interaction is generally in the blockchain market developers and contractors are offered remote jobs (Blockgeeks 2018). This may be challenging for many companies who are not familiar with this employment model because of the feeling that has no control over the situation and difficulties to gain trust with a remote team (Forbes Coaches Council 2018). The location flexibility provided for remote employees may cause a problem for many companies to transfer the tacit knowledge to an organizational asset. On the other hand, this model of employment can turn into an advantage because companies who hire blockchain developers no need to provide office, insurance or meals for

126

E. Ilbiz

their employees that can reduce their employment cost. Furthermore, too much intervention to their business may reduce their job motivation (Interview_2). For these reasons, regular social interaction and tasking mechanisms can improve knowledge monitoring mechanisms between organization and expert that can enable knowledge exchange (Massingham 2010). The second method for knowledge transfer is defining the valuable employees whose knowledge needs to be transferred (Massingham 2008) and teaming up these high-skilled employees with less-experienced workers (Rappaport et al. 2003). Otherwise, in the absence of teamwork, there is a risk of losing knowledge when a valuable employee quits the job. This mentor and apprentice model may be formed between employees of external contractor and indigenous workforce (Interview_3). The higher level of interaction between team members combined with the mentoring role of skilled workers creates a common knowledge within the team, and it can be transferred by other employees as organizational knowledge (Durst and Bruns 2016). For the companies considering to adapt blockchain, creating a blockchain team is one of the options to encounter the risk of knowledge loss. The experienced blockchain developer both inside and outside of the company can be paired with other software developers or technicians to maintain a blockchain project. As knowledge sharing improves and other members of the team learn developing and maintaining the blockchain, critical knowledge dependency of the company will diminish to certain employees or external contractors. The third method for knowledge transfer is employee training, which is mentored by skilled employees or experts. These employees can be tasked to design training programs (Durst and Bruns 2016), or external contractors may be required to provide in-service training to indigenous employees. The invitation for these programs should also include employees from different departments to develop a common knowledge in the organization for better knowledge integration (Baptista et al. 2006). The training programs developed for blockchain integration can ease the knowledge transfer to less-experienced employees. Furthermore, these training programs can attract other employees who have an interest in blockchain to be part of these teams. As many employees understand how blockchain works in the company, the integration of blockchain to business process will be less problem-free. The last method of knowledge transfer is IT-based knowledge repositories that also support other knowledge management practices. These repositories are an effective way of building and employing organizational memory (Aggestam et al. 2014). The database includes critical codified knowledge about earlier projects, best practices (Durst and Ferenhof 2016), tutorials or comments made on blockchain code structure (Interview_3). The open-source libraries or tutorials provided by external contractors are examples of IT-based knowledge repositories. Whenever needed, inexperienced employees who are tasked to develop and maintain the blockchain technology can access this information (reading the comments in codes or watching the tutorials) for guidance, and they can easily fix problems by examining these materials (Interview_2).

Blockchain: A New Disruptive Innovation for Knowledge …

127

Even though knowledge exchange is a critical issue in KRM process, copyrights infringements also need to be taken into consideration for less problematic knowledge transfer. Organizations that employ blockchain developers or work with external contractors must be aware of the scope of the intellectual property rights of the blockchain platform (Allison 2018). Some of the open-source blockchain licences may require your project to remain as open-source as well. This may reveal your project’s secrets with your rivals. On the other hand, some licences may allow you to keep it confidential (Interview_2). Therefore, before using these licences, companies should be careful the details of blockchain licence not to be subjected to a copyright infringement lawsuit which may end up with paying higher compensations to the copyright holders of the blockchain protocol.

6

Knowledge Integration

The knowledge transfer is not the last stage for reducing risks of knowledge management. The tacit knowledge also needs to be integrated into other production processes where it is needed. To do this, special knowledge of different employees in different departments needs to be integrated. The knowledge integration can be done through cross-learning by organizational members or creating procedural mechanisms that every department employee can follow their responsibilities (Grant 1996). In order to improve knowledge integration, the blockchain team must be in closer interaction with other department employees to learn about technical aspects of production and how blockchain can improve their production process. To do this, the focus groups from different departments must be integrated into the project, and they have to be trained how they can contribute to the system architecture (Interview_1). The communication channels between the blockchain team and other departments members must also be open and continuous for effective knowledge integration (Perera and Holsomback 2005). In considering blockchain, companies who intended to adopt this technology to their business process need an integration strategy. The integration of blockchain into business should start with setting the main business goal. The blockchain team and other employees responsible for production set these objectives at the early stages of integration. All shareholders should decide the adaption of blockchain as a necessity for the production process or a trend that they do not want to miss it (Mishunin 2017). The second stage of the integration process is determining the benefits that will be gained after blockchain adoption. If there is no benefit, then there is no sense to adopt blockchain (Merehead 2018). The blockchain developers and focus groups should decide how blockchain will bring benefits to the company, such as a reduction in transaction costs, synchronized transaction data recording, transparency needs or decentralized fault tolerance that is minimizing the risks of a collapse of databases (Mishunin 2017).

128

E. Ilbiz

Table 1 Knowledge risks for blockchain Employees

Co-operants

Knowledge acquisition

Lack of qualified employees Scarcity of blockchain courses High salary range

Knowledge transfer

Employment in remote Absence of teamwork Absence of internal training Lack of IT-based knowledge repositories Copyright infringements Lack of closer interaction with other departments Lack of integration strategy

Dependency on outsourcing contractor Employees needed for internal customization Absence of teamwork with outsourcing contractor Absence of outsourcing training Lack of IT-based knowledge repositories Copyright infringements Lack of closer interaction with outsourcing contractor Lack of integration strategy

Knowledge integration

The third stage of integration is developing the blockchain structure that sets rules for the network. The structure includes consensus rules of the blockchain, data privacy for ledger users or algorithms that run in blockchain (Merehead 2018). Without the support of focus groups, the blockchain structure developed by blockchain coders will be insufficient to meet the needs of business processes. The fourth stage of integration starts with developing a road map of the blockchain project. The road map includes minimal viable product (MVP) description, how MVP turns into a fully functional product (FFP), selection of blockchain platform where MVP is implemented, product design and prototyping and the possible issues that may erupt whilst preparing the FFP (Merehead 2018). The support of focus groups should also sought whilst developing the roadmap for smooth transition of the project. The final stage is the implementation of the road map that developed with experts of blockchain and other employees of the company. During the implementation, the MVP should be kept as simple as possible not to be drowned in complicated blockchain structure. Keeping MVP simple will also enable quick and feasible solutions to go further to reach FFP. Furthermore, the prototype should be implemented in more affordable platforms rather than higher-cost options (Merehead 2018). Otherwise, if a blockchain project fails, all the wasted human and capital resources will not be reversible (Table 1).

7

Conclusion

Even though there is huge hype surrounding the blockchain, it is not a panacea for all business-related problems (Tapscott and Tapscott 2016). Blockchain is still in its experimental stages and not many people familiar with this technology. Its success needs to be proved with new projects. In this respect, the knowledge of blockchain

Blockchain: A New Disruptive Innovation for Knowledge …

129

is not easy to manage in these current conditions for the organizations who wants to integrate this technology. It will also not be easy until blockchain-related readymade software tools become widespread. However, there are promising developments that may ease managing knowledge retention risks in the blockchain. There are many open-source blockchain platforms that enable organizations to adapt blockchain at lower costs. Furthermore, their open-source libraries may reduce knowledge dependency to specific developers, as long as many employees in the organization learn to use these sources and customize it to their business processes. In this respect, organizations interested in adaption of this disruptive innovation can improve their KRM capacity by employing people who can deploy side chains in open-source blockchain platforms and pairing these employees with inexperienced technicians for knowledge transfer. Even though blockchain evolution will take time for mainstream adaption, organizations who adapt this technology will have a first-mover advantage. Therefore, before blockchain technologies begin the ascent into the mainstream, organizations considering to adapt blockchain should improve their KRM capabilities not to face with knowledge retention risks. Otherwise, when they lose their blockchain knowledge assets to their rivals before blockchain becomes a mainstream technology, there will be no value of their visionary perspective even they realize the benefits of this technology before everyone else. This chapter was a preliminary work analysing the three KRM risks, namely knowledge acquisition, knowledge transfer and knowledge integration in the context of blockchain technology. However, it suffers to explain how knowledge risks are managed by organizations who adapt blockchain in real cases. This limitation is mostly relevant to blockchain technology is still in its earlier years. When blockchain technology begins to be used as a mainstream technology, further studies can examine how organizations can cope with KRM whilst running their blockchain operations. Furthermore, the other limitation of this work is the semi-structured interviews conducted with a limited number of experts in Turkey. Despite author’s efforts to make more interviews, many people who are required to share their opinion confess that their experience with blockchain is at the theoretical level. Therefore, interview numbers remained limited. This limitation is the main concern of this work for external validity (Yin 2014).

References Adner, R. (2002). When are technologies disruptive? A demand-based view of the emergence of competition. Strategic Management Journal, 23(8), 667–688. Aggestam, L., Durst, S., & Persson, A. (2014). Critical success factors in capturing knowledge for retention in IT-supported repositories. Information, 5, 558–569. Agndal, H., & Nordin, F. (2009). Consequences of outsourcing for organizational capabilities: Some experiences from best practice. Benchmarking: An International Journal, 16(3), 316– 334.

130

E. Ilbiz

Alhawari, S., Karadsheh, L., Talet, A. N., & Mansour, E. (2012). Knowledge-based risk management framework for information technology project. International Journal of Information Management, 32(1), 50–65. Allison, I. (2018). IBM and Maersk struggle to sign partners to shipping blockchain. https://www. coindesk.com/ibm-blockchain-maersk-shipping-struggling/. Accessed October 30, 2018. Ambrosini, V., & Bowman, C. (2001). Tacit knowledge: Some suggestions for operationalization. Journal of Management Studies, 38(6), 811–829. Argote, L., McEvily, B., & Reagans, R. (2003). Managing knowledge in organizations: An integrative framework and review of emerging themes. Management Science, 49(4), 571–582. Baptista, N., Annansingh, M. F., Eaglestone, B., & Wakefield, R. (2006). Knowledge management issues in knowledge-intensive SMEs. Journal of Documentation, 62(1), 101–119. Birkinshaw, J., Nobel, R., & Ridderstråle, J. (2002). Knowledge as a contingency variable: Do the characteristics of knowledge predict organization structure? Organization Science, 13(3), 274– 289. Blockgeeks. (2018). Blockchain jobs: Is one right for you? https://blockgeeks.com/guides/ blockchain-jobs/. Accessed October 27, 2018. Brunold, J., & Durst, S. (2012). Intellectual capital risks and job rotation. Journal of Intellectual Capital, 13(2), 178–195. Carson, B., Romanelli, G., Walsh, P., & Zhumaev, A. (2018). Blockchain beyond the hype: What is the strategic business value? https://www.mckinsey.com/business-functions/digitalmckinsey/our-insights/blockchain-beyond-the-hype-what-is-the-strategic-business-value?cid= other-eml-nsl-mip-mck-oth-1807&hlkid=5424a29008e445239371a81cc83b3dbb&hctky= 2254153&hdpid=bb9f89f0-458b-4b4e-a1ee-ad99e602294e. Accessed July 15, 2018. Cheng, C. F., Lai, M. K., & Wu, W. Y. (2010). Exploring the impact of innovation strategy on R&D employees’ job satisfaction: A mathematical model and empirical research. Technovation, 30(7), 459–470. Christensen, C. M. (1997). The innovator’s dilemma when new technologies cause great firms to fail. Boston, MA: Harvard Business School Press. D’Aliessi, M. (2016). How does the blockchain work? https://medium.com/@micheledaliessi/ how-does-the-blockchain-work-98c8cd01d2ae. Accessed July 14, 2018. Del Castillo, M. (2017). Blockchain’s boom year: Job market grows 200%. https://www.coindesk. com/blockchains-big-year-competitive-job-market-grows-200/. Accessed October 27, 2018. Du Plessis, M. (2005). Drivers of knowledge management in the corporate environment. International Journal of Information Management, 25(3), 193–202. Durst, S., & Bruns, G. (2016). Sustaining the future of the public sector: Insights into a Swedish municipality’s dealing with knowledge management and succession planning. Journal of Information & Knowledge Management, 15(02), 1650012. Durst, S., Bruns, G., & Edvardsson, I. R. (2017). Retaining knowledge in smaller building and construction firms. International Journal of Knowledge and Systems Science (IJKSS), 8(3), 1–12. Durst, S., & Ferenhof, H. A. (2016). Knowledge risk management in turbulent times. In K. North & G. Varvakis (Eds.), Competitive strategies for small and medium enterprises: Increasing crisis resilience, agility and innovation in turbulent times (pp. 195–209). Cham: Springer. Durst, S., & Zieba, M. (2017). Knowledge risks-towards a taxonomy. International Journal of Business Environment, 9(1), 51–63. Emblemsvåg, J., & Kjølstad, L. E. (2002). Strategic risk analysis—A field version. Management Decision, 40(9), 842–852. Fogliadini, O. (2018). Blockchain is still an immature technology. https://www.linkedin.com/ pulse/blockchain-still-immature-technology-omar-fogliadini. Accessed October 21, 2018. Forbes Coaches Council. (2018). Top 15 tips to effectively manage remote employees. https:// www.forbes.com/sites/forbescoachescouncil/2018/05/30/top-15-tips-to-effectively-manageremote-employees/#438b0df1503c. Accessed October 28, 2018. Gilbert, C., & Bower, J. L. (2002). Disruptive change: When trying harder is part of the problem. Harward Business Review, 80, 94–101.

Blockchain: A New Disruptive Innovation for Knowledge …

131

Grant, R. M. (1996). Toward a knowledge-based theory of the firm. Strategic Management Journal, 17(S2), 109–122. Haldin-Herrgard, T. (2000). Difficulties in diffusion of tacit knowledge in organizations. Journal of Intellectual Capital, 1(4), 357–365. Hüsig, S., Hipp, C., & Dowling, M. (2005). Analysing disruptive potential: The case of wireless local area network and mobile communications network companies. R&D Management, 35(1), 17–35. Kshetri, N. (2018). 1 Blockchain’s roles in meeting key supply chain management objectives. International Journal of Information Management, 39, 80–89. Lee, S., Suh, E., & Lee, M. (2014). Measuring the risk of knowledge drain in communities of practice. Journal of Knowledge Management, 18(2), 382–395. Lepak, D. P., & Snell, S. A. (1999). The human resource architecture: Toward a theory of human capital allocation and development. The Academy of Management Review, 24(1), 31–48. Levy, M. (2011). Knowledge retention: Minimizing organizational business loss. Journal of Knowledge Management, 15(4), 582–600. Lubit, R. (2001). The keys to sustainable competitive advantage: Tacit knowledge and knowledge management. Organizational Dynamics, 29(3), 164–178. Magrann, R. (2018). Blockchain: What risk managers need to know. https://www.airmic.com/ news/guest-stories/blockchain-what-risk-managers-need-know. Accessed October 19, 2018. Markides, C. (2006). Disruptive innovation: In need of better theory. Journal of Product Innovation Management, 23(1), 19–25. Martins, E. C., & Meyer, H. W. J. (2012). Organizational and behavioral factors that influence knowledge retention. Journal of Knowledge Management, 16(1), 77–96. Massingham, P. (2008). Measuring the impact of knowledge loss: More than ripples on a pond? Management Learning, 39(5), 541–560. Massingham, P. (2010). Knowledge risk management: A framework. Journal of Knowledge Management, 14(3), 464–485. Merehead. (2018). How to integrate blockchain technology into your business project. http:// merehead.com/blog/integrate-blockchain-into-business/. Accessed October 30, 2018. Mishunin, D. (2017). How to integrate blockchain into your business? https://medium.com/ hashex-blog/how-to-integrate-blockchain-464d241a6681. Accessed October 30, 2018. Morabito, V. (2017). Business innovation through blockchain: The B3 perspective. Cham: Springer. Murphy, H. (2018). Business schools race to offer lessons in blockchain and bitcoin. https://www. ft.com/content/011cf9b6-69a7-11e8-aee1-39f3459514fd. Accessed October 27, 2018. Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. https://bitcoin.org/bitcoin. pdf. Accessed February 17, 2019. Neef, D. (2005). Managing corporate risk through better knowledge management. The Learning Organization, 12(2), 112–124. Nofer, M., Gomber, P., Hinz, O., & Schiereck, D. (2017). Blockchain—A disruptive technology. Business & Information Systems Engineering, 59(3), 183–187. Nonaka, I. (1994). A dynamic theory of organizational knowledge creation. Organization Science, 5(1), 14–37. Patrizio, A. (2018). Top 10 blockchain as a service providers. https://www.datamation.com/datacenter/top-10-blockchain-as-a-service-providers.html. Accessed October 28, 2018. Perera, J., & Holsomback, J. (2005). An integrated risk management tool and process. In 2005 IEEE Aerospace Conference, Big Sky, MT, USA, March 5–12, 2005. Popper, N. (2018). Confused about blockchains? Here’s what you need to know. https://www. nytimes.com/2018/06/27/business/dealbook/blockchains-guide-information.html. Accessed October 27, 2018. Rappaport, A., Bancroft, E., & Okum, L. (2003). The aging workforce raises new talent management issues for employers. Journal of Organizational Excellence, 23(1), 55–66.

132

E. Ilbiz

Reyna, A., Martín, C., Chen, J., Soler, E., & Díaz, M. (2018). On blockchain and its integration with IoT: Challenges and opportunities. Future Generation Computer Systems, 88, 173–190. Rodriguez, S. (2018). Salaries for blockchain engineers are skyrocketing, now on par with AI experts. https://www.cnbc.com/2018/10/21/how-much-do-blockchain-engineers-make.html. Accessed October 27, 2018. Spender, J. C. (1996). Making knowledge the basis of a dynamic theory of the firm. Strategic Management Journal, 17(S2), 45–62. Sundaramoorthy, T. (2017). Hashing and public key cryptography for beginners. https://medium. com/@thyagsundaramoorthy/hashing-and-public-key-cryptography-for-beginners292aaf14efae. Accessed October 25, 2018. Swan, M. (2015). Blockchain: Blueprint for a new economy. CA: O’reilly. Szabo, N. (1997). Formalizing and securing relationships on public networks. First Monday, 2(9), 1–22. Tapscott, D., & Tapscott, A. (2016). Blockchain revolution how the technology behind Bitcoin is changing money, business and the world. New York: Penguin. Voshmgir, S, & Kalinov, V. (2017). Blockchain handbook: A beginners guide. https:// blockchainhub.net/blockchain-technology/. Accessed July 14, 2018. Yin, R. K. (2014). Case study research: Design and methods. Los Angeles: SAGE. Zack, M. H. (1999). Developing a knowledge strategy. California Management Review, 41(3), 125–145.

Interviews Interview_1 Ph.D. Student and Expert in Blockchain. Interview_2 Senior Blockchain Developer in IBM. Interview_3 Senior Blockchain Developer in IBM.

Dr. Ethem Ilbiz is a Visiting Research Fellow at the University of South Wales who has a special research interest in practical demonstrations of issues at the crossroads of disruptive technologies and policy. His recent research projects include knowledge risk management of blockchain technology, obfuscation techniques in virtual currencies and the illicit use of virtual currencies in evading the international regimes for countering the financing of terrorism, antimoney laundering and cybercrime. He also works on a new theoretical governance model called Uberization that is inspired by Uber which is used as a new cooperation model for public-private partnership. Apart from his recent research interests, he did his Ph.D. at the School of Politics and International Relations at the University of Nottingham.

Knowledge Risk Management in Different Sectors/Industries/Business Functions

An Integrated Research Methodology to Identify and Assess Knowledge Risk in a Corporation with Application to a Financial Institution Haley Wing Chi Tsang and Wing Bun Lee

Abstract

More than ever before, knowledge today drives the socio-economic and technological developments of mankind. Yet during the application of knowledge in business, in particular, the economic benefits are often coupled with various potentially negative impacts, known as knowledge risk. This happens when knowledge is mishandled at any point in the business cycle. For example, leakage of valuable secrets of products under development to competitors due to improper handling of computer security can affect the future of a corporation. Seeing the impact of knowledge risk on the corporation, management must initiate efforts to mitigate and prevent this critical risk. This starts with the identification and assessment of various knowledge risks in the corporation to gather basic, current risk information first. While traditional survey methods still apply, this chapter proposes the evidential reasoning (ER) approach to make the survey assessment more relevant and closer to the real risk landscape the corporation is facing. After an introduction and a literature review of knowledge risk and its management, the proposed identification and assessment methodology is fully explained, which is illustrated with a hypothetical knowledge risk hierarchy of a bank. In the conclusions, the benefits of ER approach are elucidated, and future directions are indicated. Keywords




Knowledge risks Risk factors Knowledge management




Risk assessment




Risk management




H. W. C. Tsang (&)
W. B. Lee Department of Industrial and Systems Engineering, Knowledge Management and Innovation Research Centre, The Hong Kong Polytechnic University, Kowloon, Hong Kong e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_9

135

136

1

H. W. C. Tsang and W. B. Lee

Introduction

Knowledge can be as old as what you can think of, for example, the proper and beneficial use of fire, dating back to the early days of human civilization. It can also be as new or far-reaching as what you can think of, for example, the use of artificial intelligence or genome editing in science and technology of today. In business, the benefits to mankind by the utilization of old or new knowledge of different kinds are varied, important and well known as far as members of a corporation are concerned. However, it is less known that knowledge can cause undesirable effects and, in some cases, disastrous damage to the corporation because of the misuse of knowledge. They are happening. One instance is the incorrect use of new resources brought about by outdated knowledge in work procedures. These negative effects of knowledge when it is mishandled in corporations are collectively known as knowledge risk and can occur at all levels of business management (Trkman and Desouza 2012; Tsang and Lee 2018). In this book chapter, a methodology is proposed to address the identification and assessment of knowledge risk in the management of modern corporations.

2

Related Background

Modern economy has fast become technology-driven and knowledge-based. Large corporations rely on their specialized knowledge to survive, grow and prosper (Johannessen and Olsen 2003; Nonaka and Takeuchi 1995). Amazon, Facebook and Google have become the global powerhouses in the Internet era by innovative applications of their specialized and excellent knowledge in e-commerce, social media and Internet searches, respectively. It can be seen that knowledge is closely linked to the competitive advantage of a corporation (Bollinger and Smith 2001; Quintas et al. 1997). Similar phenomena occur in the financial field in which leading global banks make use of their unrivalled knowledge in developing innovative and competitive financial products to meet customer needs, grow the business and increase market share. Grant (2002) and Wiig (1997) conducted studies to show that knowledge is one of the major factors responsible for the soundness and prosperity of a corporation. It can be seen that these corporations take advantage of knowledge by focusing their efforts on acquiring, applying, retaining, developing and renewing it efficiently, effectively and endlessly, and the corporate management applauds the efforts made by staff in getting maximum benefits from the utilization of knowledge in the business cycle. From junior to senior levels of staff, however, very often staff do not realize that should they improperly deal with the various facets of knowledge activities in the business process, knowledge could also bring inefficiencies, troubles, problems, loss or even threats to the corporation (Tantau and Paicu 2013). Collectively, these potential adverse effects of knowledge are referred to as knowledge risk (Trkman and Desouza 2012). Examples in different business

An Integrated Research Methodology to Identify and Assess …

137

functions are: invoices sent to the wrong address because of delay in updating customer information in the corporate database, faults in a product design because of not observing safety requirements set by the authorities, and loss of competitiveness in a market segment because of incompetence caused by insufficient knowledge of responsible marketing staff. The more serious one, which may threaten the existence of a business corporation, is the leakage of inventions to competitors because of inappropriate measures taken in computer system protection. In a corporation, there are in fact many types of knowledge risk, which is pervasive and affects every area of a corporation. First, different departments may have their own types of specific knowledge risks not found in other departments, for example, brand risk in brand management in the marketing department and incorrect control report risk in the accounting department. Yet, there are also knowledge risks common to most departments and the two typical ones are knowledge loss risk (Tsang and Lee 2018) and knowledge leakage risk (Frishammar et al. 2015). The former risk refers to the potential impact on the corporation due to loss of knowledge or valuable information originally possessed by the corporation. This may be caused by an employee possessing specialized knowledge and long experience in a certain area of the business leaves the corporation. The latter risk refers to the potential impact on the corporation due to knowledge or valuable information leaked to outside parties during the course of doing business (Ahmad et al. 2014). This may be caused by staff not following the recommended security measures set by the corporation when sharing knowledge or information with business collaborators or partners. There are other knowledge risks as well as knowledge retention risk and knowledge obsolescence risk (Tsang and Lee 2018). Furthermore, a knowledge risk can be further divided into a number of sub-risks. For example, knowledge loss risk can be divided into customer information loss risk and trade secrets loss risk. Only a few knowledge risks are being aware of and handled by corporations of today and they are quite common ones. For example, in human resources management, it is a recurring problem that the loss of valuable “insider” knowledge of business operation occurs when a key staff member leaves the corporation (Daghfous et al. 2013; Parise et al. 2006). What is far more from satisfactory at present is that there are very few methods available to identify and assess knowledge risks of the corporation as a whole. Such methods must be in place before a corporation can reasonably start to plan for systematic and effective treatment of its various knowledge risks at various stages of the risk management process. Knowledge risks at the present state are not like any other familiar business risks such as investment risk and foreign exchange rate risk, which already have long-established management practices in risk identification, assessment, mitigation, prevention, monitoring and reporting at operational and strategic levels (Aloini et al. 2007; Zhi 1995). In research, knowledge risk management is still at its early stage of development (Ahmad et al. 2014; Durst et al. 2016; Trkman and Desouza 2012).

138

3

H. W. C. Tsang and W. B. Lee

Objectives of the Chapter

Knowledge risks are common in a corporation and must be managed systematically and effectively to minimize their potential impacts on a corporation. However, staff members from top management to operational levels mainly focus on the benefits of knowledge without paying sufficient attention to the associated risk which is equally important. What makes the situation worse is that knowledge risk is an under-researched field (Trkman and Desouza 2012), implying that there are very few reliable methods available to identify and assess risk. To help the management of corporations to deal with this situation, this chapter has the following objectives: 1. To provide a basic understanding of knowledge risk in today’s corporation as a whole 2. To present and explain a methodology to identify various knowledge risks and perform a preliminary assessment 3. To present and explain the evidential reasoning (ER) approach to enhance the results obtained from traditional surveys of knowledge risks 4. To illustrate the ER approach using a hypothetical example involving a bank The outcomes of these objectives will enable corporations to start the first step of knowledge risk management to obtain the baseline risk information of the whole corporation.

4

Research Methodology

In this section, a research methodology is proposed to identify and assess corporate knowledge risk for corporations which have not paid enough attention to the risk operationally and strategically but would like to start risk assessment more systematic and effective in view of the criticality of the potential impacts of the risk on the corporation.

4.1 Overview of Methodology The proposed research methodology can be divided into three stages. At Stage 1, an extensive literature review is performed to review knowledge, knowledge management, risk management and knowledge risk. At Stage 2, semi-structured interviews with knowledge management professionals are used to understand their views on knowledge risk and the present management of knowledge risk in the organizations they work for. In particular, the semi-structured interviews serve to identify the major dimensions of knowledge risk and associated risk factors and validate that the findings are consistent with those reported in the literature. As a result, a conceptual knowledge risk assessment model is constructed. Finally, at

An Integrated Research Methodology to Identify and Assess …

139

Stage 3, two methods are adopted to assess knowledge risk by making use of the knowledge risk assessment model constructed earlier. The first method is the basic risk rating process which uses the survey method and the second is an enhanced process based on the evidential reasoning (ER) approach.

4.2 Construction of Knowledge Risk Assessment Model The data model used in the research is called the knowledge risk assessment model which drives the assessment processes. The structure of the model and how the model is constructed are described as follows.

4.2.1 Structure of the Model To enable an effective and efficient allocation of resources, instead of tackling different kinds of knowledge risk in silos in a corporation, an integrative approach to the management of knowledge risk would be preferred. One possible way is to assess the risk factors of knowledge risk where risk factors are situations or conditions in a business which may change the consequences or likelihood of the occurrence of a risk. The risk factor approach has been adopted by many scholars like Akindele et al. (2004) who study the risk factors of critical investment projects. It is considered that risk factors are appropriate for exploratory research and are easy to be understood by the intended participants in the research who are not so knowledgeable in risk and knowledge risk in particular (COSO 2012; Tsang and Lee 2018). Therefore, a systematic and all-encompassing way to assess the main types of knowledge risk by assessing risk factors is targeted. Specifically, the risk factors of various types of knowledge risk are to be identified and assessed first. A conceptual model of knowledge risk and risk factors of a corporation is shown in Fig. 1. Structurally, the model has three layers. Starting from the top, the three layers are knowledge risk of the corporation as a whole, dimensions or types of knowledge risk, and risk factors. Therefore, knowledge risk of the whole corporation has a number of different types of knowledge risk and a type of knowledge risk has a number of associated risk factors. 4.2.2 Construction Methods To build the knowledge risk assessment model for a corporation, it is necessary to identify the different types of knowledge risks which are important to a corporation and their associated risk factors initially. The first step is an extensive review of knowledge, knowledge management, business risk management and knowledge risk in the literature to identify what has been done in the field, nature and state of knowledge risk in corporations in theory and practice. The search for the most relevant information is focused on common knowledge risk and common risk factors as the study is exploratory. Next, semi-structured interviews with knowledge management professionals are conducted to collect information about how various kinds of knowledge risk are perceived and handled in corporations at present. In particular, it is used to identify

140

H. W. C. Tsang and W. B. Lee

Fig. 1 Knowledge risk assessment model

the major dimensions or types of knowledge risk and their associated risk factors and validate these risk-related elements with the literature review results. The reasons for selecting the semi-structured interview as the research method, format of the interview, data sampling method and interview data analysis approach applied are described below. Reasons for Selecting Semi-structured Interview Knowledge risk is a newer term or concept to most business people, and thus, its critical role in organizations is poorly understood or appreciated. This makes knowledge risk management a quite remote concept to grasp in many corporations. To explore or study such situations where the topic to investigate is quite new or unfamiliar to a corporation, researchers or practitioners usually adopt semi-structured interviews as one of the research methods. This also applies to the early stage of knowledge risk investigation in a corporation. Semi-structured interviews offer the advantage of enabling the researcher/practitioner to have an in-depth and wider-scope discussion with the interviewees about the topics at hand in an open, less restrictive and friendly setting, which is conductive to collecting relevant information from interviewees. Interview Guide Before the actual interview, an interview guide is prepared first to set out the procedures, what to cover and focus on, what questions to ask and background information to be familiarized with, as largely suggested by King et al. (1994). The anticipated discussion would be centred on the research topic, and the contents are

An Integrated Research Methodology to Identify and Assess …

141

based on existing facts identified and shaped by the literature review results. In each area of the contents, the questions to ask are developed with reference to the suggestions of Boyce and Neale (2006), and Millwood and Heath (2000), being straightforward, objective, facts-based, open-ended and at times probing as required to maximize the quality and contents of returned answers. As far as the interview process is concerned, it follows the suggestions made by Veliyath et al. (2015). However, the guide also includes the feature put forward by Shaw and Huang (2005) as well as Yin and Jamali (2016) that the interviewer can sidetrack to a related, specific aspect by asking additional ad hoc, unscheduled questions to probe or investigate further to obtain more useful and finer details should the interactions with the interviewee prompt such course of action. In fact, the guide will not suggest strict observation of the predetermined sequence of discussion but instead emphasizes the importance of efficiency, effectiveness and overall performance of the whole process and the quality of responses from interviewees, as suggested by Brunold and Durst (2012). Data Sampling Method This research adopts the purposive sampling as its focus is on the depth of information to be collected and relatively small sample size, both being relevant to the study. To ensure a high level of consistency and reliability in handling and treating sampled data, the sampling method also calls for the same researcher to conduct all the interviews, perform very carefully and detailedly data collection, and clean up and update field notes as soon and as completely as possible, as suggested by Velu and Stiles (2013). Therefore, the participants selected will be conversant in knowledge management with relevant practical experience and preferably some business risk exposure. General inductive methods for data analysis After each interview is finished, the recorded dialogue is transcribed, and a summary is prepared by making use of the suggestions proposed by Miles and Huberman (1984). A form is used to document emerging theme possibly coming up as more interviews are conducted, useful ideas captured, variables identified and what issues to follow up in the following interviews. The raw data in the interview notes and transcripts are interpreted and analysed using the general inductive approach, a three-stage process, based on past similar work by Thomas (2006), Velu and Stiles (2013), and Yin and Jamali (2016). First, the raw data of each interview are rearranged according to a common format for ease of reading, comparison and more consistent and systematic interpretation. In the form, common thematically related chunks of data were put together and then classified into different categories using open coding. Reading, interpreting, cleaning up, consolidating, summarizing and inducting are carried out a number of times until the distilled data are found to be satisfactory for the next stage.

142

H. W. C. Tsang and W. B. Lee

Second, the relationships between two or more categories found in the first stage are identified and classified into dimensions, which is a higher order of classification. The resulting two sets—categories and dimensions—are validated against relevant literature to ensure that there is no overlapping between the dimensions and the dimensions together represent all the data collected during the interview. This process is done recursively until no more new dimensions are identified. The number of references and intensity of support of each category and dimension would be found by this validation exercise and be used to determine which more significant ones are to be retained. In the final stage, a model or theory or conclusion is developed which could explain the relationships, categories or dimensions being arrived at as well as any structures, concepts, themes, processes or experiences embedded in the underlying interview data. The net results of the above process would then be used to support findings and conclusions to be made for the whole study.

4.3 Knowledge Risk Assessment Methods Based on the knowledge risk assessment model, two kinds of assessment processes are carried out to assess the risk factors, types of knowledge risk and overall knowledge risk: basic process and enhanced process. While the former is mandatory for assessment, the latter is optional, depending on the needs of research. The basic process will enable the researcher to obtain ratings of risk factors, risk types and overall risk, while the enhanced process will increase the quality of ratings obtained in the related basic process by adopting the evidential reasoning (ER) approach. The reason for the necessity of two processes is that the responses obtained in the survey method may often be subjective (Slater 1999) or based on perceptions. Also, the questionnaire can only produce standard answers and cannot collect related in-depth information (e.g. facts, figures or examples) from respondents. A method to overcome these two shortcomings is by means of an interview to elicit belief degrees of previous ratings from the respondents for subsequent modelling under the evidential reasoning (ER) approach as well as to collect other relevant information.

4.3.1 Basic Rating Process Survey Approach In the process, the ratings of various risk factors associated with different types of knowledge risk are obtained by conducting a risk factor assessment survey, which makes use of a traditional survey approach. In the survey, each risk factor will carry a number of questions which the participants are required to respond. The answers will help determine the ratings of risk factors. The participants are to come from management-level staff having a minimum understanding of risk or awareness of knowledge risk.

An Integrated Research Methodology to Identify and Assess …

143

To ensure the validity and reliability of the survey, a number of statistical tests are performed. The content, discriminant, convergent validity and reliability of the survey are checked by two statistical tests—principal component analysis (PCA) and Cronbach’s alpha test. The minimum number of participants required for PCA depends on the number of questions in the survey (Ngai and Cheng 1997). To collect sufficient data for these two tests, the questionnaires are administrated in both hardcopy and online forms to maximize the reach and response (Keane et al. 2008). As mentioned before, the research in knowledge risk is in its early stages and is explorative in nature. Therefore, a sample of convenience can be adopted. This method is suitable for exploratory research like this one and was adopted by previous scholars like Franco and Haase (2015). As knowledge risk is quite a specific and new topic, professionals mainly in knowledge management, or KM, (e.g. KM experts, KM practitioners, KM post-graduates) are invited to join the study. They could be assumed to be more knowledgeable in knowledge risk than experts in other fields and should be regarded as the key informants on knowledge risks of their respective companies. According to Campbell (1955) and Bernard (2000), in the key informant approach, the informants should assume positions in the companies making them quite knowledgeable in the research topic, and they are helpful and can communicate with the researcher reasonably well. These informants need not be representatives of the corporations in the sample in the statistical sense. In this study, the informants invited should have met Campbell’s rules. Because the informants are knowledgeable in the research topic, their depth of knowledge, being experts in their specialities and willingness and capability to help should make their responses to the survey very worthwhile to take notice of at least, if not to take them seriously. Generalization of their responses may not be prudent but drawing obvious or easy-to-make observations from the convenience sample like the case in this study should not be ignored or treated lightly (Holbrook and Schindler 1989). On the whole, the convenience sample combined with the key informant approach is consistent with the objectives of this study and the strengths of this combination should increase the confidence in analysing and interpreting the sample results. When all the questionnaires are returned, the data are processed by principal component analysis (PCA) and Cronbach’s alpha to ensure the validity and reliability of the data for subsequent analysis. Principal Component Analysis Principal component analysis (PCA) is a process which reduces a set of variables to a smaller one consisting of artificially created variables known as principal components in such a way that most of the variance in the original set is retained, redundant question items are removed, and the remaining items are reclassified into different groups. This test validates that the questions in a particular resulting group (now called a component) measure the underlying construct originally intended and the scores in the group can be added to obtain an average which is representative of

144

H. W. C. Tsang and W. B. Lee

the group. It is this average which is used in the later analysis. Please refer to Hair et al. (2014) for more details. Cronbach’s alpha test In principle, Cronbach’s alpha is a test which measures the internal consistency or reliability of a set of variables by determining to what extent the variables in a group measure the underlying construct. The variables in this research are the question items in the questionnaire’s dataset. The test is done after the PCA to generate a Cronbach’s alpha value for a group indicating to what extent the average of scores of items in this group can be used reliably in the analysis. The value should exceed 0.6 for exploratory research. Also, the corrected item-total correlation, the Pearson correlation between the specific item and the sum of all the other items, should exceed 0.3. Please refer to Hair et al. (2014) for more details. Risk Scoring The average of the individual question scores of a risk factor is known as risk factor value. The average of risk factor values of each dimension or type of knowledge risk is known as risk level, and the average of all risk levels is known as a risk score, which represents the overall knowledge risk of a corporation. Mathematically, various values can be expressed as follows. Suppose there is a set of I dimensions of knowledge risk: R ¼ fri ; i ¼ 1; . . .; I g

ð1Þ

The set of relative weights of a given dimension of knowledge risk, ri, is: x ¼ fxi ; i ¼ 1; . . .; I g

ð2Þ

P with 0  xi  1 and Ii xi ¼ 1. Also, there is a set of J risk factors for a given dimension of knowledge risk, ri: n o 0 ; j ¼ 1; . . .; J R0 ¼ ri;j

ð3Þ

The set of relative weights of the J risk factors for a given dimension of knowledge risk, ri, is:   x ¼ xi;j ; j ¼ 1; . . .; J

ð4Þ

PN with 0  xi;j  1 and j xi;j ¼ 1. And there is a set of N assessment scores assigned to a group of questions associated with a given risk factor:

An Integrated Research Methodology to Identify and Assess …

145

  Q ¼ qi;j;n ; n ¼ 1; . . .; N

ð5Þ

The risk factor value of a given risk factor is given by: Risk Factor Value; si;j ¼

PN

n¼1

qi;j;n

ð6Þ

N

The mean of the concerned risk factor values forms the level of a given dimension of knowledge risk, ri. PJ Risk Level; li ¼

xi;j si;j ði ¼ 1; . . .; I Þ J

j¼1

ð7Þ

The mean of the risk levels is then the risk score of overall knowledge risk. Risk Score of Overall Knowledge Risk; K ¼

PI

i¼1 li

I

ð¼ 1; . . .; I Þ

ð8Þ

For simplicity, the weighting factors of risk factors and types of knowledge risk are equal to 1. However, a researcher or practitioner may find at the beginning of the investigation that a corporation is facing some particular risk factors or types of knowledge risk which are much more threatening or detrimental to the corporation compared to others; he/she can assign weighting factors to elements in the risk hierarchy according to the needs. One way of determining the weighting factors is analytical hierarchy process (AHP) (Saaty 2008) and there are others. For example, a knowledge-intensive technological corporation may face the acute shortage of designers in the labour market and experience knowledge loss risk due to employee turnover which accounts for most of the potential knowledge loss of a corporation in a year. In this example, it is advisable that weighting factors should be actively pursued.

4.3.2 Evidential Reasoning-Based Enhanced Rating Process The ER-based enhanced process is to increase the validity and reliability of the basic rating process by making use of the structured interview technique and evidential reasoning approach (ER); the latter of which will be explained in detail later. While the basic process is mandatory in the research methodology, the enhanced process is optional, implying that it is used when improved rating results are required. In both processes, the same knowledge risk assessment model is used. Structured Interview Validation in the form of a structured interview is conducted to validate the results obtained in the basic rating process. The new ratings are belief degrees (strengths of evidence) under the ER approach, which are given based on the relevant evidence elicited during the interview. Interviewees are presented with the same set of questions asked in the same order. In this way, best practice in interviewing is more

146

H. W. C. Tsang and W. B. Lee

likely applied consistently across the group of interviewees to increase the reliability of the data collected (OPM 2008; Sternberg et al. 2002). This makes a structured interview a suitable research method to validate the responses obtained in the basic rating process. During the interview, the interviewer follows the OPM’s guide (OPM 2008), takes as many notes as possible and avoids giving negative feelings to the interviewees through any facial expressions or body language. More in-depth data can, therefore, be collected for scrutiny through such an interview than a standard survey (Klenke 2016). Evidential Reasoning Approach The objective of the enhanced process is to address the likely subjectivity of rating results obtained in the basic process and improve the quality of rating with the use of belief degrees having been sought from respondents for risk factors. Belief degrees which have been briefly mentioned before are further elaborated here in greater detail. In the structured interview, relevant evidence, facts and examples are elicited and collected from the interviewee with the help of a set of interview questions. Based on this evidence, an informed judgement is made for the degree (called belief degree) of being close to the truth of a response obtained in the basic process. This assignment of belief degree is done for the individual risk factor values. The pairs of risk factor value (from the basic process) and belief degree (from the enhanced process) are then modelled using the ER approach to generate adjusted risk factor values. The adjusted risk factor values for each type of knowledge risk are then aggregated to generate the adjusted risk levels. Again, the same approach is used to synthesize all adjusted risk levels to generate the adjusted risk score for the overall knowledge risk. The adjusted ratings are more reliable and usable because the adjustment relies on the consideration of additional relevant evidence. For simplicity, the weighting factors of risk factors and types of knowledge risk are equal to 1, same as the basic process. More Concepts About the Evidential Reasoning Approach A very brief literature review together with other conceptual details is covered here for better understanding and extended use of the ER approach. The evidential reasoning (ER) approach developed by Professor Jian Bo Yang and his team (Yang and Sen 1994; Yang and Singh 1994) in the 1990s is used in the enhanced rating process. It is a generalization of the Bayesian theory (Deng et al. 2011), based on the Dempster–Shafer evidence theory (Shafer 1976), and extensively applied in approximate reasoning and information aggregation (Deng et al. 2011), assessment, or analysis in different areas. Examples of assessment or analysis of risks include e-commerce risk assessment (Khokhar et al. 2006) and internal control risk assessment (Mock et al. 2009). Examples of assessment of management areas include self-assessment of excellence (Yang et al. 2001) and assessment of strategic R&D projects (Liu et al. 2008). Basically, ER starts with a list of options (or values) from which a user of ER will choose to best describe the particular characteristic of an attribute (or criteria)

An Integrated Research Methodology to Identify and Assess …

147

as a result of the assessment. What makes ER different from the usual survey approach in such selection/assessment is that the user can assign a belief degree varying from 0 to 1 to an option the user chooses to express the degree of believing that the option is close to the facts based on available evidence. This enables the user to give more information regarding or supporting the selection. It often happens that the user has difficulty in choosing a definite option (or value) with full confidence because of lack of facts or the context of the selection being highly complex (Yang 2001). In another situation, the selection of an option or value at the beginning may only be a subjective decision. The belief degree could be used to adjust the selection after more objective data or information is known (Yang et al. 2001). The option (or value) selected and the associated belief degree are known as a belief structure and are represented as {(option, belief degree)}. In fact, the user can choose more than one option and assign a belief degree to each option if the user considers that such treatment is the best to reflect the real situation. For example, for two options chosen, the belief structures become {(option-1, belief degree-1), (option-2, belief degree-2)}, given that the sum of belief degree-1 and belief degree-2 is between 0 and 1 (both inclusive). This is known as a distributed assessment. It can be seen that such belief structure works best if the user has difficulty in selecting only one option from two adjacent options which look nearly the same. In ER, if belief degree = 1, the assessment is said to be complete; if 0  belief degree < 1, it is incomplete. Risk Scoring Using Evidential Reasoning Approach The algorithm used in the ER approach (Ngan 2015; Wang et al. 2006; Yang 2001; Yang and Sen 1994; Yang and Singh 1994; Yang and Xu 2002) is described as follows. Assume there is a set of P attributes: a ¼ fai ; i ¼ 1; . . .; Pg

ð9Þ

The set of the relative weights of the P attributes is: x ¼ fxi ; i ¼ 1; . . .; Pg

ð10Þ

PP with 0  xi  1 and i xi ¼ 1. Also, the set of possible grades (or options or values) for each attribute is: G ¼ fGn ; n ¼ 1; . . .; N g

ð11Þ

Thus, the distributed assessment of a given attribute, ai, can be expressed by: Sð ai Þ ¼ with bn;i  0 and

P Ni

n¼1



  Gn ; bn;i ; n ¼ 1; . . .; Ni

bn;i  1.

where bn,i is the belief degree to the grade, Gn, assessed to the attribute, ai.

ð12Þ

148

H. W. C. Tsang and W. B. Lee

To aggregate the distributed assessments, first, the belief degrees can be transformed into basic probability masses. The algorithm behind the transformation process illustrated below is taken from Wang et al. (2006), in particular, Eqs. (11)– (14): mn;i ¼ mi ðGn Þ ¼ wi bn;i ; mG;i ¼ mi ðGÞ ¼ 1 

N X

n ¼ 1; . . .; N; i ¼ 1; . . .; P

mn;i ¼ 1  wi

n¼1

n¼1

mG;i ¼ mi ðGÞ ¼ 1  wi ; e G;i ¼ m e i ðGÞ ¼ wi 1  m

N X

N X n¼1

bn;i ;

i ¼ 1; . . .; P

i ¼ 1; . . .; P

ð13Þ ð14Þ ð15Þ

! bn;i ;

i ¼ 1; . . .; P

ð16Þ

where e G;i mG;i ¼ mG;i þ m

ð17Þ

where mn,i represents the basic probability mass to the grade, Gn, assessed to the attribute, ai, mG,i represents the basic probability mass to the universal set of grades, G, assessed to the attribute, ai, mG;i represents the relative importance of other e G;i represents the incompleteness assessed to the attribute, ai and wi is attributes, m the relative weight of attribute ai. Second, the basic probability masses can be synthesized. The synthesis process illustrated below is taken from Wang et al. (2006), in particular, Eqs. (15)–(20).   fGn g : mn;I ði þ 1Þ ¼ KI ði þ 1Þ mn;I ðiÞ mn;i þ 1 þ mn;I ðiÞ mG;i þ 1 þ mG;I ðiÞ mn;i þ 1 e G;I ðiÞ ; mG;I ðiÞ ¼ mG;I ðiÞ þ m

n ¼ 1; . . .; N

ð18Þ ð19Þ

  e G;I ði þ 1Þ ¼ KI ði þ 1Þ m e G;I ðiÞ mG;i þ 1 þ mG;I ðiÞ mG;i þ 1 ð20Þ e G;I ðiÞ m e G;i þ 1 þ m fGg : m   fGg : mG;I ði þ 1Þ ¼ KI ði þ 1Þ mG;I ðiÞ mG;i þ 1 0 KI ði þ 1Þ

ð21Þ

11

B C N N  X X B C B ¼ B1  mn;I ðiÞ mt;i þ 1 C C ; @ A n¼1 t ¼ 1 t 6¼ n

i ¼ 1; . . .; P  1

ð22Þ

An Integrated Research Methodology to Identify and Assess …

fGn g : bn ¼

mn;I ðPÞ ; 1  mG;I ðPÞ

fG g : b G ¼

n ¼ 1; . . .; N

e G;I ðPÞ m 1  mG;I ðPÞ

149

ð23Þ

ð24Þ

where bn represents the belief degree to the grade, Gn of the aggregated distributed assessment and bG represents the belief degree to the universal set of grades, G, of the aggregated distributed assessment. The belief structure of the aggregated distributed assessment is expressed by: S0 ðai Þ ¼ fðGn ; bn Þ; n ¼ 1; . . .; N g

ð25Þ

A utility-based information transformation technique can then be used to transform the distributed assessment into the expectation of the assessment. The summary of which is shown below is taken from Yang (2001), in particular, Eqs. (57) and (59) to (62). The estimated utility of a given distributed assessment for the attribute, ai, is: lðSðai ÞÞ ¼

N X n¼1

lðGn Þbn;i

ð26Þ

For qualitative attributes, the estimated utilities of the grades are supposed to be equally distributed in the normalized utility space such that: lðGn Þ ¼

n1 ðn ¼ 1; . . .; N Þ N þ1

ð27Þ

For quantitative attributes, the estimated utilities of the values are approximated using the linear marginal utility function in the normalized utility space such that:           l vN;i  l v1;i vj  v1;i l vj ¼ l v1;i þ vN;i  v1;i

ð28Þ

The equivalent expectation of a given distributed assessment is then denoted by: S0ðai Þ ¼

   Gn ; bj;i ; j ¼ 1; . . .; N

ð29Þ

150

H. W. C. Tsang and W. B. Lee

where 8P cn;i sj;n > > > > n2p   P Pj < bj;i ¼ n2p cn;i 1  sj1;n þ n2p cn;i sj;n j >  Pj1  > > > c 1  s j1;n : n;i n2pj1

for j ¼ 1 for 2  j  N  1

ð30Þ

for j ¼ N

and sj;n

          l Gj þ 1  l Gn;i    if l Gj  l Gn;i  l Gj þ 1 for a qualitative attribute ¼  l Gj þ 1  l Gj ð31aÞ

sj;n

          l Gj þ 1  l vn;i    if l Gj  l vn;i  l Gj þ 1 for a quantitative attribute ¼  l Gj þ 1  l Gj ð31bÞ

and         njlGj   lGn;i  l Gj þ 1 ; n ¼ 1; . . .; Ni ;  pj ¼ njl Gj  l an;i  l Gj þ 1 ; n ¼ 1; . . .; Ni ;

j ¼ 1; . . .; N  2 j¼N1

ð32Þ

As an example, consider a type of risk consisting of two risk factors A and B with weighting factors equal to 1. The risk factor values of A and B are 0.8 and 0.96, respectively. The risk level is therefore 0.88 in the basic rating process. During the interview between the researcher/practitioner and one of the respondents, the belief degrees obtained for risk factors A and B are 0.8 and 0.9, respectively. Then, the adjusted risk level after applying the ER approach becomes 0.8461, representing a lower risk level compared to the basic rating process. Note: The Intelligent Decision System (IDS) is one of the software packages that can be used to perform the aggregation and transformation process under the ER approach. It is developed especially for handling uncertain problems under the ER approach (IDS 2007; Xu and Yang 2005) and is also used or suggested by scholars like Yang et al. (2001), Yang (2001) and Wang et al. (2006). There are other similar packages written using Python programming language or Excel worksheets available.

An Integrated Research Methodology to Identify and Assess …

5

151

A Hypothetical Evidential Reasoning Approach Example

In this section, to illustrate the application of the ER approach in a real-life scenario, a hypothetical knowledge risk hierarchy of a financial institution is used. This financial institution is a medium-sized international bank specialized in foreign exchange trades, investment services and online payment services. In particular, the bank is a significant player in the fastest-growing financial technology (fintech) market. As a typical financial institution of this kind, the bank has to manage various financial risks strategically and operationally. The financial risks include foreign exchange rate risks, interest rate risks, credit risk, customer default risk, liquidity risk, etc. Therefore, the concepts of risk and risk management are familiar to the bank, though not in the knowledge risk arena. To start the knowledge risk management efforts, the bank decides to find out the various kinds of knowledge risk which exist in its business and do a basic assessment of their nature and current status. The initial assessment results will be fed into the whole corporation’s risk management planning which will include the setting up of a knowledge risk management team. At the same time, the results help the bank prioritize the management resources to mitigate the knowledge risks posing the greatest threats to the bank. It is assumed that the bank has already identified the important types of knowledge risk in the corporation (using the method detailed in “Construction of Knowledge Risk Assessment Model” in Sect. 4.2) as well as the risk factor values (using “Basic Rating Process” in Sect. 4.3.1) associated with each type of knowledge risk. Figure 2 shows a part of the whole corporate knowledge risk

Fig. 2 Knowledge risk hierarchy of a bank

152

H. W. C. Tsang and W. B. Lee

hierarchy. This simplified hierarchy is used in the following discussion to illustrate how the evidential reasoning (ER) approach can be applied in practice. In the hierarchy, the overall knowledge risk of the corporation is at the top position and has a risk score which informs the corporation’s vulnerability to knowledge risk. At the second level, there are four types of knowledge risk which are common in a financial institution: employee turnover risk, marketing risk, regulatory risk and financial innovation risk. First, employee turnover risk refers to the potential impacts on the bank when employees, especially those holding key positions, leave the bank. Second, marketing risk refers to the potential impacts on the bank caused by the ineffective or problematic application of marketing knowledge in the marketing process. Third, regulatory risk refers to the potential impacts on the bank when incompetence in utilizing regulatory control-related knowledge occurs in activities carried out in compliance with relevant rules and regulations set by government authorities. Last, financial innovation risk refers to the potential impacts on the bank when ineffective or inappropriate utilization of innovation management knowledge occurs in areas such as resource allocation, assignment of tasks to staff and prioritization of development projects. Each risk type has a risk level which indicates how the bank may be negatively affected by it. At the third level, each risk type has three associated risk factors identified. A risk factor refers to a situation or condition in business which may affect the impact of risk, change the probability of risk occurrence or both. As shown in Fig. 2, employee turnover risk consists of labour market, employee benefits and employee training; marketing risk consists of customer service, sales force and marketing research; regulatory risk consists of system security, customer privacy protection and compliance with rules and regulations; and financial innovation risk consists of competitive market, research and development and talent management. In this hypothetical example, the bank would like to assess the present states of various kinds of knowledge risk in the corporation before a strategic risk control plan is proposed. The assessment is done by sending surveys to a large group of selected employees in the bank, covering all the important departments and relevant key employees who are aware of knowledge risk in his/her department. In the survey, an employee is asked to fill in the risk factor value for each risk factor based on his/her knowledge and understanding of information about the bank in relation to the risk factor. What the respondents are going to do is to rate each risk factor (on a scale of 0–1) in terms of the potential impact on the bank the associated knowledge risk may cause because of conditions of the risk factor. A value close to 0 may mean that the associated knowledge risk almost poses zero threat to the bank, and a value close to 1 may mean that the associated knowledge risk almost certainly poses one of the greatest threats to the bank, e.g. a threat which may cause the bank to go bankrupt. The rating scale is to be developed internally inside the bank with the help of researchers, professionals or consultants in the field. Such a value assignment of risk factors will enable the bank management to have a better understanding of the status of various types of knowledge risk in the bank.

An Integrated Research Methodology to Identify and Assess …

153

The numeric variables in the hierarchy are further elaborated as follows. After all the survey data are received, the risk factor value of a risk factor is obtained by taking the average of all the responses in that risk factor. The risk level of a type of knowledge risk is obtained by taking the average of the related risk factor values. The risk score of knowledge risk of the whole corporation is the average of risk levels of all the knowledge risk types. Note that all the weighting factors are set to 1 to make the hierarchy less complex to handle. Then, a smaller group of say 10 original respondents will be selected from departments mostly affected by knowledge risk, for example, the human resources department. For this smaller group, an in-depth interview is arranged for each member. Before the interview, the interviewer will ask the interviewees to collect and study facts, statistics and information about the bank and industry, which will be used to support his/her responses in evaluating the same risk factors again. During the interview, the interviewer will go over each risk factor in turn and elaborate on the risk factors and other pertinent information. The interviewee can also ask the interviewer questions, seek clarifications or obtain more information if necessary. Then, the interviewer will ask the interviewees the belief degree related to a risk factor. The belief degree refers to the extent to which he/she believes his/her former risk factor value filled in the survey reflects the truth after knowing relevant information together with the interviewer. The belief degree can vary from 0 to 1 where 0 means that the interviewee regards his/her previous factor value is entirely not true and 1 means that the previous factor value accurately reflects the true conditions of the bank in relation to the risk factor. When all the interviews are completed, the previous response data of this smaller group are extracted from the larger group’s survey data. Then, the extracted data are used to compute risk levels and risk score for this smaller group, adopting the same methods which have been used for the larger sample before. On the other hand, as a result of the interviews conducted, there will be a pair of values given by each interviewee for each risk factor: risk factor value (obtained during the larger group’s survey) and belief degree (obtained during the smaller group’s interview). The evidential reasoning algorithms will then be applied to the smaller dataset consisting of pairs of factor values and belief degrees according to the structure of knowledge risk hierarchy of the bank to generate adjusted risk factor values, adjusted risk levels of different types of knowledge risk and adjusted knowledge risk score for the smaller group, as explained in the methodology section. To illustrate further, the responses of one of the respondents taking part in both the basic and enhanced rating processes in the hypothetical example are used. In Table 1, the “Risk factor value” column represents the risk factor values estimated by the respondent in the basic rating process. In the enhanced rating process, after in-depth discussion with the interviewer, the belief degree for each of the risk factor value given in the basic process is provided by the respondent, as shown in the “Belief degree” column. By applying the ER approach, the adjusted risk factor values are obtained as shown in the second last column. In Table 2, the second column shows the risk levels calculated based on the associated risk factor values

154

H. W. C. Tsang and W. B. Lee

Table 1 Risk factor values Risk

Risk factor

Risk factor value

Belief degree

Adjusted risk factor values

Percentage change (%)

Employee turnover risk

Labour market Employee benefits Employee training Customer service Sales force Marketing research System security Customer privacy protection Compliance with rules and regulations Competitive market Research and development Talent management

0.4 0.76 0.2 0.98 0.5 0.8 0.2 0.56

0.4 0.4 0.6 0.5 0.7 0.7 0.8 0.8

0.46 0.6040 0.32 0.74 0.5 0.71 0.26 0.548

15 −20.5263 60 −24.4898 0 −11.25 30 −2.1429

0.6

1

0.6

0

0.1 0.38

1 0.8

0.1 0.404

0 6.3158

0.4

0.5

0.45

12.5

Marketing risk Regulatory risk

Financial innovation risk

Table 2 Risk levels and risk scores Risk

Risk level

Adjusted risk level

Percentage change (%)

Employee turnover risk Marketing risk Regulatory risk Financial innovation risk Overall knowledge risk score

0.4533 0.76 0.4533 0.2933 0.49

0.4527 0.6563 0.4853 0.3066 0.4706 (adjusted overall risk score)

−0.14 −15.8007 6.587 4.327 −4.1224

obtained in the basic rating process. The third column shows the adjusted risk levels calculated by the ER approach based on the corresponding adjusted risk factor values. For the risk score of the whole corporation, it is calculated based on the risk levels of all types of risk and is found to be 0.49. For the corresponding adjusted risk score which is calculated based on the adjusted risk levels, it is found to be 0.4706. Therefore, it can be said that the risk score is 4.1224% lower in the enhanced process compared to the basic process. Depending on the percentage change, actual conditions of risk and nature of business of the financial institution, the management might take appropriate actions as it sees suitable to improve the corporate knowledge risk evaluation process and the results.

An Integrated Research Methodology to Identify and Assess …

6

155

Conclusions and Future Work

The research methodology proposed is sound conceptually and practical for the knowledge risk assessment of a corporation at the start-up stage of risk management. The ER approach adopted can be used in different forms or ways in a wide variety of applications. The hypothetical example illustrates one of such possible applications, and the advantages shown are encouraging. In the bank example, the management who sets out to assess knowledge risk of the bank has two sets of empirical data instead of one if the ER approach is not adopted. This offers the bank a number of advantages. The first dataset is the usual data obtained by the traditional survey method which is easy to administer and can collect a large sample of data within a relatively shorter time. However, this survey approach suffers from the possibility that the respondents answered the survey questions based on perceptions, insufficient information or inaccurate facts. It may also happen that many of them answered the questions hastily and without much time to think carefully about what was being asked. These shortcomings combine to decrease the reliability and predictability of the survey data. To remedy this to a certain extent, this chapter introduces the ER approach which has resulted in the addition of the second dataset of ER-based data. Because of the inclusion of the belief degree in the original survey data, the data of the first dataset is augmented by the second set which is much smaller, though, as explained below. The responses in the second dataset are based on more relevant facts, more careful consideration, longer answering time and a better understanding of the original questions. Though the second sample of respondents is only a subset of the larger sample, the modified risk factor values, risk levels and risk score obtained may reflect better the real knowledge risk conditions of the bank as far as the second sample of data is concerned. Any differences between the results obtained in the first dataset and the modified results of the second dataset for the same smaller group should be carefully studied and analysed, especially when the differences are greater than expected. The availability of the second dataset, even smaller, helps the bank understand, analyse and interpret the first dataset better and in greater depth. The quality, validity and predictability of the traditional survey method augmented by the ER approach would be higher than when the traditional method is used alone. There are many variants and uses of the ER approach and these should be investigated to see how knowledge risk management can take advantage of them in the future. Acknowledgements The authors would like to thank the Research Committee and the Department of Industrial and Systems Engineering of the Hong Kong Polytechnic University for the financial support of the research study (Account Code: RU8Q).

156

H. W. C. Tsang and W. B. Lee

References Ahmad, A., Bosua, R., & Scheepers, R. (2014). Protecting organizational competitive advantage: A knowledge leakage perspective. Computers & Security, 42, 27–39. Akindele, A., Chang, P., Jung, W. H., Lawrence, J., Nyame, C., Susanto, M., & Wun, A. N. (2004). Systemic risk management. Pittsburgh, PA: Carnegie Mellon University. Aloini, D., Dulmin, R., & Mininno, V. (2007). Risk management in ERP project introduction: Review of the literature. Information & Management, 44(6), 547–567. Bernard, R. (2000). Social research methods: Qualitative and quantitative approaches. Thousands Oaks: Sage Publications. Bollinger, A. S., & Smith, R. D. (2001). Managing organizational knowledge as a strategic asset. Journal of Knowledge Management, 5(1), 8–18. Boyce, C., & Neale, P. (2006). Conducting in-depth interviews: A guide for designing and conducting in-depth interviews for evaluation input. Watertown, MA: Pathfinder. Brunold, J., & Durst, S. (2012). Intellectual capital risks and job rotation. Journal of Intellectual Capital, 13(2), 178–195. Campbell, D. T. (1955). The informant in quantitative research. American Journal of Sociology, 339–342. COSO. (2012). Risk assessment in practice. Available via COSO. http://www.coso.org/ documents/COSOAnncsOnlineSurvy2GainInpt4Updt2IntrnlCntrlIntgratdFrmwrk%20-%20for %20merge_files/COSO-ERM%20Risk%20Assessment%20inPractice%20Thought%20Paper %20OCtober%202012.pdf. Accessed May 16, 2017. Daghfous, A., Belkhodja, O., & C. Angell, L. (2013). Understanding and managing knowledge loss. Journal of Knowledge Management, 17(5), 639–660. Deng, Y., Sadiq, R., Jiang, W., & Tesfamariam, S. (2011). Risk analysis in a linguistic environment: A fuzzy evidential reasoning-based approach. Expert Systems with Applications, 38(12), 15438–15446. Durst, S., Bruns, G., & Henschel, T. (2016). The management of knowledge risks: What do we really know? International Journal of Knowledge and Systems Science (IJKSS), 7(3), 19–29. Franco, M., & Haase, H. (2015). Interfirm alliances: A taxonomy for SMEs. Long Range Planning, 48(3), 168–181. Frishammar, J., Ericsson, K., & Patel, P. C. (2015). The dark side of knowledge transfer: Exploring knowledge leakage in joint R&D projects. Technovation, 41, 75–88. Grant, R. M. (2002). The knowledge-based view of the firm. The Strategic Management of Intellectual Capital and Organizational Knowledge, 133–148. Hair, J. F., Jr., Black, W. C., Babin, B. J., Anderson, R. E., & Tatham, R. L. (2014). Multivariate data analysis. Harlow Essex: Pearson Education Limited. Holbrook, M. B., & Schindler, R. M. (1989). Some exploratory findings on the development of musical tastes. Journal of Consumer Research, 16(1), 119–124. IDS. (2007). IDS Multicriteria Assessor Manual. England. Johannessen, J. A., & Olsen, B. (2003). Knowledge management and sustainable competitive advantages: The impact of dynamic contextual training. International Journal of Information Management, 23(4), 277–289. Keane, S., Smith, T., Lincoln, M., Wagner, S., & Lowe, S. (2008). The rural allied health workforce study (RAHWS): Background, rationale and questionnaire development. Rural and Remote Health, 8(4), 1132. Khokhar, R. H., Bell, D. A., Guan, J., & Wu, Q. (2006). Risk assessment of e-commerce projects using evidential reasoning. In Fuzzy systems and knowledge discovery (pp. 621–630). Berlin: Springer. King, N., Cassell, C., & Symon, G. (1994). Qualitative methods in organizational research: A practical guide. The Qualitative Research Interview, 17. Klenke, K. (2016). Qualitative research in the study of leadership. Emerald Group Publishing Limited.

An Integrated Research Methodology to Identify and Assess …

157

Liu, X.-B., Zhou, M., Yang, J. B., & Yang, S.-L. (2008). Assessment of strategic R&D projects for car manufacturers based on the evidential reasoning approach. International Journal of Computational Intelligence Systems, 1(1), 24–49. Miles, M. B., & Huberman, A. M. (1984). Qualitative data analysis: A sourcebook of new methods. Beverley Hills: Sage Publications. Millwood, J., & Heath, M. R. (2000). Food choice by older people: The use of semi-structured interviews with open and closed questions. Gerodontology, 17(1), 25–32. Mock, T. J., Sun, L., Srivastava, R. P., & Vasarhelyi, M. (2009). An evidential reasoning approach to Sarbanes-Oxley mandated internal control risk assessment. International Journal of Accounting Information Systems, 10(2), 65–78. Ngai, E., & Cheng, T. (1997). Identifying potential barriers to total quality management using principal component analysis and correspondence analysis. International Journal of Quality & Reliability Management, 14(4), 391–408. Ngan, S. C. (2015). Evidential reasoning approach for multiple-criteria decision making: A simulation-based formulation. Expert Systems with Applications, 42(9), 4381–4396. Nonaka, I., & Takeuchi, H. (1995). The knowledge-creating company: How Japanese companies create the dynamics of innovation. New York: Oxford University Press. OPM. (2008). Structured Interviews: A Practical Guide. Washington, DC. Parise, S., Cross, R., & Davenport, T. H. (2006). Strategies for preventing a knowledge-loss crisis. MIT Sloan Management Review, 47(4), 31. Quintas, P., Lefere, P., & Jones, G. (1997). Knowledge management: A strategic agenda. Long Range Planning, 30(3), 322385–322391. Saaty, T. L. (2008). Decision making with the analytic hierarchy process. International Journal of Services Sciences, 1(1), 83–98. Shafer, G. A. (1976). Mathematical theory of evidence. Princeton: Princeton University Press. Shaw, W. S., & Huang, Y. H. (2005). Concerns and expectations about returning to work with low back pain: Identifying themes from focus groups and semi-structured interviews. Disability and Rehabilitation, 27(21), 1269–1281. https://doi.org/10.1080/09638280500076269. Slater, M. (1999). Measuring presence: A response to the Witmer and Singer presence questionnaire. Presence: Teleoperators and Virtual Environments, 8(5), 560–565. Sternberg, K. J., Lamb, M. E., Esplin, P. W., Orbach, Y., & Hershkowitz, I. (2002). Using a structured interview protocol to improve the quality of investigative interviews. In M. L. Eisen, J. A. Quas, & G. S. Goodman (Eds.), Memory and suggestibility in the forensic interview (pp. 409–436). London: Routledge. Tantau, D. A., & Paicu, E. A. (2013). Managing knowledge risks in an intrapreneurial environment. The International Journal of Management Science and Information Technology, 2, 4–9. Thomas, D. R. (2006). A general inductive approach for analyzing qualitative evaluation data. American Journal of Evaluation, 27(2), 237–246. Trkman, P., & Desouza, K. C. (2012). Knowledge risks in organizational networks: An exploratory framework. The Journal of Strategic Information Systems, 21(1), 1–17. Tsang, H. W. C., & Lee, R. W. B. (2018). Mitigation of knowledge risks in open innovation. In S. Durst, S. Temel, & H. A. Ferenhof (Eds.), Open innovation and knowledge management in small and medium enterprises (pp. 183–203). Singapore: World Scientific. Veliyath, R., George, R., Ye, Z. S., Hermanson, D. R., & Tompkins, J. G. (2015). What do compensation committees on the boards of public companies do? Comparisons of Indian and US process differences juxtaposing complementary theoretical lenses. Long Range Planning, 49(4), 519–539. Velu, C., & Stiles, P. (2013). Managing decision-making and cannibalization for parallel business models. Long Range Planning, 46(6), 443–458. Wang, Y. M., Yang, J. B., & Xu, D. L. (2006). Environmental impact assessment using the evidential reasoning approach. European Journal of Operational Research, 174(3), 1885– 1913.

158

H. W. C. Tsang and W. B. Lee

Wiig, K. M. (1997). Integrating intellectual capital and knowledge management. Long Range Planning, 30(3), 399–405. Xu, D. L., & Yang, J. B. (2005). Intelligent decision system based on the evidential reasoning approach and its applications. Journal of Telecommunications and Information technology, 73–80. Yang, J. B. (2001). Rule and utility based evidential reasoning approach for multiattribute decision analysis under uncertainties. European Journal of Operational Research, 131(1), 31–61. Yang, J. B., Dale, B., & Siow, C. (2001). Self-assessment of excellence: An application of the evidential reasoning approach. International Journal of Production Research, 39(16), 3789– 3812. Yang, J. B., & Sen, P. (1994). A general multi-level evaluation process for hybrid MADM with uncertainty. IEEE Transactions on Systems, Man, and Cybernetics, 24(10), 1458–1473. Yang, J. B., & Singh, M. G. (1994). An evidential reasoning approach for multiple-attribute decision making with uncertainty. IEEE Transactions on Systems, Man and Cybernetics, 24(1), 1–18. Yang, J. B., & Xu, D.-L. (2002). On the evidential reasoning algorithm for multiple attribute decision analysis under uncertainty. IEEE Transactions on Systems, Man and Cybernetics, Part A: Systems and Humans, 32(3), 289–304. Yin, J., & Jamali, D. (2016). Strategic corporate social responsibility of multinational companies subsidiaries in emerging markets: Evidence from China. Long Range Planning, 49(5), 541–558. Zhi, H. (1995). Risk management for overseas construction projects. International Journal of Project Management, 13(4), 231–237.

Haley Wing Chi Tsang is currently a Ph.D. student. She graduated from the Hong Kong Polytechnic University with a Master of Philosophy and holds a double degree—B.Eng. (Hons) in industrial and systems engineering and BBA (Hons) with a major in marketing from the same university. Her working experience includes a position in a global financial services company providing risk management and portfolio optimization solutions for major investment houses. She was awarded the “Best Paper and Presentation” in the Ph.D. and Master’s Colloquium in the 8th European Conference in Intellectual Capital in Venice, Italy. Her research interests include knowledge management, intellectual capital, risk management and learning sciences. Wing Bun Lee is Chair Professor of the Department of Industrial and Systems Engineering and Director of the Knowledge Management and Innovation Research Centre of The Hong Kong Polytechnic University. He has pioneered research and practice of knowledge management in various industrial sectors in Hong Kong which include manufacturing, trading, public utilities and health care and has conducted research projects in knowledge elicitation and mapping, unstructured information management, and organizational learning and innovation. He and his team have launched Asia’s first online M.Sc. Program in knowledge management, as well as the Global MAKE (Most Admired Knowledge Enterprise) Award in Hong Kong and Mainland China and chair the annual Asian Knowledge Forum. He is currently Chief Editor of the Journal of Information and Knowledge Management Systems (Emerald) and the International Journal of Knowledge and Systems Science (IGI Publishing).

Knowledge Risk Management in German Leasing Companies Christian Glaser

Abstract

Like companies of nearly all industries, a large number of leasing companies promote their employees on their homepages, in their annual reports, or in advertising flyers as their most valuable asset. However, knowledge risks, which are closely connected to these topics, are mainly overlooked. Although risk management systems in the leasing industry were professionalized mainly through the regulatory impetus, the main focus is still on classical, purely financial risks. Knowledge risks are hard to measure with old tools or models and are often underestimated or even worse: not seen as relevant at all. Therefore, new tools and processes, as well as changed mindsets, are necessary to effectively handle knowledge risks. Keywords

Knowledge risk management

1


KRM
Leasing
Germany
Knowledge risks

Introduction

Whereas risk management is getting more and more established with industry-wide approaches like enterprise risk management and frameworks such as the integrated framework by COSO (2017) or international norms like ISO 31000 (2018), knowledge risk management is widely overlooked and at best in its infancy (Durst and Ferenhof 2016; Massingham 2010; Stam 2009). The reasons are manifold, and one might only speculate. One fact is sure that in contrast to classical, purely C. Glaser (&) University of Portsmouth, Portsmouth P013AH, UK e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_10

159

160

C. Glaser

financial risks, the measurement of non-financial risks is more complex. This can also be seen in the widely discussed areas of reputational or strategic risks (Fiordelisi et al. 2013; Gaudenzi et al. 2015). The German leasing industry is regulated by the German banking supervision since 2009. Therefore, the risk management practice of German leasing firms is greatly shaped by regulative aspects. In the following, major findings of a recent, not yet published study conducted by the author on risk management practices in the German leasing industry (n = 40) are presented, focusing on the aspect of knowledge risk management. The following chapter will give a brief insight in the risk management practice of the German leasing industry, mainly based on a recent study of the author and will focus on the aspect of knowledge risk management. Based on a general framework on enterprise-wide risk management, practical implications for knowledge risk management will be derived. The major goal is to create a better understanding and increase the awareness of/for knowledge risk management as this aspect of risk management is still widely overlooked.

2

Theoretical Background

In the following, the most relevant types of knowledge risks, as well as the impact of knowledge risks based on the author’s experience in the context of leasing firms, are presented.

2.1 Definition of Selected Knowledge Risks Knowledge is of value for an organisation when “the right people have and use the right knowledge” (Ilvonen et al. 2015, p. 3). When the company is able to create a competitive advantage from the knowledge of its employees, the knowledge easily becomes an important asset (Grant 1996). On the other hand, when knowledge is not properly used within the organisation, knowledge might only be of little value or even be useless. Knowledge risks describe the likelihood of any loss resulting from the identification, creation, storage or protection of organisational knowledge that may decrease the operational or strategic benefit of a company (Perrott 2007). Due to the nascent stage of research in the field of knowledge risk management, there are no well-established models, frameworks and other tools (Durst et al. 2016; Lee et al. 2014; Trkman and Desouza 2012). Therefore, the paper of Durst and Zieba (2017) takes a pioneering role in sub-categorising knowledge risks and also creating a common understanding of the most important phrases and concepts as well as a taxonomy which might serve as the basis for a more profound academic and professional discussion.

Knowledge Risk Management in German Leasing Companies

161

Fig. 1 Types of knowledge risks. Source Own illustration, adapted from Durst and Zieba (2017, p. 59)

Durst and Zieba (2017, p. 51) showed that knowledge risks can be divided into internal (from inside the company) and external (from outside the company) categories. Figure 1 gives a good overview of different knowledge risks.

2.2 Impact of Knowledge Risks The different knowledge risks can result in positive and negative consequences for companies, no matter their size or their industry they are active in. In the following, only the narrow definition of knowledge risks as “a loss from an event connected with the identification, storage or protection of knowledge” is applied (Trkman and Desouza 2012, p. 5). Furthermore, the impact might be very minor up to catastrophic—depending also on the respective measures to manage actively (or passively) the underlying knowledge risks (Massingham 2010). The German finance leasing market has been regulated by the banking supervision since the end of 2009. Similar to credit institutions, finance leasing companies (in the following, simply called “leasing companies”) also have to comply with the “minimum requirements for risk management” (MaRisk) and the “German Banking Act” (KWG). The focus of regulation is mainly on risk governance and factors like risk organisation and risk appetite as well as risk culture (Gontarek 2016). Due to the fact that the regulative requirements do not explicitly name “knowledge risks” as a separate risk category, they are widely underestimated in the finance industry in general and the leasing industry in particular. In several requirements, they are covered implicitly or with rather minor importance. Nevertheless, they need to be considered when aiming to implement an enterprise-wide risk management organisation. Knowledge risks vary greatly and depend heavily on the respective company size, business model or simply the corporate climate and

162

C. Glaser

perspectives. Furthermore, not all presented characteristics necessarily need to go along with a knowledge risk. For example, employee turnover might be desired to a certain extent as it avoids standstill and ensures that ideas from outside are brought in. To assess if a knowledge risk occurs or if it is still in a comfortable range, it is necessary to have a good overview and judge it in terms of the underlying value. Several knowledge risks are also stressed by the banking regulation and can be found in the regulatory “minimum requirements for risk management” (MaRisk). For example, outsourcing risks are stressed and besides quality and continuity aspects, also knowledge considerations are demanded. There need to be backup plans to ensure that a backward integration of an outsourced job is realisable and that the business continuity is not in danger. Furthermore, the banking regulation requires written documentation, job descriptions, and substitution as well as contingency plans. However, as an inquiry of 40 leasing companies (which represent about 25% of the German leasing market in terms of sales volume) conducted by the author revealed, knowledge risks are still rather implicitly managed (Glaser 2018). None of the interviewed firms classified a knowledge risk among its most critical risks and only reassessed it after it was specifically checked on it. Instead, risks that can be better quantified or IT risks are in the risk management focus and less risks such as knowledge waste, forgetting, knowledge hiding or knowledge spillover. When comparing the essential knowledge risks among the different, interviewed leasing firms, one can also see a side effect. Whereas small- and medium-sized leasing firms depend strongly on certain key players and their expert knowledge (Gilmore et al. 2004), for example in the fields of treasury, sales or re-marketing of assets, larger firms have more often a better substitution planning. For small firms, it is mostly simply not efficient to have a substitute employee for each job. On the other hand, larger firms have more substitute employees; but at the same time, they tend to have several knowledge silos, and therefore, clear rules—which are not yet set among all companies—are necessary to avoid knowledge waste. Also, “political” fights and conflicting interests among departments and group leaders lead to knowledge hiding or knowledge hoarding. Tzortzaki (2014) stresses that knowledge hoarding also takes place more often during periods of economic decline when internal competition for scarce resources increases. Especially companies with large employee turnover as well as firms of larger size with more decision-makers find it difficult to transfer tacit knowledge. In companies with little staff turnover as well as small companies with the owner and/or the owner-manager who ultimately decides, tacit knowledge might get more and more explicit to the other employees. It is easier for him/her to transfer his/her individual tacit knowledge over a longer period of time compared to numerous decision-makers with individual attitudes and behaviours in large companies.

Knowledge Risk Management in German Leasing Companies

3

163

Methodology

In the following, the methodological choices of the presented empirical research are presented and justified. Furthermore, the major considerations of the sample selection are briefly described (Glaser 2019).

3.1 Reasons for Applying Qualitative Research As the state of research in risk management for German leasing companies in general and knowledge risk management, in particular, is nascent and the main domains of this research are hard to measure in a quantitative way, a qualitative research approach is chosen (Edmondson and McManus 2007; Khan et al. 2016). In-depth expert interviews with chief risk officers or (owner-)managers including brief background information are preferred rather than other qualitative approaches such as case studies, ethnography or focus groups. Through these in-depth interviews, nascent research areas can be explored (Edmondson and McManus 2007; Tsang 2014; Zachariadis et al. 2013). Interviews were conducted between April and September 2017 and covered mainly the practical risk management including risk management organisation, the operations and resources perspective as well as reporting and budgeting. Research can be seen as cross-sectional, which actually means that the chosen non-random samples are taken in snapshot rather than a longitudinal mode. In building theory, the researcher relies on induction. Characteristically for research in a nascent knowledge area, the aim of this inquiry is to identify patterns that might be transferred to a resulting framework. To ensure plausibility and feasibility of the proposed framework, four additional interviews were conducted with risk managers of German leasing firms (Glaser 2018).

3.2 Sample Selection For the present research topic, non-probability sampling was applied as the samples were self-selected by the researcher. This seems to be appropriate as also no statistical inferences about the characteristics of the population were drawn. On the basis of this sample, one is still able to generalise about the population, however, not on a statistical basis (Saunders et al. 2009). To be included in the sample, different criteria needed to be achieved. Besides others, only companies with the permission by the German banking supervision (BaFin/Bundesbank) to offer finance leasing and persons either responsible for risk management or general managers were interviewed. The whole sample added up to 35 small- and medium-sized and five large German leasing firms. Table 1 shows demographic variables for each interviewee.

4 7 7 9 9 10 10 10 12 14

20 20 22

25 25

27 28 30

Micro Micro Micro Micro Micro Small Small Small Small Small

2 3 4 5 6 7 8 9 10 11

12 Small 13 Small 14 Small

15 Small 16 Small

17 Small 18 Small 19 Small

3

Micro

140 100 66

20 175

200 4 36

17 30 35 34 40 130 3 36 25 33

3

Employees New contact volume p.a. (mio. EUR)

1

Size cluster

Table 1 Demographics of each interviewee

No Yes Yes

No Yes

No No Yes

No Yes No Yes Yes Yes Yes No Yes Yes

Yes

Yes No No

No No

Yes No No

Yes No Yes No No No No No No No

No

Owner-managed Part of a group (>2 firms, total >250 employees)

Yes No No

No No

Yes No No

Yes No No No No Yes No No No No

No

Yes No No

No No

Yes No No

No No Yes No No No No No No No

No

Bank-depending Captive/Primarily sales financing

IT for medical industry Universal Used machines Machines Universal Universal Universal Universal Universal Universal Used premium cars Machines Fleet cars Medical technology IT Cars, boats and vintage cars Machines Universal Universal (continued)

Business focus

164 C. Glaser

31

32 40 42 42 43 50 69 70 79 80 120

140 160 165

220 390 690

Small Small Small Small Small Medium Medium Medium Medium Medium Medium

21 22 23 24 25 26 27 28 29 30 31

32 Medium 33 Medium 34 Medium

35 Medium 36 Large 37 Large

1000 714 1045

500 613 500

85 70 130 80 120 65 150 230 90 161 300

66

Employees New contact volume p.a. (mio. EUR)

20 Small

Size cluster

Table 1 (continued)

No No No

No No No

No No Yes Yes No Yes No No Yes Yes No

No

Yes Yes Yes

Yes Yes Yes

Yes Yes No No Yes No Yes No No No Yes

No

Owner-managed Part of a group (>2 firms, total >250 employees)

Yes Yes Yes

No Yes No

No Yes No No Yes No No Yes No No Yes

Yes

No No No

Yes Yes Yes

No No No No No No No No No No No

No

Bank-depending Captive/Primarily sales financing

Cars, agri, machines, medical IT Cars Universal Universal Universal IT Universal Universal Universal Universal Agri, cars, machines, yachts Cars Trucks Industries of holding Food and agri Universal Universal (continued)

Business focus

Knowledge Risk Management in German Leasing Companies 165

600 1000 8900

Employees New contact volume p.a. (mio. EUR)

38 Large 800 39 Large 900 40 Large 2500 Source Own illustration

Size cluster

Table 1 (continued)

No No No

Yes Yes Yes

Owner-managed Part of a group (>2 firms, total >250 employees) Yes Yes Yes

Yes No No

Bank-depending Captive/Primarily sales financing Universal Universal Universal

Business focus

166 C. Glaser

Knowledge Risk Management in German Leasing Companies

167

There are numerous approaches to analyse qualitative data. Considering the underlying research philosophy as well as the status quo of research and the form of data, grounded analysis is chosen. While in the other major data analysis approach, content analysis, a positivist framework forms the basis (Easterby-Smith et al. 2015, p. 188), critical realism and grounded theory seem to be highly compatible (Kempster and Parry 2014; Levers 2013; Oliver 2011). Instead of (merely) testing and elaborating existing theory, grounded analysis is open to build theory from themes and categories based or “grounded” in the data. This means that a systematic analysis is needed to identify theories (Charmaz 2006). Therefore, the grounded analysis takes a more holistic approach than content analysis as it derives structure within a more inductive environment by comparing different data fragments, rather than analysing data purely deductively in a pre-existing structure (Easterby-Smith et al. 2015, p. 191). Through this, grounded analysis is open to new discoveries. It is mainly about the understanding of context. Additionally, there are different cycles in data analysis to address questions arising from the previous analysis until “data saturation” is achieved.

4

Research on Enterprise-Wide Risk Management in the Leasing Industry

In the following, the main results of the conducted research in the German leasing industry are presented. Besides a framework on the implementation of an enterprise-wide approach to risk management, also conclusions on the status quo of risk management practice of German leasing firms are drawn (Glaser 2019).

4.1 Development of a Framework in Enterprise Risk Management (ERM) This framework essentially carried forward the work of Henschel (2007, p. 23), Hardy (2010), Spikin (2013, p. 101), Brustbauer (2016, p. 81) and Smallman (1996, p. 15). The validity of this approach might also be seen in the fact that the Committee of Sponsoring Organizations of the Treadway Commission (COSO) updated its enterprise risk management framework in late 2017 by the parameters “performance” and “strategy” (COSO 2017). Furthermore, the international standard for risk management ISO 31000:2018 stresses the importance of an integrated approach to risk management including strategy and planning (Herdmann and Henschel 2018). a. Risk Management Organisation The core of the framework is the risk management organisation. Aside from the business model, the shareholder structure or other resources, there are essentially

168

C. Glaser

the three elements of the risk strategy, the motivation as well as the critical risks that determine all subsequent requirements. The risk strategy is the centre of all risk activities and needs to be derived directly from the general business strategy. When this connection is missing, no effective risk management is possible or at least numerous resources are necessary to harmonise the business and risk strategy during the operative actions. The underlying motivation greatly influences the entire risk management system. Is the motivation intrinsic or maybe even to establish an enterprise-wide, economic perspective or is the main driver merely regulatory compliance? Based on this, it can be decided how many resources are needed to satisfy the motivation. The critical risks are needed to be captured systematically, typically in a so-called risk inventory. The methods to identify them are diverse with brainstorming approaches, based on scenario analyses, or simply experience and experts’ opinions. b. Operations and Resources In an enterprise-wide approach to risk management, the risk management function comprises more than just the basic risk management tasks like dunning, liquidity management and credit approval. Moreover, it includes formal policies and internal procedures, a systematic process description and a contingency planning that also considers outsourced tasks. Of major importance are also the steps of risk assessment and risk response, especially the risk culture and the compensation scheme. Risk culture describes the actually lived standards and is therefore even more focused on the daily and operative activities than the more global risk strategy or global portfolio targets. To ensure a strong motivation for every single employee as well as to avoid the principal–agent problem, risk culture and compensation scheme need to be harmonised. c. Status Quo Reporting It is crucial that decision-makers are informed to be able to have better risk management decisions. Besides risk and portfolio reporting, the core element of status quo reporting is surely the risk-bearing ability that is calculated on a one-year basis. In a nutshell, the risk-bearing ability calculation determines whether the risk strategy is successful and whether the leasing firm is able to finance its risks (in particular the expected losses). Besides additional backtesting activities and also connections to the opportunity cost perspective when calculating alpha and beta errors, it is mainly the connection to the company’s performance and the connection to risk performance measures that offer an integrated, enterprise-wide view including risk perspectives. On the basis of status quo reports and findings from risk monitoring, not only historic stress tests are created but also databases are fed and pattern recognitions are undertaken. Especially in the field of the counterparty as well as external fraud risks, these

Knowledge Risk Management in German Leasing Companies

169

Fig. 2 Framework on enterprise risk management for leasing firms. Source Glaser (2018)

analyses are comparably advanced and help to identify events in advance due to a well working early warning function. d. Development and Budgeting The core of the development and budgeting perspective is surely strategic planning and objective setting. Especially when recalling the definition of risk as “a negative deviation from the plan” (Gleißner et al. 2016, p. 14; Leitch 2010), it becomes clear that risk and planning definitely need to be considered commonly. Besides the regulatory requirements of the capital requirement calculation (three- to five-year focus), which is essentially a prolonged risk-bearing ability calculation (one-year focus), scenario analyses and hypothetic stress tests as well as the new product process, especially portfolio management is of great importance in the development stage. Figure 2 presents the derived framework on the basis of the conducted 40 interviews with 35 SMEs and 5 large firms from the German leasing industry.

4.2 Status Quo of Risk Management The research outcome is widely in agreement and corresponds with the few, existing literature on risk management in leasing firms, although those studies differed in design and sample. The central research outcome on the risk

170

C. Glaser

management practice of German leasing companies, in general, is summarised in the following seven theses before the upcoming chapters focus on knowledge risk management in particular: 1. Regulation can be seen as the central driver of risk management practice. 2. Risk management decisions of leasing firms are mainly based on single exposure level. 3. The vast majority of leasing firms does not have an integrated approach to risk management. 4. Lack of know-how and a high degree of informality strongly influence the risk management practice of leasing SMEs. 5. Scarcity of resources can be seen as a driving force in every management decision of leasing SMEs. 6. Organisational learning shows clear room for improvement and is often conducted in a rather unstructured way. 7. The business organisation is shaped by strong dependencies on key players and by flat hierarchies. An applied scoring of the risk management practice revealed that German leasing firms have different levels of risk management sophistication. With increasing firm size, the level of sophistication is increasing. Small firms are typically lacking the know-how as well as key resources like time, money and IT equipment. Especially compared to larger firms, it is important to state that SMEs need their own solutions and processes as they are not just “the smaller version of large firms” and their methods can therefore not be handed down to them (Shrader et al. 1989; Virdi 2005, p. 5).

5

Consideration of Knowledge Risks

The presented framework in Fig. 2 will serve as a basis to evaluate knowledge risks and build up an integrated knowledge risk management approach (Glaser 2018). a. Risk Management Organisation Perspective The starting point is surely the acceptance of knowledge risks as an integrated, separate risk category instead of simply summing up knowledge risks in the wide conglomeration of “operational risks”. Through the heterogenic structure of operational risks, an active management of this risk category is often very complex or even impossible. When knowledge risks are defined as critical, the risk strategy needs to consider them as well. Furthermore, it should be made transparent whether the main motivation is intrinsic or simply “regulatory compliance”.

Knowledge Risk Management in German Leasing Companies

171

b. Operations and Resources Perspective In the “operations and resources” dimension of the presented framework, one can distinguish between explicit and implicit, tacit knowledge. Whereas explicit knowledge can/should be considered in process documentation and organisational handbooks as well as regulations or automated workflows, it is important for tacit knowledge to ensure a good internal communication and motivating employees to share their knowledge. It is also essential that employees do not simply have dry runs in the form of process descriptions but also to frequently perform selected jobs in practice. Small companies often educate their employees to generalists instead of specialists. Surely, this leads to a certain degree of inefficiency when it comes to specialist skills and synergy effects; on the other hand, it avoids too strong dependencies on only few employees and potential knowledge loss in case of the absence of a key player. Another frequently chosen measure is job rotation or more automated and workflow-based process steps with plausibility checks, etc. An open corporate culture that promotes knowledge sharing and that is also connected to the compensation scheme might help to reduce the risk of knowledge hiding. Surely, cultural measures need their time to be implemented and widely accepted. Two very strictly regulated areas of the operations and resources dimension are the contingency planning and outsourcing. Nevertheless, the main focus of the researched leasing firms is on IT risks and knowledge risks are neglected. Whereas one can back-up the IT system and easily restore data from a certain point in the past, there is not necessarily any point from which one can restore knowledge when a key player is absent/leaves the company. Therefore, it is very important to ensure at least for the most critical process a frequently tested substitution and contingency concept. c. Status Quo Reporting Backtesting and early warning systems should be used to assess how knowledge risks might change over time and whether a certain training need is identified. Knowledge attrition seems to be an important risk for most of the researched leasing firms as there are only very few impulses from outside besides the auditor and the federal association of German leasing firms. Companies with only little fluctuation and/or few career changers run the risk that the corporate knowledge is getting obsolete. Control activities should also give soft facts enough room to be considered. Complaints of employees about double work might be a sign for knowledge waste, colleagues who refuse to support or say they do not know-how something (in their field of responsibility) works might be an indicator for knowledge hiding or hoarding. Besides regular appraisal interviews with employees, also “checkout talks” with fluctuating employees or even customers complaining that former sales representatives (sales reps) are trying to acquire them for the “new” company are

172

C. Glaser

good sources for risk identification and assessment. Also, frequent calls from head hunters might be an early warning sign for an increased risk of employee poaching that might also result in knowledge loss. d. Development and Budgeting In the budgeting perspective, it is very important to consider also the negative (as well as positive) effect of knowledge risks on the achievement of the company’s goals. The following five questions might serve as a starting point to determine the vulnerability of the financial budgets due to striking knowledge risks: 1. What might be the effect if the best sales representatives leaves the company and takes with him/her 50% of his/her customers? 2. How long does it take until a substitute (from inside or outside the company) can replace the general manager due to sudden absence (e.g. car accident, death, severe disease without the chance to contact him/her, etc.)? 3. How long does it take to re-integrate all outsourced tasks? What are the costs and which stakeholders are involved? 4. How many key players exist in the company? Do all key players have substitutes or are there any contingency/emergency plans? Is there any dry run to check the effectiveness of the contingency measures? 5. Triggered through a loss of data in the IT system: Is the company able to perform the core processes without the enterprise resource planning (ERP) system and only with very basic software such as Microsoft Office, etc.? Surely, it is nearly impossible to determine the exact effect on selected knowledge risks such as forgetting, knowledge hiding, knowledge loss or outsourcing knowledge risks to the achievement of the company’s targets. Nevertheless, they can be an important element of scenarios or stress tests. In qualitative stress tests, it is also more about creating awareness for potential existence-threatening situations and less on predicting exact outcomes. Sensitising not only the decision-makers but all employees of a company for potential knowledge risks and their effects on the company’s goals helps to be better prepared for crisis situations and building up countermeasures to avoid such situations.

6

Framework on Knowledge Risk Management (KRM) for Leasing Firms

The presented framework on KRM aims to transparently manage knowledge risks regardless of the company’s size. This means to identify the importance of each risk and its probability of occurrence. Afterwards, the company’s capacity to manage these risks needs to be considered, and score values can be assigned to each knowledge risk (Massingham 2010, pp. 19–20).

Knowledge Risk Management in German Leasing Companies

173

The core element of KRM forms the underlying risk strategy. It needs to be derived from the business strategy and the global risk strategy and must include detailed information to what extent knowledge risks are accepted and how they should be handled. Furthermore, the knowledge risk strategy should consider whether KRM is solely focussing on regulatory compliance or instead of following a wider approach with integration into the global risk management and therefore performed out of intrinsic motivation. The typical starting point is a transparent list of knowledge risks including assessments in a quantitative and qualitative ways, interrelationships with other risk categories (knowledge risk mapping/knowledge risk inventory). The existing tools of the risk inventory can be used and should be extended to knowledge risks. It should be made transparent “who knows what”. In the operations and resources perspective, selected measures—depending strongly on the underlying critical risks and interrelationships among risk categories —are included. They range from process descriptions, formal substitutions and contingency plans up to measures to establish a knowledge-sharing culture like department’s round table discussions or formal mentoring systems. Surely, the banking regulation led to a professionalization of risk management in leasing companies. Also, more formal processes and procedures were promoted. Nevertheless, it can be seen that the degree of formality of risk management depends strongly on the company size. This was also confirmed in earlier studies in other industries (Durst and Ferenhof 2016; Falkner and Hiebl 2015; Henschel 2008). Especially in small- and medium-sized firms, knowledge is mostly informal (Henschel et al. 2015), and therefore, also KRM is supposed to be more difficult to establish. This can also be seen in the rather unstructured learning process with only very few knowledge input from outside the organisation. The only exception in the leasing industry seems to be fraud prevention where companies of all sizes are very advanced and a very good exchange in-between the whole leasing industry is established—also due to the coordination of the federation of German leasing firms. On the other hand, larger firms are more susceptible to knowledge silos and double work which leads to knowledge waste. Not surprisingly, the former CEO of Hewlett Packard (HP), Lewis Platt, once stated “If HP knew what HP knows, we would be three times as profitable” (Davenport and Prusak 1998, p. XII). Different, non-integrated IT systems and media disruptions increase the risk of knowledge waste significantly. In the status quo reporting perspective, it is essential to constantly compare the status quo to the corporate objectives. This is also more than simply performance monitoring and reporting, but instead includes the identification of training needs, backtesting and complaints management, employee education and finding the right balance between generalists and specialists, or the right balance between formal processes with a low knowledge risk and flexible processes to individually address the customers’ desires with at the same time higher knowledge risks. It is about taking risks “learnable” and moving the decision-makers as well as all other employees from the unknown to the known. Only what is known can also be actively managed!

174

C. Glaser

Fig. 3 Framework on knowledge risk management for leasing firms. Source Own illustration

The development and budgeting dimension focus on the potential impact of knowledge risks on the company’s plan fulfilment. Besides forecasts or scenario analyses for the status quo, this also involves strategic planning aspects such as decisions on activities in new markets or with new products or potential mergers and acquisitions. Furthermore, this might also involve larger changes in organisational structures and processes. In this dimension, it is important to also involve stakeholders to a certain extent. Figure 3 presents a proposed framework for KRM that is following the earlier presented framework for an enterprise-wide approach to risk management for German leasing firms.

7

Self-assessment on KRM

Based on the framework presented in Fig. 3 and practical experiences of the author, the following “Practitioner Checklist” is supposed to support leasing companies (and companies from other industries as well) in their efforts to identify knowledge risks and finally implement knowledge risk management in practice:

Knowledge Risk Management in German Leasing Companies

175

Practitioner Checklist on KRM Step 1 Identification of critical knowledge (Ilvonen et al. 2015, p. 7) • Dimension of knowledge use: strategic versus operative decisions • Topic of knowledge: competitors, customers, products, market situations, processes/practices • Recipient of knowledge: customers, employees, community, network, partners • Source of knowledge: network partners, employees, IT systems, community members, practices. Step 2 (Early warning) Indicators for knowledge risk monitoring • Employee fluctuation (especially in critical departments such as sales) • Number of identified key players (employees in critical jobs without substitute) • Days of absence • Days of training • Outsourcing ratio (number of outsourced, critical tasks/activities) • Number of non-integrated, different IT systems • Lost customers to former sales representatives • Internal complaints due to knowledge hiding • Employee education: specialist vs. generalist • Degree of formality of internal activities: formal versus informal • Core processes documented • Effect of absence of a key player (department leader, sales representatives, general manager) • Contingency planning considering knowledge risks • Knowledge sharing/mistake culture • Mentoring system in place • Employees “lost” to direct competitor • Computer crash/breakdown in the current period? • Age/availability of IT infrastructure.

176

C. Glaser

The points considered in step 1 of the presented practitioner checklist on KRM are essentially open questions and can be answered completely differently depending on the individual, critical knowledge risks of each company. The indicators mentioned in step 2, however, are transformed in the following “Self-Assessment on KRM” template. Based on the results of this assessment, the leasing firms see transparently where any areas for improvement are and where KRM is already working well. For each question, a scoring between 1 (lowest) and 4 (highest) is supposed to be assigned. To avoid that the middle score is chosen too often, four grades are chosen. Self-assessment on KRM Instruction: Please answer the following questions for the considered company by assigning scores between 1 and 4. a. Infrastructure How frequent and how severe were computer crashes, system breakdowns and IT downtimes in the last 12 months? (1 = not at all; 2 = very seldom and only minor effect; 3 = happened several times with an effect only on few departments; 4 = happens frequently with considerable effects to the whole company) How would you describe the age and availability of the IT infrastructure? (1 = state of the art; 2 = quite new with strict maintenance intervals; 3 = infrastructure works mostly, but maintenance intervals have expired; 4 = outdated infrastructure, hard to find experts to fix the system in case of problems) To what degree are non-integrated, different IT systems used? (1 = one major ERP system for all critical processes; 2 = only very few other applications that are, however, connected via standard interfaces; 3 = several different IT systems that are mainly connected via standard interfaces to one leading ERP system; 4 = numerous non-integrated system with different leading systems and double-entry of data depending on different departments) b. Knowledge culture Is a company-wide mentoring system in place? (1 = mandatory for every new employee in the first 2 years; 2 = on a voluntary basis, depends on each department; 3 = when deficits are identified, employees are asked to check with more experiences colleagues; 4 = no. Instead, supervisor decides individually)

Knowledge Risk Management in German Leasing Companies

177

Is a company-wide, formal knowledge sharing and mistake culture lived? (1 = very well established with additional events such as regular round table sessions or jour fixes for department-wide exchange; 2 = partly, depends strongly on each department leader and superior; 3 = first measures to step away from egoistic views; 4 = culture of fear with blaming and knowledge hiding widely spread) How frequent are internal complaints due to knowledge hiding? (1 = very seldom, knowledge is also shared proactively; 2 = partly, but clear measures and responsibilities of superiors to ensure knowledge sharing; 3 = quite frequent, depending strongly on the department; 4 = quite frequent all-over the company) c. Restart phase What is the degree of formality for internal activities? (1 = highly formal, all important decisions need to be audit-proof and follow the rules; 2 = mainly formal, only in few situations, informal and spontaneous activities/overrides are common; 3 = mainly informal with only few rules, but more and more formalised due to regulative pressure; 4 = highly informal, management decides on their own with a high degree of flexibility, no global policy or rules in place) To what degree are core processes documented? (1 = all core processes are documented and constantly checked and updated; 2 = most processes are documented and updated once a year; 3 = only few documented processes, no mandatory update; 4 = (specialist) knowledge is mainly undocumented and typically in the head of the employees) Is a contingency planning in place and considers also knowledge risks? (1 = well-established and also considering critical knowledge risks; 2 = in place but not covering all essential knowledge risks; 3 = only considering IT risks, no knowledge risks at all; 4 = no contingency planning at all) d. Coordination effort with partners To what extent are critical tasks outsourced? (1 = not at all; 2 = only very few outsourcing and carefully selected partners with certifications; 3 = several critical tasks are outsourced, and there are contractual regulations but no additional checks or minimum requirements of outsourcing partners; 4 = numerous activities to stay flexible and make use of partner’s expertise instead of building up own expertise)

178

C. Glaser

Does the contingency planning also consider outsourced activities? (1 = all outsourced activities are considered and annual floor checks undertaken; 2 = partly, focus on most critical outsourced tasks; 3 = only on special purpose when risks are striking; 4 = no, focus only on internally performed tasks) e. Dependency on key players How is the level of employee fluctuation in knowledge–critical departments, such as sales? (1 = constant on a low level; 2 = slightly increasing but still on a low level; 3 = constant on a medium level; 4 = strongly increasing and/or on a high level) How is the level of absence days in knowledge-critical departments, such as sales? (1 = constant on a low level; 2 = slightly increasing but still on a low level; 3 = constant on a medium level; 4 = strongly increasing and/or on a high level) How is the level of (external) training days, especially in departments with critical specialist knowledge, such as legal department? (1 = constant on a high level; 2 = slightly decreasing but still on a high level; 3 = constant on a medium level; 4 = strongly decreasing and/or on a low level) How is the level of lost customers to former sales representatives (customer “stealing” through fluctuated employees)? (1 = constant on a low level; 2 = slightly increasing but still on a low level; 3 = constant on a medium level; 4 = strongly increasing and/or on a high level) How is the level of employees “lost” to direct competitors (employee “stealing” through direct competitors)? (1 = constant on a low level; 2 = slightly increasing but still on a low level; 3 = constant on a medium level; 4 = strongly increasing and/or on a high level) How high is the proportion of key players without direct substitutes? (1 = very low, all key players have assigned direct substitutes who also serve as holiday replacement to stay updated; 2 = quite low, assigned substitutes to the vast majority of key players; 3 = moderate, substitution planning for most key players, degree of practical tests, e.g. due to holiday replacements, depends on each department; 4 = high, substitutes are assigned by management on special purpose only when key player is absent, based on availability of substitutes)

Knowledge Risk Management in German Leasing Companies

179

What is the focus of employee education: specialist or rather generalist? (1 = generalist; 2 = centralistic education with specific expert’s focus; 3 = focus on expert’s knowledge that is covered by several employees —“expert’s group”; 4 = specialist with large expert knowledge and little up to no direct substitutes) What is the effect of the sudden absence of a key player such as department leader, sales representatives, general manager? (1 = more work for substitute, but clearly defined tasks and responsibilities; 2 = most tasks are documented, substitute needs some time to keep the critical processes running; 3 = negative effect is seen clearly in the financial figures, large degree of improvisation necessary with time-intense search for substitute and substitute’s start-up phase; 4 = existence-threatening situation, search for external substitutes takes very long) When calculating the average score for each of the questions and/or the categories, it becomes quite obvious where improvement potentials and where critical knowledge risks are. Based on the criticality, the companies should prioritize their actions. Scores between 1 and 2 might be assigned due to a low knowledge risk and no immediate action necessary, whereas scores between 3 and 4 might be an indicator for very critical knowledge risks and the need for immediate action and countermeasures. Like in the classical risk management as well, the risk handling is typically oriented on the severity, i.e. the risk/loss potential, and the respective probability of occurrence. Therefore, different countermeasures might be selected when handling different knowledge risks. Also, the success of the chosen measures should be closely monitored in a designated knowledge risk reporting. Based on the presented checklist with the self-assessment and the earlier presented framework on knowledge risk management, one can see clear differences among the different leasing companies and the respective anchorage of KRM in the operative tasks and processes. Companies with a proactive approach seem to consider most of the mentioned points and try to achieve the maximum effect, whereas small companies are often following a rather passive approach to KRM. If they consider knowledge risks at all, they are often only reacting when a severe situation occurs. They are typically focussed strongly on very few, sometimes only one key player (typically the owner-manager) and no formal KRM or documented processes and contingency plans are existent. Due to the high degree of informality, knowledge stays tacit and is not getting explicit which makes KRM very difficult. Table 2 presents a summary of selected KRM characteristics of the two extremes, the passive and the active approach to KRM.

180

C. Glaser

Table 2 Different approaches to KRM Passive approach to KRM – Key players are not fully transparent and no substitution plans are in place – Very few training/input from outside the company – IT systems are outdated and mainly non-integrated – High degree of informality—knowledge tacit, not explicit – No documented core processes – Neither mentoring system nor contingency planning nor outsourcing controlling Source Own illustration

8

Active approach to KRM – Key players are made transparent with clearly assigned substitutes – Input from outside and training are seen as very important – Modern IT system with very few different sub-systems/databases is in place – Focus on formal and documented processes – Mentoring system, knowledge as well as open mistake culture are lived and promoted in the company – Contingency and outsourcing controlling

Conclusion

The goal of this chapter was not to present a framework in the sense of a universal blueprint that can be implemented in every (leasing) company without any modification. Rather, the goal was to create an awareness for the importance of knowledge risk management and trigger more conscious handling of knowledge risks. Of course, not all knowledge risks can and should be eliminated. Instead, it is already a huge progress in the beginning of the existing tools and processes are/can be extended to knowledge risks. This includes the steps of risk identification, risk assessment, risk handling and risk monitoring. Afterwards, surely, also more specific KRM tools might be implemented. To ensure an efficient KRM, it is important to transparently determine which knowledge risks are the most critical ones, what is the potential risk effect in terms of potential loss and the probability of occurrence. So, it is basically the first steps of every risk management process: risk identification and risk assessment, for example with the help of a transparent risk inventory. The measurement tends to be more qualitative and less quantitative than “classical” risk categories of leasing firms such as default risks or market price risks. For high knowledge risks, for example, the focus of countermeasures might be on system-integrated workflows and increased automation. Integration of risk data (e.g. in the risk reporting) is in the focus of the banking regulation, anyways. Extending this scope to other knowledge risks will not avoid any knowledge risk, but it might reduce them significantly and increase the effectiveness of KRM by using synergies with “classical” risk management at the same time. The presented framework on KRM is supposed to support leasing firms in implementing and integrating their KRM efforts with the classical enterprise-wide risk management which also considers regulatory requirements. Most of the

Knowledge Risk Management in German Leasing Companies

181

presented tools and risk management activities are relevant for companies of all sizes and industries and are therefore not only limited to the German leasing industry. The presented framework as well as the “practitioner checklist” in combination with the “self-assessment on KRM” is based on empiric research and enriched by best practices and practical experience of the author in the leasing industry. They are supposed to take a pioneering role and form the basis for upcoming, more detailed research explicitly addressing KRM—also in companies in other industries, countries or with other business models.

References Brustbauer, J. (2016). Enterprise risk management in SMEs: Towards a structural model. International Small Business Journal, 34(1), 70–85. Charmaz, K. (2006). Constructing grounded theory: A practical guide through qualitative research. London: Sage. Committee of Sponsoring Organizations of the Treadway Commission (COSO). (2017). Enterprise risk management—Integrating with strategy and performance. https://www.coso.org/ Documents/2017-COSO-ERM-Integrating-with-Strategy-and-Performance-ExecutiveSummary.pdf. Accessed August 12, 2018. Davenport, T. H., & Prusak, L. (1998). Working knowledge: How organizations manage what they know. Boston: Harvard Business Press. Durst, S., Bruns, G., & Henschel, T. (2016). The management of knowledge risks: What do we really know? International Journal of Knowledge and Systems Science, 7(3), 19–29. Durst, S., & Ferenhof, H. A. (2016). Knowledge risk management in turbulent times. In K. North & G. Varvakis (Eds.), Competitive strategies for small and medium enterprises (pp. 195–209). Cham: Springer. Durst, S., & Zieba, M. (2017). Knowledge risks—Towards a taxonomy. International Journal of Business Environment, 9(1), 51–63. Edmondson, A. C., & McManus, S. E. (2007). Methodological fit in management field research. Academy of Management Review, 32(4), 1246–1264. Easterby-Smith, M., Thorpe, R., & Jackson, P. R. (2015). Management and business research. London: Sage. Falkner, E. M., & Hiebl, M. R. W. (2015). Risk management in SMEs: A systematic review of available evidence. Journal of Risk Finance, 16(2), 122–144. Fiordelisi, F., Soana, M. G., & Schwizer, P. (2013). The determinants of reputational risk in the banking sector. Journal of Banking & Finance, 37(5), 1359–1371. Gaudenzi, B., Confente, I., & Christopher, M. (2015). Managing reputational risk: Insights from an European Survey. Corporate Reputation Review, 18(4), 248–260. Gilmore, A., Carson, D., & O’Donnell, A. (2004). Small business owner-managers and their attitude to risk. Marketing Intelligence & Planning, 22(3), 349–360. Glaser, C. (2018). Risikofaktoren im Leasing und deren ganzheitliches Management: Ergebnisse einer empirischen Studie kleiner und mittelständischer Unternehmen. Finanzierung Leasing Factoring, 65(5), 210–217. Glaser, C. (2019). Risk management in German leasing SMEs—A qualitative study. In P. Linsley, P. Shrives, & M. Wieczroek-Kosmalla (Eds.), Multiple perspectives in risk and risk management (pp. 193–210). Cham: Springer. Gleißner, W., Berger, T., & Arnold, M. (2016). Risikomanagement (5th ed.). Carl von Ossietzky Universität Oldenburg – Center für lebenslanges Lernen C3L, Oldenbourg.

182

C. Glaser

Gontarek, W. (2016). Risk governance of financial institutions: The growing importance of risk appetite and culture. Journal of Risk Management in Financial Institutions, 9(2), 120–129. Grant, R. M. (1996). Toward a knowledge-based theory of the firm. Strategic Management Journal, 17(S2), 109–122. Hardy, K. (2010). Managing risk in government: An introduction to enterprise risk management. https://www.rims.org/resources/ERM/Documents/Risk%20in%20Government.pdf. Accessed August 12, 2018. Henschel, T. (2007). Risk management practices in the main industries of German small to medium-sized enterprises an empirical investigation: An empirical investigation. Dissertation, Edinburgh Napier University. Henschel, T. (2008). Sophistication of risk management practices in German SMEs. Controller Magazin, 33(1), 83–90. Henschel, T., Durst, S., & Busch, S. (2015). Praxis des Risikomanagements: deutsche, chinesische und schottische kleine und mittlere Unternehmen. Zeitschrift für Risk, Fraud & Compliance (ZRFC), 10(6), 246–255. Herdmann, F., & Henschel, T. (2018). Praktikables Risikomanagement für KMU in Deutschland. ZRFC Risk, Fraud & Compliance, 13(3), 125–132. Ilvonen, I., Jussila, J. J., & Kärkkäinen, H. (2015). Towards a business-driven process model for knowledge security risk management: Making sense of knowledge risks. International Journal of Knowledge Management, 11(4), 1–18. ISO 31000 International Organisation of Standardisation. (2018). Risk management—Guidelines. https://www.iso.org/standard/65694.html. Accessed August 12, 2018. Kempster, S., & Parry, K. (2014). Critical realism and grounded theory. In P. K. Edwards, J. O’Mahoney, & S. Vincent (Eds.), Studying organizations using critical realism: A practical guide (pp. 86–108). Oxford: Oxford University Press. Khan, M. J., Hussain, D., & Mehmood, W. (2016). Why do firms adopt enterprise risk management (ERM)? Empirical evidence from France. Management Decision, 54(8), 1886–1907. Lee, S., Suh, E., & Lee, M. (2014). Measuring the risk of knowledge drain in communities of practice. Journal of Knowledge Management, 18(2), 382–395. Leitch, M. (2010). ISO 31000: 2009—The new international standard on risk management. Risk Analysis, 30(6), 887–892. Levers, M. J. (2013). Philosophical paradigms, grounded theory, and perspectives on emergence. SAGE Open, 3(4), 1–6. Massingham, P. (2010). Knowledge risk management: a framework. Journal of Knowledge Management, 14(3), 464–485. Oliver, C. (2011). Critical realist grounded theory: A new approach for social work research. British Journal of Social Work, 42(2), 371–387. Perrott, B. E. (2007). A strategic risk approach to knowledge management. Business Horizons, 50 (6), 523–533. Saunders, M., Lewis, P., & Thornhill, A. (2009). Research methods for business students (5th ed.). Harlow: Financial Times Prentice Hall. Shrader, C. B., Mulford, C. L., & Blackburn, V. L. (1989). Strategic and operational planning, uncertainty, and performance in small firms. Journal of Small Business Management, 27(4), 45–60. Smallman, C. (1996). Risk and organizational behaviour: A research model. Disaster Prevention and Management, 5(2), 12–26. Spikin, I. C. (2013). Risk Management theory: The integrated perspective and its application in the public sector. Estado, Gobierno y Gestión Pública, 2013(21), 89–126. Stam, C. D. (2009). Intellectual liabilities: Lessons from the decline and fall of the Roman Empire. The Journal of Information and Knowledge Management Systems, 39(1), 92–104. Trkman, P., & Desouza, K. C. (2012). Knowledge risks in organizational networks: An exploratory framework. The Journal of Strategic Information Systems, 21(1), 1–17.

Knowledge Risk Management in German Leasing Companies

183

Tsang, E. W. (2014). Case studies and generalization in information systems research: A critical realist perspective. The Journal of Strategic Information Systems, 23(2), 174–186. Tzortzaki, A. M. (2014). Knowledge-based strategies for managers in the service sector. Management Research Review, 37(10), 858–879. Virdi, A. A. (2005). Risk management among SMEs. http://www.cpaireland.ie/docs/defaultsource/business-resource/icaew—risk-management-among-smes.pdf?sfvrsn=2. Accessed August 12, 2018. Zachariadis, M., Scott, S. V., & Barrett, M. I. (2013). Methodological implications of critical realism for mixed-methods research. MIS Quarterly, 37(3), 855–879.

Christian Glaser graduated from the University of Portsmouth (UK) and received his doctoral degree in researching risk management practices in the German leasing industry. He worked as Chief Risk Officer of a medium-sized financial servicing firm for more than five years and is a lecturer on risk management at two German universities. Furthermore, he is a book author for Springer and a speaker on risk management and financial services-related topics.

Port Knowledge Risk Management Morrison Handley-Schachler

Abstract

Knowledge risk management aims to control the element of any risk which arises from a poor understanding of risks or of the procedures to control them. It is a key element in control risk in ports in relation to inherent risks such as chemical discharges and release of invasive species from vessels in the harbour. Knowledge risk assessment can be carried out using a bow-tie analysis to develop a fault tree and an event tree. Both sides of the analysis, however, require risk knowledge which may be highly localised to the features and ecosystems of harbours and their surrounding ecosystems. The factors which determine the probability and probable outcome of critical events relating to environmental risks in port also include the level of expertise available to detect and manage the inherent risks. The risk of losing expertise is increased where staff possess complex tacit knowledge and where there is a risk of these staff leaving the organisation. Knowledge risk management should involve knowledge codification, knowledge inventories, simplification of knowledge, managing key staff turnover and succession and risk research. Keywords




Knowledge risk Risk management Environmental management


Bow-tie analysis
Port management


M. Handley-Schachler (&) Edinburgh Napier University Business School, Craiglockhart Campus, 219, Colinton Road, Edinburgh EH14 1DJ, UK e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_11

185

186

1

M. Handley-Schachler

Introduction

The ports sector is an essential element in the transport and logistics sector which lies at the heart of the global economy, for example, within the European Union, shipping, which relies on the availability and efficiency of port services, contributed €145 billion to Gross Domestic Product in 2012 (Goodwin 2016), while the turnover of the port industry itself in the UK was £22.6 billion in 2015 (Centre for Economic and Business Research 2017). Ports are key connecting points for transportation and trade and carry numerous vulnerabilities in relation to the disruption of commerce. They also present significant environmental and safety hazards, the management of which requires a high level and a wide variety of human knowledge and skills. This means that there is considerable potential for gains from the management of knowledge, including the development and preservation of knowledge of risks and risk management procedures within the port organisation and port users, including shipping and inland transport enterprises. Ports are focal points for economic risks, resulting in disruption to supply chains, which can arise from congestion, industrial disputes or equipment failures (Loh and Thai 2015). Although some of the economic risks are borne internally, the consequences of disruption are largely external to the port. The management of economic risks resulting from insufficient or excess capacity requires the modelling of demand for port facilities (Asencio et al. 2014). Ports may also give rise to security risks with a potential impact on society at large (Yang 2011) and are focal points for environmental and ecological risks arising from the transportation and release of chemical hazards (Valdor et al. 2016a, b; Gómez et al. 2015) and invasive species (Williamson 2006; Aliff et al. 2018), with extensive external effects, giving rise to a further responsibility to manage the risks created by port operations and shipping. Knowledge risk management is an aspect of risk management which deals with the problems caused by ignorance and misunderstandings in relation to risks (Caldwell 2008; Massingham 2010; Jafari et al. 2011; Alhawari et al. 2012; Durst and Henschel 2015). Imperfect knowledge of risk is a risk in itself and can be assessed and managed in the same way as any other risk. Knowledge risk is a factor in risk management and therefore a factor in control risk in relation to any other risk. The aim of this chapter is to analyse knowledge risk management methods in relation to port risks and to develop an outline of quantitative methods for analysing the potential causes (fault tree) and effects (even tree) of critical events which may result from poor controls in relation to knowledge management and other aspects of risk management. The next section of this chapter reviews the relevant literature on knowledge risk management. The third and fourth sections suggest general quantitative methods for analysing the fault tree and event tree in relation to risk management and indicates how the ability to conduct this analysis, as well as the ability to impose controls to prevent or mitigate critical events may be affected by the ability to manage knowledge risk in the context of port-related risks, such as the introduction of invasive species. The fifth section addresses key steps in knowledge risk management options.

Port Knowledge Risk Management

2

187

Literature Review

Fig. 1 Inherent and control risk

Ability to Prevent or Mitigate Events

Risk

Potential Events

Control Risk

Inherent Risk

The underlying principle of knowledge risk management is that both the nature of risks and beneficial responses to risks are learnable (Massingham 2010). Knowledge risk management is improved by vertical and horizontal communication to share knowledge of known or emerging risks. Knowledge management leading to greater forecasting accuracy can contribute to better disaster preparedness and greater stakeholder confidence leading to increased economic activity (Kwesi-Buor et al. 2016). All risks have an inherent risk element and a control risk element, as shown in Fig. 1 (see, e.g., in a financial reporting context, Messier and Austen 2000). Inherent risk is the probability of an event occurring and the probable effects of the event assuming that no management controls are in place to mitigate it. Inherent risk arises from the nature of the business and its environment and cannot be changed without fundamentally changing the lines of business in which the organisation operates its business strategy or its core business values and policies. Control risk is the risk that internal controls will fail to prevent adverse events from happening and the further risk that having allowed an event to happen the internal controls will fail to limit the damage caused by events. Strong controls make adverse events less likely and mitigate the damage when they do occur. Knowledge risk is an element in control risk for all risks. It is independent of inherent risk, although there may be factors in the business, social and technological environment, such as levels of education among potential employees, competition for qualified labour and rapidly developing technologies which take time to understand, which may tend to cause an increase in knowledge risk and a consequent increase in control risk. Massingham (2010) advocates the use of matrices for the assignment of the management of risks, including the two-dimensional matrix of frequency and severity to classify risks as intolerable (the highest risk category), unacceptable and acceptable. Massingham adds three further two-dimensional matrices to classify the knowledge used in managing risks by tacitness and by complexity, to classify the organisational management of knowledge by the proportion of personnel holding the knowledge and by risk management motivation, that is the action taken if personnel who hold the knowledge leave the organisation, and to classify the

Probability of Events and Probable Severity

188

M. Handley-Schachler

individual knowledge level required to manage a risk by education level and by experience. The factors on each matrix can be classified as inherent or control risks. The complexity of required knowledge is largely an inherent risk, as this is primarily determined by the type of activity in which the organisation is involved. However, systems design may create unnecessary complexity, resulting in a control risk aspect. Tacitness, however, is almost entirely a control risk factor. Codifying knowledge is in itself a control procedure. Where a task involves manual strength or dexterity, it may be seen as having an inherent risk element, as this creates an inherent tacitness. Codification and training can be used to manage this inherent risk but the underlying need for manual skill is still an inherent risk. The levels of knowledge and experience required to manage risk are essentially inherent risks, as they relate to the activity itself and the risk itself and not to the actual personnel available. They are also likely to be determined in large part by the complexity of the knowledge used in risk management. The organisational issues of proportions of personnel holding the knowledge and risk management motivation, however, are control risk issues. Even where risks have to be managed, undue complexity can not only make it harder for personnel and business partners to learn how to manage the risk under the port authority’s procedures but can lead to inefficiencies in the conduct of economically valuable business, with an example of this provided by Kaiser et al. (2013), in the case of environmental permitting for use of inland waterways in the port hinterland in Brazil. The factors in Massingham’s model affecting the inherent and control risks relating to any knowledge risk can, therefore, be summarised as shown in Fig. 2.

Inherent Risk • Complexity of Issues, Knowledge and Tasks • Need for Creative Solutions • Non-Routine Activity

Control Risk

Overall Risk

• Codification of Issues, Knowledge and Tasks • Personnel Abilities, Knowledge and Experience • Organizational Preparedness for Personnel Changes

Fig. 2 Inherent and control risk factors for knowledge risk management

• Inherent Risk * Control Risk

Port Knowledge Risk Management

189

Knowledge is also subjective in several senses. At the most universal level, cognition is an internal and psychological experience which cannot of itself be directly proved by external observation. Evidence can, however, be provided by testing and certification of individuals’ responses to knowledge-based questions. However, the individual experience of knowledge is also subjective in relation to the individual’s attitudes to knowledge. Knowledge which may have been fully internalised from a cognitive perspective may still be regarded by the person who possesses it with confusion, suspicion or disbelief (Wicklund and Brehm 2004; Harmon-Jones et al. 2015), so that the individual is capable of expressing the knowledge but at the same time uncertain of its meaning, usefulness or veracity. This may affect both the propensity to act on that knowledge and the propensity to share it. Thirdly, knowledge is subjective in terms of its conceptual organisation (Brooks 2011), with different individuals not only understanding the same words in slightly different ways but also seeing different relationships between concepts, which may affect their practical reactions to new events, depending on the responses which they subjectively view as proximate to the category of event to which they allocate the event itself. Jafari et al. (2011), following Project Management Institute (2004), propose six steps in knowledge risk management, which can also be applied to any type of risk, namely risk planning, risk factor identification, qualitative risk factor analysis, quantitative risk factor analysis, response to risk and risk monitoring and control. They adopt two key risk factors from the International Atomic Energy Agency (2006), namely position risk and attrition risk. Position risk is the level of knowledge and skills presently used to manage risk, ranging from critical, unique, undocumented knowledge to common knowledge. The risks relating to undocumented knowledge are part of Massingham’s tacitness factor. In some sense, however, tacitness also relates to uniqueness, as it relates to skills which cannot be preserved purely by documentation but which require innate or practised manual or mental abilities which other personnel may not possess. Mabrouki et al. (2014) analyse risks using a two-factor matrix for criticism and mastery, corresponding to aspects of position risk, with criticism relating to the importance of the skills and knowledge in themselves and mastery relating to the abilities of individuals and groups within the organisation to activate those skills to manage risks. In this sense, criticism may be seen as an element of inherent risk and mastery as the actual knowledge risk which is susceptible to management action. Attrition risk is the risk of losing staff with valuable knowledge which is used in managing risk. Applying the two factors to specific staff members allows management to identify those staff whose skills are critical in risk management and who have a high probability of leaving the organisation, thereby facilitating a focus on the management of knowledge risks relating to those individuals. Knowledge risk is viewed as an unpredictable risk (Handley-Schachler and Navare 2010), as a result of the influence of human cognitive and behavioural factors. This means that substantial improvements in knowledge risk management can be achieved by measures which increase predictability. Massingham’s model is of considerable relevance here, as the element of tacitness creates an extra source of

190

M. Handley-Schachler

predictability. It is not a case of not knowing what the organisation does not know but of individuals in senior management not necessarily knowing what other senior managers and executives know and need to know in order to manage risk. This makes the prediction of attrition risk especially problematic. Prediction in this area must focus on the human factor because knowledge is subjective in nature and can only be developed and retained through the training and management of employees and by arrangements to access the knowledge held by partner organisations or consultants. In addition to the acquired skills discussed by Massingham (2010), Jafari et al. (2011) and Mabrouki et al. (2014), these human factors encompass cognitive failings (Martin 1983; Wallace and Chen 2005), including failings of memory, attention and motor responses. Cognitive failings may include memory lapses in relation to tasks to be performed but could also include memory variances, where an individual specifically misremembers a proper procedure or item of knowledge and therefore applies an incorrect procedure. However, the same effect could be produced by miseducation or misunderstandings and cognitive biases in the learning process, such as a bias towards false recognitions of unfamiliar events or cases or a bias towards failure to recognise familiar ones (Kantner and Lindsay 2012). These positive or negative recognition biases could cause some individuals to fail to act on early warning signs of developing events or to respond in an overly risk-averse or even damaging way to misconstrued signals which do not relate to the risks with which the individual is associating them. When relying on general learning and news reports independent of focused learning, individuals may make highly inaccurate judgements about the relative frequency of events, including fatal events (Lichtenstein et al. 1978), which, in a risk management function, could lead to the diversion of resources towards risks with lower frequency. At the same time, the illusion of control (Langer 1975; Kool et al. 2013; Yarritu et al. 2014) may lead to the diversion of resources to risks which are not controllable by the individual, department or organisation using those resources. In respect to predictability but with the limitations imposed by the ability to predict individual cognitive factors, bow-tie analysis (Mokhtari et al. 2011; Khakzad et al. 2012) may be used to increase the modellability and therefore the predictability of risks. In bow-tie analysis, a critical event is analysed in relation to its causes, using a fault tree analysis, and its potential effects, using an event tree analysis. The fault tree analysis may use weighted risk factors, which may be further refined by the use of fuzzy numbers (Mokhtari et al. 2011), to provide ranges of real probabilities and effects in the absence of full information. This technique may also be used to model potential effects in the case of very complex event trees, as in the case of the release of invasive species from ballast tanks discussed below, where the variables may be so numerous and interrelated that predictions of the severity of outcomes may become inherently unreliable. The fault tree analysis may also be modelled using the concepts of inherent risk and control risk, with the inherent risk being the probability of a causal factor arising beyond the control of port management and control risk being the probability that port management will fail to contain the risk. Inherent risks directly related to the

Port Knowledge Risk Management

191

location of control. High inherent risks mean that the location of control is external to port management. Bow-tie analysis requires the analysis of the probability of specific effects in the event of a specific cause (the critical event) arising. This process can be assisted by the use of experts and Bayesian Belief Networks (Cárdenas et al. 2014). However, in applying bow-tie analysis to knowledge risks themselves, the assessment of control risks is made more difficult by tacit knowledge (Massingham 2010), which means that port management may not have a full inventory of knowledge and skills and are therefore not in a position to assess attrition risks and their consequences. Therefore, the critical event—the loss of a specific item of tacit knowledge—may not be identified and assessed. However, both sides of bow-tie analysis require specific knowledge in their development, and therefore, the steps in bow-tie analysis may be considered, in relation to methods of modelling the fault tree and event tree and the knowledge and skills required.

3

Quantitative Analysis Methods for Knowledge Risk: Fault Tree

In bow-tie analysis, both inherent risk and control risk must be considered on the fault tree side, as both inherent and control risk contributes to the risk of a critical event occurring. A critical event must have a critical magnitude, even if it is a discrete event, such as a death in service. In the case of a discrete event, which either happens or does not happen, the critical magnitude may be viewed as 1 and any mitigation must reduce the magnitude to 0. Inherent risk can, therefore, be analysed in relation to the potential magnitude of a threat. For example, the risk of toxic emissions must be modelled not only in relation to the probability of an emission threat of a given quantity but also in relation to the function of probability against emissions quantity. In the absence of internal controls, the frequency and degree of effects of an event will be negatively correlated even for events of the same nature. The inherent risk of an event may be represented as Ri ¼ f ðqÞ;

ð1Þ

where Ri is the inherent risk of an event with a specific minimum magnitude occurring in the absence of internal controls (e.g. the inherent risk of damage to a harbour facility requiring closure of at least 10 days for repair and inspection), q is the specific minimum magnitude (in this case 10 days), q  0 and f(q) is a function of the minimum magnitude q. Because q is a specific minimum magnitude, it is always the case that

192

M. Handley-Schachler

dRi 0 dq

ð2Þ

for all values of q (i.e. the probability of damage requiring closure of at least 11 days cannot be more than the probability of damage requiring closure of at least 10 days). Because control risk must be a probability between 0 and 1, Ri is always within the limits 0  Ri  1. However, where q = 0, Ri must always be 1 and there are in many cases physical limits to the magnitude of potential events so that for all values of q greater than the limit, Ri must equal 0. For example, in a simple model with no limit to the potential magnitude of events, the function might be described by Ri ¼

1 ð 1 þ qÞ a

ð3Þ

where a is a constant and a  0. In the special case, where a = 0, the event is unavoidable without internal controls. In this simple case, where a > 0, dRi ¼ aqða1Þ dq

ð4Þ

dRi ¼0 dq

ð5Þ

for all values of q (and

where a = 0). The control risk, which includes knowledge risk, must likewise be analysed further in relation to the probability of partial containment, meaning that the critical event is not altogether prevented but is mitigated to some extent. In this case, there is a further determinant of the level of risk, namely the proportion of the critical event which is not prevented by internal controls. Therefore, the control risk function may be described as represented as Rc = f(u), where Rc is the control risk, u is a specific minimum proportion of the event which is not prevented by internal controls and u  0 and 0  Rc  1. For example, in the case of a fire which might have caused a closure of 10 days at a facility, a minimum proportion u = 0.3 means that even after the intervention of controls, such as the operations of a fire response unit, there is a closure of at least three days. In many cases, u  1. However, u may exceed 1 where there is a risk that the effects of controls may actually aggravate the damage caused. This would be the case, for example, where the use of improper firefighting equipment resulted in personal injury in addition to the damage caused by the fire. Classic examples of controls aggravating events subject to inherent risk include the Tenerife airport runway collision of 1977, where dangers caused by runway conditions resulting in

Port Knowledge Risk Management

193

potential risks to smaller aircraft were aggravated by the diversion of two large 747 aircraft from Las Palmas as part of the management of a terrorist bombing risk (Rudolph and Repenning 2002). A further example is the fatal Apollo 1 fire in January 1967, in which an initially small fire was aggravated by the use of a pure oxygen internal atmosphere in the capsule to simplify life support systems and reduce the risk of anoxia (Emmanuelli 2014). In the case of key port risks such as the release of toxic emissions or invasive species into coastal waters, however, it is unlikely that present technologies will cause attempted remedies to aggravate the damage caused. It is, therefore, permissible to focus on cases where u  1, that is, wherein the worst-case controls will simply fail to reduce the scale of a critical event. Where u = 0, Rc ¼ 1

ð6Þ

dRc 0 du

ð7Þ

and

for all values of u > 0, in other words, the lower the required level of a release of toxic material or invasive species after the operation of controls, the greater the control risk that controls will not reduce the volume released to that level. It may also be assumed that the shape of the function Rc = f(u) is influenced by c q. For events of smaller magnitude, dR du may be very close to 0 as these events are likely to be prevented in their entirety or not prevented at all. For events of greater magnitude, however, there may be a very high probability of controls mitigating but c not entirely preventing the event, so that dR du is strongly negative. Hence, the variables in f(u) may be functions of q. In the case of release of invasive species, however, the critical amount may be very small, resulting in a very low required value for u and very high risk if intensive controls are not in place. Again, in a simple case with no limit to the potential magnitude of events, the function Rc = f(u) might be described by Rc ¼

1 ð1 þ uÞb

ð8Þ

where b is a constant and b  0. In the special case, where b = 0, the event can be neither prevented nor mitigated by internal controls. In this simple case, where b > 0, dRc ¼ buðb1Þ du

ð9Þ

194

M. Handley-Schachler

for all values of u (and dRc ¼0 du

ð10Þ

where b = 0). In the case, where the extent of likely mitigation is sensitive to the magnitude of the unmitigated event, db 6¼ 0 dq

ð11Þ

and, where the extent of likely mitigation is greater for events of greater magnitude, db [ 0: dq

ð12Þ

For example, a simplified function may be b¼

q k

ð13Þ

so that db 1 ¼ ; dq k

ð14Þ

where k is a constant and k > 0. Putting these equations together, in this case Rc ¼

1

q

ð 1 þ uÞ k

;

ð15Þ

dRc  lnðu þ 1Þ ¼ q ; dq k ð u þ 1Þ k Ri R c ¼

1 a

ð16Þ

q

ð 1 þ qÞ ð 1 þ uÞ k

ð17Þ

and dðRi Rc Þ ðq þ 1Þða1Þ ðlnðu þ 1Þðq þ 1Þ þ akÞ ¼ : q dq k ð u þ 1Þ k

ð18Þ

Port Knowledge Risk Management

195

Vulnerability is a function of both inherent and control risk. Controls can reduce the probability of an event happening and may also mitigate it to the extent that its impact does not reach a critical level. On the causal side of bow-tie analysis, the fault tree, it is essential to consider the role that knowledge of risks and knowledge of methods of reducing and mitigating risks can play in reducing the probability of critical events happening. In the case of the port-related risk of import of invasive species through shipping, for example, the quantity of the release may be susceptible to reductions through the application of known technology which requires little adaptation to local geography and access to which can be managed (Barry et al. 2008; Yang et al. 2015; Bouda et al. 2016; Olenin et al. 2016; Aliff et al. 2018). The probability of the prevalence of an invasive species reaching a given level will be in part dependent upon the quantity surviving the initial discharge among other factors. Therefore, the risk of the attrition of knowledge of control procedures will be a control risk in relation to the event itself. This risk can be reduced through recruitment, training and succession planning. As described below, however, the risk in relation to the loss of skills in modelling and managing a release of non-native species which has already occurred may be both more difficult to manage and more difficult to assess. The critical event in relation to knowledge risk is the loss of knowledge itself. In order to build the fault tree in relation to knowledge, it is therefore essential for the port organisation to create an inventory of the skills and knowledge used in operations, including documenting tacit knowledge and any activities involving learned manual dexterity or sensory abilities. It is then further necessary to analyse the events which could cause the attrition of that knowledge, including lack of skill retention through practice and continuous professional development, loss of skilled labour as a result of poor industrial relations or labour market conditions and poor succession planning. It is also essential to document emerging knowledge needs which can lead to emerging position risks. Each item of knowledge or skill identified will then be susceptible to the development of its own fault tree, assessing and quantifying the risk that the knowledge will not be available as needed to manage substantive risks.

4

Quantitative Analysis Methods for Knowledge Risk: Event Tree

These factors lie on the fault tree side of bow-tie analysis because the critical event is the occurrence of an event of magnitude q with mitigation of (1 − u). In order to provide a complete assessment of inherent and control risk, however, it is necessary to look at the event tree side. The event tree deals with the potential consequences of risks and is therefore essential to the calculation of potential damage. To provide an analysis of the risk of events with consequences of a specific magnitude, the event tree for each critical event must be mapped out to calculate the probabilities of each subsequent potential chain of events which would result in that magnitude of

196

M. Handley-Schachler

consequences. These probabilities must then be analysed in combination with arrive at an overall probability. The precise calculations will depend on whether different chains of events are mutually exclusive and therefore mutually limiting. Figure 3 provides a simplified event tree analysis to determine the probability of a 10-day closure of facilities. Subsequent to a critical event, two possible event chains unfold. The overall probabilities for the events at this level must add up to 100%, so that the event tree is complete. In this case, the critical event might be a malfunction in a critical system. Chain 1, with a probability of 60%, commences if the faulty system continues to operate, while Chain 2, with the residual probability of 40%, commences if it is disabled. The probabilities of the sub-chains leading from each main chain must then also add up to 100%. In the case of Chain 1, the continued operation of the malfunctioning system may have a 60% chance of causing specific damage to each of two essential infrastructure assets which cannot be repaired simultaneously, one requiring five days and the other seven days to repair. This creates a probability of 36% of a 12-day closure of the facility conditional on the 60% probability of the system has continued to operate and therefore an overall probability of 21.6% of closure of 10 days or more. If no damage results from the malfunction, the system will be reinstalled, requiring a 4-day closure. However, in this case, the reinstallation can be carried out in parallel to any repairs so that the 4-day closure is not compatible with—and in no circumstances to be added to—the other potential closure periods. In Chain 2a, the cessation of the system’s operation has an 80% chance of allowing extensive damage requiring a 190-day closure for repairs, while there is a 20% that closure will only be required for 4 days while the disabled system is reinstalled. Again, in this case, the reinstallation can be carried out in parallel to any other repairs and does not extend the

Chain 1 (Exclusive of Chain 2) Probability 60%

Critical Event

Chain 2 (Exclusive of Chain 1) Probability 40%

Chain 1a (Compatible with Chain 1b) Probability 60%

5-day closure

Chain 1b (Compatible with Chain 1a) Probability 60%

7-day closure

Chain 1c (Exclusive of Chains 1a and 1b) Probability 16%

4-day closure

Chain 2a (Exclusive of Chain 2b) Probability 20%

190-day closure

Chain 2b (Exclusive of Chain 2a) Probability 80%

4-day closure

Fig. 3 Event tree analysis for the closure of port operations

Port Knowledge Risk Management

197

190-day closure. If Chain 2 commences, there is, therefore, a 20% chance of closure of 10 days or more. The overall probability of Chain 2 commencing and causing closure of 10 days or more is therefore 8%. Added to the probability of this length of closure on Chain 1, there is an overall probability of 29.6% of closure of 10 days or more if the system malfunctions (the critical event). Port management is responsible for managing public health and economic risks relating to water quality which are vulnerable to knowledge risks in relation to chemical and biological knowledge and knowledge of water treatment in coastal areas (Ondiviela et al. 2012). In addition, the knowledge vulnerability extends to a knowledge of local geography and ecosystems (Gómez et al. 2015), which may not be available outside the organisation. Although the risk may be reduced by the probability that individuals’ local knowledge is not readily transferable to other sites, the need for local knowledge still creates a need for clear succession planning to ensure that knowledge is not lost when individuals leave the organisation. The risks extend to variations in water quality occasioned by specific events or stressors (Valdor et al. 2016a, b) such as chemical spills, which may vary in frequency and severity and are sometimes externally controlled, although Gómez et al. (2015) found that most stressors are under the control of port management because they originate either from the port’s own operations or from users of port facilities. Stressors relating to discharge of contaminants have been shown to be susceptible to accurate modelling (Grifoll et al. 2011; Valdor et al. 2016a, b) but this, too, creates a knowledge risk in relation to relevant hydrodynamic models and their local application. However, the calculation of the probability of the consequences reaching a specified magnitude may be more difficult, especially where risks have a low degree of predictability on the event tree side. This is the case, for example, with the risk of import of invasive species (Williamson 2006; Aliff et al. 2018). Modelling (Reusser et al. 2013; Sieracki et al. 2014) is dependent on local and species-specific knowledge, such as that required to estimate population growth rates and the distance of dispersal of seeds (Clark et al. 2001a, b) as well as general models (van den Bosch et al. 1992; Clark et al. 2001a, b; Sikder et al. 2006) which use these parameters. The event tree for the discharge of an invasive species from the ballast tanks of marine vessels in the harbour may, therefore, in this case, be better represented with the commencement of dispersal of the invasive species with a specified number of organisms of that species dispersed as the critical event. The possible environmental conditions following the dispersal may then be used as the branches of the event tree, with each set of environmental conditions giving rise to a probability of a specified level of prevalence of the species, which is assessed as causing intolerable damage to native species populations, for each set of environmental conditions, as shown in Fig. 4. The branches of the event tree will, however, need to be divided into further branches and sub-branches, with each stage of subdivision representing a different environmental variable. For example, one stage might represent maximum temperature, the next minimum temperature, the third prevalence of a specific predator

198

M. Handley-Schachler

Chain 1a (Incompatible with Chain 1b) Probability x%

Prevalence ≥ n' living organisms in a range of y square kilometres within 10 years Probability y% based on probit analysis with independent variables based on Chain 1a Prevalence < n' living organisms in a range of y square kilometres after 10 years Probability (100 - y)%

Critical Event (Discharge of an Invasive Species from Marine Transports in Harbour with a volume of n living organisms)

Chain 1b (Incompatible with Chain 1a) Probability (100 - x)%

Prevalence ≥ n' living organisms in a range of y square kilometres within 10 years Probability z% based on probit analysis with independent variables based on Chain 1b Prevalence < n' living organisms in a range of y square kilometres after 10 years Probability (100 - z)%

Fig. 4 Outline of event tree analysis for the discharge of an invasive species

which will limit the expansion of the invasive species population. A part of the event tree may, therefore, be as shown in Fig. 5, which details part of the development of the event tree. The first stage of the event tree covers ranges of maximum temperatures. For each range of maximum temperatures, there is then a separate range of minimum temperatures dependent on the maximum temperature. In the next stage, for each combined range of maximum and minimum temperatures (Maceida-Veiga et al. 2013), there are further branches representing different levels of prevalence of a specific predator species. Further stages, with further branches, will be required for other variables, such as levels of other predators (Liversage et al. 2017), salinity and pH values (Maceida-Veiga et al. 2013), and current direction and velocity (Gagnon et al. 2015). However, this poses a significant knowledge risk, as both knowledge of specific species and knowledge of local geography are required for modelling of the event tree. Even though this local knowledge may be well documented, thereby avoiding the risk posed by tacitness, it is likely to be highly complex. This creates a considerable attrition risk when highly knowledgeable staff retire from service, therefore requiring proactive succession planning. Knowledge of specific species, however, may need to be accessed from outside the organisation, creating a need to manage a position risk in addition to the attrition risk arising from the need for local geographical knowledge.

Port Knowledge Risk Management

199 Predator Species Prevalence Level - High Probability d%

Chain 1a (Incompatible with Chains 1b and 1c) Maximum Surface Water Temperature Range Probability a%

Critical Event (Discharge of an Invasive Species from Marine Transports in Harbour with a volume of n living organisms)

Chain 1b (Incompatible with Chains 1a and 1c) Maximum Surface Water Temperature Range Probability b%

Chain 1aa (Incompatible with Chain 1ab) Minimum Surface Water Temperature Range Probability c%

Predator Species Prevalence Level Medium Probability e% Predator Species Prevalence Level - Low Probability (100 - d - e)%

Chain 1ab (Incompatible with Chain 1aa) Minimum Surface Water Temperature Range Probability (100 - c)%

Chain 1c (Incompatible with Chains 1a and 1b) Maximum Surface Water Temperature Range Probability (100 - a - b)%

Fig. 5 Detail of event tree analysis for discharge of an invasive species

The event tree, here, however, is for a specific level of discharge. It is therefore essential that the event tree must be capable of being subjected to sensitivity analysis in the critical event itself—with volumes, seasons and times of day being capable of being amended into the initial event to permit more accurate predictions of the probability of catastrophic outcomes for specific events, which in turn each have their own fault trees. The event tree also includes both inherent and control risks. Once the event has occurred the response to the event forms part of the internal control system. However, some of the factors which condition the final outcome are inherent risks, including weather risks and the behaviour of external people and organisations. The use of experience and past evidence may be used in modelling the probabilities in the event tree (Alyami et al. 2016). This in turn is required to target resources on the prevention of those critical events which have the most severe expected outcomes. Hence, knowledge management is required in order to ensure a full understanding of the event tree as well as managing the fault tree. The modellability of the consequences of shipping accidents (van Dorp et al. 2001; Merrick and van Dorp 2006; Zhang et al. 2016) also creates a knowledge risk in relation to local knowledge. Merrick et al. (2005) divide difficulties in predicting the incidence and consequences of critical events into aleatory uncertainty, which is

200

M. Handley-Schachler

the inherent unpredictability of the events and outcomes, and epistemic uncertainty, which relates to the availability of experience, models and expertise to predict events and outcomes while taking levels of aleatory uncertainty into account. For new or expanding operations, as in the example given by Merrick et al. (2005), epistemic uncertainty is subject to inherent risk, as there is no opportunity to use local experience in building knowledge. However, for mature operations, epistemic uncertainty relating to both the fault tree and the event tree becomes a matter of control risk, as it becomes possible to develop relevant knowledge in relation to local economics and geography (Guedes Soares and Teixeira 2001; Zhang et al. 2016) and in relation to the nature, size, design and crewing of vessels involved in local shipping (Guedes Soares and Teixeira 2001). In the case of knowledge risks, the event tree is potentially part of either the fault tree or the event tree for other risks. Knowledge risk is of itself an element of control risk and the loss of knowledge leads to a loss of the ability to control operations in order to prevent critical events (fault tree) or to mitigate their effects (event tree). In the case of chemical spills and the introduction of alien species, the knowledge available is unlikely to be tacit knowledge but it may be very complex and highly specialised to a geographical location. The potential effects of losing that knowledge may be particularly apparent in the event tree, not only in making critical events more difficult to mitigate but also in making the modelling of the event tree itself far more difficult.

5

Steps in Knowledge Risk Management

Knowledge risk management addresses a control risk which requires attention to a variety of sources of knowledge risk, both position risk and attrition risk (International Atomic Energy Agency 2006; Jafari et al. 2011), with an assessment of both complexity and tacitness of required knowledge (Massingham 2010). A low position risk can be developed over time by staff recruitment and training. However, it can also be developed by attention to the learnability of procedures (Kaiser et al. 2013). There are four key steps in knowledge risk management: firstly, the creation of a knowledge inventory; secondly, the simplification of procedures where possible, to improve learnability of the knowledge; thirdly, succession planning to ensure that key knowledge is not lost when key individuals leave the organisation; and fourthly, the prediction of future knowledge needs. In port risk management, it is essential to create an inventory of existing risk-related knowledge. This requires the nature of knowledge and the subject matter to which the knowledge relates to being fully documented, thereby reducing the risk of tacitness in risk knowledge, which is essentially a control risk. Further documenting the knowledge itself, beyond the subject matter to which it relates, allows this risk to be reduced further. The documentation of the subject matter of risk knowledge can also draw attention to areas of position risk, where there is a

Port Knowledge Risk Management

201

need for knowledge or where some knowledge exists but there are known gaps in the knowledge. The documentation and sharing of risk management knowledge may also help to tackle a further element of position risk relating to tacit knowledge. Tacit knowledge may be unexamined knowledge, which may become a barrier both to research and to the correction of faulty understandings of risk by individuals, where individuals may repeat behaviours which they acquired through the unexamined experience without inquiry or public testing (Argyris 1982). Furthermore, the fact that genuine critical tacit knowledge makes its possessors indispensable to the organisation may of itself lead to that knowledge being kept a secret from others within the organisation. A process of knowledge sharing (Zipperer and Amori 2011) may not only spread best practice but also counter the effects of false confidence among managers and operational staff. Knowledge risk management also requires the simplification of existing knowledge and skills to enhance learnability. Position risk in knowledge management can be managed over time by the development of risk learning, which can be ameliorated by attention to learning methods which improve recall and proper application. This can also reduce attrition risk by enabling a larger number of individuals within the organisation to share in the knowledge from a starting point of their existing skills. This requires some simplification of knowledge and the development of knowledge into forms which can be easily learnt, recalled and applied. The cognitive psychology of learning methods which encourage recall has been explored by Dunlosky et al. (2013) in the context of performance on written or spoken tasks, such as recall, problem-solving and argument development. Attention to Kolb’s (2014) learning styles and learning cycle may also help senior management to understand how personnel may be enabled to develop and learn beneficial risk management procedures through experience or the application of ideas. The value of experiential learning is, however, problematic in risk management. While hardships and novelty may be valuable learning experiences for the identification, assessment and control of future risks, they will also provide evidence of prior risk management failures. However, there are also inherent risks in port knowledge risk management deriving from the complexity and the speciality of the knowledge required. Speciality arises from the unique local geography and ecosystem, which reduces the transferability of knowledge acquired elsewhere. This increases attrition risk, as local experts, with a knowledge of the physical features, climate, ocean currents and local fauna and flora cannot be easily replaced. There are always limits to the reduction of complexity, beyond which the simplified knowledge will not be adequate for the management of existing risks. This means that there is a level of irreducible complexity which constitutes an inherent risk to be managed at all times. This inherent risk must be reduced by good knowledge management systems which include succession planning (Marbury and Mayer 2013; Titzer et al. 2013), to ensure that local knowledge is preserved if key individuals leave the organisation. The management of succession planning is, of course, complicated by the fact that a lack of transferability of local knowledge creates an incentive for individuals

202

M. Handley-Schachler

who possess that knowledge to safeguard their existing employment by refusing to share it with potential successors and this means that incentives must be introduced for knowledge sharing and participation in the education of new staff members. Knowledge risk management should address attrition risk through staff retention and succession planning. The retention of staff who possess a knowledge of sources of risks and a knowledge of how to protect against the effects of risk is vital to risk reduction. Likewise, planning for the replacement of crucial staff, including the development of new risk managers, needs to be in place in order to ensure that skills are not lost when an individual leaves. The improvement of risk management systems, however, may require further research beyond existing knowledge, whether tacit or explicit, especially in the case of emerging risks or risks arising from modifications to systems or harbour structures, as demonstrated by the wave overtopping events at harbours in Valencia in 2007 and Punto Langosteira in 2010 described by Alises et al. (2014). These events were not prevented in part because of design weaknesses caused by imperfect knowledge and imperfect modelling. Research in weather trends may also improve the ability to reduce the impact of hazards such as crane inoperability and accidents caused by high winds or visibility problems, slipping hazards and cargo damage caused by concentrated rainfall (Athanasatos et al. 2014). Resourcing of risk research may, however, be constrained by organisational size. Vilko et al. (2016) found that smaller commercial organisations may rely on intuition, thereby creating a further knowledge risk management problem for their business partners.

6

Conclusion

Knowledge risk has both an inherent risk element, arising from the complexity and specialisation of knowledge and a control risk element arising from avoidable tacitness and poor training and succession planning. In port risk management, there are numerous areas, including the assessment and management of risks relating to the spread of invasive species released from marine vessels’ ballast tanks where complexity and specialisation are unavoidable. Specialisation arises in particular on the event tree side of bow-tie analysis, where local knowledge of physical geography and ecosystems is required in modelling and controlling the spread of non-native species. Knowledge risk management in port operations must be focused on areas with high inherent risks where internal controls have the potential to reduce the incidence and severity of adverse events. This means identifying those areas where appropriate staff selection, education and training can reduce adverse outcomes. The management of risk-relevant knowledge can be improved by ensuring that there is an up-to-date knowledge inventory, to reduce the risk of tacitness in essential knowledge and then by taking steps to identify a simplified knowledge base and to develop simplified procedures which are more readily learnable, on order to increase the number of available personnel, within and outside the

Port Knowledge Risk Management

203

organisation, who are capable of learning the relevant knowledge and procedures, thereby reducing attrition risk in knowledge management. There is also a need to ensure proper training, management of staff retention and succession planning, to ensure the continuity of local knowledge with respect to geographical, environmental and ecological conditions which affect the event tree in relation to the release of non-native species or other critical events in port. Finally, continuous research is required to increase knowledge of existing and emerging risks, whether these risks are of an ecological, operational or economic nature. This research must be directed towards local conditions as well as towards the extension of transferable knowledge which is of relevance to port operations more generally. Research can improve both the development of controls to prevent or to limit the effects of critical events and the development of models to predict the incidence and range of probable outcomes of events.

References Alhawari, S., Karadsheh, L., Talet, A. N., & Mansour, E. (2012). Knowledge-based risk management framework for information technology project. International Journal of Information Management, 32(1), 50–65. Aliff, M. N., Reavie, E. D., TenEyck, M. C., Branstrator, D. K., Schwerdt, T., Cangelosi, A. A., et al. (2018). Evaluation of a method for ballast water risk-release assessment using a protest surrogate. Hydrobiologia, 817(1), 11–22. Alises, A., Molina, R., Gómez, R., Pery, P., & Castillo, C. (2014). Overtopping hazards to port activities: Application of a new methodology to risk management (port risk management tool). Reliability Engineering and System Safety, 123, 8–20. Alyami, H., Yang, Z., Riahi, R., Bonsall, S., & Wang, J. (2016). Advanced uncertainty modelling for container port risk analysis. Accident Analysis and Prevention, 123, 411–421. Argyris, C. (1982). The executive mind and double-loop learning. Organizational Dynamics, 11(2), 5–22. Asencio, L. M., González-Ramírez, R. G., Bearzotti, L. A., Smith, N. R., & Camacho-Vallejo, J. F. (2014). A collaborative supply chain management system for a maritime port logistics chain. Journal of Applied Research and Technology, 12, 444–458. Athanasatos, S., Michaelides, S., & Papadakis, M. (2014). Identification of weather trends for use as a component of risk management for port operations. Natural Hazards, 72, 41–61. Barry, S. C., Hayes, K. R., Hewitt, C. L., Behrens, H. L., Dragsund, E., & Bakke, S. M. (2008). Ballast water risk assessment: Principles, processes, and methods. ICES Journal of Marine Science, 65, 121–131. Bouda, A., Bachari, N. E. I., Bahmed, L., & Boubenia, R. (2016). Design of a risk assessment methodology for the introduction of invasive species from ship ballast waters: The case of Arzew port. Management of Environmental Quality, 27(5), 474–490. Brooks, D. J. (2011). Security risk management: A psychometric map of expert knowledge structure. Risk Management, 13(1/2), 17–41. Caldwell, F. (2008). Risk intelligence: Applying KM to information risk management. VINE: The Journal of Information and Knowledge Management Systems, 38(2), 163–166. Cárdenas, I. C., Al-Jibouri, S. S. H., Halman, J. I. M., van de Linde, W., & Kaalberg, F. (2014). Using prior risk-related knowledge to support risk management decisions: Lessons learnt from a tunneling project. Risk Analysis, 34(10), 1923–1943. Centre for Economic and Business Research. (2017). The economic contribution of the UK ports industry: A report for Maritime UK. London: Centre for Economic and Business Research.

204

M. Handley-Schachler

Clark, J., Horváth, L., & Lewis, M. (2001a). On the estimation of spread rate for a biological population. Statistics and Probability Letters, 51(3), 225–234. Clark, J., Lewis, M., & Horváth, L. (2001b). Invasion by extremes: Population spread with variation in dispersal and reproduction. American Naturalist, 157(5), 537–554. Dunlosky, J., Rawson, K. A., Marsh, E. J., Nathan, M. J., & Willingham, D. T. (2013). Improving students’ learning with effective learning techniques: Promising directions from cognitive and educational psychology. Psychological Science in the Public Interest, 14(1), 4–58. Durst, S., & Henschel, T. (2015). Knowledge risk management in SMEs: Opportunities and challenges. In International Council for Small Business 60th World Conference Proceedings, International Council for Small Business (pp. 1–5). Washington, Dubai: United Arab Emirates University, June 6–9, 2015. Emmanuelli, M. (2014). The apollo 1 fire. Space safety magazine. http://www.spacesafetymagazine. com/space-disasters/apollo-1-fire/. Accessed April 4, 2019. Gagnon, K., McKindsey, C. W., & Johnson, L. E. (2015). Roles of dispersal mode, recipient environment and disturbance in the secondary spread of the invasive seaweed codium fragile. Biological Invasions, 17(4), 1123–1136. Gómez, A. G., Ondiviela, B., Puente, A., & Juanes, J. A. (2015). Environmental risk assessment of water quality in harbor areas: A new methodology applied to European ports. Journal of Environmental Management, 155, 77–88. Goodwin, A. P. (2016). The economic value of shipping and maritime activity in Europe. Oxford: Oxford Economics. https://www.oecd.org/sti/ind/Session%201_c%20-%20Andrew% 20Goodwin%20-%20Presentation%20for%20Website.pdf. Accessed April 4, 2019. Grifoll, M., Jordà, G., Espino, M., Romo, J., & García-Sotillo, M. (2011). A management system for accidental water pollution risk in a harbour: The Barcelona case study. Journal of Marine Systems, 88, 60–73. Guedes Soares, C., & Teixeira, Â. P. (2001). Risk assessment in maritime transportation. Reliability Engineering and System Safety, 74, 299–309. Handley-Schachler, M., & Navare, J. (2010). Port risk management and public private partnerships: Factors relating to risk allocation and risk sustainability. World Review of Intermodal Transportation Research, 3(1/2), 150–166. Harmon-Jones, E., Harmon-Jones, C., & Levy, N. (2015). An action-based model of cognitive-dissonance processes. Current Directions in Psychological Science, 24(3), 184–189. International Atomic Energy Agency. (2006). Risk management of knowledge loss in nuclear industry organizations. Vienna: International Atomic Energy Agency. https://www-pub.iaea. org/MTCD/Publications/PDF/Pub1248_web.pdf. Accessed April 4, 2019. Jafari, M., Rezaeenour, J., Mazdeh, M. M., & Hooshmandi, A. (2011). Development and evaluation of a knowledge risk management model for project-based organizations. Management Decision, 49(3), 309–329. Kaiser, I. M., Bezerra, B. S., & Castro, L. I. S. (2013). Is the environmental policies procedures a barrier to development of inland navigation and port management? A case of study in Brazil. Transportation Research Part A: Policy and Practice, 47, 78–86. Kantner, J., & Lindsay, D. S. (2012). Response bias in recognition memory as a cognitive trait. Memory and Cognition, 40(8), 1163–1177. Khakzad, N., Khan, F., & Amyotte, P. (2012). Dynamic risk analysis using bow-tie approach. Reliability Engineering and System Safety, 104, 36–44. Kolb, D. A. (2014). Experiential learning: Experience as the source of learning and development (2nd ed.). Upper Saddle River: Pearson. Kool, W., Getz, S. J., & Botvinick, M. M. (2013). Neural representation of reward probability: Evidence from the illusion of control. Journal of Cognitive Neuroscience, 25(6), 852–861. Kwesi-Buor, J., Menachof, D. A., & Talas, R. (2016). Scenario analysis and disaster preparedness for port and maritime logistics risk management. Accident Analysis and Prevention, 123, 433–447.

Port Knowledge Risk Management

205

Langer, E. J. (1975). The illusion of control. Journal of Personality and Social Psychology, 32, 311–328. Lichtenstein, S., Slovic, P., Fischhoff, B., Layman, M., & Combs, B. (1978). Judged frequency of lethal events. Journal of Experimental Psychology: Human Learning and Memory, 4(6), 551–578. Liversage, K., Nurkse, K., Kotta, J., & Järv, L. (2017). Environmental heterogeneity associated with European perch (perca fluviatilis) predation on invasive round goby (neogobius melanostomus). Marine Environmental Research, 132, 132–139. Loh, H. S., & Thai, V. V. (2015). Cost consequences of a port-related supply chain disruption. Asian Journal of Shipping and Logistics, 31(3), 319–340. Mabrouki, C., Bentaleb, F., & Mousrij, A. (2014). A decision support methodology for risk management within a port terminal. Safety Science, 63, 124–132. Maceida-Veiga, A. D., Sostoa, A., & Sánchez-Espada, S. (2013). Factors affecting the establishment of the invasive crayfish procambarus clarkii (crustacea, decapoda) in the Mediterranean rivers of the northeastern Iberian peninsula. Hydrobiologia, 703(1), 33–45. Marbury, R., & Mayer, R. (2013). Connecting the dots among people, budgets, and missions. Public Manager, 42(1), 58–60. Martin, M. (1983). Cognitive failure: Everyday and laboratory performance. Bulletin of the Psychonomic Society, 21, 97–100. Massingham, P. (2010). Knowledge risk management: A framework. Journal of Knowledge Management, 14(3), 464–485. Merrick, J. R. W., & van Dorp, J. R. (2006). Speaking the truth in maritime risk assessment. Risk Analysis, 26(1), 223–237. Merrick, J. R. W., van Dorp, J. R., & Dinesh, V. (2005). Assessing uncertainty in simulation-based maritime risk assessment. Risk Analysis, 25(3), 731–743. Messier, W. F., Jr., & Austen, L. A. (2000). Inherent risk and control risk assessments: Evidence on the effect of pervasive and specific risk factors. Auditing, 19(2), 119–131. Mokhtari, K., Ren, J., Roberts, C., & Wang, J. (2011). Application of a generic bow-tie based risk analysis framework on risk management of sea ports and offshore terminals. Journal of Hazardous Materials, 192, 465–475. Olenin, S., Ojaveer, H., Minchin, D., & Boelens, R. (2016). Assessing exemptions under the ballast water management convention: Preclude the Trojan horse. Marine Pollution Bulletin, 103, 84–92. Ondiviela, B., Juanes, J. A., Gómez, A. G., Sámano, M. L., & Revilla, J. A. (2012). Methodological procedure for water quality management in port areas at the EU level. Ecological Indicators, 13(1), 117–128. Project Management Institute. (2004). PMBOK® guide (3rd ed.). Philadelphia: Project Management Institute. Reusser, D. A., Lee, H., Frazier, M., Ruiz, G. M., Fonofoff, P. W., Minton, M. S., et al. (2013). Per capita invasion probabilities: An empirical model to predict rates of invasion via ballast water. Ecological Applications, 23(2), 321–330. Rudolph, J. W., & Repenning, N. P. (2002). Disaster dynamics: Understanding the role of quantity in organizational collapse. Administrative Science Quarterly, 47(1), 1–30. Sieracki, J. L., Bossenbroek, J. M., & Chadderton, W. L. (2014). A spatial modeling approach to predicting the secondary spread of invasive species due to ballast water discharge. PLoS ONE, 9(12), 1–24. Sikder, I. U., Mal-Sarkar, S., & Mal, T. K. (2006). Knowledge-based risk assessment under uncertainty for species invasion. Risk Analysis, 26(1), 239–252. Titzer, J., Phillips, T., Tooley, S., Hall, N., & Hirey, M. S. (2013). Nurse manager succession planning: Synthesis of the evidence. Journal of Nursing Management, 21, 971–979. Valdor, P. F., Gómez, A. G., Ondiviela, B., Puente, A., & Juanes, J. A. (2016a). Prioritization maps: The integration of environmental risks to manage water quality in harbor areas. Marine Pollution Bulletin, 111, 57–67.

206

M. Handley-Schachler

Valdor, P. F, Gómez, A. G., Velarde, V., & Puente, A. (2016b). Can a GIS toolbox assess the environmental risk of oil spills? Implementation for oil facilities in harbors. Journal of Environmental Management, 170, 105–115. van Den Bosch, F., Hengeveld, R., & Metz, J. A. J. (1992). Analysing the velocity of animal range expansion. Journal of Biogeography, 19(2), 135–150. van Dorp, J. R., Merrick, J. R. W., Harrald, J. R., Mazzuchi, T. A., & Grabowski, M. (2001). A risk management procedure for the Washington State ferries. Risk Analysis, 21(1), 127–142. Vilko, J., Ritala, P., & Hallikas, J. (2016). Risk management abilities in multimodal maritime supply chains: Visibility and control perspectives. Accident Analysis and Prevention, 123, 469–481. Wallace, J. C., & Chen, G. (2005). Development and validation of a work-specific measure of cognitive failure: Implications for occupational safety. Journal of Occupational and Organizational Psychology, 78(4), 615–632. Wicklund, R. A., & Brehm, J. W. (2004). Internalization of multiple perspectives or dissonance reduction? Theory and Psychology, 14(3), 355–371. Williamson, M. (2006). Explaining and predicting the success of invading species at different stages of invasion. Biological Invasions, 8(7), 1561–1568. Yang, Y.-C. (2011). Risk management of Taiwan’s maritime supply chain security. Safety Science, 49, 382–393. Yang, Z., Jiang, W., Zhang, Y., & Lim, T. M. (2015). Inactivation of dinoflagellate scripsiella trochoidea in synthetic ballast water by advanced oxidation processes. Environmental Technology, 36(6), 750–759. Yarritu, I., Matute, H., & Vadillo, M. A. (2014). Illusion of control: The role of personal involvement. Experimental Psychology, 61(1), 38–47. Zhang, J., Teixeira, Â. P., Guedes Soares, C., Yan, X., & Liu, K. (2016). Marine transportation risk assessment of Tianjin port with Bayesian belief networks. Risk Analysis, 36(6), 1171–1187. Zipperer, L., & Amori, G. (2011). Knowledge management: An innovative risk management strategy. Journal of Healthcare Risk Management, 30(4), 8–14.

Morrison Handley-Schachler is Lecturer in Accounting at Edinburgh Napier University Business School, where he teaches undergraduates and postgraduates in auditing, transnational financial crime and business finance, having previously lectured in Fraud and Financial Crime at Teesside University. He has published articles on financial risk management, port risk management, corporate governance, audit risk, financial statement fraud, foreign direct investment and accounting history, as well as having supervised Ph.D. students researching risk management, risk reporting and behavioural finance. He has also been active in the organization of conferences on sustainable development and international business. Prior to entering academic life, he worked as Local Government Auditor in England and Scotland with the Audit Commission and with Scott-Moncrieff. He is Fellow of the Chartered Institute of Public Finance and Accountancy and Fellow of the Higher Education Academy and has a D.Phil. in Ancient History.

Knowledge Risk Management During Implementation of Open Innovation Serdal Temel and Wim Vanhaverbeke

Abstract

Innovation becomes one of the important tools to enhance innovation management of companies and for successful innovation results knowledge management and open innovation approaches have been recommended. The knowledge is one of the key inputs for innovation and therefore the managing the knowledge is crucial. Open innovation urges companies to collaborate with external partners to obtain maximum benefit. The aim of this chapter, while explaining the importance of open innovation and the successful implementation results, is also to explain the risks that companies face in the implementation of open innovation. In this chapter, we first explain the risks companies face in different archetypes of open innovation process such as outside-in, inside-out, and coupled open innovation processes. Secondly, we recommended some precautions companies can take to minimise this risk and maximise the advantages. This chapter provides that knowledge risk is inevitable during the implementation of open innovation no matter what the size of companies. To minimise this, it is recommended to implement some tools for better manage the

S. Temel (&) Ege University, Izmir, Turkey e-mail: [email protected] W. Vanhaverbeke Surrey Business School, Guildford, UK ESADE Business School, Barcelona, Spain © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_12

207

208

S. Temel and W. Vanhaverbeke

knowledge such as knowledge map, IP, need assessment, and innovation management tools. Additionally, to increase motivation and dedication of staff and enhancing their skills via internal and external training are suggested. Keywords




Open innovation Archetypes of open innovation Risk management

1


Knowledge management


Introduction

Innovation is risky—yet companies still aim to be competitive by pursuing promising ideas and new technologies under conditions of uncertainty, increased complexity and market ambiguity. Research reveals that only a few innovations deliver successful results (such as new products and services) that make positive impacts on business performance (Porter 1990; Enkel and Heil 2014). Collaboration with external partners, such as customers, subcontractors, competitors, universities, and research centres, is proven to be one of the best approaches for innovation (Teece et al. 1997; Tidd 2001; Bamford et al. 2003; Chesbrough 2003). Various researchers emphasise the value in the innovation process of external knowledge obtained by exploiting external networks (Cohen and Levinthal 1990; George et al. 2002). Chesbrough (2003) stated that companies in the new century are more likely to be successful if they enter into collaboration with other organisations when seeking to innovate. After the introduction of open innovation by Chesbrough (2003), there have been many research results that show how this new approach is important for accelerating the innovation performance of companies. However, it is also true that open innovation brings a variety of risks during implementation. These risks have not been analysed as much as open innovation itself. One of these risks is knowledge-related risks. Knowledge is the key factor when defining the competitiveness of companies (Huggins and Izushi 2007). That is because knowledge plays an important role for companies developing new products and services that eventually contribute to their business performance. Companies, regardless of their size, are trying to either create knowledge internally and/or access it from outside to put it into practice. Since knowledge is crucial for business competitiveness, and the open innovation approach forces companies to share knowledge to maximise benefits, how is this going to work in practice? In this chapter, the authors present how companies can implement open innovation while minimising knowledge risks. In the next section, open innovation and archetypes are discussed in detail. The positive implications of open innovation are then discussed, followed by how knowledge should be managed by companies in the implementation of different open innovation archetypes. Finally, in the last section, a conclusion and discussion are presented.

Knowledge Risk Management During Implementation …

2

209

Creation of Successful Open Innovation Environments for Companies

After Open Innovation was published by Henry Chesbrough in 2003, scholars, practitioners, and policymakers have paid attention to the open innovation paradigm as an important strategy to enhance the competitiveness of companies and organisations (Chesbrough and Bogers 2014; Bogers et al. 2017). That is because open innovation is a process that involves joint learning, sharing, and mutual benefit. Learning together and sharing knowledge and skills can accelerate the internal innovation performance of companies, successfully exploit research results, and thus lead to better business performance. Open innovation seems to be one of the most effective tools for improving company competitiveness (Poot et al. 2014; Mina et al. 2014; Brunswicker and Vanhaverbeke 2015), which eventually leads to economic growth. Therefore, increasing awareness of the open innovation paradigm and ensuring good implementations of the paradigm seem crucial for better business performance. But at this stage, the responsibilities of deployment are not just on companies, but also on policymakers, and knowledge providers (such as research centres and universities). Unless this triangle works effectively, the outcomes of the innovation process may be unsuccessful.

3

Archetypes of Open Innovation

Open innovation involves different archetypes—such as outside-in, inside-out, and coupled processes. All three archetypes may not be possible or effective to implement. Thus, it is crucial to understand each archetype of open innovation, and how it is implemented. In this section, these three types of open innovation archetypes are briefly introduced.

3.1 Outside-In Process An outside-in open innovation process represents knowledge flows from external partners into the company: enhancing the innovation performance of the company and closing the knowledge gap for developing better and more competitive products (Enkel et al. 2009). Therefore, the outside-in process is expected to help companies create more revenue by transferring knowledge, know-how, and technologies that have been developed outside the company (Fig. 1). The external partners may be competitors, consumers, universities, or other organisations that have knowledge and skills needed by the company. The outside-in process applies to organisations which well-organised with their tasks, sub-units, and refers to other tools such as social media, industry fairs, and in-licensing new technologies from other company partners. The main criterion is that the transferred knowledge did not originally exist within the company and that

210

S. Temel and W. Vanhaverbeke

Fig. 1 Illustration of the outside-in process. Adapted from Temel and Durst (2018)

after the acquisition, this knowledge contributes to the company’s innovation performance. Secondly, the production of that knowledge internally must not have been feasible for the company (Laursen and Salter 2006) so that companies may need external knowledge. It is expected that outside-in type of open innovation will help companies. For example, suppliers can help improve the quality of products by suggesting better solutions or by identifying technical issues and product inconsistencies. This will help companies shorten the innovation process and increase their chances of being successful in the market (Droge et al. 2008; Boutellier and Wagner 2003). Therefore, outside-in collaboration creates a long-lasting collaboration when it is based on win-win situations between partner companies. Collaboration with knowledge providers is also one of the main activities for the outside-in open innovation process (Belderbos et al. 2004; Liefner et al. 2006; Temel et al. 2013). This collaboration can happen via contracted agreements to develop new technologies on behalf of partner companies or via licensing the technologies developed by universities or research centres. In addition, other collaborations such as participating in academic organisations, sponsoring and participating in joint seminars, and presenting academic outcomes (papers, posters, etc.) create knowledge flows from universities and research centres into companies or organisations. In general, the outside-in open innovation process is perceived as an approach that companies should use to close internal knowledge and skill gaps to develop better products and services. Although this has been proven by various studies, care should be taken with respect to the risks involved in the outside-in process.

Knowledge Risk Management During Implementation …

211

3.2 Inside-Out Process In contrast to the outside-in open innovation process, the inside-out archetype is the flow of internal knowledge to external collaborators via various channels (Chesbrough 2003; Enkel et al. 2009) (Fig. 2). The main idea behind the inside-out process is to create commercial value by licensing partners to use internally developed ideas, know-how, and IP that is not being used inside the company. Chesbrough (2003) indicated that the inside-out licensing of a company’s developed technologies to external partners is not a common practice. Gassmann and Enkel (2004) believe that companies implement an inside-out approach to transfer internal knowledge and innovation to society to create more financial resources. For instance, companies develop many different technologies and apply for patents as a result of their R&D and innovation projects, often without achieving commercial value from the patents (Nerkar and Shane 2007). In this case, an inside-out process creates additional revenue for the company by licensing those inventions. This revenue can sometimes be used to cover the cost of R&D and innovation projects or to sponsor more expensive innovation projects (e.g. Fosfuri 2006; Walter 2012). Companies that license out their technologies and inventions should be well aware of IP issues and have the capacity to manage all their intellectual property. In this case, companies may focus more on R&D and their protection of the results, which may help them achieve better market position and lead to additional financial profits. Moreover, the inside-out innovation process helps companies enhance their status in the market by licensing out, since those companies may gain technological power by patenting their inventions (Srivastava and Wang 2015).

Fig. 2 Illustrates the inside-out process. Adapted from Temel and Durst (2018)

212

S. Temel and W. Vanhaverbeke

However, the inside-out open innovation process requires different skills to be result-oriented. First of all, these types of companies should be more innovation and technology development-oriented, and for this reason, they should have better project management capacity, access to finance, and IP management skills. Without these capabilities, it is very difficult for companies to continue the inside-out innovation process, or their activities will be limited to just a few cases. Therefore, companies need to be very careful when implementing inside-out open innovation performance. Otherwise, it will be difficult to sustain their technology development and licensing-out activities, and this eventually will affect their business performance.

3.3 Coupled Process The coupled open innovation process is the joint use of inside-out and outside-in open innovation processes (Enkel et al. 2009) (Fig. 3). Companies that wish to implement the coupled innovation process do their best to fully benefit from both knowledge and technology exchanges to develop value-added products, processes, or know-how. The coupled open innovation model is particularly complex compared to the other two archetypes of open innovation because knowledge-taking and knowledge-sharing require different cultures, organisational structures, and motivations. Therefore, the application of the coupled process requires more skill than the other two archetypes. This means that companies that implement a coupled innovation process can bring ideas to market, license out, or market their technologies, and obtain advantages from their external partners’ knowledge and technologies at the same time. To successfully implement coupled process innovation, the core skills of relationship capacity and relationship management are required (Dyer and Sing 1998; Johnson and Sohi 2003). The capacity to

Fig. 3 Illustration of the coupled process. Adapted from Temel and Durst (2018)

Knowledge Risk Management During Implementation …

213

successfully establish close relationships and manage these relationships with external partners is crucial. Thus, the critical success factor for the coupled process is to create a good balance between delivering and receiving. The well-managed implementation of open innovation options helps companies reduce the cost of innovation and increase returns. However, it is not easy for companies to enhance their skills and implementation of the coupled process. Although there are various reasons, one may be that the company’s core business is not appropriate for a coupled process or that the priorities of the partner companies are different. For instance, small ICT companies and start-ups mainly implement an inside-out process, while large automobile companies prefer to implement outside-in processes to reduce costs and produce better and more popular automobiles (Ili et al. 2010).

4

The Positive Implication of Open Innovation

The vast majority of researchers have introduced the practice of open innovation as one of the most appropriate tools needed to enhance innovation performance for all companies, regardless of size or sector (Poot et al. 2014; Mina et al. 2014; Brunswicker and Vanhaverbeke 2015). It has also been promoted by many publications and observed success stories. In reality, the open innovation model evolved from the search for a better way to accelerate and reduce the cost of new product development. The advantages of open innovation for companies are massive. Open innovation implementations provide companies with access to consumer information, which is crucial at the product development stage (Henkel 2006; Mina et al. 2014). The aim of collaborating with consumers and employing various tools is to receive consumer feedback. This feedback enables companies to improve their current product features and helps companies develop better and more popular products. Collaboration with suppliers is also a positive side effect of the open innovation process (Leiponen and Helfat 2010; Remneland-Wikhamn et al. 2011). Generally, suppliers are considered only material providers. Their role has become more important following advances in the development of material science, technology, and IT. Suppliers have become strategic partners in development by supplying know-how, and now offer their main clients the materials that help them develop high value-added products. Thus, the open innovation process also forces suppliers to become more creative and innovative (Laursen and Salter 2006; Chesbrough and Crowther 2006). Collaboration with competitors was not preferred during the era of closed innovation (Nieto and Quevedo 2005). Companies were not comfortable collaborating with their competitors for fear of knowledge leaks. But open innovation implementation brought a disruptive approach and inspired companies to work closely with their competitors. Collaboration with competitors may not be wise at the market or product level but can be highly productive in pre-competition areas

214

S. Temel and W. Vanhaverbeke

such as joint R&D, establishing technology-intensive laboratories, and joint contributions to innovation ecosystems (Chesbrough 2003; Enkel et al. 2009; Van de Vrande et al. 2009). This collaboration helps companies reduce the cost of innovation, accelerate product launches, and develop better products in terms of features, quality, and useful life. Employing an open innovation approach helps companies access all the necessary information and knowledge from outside the company. In addition to those ecosystem partners mentioned earlier, another source of knowledge partners is consultancies and advisers. If companies wish to develop new products, then they must understand the potential impact of the products before the launch and should employ the most appropriate methodology to access this knowledge. Therefore, collaboration with advisors and consultancies increases the success rate for new products (Ritala and Hurmelinna‐Laukkanen 2013). These external partners may help gain knowledge about the product and may also help companies reduce the cost of production and improve product diversification (Leitner 2015). The open innovation process also enables companies to access something they do not have, such as technical capacity, skills, financial resources, and knowledge. Access to knowledge is crucial, especially for developing value-added products, and universities and research centres are primary sources of such skills (Harmon et al. 1997; Lee and Win 2004; Song et al. 2008; Ranga et al. 2016). Companies who follow the open innovation approach may easily reach out to universities and benefit from their capacity. Collaborating with researchers and universities may help companies learn from research results and findings. Secondly, receiving advice from researchers about R&D and innovation processes increases their success rate. Moreover, basic science and scientific skills are very important for the long-term success of companies in innovation (Harabi 1997; Hu et al. 2005). Thus, cooperation with researchers helps companies gain knowledge more quickly and probably more cheaply than with in-house development. Another benefit of open innovation for companies is an increase in the number of patents and profitability (McAleer and Slottje 2005; Hu et al. 2005; Somaya and Teece 2008). During the age of closed innovation, companies paid little attention to inventions unrelated to their core business. Implementation of an open innovation strategy offers the opportunity for companies to license those inventions to external partners, forcing companies to patent all their inventions, even though the invention is beyond their strategic focus. Similarly, the open innovation approach also enables companies to buy knowledge and license know-how that may be impossible, or too expensive, to develop internally (Enkel et al. 2009). Consequently, the implementation of an open innovation approach enhances the sustainability of R&D and innovation activities and increases profitability. Open innovation generally helps companies build capacity for better innovation performance. However, the implementation of open innovation is not easy for all companies. For successful implementation, companies must employ adequate organisational and managerial practices to effectively define, manage, share, leverage, and transfer the know-how developed internally, and/or externally sourced, to support their competitiveness (Alavi and Leidner 2001; Chesbrough and

Knowledge Risk Management During Implementation …

215

Schwartz 2007; Van der Meer 2007; Hienerth et al 2011). Otherwise, companies may lose all their competitive advantages instead of gaining advantages. Thus, the adoption of strong, fundamental knowledge management practices is extremely important for companies embracing open innovation (Lichtenthaler 2011).

5

Knowledge and Risk Management in Open Innovation Ecosystem

Due to rapid changes in today’s economy, innovation has become the main objective of most companies. Going forward, innovation is the primary tool for enhancing company competence and competitiveness. Therefore, companies must ensure that all their strategies are innovative to create competitive advantages. Innovation activities are risky, time-consuming, and knowledge-intensive, so these factors must be identified and well managed (Cardinal et al. 2001; Darroch and McNaughton 2002; Pyka 2002; Adams and Lamont 2003; Shani et al. 2003). Additionally, the innovation ecosystem should be mature to increase the success of innovation activities and projects. Innovation ecosystem defined as the complex relationships that are formed between actors whose aim is to enable technology development and innovation by Jackson (2011) and increase interactions among the organisations in the ecosystem (Fetters et al. 2010). Therefore, a mature innovation ecosystem accelerates open innovation implementation among companies in the ecosystem. Knowledge has been defined as an important factor that should be managed by companies to create a positive impact on company performance (Grant 1996; Massingham 2010; Durst 2012). The open innovation approach drives companies to benefit from external partners to enhance their innovation skills, build knowledge capacity, and successfully convert these skills and knowledge into business performance (Chesbrough and Bogers 2014). For instance, one of the targets, collaboration with universities and research centres, is needed to acquire new technological knowledge, and enhance staff skills by training, staff exchange, and joint projects (Temel et al. 2013). In this case, open innovation enables companies to access new technical knowledge from universities, which often requires a significant financial investment. Secondly, the aim of the collaboration with customers is to determine their expectations and perceptions about the products, which is valuable knowledge for companies who wish to develop new products. Thirdly, collaborating with suppliers enables access to knowledge about new raw materials, inputs, and other technological processes that may be used in R&D and innovation processes. It is clear that for a successful open innovation implementation, identifying the knowledge, absorbing knowledge, managing knowledge, and converting it into a successful business are important issues. Thus, knowledge must be carefully managed. Otherwise, the losses will not be limited to the knowledge itself but will include

216

S. Temel and W. Vanhaverbeke

cost increases, profit decreases, loss of market share, and loss of competitiveness (Ullrich et al. 2018). As explained earlier, the open innovation approach carries considerable risk in addition to advantages. These risks are crucial and if not managed properly can damage companies—even leading to bankruptcy (Durst and Zieba 2018). Hence, companies must understand the risk involved in each archetype of open innovation, and take precautions before it is too late. Researchers agree on the benefit of implementing open innovation, but this approach does not promise a ‘rose garden’ to anyone. In the next section, we discuss the potential knowledge-related risks involved in the different archetypes of open innovation and suggest how to overcome them.

5.1 Managing Risks for Outside-In Open Innovation In addition to the positives of this approach, there are also some other findings (Tsai and Wang 2009) that show the acquisition of external knowledge per se does not guarantee higher innovation performance; and despite the positive impact on company innovation performance, outside-in open innovation involves some risks for companies. This process needs to be managed carefully (see Table 1). The reason that the outside-in open innovation process alone does not guarantee good results is that effective implementation of knowledge management inside the company is a required precondition. Capturing opportunities from outside, and then absorbing and integrating them with the internal knowledge base, requires a well-established knowledge management strategy (Lichtenthaler and Ernst 2006; Lichtenthaler and Lichtenthaler 2009; Robertson et al. 2012; Zobel 2017). Under this archetype of open innovation, companies acquire knowledge, skills, and technologies. The receipt of inadequate, or even wrong, information or knowledge that is used in R&D and innovation projects may cause serious problems in the company. Thus, companies should be careful in the process of selecting partners or information/knowledge. Knowledge risk is one of the more serious risks, not only within the outside-in open innovation process but also in other archetypes. Knowledge risk refers to the possibility of any loss of knowledge in any stage of the innovation process (such as identification, storage, and protection) that may negatively affect company benefits (Perrott 2007; Durst and Zieba 2018). However, absorbing external knowledge and obtaining the maximum benefit from that knowledge require significantly different skills (Fritsch and Lukas 2001): such as the ability to sense, value, assimilate, and convert it into new knowledge. These skills are prerequisites for sourcing knowledge from external partners and sources (Hossain and Kauranen 2016), and if companies do not have these skills and capacities, then they may experience the disadvantages of the outside-in option—instead of the advantages (e.g. West and Gallagher 2006). Knowledge risks can appear in outside-in open innovation in different forms: such as knowledge hiding, knowledge hoarding, knowledge waste, and using

Knowledge Risk Management During Implementation …

217

Table 1 Outside-in related risks Risk

Definition

Precaution

Knowledge hiding Deliberately hiding the knowledge Binding legal agreements and prior and not sharing it with anyone else notice to preclude hiding, including even though another person or the creation of a sustainable organisation requests it (Connelly knowledge management system et al. 2012) Knowledge Accumulation of knowledge that was Better knowledge management hoarding intended to be used by companies system with different motivations (Connelly et al. 2012; Durst and for employees to increase Zieba 2018) knowledge sharing Knowledge waste Not being able to use current and Better absorptive and knowledge useful knowledge to benefit management capacity companies (Durst and Ferenhof 2016) Using unreliable Collecting obsolete and irrelevant Strong internal knowledge capacity, knowledge knowledge (Tan et al. 2006) regular knowledge validity checks Not-invented-here Not a welcoming and receptive A better role model in the company, (NIH) syndrome attitude towards externally developed sharing and encouraging best technology (Mehrwald 1999) practices from outside Buy-in Too much positive attitude towards Internal education and training (BI) syndrome knowledge acquisition from external programme to enhance employee resources (Lichtenthaler and Ernst knowledge and skills 2006) Owned development based on Lichtenthaler and Ernst (2006), Durst and Ferenhof (2016), Durst and Zieba (2018)

unreliable knowledge (Durst and Zieba 2018). Connelly et al. (2012, p. 65) defined knowledge hiding as ‘an intentional attempt to withhold or conceal knowledge that has been requested by another person’ or organisation. This means that employees or companies may hide knowledge (fully or partially) instead of giving it to their collaborator. Under these circumstances, the recipient will not benefit from this collaboration, and this will increase costs. Therefore, for the outside-in open innovation process, recipient companies must be careful about knowledge hiding and must take necessary precautions to prevent it from occurring. For instance, employees of the licensing-out company may not share the complete ingredients of a product and this creates either quality issue of the final product or even worst no final product at all for the company licensing-in that technology. Similarly, companies licence technologies and sometimes those technologies cannot work properly within the licensed company. Thus, companies should make sure that all necessary knowledge is provided along with the technologies licensed in. Knowledge hoarding is an accumulation of knowledge that is intended to be used by companies (Connelly et al. 2012). Companies invest considerable resources in obtaining knowledge from different sources, but failing to manage this knowledge effectively and carefully creates losses for companies. Sometimes this

218

S. Temel and W. Vanhaverbeke

collected knowledge may be treated as personal property by an employee who does not share it with colleagues (Webster et al. 2008), which may lead to the reacquisition of knowledge that already exists in the company. This type of knowledge hardening creates major risks and disadvantages for companies. Necessary steps should be taken by companies to control this risk. Knowledge waste is another risk during the implementation of the outside-in open innovation process. Knowledge waste is defined as not being able to use current and useful knowledge to benefit the company (Durst and Ferenhof 2016). Acquiring all the necessary knowledge, but failing to use it efficiently and in a timely manner will create more knowledge loss. Knowledge can become obsolete and irrelevant in a very short time (Tan et al. 2006). Thus, during the outside-in open innovation process, recipients must check the current status of the knowledge in the market and its continued validity. If the acquired knowledge is outdated, it will not add value to the business compared to other knowledge. Therefore, it is important to pay attention to the potential risks of unreliable knowledge during knowledge acquisition. For a successful outside-in open innovation processes, it is vitally important to shaping organisational culture to welcome collaboration, not only with external stakeholders but also among internal departments, and to adapt useful tools such as knowledge map, need assessment tools and IP management tools, and mechanisms to provide solutions for internal problems (Davis et al. 2015; Natalicchio et al. 2017). For instance, the not-invented-here (NIH) syndrome is one of the negative attitudes that company staff often use against external knowledge that could contribute to improved innovation performance (Chesbrough and Crowther 2006). NIH can be defined as a syndrome that: ‘represents a negatively biased, invalid, generalizing and rigid attitude of individuals or groups to externally developed technology, which may lead to an economically detrimental neglect or suboptimal use of external technology’ (Mehrwald 1999, p. 50; adapted and quoted by Lichtenthaler and Ernst 2006). This syndrome may have serious consequences for a company that wishes to practice outside-in open innovation because such an acquisition of knowledge and technologies is the main element of an open innovation strategy. If it is not well managed, NIH syndrome increases costs (Herzog and Leker 2010). Similar to the NIH syndrome, the buy-in (BI) syndrome also needs to be managed carefully. BI syndrome refers to an excessively positive attitude towards knowledge acquisition from external resources (Lichtenthaler and Ernst 2006). This behaviour makes companies rely on external knowledge without contributing to company innovation (Lichtenthaler and Ernst 2006). This is more relevant for developing countries where education and technical skills are low (Napier et al. 2008; Roztocki and Weistroffer 2008). Finally, the other risk factor of outside-in open innovation is a decrease in innovation capacity (Herzog and Leker 2010). If companies rely on external technologies and/or knowledge for their product development projects, they may be unwilling to push the development of necessary knowledge and technologies, and more willing to obtain innovation from external partners, which may eventually reduce their innovation skills.

Knowledge Risk Management During Implementation …

219

In summary, knowledge is the key factor in the innovation process, and the open innovation approach strongly urges companies to collaborate with external partners to benefit from their knowledge and skills. But more than finding and taking knowledge, it is important to benefit from it effectively, and therefore, companies should be aware that there are some risks—and without managing those risks effectively, no matter how important and unique the knowledge is, it will not bring benefits to the company.

5.2 Managing Risks with Inside-Out Open Innovation Like outside-in, inside-out open innovation also involves risks and benefits (see Table 2). Some knowledge management risks are also valid for this type of open innovation, such as knowledge hoarding and knowledge waste. Companies using inside-out open innovation mainly develop new technologies and knowledge for external partners. If these companies do not have a good planning and knowledge management capacity, then internally developed knowledge and technologies will

Table 2 Inside-out related risks Risk Knowledge hoarding

Definition

Precaution

Accumulation of knowledge that is Better knowledge management intended to be used by companies system with various motivations for (Connelly et al. 2012; Durst and Zieba employees to increase knowledge 2018) sharing Knowledge Not being able to use current and Better absorptive and knowledge waste useful knowledge to benefit management capacity companies (Durst and Ferenhof 2016) Knowledge Developing different technologies and Implementation of better knowledge accumulation keeping all of them internal instead of and technology assessment internally sharing with external partners and enhancing IP management skills Only-used-here A negative attitude towards Increase external knowledge transfer (OUH) commercialising internally developed experience and collaboration technology and knowledge for various reasons: such as fear of losing return (Lichtenthaler and Ernst 2006) Sell-out Too much positive attitude towards Improving IP and knowledge (SO) syndromes sharing knowledge externally management capacity (Lichtenthaler and Ernst 2006) Immature Lack of IP rules and regulations and IP management and necessary ecosystem lack of technology-oriented ecosystem agreements between partners (Gambardella et al. 2007) Own development based on Lichtenthaler and Ernst (2006), Durst and Ferenhof (2016), Durst and Zieba (2018)

220

S. Temel and W. Vanhaverbeke

accumulate and will not be used to create additional revenue for the company (Lin 2007; Wang and Hu 2017). Similarly, this knowledge accumulation will be wasted if there is no defined knowledge management strategy. Therefore, companies should employ knowledge management strategies to minimise those risks during the inside-out open innovation process. In parallel to the similarities between not-invented-here and buy-in syndromes in the outside-in open innovation process, companies can face other syndromes such as only-used-here (OUH) and the sell-out (SO) syndromes (Lichtenthaler and Ernst 2006) during the inside-out open innovation process. OUH syndrome refers to a negative attitude towards commercialising internally developed technology and knowledge for reasons such as a fear of losing return (Lichtenthaler and Ernst 2006) or fear of giving competitors access to this knowledge. This kind of behaviour is mostly seen in companies with limited experience of external knowledge transfer and a lack of reward for external knowledge transfer (Lichtenthaler and Ernst 2006). Companies must be careful when using an inside-out open innovation practice and they can implement better IP management strategy, increase their absorptive capacity and also increase the motivation of employments to avoid such problems. Conversely, the SO syndrome refers to an excessively positive attitude towards sharing knowledge externally. This syndrome can also negatively affect company innovation and business performance. To combat SO, companies must take the necessary steps to avoid licensing their core technologies and knowledge and maintain core competitive skills for future innovation activities (Fiegenbaum et al. 2014). Thus, it is important for companies that conduct an open innovation strategy to have a knowledge management tool that helps in deciding whether to keep or sell knowledge and technologies (Knošková 2015). Nonetheless, the actual accelerator of inside-out capacity is defined by the creation of a knowledge management strategy that enhances the management of internal R&D outputs (Chiaroni et al. 2011; Ahn et al. 2016). This means that companies should have the capacity to manage innovation outcomes, use suitable tools such as knowledge maps and IP management tools to manage knowledge, and provide the necessary training for their staff (Ahn et al. 2016) to continue their innovation outcomes. In addition to the many internal risks that need to be well managed by companies during inside-out open innovation, there are additional risks companies face if they have an immature innovation ecosystem (Gambardella et al. 2007). For instance, licensing out is one of the core activities of companies. But if there is no well-protected IPR regime in the recipient’s country, it may be very difficult to take sanctions, and this can result in losses for the licensing company. Secondly, if IP is not effectively protected by law, companies may not invest in internal R&D and innovation, which could result in no new knowledge development. To overcome these risks, companies should check IP and their status before they start collaboration. Despite numerous risks, there are ways to benefit from inside-out open innovation practices. Managers must prepare companies by introducing cultural changes

Knowledge Risk Management During Implementation …

221

to reduce risks, encourage new and critical thinking, and by individually becoming role models for their employees by implementing the right practices. According to Herzog (2011), organisational factors affect employee reactions to open innovation more than individual personalities, and he identifies the major role of leadership in open innovation. If the managers overcome those syndromes, employees will change their behaviour appropriately. Whatever risks exist in the implementation of inside-out open innovation, they may be overcome through the adoption of appropriate knowledge management practices.

5.3 Managing Risks with Coupled Innovation Finally, coupled open innovation involves the joint use of knowledge, which involves both outside-in and inside-out use of knowledge and includes its own inherent risks. Knowledge management refers to the accumulation and sharing of knowledge among partners, each having a different institutional culture, strategic focus, structure, and unique risks (see Table 3). In this situation, the main issue is to control the shared knowledge with each company, and if this is not well managed, those companies may face two risks: the all-stored-here (ASH) and the relate-out (RO) syndromes (Lichtenthaler and Ernst 2006). Like the other syndromes mentioned for other archetypes of open innovation, the ASH syndrome is critical because companies may have too tight a control on shared knowledge, which leads to limited access by other companies. This may lead to a positive impact on the innovation performance of the company as long as it can successfully manage stored internal and external knowledge. Otherwise, the ASH syndrome may create failures to capture new business opportunities (Lichtenthaler and Ernst 2006). The RO syndrome averts the use of knowledge that is generally maintained by external partners (Lichtenthaler and Ernst 2006). By this, companies prefer to less use the knowledge acquired by partners in an effort to differentiate their products from the competition. This may lead to missed opportunities: such as learning from Table 3 Coupled innovation related risks Risk

Definition

Precaution

All-stored-here Too tight control on shared Implementation of successful (ASH) syndrome knowledge (Lichtenthaler and Ernst knowledge management strategy, 2006) better IP policy Relate-out Use of knowledge generally Dynamic knowledge management of (RO) syndromes maintained by external partners inter-firm relations without (Lichtenthaler and Ernst 2006) internally acquiring the knowledge Own development based on Lichtenthaler and Ernst (2006)

222

S. Temel and W. Vanhaverbeke

that specific knowledge and learning from others (Natalicchio et al. 2017). As a solution, Lichtenthaler (2008) suggests dynamic knowledge management in inter-firm relations without internally acquiring knowledge. Research generally shows that internal knowledge management capacities help diminish problems related to technology and knowledge management issues among partnering companies (Lichtenthaler 2008; Lichtenthaler and Lichtenthaler 2009). Therefore, the greater the absorptive capacity, the better are the governance structures and collaborative network approaches needed for successful open innovation implementation and to reduce knowledge management risks (Bocquet and Mothe 2015; Yap and Rasiah 2017).

6

Discussion and Conclusion

The main objective of this chapter, besides providing deep information about open innovation, archetypes of open innovation, and their positive impact on companies is to make companies aware of the potential risks when implementing open innovation. However, there are different open innovation archetypes and each of them requires a different set of skills for successful implementation and these should be known by companies before they start the implementation of open innovation. Therefore, the authors have grouped the potential knowledge risks when implementing different archetypes of open innovation. It is clear that open innovation is one of the main tools for companies and organisations to fully benefit from internal and external knowledge, skills, and technology—and to improve their innovation capacities and chances of successfully developing new products (and eventually enhancing business performance). However, despite these positive effects, open innovation also brings risks. These risks should be known in advance by management and precautions should be taken. In this chapter, these knowledge risks are categorised and some precautions are suggested. Since knowledge is the key element and the open innovation approach is mainly based on knowledge exchange, knowledge-related risks are important in open innovation implementations. However, these risks are not unknown and unpredictable. This chapter presents important implications for managerial practice by implementing the necessary tools and suggest some precautions. To minimise knowledge risks, first of all, company managers should focus primarily on the quality of human resources, human resource management, and other tools for better knowledge management. The first step may be to hire people who have the capacity to work with external partners without suffering the syndromes mentioned earlier and selfishly considering only personal opportunities. Secondly, all necessary education and internal training should be provided to employees to build their capacity in line with open innovation expectations. Thirdly, to obtain the maximum benefit,

Knowledge Risk Management During Implementation …

223

companies should provide employees with good tools to manage internal and external knowledge. These tools may be IT tools or just part of a basic low-tech approach. Finally, and more importantly, according to the authors, the most important risk in implementing open innovation is losing internal innovation orientation within the company. Without a focus on innovation and a desire to innovate, external technology and knowledge cannot create long-term innovation success. Therefore, company managers should focus first internal innovation and technology development capacity, create well management of internal innovation process, and then move forward to the implementation of open innovation approach. The chapter also suggests that while providing grants for innovation R&D project of companies, policymakers should be careful about urging collaboration with external partners without stressing knowledge risks and they should require knowledge risk management implementation plan. Further research should apply different methods to collect data from different size and sector and analyse the impact of knowledge and risk management on open innovation performance. Future research should not only collect data from multiple responses in one company but also more companies.

References Adams, G. L., & Lamont, B. T. (2003). Knowledge management systems and developing sustainable competitive advantage. Journal of Knowledge Management, 7(2), 142–154. Ahn, J. M., Ju, Y., Moon, T. H., Minshall, T., Probert, D., Sohn, S. Y., et al. (2016). Beyond absorptive capacity in open innovation process: The relationships between openness, capacities and firm performance. Technology Analysis & Strategic Management, 28(9), 1009–1028. Alavi, M., & Leidner, D. E. (2001). Knowledge management and knowledge management systems: Conceptual foundations and research issues. MIS quarterly, 107–136. Bamford, J. D., Gomes-Casseres, B., & Robinson, M. S. (2003). Mastering alliance strategy: A comprehensive guide to design, management, and organization. John Wiley & Sons. Belderbos, R., Carree, M., & Lokshin, B. (2004). Cooperative R&D and firm performance. Research Policy, 33(10), 1477–1492. Bocquet, R., & Mothe, C. (2015). Can a governance structure foster cluster ambidexterity through knowledge management? An empirical study of two French SME clusters. Knowledge Management Research & Practice, 13(3), 329–343. Bogers, M., Zobel, A. K., Afuah, A., Almirall, E., Brunswicker, S., Dahlander, L., et al. (2017). The open innovation research landscape: Established perspectives and emerging themes across different levels of analysis. Industry and Innovation, 24(1), 8–40. Boutellier, R., & Wagner, S. M. (2003). Sourcing concepts: Matching product architecture, task interface, supplier competence and supplier relationship. In Business engineering (pp. 223–248). Heidelberg, Berlin: Springer. Brunswicker, S., & Vanhaverbeke, W. (2015). Open innovation in small and medium-sized enterprises (SMEs): External knowledge sourcing strategies and internal organizational facilitators. Journal of Small Business Management, 53(4), 1241–1263. Cardinal, L. B., Alessandri, T. M., & Turner, S. F. (2001). Knowledge codifiability, resources, and science-based innovation. Journal of knowledge management, 5(2), 195–204. Chesbrough, H. W. (2003). Open innovation: The new imperative for creating and profiting from technology. Harvard Business Press.

224

S. Temel and W. Vanhaverbeke

Chesbrough, H., & Bogers, M. (2014). Explicating open innovation: Clarifying an emerging paradigm for understanding innovation. In H. Chesbrough, W. Vanhaverbeke, & J. West (Eds.), New frontiers in open innovation (pp. 3–28). Oxford: Oxford University Press. Chesbrough, H., & Crowther, A. K. (2006). Beyond high tech: Early adopters of open innovation in other industries. R&D Management, 36(3), 229–236. Chesbrough, H., & Schwartz, K. (2007). Innovating business models with co-development partnerships. Research-Technology Management, 50(1), 55–59. Chiaroni, D., Chiesa, V., & Frattini, F. (2011). The open innovation journey: How firms dynamically implement the emerging innovation management paradigm. Technovation, 31(1), 34–43. Cohen, W. M., & Levinthal, D. A. (1990). Absorptive capacity: A new perspective on learning and innovation. Administrative Science Quarterly, 35(1), 128–152. Connelly, C. E., Zweig, D., Webster, J., & Trougakos, J. P. (2012). Knowledge hiding in organizations. Journal of Organizational Behavior, 33(1), 64–88. Darroch, J., & McNaughton, R. (2002). Examining the link between knowledge management practices and types of innovation. Journal of Intellectual Capital, 3(3), 210–222. Davis, J. R., Richard, E. E., & Keeton, K. E. (2015). Open innovation at NASA: A new business model for advancing human health and performance innovations. Research-Technology Management, 58(3), 52–58. Droge, C., Calantone, R., & Harmancioglu, N. (2008). New product success: Is it really controllable by managers in highly turbulent environments? Journal of Product Innovation Management, 25(3), 272–286. Durst, S. (2012). Innovation and intellectual capital (risk) management in small and medium-sized enterprises. International Journal of Transitions and Innovation Systems, 2(3–4), 233–246. Durst, S., & Ferenhof, H. A. (2016). Competitive strategies for small and medium enterprises knowledge risk management in turbulent times. In K. North & G. Varvakis (Eds.), Competitive strategies for small and medium enterprises (pp. 195–209). Cham: Springer International Publishing. Durst, S., & Zieba, M. (2018). Mapping knowledge risks: Towards a better understanding of knowledge management. Knowledge Management Research & Practice, 1–13. Dyer, J. H., & Singh, H. (1998). The relational view: Cooperative strategy and sources of interorganizational competitive advantage. Academy of Management Review, 23(4), 660–679. Enkel, E., & Heil, S. (2014). Preparing for distant collaboration: Antecedents to potential absorptive capacity in cross-industry innovation. Technovation, 34(4), 242–260. Enkel, E., Gassmann, O., & Chesbrough, H. (2009). Open R&D and open innovation: Exploring the phenomenon. R&D Management, 39(4), 311–316. Fetters, M., Greene, P. G., & Rice, M. P. (Eds.). (2010). The development of university-based entrepreneurship ecosystems: global practices. Edward Elgar Publishing. Fiegenbaum, I., Ihrig, M., & Torkkeli, M. (2014). Investigating open innovation strategies: A simulation study. International Journal of Technology Management 23, 66(2–3), 183–211. Fosfuri, A. (2006). The licensing dilemma: Understanding the determinants of the rate of technology licensing. Strategic Management Journal, 27(12), 1141–1158. Fritsch, M., & Lukas, R. (2001). Who cooperates on R&D? Research Policy, 30(2), 297–312. Gambardella, A., Giuri, P., & Luzzi, A. (2007). The market for patents in Europe. Research Policy, 36(8), 1163–1183. Gassmann, O., & Enkel, E. (2004, July). Towards a theory of open innovation: Three core process archetypes. In R&D management conference (Vol. 6, pp. 1–18). George, G., Zahra, S. A., & Wood, D. R., Jr. (2002). The effects of business–university alliances on innovative output and financial performance: A study of publicly traded biotechnology companies. Journal of Business Venturing, 17(6), 577–609. Grant, R. M. (1996). Toward a knowledge-based theory of the firm. Strategic Management Journal, 17(S2), 109–122.

Knowledge Risk Management During Implementation …

225

Harabi, N. (1997). Channels of R&D spillovers: An empirical investigation of Swiss firms. Technovation, 17(11–12), 627–635. Harmon, B., Ardishvili, A., Cardozo, R., Elder, T., Leuthold, J., Parshall, J., et al. (1997). Mapping the university technology transfer process. Journal of Business Venturing, 12(6), 423–434. Henkel, J. (2006). Selective revealing in open innovation processes: The case of embedded Linux. Research Policy, 35(7), 953–969. Herzog, P. (2011). Open and closed innovation: Different cultures for different strategies. Springer Science & Business Media. Herzog, P., & Leker, J. (2010). Open and closed innovation–different innovation cultures for different strategies. International Journal of Technology Management, 52(3/4), 322–343. Hienerth, C., Keinz, P., & Lettl, C. (2011). Exploring the nature and implementation process of user-centric business models. Long Range Planning, 44(5–6), 344–374. Hossain, M., & Kauranen, I. (2016). Open innovation in SMEs: A systematic literature review. Journal of Strategy and Management, 9(1), 58–73. Hu, A. G., Jefferson, G. H., & Jinchang, Q. (2005). R&D and technology transfer: Firm-level evidence from Chinese industry. Review of Economics and Statistics, 87(4), 780–786. Huggins, R. A., & Izushi, H. (2007). Competing for knowledge: Creating, connecting and growing. London-New York: Routledge. Ili, S., Albers, A., & Miller, S. (2010). Open innovation in the automotive industry. R&D Management, 40(3), 246–255. Jackson, B. D. J. (2011). What is an innovation ecosystem? Washington, DC. Retrieved from (http://erc-assoc.org/sites/default/files/topics/policy_studies/DJackso-n_InnovationEcosystem_ 03-15-11.pdf). Johnson, J. L., & Sohi, R. S. (2003). The development of interfirm partnering competence: Platforms for learning, learning activities, and consequences of learning. Journal of Business Research, 56(9), 757–766. Knošková, L. (2015). Innovation processes and entrepreneurial culture for radical innovations. Amfiteatru Economic Journal, 17(38), 342–357. Laursen, K., & Salter, A. (2006). Open for innovation: The role of openness in explaining innovation performance among UK manufacturing firms. Strategic Management Journal, 27 (2), 131–150. Lee, J., & Win, H. N. (2004). Technology transfer between university research centers and industry in Singapore. Technovation, 24(5), 433–442. Leiponen, A., & Helfat, C. E. (2010). Innovation objectives, knowledge sources, and the benefits of breadth. Strategic Management Journal, 31(2), 224–236. Leitner, K. H. (2015). Pathways for the co-evolution of new product development and strategy formation processes: Empirical evidence from major Austrian innovations. European Journal of Innovation Management, 18(2), 172–194. Lichtenthaler, U. (2008). Relative capacity: Retaining knowledge outside a firm’s boundaries. Journal of Engineering and Technology Management, 25(3), 200–212. Lichtenthaler, U. (2011). Open innovation: Past research, current debates, and future directions. Academy of Management Perspectives, 25(1), 75–93. Lichtenthaler, U., & Ernst, H. (2006). Attitudes to externally organising knowledge management tasks: A review, reconsideration and extension of the NIH syndrome. R&D Management, 36 (4), 367–386. Lichtenthaler, U., & Lichtenthaler, E. (2009). A capability-based framework for open innovation: Complementing absorptive capacity. Journal of Management Studies, 46(8), 1315–1338. Liefner, I., Hennemann, S., & Xin, L. (2006). Cooperation in the innovation process in developing countries: Empirical evidence from Zhongguancun, Beijing. Environment and Planning A, 38 (1), 111–130. Lin, H. F. (2007). Knowledge sharing and firm innovation capability: An empirical study. International Journal of Manpower, 28(3/4), 315–332.

226

S. Temel and W. Vanhaverbeke

Massingham, P. (2010). Knowledge risk management: A framework. Journal of Knowledge Management, 14(3), 464–485. McAleer, M., & Slottje, D. (2005). A new measure of innovation: The patent success ratio. Scientometrics, 63(3), 421–429. Mehrwald, H. (1999). Das “not invented here”-syndrom in forschung und entwicklung. Dt. Univ.Verlag. Mina, A., Bascavusoglu-Moreau, E., & Hughes, A. (2014). Open service innovation and the firm’s search for external knowledge. Research Policy, 43(5), 853–866. Napier, N. K., Harvey, M., & Usui, K. (2008). Management education in emerging economies: the impossible dream? Journal of Management Education, 32(6), 792–819. Natalicchio, A., Ardito, L., Savino, T., & Albino, V. (2017). Managing knowledge assets for open innovation: A systematic literature review. Journal of Knowledge Management, 21(6), 1362– 1383. Nerkar, A., & Shane, S. (2007). Determinants of invention commercialization: An empirical examination of academically sourced inventions. Strategic Management Journal, 28(11), 1155–1166. Nieto, M., & Quevedo, P. (2005). Absorptive capacity, technological opportunity, knowledge spillovers, and innovative effort. Technovation, 25(10), 1141–1157. Perrott, B. E. (2007). A strategic risk approach to knowledge management. Business Horizons, 50 (6), 523–533. Poot, T., Faems, D., & Vanhaverbeke, W. (2014). Toward a dynamic perspective on open innovation: A longitudinal assessment of the adoption of internal and external innovation strategies in the Netherlands. Open Innovation Research, Management and Practice, 297–322. Porter, M. E. (1990). The competitive advantage of nations. Competitive Intelligence Review, 1(1), 14. Pyka, A. (2002). Innovation networks in economics: From the incentive-based to the knowledge-based approaches. European Journal of Innovation Management, 5(3), 152–163. Ranga, M., Temel, S., Ar, I. M., Yesilay, R. B., & Sukan, F. V. (2016). Building technology transfer capacity in Turkish universities: A critical analysis. European Journal of Education, 51(1), 90–106. Remneland-Wikhamn, B., Ljungberg, J. A. N., Bergquist, M., & Kuschel, J. (2011). Open innovation, generativity and the supplier as peer: The case of iphone and android. International Journal of Innovation Management, 15(01), 205–230. Ritala, P., & Hurmelinna‐Laukkanen, P. (2013). Incremental and radical innovation in coopetition —The role of absorptive capacity and appropriability. Journal of Product Innovation Management, 30(1), 154–169. Robertson, P. L., Casali, G. L., & Jacobson, D. (2012). Managing open incremental process innovation: Absorptive capacity and distributed learning. Research Policy, 41(5), 822–832. Roztocki, N., & Weistroffer, H. R. (2008). Information technology investments in emerging economies. Information Technology for Development, 14(1), 1–10. Shani, A. B., Sena, J. A., & Olin, T. (2003). Knowledge management and new product development: A study of two companies. European Journal of Innovation Management, 6(3), 137–149. Somaya, D., & Teece, D. J. (2008). Patents, licensing, and entrepreneurship: Effectuating innovation in multi-invention contexts. World Scientific Book Chapters, 287–314. Song, M., Podoynitsyna, K., Van Der Bij, H., & Halman, J. I. (2008). Success factors in new ventures: A meta-analysis. Journal of Product Innovation Management, 25(1), 7–27. Srivastava, M. K., & Wang, T. (2015). When does selling make you wiser? Impact of licensing on Chinese firms’ patenting propensity. The Journal of Technology Transfer, 40(4), 602–628. Tan, H. C., Carrillo, P., Anumba, C., Kamara, J. M., Bouchlaghem, D., & Udeaja, C. (2006). Live capture and reuse of project knowledge in construction organisations. Knowledge Management Research & Practice, 4(2), 149–161.

Knowledge Risk Management During Implementation …

227

Teece, D. J., Pisano, G., & Shuen, A. (1997). Dynamic capabilities and strategic management. Strategic Management Journal, 18(7), 509–533. Temel, S., & Durst, S. (2018). The Interplay between open Innovation and knowledge management in SMEs. In S. Durst, S. Temel, & F. H. Aisenberg (Eds.), Open innovation and knowledge management in small and medium enterprises (Vol. 3, pp. 67). Temel, S., Scholten, V., Akdeniz, R. C., Fortuin, F., & Omta, O. (2013). University–industry collaboration in Turkish SMEs: Investigation of a U-shaped relationship. The International Journal of Entrepreneurship and Innovation, 14(2), 103–115. Tidd, J. (2001). Innovation management in context: Environment, organization and performance. International Journal of Management Reviews, 3(3), 169–183. Tsai, K. H., & Wang, J. C. (2009). External technology sourcing and innovation performance in LMT sectors: An analysis based on the Taiwanese Technological Innovation Survey. Research Policy, 38(3), 518–526. Ullrich, A., Vladova, G., Grum, M., & Marquart, D. (2018). Does size matter? The effects of enterprise size on the perception of benefits and risks of open innovation projects. Journal of Innovation Management, 6(2), 71–101. Van der Meer, H. (2007). Open innovation–the Dutch treat: Challenges in thinking in business models. Creativity and Innovation Management, 16(2), 192–202. Van de Vrande, V., De Jong, J. P., Vanhaverbeke, W., & De Rochemont, M. (2009). Open innovation in SMEs: Trends, motives and management challenges. Technovation, 29(6–7), 423–437. Walter, J. (2012). The influence of firm and industry characteristics on returns from technology licensing deals: Evidence from the US computer and pharmaceutical sectors. R&D Management, 42(5), 435–454. Wang, C., & Hu, Q. (2017). Knowledge sharing in supply chain networks: Effects of collaborative innovation activities and capability on innovation performance. Technovation. Webster, J., Brown, G., Zweig, D., Connelly, C. E., Brodt, S., & Sitkin, S. (2008). Beyond knowledge sharing: Withholding knowledge at work. In Research in personnel and human resources management (pp. 1–37). Emerald Group Publishing Limited. West, J., & Gallagher, S. (2006). Challenges of open innovation: The paradox of firm investment in open-source software. R&D Management, 36(3), 319–331. Yap, X. S., & Rasiah, R. (2017). Catching up and leapfrogging in a high-tech manufacturing industry: Towards a firm-level taxonomy of knowledge accumulation. Knowledge Management Research & Practice, 15(1), 114–129. Zobel, A. K. (2017). Benefiting from open innovation: A multidimensional model of absorptive capacity. Journal of Product Innovation Management, 34(3), 269–288.

Handling Knowledge Risk Management Supported by ISO Standards Frank Herdmann

Abstract

This chapter draws on the publication on the taxonomy of knowledge risk by Durst and Zieba and their list of possible items of risk in the context of knowledge management (Durst and Zieba in Int J Bus Environ 9(1):53–57, 2017, pp. 53–57). It is suggested to apply the definition of risk in clause 3.1 of ISO 31000 (effect of uncertainty on objectives) to define knowledge risk. Recently, on October 31, 2018, ISO has published the international standard “ISO 30401 Knowledge management systems—Requirements” which requires end users to determine risks and opportunities that need to be addressed to give assurance that the knowledge management system can achieve its intended results and to plan actions to address these risks and opportunities. It is recommended to apply “ISO 31000:2018 Risk Management—Guidelines” in this context as it will provide an easy to understand and use approach to handling knowledge risk. This chapter describes how this can be done in a simple, effective and efficient approach. A road map for the management of knowledge risk is provided, and a table with samples gives a first impression of aspects to remember in this context. Keywords

Knowledge management ISO 31000 ISO 30401





Knowledge management system
Knowledge risk

Management of knowledge risk

F. Herdmann (&) Auxilium Management Service, Gluckweg 10, 12247 Berlin, Germany e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_13

229

230

1

F. Herdmann

Introduction

Based on the list of possible items of risk in the context of knowledge management presented by Durst and Zieba (2017, pp. 53–57), it is suggested to apply the definition of risk in clause 3.1 of ISO 31000 (effect of uncertainty on objectives) to define knowledge risk as this will capture all types of knowledge risks. Currently, there are no uniform definitions of knowledge and/or knowledge management. As knowledge is nowadays like an asset of ever-increasing importance to any organization and the world moves globally into the “century of knowledge”, knowledge management and treating risks associated with knowledge become more and more important. Guidance on knowledge management and to address the risks that might impact the achievement of its objectives will be an important issue for management in striving for good and responsible corporate governance and avoiding liabilities due to organizational negligence. This chapter will suggest applying the international standards ISO 30401 and ISO 31000 to the management of knowledge risks and explain why and how to do so.

1.1 Knowledge, Knowledge Management and Knowledge Management System Knowledge is defined by ISO standards and technical specifications (“TS”) as • maintained, processed and interpreted information (ISO 5127:2017, 3.1.1.17) • DSA operational information held by a DSA that it uses to locate remote entry or entry-copy information (ISO/IEC 9594-2:2017, 22.1.6) • cognizance which is based on reasoning (ISO/TS 19150-1:2012, 4.8) • the aspect of an instant’s specification that is determined by the values of its attributes, participant properties and constant, read-only operations (ISO/IEC/IEEE 31320-2:2012, 3.1.98) • facts, information, truths, principles or understanding acquired through experience or education (ISO/IEC TS 17027:2014, 2.56) • collection of facts, events beliefs and rules, organized for systematic use (ISO/IEC 2382:2015, 2123771) • facts information, principles or understanding acquired through experience, research or education (ISO 21001:2018, 3.42). • Human or organizational asset enabling effective decisions and actions in context (ISO 30401:2018, 3.25 with three notes: Note 1 to entry: Knowledge can be individual, collective or organizational. Note 2 to entry: There are diverse views on the scope covered within the knowledge, based on context and purpose. The definition above is general as to the various perspectives. Examples of knowledge include insights and know-how. Note 3 to entry: Knowledge is acquired through learning or experience)

Handling Knowledge Risk Management Supported by ISO Standards

231

Knowledge management (“KM”) is defined in ISO standards and technical reports (“TR”) as • range of practices used by organizations to identify, create, represent and distribute knowledge to support learning and decision making (ISO/TR 13054:2012. 2.3) • range of strategies and practices used in an organization to identify, create, represent, distribute and enable adoption of insights and experiences (ISO 5127:2017, 3.2.1.24) • combination of processes, actions, methodologies and solutions that enable the creation, maintenance, distribution and access to organizational knowledge (ISO 30400:2016, 14.1) • management with regard to knowledge (ISO 30401: 2018, 3.26 with two notes: Note 1 to entry: It uses a systemic and holistic approach to improve results and learning. Note 2 to entry: It includes optimizing the identification, creation, analysis, representation, distribution and application of knowledge to create organizational value) and a Knowledge management system (“KMS”) is defined as • set of interrelated or interacting elements of an organization to establish, embed and enable knowledge management policies and objectives, and processes to achieve those objectives (ISO 30400:2016, 14.2) • part of a management system with regard to knowledge (ISO 30401:2018, 3.28 with one note: Note 1 to entry: The system elements include the organization’s knowledge management culture, structure, governance and leadership; roles and responsibilities; planning, technology, processes and operation.) The new international standard “ISO 30401 Knowledge management systems— Requirements” requires end users to determine risks and opportunities that need to be addressed to give assurance that the knowledge management system can achieve its intended results and plan actions to address these risks and opportunities. It is recommended to apply “ISO 31000:2018 Risk Management—Guidelines” in this context as it will provide an easy way to understand and use approach to handling knowledge risk. IWA 31 will soon give guidance on how to use ISO 31000 in management systems. For small- and medium-sized enterprises (“SMEs”), a simple three-step approach as described in a bilingual handbook published in October 2018 (Herdmann 2018) will help address the issue, and for large and complex globally operating enterprises this will provide the initial access to the questions at hand to be continually improved over time. It will be described how to integrate risk management into all organizational activities including knowledge management using ISO 31000 and ISO 30401 and

232

F. Herdmann

Fig. 1 Plug in model (The figure is based on a suggestion made by Dutch experts in ISO/TC 262 WG 2 to explain the approach based on risk management (often called risk-based approach) and updated by Herdmann and Wernicke for DIN)

thereby manage knowledge risk applying the generic definition of risk in ISO 31000 (effect of uncertainty on objectives) for the definition of knowledge risk. It is suggested to use the “plug in model” as originally developed by Dutch experts and recently improved in Germany. Figure 1 the risk management process (“RMP”) can be mapped by using an event-driven process chain (EPC). Strongly simplified the RMP could be visualized like a loop within an IT plug in dongle to enhance the processes of the knowledge management system. Of course, in applying this approach it needs to be remembered that the RMP is more complex and iterative and not linear.

2

ISO 30401 Knowledge Management System— Requirements

ISO 30401:2018 is a management system standard (MSS) type A providing requirements for a KMS (MSS and their structure [the so-called HLS—high-level structure] are categorized in standards containing requirements [Type A] against which an organization can claim conformance and get certified and in those containing recommendations, guidelines or supporting information [Type B] with no option for certification). A management system is described by ISO as “the way in

Handling Knowledge Risk Management Supported by ISO Standards

233

which an organization manages the interrelated parts of its business in order to achieve its objectives” (https://www.iso.org/management-system-standards.html). The level of complexity of such a system should depend on the organization’s specific context and might simply mean strong leadership or (in particular in highly regulated sectors) extensive documentation and controls. ISO management system standards are meant to help organizations to improve their performance by specifying repeatable steps that organizations implement to achieve their objectives. Their benefits include improved risk management (https:// www.iso.org/management-system-standards.html). They can be implemented by any organization, large or small. All MSS follow the same structure and contain identical terms and wording facilitating the operation of a single, integrated management system within one organization that can meet the requirements (or recommendations) for two or more MSS simultaneously (ISO/IEC Directives, Part 1, 2018 Annex SL, replaced in 2019 by ISO/IEC Directives, Part 1, 2019 Annex L). They follow the PDCA approach (PDCA = “Plan—Do—Check—Act” advocated by W. E. Deming and therefore also known as the Deming Cycle, in particular, used in quality management) and their concept is called high-level structure (HLS). They have three clauses of prolegomena [1 (Scope), 2 (Normative References) and 3 (Terms and definitions)]. Outside those prolegomena the structure can be graphically displayed as follows (Fig. 2):

Fig. 2 Structure of an MSS (The structure of an MSS; this figure can also serve as some type of a flowchart for ISO 30401:2018 (compare the more complex Fig. 1 in ISO 19600:2014) which itself does not include any graphic rendering its structure)

234

F. Herdmann

In ISO 30401:2018, KM is described as a discipline focused on ways the organizations create and use knowledge. The purpose of the standard is value creation through knowledge. It is emphasized that many economies aspire to become knowledge economies where knowledge becomes the core asset and the organization can no longer rely on the natural diffusion of knowledge to keep up with the pace of change (ISO 30401:2018, Introduction). It shall be managed like any other organizational asset. The guiding principles of KM are listed in the introduction of the standard without referral to them within the standard itself. They are (ISO 30401:2018, Introduction) as follows: • Nature of Knowledge: knowledge is intangible and complex • Value: knowledge is a key source of value for organizations • Focus: to serve organizational objectives, strategies and needs • Adaptivity: there is no one-size-fits-all knowledge management solution • Shared Understanding: as people have a tendency to create their own knowledge by their own understanding, KM should include interactions between people • Environment: KM focuses on managing the working environment • Culture: culture is critical to the effectiveness of KM • Iterative Nature: KM should be phased, incorporating learning and feedback In clauses 4 “Context of the organization”—7 “Support” of ISO 30401:2018, the requirements for setting the stage of KM are laid out (the plan section of the PDCA cycle). Clause 4.1 requires the organization to determine its external and internal context, clause 4.2 determining the relevant requirements of relevant interested parties and analyzing, prioritizing and assessing them in the organizational context and clause 4.3 determining the scope of the KMS including identifying, evaluating and prioritizing the knowledge domains which have the greatest value to the organization. The scope shall be available as documented information. In subclause 4.4.1, the requirement to establish, implement, maintain and continually improve a KMS is laid out including a reference to clauses 4.4.2 to 4.4.4 representing interdependent dimensions of the KMS: • Knowledge development • Knowledge conveyance and transformation • KM enablers In subclause 4.4.2 (Knowledge development), the four stages of the lifecycle of knowledge are listed as follows: • Acquiring new knowledge • Applying current knowledge • Retaining current knowledge • Handling outdated or invalid knowledge

Handling Knowledge Risk Management Supported by ISO Standards

235

Subclause 4.4.3 (Knowledge conveyance and transformation) lists activities and behaviors supporting knowledge flows, the KMS objectives and covering prioritized knowledge domains defined in 4.3: • Human interaction • Representation • Combination • Internalization and learning Subclause 4.4.4 lists and explains the knowledge management enablers supporting the KMS objectives: • Human capital • Processes • Technology and Infrastructure • Governance • Knowledge management culture. Clause 4.5 (Knowledge Management Culture) emphasizes the importance of a culture where knowledge is valued and actively used and refers to Annex C for the options to address the culture. The KM culture is described to reflect the extent to which people, e.g., share knowledge openly and offer knowledge to others, demonstrate accountability for their own learning, invest time in reflecting and learning and collaborate, rather than compete with their colleagues. The main factors that affect the desired behaviors and attitudes composing the KM culture are listed on a non-exclusive basis, e.g., leadership behavior and attitudes, trust, engagement, training and competence levels and incentives. Possible approaches to promoting the KM culture are suggested such as defining it, running a gap analysis and addressing the gaps. Clause 5 “Leadership” deals with the requirements for leadership and commitment, establishing a KM policy and assigning roles, responsibilities and authorities ensuring engagement of people and the effective application of the KMS. Similarly, clause 6 “Planning” contains basically the HLS text requiring an approach based on risk management determining risks and opportunities that need to be addressed so that the KMS can achieve its intended outcomes by actions to address those risks and opportunities. It is suggested to apply ISO 31000 in this context to handle KMS, and it will be explained how to do so effectively and efficiently. Also, the organization shall establish the KM objectives and plan how to achieve them. Objectives may relate to issues such as safety, time, risk and quality, and the importance of business objectives as the outcomes are of the KMS which is not meant to be a means in themselves is stressed. Clause 7 “Support” explains the requirements regarding resources, competence, awareness, communication and documented information.

236

F. Herdmann

According to clause 8 “Operation” of the standard (the do section), organizations shall have to plan, implement and control the processes needed to meet the requirements and implement the actions determined in clause 6.1 (actions to address risks and opportunities to give assurance that the KMS can achieve its intended outcomes). The organization shall also ensure that outsourced processes align with the KMS and are controlled. Clause 9 “Performance evaluation” of the standard (the check section) and clause 10 “Improvement” of the standard (the act section) require monitoring, measurement, analysis and evaluation of the knowledge performance and the effectiveness of the KMS and retaining appropriate documented information as evidence of the results. The organization shall conduct internal audits at planned intervals based on defined audit criteria. Top management shall review the organization’s KMS at planned intervals to ensure its continuing suitability, adequacy and effectiveness and consider continual improvement opportunities and documented information as evidence of the management reviews shall be retained. When a nonconformity occurs corrective action to control and correct it and learn from it and to deal with the consequences, evaluate the need for action to eliminate the causes of nonconformity and identifying any opportunity that may arise out of such nonconformity are required. Finally, the organization shall plan, implement and control processes needed to ensure continual improvement of the suitability, adequacy efficiency and effectiveness of the KMS. Annex A addresses the knowledge spectrum explaining that knowledge occurs in many types and forms that constitute a continuum from codified to experienced and action based. KM deals with activities associated with all types of knowledge, leveraging existing knowledge, creating new knowledge and applying or transferring it among stakeholders. In Annex B, the relationships between KM and adjacent disciplines are discussed in a comparative manner. KM is compared with information management, data management, business intelligence, customer relationship management, learning, development and training, organizational learning, human resource management, innovation management, risk management and quality management. KM and risk management are described as closely linked but separate disciplines. KM shall be one of many ways to manage risk. Both KM and risk management are described as disciplines for managing intangible factors that affect the operation of an organization but it is recommended to see them as parallel and complementary rather than overlapping (ISO 30401:2018, Annex B; paragraph i). A KMS as described by ISO 30401 is described as a means to achieve the requirements settled in ISO 9001:2015 as organizational knowledge is a mandatory element for establishing a quality management system (ISO 30401:2018, Annex B; paragraph j).

Handling Knowledge Risk Management Supported by ISO Standards

3

237

ISO 31000 Risk Management—Guidelines

ISO 31000:2018 is a generic guideline standard for use by people creating or protecting value in organizations by managing risks, making decisions, setting and/or achieving objectives and improving performance (ISO 31000:2018, Introduction first paragraph). It provides guidelines that can be customized to any organization and its context (and is therefore not certifiable) for managing any type of risk applicable to any activity at all levels and are not industry sector-specific (ISO 31000:2018, clause 1—Scope). According to the principles of the standard risk management is an integral part of all organizational activities, it is structured and comprehensive, customized, inclusive, dynamic, based on the best available information, takes human and cultural factors into account and is continually improved (ISO 31000:2018, clause 4—Principles) (Fig. 3). It is said that the outstanding value of ISO 31000:2018 is its condensed presentation of the essential basic items of risk management demanding a customized approach. This gives rise to the opportunity for a quick start in three steps (Herdmann 2018): • Establishing the framework • Establishing the process • Implementing and executing the process with step (1) and (2) setting the stage for managing any type of risk (including knowledge risks) and step (3) handling or managing any type of risk (including knowledge risks). Fig. 3 Figure based on ISO 31000:2018, Fig. 1 [reduced to its essentials]

238

F. Herdmann

3.1 Establishing the Framework Step one of the three steps is open for customizing to the widest degree. Here, special attention must be given to the central element of leadership and commitment as the introduction of risk management and ensuring its ongoing effectiveness require a strong and sustained commitment by the management at all levels and the oversight bodies, where applicable. They should issue a statement policy, ensure the allocation of the necessary resources and assign authority, responsibility and accountability at appropriate levels within the organization. The guidelines for the risk management framework are outlined in clause 5 of ISO 31000:2018. The purpose of the clause is to assist the organization in setting up its risk management practices and processes and to evaluate potential gaps in the framework of the organization which should be customized to its needs. The components of the framework are • Leadership and commitment (clause 5.2) which is the central element defining tasks and accountabilities of top management and where applicable oversight bodies • Integration (clause 5.3) as the effectiveness of risk management will depend on integrating it into all organizational activities (Principle a) • Design which includes understanding the organization and its context (clause 5.4.1), articulating commitment (clause 5.4.2), assigning roles, authorities, responsibilities and accountabilities (clause 5.4.3), allocating resources (clause 5.4.4) as well as establishing communication and consultation (clause 5.4.5) • Implementation (clause 5.5) by modifying applicable processes and ensuring that the organization’s arrangements for managing risk are clearly understood and practised • Evaluation (clause 5.6) by determining whether it remains suitable to support achieving the objectives of the organization and • Improvement (clause 5.7).

3.2 Establishing the Process The risk management process is described in clause 6 of ISO 31000:2018. Its core elements are as follows: • Risk assessment with the items risk identification, risk analysis and risk evaluation and • Risk treatment. The risk management process should be an integral part of management and decision making and integrated into the structure, operations and processes of the organization. For knowledge risk management, this means integrating the process into the KMS.

Handling Knowledge Risk Management Supported by ISO Standards

239

Fig. 4 Process-simplified version of Fig. 4 of ISO 31000:2018

The dynamic and variable nature of the human behavior and culture should be considered throughout the risk management process (compare principle g). While the standard presents the process as sequential, in practice it is iterative, and only four little triangles on the outer circle of Fig. 4 of the standard indicate this iterative nature. The elements of the process are • Communication and consultation • Scope context and criteria • Risk assessment (risk identification, risk analysis and risk evaluation) • Risk treatment • Monitoring and review and • Recording and reporting.

The core operational risk management process is a four-item activity that has been described to resemble a loop and called the “RM loop” (Herdmann 2018, p. 44). Figure 5 is mapping this core risk management process following Fig. 4 of the standard (i.e., risk assessment—which is identification, analysis and evaluation —and risk treatment) sequentially in an EPC without including its iterative elements. Generally, in an EPC, a situation will initiate an activity which in turn will be followed by another situation. The first activity of the RM loop is risk identification which is the process of finding, recognizing and describing risk (ISO 31000:2018, clause 6.4.2). Comprehensive identification is critical since a risk not identified will be a risk not analyzed, estimated and treated and escaping attention. The second item—risk analysis—is comprehending the nature of risk and its characteristics (ISO

240

F. Herdmann

Fig. 5 Sequential EPC of the core risk management process without its iterative elements

31000:2018, clause 6.4.3). It provides input to risk evaluation and to decisions whether additional action is required. Risk evaluation—item 3—involves comparing the results of risk analysis with the established risk criteria defined under the guidance of clause 6.3.4 of the standard (ISO 31000:2018, clause 6.4.4). The purpose of risk evaluation is to assist in making decisions on which risks need treatment and on the priority for treatment. These three activities combined are a sub-process called risk assessment. ISO/IEC 31010:2009 provides detailed guidance on risk assessment techniques, describing 31 techniques. The last activity of the RM loop is risk treatment described in clause 6.5 of the standard as the process to modify risk. Using the EPC, a starting and a finishing situation are added. The core part of the process will be started by information or estimation, and it will end with risk having been treated (provided any risk has been identified). ISO 31000’s guidance on risk management starts with the general recommendation that the risk management process should be an integral part of management and integrated into the processes of the organization. Therefore, the information or estimation that will start the process will generally be the information or estimation that would start any organizational process if no risk management was implemented. It should be noted that clause 6 of the standard actually deals with two processes: the process of customizing the risk management process and the operational risk management process. Subclauses 6.2 (communication and consultation) and 6.3 (scope, context and criteria) deal with customizing and implementing the operative risk management process in a similar but slightly more specific way than clause 5 on the framework already did. The remaining subclauses to clause 6 give recommendations on the operational process or the core of the risk management process as shown in Fig. 5. Monitoring and review are annexes to the RM loop, and responsibilities in this respect should be clearly defined (ISO 31000:2018, clause 6.6). Results should be recorded and reported as appropriate considering the organization’s need for

Handling Knowledge Risk Management Supported by ISO Standards

241

continuous improvement and legal, regulatory and operational needs for records and the benefits of reusing such information for management purposes (ISO 31000:2018, clause 6.7, for more information see Herdmann, Frank, Three Steps Starting Effective and Efficient Risk Management according to ISO 31000:2018, Berlin 2018, p. 50).

3.3 Implementing and Executing the RM Loop As can be seen in Fig. 6, mapping the core of the risk management process in a manner including its iterative nature—even when simplified (the occurrences between the activities are not shown)—results in a complex roadmap. For better understanding in the wider context, this figure should be reduced in an abstract manner. The RM loop works like a small IT processor in an IT dongle enhancing the activities and processes to which it has been integrated. Therefore,

Fig. 6 The RM loop mapped as EPC indicating its iterative nature (activities to investigate whether new information or estimation has to be considered have been added followed by decisions which items will have to be repeated—to avoid too much complexity situations between the actions have been omitted)

242

F. Herdmann

Fig. 7 Integration of the RM loop

the suggestion is to use a symbol of such an IT plug in dongle to simplify graphics for the integration of the loop in the organizational processes. To activate synergies and reduce efforts and expenses, integrating the RM loop should be considered when designing and implementing or improving the organization’s core business processes and possibly documenting them in an organizational manual. Instead of starting an operational process with the first activity of such process, the task owner should first consider whether any uncertainty (deficiency of information or estimation) might affect the process and the achievement of its objectives. This requires clarity on the objective of the process for the task owner who will be the risk owner for this process. The RM loop should be repeated whenever additional information and/or new estimation affects the business process (For more detail see Herdmann 2018, pp. 58 ff) (Fig. 7).

3.4 Defining Knowledge Risk Within ISO, there is no definition of knowledge risk. Beyond that, there is disagreement over defining knowledge risk. Durst and Zieba recommend the following definition of Perrot as Likelihood of any loss resulting from the identification, storage or protection of knowledge that may decrease the operational or strategic benefit of the company (Durst and Zieba 2017, p. 53). Knowledge risks are essentially the risks which organizations shall determine according to ISO 30401 clause 6.1 “which need to be addressed to give assurance that the knowledge management system can achieve its objective”. The objective of a knowledge management system is to create, maintain, protect and provide access to knowledge (facts, information, principles or understanding acquired through experience, research or education) necessary to achieve the organizational objectives. The risks that need to be addressed are the typical knowledge risks listed by Durst and Zieba: knowledge loss, knowledge attrition, knowledge leakage,

Handling Knowledge Risk Management Supported by ISO Standards

243

knowledge spillover, knowledge waste, knowledge hiding, knowledge hoarding and more (Durst and Zieba 2017, pp. 53–57). Each of them poses a threat to achieving the KMS objective. As mentioned before, the determination of and actions to address knowledge risks should follow ISO 31000. Organizations are well advised if their management of knowledge risk is based on ISO 31000 and its definition of risk: effect of uncertainty on objectives (ISO 31000:2018, 3.1 with three notes: • Note 1 to entry: An effect is a deviation from the expected. It can be positive, negative or both and can address, create or result in opportunities and threats. • Note 2 to entry: Objectives can have different aspects and categories and can be applied at different levels. • Note 3 to entry: Risk is usually expressed in terms of risk sources, potential events, their consequences and their likelihood.) which is broader and being introduced in 2009 two years younger than Perrot’s definition and thus more up to date and by now international best practice. ISO 31000 has a three-pillar structure shown in Fig. 3.

4

The Road Map for the Management of Knowledge Risk

Knowledge management having been defined in ISO 30401 as “management with regard to knowledge” will include processes and activities of the organization to create, maintain, protect and provide access to knowledge (facts, information, principles or understanding acquired through experience, research or education) necessary to achieve the organizational objectives. Following the definition of risk in ISO 31000 and acknowledging that knowledge risk is the risk that needs to be addressed to give assurance that the knowledge management system according to ISO 30401:2018 can achieve its intended outcomes will enable organizations to follow the three-step approach as described above for managing knowledge risk when implementing their KMS and its processes. What should be done will be discussed based on some of the risks (knowledge loss, knowledge spillover, knowledge waste, knowledge forgetting and knowledge outsourcing) listed by Durst and Zieba (2017, pp. 53–57) which will serve as examples for the roadmap. Implementing a KMS in line with ISO 30401:2018 requires top management to establish a KM policy that includes a commitment to manage knowledge enabling the timely creation, maintenance, distribution and access to organizational knowledge required to achieve the organization’s objectives. This policy shall be communicated within the organization and shall be available as documented information (ISO 30401:2018, clause 5.2). Also, top management shall demonstrate leadership and commitment with respect to the KMS by ensuring that the KM policy and the KM objectives are established and compatible with the strategic direction of the organization, the resources needed

244

F. Herdmann

are available and the integration of the KMS requirements into the organization’s business processes (covering the activities that are core to the purposes of the organization’s existence—ISO 30401:2018, clause 5.1). The organization shall determine the external and internal issues that affect its ability to achieve the intended outcomes of its KMS, the requirements and the scope of its KMS considering those issues and establish, implement and maintain the KMS including the processes needed (ISO 30401:2018, clauses 4.1, 4.2, 4.3 and 4.4). The organization shall establish the KM objectives, retain documented information on them and plan how to achieve them by determining what will be done, what resources are required, who will be responsible and how results will be evaluated (ISO 30401:2018, clause 6.2). The organization shall determine and provide the resources needed for the KMS. This includes the competence and awareness of staff, the relevant internal and external communication (what, when, with whom and how) and the documentation of relevant information (ISO 30401:2018, clause 7). The organization shall plan, implement and control the processes needed to meet the requirements of its KMS and ensure that outsourced processes are controlled (ISO 30401:2018, clause 8). While planning the KMS, the organization shall consider the issues and requirements mentioned above and determine the risks and opportunities that need to be addressed to achieve the objectives of the KMS and plan actions to address these risks and opportunities (ISO 30401:2018, clause 6.1). This essentially is applying the RM loop or risk management in line with ISO 31000:2018.

4.1 Knowledge Loss Within the KMS as lined out above, the risk of knowledge loss shall serve as the first example for the roadmap. Managing knowledge to enable the timely creation, maintenance, distribution and access to organizational knowledge required to achieve the organization’s objectives will mean in the context of this risk to prevent knowledge loss. The first activity of the RM loop will be risk assessment with risk identification. To do so in the context of knowledge loss, the organization will identify uncertainties that have the potential to give rise to knowledge loss, e.g., deviations from the expected staff turnover including retirements and unexpected deaths or deviations from the statistically expected illnesses, diseases and accidents preventing staff to perform their obligations. Apart from those human aspects, knowledge can also be lost in the technical environment, for example, losing a database due to a system failure. The simplest tools to support risk assessment in this context will be checklists and brainstorming but more can be found in Annex B of IEC/ISO 31010:2010. The organization will identify the business processes that are affected by the uncertainties identified, analyze and evaluate them and plan actions to address the knowledge risk (i.e., risk treatment) in the context of each process. For example, in the context of staff turnover, illnesses, diseases or accident, the organization might

Handling Knowledge Risk Management Supported by ISO Standards

245

Fig. 8 KMS process with RM loop

plan for deputies acquiring the relevant knowledge—if vital for more than one deputy. Processes in HR should provide for staff qualification programs and the relevant training and the risk management process integrated into them. Documenting knowledge in a clear and easily understandable and retrievable manner (e.g., in an organizational manual or IT based) is a good approach to remove or reduce the source of the risk of knowledge loss. The processes for documentation should be specifically designed, documented and implemented and the risk management process integrated to them. The risk treatment plan of the organization might include more options in this context. The risk of knowledge loss in the technical environment might be treated by appropriate backup facilities. The road to resilience with regard to the risk of knowledge loss is shown in Fig. 8—managing knowledge within a KMS process and integrating the RM loop to achieve the objective of the KMS to enable the timely creation, maintenance, distribution and access to organizational knowledge—and prevent knowledge loss.

4.2 Knowledge Spillover In the context of the risk of knowledge spillover, managing knowledge requires measures to prevent valuable knowledge to spill out of the organization to competitors who might use this knowledge to gain competitive advantages. The spillover might be caused by simple negligence of the staff, deliberate actions of estranged staff, pure coincidence (opportunity makes the thieve) or deliberate attacks of the competitor. Again, within the RM loop, the first activity will be a risk assessment. Special attention should be paid to the potential consequences of the risk from knowledge spillover which will require analysis and evaluation of the significance of the relevant knowledge that might be the target of the competitor. Within risk treatment, the organization might create KMS processes using formal protection strategies (e.g., patenting), strategic actions (e.g., complex project design facilitating secrecy) or security procedures. As the risk of knowledge spillover can easily be accompanied by the risk of knowledge loss, the consequences of the likelihood of a combination of those two types of risk should be considered in an iterative application of the activities of the RM loop.

246

F. Herdmann

The structure of the management of knowledge risk in the form of knowledge spillover is identical to the structure of the management of knowledge risk in the form of knowledge loss. What might differ are the tools for risk assessment as for knowledge spillover more investigative tools might be appropriate. Also, different treatment options might be appropriate for both types of knowledge risks. As the structure for managing the risk remains identical, Fig. 8 is applicable here as well except that the new information in the middle of the process will be information on a potential knowledge spillover.

4.3 Knowledge Waste Not making use of available and potentially useful information in the organization is a threat to the core KMS process. It is directly impeding the objective of the KMS which is enabling the timely creation, maintenance, distribution and access to organizational knowledge required to achieve the organization’s objectives. As the information is already available, this type of risk assaults the maintenance, distribution or access to knowledge. Examples are lack of maintenance or distribution due to staff turnover, illness or accident, lack of discipline, lack of staff qualification or experience or a chaotic knowledge storage system. Sometimes, it is the sheer size of an organization that prevents timely access to available information (… if Siemens knew what Siemens knows …)! Again, within the RM loop, the first activity will be risk assessment followed by risk treatment. In risk identification, special emphasis should be on human and cultural factors as not making use of available and useful information might be caused by potential human deficiencies. Those factors might even be helpful in most situations as the efficiency–thoroughness trade-off (ETTO principle) is (Hollnagel 2012). This principle is the explanation of why people achieve the management of their tasks despite the unbalanced workload and why things that go right sometimes go wrong. Not retrieving available information might also have a cultural background. Therefore, in risk assessment, special knowledge in the way people and team are acting/interacting might be helpful. For risk treatment, training and team building workshops might be considered. Also, automatic or semiautomatic knowledge retrieval systems can be helpful. Special consideration should be given to internal controls and internal audit to remove or reduce the risk source and/or changing the likelihood of this type of risk. Again, the structure of the management of knowledge risk in the form of knowledge waste is identical to the structure of the management of knowledge risk

Handling Knowledge Risk Management Supported by ISO Standards

247

in the form of knowledge loss. What might differ are the tools for risk assessment as for knowledge waste tools targeted at human and cultural factors will be beneficial. Also, different treatment options will most likely be appropriate for both types of knowledge risks. As the structure for managing the risk remains identical, Fig. 8 is applicable here as well except that the new information in the middle of the process will be information on potential knowledge waste.

4.4 Knowledge Forgetting The risk source for knowledge forgetting might be the infrequent use of knowledge, the failure to capture new knowledge when the organization fails to institutionalize it, or bad memory. The organization should find means to detect those elements and decide which treatment options are appropriate. Infrequently used knowledge might be part of recurring workshops or discussions at team meetings. This might also help in the case of bad memories. The institutionalization of new knowledge should be provided by appropriate activities in the processes for creating and maintaining this knowledge. Figure 8 is applicable here as well.

4.5 Knowledge Outsourcing The risks of knowledge outsourcing relate to transferring a business activity or function to an external contractor. This can result in the dependency on the contractor and losing the skills and capacities needed to achieve the organization’s objectives. When outsourcing an activity or function, the organization should consider which knowledge is associated with this activity or function and analyze and evaluate the risk of losing the associated knowledge. Special storage, maintenance and retrieval activities should be planned which can include the obligation of the contractor to update the organization on knowledge development. In this context, Fig. 8 is applicable as well.

4.6 The Road Map Applying the principles above will generate a rather simple road map (Fig. 9) to an effective and efficient knowledge risk management which an SME—and initially any enterprise in combination with the commitment of approval over time—can use with the three-step approach described above for implementing risk management.

248

F. Herdmann

Fig. 9 Roadmap to handling knowledge risk management supported by ISO standards (ISO 30410 & ISO 31000)

Within this road map, special attention should be paid when integrating RM into the KMS processes as different types of knowledge risk will require the application of different tools for risk assessment and consideration of different treatment options. For the types of knowledge risk which have been used as examples above, the following table might give a first impression of aspects to remember in risk assessment and of treatment options. Table 1 might be used as an initial checklist for risk assessment and risk treatment. It might also be helpful in understanding the external and internal context of the organization when designing the KMS and its processes. With time and growing experience, the organization will add more aspects for risk assessment and more treatment options in the context of continually improving its KMS and its risk management. Also, when designing and implementing the KMS with the RM loop integrated into its processes, the organization should consider which other types of knowledge risk might affect its achievement of objectives and add them to this list. It is important to remember that risk management framework and process are customized, and there is no “one-size-fits-all” risk management. Therefore, this table may serve as an example and a starter but not as a final document. Another important issue to remember is that the RM loop is not a sequential but an iterative process which might require the risk owner to repeat prior activities if new information is available and suggest to do so—in fact, risk management in itself is iterative in all its stages (ISO 31000:2018, Foreword (paragraph 8, 3rd bullet point), Introduction (paragraph 3), clause 5.3 (paragraph 3), clause 6.1 (paragraph 5), clause 6.4.1, clause 6.5.1).

Handling Knowledge Risk Management Supported by ISO Standards

249

Table 1 Knowledge risk management checklist Potential knowledge risk event

Aspects of risk assessment

Risk treatment options

Knowledge loss

•Staff turnover including •retirements •staff poaching •unexpected deaths •illnesses •diseases •accidents •system failure •Checklist of knowledge that is of interest to competitors •assessment of a combination of the risk of knowledge spillover and the risk of knowledge loss •Deficiencies in the •maintenance of knowledge or the •distribution of knowledge due to •staff turnover •illness •accident •lack of discipline •lack of staff qualification or experience •a chaotic knowledge storage system •human factors (e.g., ETTO) •size of the organization (too large) •Infrequent use of knowledge •failure to capture new knowledge (e.g., the organization fails to institutionalize it) •bad memory

•Create an organizational structure with a system of deputies •staff qualification including staff training •knowledge documentation (e.g., in an organizational manual or IT based) •backup facilities •Formal protection strategies (e.g., patenting) •strategic actions (e.g., complex project design facilitating secrecy) •security procedures •Staff training •team building workshops •automatic or semiautomatic knowledge retrieval systems •special consideration for internal controls and internal audit

Knowledge spillover

Knowledge waste

Knowledge forgetting

Knowledge outsourcing

5

•Dependency on the contractor •losing skills and capacities

•Workshops •team meetings •activities within the processes for creating and maintaining new knowledge ensuring its institutionalization •Special storage, maintenance and retrieval activities •committing the contractor to update the organization on knowledge developments

Conclusion

Handling knowledge risk management is the management of a specific type of risk, and in view of ISO standards, there is no difference to risk management in general. When designing the framework and the risk management process for the different types of knowledge risk to be assessed and treated in the KMS different tools for assessment and treatment options should be considered. This does not require a

250

F. Herdmann

separate KMR companion standard to ISO 31000 but the application of the generic standard and the principles are laid out above. For more detail, a handbook complementing Table 1 in more detail and for additional aspects of risk associated with knowledge might be helpful. But, this most likely will not exceed the volume of a brochure. The iterative nature of risk management should always be considered.‘ The best way forward will be to implement a knowledge management system aligned to ISO 30410 and in doing so integrating risk management aligned to ISO 31000. This will reduce expenses and optimize output at the same time as the organization will map both parts of the relevant processes at once. If the organization already has a management system following an ISO standard, it will be well advised to consider integrating the KMS into this available system at the time of its continual improvement. This will reduce the task to connecting the requirements of ISO 30410 to the existing management system and integrating them by gap analysis and gap closure (The Integrated Use of Management System Standards (IUMSS), 2018, p. 47 ff). In reviewing the processes of the management system which in this context will become an integrated holistic management system risk management should be integrated using the simple three-step approach using the mapping of the risk management loop.

References Durst, S., & Zieba, M. (2017). Knowledge risks—towards a taxonomy. International Journal of Business Environment, 9(1), 53–57. Herdmann, F. (2018). Three steps starting effective and efficient risk management according ISO 31000, Berlin, Beuth Verlag. Hollnagel, E. (2012). The ETTO principle: efficiency-thoroughness trade-off: why things that go right sometimes go wrong (Ashgate Publishing Group 2009—meanwhile new edition 2012). ISO 5127:2017. (2017). Information and documentation—Foundation and vocabulary. Geneva. ISO 21001:2018. (2018). Educational organizations—Managements systems for educational organizations—Requirements with guidance for use. Geneva. ISO 30400:2016. (2016). Human resource management—Vocabulary. Geneva. ISO 30401:2018. (2018). Knowledge management systems—Requirements. Geneva. ISO 31000:2018. (2018). Risk management—Guidelines. Geneva. ISO/TR 13054:2012. (2012). Knowledge management of health information standards. Geneva. ISO/IEC 9594-2:2017. (2017). Information technology—Open systems interconnection—The directory—Part 2: Models. Geneva. ISO/IEC 2382:2015. (2015). Information technology—Vocabulary. Geneva. ISO/IEC/IEEE 31320-2:2012. (2012). Information technology—Modelling languages—Part 2: Syntax and semantics for IDEF1X97 (IDEFobject), Geneva 2012 (last reviewed and confirmed in 2019). ISO/TS 19150-1:2012. (2012). Geographic information—Ontology—Part 1: Framework. Geneva 2012 (Last reviewed and confirmed in 2016). ISO/IEC TS 17027:2014. (2014). Conformity assessment—Vocabulary related to competence of persons used for certification of persons. Geneva (last reviewed and confirmed in 2017). ISO/IEC Directives. (2019). Part 1, Consolidated ISO supplement—Procedures specific to ISO. Geneva 2018 (in 2019 replaced by: ISO/IEC Directives, Part 1, Consolidated ISO Supplement —Procedures Specific to ISO, Geneva.

Handling Knowledge Risk Management Supported by ISO Standards

251

ISO Website on Management system standards. https://www.iso.org/management-systemstandards.html. The Integrated Use of Management System Standards (IUMSS), ISO Handbook, Second Edition Geneva (2018).

Frank Herdmann is a C-level manager with a legal, financial, and operational background. He has a demonstrated track record in generating improved efficiency and higher profit margins. Frank was educated in the US and Europe and is highly skilled at working in multiple targeted assignments in both the public and the private sector. His industry background is banking, barter trade, real estate and (since 2009) consulting. He is the managing partner of Auxilium Management Service and of Auxilium Expatbiz Services. During the recent revision of ISO 31000 (2013–2017) he was the head of the German delegation to ISO/TC 262, the technical committee in charge of the revision. He is the deputy chairman of DIN NA 175-00-04 AA (Risk management) and the chairman of DIN NA 175-00-05 GA (Security and Business continuity).

Conclusions and Outlook

Conclusions and Outlook Susanne Durst and Thomas Henschel

Abstract

The aim of the final chapter is to conclude the book and its content and based on it to provide a number of promising research avenues that will hopefully help in further developing the promising field of knowledge risk management as well as related fields. Thus, the main contribution of this chapter is a list of research avenues which can act as useful starting point for those interested in studying the topic. These avenues are divided into general and specific topics and are expected to provide interested persons a range of interesting points of departure. Keywords




Knowledge risks Knowledge risk management research Research avenues




1


Risk management
Future

Conclusions

As has been showing throughout this book and in previous research, the study of knowledge risk management is still in an early phase of development, and our body of knowledge is fragmented at most. There is also little in the existing literature on actual implementations of knowledge risk management in general. This refers to the use of methods, approaches and solutions too. Thus, the content presented in this book can be considered as relevant and timely contributions to address this situation S. Durst Department of Business Administration, Tallinn University of Technology, Tallinn, Estonia T. Henschel (&) Hochschule für Technik und Wirtschaft Berlin, Berlin, Germany e-mail: [email protected] © Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2_14

255

256

S. Durst and T. Henschel

by providing some new insights in the field/related fields which in turn can help in both enlarging and deepening our extant knowledge base. Against this background, the main idea behind this terminating chapter is to provide some further research avenues for persons (e.g. scholars, early-stage researchers but also practitioners) who are interested in studying the topic of knowledge risk management and thus contributing to the field’s further development.

2

Avenues for Further Research

Table 1 lists a number of proposals that are divided into a number of different topics which are accompanied by (1) ideas of areas that could be addressed and (2) a number of concrete research questions. Generally, the proposed topics/themes are further divided into general topics which highlight ideas for the field’s theoretical (further) development and specific topics that address possible areas of application. The content of Table 1 is the outcome of the content presented in this book and the book editors own past and ongoing research activities in the area under investigation. The content of Table 1 clarifies that the study of KRM has (still) much to offer and would highly benefit from interdisciplinary research teams or research efforts, respectively, as (K)RM is an interface function that should be solidly anchored in any organization’s structure or organizational capital. As already mentioned in Chap. 1 and shown throughout the book, research on KRM should be conducted in all types of organizations: private and public organizations, small and big companies, as well as start-ups and mature companies. We hope that the readers of this book agree with us on these issues.

Specific Awareness-raising

Location and composition of research teams

Level of analysis

Methodology

Topic General Operationalization of the term(s)

What are suitable research methods for studying KRM from different levels of analysis? What are the consequences of missing KRM at different levels (individual/group/organization/society)? What role does the culture play in carrying out KRM research projects? How and in what way can KRM research benefit from cross-cultural and interdisciplinary research teams?

Awareness about the need for managing different types of risks in How to disseminate the awareness about risks and their all types of organizations management among all organization members? How to develop a risk-aware mindset in different types of organizations? How to develop a risk-aware culture in different types of organizations? How to develop and execute KRM-related training programs? Who should be in charge of running these programs? (continued)

Research would benefit from a broader variety of researchers coming from different parts of the world Research team should also involve researchers from different countries and disciplines

Is the taxonomy by Durst and Zieba (2018) useful for addressing KRM in organizations? If not, what needs to be changed? What are the relationships between the different knowledge risks?

Researchers in the field should provide their understanding of KRM to demonstrate definitional rigor and thus make possible useful comparisons among studies More empirical research is required for testing and supporting the emerging theory Development/Test of frameworks/models/taxonomies by applying alternative and different research approaches (i.e. different designs, different/alternative data collection methods/different datasets) For example, Delphi rounds among actors from business, government and academia to understand the perception of KRM and its elements Multilevel perspective to uncover the underlying factors associated with the effective achievement of KRM

What are suitable research methods for studying KRM in different environments/over time? What are suitable units of analysis? How to combine these units of analysis in the best way?

Research questions

Suggestions

Table 1 List of KRM research avenues

Conclusions and Outlook 257

KRM and gamification

Use of gamification to enhance the effectiveness and efficiency of KRM in organizations

Structures Mechanisms Processes Decision-making KRM systems in organizations for digitalization/digital transformation

KRM and governance

KRM and digitalization/digital transformation

Cross-country perspective Cross-culture perspective Cross-sector perspective

KRM and culture

Suggestions Cross-country perspective Cross-culture perspective Cross-sector perspective KRM and leadership The strategic view of KRM in organizations Leadership approaches to KRM in different types of organizations/cultures/sectors

Topic KRM and performance

Table 1 (continued) Research questions How can we measure the performance of KRM in organizations? What measures might be useful and applicable? What are the trade-offs between KRM practices and performance? Are there different types of KRM strategies in organizations? If yes, what are they? Do/does the KRM strategies/strategy vary between different types of organizations/countries? How do different countries vary in their approaches to KRM? What corporate cultures are beneficial for the implementation of KRM? How to develop KRM-related cultures? How to update these KRM-related cultures continuously to meet changing environments? How and in what way can the KRM system be integrated into organizations governance framework? How to govern for present and future risks in the best possible way? What KRM systems support the digital transformation of organizations? What digital solutions/techniques support KRM, its effectiveness in particular? What supports/hampers the realization of these KRM systems? Can selected game mechanics be used to solve the issue of lacking motivation in KRM? Can selected game mechanisms be implemented in order to provide organizations with a clearly structured KRM process, allowing for revelation of tacit knowledge and its free exchange? Can selected game mechanics facilitate a setting in which cognitive biases are reduced? (continued)

258 S. Durst and T. Henschel

KRM communication (internally and externally)

KRM as an essential function to become a sustainable organization KRM as an essential function to address the opportunities and challenges related to sustainability

ISO Standards on risk management can help to integrate the knowledge risk management activities into a holistic risk management system for the entire organization

KRM and communication

KRM and sustainability

KRM and ISO Standards

Topic Suggestions KRM as an early warning system for skills shortage, KRM and Human skills at risk or need for reskilling/upskilling resource management (HRM)

Table 1 (continued) Research questions How to design a KRM solution that helps organizations address present and future skills needs? How to integrate KRM in an organization’s HRM in general and its activities regarding skills identification, skills development and skills retention in particular? Does succession planning/people replacement benefit from KRM? How to communicate about knowledge risks to the different stakeholders? What channels should be used? What communication elements work best for reaching the different stakeholders? Who should be in charge of KRM communication? How to align the different communication activities in organizations? Can KRM support organizations reaching the sustainability-related aims? Can KRM help in getting insights into the benefits of the organizations’ sustainability activities? Can KRM support organizations in complying with sustainability-related laws and regulations? How can the “high-level structure” from the new ISO standards support the integration of the KRM into the holistic risk management system?

Conclusions and Outlook 259

260

S. Durst and T. Henschel

Susanne Durst is Full Professor of Management at the Department of Business Administration at Tallinn University of Technology (Estonia). Her research interests include small business management, SME succession/transfers, knowledge (risk) management and corporate governance. She has been conducting several national and international research projects. Her work has been awarded different awards and has been published in international peer-reviewed journals. Before joining academia, she worked with private enterprises. Thomas Henschel is Professor in Management Accounting in the Business School, Hochschule für Technik und Wirtschaft Berlin. He has held visiting positions at universities in Sweden and the UK. His research and teaching are in the areas of cost accounting and corporate governance. His specific research interests are in the areas of risk management and crisis management in small- and medium-sized enterprises. He has published widely in academic journals and serves on the editorial board of the Journal of International Business and Economic Affairs.

Index

A Alternative lenders, 73

I Inter-Organizational Mentoring, 89, 101

B Bank, x, 49, 51, 53, 55–64, 70–76, 79, 81, 82, 120, 135, 136, 138, 151–153, 155 Blockchain, xi, 119–129 Bonds, 73

F Family firms, x, 69–75, 77–79, 81, 83 Financial covenants, 73, 74 Financing decisions, 70, 71, 73 Forgetting, 15, 56, 74, 75, 81, 243, 247, 249 Framework, vii, xi, 18, 55, 56, 62, 69, 70, 78, 83, 92, 93, 110, 121, 237, 238, 240, 248, 249, 258

K KIBS firms, 13–16, 20, 22, 24, 26–28 Knowledge attrition, 61, 64, 73, 80, 120, 242 Knowledge communication, 107–116 Knowledge hiding, 5, 15, 18, 49, 56, 61, 80, 81, 216, 243 Knowledge hoarding, 15, 49, 50, 61, 74, 81, 216, 219, 243 Knowledge leakage, 15, 49, 61, 62, 64, 76, 79, 120, 137, 242 Knowledge loss, 8, 15, 19, 20, 49, 61, 62, 64, 76, 77, 79, 120, 126, 137, 145, 218, 242–247, 249 Knowledge management, ix, 7, 17, 19, 26, 57, 58, 64, 90–93, 119, 126, 127, 138, 139, 141, 143, 186, 199, 201, 203, 207, 215–217, 219–222, 229–231, 234, 242, 243, 250 Knowledge outsourcing risks, 15 Knowledge risk, vii, x, 5, 13, 15, 50, 52, 55, 56, 83, 95, 140, 142, 151, 185–187, 189, 200–202, 216, 249, 259 Knowledge risk areas, 51 Knowledge risk management, 50, 187 Knowledge risks types, 51, 59 Knowledge spillover, 49, 50, 61, 62, 64, 120, 243, 245, 246, 249 Knowledge waste, 15, 18, 80, 216, 219, 243, 246, 249

G Governance, 75, 76, 80, 81, 222, 230, 231, 255, 258

M M&A, 76 Monolithic repositories, 96

H Healthcare, xi, 107–116, 120

O Open innovation, xi, 207–216, 218–223

C Communication policies, 81 Corporate finance, x, 69, 70, 72–77, 79, 80, 82 D Database, 16, 27, 72, 77, 126, 137, 244 Debt funds, 73 Debt markets, 73 Disruptive innovation, 119, 120, 124, 129 E Employee alumni, 89, 103 Employee suggestion scheme, 74 External experts, 75

© Springer Nature Switzerland AG 2020 S. Durst and T. Henschel (eds.), Knowledge Risk Management, Management for Professionals, https://doi.org/10.1007/978-3-030-35121-2

261

262

Index

Open-source, 125–127, 129 Organizational silos, 97

Risk monitoring, 6, 56, 189 Risk reporting, 7

P Professional amateur, 109

S Secondments, 73, 79, 80 Skillset profiles, 74 Smart contracts, 122 Syndicated loans, 73

R Refinancing, 72, 73, 77 Risk, vii, ix, x, xi, 3–8, 13–16, 19–22, 25–27, 42, 44, 49–53, 55–58, 60–65, 69–83, 89, 95, 99, 102, 107, 111, 115, 119, 120, 124, 126, 135–146, 150–155, 159-163, 167–181, 185–193, 195, 197–202, 207, 216, 218, 223, 229–233, 235–250, 255–257, 259 Risk amelioration, 100 Risk assessment, 6, 89, 138–140, 142, 145, 146, 151, 155, 185, 239, 240, 244–249 Risk evaluation, 154, 238–240 Risk identification, 7, 56, 63, 137, 238, 239, 244, 246 Risk management, vii, ix, x, xi, xii, 3, 5–8, 13, 14, 16, 50–53, 56, 58, 63, 69, 70, 83, 102, 124, 137–140, 151, 155, 159-163, 167–170, 172–174, 180, 181, 185–190, 200–202, 223, 231–233, 235–241, 244, 245, 247–250, 255, 256, 259

T Thyroid disease, xi, 107–109, 111–114 Training, 20, 22, 25, 49, 50, 52–54, 60, 62–64, 73, 75, 79, 80, 89, 97, 98, 126, 128, 152, 154, 188, 190, 195, 200, 202, 203, 208, 215, 217, 220, 222, 235, 236, 245, 246, 249, 257 Two-tier HRM structures, x, 49 Two-tier wage structures, 53, 65 U Uncertainty, 4, 90, 199, 208, 229, 230, 232, 242, 243 Unitranche, 73 Unlearning, 15, 64, 74