Corporate real estate enterprise risk management framework of business organisations / Noraliza Basrah

Enterprise risk management (ERM) has been recognized as the best practice for risk management worldwide. It is an integrated approach that manages all significant risks of the business organisations. This research study explores the possibility to enhance the ERM concept into protecting the organisational business continuity using the principles of corporate real estate management. It aims to establish the corporate real estate enterprise risk management framework (CREERM) that incorporates the corporate real estate strategies as a specialized tool for strategic risk management in organisations. The research objectives are to identify the encompassing elements of risk management and ERM in theory and practice, to develop and test the CREERM conceptual framework and finally, to refine and validate the proposed CREERM framework. The research strategy begins with the review and observations of the established risk management frameworks in theory and published research as well as the ones in business practice. This involves the quantitative and qualitative content analysis of the academic literature and the Malaysian Top 100 company (by market tVi capitalisation as at 28 June 2010) annual reports through a scoping study to determine the organisations’ risk management capabilities. Results showed that regardless of the organisations’ core business, among the key factors determining their rank position are the risk management skilled personnel and their risk management experience. The top three risk management capabilities that fall within the advanced level of maturity among these organisations are risk awareness and communication, risk management establishment and training for staff. Critically overlooked elements are their RM system, risk profile, BCM and RM strategies. Both the preliminary observation and scoping study guided the researcher in developing the conceptual framework. Testing of the conceptual CREERM framework was done through semistructured interviews on 61 organisations amongst the Top 100 companies. Results showed the importance of aligned CRE and business strategies is to achieve customer satisfaction, business RE requirements and location driven factors. Evidence for successful RM implementation in the 61 organisations indicated the top three RM elements as (1) RM shared responsibility, (2) Effective RM governance and (3) RM job specifications. The bottom three elements needing improvements are (i) recalibration of RM strategies, (ii) multiple risk perspectives and (iii) risk response strategies. The pattern of response during the testing of the framework portrays risk assessment strategies as the most important ERM component. Refinement and validation of the proposed CREERM framework were done through multiple-case study on another 12 selected organisations amongst the Top 100 Companies. The 12 organisations have verified the elements for RM process and risk mitigation strategies for the proposed framework to include crisis management, disaster recovery and business continuity plan besides risk avoidance, risk acceptance, risk reduction, risk sharing and risk transfer strategies. Finally, the 12 validating organisations have verified all the proposed CREERM framework elements consisting of the main principle (comprehensive framework), three core structures (integrated, focus and continuous) and five key thrusts (structured governance, defence mechanism, resilient risk culture, integrated risk management