The Management of Risk Dr Dr. Loona Shahin - Dr.

Ashraf AlHadidi 24/7/2017

The Management of Risk Institutional in the

Jordanian Insurance Companies - Reality
and Challenges
Dr. Loona Shahin Dr. Ashraf AlHadidi
Assistant Professor Assistant Professor
Al Balqa Applied University Arab Open University

Abstract
During the last decade and as a result of the 2008 global
financial crisis, Enterprise Risk Management (ERM) gained
more attention from the financial services sector
especially banks and insurance companies. In addition, many
companies had adopted practices dedicated to ERM and
consulting firms started to establish departments specialized
in ERM. Meanwhile, universities have developed specializations
related to ERM. Moreover, research centers embarked on
research on this subject matter.
This study aims to investigate the reality of enterprise risk
management in the Jordanian insurance industry in order to
reveal the challenges facing it by focusing on the four most
important dimensions related to enterprise risk management
which are: governance and risk management strategy, risk
culture, risk management operations and its interdependencies,
and finally the support technology for risk management.
The study is based on the descriptive inductive methodology in
building the questionnaire, which was distributed to a sample

Scientific Journal for Economic& Commerce 691

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

that consisted of most insurance companies in Jordan during the

period from December 2015 to February 2016.
The study found that risk management practices and regulatory
authorities have a long way to go, where the most important
results of this study were:
1. 28% of the insurance companies surveyed have a plan and a
budget for Information Technology (IT) risk management.
2. The support level of technology to the risk management in
the insurance companies surveyed is 30%.
3. 33% of the insurance companies surveyed have standard
practices in the enterprise risk management, such as: ISO
31000 and COSO standard.
4. 33% of the insurance companies surveyed currently have a
risk management system.
5. 37% of the insurance companies surveyed were a target of
electronic attacks over the past 18 months.
6. 47% of the insurance companies surveyed have a risk
management department that is responsible for adhering to
regulatory and legislative requirements set by the legislator.
7. 49% of the insurance companies surveyed, are evolving
universities, consulting firms and specialized training
centers, in developing and enhancing risk management
personnel.
8. 56% of the insurance companies surveyed are willing to
have a risk management program
9. 60% of the insurance companies surveyed have an
accredited policy of risk management
10. The level of the risk management operations and its
interdependence in the insurance companies is 64%
11. The level of the governance of risk management and its
strategy in the insurance companies is 69%

Scientific Journal for Economic& Commerce 692

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Based on these results and in order to begin to improve the

reality of risk management practices in the Jordanian insurance
companies, the researcher has the following recommendations:
1. Activating the role of risk management through the
establishment of specialized departments in this field.
2. Activating the role of the legislative and regulatory
authorities to play a bigger role in order to confirm the
existence of these departments and to improve procedures
and instructions provided by these actors in this area.
3. Increasing the role of academia represented by universities,
consulting firms and specialized training centers, to ensure
improving the efficiency of the staff of risk departments.
4. Encouraging the companies through the regulatory
authorities to adopt global standards in risk management,
such as: ISO 31000 COSO standards.
5. Encouraging the companies to have a plan and a budget for
the information technology risk management.
6. Directing companies to have accredited policies in risk
management.
7. Drawing the attention of the companies to the importance of
technology information in the risk management systems and
the confidentiality of their information.
8. Drawing the attention of companies to raise the level of
management in the governance and risk management
strategies in the insurance companies.
9. Inducing to increase the level of risk management operations
and its interdependencies among insurance companies.
10. Drawing the attention of researchers and academia to the
importance of research and scientific studies in this area to
demonstrate its importance to the Jordanian insurance
companies, to increase the desire and willing of the

Scientific Journal for Economic& Commerce 693

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

insurance companies to adopt risk management programs, at

present time and in the future.
Introduction
During the past decade, especially since the 2008 financial
crisis, there had been increasing interest in risk management in
large and small companies, including Jordanian insurance
companies, which are the subject of this research.
It seems that most of the impact of the 2008 crisis on Jordanian
insurers had been due to the lack of interest in the risk
management. This has put companies under a considerable
pressure to improve their risk management practices in order to
reduce the risks they face.
Regulatory bodies have played a prominent role in increasing
this pressure. The professional associations, stock exchanges,
international standards organizations and consultants have
issued new rules and requirements for risk management. In
addition, the credit rating agencies such as Standard & Poor's
have started evaluating corporate risk management practices as
part of their credit rating. After this interest and increased
demand, the idea of corporate risk management has become
very important.
The corporate risk management approach differs from the
traditional meaning of the risk management, because this
approach makes an integrated view of risk from the company's
entire perspective, called enterprise risk management (ERM)
(Connair & Stephen, 2013).
ERM is a framework that views risk as a focal point in business
activities, as it enables the company to make decisions based on
the degree of risk and manage the expected returns through risk
identification.

Scientific Journal for Economic& Commerce 694

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

In fact, determining the overall form of risk management and

governance in any business would provide the basis for an
enterprise risk management strategy.
So as that this process is effective, the ERM should be designed
in line with the company's culture and strategy in the insurance
sector. It is important that this design responds to the guidance
and requirements of the local regulators, which are in turn
undergoing continuous development.
The Arab insurance industry in general, is passing in an
interesting stage. Despite the challenges facing the Jordanian
insurance market, this sector continues to grow,
depending on the government spending on infrastructure and
development projects, and the compulsory insurance such as
auto insurance and medical insurance.
At a time when the Arab insurance markets witness a
remarkable development in performance and competencies,
because the legislation of the regulatory bodies in some Arab
countries such as Jordan had witnessed a remarkable
development recently. In response to these changes, the subject
of "risk management" ranked high on the agenda of executives
of Arab and Jordanian insurance companies in particular, and
became increasingly important and part of the daily activities of
these companies.
Because of this, the study was conducted, which researchers
expect to be of great benefit to Jordan's insurance industry.

Problem of the study

Over the past decade, the failure in risk management practices
have become more clear, and institutional risk management has
come to light after the recent financial crisis (2008).
Accordingly, this research will strive to uncover the reality and
challenges of corporate risk management in Jordanian insurance

Scientific Journal for Economic& Commerce 695

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

companies by looking at four main themes: risk management

governance and strategy, risk management culture, risk
management and risk management processes and risk
management support technology.

The hypotheses of the study

1. There are no statistically significant differences between the
level of risk management governance and strategy in the
Jordanian insurance companies and the imposed level (70%)
at the level of significance α≤0.05from the point of view of
the participants
2. There are no statistically significant differences between the
level of risk management culture in the Jordanian insurance
companies and the level imposed (70%) at the level of
significance α≤0.05 (from the point view of the participants
3. There are no statistically significant differences between the
level of risk management operations and their correlation in
the Jordanian insurance companies and the level imposed
(70%) at the level of significance α≤0.05 (from the point of
view of the participants
4. There are no statistically significant differences between the
level of support technology for risk management in the
Jordanian insurance companies and the imposed level (70%)
at the level of significance α≤0.05 (from the point of view of
participants.
5. There are no statistically significant differences between the
level of risk management in general in the Jordanian
insurance companies and the level imposed (70%) at the
level of significance α≤0.05 (from the participants' point of
view

Scientific Journal for Economic& Commerce 696

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

6. There were no statistically significant differences in the

responses of the participants at the level of significance
α≤0.05 (due to demographic variables such as sex and age).

Objective & importance of the study

The main objective of the study is to uncover institutional risk
management practices in the insurance sector in Jordan.
Despite the lack of studies on the same subject, and the
researchers' experience in this area, researchers are of great
importance in disclosing the level of institutional risk
management practices in the insurance sector in Jordan. The
importance of this research lies in its knowledge of the
institutional risk management practices, especially in Jordan. In
addition, the results of this study will help Jordanian insurers
identify the strengths and weaknesses of their policies and
strategies and the level of corporate risk management in their
companies or Jordanian insurance companies as a whole.

The theoretical framework of the study

From the traditional risk management to enterprise
risk management

Definition of risk:
Risk is defined as a combination of the probability of a
particular event and the consequences of the event.
There is a potential for a particular opportunity or benefit as a
result of risk or threat to success (Peter Berg, 2010). The risk is
inherent in all of the company's activities. However, the
development of risk management enables the company to
manage these risks.

Scientific Journal for Economic& Commerce 697

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

The types of risks:

Researchers classify risk into several classifications, and
Thomson (2012) explained that any business is exposed to a
variety of different types of risks. These types of risks can be
classified into the following categories:
 Economic and non-economic risks:
• Economic risks that can lead to financial losses.
• Non-economic risks such as personal risks that can lead
to health losses.
 Pure Risk and speculation Risk:
• Pure risk is the risk of losing without any chance of
making gains (example: bad weather or fire).
• Speculative risks where the opportunity is either for gain
or loss, such as investing in the stock market.
 Controllable and uncontrollable risks:
• There are risks that can be controlled such as risks that
can be less likely to occur, such as protection against
theft by improving the standards of security systems.
• Uncontrollable risks that cannot be less likely to occur,
such as storms and earthquakes.
 Unsecured risks and non-insurmountable risks:
• Unsecured risks are those that are in line with the
standards and specifications of the insurance policy, such
as the qualifying criteria and the insurance interest.
• Uninsured risks which the company of insurance cannot
calculate the probability of occurrence of the risk, it
cannot calculate the premium. For example, you cannot
obtain a lock against the possibility of your business
failing.

Scientific Journal for Economic& Commerce 698

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Risk Management:
Risk management is to work to get on the right balance between
exploiting opportunities to gain and minimize losses (Abdul
Rasid, Golshan, Ismail & Ahmad 2012). As this definition
suggests, a risk management is an integral part of good
management practices and is an essential element of corporate
governance. Risk management is a frequent and ongoing process
and when working, it is a good decision-making process as well
as performance. This process includes identifying, analyzing,
evaluating, addressing, and communicating risk. This process
enables organizations to maximize gains and minimize losses
(COSO, 2004).
The primary objective of risk management is to increase and
protect shareholders' equity (Pagach & Warr 2011).
Traditionally, when one talks about risk management, insurance
or internal auditing comes to mind. As the focus was always on
the downside of exposure to risk, and the function of the risk
specialist was only to minimize the negative impact. However,
in recent years, the concept of institutional risk management has
emerged with emphasis on both positive and negative aspects of
Enterprise Risk

Management (ERM):
Enterprise Risk Management is sometimes referred to as
"business risk management", or a "strategic risk management",
or “comprehensive risk management" or "integrated risk

Scientific Journal for Economic& Commerce 699

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

management" or "corporate risk management” of the company,

which is the new alternative to traditional risk management
based on separate business unit risk management (D'Arcy,
2001). The main difference between corporate risk management
and traditional risk management based on the risk management
of each department is that firms can enhance value and return
for stakeholders by mitigating risk when working within the
corporate risk management framework (Daud, Yazid & Hussin,
2010). ). isk (Epetimehin, 2013).
There are several definitions of Enterprise Risk Management
(ERM), including "the process of identifying and analyzing risks
from an integrated and enterprise-wide perspective" (Chapman
(2010)
It is also an essential element of modern business management
(Azizan & Samad 2011).
The concentration of risk management from operational risks
and financial risks has shifted to a much more strategic vision of
opportunities and threats. Enterprise risk management is a strong
and dynamic framework for risk management.
In short, ERM includes the methods and processes used by
organizations to manage risks and seize opportunities to achieve
their objectives. In fact, ERM addresses the needs of various
stakeholders, who wish to find a wide range of risks facing the
organization to ensure that the organization is properly
managed.

Importance of ERM practices:

Specialized professional bodies such as the Association of
Actuaries have identified five factors which will force
companies to practice corporate risk management:

Scientific Journal for Economic& Commerce 700

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Factor 1: The first factor relates to the complex risks faced by

the company as companies not only face the four basic types of
risk such as disaster risk, financial risk, operational risk and
strategic risk, but there are other risks such as the risks of
advanced technology and accelerating the pace of work and
globalization and increasing the financial complexities and risks
of terrorist activities. However, these risks do not occur on their
own, but they may produce complex risks by combining two or
more of these risks (eg, globalization and advanced technology).

Factor 2: External pressures by regulators, regulators, credit

rating agencies, stock exchanges and investors, as well as
corporate governance bodies.

Factor 3: Increasing orientation to integrate risks that were

managed at the business unit level.

Factor 4: The danger needs to be measured quantitatively

even if it is impossible. By measuring risk, management is able
to estimate the risk or dependency level of a particular risk to
other risks, which affects the efficiency of the decision-making
process (Casualty Actuarial Society, 2003).
Factor 5: The last factor relates to the risks that can be treated
as an opportunity for profit. In the past, emerging risks were
addressed in a defensive manner in order to minimize or avoid
them. Now, risk should be viewed as a potential source of value
creation or profit.
As a result of the previous mitigation experience, companies
must develop the skills needed to manage these risks. In fact,
there are four main reasons why businesses in the United States
practice (KPMG International, 2006):

Scientific Journal for Economic& Commerce 701

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

 Companies' desire to reduce potential financial losses (68%).

 Companies' desire to improve performance (64%).
 Compliance with legislative requirements (58%).
 Companies desire to increase their liability for risk (53%).

Management Risk framework in the company:

Risk is inherent in the business activities of any company and is
linked to strategic decisions and capital. The company aims
through the management of risk to accomplish the company's
business and financial strategy without exceeding the limit of
risk tolerance and through Sunday account of internal
constraints (solvency and liquidity) and external constraints set
by regulators and other stakeholders.

The Company's risk management objective is to provide:

 Clearly defined and well documented risk management
strategy that:
Identifies the company's risk management objectives, key
risk management principles, overall risk appetite and risk
responsibility allocation across all company activities
 Is consistent with the company's overall business strategy.
 Adequate written policies:
- Includes definition and classification of the Company's
tangible risks, according to type, and acceptable risk
limits for each risk type.
- Implement risk strategy in the company
- Facilitate oversight mechanisms
- Consider the nature, scope and duration of investment in
the business and the risks associated with it.
The company's risk management framework is an integral part
of business and fully interacts with strategic planning, business
and capital management process.
Scientific Journal for Economic& Commerce 702
The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

As part of the risk framework, risk management is an integral

part of the company's strategic and operational processes, either
as an independent risk management framework or as an input to
major strategic and business operations.
The risk management framework defines the company's
strategy, through which it manages risks, taking into account its
business objectives and vision, as well as the overall risk desire.
In this way, the risk strategy defines the principles of risk
management, which in turn encourages the formation of
business functions and committees, assigning roles and
responsibilities and defining reporting lines.
Main risk
Main risk categories
The company defines the main risk categories to classify risk
events in meaningful groups. Risk categories are in line with
regulatory requirements, and with risk profile and activities in
the company, these categories are:
 Insurance risk (underwriting risk and risk allocation).
 Credit risk
 Operational risks (including legal risks and compliance(
 Market / investment risk
 Liquidity risk
 Concentration risk
 Retention risk
 Strategic risks
 Reputation risk.
The risk categories in the company are divided into more sub-
categories of risk in a precise and specific manner and exclude
each other. These sub-categories are used to identify and assess
existing risks and exposures as part of the risk management
process and are recorded in the company's risk profile. The

Scientific Journal for Economic& Commerce 703

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

aggregation of risk exposure in the above categories creates a

risk profile for the company.

Risk categories definition

Companies had identified the main categories of risks arising
from its operations as follows:
- Insurance risk (arising from subscription and retention
risk): Underwriting risk is the risk that its losses are higher
than expected. This can be the result of several factors such
as inadequate pricing assumptions, insufficient subscription
criteria, etc.
- Credit risk: This is defined as the "risk of loss, or
negative change in the financial position resulting from
fluctuations in the credit position of issuers of securities,
lenders and any debtors that may be exposed to
insurance companies, in the form of risk of borrower
default, market.
- Operational risk: "Risk of loss resulting from inadequate
or failed internal processes, personnel or systems, or
external events" that includes legal risk and compliance,
which can be defined as the risk of loss resulting from
non-compliance with applicable laws, regulations,
contracts and practices rules of conduct, but excludes
strategic risks and reputation.
- Market/ investment risks: This is the "risk of loss, or a
negative change in the financial position, which results
directly or indirectly from market fluctuations as well as
market volatility of assets, liabilities and financial
instruments’.
- Liquidity risk: The risk that the Company is unable to
liquidate investments and other assets to settle its
financial liabilities as they fall due.

Scientific Journal for Economic& Commerce 704

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

- Concentration risk: This is caused when all exposures

(resulting from credit risk, market risk, etc.) have the
potential to be impaired enough to threaten the solvency
or financial position of the Company.
- Retention risk is the risk of loss, or a negative change in
the value of insurance contract liabilities arising from
fluctuations in timing, frequency and severity of events
at the insured, timing and amount of claims settlements.
- Strategic risk: the risk of the current or potential impact
on profits or capital resulting from negative business
decisions or inappropriate implementation of decisions,
or inability to respond to changes in the area of work.
- Reputation risk: the risk of potential losses through the
deterioration of the company's reputation or because of
the negative perception of the image of the company
between customers, business partners, shareholders or
supervisory authorities and other stakeholders.

Risk management process

It is an ongoing process that should be used to implement the
company's overall strategy and should allow for a proper
understanding of the nature and importance of the risks to which
it is exposed, including sensitivity to and mitigation of risks.
Risk management consists of several stages at different levels
within the business:
Risk assessment: the risk assessment is defined by ISO /
IEC Guide 73 as all risk analysis and evaluation procedures
Risk analysis includes:
- Identifying risks: the definition of risk is intended to
determine the exposure of the company to uncertainty. This
requires a thorough understanding of the institution and the
market in which it participates, and the legal, social, political
Scientific Journal for Economic& Commerce 705
 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

and cultural environment within which it is located. This

requires a proper understanding of the organization's
strategic and operational goals, including vital factors to
ensure the success of the institution and the opportunities
and threats associated with achieving those objectives. The
risk identification process must be carried out in a systematic
manner to ensure that all significant activities of the
institution are defined and all risks arising from such
activities are identified. Changes associated with these
activities should also be identified and classified according
to their importance.

- Risk description: The hazard description aims to present

the hazards that are defined in a systematic manner, for
example, using a table. A separate risk description table can
be used to facilitate risk identification and screening. The
use of a well-designed method is necessary to ensure
procedures for the definition, description and examination of
risks in a comprehensive manner. Taking into account the
results and prospects of each risk included in the table, it is
possible to prioritize the main hazards that need to be
analyzed in more detail. Risks identified and associated with
activities and decision- making can be classified as strategic,
project / tactical and operational. It is necessary to integrate
risk management into the project visualization phase and
during the implementation phases of a particular project.

- Risk estimated: Risk can be estimated in a quantitative,

semi-quantitative or qualitative manner in terms of
probability of verification and potential results. For example,
results in terms of threats or chances of success may be high,
medium or low, and the possibilities may be high, medium

Scientific Journal for Economic& Commerce 706

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

or low, but require different definitions in terms of threats

and chances of success. Different institutions will find
different measurement methods for the results and the
appropriate probability for their needs. For example, many
institutions find that the assessment of results and
probabilities as high, medium or low is sufficient for their
needs and can be represented by a 3 × 3 matrix. While other
institutions may find that evaluating the results and
probabilities using a 5 × 5 matrix gives them the best
assessment.

- Methods and techniques of risk analysis: A

number of techniques can be used to analyze hazards. Some
are for opportunities or threats or are capable of dealing with
both Risk characteristics: The results of the risk analysis
process can be used to prepare a description of the risk
characteristics, which will in turn give a classification
according to the relative importance of each risk and provide
a tool to prioritize the risk management efforts. This will
arrange for each risk identified to give a picture of its
relative importance.

- Risk ranking: When the risk analysis process is

completed, it is necessary to make a comparison between
risk assessment and hazard measures prepared by the
company. The risk scale may include related returns and
costs, legal requirements, social, economic and
environmental factors, stakeholder concerns, etc. Therefore,
risk ranking is used to make decisions about risks of
importance to the company and whether the risk must be
accepted or addressed.

Scientific Journal for Economic& Commerce 707

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

- Risk reporting and communication: Different levels

within the organization require a variety of information
about the risk management process, from the level of the
board of directors, work units and individuals.

- Risk management: Risk management is the process of

selecting and implementing procedures for change in risk.
Risk management, as one of its most important elements,
includes risk reduction / control, and extends further to, for
example, risk avoidance, risk financing, etc.

- Monitoring and reviewing risk management

processes: Effective risk management requires a reporting
and auditing system to ensure effective risk identification ,
examination and appropriate risk control measures have
been taken. Periodic policy review and compliance levels
must be conducted and performance criteria reviewed to
identify development opportunities. It should be
remembered that companies are dynamic and operate in a
dynamic and changing environment. Therefore, changes in
companies and the environment in which they operate must
be identified and adequate system adjustments made.

- Follow-up: risk management processes are linked to an

integrated set of tools and techniques that are used at
different stages of the activity. To work effectively, risk
management requires:
o Commitment of the CEO and top management
o Distribution of responsibilities
o Allocation of appropriate resources to train and
develop awareness of all stakeholders

Scientific Journal for Economic& Commerce 708

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Dimensions of the study

Risk Management Governance and Strategy

The soundness and health of financial institutions depend on
the effectiveness of risk control functions and internal control.
Over the past decade, risk management practices and practices
in the industry have developed dramatically, with increased
attention and sophistication of systems and practices in financial
institutions in risk management.
Despite this progress, there is still room for further improvement
of internal risk management practices that support the sound risk
management framework. This includes closer integration within
financial institutions in terms of policies, processes and
structures to support risk decision-making as well as corporate
governance.
Risk management governance focuses on the application of
corporate governance principles to assess risk management to
ensure that risk operations are in line with the institution's ability
to absorb losses and their long-term viability. They are
particularly concerned with the role of the board of directors,
senior management and risk management in risk management,
as well as the processes through which risk information is
collected, analyzed and communicated to provide a sound basis
for management decisions. It is also concerned with the impact
of the organizational structure in the company and related to risk
behaviors as well as risk perceptions in the institution.
As a result of increased regulatory requirements by legislators
the interest in the subject of supervision of risk management has
become prominently featured on the agenda of insurance
company boards. However, much work still needs to be done by
these companies. For example, 33% of respondents do not have
a risk management department.
Scientific Journal for Economic& Commerce 709
The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

The risk management strategy provides a systematic and

consistent approach to identifying, evaluating and managing
risks. They are built in processes and are reviewed based on new
developments or actions taken regularly. Risk management
strategy can be developed and implemented by even the smallest
companies or projects or even in the strategies of large and
multinational companies.

The culture of risk:

It is a term describes values, beliefs, knowledge, attitudes and
understanding about a common danger by a group of persons
with a common purpose, in particular employees of the
enterprise. It can be in pricing, can be in the calculation of
reserves and may be underwriting (IRM - Risk Culture).
The implementation of risk management in the enterprise cannot
be achieved overnight. It is a process that requires time, effort
and a lot of commitment. It is recognized by most respondents
that educating employees about risk management is a main
factor in establishing a risk-conscious culture in their
institutions. There are many challenges to incorporate a risk
culture in the company.

Risk management and interrelated processes:

Risk management is an ongoing process that should be used to
implement the company's overall strategy and should allow for a
proper understanding of the nature and importance of the risks
to which it is exposed, including sensitivity to and mitigation of
risks.
Integrated risk management addresses risks across a variety of
levels in the organization, including strategy and tactics, which
include both opportunities and threats. The effective
implementation of corporate risk management and
Scientific Journal for Economic& Commerce 710
The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

interoperability will result in a number of benefits that will be

positively reflected on the organization. These include:
• Identify risks at the strategic level which can have a
significant impact on the overall construction of the
company and can be managed proactively.
• Proactively manage opportunities as part of business
operations, both strategically and tactically.
• Provide useful information to decision-makers when the
environment is surrounded by uncertainty to support best
decisions at all levels.
• Create an area of uncertainty management in advance with a
planned response to known risks, thereby enhancing
efficiency and effectiveness, and reducing lost time as well
as effort.
• Reduces threats and increases profit opportunities and
increases the likelihood of achieving strategic and tactical
objectives.
• Allowing the acceptance of an appropriate level of risk to be
taken by the company with full awareness of the degree of
uncertainty and potential impact on the objectives, and open
the way to achieving increased rewards that are associated
with risk.
• Developing risk culture within the organization, recognizing
that risks exist at all levels within the company, but these
risks should be managed proactively in order to achieve the
desired benefits.

Supporting technology for risk management

With the evolution of enterprise risk management in the last
decade, this development has to be accompanied by further
development of systems for risk management. Without this

Scientific Journal for Economic& Commerce 711

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

technology, risk managers' job is limited to recording risk data

from past loss data.
Although the cost of developing robust corporate risk
management information systems is financially high, the benefit
will go beyond direct and tangible costs. Hopkin. (2012).
The Company's investment in the introduction and maintenance
of a risk management information system is indicative of the
Company's effort and commitment to ensure effective and
efficient risk management.
Many companies have not made much progress in building risk
management systems, and nearly two-thirds of respondents rely
on manual documents and tables. data.
In the world of technology, insurance companies are struggling
with the challenges of ensuring access to quality data. This is
due to the lack of prior experience in risk management in a
technology friendly environment and to the problem of
integrating the risk system with the basic insurance system.

Previous studies:
Many studies have addressed the reality of institutional risk
management in insurance companies, but these studies have
been limited to one or two countries. The most recent of these
studies are:
Ernst Young and Munich Re, (2015)
A survey conducted in the field, which found that the spread of
the insurance industry in the boom was in light of the growth of
the market, especially spending on government-supported
infrastructure and development projects and large-scale
compulsory insurance (cars and medical). It also found that
markets are moving towards greater maturity, which has led to
major shifts in the regulatory landscape recently, which in turn
has resulted from the growing role of regulatory bodies in Saudi

Scientific Journal for Economic& Commerce 712

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Arabia and the United Arab Emirates. As a result of the

changing market and the role of regulatory and regulatory
bodies, the interest in corporate risk management has grown and
the agenda of executives in the Middle East has become
increasingly important.
This study included a study of the status of institutional risk
management in the insurance market. The survey was designed
to cover the risk management cycle including risk type, risk
strategy, risk management process and integration with other
business activities. This study concluded that there is a
significant difference in risk management practices within the
insurance companies and that risk management remains a major
challenge for many insurance companies. Even though some
insurance companies have already established private
administrations.

Muzaffar Mansour (2016)

This study focused on the insurance market in the State of
Palestine, which aimed to develop an integrated model to
address the deficiencies in the Palestinian insurance sector
which was carried out through the following axes?
• Studying the risk management practices in the Palestinian
insurance companies.
• Main risk analysis facing insurance companies.
• Finally, raise awareness about risk management and its
importance.

The study found the following results:

• Evaluation of risk management practices in Palestinian
insurance companies

Scientific Journal for Economic& Commerce 713

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

• Identification of main deficiencies in the implementation of

risk management plans.
• Building an integrated model to address deficiencies in the
Palestinian insurance sector

Layal Mahmoud Kamak (2016)

This study is specialized in the Lebanese insurance market. The
study found that risk management in institutions is increasing
with the increasing attention of regulators and as a result of the
global financial crisis in 2008. Many large and medium
companies have practiced corporate risk management.
Specialized risk management in institutions. The universities
have also developed special courses and training programs
in2008. Many large and medium companies have practiced
corporate risk management. Specialized risk management in
institutions. The universities have also developed special
courses and training programs in enterprise risk management.
The researcher studied risk management practices in Lebanese
institutions through the themes (culture of risk management,
control, risk management and emerging risks), which was used
as a research tool to collect data on these axes.
The study concluded that risk management practices in the
institution are not sufficient. It also concluded that risk
management practitioners in the Lebanese insurance industry
were not properly qualified. And insurance companies have
measures and perceptions to manage emerging risks that may
affect the company's financial position, reputation or
competitive position.
The researcher recommended that there should be a qualitative
shift in the approach of the Lebanese insurance companies to
risk management. The first is to strengthen the risk management
culture through intensive staff training and participate in

Scientific Journal for Economic& Commerce 714

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

seminars to raise awareness of ERM. Insurers should integrate

risk management into their corporate objectives, philosophy,
practices and strategic plans.

The methodology of the research:

The descriptive method was used to construct the questionnaire
(Annex 3), which was distributed to collect the research data. A
total of 259 questionnaires were distributed to the Jordanian
insurance companies based on the level and performance of the
companies by sending the questionnaire to a different number of
employees of Jordanian insurance companies.

Design of the survey questionnaire:

The survey was divided into two sections:
The first section is meant to collect constant information about
the participants in the questionnaire, namely age, gender,
scientific qualification and the number of employees in the risk
management department in their companies, if any, and the
number of years of experience
Section two has been divided into four categories as follows:
- Risk management and strategy includes 13 points
- Risk management culture includes 7 points
- Risk management processes and its interdependencies
comprising 6 points
- Risk management and supporting technology includes only
two sections
In order to achieve the objectives of this study and to test its
hypotheses, the five-digit Lycarte was used to answer all the
paragraphs of the second section, which includes four axes of 28
paragraphs. The answers were limited to the following grades:
Strongly Agree, Agree, Neutral, Disagree and Strongly Agree, 1,
2, 3,4,5 respectively while relative weights were given

Scientific Journal for Economic& Commerce 715

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

respectively 100%, 80%, 60%, 40% and 20%. As shown in

Table (1).
Table 1
Table 1: Grading, symbols and relative weights of responses
Strongly Strongly
grade Agree Neutral Disagree
Agree disagree
code 1 2 3 4 5
Relative
%100 %80 %60 %40 %20
weight
(Based on the (Nunnally (1978) model, we used the 3.5 or the
relative weight of 5/3.5/ = 70% to accept or reject any
hypotheses).
Society and Study Sample:
The sample community represents 26 insurance companies
operating in Jordan. In order to select the sample, the following
criteria were adopted in the distribution and collection of
samples by reference to the financial statements of insurance

Society and Study Sample:

The sample community represents 26 insurance companies
operating in Jordan. In order to select the sample, the following
criteria were adopted in the distribution and collection of
samples by reference to the financial statements of insurance
companies registered in the financial markets or official
websites of companies. Of these criteria: number of employees,
customers, branches, capital size. The following table shows the
companies and the number of questionnaires distributed and
retrieved from them. Annex (4) shows that the companies
participating in the study sample. The researchers examined all
the questionnaires, which were excluded from 12 questionnaires,
for reasons such as choosing more than one answer to some

Scientific Journal for Economic& Commerce 716

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

questions, and not answering some questions. Thus, * 259 /(247

.%95.3=%100 were analyzed.
The results of the study:
First, we must verify the reliability and consistency of the data
collected in terms of sincerity and reliability.
The degree of honesty is a statement of the ability of the
questions to measure what was set for it. The questionnaire was
presented to a group of arbitrators who are specialized in
Jordanian universities in order to judge the extent to which the
paragraphs belong to the areas identified and the validity of the
paragraphs. As for the degree of stability, this was done by
counting the Alpha Kronbach coefficient as shown in Table (2)
where it was found that the Alpha Cronbach coefficient for all
the axes separately and for all the axes together was high,
ranging from 0.739 to 0.972), which is relatively high,
confirming data stability and validity for analyzing results and
testing hypotheses.

Table (2)
Alpha Cronbach coefficient
Axis Number of Alpha Cronbach
sections coefficient
Axis 1: Risk Management 13 848
Governance and Strategy
Axis 2: Risk Culture 7 746
Axis 3: Risk management
processes and their 6 749
interdependence
Axis 4: Supporting technology 2 724
for risk management
All axes 28 864

Scientific Journal for Economic& Commerce 717

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

The description of the study sample:

The sample included 106 males (42.9% males) and 141 females
(75.1%). As for the academic qualification, the sample included
195 or 78.9% of the bachelor's degree or less, 52 or 21.1% of the
holders of higher degrees, indicating that the sample includes a
high proportion of specialists, which ensures the existence of
scientific competencies familiar with the sense of questions and
how to answer them, Thing which may explain the existence of
high risk culture among the sample. As for the number of years
of experience, they were mostly in favor of the category 5-10
years. The groups were less than 5 years, 5-10 years, 10-15
years, 15 years and above, 19.4%, 52.2%, 13% and 15.4%. %
Respectively, where the category 4-10 years was the highest.
For the post, the posts of employee, supervisor, director and
senior positions accounted for 54.7%, 19.8%, 15.4% and 10.1%,
respectively. As for the number of employees in the Risk
Management Department, the data showed that 42.1% of the
participating companies did not have any risk management staff
in their companies, while 56.7% of them had 1-5 employees
while 1.2% had more employees Of 10 employees. As for age,
the data revealed that the 25 and lower categories, 25-35, 35-45,
45-55 and55 and above were 6.5%, 46.6%, 30%, 11.3% and
5.7%, respectively, where the largest share of construction
Between 25-35 years, as shown in Appendix 1 for sample
details.
Answering description of the study sample
The analysis showed that the response rates for the first, second,
third, fourth and all axes were respectively 3.4690, 4.3852,
3.2308, 1.5223, 3.1518. The standard deviations were close to
all axes, where the first, second, third, fourth and all axes were
50939. 54666. 58786. 51256. 34200 respectively. Table (3)
illustrates this.

Scientific Journal for Economic& Commerce 718

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Scientific Journal for Economic& Commerce 719

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Scientific Journal for Economic& Commerce 720

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Scientific Journal for Economic& Commerce 721

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Scientific Journal for Economic& Commerce 722

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Scientific Journal for Economic& Commerce 723

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Scientific Journal for Economic& Commerce 724

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Table (3) Average responses of all axes

Intermedi
Average Average Average Average
ate All
Axis I Axis II Axis III Medium
axes
Medium Medium Medium Axis IV

The
arithmeti 3.4690 4.3852 3.2308 1.5223 3.1518
c mean
The
linear .50939 .54666 .58786 .51256 .34200
deviation

Strongly Strongly
grade Agree Neutral Neutral
Agree Disagree

Relative
69.38% 87.704% 64.616% 30.446% 63.036%
weight

The analysis of the test results

Test the study hypotheses
In order to test the hypotheses of the study, it must first be
ascertained that the average axes are distributed naturally. The
analysis showed, as shown in the table below, that the rates of
axons separately, including the rate of axes together, follow the
natural distribution, since the value of SIG was greater than the
level of 0.00% when the level of 95% confidence As shown in
table 4, which means that a T test can be performed on all axes.
Table 4

Scientific Journal for Economic& Commerce 725

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Table (4): 1-Sample K-S T - Test of Kologromsmanov

Risk
Risk
Managem Supporting
management Average
ent Risks technology for
Axis and of all
Governan culture risk
interrelated axes
ce and management
processes
Strategy
Averag
3.4690 4.3852 3.2308 1.5223 3.1518
e
Standa
rd
.50939 .54666 .58786 .51256 .34200
deviati
on
Z
.345 .431 .306 .247 .260
value
Asymp
.Sig.
.09 .076 .077 .065 .110
(2-
tailed)

On other hand, all relative weights of all axes are calculated as

in Table (5 ) below.

Scientific Journal for Economic& Commerce 726

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Table (5)
Relative weights of all axes
Mean
Number of Standard Relative
Axis arithmeti Degree
paragraphs deviation weight
c
Risk
Manage
ment
13 3.4690 .50939 Agree 69.38%
Governa
nce and
Strategy
Risk
manage Strongly
7 4.3852 .54666 87.704%
ment agree
culture
Risk
manage
ment
processe
6 3.2308 .58786 Neutral 64.616%
s and
their
interdepe
ndence
Technol
ogy
support Strongly
2 1.5223 .51256 30.446%
for risk disagree
manage
ment
Average
of all 3.1518 .34200 Neutral 63.036%
axes

First hypothesis test: There are no statistically significant

differences between the level of risk management governance
and its strategy in the Jordanian insurance companies and the
imposed level (70%) at the level of significance (α≤0.05() from
Scientific Journal for Economic& Commerce 727
 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

the point of view of the participants. Table (5) shows that the
average for all paragraphs of the first axis was 3.4690 and a
relative weight of 69.38%. This means that the risk management
governance and strategy did not reach the required level,
meaning that the companies did not achieve the required level of
risk management governance and strategy.
When testing one sample T-Test as in Table 6, the test shows
that. P = .340t (246) = -956, which means rejecting the zero
hypothesis that there are no statistically significant differences
between the sample and the required level, which means "the
level of risk management governance and strategy is close to the
level imposed from the point of view of the participants.

Table 6
One sample T-Test Of the risk management governance
framework and strategy.
95% Confidence
Interval of the
Difference Mean Sig. (2-
Axis df t
Difference tailed)

Upper Lower

Risk
Management
.0329 -.0948 -.03099 .340 246 -.956
Governance and
Strategy

Second Hypothesis test: There are no statistically significant

differences between the level of risk management culture in
Jordanian insurance companies and the level imposed (70%) at the
level of significance α≤0.05 (from the participants' point of view).

Scientific Journal for Economic& Commerce 728

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Table (5) shows that the average for all sections of the second axis
was 4.3852 with a relative weight of 87.704%. This means that the
level of the risk management culture is better than the required
level from the participants' point of view.
In the sample T-Test, as shown in Table (7) below, p = 0.00, t
(246), 25.449 means that there are statistically significant
differences from the required level, which is 0.88519. Therefore,
the null hypothesis was rejected, which means that the level of risk
management culture is better than the level originally imposed.

Table 7
One sample T-Test - Of the risk culture
95% Confidence
Interval of the Mean
Axis Sig. (2-tailed) df t
Difference Difference

Upper Lower
Risk
.9537 .8167 .88519 .000 246 25.449
culture

The test of third Hypothesis: There are no statistically

significant differences between the level of risk management
processes and their correlation in the Jordanian insurance
companies and the level imposed (70%) at the level of
significance α≤0.05 (from the point of view of the participants).
Table (5) shows that the average for all three axes of the third
axis was 3.2308 with a relative weight of 64.616%. This means
that the level of risk management processes and their
interdependence are below the required level from the
participants' point of view.
When testing one sample T-Test as shown in Table (8) below, it
was found that p = 0.00 t (246), -7.198, which means rejecting

Scientific Journal for Economic& Commerce 729

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

the null hypothesis. As it is clear, the arithmetic average of the

sample is lower than that which is supposed to be -2.6923. The
zero hypotheses were therefore rejected, which meant that the
level of risk management culture was below the required level
from the participants' point of view.
Table 8
One sample T-Test of the Risk management and
interrelated processes

axis
95% Confidence
Interval of the Sig.
Difference Mean
(2- df t
Difference
tailed)
Upper Lower

Risk
mana
geme
nt and
interr -.1956 -.3429 -.26923 .000 246 -7.198
elated
proce
sses

The test of fourth Hypothesis:

There are no statistically significant differences between the
level of support technology for risk management in the
Jordanian insurance companies and the imposed level (70%) at
the level of significance (α≤0.05) from the point view of
participants
Table (5) shows that the average for all three axes of the third
axis was 1.5223 with a relative weight of 30.446%. This means
that the level of support technology for risk management is

Scientific Journal for Economic& Commerce 730

 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

below the required level from the point view of the participants,
meaning that the companies do not achieve the required level of
support technology for risk management from the point of view
of participants . When testing one sample T-Test as in Table 9
below, T (246), -60.642, p = 0.00. Therefore, the zero
hypothesis was rejected, which means that the level of support
technology for risk management is below the required level as it
is lower by -1.97773 of the imposed level.

Table 9
One sample T-Test of the axis of supporting technology for
risk management

95% Confidence
Mean Sig.
Interval of the
Axis Differenc (2- df t
Difference
e tailed)
Upper Lower
Supporti
ng
technolo
-
gy for
-1.9135 -2.0420 -1.97773 .000 246 60.
risk
642
manage
ment

Fifth hypothesis test: There are no statistically significant

differences between the level of risk management in general in
the Jordanian insurance companies and the level imposed (70%)
at the level of significance (α00.05) from the point of view of
the participants Table 5 shows that the average for all four axes
together was 3.1518 and a relative weight of 63.036%. This
means that the level of risk management is generally below the
Scientific Journal for Economic& Commerce 731
 The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

required level from the participants 'point of view. In other

words, companies do not achieve the level of risk management
in general from the participants' point of view. When testing one
sample T-Test as in Table 10 below, T (246), -16.001, p = 0.00.
Therefore, the zero hypothesis was rejected, which means that
the level of risk management is generally below the required
level from the participants' point of view,
Which is less than that at -34819.

Six hypothesis test:

There were no statistically significant differences in the
responses of the participants at the level of significance (α≤0.05)
due to demographic variables such as sex and age
In order to find differences in the responses of the sample, the
ANOVA was performed. As shown in Annex 2, after the
ANOVA test for all axes it was found that
1. There are no statistically significant differences at the level
of significance of 0.01 and 0.05 due to the number of
employees in the risk management department and not on
any of the four axes or with axes as a whole
2. It was found that there were no statistically significant
differences at the level of significance of 0.01 and 0.05
attributed to gender on the answers of participants on all
axes
3. It was found that there are differences between the answers
of the participants attributed to the scientific qualification on
all axes where the value of P = 2.832 and the value of
significance 0.094. It is in favor of grades with an average of
3.1397 while the average BSc is 3.0454.
4. It was also found that there were differences in the responses
of the sample members due to the number of years of
experience on the first axis paragraphs in favor of the

Scientific Journal for Economic& Commerce 732

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

category 10-15 years, where the mathematical mean is

3.6878 as well as the fourth axis in favor of the category 10-
15 years where the mean of 3.9102. As well as on all axes
for the benefit of the category less than 10-15 years where
the arithmetic mean 2.9316
5. There were also differences between the answers of the
sample according to the function on the following axes: The
second axis in favor of the supervisor category where the
calculation center is 3.0918, and the fourth axis in favor of
the employee category where the calculation center 4.0722.
On other hand, it was also found that there were differences
between the responses of the sample by age on the following
axes: the second axis in favor of category 55 and above where
the mean was 3.3750, the third axis in favor of category 55 and
above where the mathematical mean was 3.1429, the fourth axis
in favor of category 45-55 Where the mean was 3.8214. Annex
2 shows the values and values of significance or sig of all
previous Anova choices.
Table (10)
One sample T-Test Average of all axes
95%
Confidence
Interval of the
axis
Difference Mean
Low Differenc Sig. (2-
Upper er e tailed) df t
- - -.34819 .000 246 -16.001
.3053 .391 Avera
1 ge of
all
axes

Scientific Journal for Economic& Commerce 733

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

Conclusions and recommendations:

By reviewing the research methodology and descriptive survey
findings, the researchers recommend:
1. Activate the role of risk management through the
establishment of specialized departments in this field
2. Activate the role of regulatory and legislative bodies to play
a greater role in order to ensure the existence of these
departments and improve the procedures and instructions
provided by these bodies in this field.
3. Increasing the role of academic institutions represented by
universities, consulting companies and specialized training
centers, which ensures the upgrading and efficiency of the
staff of risk departments
4. Encouraging companies through regulators to adopt global
standards in risk management such as ISO 3100 and COSO
5. Encourage companies to develop a risk management plan
and budget for risk management
6. Directing companies to develop approved risk management
policies
7. Draw attention to the importance of risk management
information systems and ensure the confidentiality of their
information.
8. Draw the attention of companies to raising thelevel of risk
management governance and strategy in the insurance
companies
9. Encourage increased level of risk management processes and
their interconnection between insurance companies
10. Draw the attention of researchers and academic institutions
to the importance of scientific research and studies in this
field to show the importance of Jordanian insurance
companies and increase the desire to manage risk at the
present time and future

Scientific Journal for Economic& Commerce 734

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

References
1. Abdul Rasid, Golshan, Ismail & Ahmad. (2012, january).
Risk management ,performance measurement and
organizational performance :a conceptual framework. 3rd
ICBER, (pp. PP. 1-8). Indonesia.
2. Actuarial Standard of Practice. (2012). Risk Evaluation in
Enterprise Risk Management. No. 46, PP. 40-45.
3. Connair & Stephen. (2013). Enterprise Risk Management
From Silos to Strategic Objectives. Armed Forces
Comptroller, Vol. 58(Issue 1), PP. 24-26.
4. Peter Berg. (2010). Risk Management: Procedures, Methods
and Experiences. vol. 1, pp. 79-81.
5. COSO. (2004). Enterprise Risk Management- Integrated
Framework. new york: American Institute of Certified
Public Accountants.
6. Pagach & Warr. (2011). The characteristics of firms that hire
chief risk officers. Journal of Risk and Insurance, Vol.
78(No. 1), PP. 185-211.
7. Epetimehin. (2013). Impact of risk appetite on the value of a
firm. European Scientific Journal, Vol. 9(No. 2), PP. 331-
342.
8. D'Arcy. (2001). Enterprise Risk Management. Journal of
Risk Management of Korea, Vol. 12(PP. 1), 207-228.
9. Daud ,Yazid & Hussin. (2010). The Effect Of Chief Risk
Officer (CRO) On Enterprise Risk Management (ERM)
Practices: Evidence From Malaysia. International Business
& Economics Research Journal (IBER),, Vol. 9(Issue 11),
PP. 28-32.
10. Chapman. (2010). Bringing ERM into focus. Internal
Auditor, Vol. 9(No. 11), PP. 30-36.

Scientific Journal for Economic& Commerce 735

The Management of Risk Dr Dr. Loona Shahin - Dr. Ashraf AlHadidi 24/7/2017

11. Woon , Azizan & Samad. (2011). A Strategic Framework

For Value Enhancing Enterprise Risk Management. Journal
of Global Business and Economics, PP. 23-48.
12. Casualty Actuarial Society. (2003). Overview of Enterprise
Risk Management. Enterprise Risk Management committee.
13. KPMG International. (2006). Enterprise Risk Management
in the United States: A 2006 Report Card. Retrieved from
http://www.sdabocconi.it/files/kpmg_en_version_339QIKW
Y11U2ZKUEHUY51224057629.pdfInstitute of Risk
Management. (2016).
14. Risk culture. Retrieved from https://www.theirm.org:
https://www.theirm.org/knowledge-and-resources/thought-
leadership/risk-culture.aspx
15. Hillson. (2006). Integrated Risk Management As A
Framework For Organizational Success. PP. 4-5.
16. Hopkin. (2012). Fundamentals of Risk Management

Scientific Journal for Economic& Commerce 736