A Methodological Framework for the Assessment of Knowledge Risks

Abstract

Knowledge risk management (KRM) has emerged as an essential field dedicated to addressing the various risks associated with organisational knowledge. A significant aspect of KRM is the assessment of knowledge risks; however, this area remains relatively underexplored due to the absence of a comprehensive framework. This PhD research aims to develop a comprehensive risk assessment framework for knowledge risks, incorporating Multi-Criteria Decision-Making (MCDM) models. Article I identifies seven key knowledge risks in ICT-supported collaborative projects using Total Interpretive Structural Modelling (TISM) as one of the MCDM models. It highlights cybercrime and espionage as high-driving risks, establishing hierarchical interrelations among these risks and providing a structural model that facilitates systematic KRM. Article II evaluates operational knowledge risks in SMEs using a grey- Decision-Making Trial and Evaluation Laboratory (DEMATEL) model. It identifies 11 critical risks, categorising them as causal (e.g., knowledge waste and gaps) and effect risks (e.g., relational risks and espionage). Outsourcing risks and improper knowledge application are identified as particularly significant. This categorisation aids SMEs in understanding and addressing their unique vulnerabilities effectively. Article III focuses on knowledge leakage drivers in collaborative agreements using an integrated ISM-MICMAC model. It identifies nine key drivers, including incomplete contracts and horizontal competition, as critical risk factors. The study demonstrates how these drivers influence knowledge leakage and provides actionable insights for mitigating risks. In the final complementary study, the research integrates TISM, DEMATEL, and Preference Ranking Organisation Method for Enrichment Evaluation (PROMETHEE) within its framework. The framework was tested using a case company to validate its practical use in assessing knowledge risks and in supporting informed decision-making. Methodologically, this thesis contributes to the literature on KRM, particularly in the domain of knowledge risk assessment, by introducing a well-structured and promising framework. •TISM is applied to capture the interdependencies among knowledge risks and knowledge risk factors. •DEMATEL is used to weight extended criteria, providing a deeper understanding of their significance. •PROMETHEE is applied to prioritise knowledge risk factors based on their level of importance. The insights derived from this framework offer valuable guidance for managers, risk managers, CEOs, and business owners, enabling them to identify, analyse and evaluate, a wide range of knowledge risks effectively. This thesis not only fills a critical gap in the KRM, more specifically knowledge risk assessment literature but also provides a practical tool to enhance decision-making and organisational resilience.