The Prose of Action: The Micro Dynamics of Reporting on Emerging Risks in Operational Risk Management

In this paper we study how risk management systems are applied to make organizational actors interested in responding to emerging risks. The empirical domain of the paper is the Defense Procurement Unit in a Scandinavian country. The paper is based on detailed data from monthly risk update meetings, interviews with both military and civilian managers, and 1 year's worth of monthly risk reports. Our study illustrates how Frontline Managers – to make General Management at the Procurement Unit interested in responding to emerging risks – use the content of the risk reports. The translation of emerging risks changes over time in response to a lack of action on reported risks. In these processes Frontline Managers take on new responsibilities to make General Managers take action on reported risk. The reporting practice changes from the mere identification of risk to risk assessment and, finally, to incorporating the possible response into the risk report. These findings add to extant literature by illustrating that actions do not automatically flow from the identification of risk. Rather, risk and action are dynamically interrelated in the sense that the prose in the risk report is a variable input to generate action and that a lack of action encourages managers to change their approach to reporting.