Risk Intelligence and the Resilient Company

Applying a more sophisticated approach to risk management can help leaders continue to generate value through disruption and uncertainty.

Reading Time: 19 min 


Permissions and PDF

Simon Prades

Building the resilience of large, complex enterprises is critical in today’s uncertain and interconnected world. At a time when a container ship grounded in the Suez Canal can bottle up 12% of the world’s trade, or a virus can disrupt the global flow of commodities, components, and talent, a corporation’s ability to quickly adapt in the face of unfolding events is essential to its survival and prosperity.

Business resilience is a dynamic property that is retrospectively measured by the stability and longevity of corporate value across changing contexts. In real time, it manifests in an enterprise’s timely adaptation to both immediate and gradual changes in the business environment.

Our work, which employs a complex adaptive systems view of businesses, shows that resilience derives from three fundamental adaptive capacities: sensing and monitoring, to recognize emerging changes in the business environment; business model portfolio development, to build and test capabilities across operating contexts; and fundamental capability development, to drive growth with longevity and avoid corporate stall.1 Moreover, each of these capacities hinges on the development of a capability for risk intelligence.

We define risk intelligence as the honed ability to rigorously interpret risks and the consequences or opportunities they pose for a company.2 It allows leaders to see through environmental complexity and systematically identify, categorize, and interpret risks. This enables them to look beyond known risk factors and intentionally explore yet-to-be-known risks, thereby embracing rather than avoiding uncertainty.



1. A.B. Sheth, “Pathways to Enterprise Resilience” (Ph.D. diss., Purdue University Graduate School and the Lyles School of Civil Engineering, 2021). We define “growth with longevity” as multi-decadal business growth founded on one or more fundamental capabilities that enable the pursuit of multiple new markets across contexts over time.

2. “Risk intelligence” has been defined in various ways. See F. Caldwell, “Risk Intelligence: Applying KM to Information Risk Management,” Vine 38, no. 2 (June 2008): 163-166; D. Evans, “Risk Intelligence,” in “Handbook of Risk Theory: Epistemology, Decision Theory, Ethics, and Social Implications of Risk,” eds. S. Roeser, R. Hillerbrand, P. Sandin, et al. (Dordrecht, Netherlands: Springer, 2012), 603-620; S. Mashingaidze, “Risk Intelligence: How Lessons From Folktales/Fables Contribute to the Implementation of Risk Management in Banks,” Risk Governance & Control: Financial Markets & Institutions 5, no. 4 (October 2015): 19-25; D. Wu and J. Birge, “Risk Intelligence in Big Data Era: A Review and Introduction to Special Issue,” IEEE Transactions on Cybernetics 46, no. 8 (August 2016): 1718-1720; and A. Marshall, U. Ojiako, V. Wang, et al., “Forecasting Unknown-Unknowns by Boosting the Risk Radar Within the Risk Intelligent Organisation,” International Journal of Forecasting 35, no. 2 (April-June, 2019): 644-658.

3. J. Liu, T. Tong, and J. Sinfield, “Toward a Resilient Complex Adaptive System View of Business Models,” Long Range Planning 54, no. 3 (June 2021): article 102030.

4. Y. Sheffi, “What Everyone Gets Wrong About the Never-Ending COVID-19 Supply Chain Crises,” MIT Sloan Management Review 63, no. 2 (winter 2022): 7-10.

5. A. Griffiths and M. Winn, “Slack and Sustainability” (presentation at the Academy of Management Annual Meeting, Honolulu, Hawaii, Aug. 5-10, 2005).

6. M.K. Linnenluecke, A. Griffiths, and M. Winn, “Extreme Weather Events and the Critical Importance of Anticipatory Adaptation and Organizational Resilience in Responding to Impacts,” Business Strategy and the Environment 21, no. 1 (January 2012): 17-32.

7. A. Sheth and A. Kusiak, “Resiliency of Smart Manufacturing Enterprises via Information Integration,” Journal of Industrial Information Integration 28 (July 2022): article 100370.

8. “Decision-Making Under Deep Uncertainty: From Theory to Practice,” eds. V.A.W.J. Marchau, W.E. Walker, P.J.T.M. Bloemen, et al. (Cham, Switzerland: Springer, 2019); and H. Courtney, J. Kirkland, and P. Viguerie, “Strategy Under Uncertainty,” Harvard Business Review 75, no. 6 (November-December 1997): 67-79.

9. M. Shelbourne, “Pentagon Said It Was Ready for Extended Suez Canal Blockage,” USNI News, March 29, 2021, https://news.usni.org.

10. J. Leovy, “Cyberattack Cost Maersk as Much as $300 Million and Disrupted Operations for 2 Weeks,” Los Angeles Times, Aug. 17, 2017, www.latimes.com.

11. To identify pairs that are important to the risk network, we chose pairs that experts deemed as having 40% or more risk impact. In practice, however, this value should be selected based on qualitative criteria, such as the risk positioning of the company and industry.

Reprint #:


More Like This

Add a comment

You must to post a comment.

First time here? Sign up for a free account: Comment on articles and get access to many more articles.

Comment (1)
Stuart Roehrl
A highly detailed and thorough discussion of the subject of risk identification and management.  Very impressive charts and visual aids.  Excellent presentation.  Many fresh ideas with broad application.
Stuart Roehrl