From Risk Management Plans to Risk Management Decisions: The Executive Decision Pipeline in Risk Management

Abstract

Risk management has become a central feature of modern organisational governance. Across corporate, public-sector, security, financial, operational and technological domains, organisations invest heavily in risk registers, policies, controls, assurance systems, dashboards, audits and mitigation plans. These instruments are necessary, but they do not by themselves constitute effective risk management. This article argues that risk management becomes operationally meaningful only when risk information is converted into timely, accountable and consequence-aware decisions. The central problem is not the existence of plans, but the possibility that organisations may confuse documented preparedness with decision competence.

Drawing on established literature in risk governance, bounded rationality, crisis leadership, organisational failure, high reliability organisations, OODA theory and resilience engineering, the article introduces Dr Danie Adendorff’s Executive Decision Pipeline as a decision-centred framework for moving from risk management plans to risk management decisions. The pipeline is presented as a practical and conceptual architecture for detecting signals, validating information, interpreting risk, framing decisions, generating options, mapping consequences, aligning authority, executing decisions and adapting through feedback. The article concludes that mature risk management should be assessed not only by the quality of plans and controls, but by the organisation’s demonstrated ability to decide before risk becomes irreversible consequence.

1. Introduction

Risk management is now deeply embedded in organisational life. Boards review risk registers. Executives approve mitigation plans. Regulators expect evidence of risk governance. Internal audit functions assess controls. Compliance teams maintain policy frameworks. Operational managers report against risk indicators. Strategic leaders speak of risk appetite, tolerance, assurance and resilience. In formal terms, this reflects the institutionalisation of risk management as a governance discipline. ISO 31000 defines risk as the effect of uncertainty on objectives and provides principles and guidance for managing that uncertainty across organisational contexts (International Organization for Standardization, 2018).

Yet a persistent difficulty remains. Organisations may possess extensive risk management documentation while still struggling to make timely, coherent and accountable decisions when risk begins to materialise. A risk register may name a threat without producing a decision. A mitigation plan may identify controls without clarifying who will act when those controls fail. A dashboard may report deteriorating indicators without forcing a strategic choice. A risk appetite statement may exist without being operationalised at the point where executives must accept, reduce, transfer, escalate or terminate exposure.

The article does not claim that plan-rich organisations always decide poorly. That would overstate the evidence. The more cautious and defensible claim is that document-centred risk systems can create a gap between risk visibility and risk action. Power’s analysis of organised uncertainty shows how modern organisations often convert uncertainty into systems of auditability, reporting and assurance (Power, 2007). Turner, Vaughan and Reason show in different ways that organisational failure frequently develops in the space between available warning and effective action (Turner, 1978; Vaughan, 1996; Reason, 1997). High Reliability Organisation literature further emphasises the importance of detecting weak signals, resisting simplification and deferring to operational expertise before failure becomes obvious (Weick, Sutcliffe and Obstfeld, 1999; Weick and Sutcliffe, 2015). These sources do not prove a single universal “planning bias”; they do support the narrower argument that risk documentation is insufficient unless connected to interpretation, authority and decision.

This article therefore reframes risk management as a decision discipline. Its central thesis is that risk management becomes strategically and operationally meaningful when risk information is converted into timely, accountable and consequence-aware executive decisions. Dr Danie Adendorff’s Executive Decision Pipeline is presented as a structured framework for closing the gap between risk management planning and risk management decision-making.

The article uses the term “planning bias” in a limited and specific sense. It refers to an organisational tendency to overvalue the production, maintenance and auditability of risk documentation while undervaluing the decision capability required to act on risk information under uncertainty. The term is used here as an analytical construct, not as a claim that there is a single settled doctrine in the literature called “planning bias.”

2. Risk management plans are not risk management decisions

A risk management plan is an organised statement of intention. It may include identified risks, likelihood and impact ratings, controls, owners, mitigation measures, escalation routes and review cycles. It may be supported by policy statements, risk appetite frameworks, audit reports, business continuity plans, cyber-security controls, insurance arrangements and compliance evidence. Such instruments are indispensable. Without them, organisations are forced to improvise from memory during periods of stress.

A risk management decision is different. It is a consequence-bearing choice made under conditions of uncertainty. It determines whether a risk will be accepted, reduced, transferred, avoided, escalated or monitored. It allocates resources. It authorises action. It accepts trade-offs. It clarifies responsibility. It moves the organisation from awareness to commitment.

The distinction matters because risk plans can create a misleading sense of control when they are treated as substitutes for judgement. Power’s analysis of organised uncertainty is relevant because systems of auditability and assurance can become more visible than the underlying capacity to act (Power, 2007). These systems have value, especially for governance and accountability. However, a risk may be entered into a register, assigned to an owner and reviewed quarterly, yet remain undecided in the only sense that matters: what will the organisation do when the risk becomes active, time-sensitive and consequential?

Quarantelli’s work on disaster management is useful because it distinguishes between written planning and the management capability required during disruptive events (Quarantelli, 1997). Although his work concerns community disasters, the distinction applies directly to organisational risk management. A plan may indicate what should happen, but actual risk management requires coordination, authority, communication, prioritisation and adaptation.

Business Continuity Management provides a concrete example of this wider problem. BCM has developed historically through technical, operational, legislative, regulatory and standards-based drivers (Herbane, 2010). Elliott, Swartz and Herbane further situate BCM as a crisis-management approach concerned with preparation, response and recovery, not merely as a documentation system (Elliott, Swartz and Herbane, 2010). The relevance for risk management is clear: the existence of a plan does not, by itself, prove the existence of decision capability.

This article therefore does not argue against risk plans. It argues against confusing plans with decisions. Plans preserve preparedness; decisions govern action. Plans reduce avoidable confusion; decisions resolve live conflict between competing objectives. Plans describe intended conduct; decisions determine actual conduct when information is incomplete and consequences are unfolding.

3. The weakness of document-centred risk governance

Risk management frequently becomes document-centred because documents are visible, auditable and administratively convenient. A risk register can be reviewed. A policy can be approved. A mitigation plan can be tracked. A control can be tested. A dashboard can be presented. These activities are important, but they are not equivalent to decision capability.

The danger is that organisations may become better at describing risk than deciding about risk. This is especially problematic when risk is dynamic. Some risks remain stable enough for routine management. Others escalate rapidly, interact with other systems, or produce cascading effects. Cyber incidents, supply-chain breakdowns, regulatory failures, liquidity pressures, geopolitical shocks, safety incidents, reputational crises and major technology failures can all move faster than ordinary governance cycles.

The literature on organisational failure helps explain why documentation is insufficient. Turner’s work on man-made disasters showed that failures often incubate over time as warning signals accumulate but are not properly interpreted (Turner, 1978). Vaughan’s analysis of the Challenger launch decision demonstrated how organisational culture and normalised deviance can transform abnormal risk signals into accepted practice (Vaughan, 1996). Reason’s work on organisational accidents emphasised latent conditions, weak defences and active failures rather than reducing failure to isolated individual mistakes (Reason, 1997).

These works matter for risk management because they show that failure often occurs in the space between information and action. The organisation may have indicators. It may have procedures. It may even have warnings. But if those warnings are normalised, delayed, misframed or trapped in the wrong layer of authority, the existence of risk documentation will not prevent consequence.

High Reliability Organisation literature provides a further corrective. Weick, Sutcliffe and Obstfeld describe collective mindfulness as a disciplined organisational posture involving preoccupation with failure, reluctance to simplify, sensitivity to operations, commitment to resilience and deference to expertise (Weick, Sutcliffe and Obstfeld, 1999). Weick and Sutcliffe later developed these principles into a practical account of sustained performance under unexpected conditions (Weick and Sutcliffe, 2015). For risk management, the implication is clear: organisations need systems that detect weak signals, respect operational expertise and escalate uncertainty before it becomes irreversible.

4. Risk decisions under bounded rationality

Risk management is often presented in rational, structured and procedural terms. Risks are identified, analysed, evaluated and treated. This is useful as a formal process. However, real executive decisions rarely occur under ideal conditions. Simon’s theory of bounded rationality challenged the assumption that decision-makers can optimise under conditions of complete information (Simon, 1955). In practice, leaders face limited information, limited attention, cognitive constraints, organisational pressure and time compression. March and Simon’s organisational analysis further showed how structures, routines and institutional expectations shape what decision-makers notice and choose (March and Simon, 1958).

Kahneman’s work on judgement and bias adds another layer. Executives may be affected by overconfidence, anchoring, availability, confirmation bias and loss aversion (Kahneman, 2011). These biases are particularly dangerous in risk management because they can distort the interpretation of weak signals. Leaders may over-rely on past experience, delay action in search of certainty, underestimate emerging exposure, or assume that existing controls are stronger than they are.

At the same time, expert judgement should not be dismissed. Kahneman and Klein argue that intuitive expertise can be reliable in environments that provide sufficient regularity and feedback, but becomes dangerous when confidence is transferred into unstable or low-validity environments (Kahneman and Klein, 2009). This distinction is crucial. Some risk decisions can be managed through established routines. Others require deliberate framing because the environment is novel, ambiguous or unstable.

The executive risk question is therefore not only “what risk exists?” but “what decision does this risk now require?” This shift changes the nature of risk governance. A cyber risk is not simply a line item in a register. It may require a decision to isolate systems, notify regulators, suspend services, engage external responders or communicate with customers. A supplier risk is not merely a procurement concern. It may require a decision to activate alternative suppliers, accept margin reduction, delay delivery or disclose operational exposure. A reputational risk is not simply a communications issue. It may require a decision about transparency, legal exposure, accountability and corrective action.

Risk management therefore becomes meaningful at the decision point. Until then, it remains analysis, preparation or assurance.

5. The Executive Decision Pipeline and its contribution

Dr Danie Adendorff’s Executive Decision Pipeline is proposed here as a structured architecture for converting risk information into accountable executive action. It does not replace ISO 31000, enterprise risk management, internal control, audit, crisis management, OODA theory or resilience frameworks. It complements them by addressing the operational question that many frameworks leave underdeveloped: how does an organisation move from risk awareness to named, owned, consequence-aware executive decision before consequence overtakes control?

The pipeline has nine stages.

First, signal detection. The organisation must identify early indicators of risk movement. Signals may include operational anomalies, financial stress indicators, cyber alerts, customer complaints, safety deviations, supplier instability, regulatory warnings, geopolitical developments, litigation threats, reputational indicators or frontline reports. Ansoff’s work on weak signals remains relevant because strategic surprise often develops from information that was ambiguous or inconvenient before it became obvious (Ansoff, 1975).

Second, signal validation. Detected signals must be assessed for credibility, confidence and relevance. Validation does not mean waiting for certainty. In risk conditions, certainty often arrives too late. Validation means distinguishing confirmed information from assumption, rumour, outdated data, politically filtered reporting or untested inference.

Third, risk interpretation. The organisation must translate the signal into consequence-relevant meaning. A technical alert may imply legal exposure. A supplier delay may imply contractual breach. A financial indicator may imply liquidity risk. A safety deviation may imply regulatory intervention, reputational damage and human harm. Risk interpretation asks what the signal means for objectives, stakeholders, operations and strategic position.

Fourth, decision framing. This is the critical transition from analysis to executive judgement. Leaders must state the decision that must be made. A weak frame says, “There is a cyber incident.” A stronger frame says, “We must decide within the next hour whether to isolate customer-facing systems, accepting immediate service disruption to protect data integrity.” The first describes a problem. The second defines a decision.

Fifth, option generation. Once the decision is framed, plausible courses of action must be identified. These may include acceptance, reduction, transfer, avoidance, escalation, operational suspension, additional controls, external communication, resource redeployment or deliberate monitoring with defined review thresholds. Mandatory compliance actions must be distinguished from discretionary options. Where law or regulation imposes a notification duty, the decision is not whether to comply, but how to meet the obligation accurately, lawfully and within the required timeframe while managing related operational and reputational consequences.

Sixth, consequence mapping. Each option must be examined for likely operational, financial, legal, reputational, ethical, human and strategic consequences. This stage is essential because risk decisions often create second-order effects. A decision that protects short-term revenue may increase legal exposure. A decision that avoids public disclosure may deepen reputational damage. A decision that reduces one operational risk may increase another.

Seventh, authority and accountability alignment. The organisation must clarify who has the authority to decide, who carries accountability, who must be consulted, who must be informed and who must execute. In many risk failures, delay is not caused by lack of information but by unclear authority.

Eighth, decision execution. A decision that is not executed is only an intention. Execution requires direction, resources, communication, ownership and time-bound implementation. Risk management becomes real when the organisation commits to action.

Ninth, feedback and adaptation. Decisions must be tested against unfolding reality. If assumptions prove wrong, the organisation must adapt. Resilience engineering is useful here because it emphasises the capacity to monitor, respond, anticipate and learn under variable conditions (Hollnagel, Woods and Leveson, 2006; Hollnagel et al., 2011).

The nine stages are not intended as a slow sequential checklist. They are a logical decomposition of the decision process. Under time compression, several stages may occur in parallel or may collapse into rapid executive judgement: detection, validation and interpretation may be performed by technical specialists; framing and authority alignment may occur in the same crisis meeting; consequence mapping may be abbreviated to the most material exposures. The discipline lies not in ritual completion of nine steps, but in ensuring that no critical decision function is omitted.

The pipeline has obvious neighbours. Boyd’s OODA loop - observe, orient, decide and act - remains one of the best-known decision-cycle models, especially in military and strategic contexts. Osinga’s scholarly treatment of Boyd shows that the OODA model is more than a simple speed loop; it is embedded in a broader strategic theory of orientation, adaptation and competitive advantage (Osinga, 2007). This matters because Boyd’s “orient” stage is intellectually rich and can incorporate judgement, context and adaptation. The Executive Decision Pipeline does not deny that depth. Its point is narrower: OODA does not make decision framing, consequence mapping, and authority-accountability alignment discrete governance tasks.

Boin, ’t Hart, Stern and Sundelius similarly frame crisis leadership through tasks such as sense-making, decision-making, meaning-making, coordination and learning (Boin et al., 2016). The Executive Decision Pipeline does not claim to replace that crisis-leadership literature. Its contribution is organisational and procedural: it forces the conversion of risk information into a named decision, attaches the decision to accountable authority, and requires explicit consideration of consequences before execution where time permits. Many organisations observe and orient without deciding; many crisis teams make sense of events without naming the choice; many risk committees discuss exposure without resolving who owns the decision. The pipeline is therefore an accountability architecture as much as a decision model.

6. Illustration: ransomware risk through the pipeline

Consider a large organisation that receives an early warning from its security operations centre. Several unusual authentication attempts are detected, followed by abnormal file-access behaviour on a critical server. In a plan-centred system, this may be logged as a cyber incident and escalated through technical channels while executives wait for certainty. In a decision-centred system, the Executive Decision Pipeline begins immediately.

In the stronger version of the response, the signal is detected through abnormal system behaviour. It is validated by comparing cyber logs, endpoint alerts and security analyst judgement. The risk is interpreted not merely as a technical anomaly, but as a potential threat to operational continuity, data integrity, legal compliance and customer trust. The decision is then framed clearly: should the organisation isolate affected systems immediately, accepting business interruption, or continue monitoring to avoid unnecessary disruption?

Options are generated. These may include immediate isolation, partial segmentation, enhanced monitoring, emergency external support, communication preparation, or temporary suspension of affected services. Mandatory legal or regulatory duties are treated separately from discretionary risk options. If notification obligations are triggered, compliance is not presented as an optional course of action; the decision concerns how to comply accurately, rapidly and responsibly while managing the broader event.

Consequences are mapped. Isolation may cause operational and revenue loss, but delay may permit wider compromise. Authority is aligned: the chief information security officer advises, the crisis executive authorises, legal and communications teams are consulted, and operational leaders execute. The decision is implemented through technical containment and executive communication. Feedback is monitored continuously as forensic evidence develops. This version shows the difference between risk awareness and risk decision. The organisation does not merely record that ransomware risk exists. It converts warning into accountable action before the risk becomes systemic consequence.

The diagnostic value of the pipeline becomes clearer when the process fails. In the same ransomware scenario, the security operations centre detects unusual authentication attempts and abnormal file-access behaviour. The signal is technically visible, but validation is delayed because analysts are instructed to avoid escalating “false positives” until evidence is conclusive. By the time the risk is interpreted at executive level, the incident has spread beyond the original server.

The decision frame is also weak. The issue is described to senior leaders as “IT is investigating unusual activity,” not as “the organisation must decide whether to isolate core systems before data integrity is compromised.” Because the decision is not named, no executive accepts ownership. The chief information security officer recommends containment, but the operations director resists because isolation will interrupt revenue-generating services. Legal counsel asks whether notification thresholds have been triggered, while communications waits for confirmed facts. The meeting becomes a reporting forum rather than a decision forum.

In this failure version, the pipeline does not produce success; it reveals where the organisation broke. Signal validation was too slow. Risk interpretation was too narrow. Decision framing failed. Authority and accountability were unclear. Consequence mapping was dominated by immediate revenue loss while underweighting data integrity, legal exposure and reputational harm. Execution was delayed until the adversary had already widened the compromise. The value of the pipeline is not that it guarantees correct decisions. Its value is that it makes decision failure visible.

7. Integration into enterprise risk management

The Executive Decision Pipeline can be integrated into enterprise risk management without displacing established frameworks. ISO 31000 already provides a broad risk-management process involving communication, consultation, scope, context, criteria, assessment, treatment, monitoring and review (International Organization for Standardization, 2018). The pipeline strengthens this process by making the executive decision point explicit.

In risk identification, the pipeline requires organisations to identify not only risks, but signals that indicate risk movement. A risk register should therefore include early-warning indicators and escalation triggers, not only risk descriptions. In risk analysis, the pipeline requires organisations to examine uncertainty in decision terms. Analysis should not end with likelihood and impact. It should identify what decision would be required if the risk intensified.

In risk evaluation, the pipeline connects risk appetite to real choices. Risk appetite statements are often abstract. The pipeline asks whether leaders know how much loss, delay, exposure or uncertainty they are actually prepared to accept. In risk treatment, the pipeline clarifies whether controls are preventive, detective, corrective or adaptive. It also asks who can authorise treatment when risk conditions change.

In monitoring and review, the pipeline turns reporting into decision support. A dashboard should not merely display risk indicators. It should show whether indicators have crossed thresholds requiring executive attention. In business continuity, the pipeline can connect business impact analysis, recovery strategy and crisis activation. Elliott, Swartz and Herbane’s treatment of Business Continuity Management as a crisis-management approach is relevant because it situates continuity within preparation, response and recovery rather than treating it as static paperwork (Elliott, Swartz and Herbane, 2010). The pipeline extends that logic into wider risk management by making decision conversion explicit.

In crisis management, the pipeline aligns with the work of Boin and ’t Hart, who emphasise leadership under crisis conditions, and with Boin, ’t Hart, Stern and Sundelius, who describe crisis leadership through tasks such as sense-making, decision-making, meaning-making, coordination and learning (Boin and ’t Hart, 2003; Boin et al., 2016). These tasks correspond closely with the pipeline’s movement from signal to interpretation, decision, execution and adaptation. The distinction is that the pipeline is specifically designed to locate the executive risk decision and attach it to authority, consequence and feedback.

8. Operationalising decision competence

If mature risk management should be measured by decision competence, that concept must be operationalised. Decision competence is not a vague leadership virtue. It can be assessed through observable criteria.

First, decision latency should be measured. The organisation should compare the time at which a risk signal required executive decision with the time at which a decision was actually taken. The relevant question is not simply whether the decision was eventually made, but whether it was made inside the useful decision window.

Second, decision ownership should be measured. Material risks should have named decision owners before disruption occurs. If an event exposes uncertainty over who can decide, the risk system has failed at the authority-alignment stage.

Third, escalation quality should be measured. Risk information should move from operational detection to executive attention in a form that supports decision: confidence level, consequence relevance, decision required, options, constraints and recommended review point.

Fourth, consequence mapping should be assessed after major events. The organisation should ask whether the material consequences considered before the decision matched the consequences that actually emerged. Gaps between expected and actual effects should inform future risk analysis.

Fifth, execution discipline should be reviewed. A decision log should record the signal, confidence level, decision frame, options considered, consequences assessed, authority used, decision taken, implementation owner and review point. This supports accountability, learning and defensibility.

Sixth, adaptive learning should be tested after significant events. The after-action review should compare the actual decision timeline with the required decision timeline and identify where detection, validation, interpretation, framing, authority alignment or execution failed. Comfort’s crisis-management work is relevant here because it emphasises cognition, communication, coordination and control as integrated functions in crisis response (Comfort, 2007).

Decision competence can therefore be evaluated through practical indicators: decision latency, ownership clarity, escalation quality, consequence-map accuracy, execution discipline and adaptive learning. These measures do not eliminate judgement, but they make judgement reviewable.

9. Implications for boards and executives

The Executive Decision Pipeline changes what should be expected of senior leaders. Their responsibility is not only to approve risk frameworks. It is to ensure that the organisation can make accountable decisions when risk conditions change.

Leaders must demand decision-ready risk reporting. Risk reports should not merely list exposures. They should identify movement, thresholds, confidence levels, decision requirements and accountable owners. Boards should also test the connection between risk appetite and actual decisions. It is easy to approve a risk appetite statement. It is harder to decide whether to accept a significant operational loss to prevent a larger legal or reputational failure. Risk appetite becomes meaningful only when applied to specific choices.

Executives must clarify decision rights before disruption. Ambiguity over authority is itself a risk. The organisation should know who can activate crisis procedures, suspend operations, approve emergency expenditure, notify regulators, engage external specialists or authorise public communication. Leaders must also protect structured dissent. Janis’s work on groupthink remains important because leadership groups under pressure may suppress disagreement and confuse consensus with correctness (Janis, 1982). A mature risk system should include challenge, red teaming and independent review before major decisions are finalised where time allows.

Risk exercises should rehearse judgement, not only procedure. Many exercises test whether teams know the process. Fewer test whether executives can make difficult trade-offs under uncertainty. A decision-centred exercise should confront leaders with incomplete information, conflicting values, reputational exposure, legal uncertainty and time pressure.

10. Limits and safeguards

No framework eliminates uncertainty. The Executive Decision Pipeline should not be presented as a universal solution or guarantee of correct decisions. It is a discipline for improving the quality, speed and accountability of risk decisions. It remains dependent on data quality, organisational culture, leadership courage and honest feedback.

There are several risks in applying the pipeline. The first is over-formalisation. If the nine stages become a rigid checklist, the pipeline may slow decision-making. The second is poor signal quality. If detection systems are weak or politically filtered, the pipeline will process distorted information. The third is false confidence. A structured process can create an appearance of rigour even where assumptions are flawed. The fourth is authority confusion. A pipeline cannot compensate for unresolved governance.

Safeguards are therefore necessary. Red teaming can challenge assumptions and expose blind spots. Scenario testing can introduce ambiguity and conflicting evidence. Decision rehearsals can test authority, communication and ethical judgement. Independent challenge should be especially prominent where the executive group appears to converge rapidly on a preferred option without testing contrary evidence.

The organisation should also preserve humility. Perrow’s work on normal accidents reminds us that complex and tightly coupled systems can fail in ways that exceed managerial prediction (Perrow, 1999). Resilience engineering similarly warns against excessive confidence in static controls and emphasises adaptive capacity under variable conditions (Hollnagel, Woods and Leveson, 2006; Hollnagel et al., 2011). The right response is not fatalism, but disciplined adaptation: monitor, decide, act, learn and adjust.

11. Conclusion

Risk management is not weakened by planning. It is weakened when planning becomes disconnected from decision-making. Risk registers, policies, controls, dashboards, mitigation plans and assurance systems remain necessary. But they are not, by themselves, evidence that an organisation can act when risk begins to move.

The decisive question for risk management is therefore not: does the organisation have a risk plan? The stronger question is: can the organisation convert warning into accountable executive action before consequence becomes irreversible?

Dr Danie Adendorff’s Executive Decision Pipeline provides a disciplined answer to that question. It connects signal detection, signal validation, risk interpretation, decision framing, option generation, consequence mapping, authority alignment, execution and feedback. Its purpose is not to replace existing risk-management frameworks, OODA thinking or crisis-leadership models, but to give risk governance operational force at the point where risk becomes decision.

In this sense, mature risk management should be measured by decision competence. A mature organisation does not merely identify risk. It knows when risk has moved, what decision is required, who must decide, what consequences attach, which obligations are mandatory, which options are discretionary, and how action will be adapted as reality changes. That is the movement from risk management plans to risk management decisions.

Source note

This article excludes Wikipedia, Reddit, LinkedIn, YouTube, Medium and Facebook from the research base. The article relies on academic literature, professional standards, publisher-verified books, peer-reviewed articles and recognised risk, resilience, crisis-management and organisational-failure sources. Claims based on the Executive Decision Pipeline are presented as a conceptual contribution by Dr Danie Adendorff, not as externally established doctrine.

References

Ansoff, H.I. (1975) ‘Managing Strategic Surprise by Response to Weak Signals’, California Management Review, 18(2), pp. 21–33. doi: 10.2307/41164635.

Boin, A. and ’t Hart, P. (2003) ‘Public Leadership in Times of Crisis: Mission Impossible?’, Public Administration Review, 63(5), pp. 544–553. doi: 10.1111/1540-6210.00318.

Boin, A., ’t Hart, P., Stern, E. and Sundelius, B. (2016) The Politics of Crisis Management: Public Leadership under Pressure. 2nd edn. Cambridge: Cambridge University Press.

Comfort, L.K. (2007) ‘Crisis Management in Hindsight: Cognition, Communication, Coordination, and Control’, Public Administration Review, 67(s1), pp. 189–197. doi: 10.1111/j.1540-6210.2007.00827.x.

Elliott, D., Swartz, E. and Herbane, B. (2010) Business Continuity Management: A Crisis Management Approach. 2nd edn. London: Routledge. doi: 10.4324/9780203866337.

Herbane, B. (2010) ‘The evolution of business continuity management: A historical review of practices and drivers’, Business History, 52(6), pp. 978–1002. doi: 10.1080/00076791.2010.511185.

Hollnagel, E., Woods, D.D. and Leveson, N. (eds.) (2006) Resilience Engineering: Concepts and Precepts. Aldershot: Ashgate.

Hollnagel, E., Pariès, J., Woods, D.D. and Wreathall, J. (eds.) (2011) Resilience Engineering in Practice: A Guidebook. Farnham: Ashgate.

International Organization for Standardization (2018) ISO 31000:2018 Risk management — Guidelines. Geneva: ISO.

Janis, I.L. (1982) Groupthink: Psychological Studies of Policy Decisions and Fiascoes. 2nd edn. Boston: Houghton Mifflin.

Kahneman, D. (2011) Thinking, Fast and Slow. New York: Farrar, Straus and Giroux.

Kahneman, D. and Klein, G. (2009) ‘Conditions for Intuitive Expertise: A Failure to Disagree’, American Psychologist, 64(6), pp. 515–526. doi: 10.1037/a0016755.

March, J.G. and Simon, H.A. (1958) Organizations. New York: John Wiley & Sons.

Osinga, F.P.B. (2007) Science, Strategy and War: The Strategic Theory of John Boyd. London: Routledge.

Perrow, C. (1999) Normal Accidents: Living with High-Risk Technologies. Updated edn. Princeton, NJ: Princeton University Press.

Power, M. (2007) Organized Uncertainty: Designing a World of Risk Management. Oxford: Oxford University Press.

Quarantelli, E.L. (1997) ‘Ten Criteria for Evaluating the Management of Community Disasters’, Disasters, 21(1), pp. 39–56. doi: 10.1111/1467-7717.00043.

Reason, J. (1997) Managing the Risks of Organizational Accidents. Aldershot: Ashgate.

Simon, H.A. (1955) ‘A Behavioral Model of Rational Choice’, The Quarterly Journal of Economics, 69(1), pp. 99–118. doi: 10.2307/1884852.

Turner, B.A. (1978) Man-Made Disasters. London: Wykeham Publications.

Vaughan, D. (1996) The Challenger Launch Decision: Risky Technology, Culture, and Deviance at NASA. Chicago: University of Chicago Press.

Weick, K.E. and Sutcliffe, K.M. (2015) Managing the Unexpected: Sustained Performance in a Complex World. 3rd edn. San Francisco, CA: Jossey-Bass.

Weick, K.E., Sutcliffe, K.M. and Obstfeld, D. (1999) ‘Organizing for High Reliability: Processes of Collective Mindfulness’, Research in Organizational Behavior, 21, pp. 81–123.

Author workflow disclosure

This article was produced through an AI-assisted but human-directed workflow. AI support was used for accessibility assistance, structuring, language refinement, source-discovery prompts, revision planning and conversion of editorial comments into amendments. Dr Danie Adendorff retained responsibility for the argument, accepted or rejected changes, checked the logic of claims, assessed source credibility and remains accountable for the final text. AI-generated material was not treated as empirical evidence, and illustrative conceptual examples were not presented as observed data.

contact@rumbls.com

Terms and Conditions

Privacy Policy

Cookie Policy

© 2026 Dr Danie Adendorff. All rights reserved.

Disclaimer