A Thesis submitted to the Faculty of Education in fulfillment of the requirements for the degree of. 139 Table 4.16 Overall Measure of Awareness of ERM Adoption Elements 140 Table 4.17 Reasons for ERM Program and Policy Adoption 140 Table 4.18 Reasons for ERM Program and Policy Adoption by Institution.

Background Information

In the United Arab Emirates, higher education is very important for the country's development because both the labor market and research-based forces come to play together (Gallagher 2021; Warner & Burton 2017). Therefore, this will guarantee a better quality teaching and learning environment, positively impacting higher education students and researchers in the UAE.

The UAE Research Context

To ensure that high quality levels are met in colleges and universities, several initiatives and processes have been adopted by the UAE's MoE to refine the existing standards and procedures for both new and existing academic institutions. This will therefore guarantee a better quality environment for the teaching and learning process affecting students and researchers in the UAE.

Figure 1.2 – The Risk Management Process – Adopted from Marsh Risk Consulting (2012)

Significance of the Study

That is, quality is a concern in UAE higher education, which lacks a successful model of risk management. For that reason, the implementation of ERM in UAE higher education institutions has always been both important and challenging.

Research Problem Statement

Findings from such ERM research show that empirical research examining the concepts of ERM in the context of higher education is still not representative of the risk management implementation status in higher education settings (Mikes & Kaplan 2014; Deck 2015; Walker & Shenkir 2018). Due to the scarcity of empirical ERM studies and studies that examine academics' perceptions of the effectiveness of ERM implementation in the higher education context (e.g. Hallowell et al. 2013;.

Purpose of the Study

The reason for this is, as already mentioned, that the UAE higher education model has begun to present itself as suitable for the international higher education formula and is becoming more attractive based on wider academic cooperation with other institutions outside the country and the acceptance of internationalization.

Research Questions

This first major question of the study is answered through the major quantitative research tool of a study via a structured questionnaire adopted by the researcher as the main research methodology and data collection tool. However, it is true that this study starts with the quantitative phase as an essential tool to obtain data, in the sense that there is a questionnaire to be used to answer the study's major RQ1;.

Table 1.2 – Questions of the Study and Research Tools

Rationale for the Study

In this sense, through this research, the researcher seeks to provide some investigative analyzes of ERM perceptions that support the initial discussion and main goal of the research regarding the effectiveness of ERM in the context of higher education. Much recent research underestimates the importance of ERM for institutional academic performance and effectiveness.

Structure of the Thesis

The chapter provides an explanation of the findings of both studies in light of the proposed preliminary conceptual framework for ERM implementation and integration in the targeted UAE HEIs. It also highlights areas of the research that relate to identifying the strengths, limitations and recommendations of the study.

Chapter Summary

It provides the rationale for choosing the explanatory model of the mixed method study to achieve the main purpose and objectives of the study, as well as to answer its questions. Chapter four presents the findings and results of the study, describing the quantitative results of the study, the qualitative results of the study, and the integration and relationship between the two.

Introduction

Theoretical Framework

• The Institutional Theory (The Sociological Organisational Theory)
• The Legitimacy Theory
• The Organisational Change Theory
• Summary of the Theoretical Framework

This definition would be useful in the context of this study because it justifies change, as a relational product of the ERM process applied throughout the study. A weakness of the research on organizational change theory in higher education institutions is that it is still 'underdeveloped'.

Figure 2.1 – Theoretical Framework

Conceptual Framework and Definitions of Key Concepts

• Defining “Risk”, “Risk Management” and “Enterprise Risk Management”
• Corporate Governance and Internal Controls
• Organisational Change Elements
• Decision Making of ERM Implementation and Integration
• Academic Effectiveness and Quality – As an Outcome of ERM Implementation
• Summary of Conceptual Analysis – Conceptual Framework Diagram

The definition of risk and risk management is at the core of the conceptual framework of this study and would inform the entire process of implementing ERM in the context of higher education. Decision-making is one of the main conceptual elements of this study, which defines the process of implementing ERM in the context of HEIs.

Table 2.1 – Definitions of Risks from Corporate Perspective (Sithipolvanichgul 2016, p

Review of Related Literature

Overview of the Development of ERM - The New Religion of Risk Management

A more detailed and comprehensive overview of the history of risk management was presented by Dionne (2013) and Walker and Shenkir (2018). According to them, risk management began as an isolated discipline in the twentieth century and was long associated only with the concept of insurance.

The Origin of Risk Management (Pascal’s Probability Theory)

Bernstein (1998) defines the word "probability" in the context of risk management by tracing it to its Latin root. However, recent reforms in the higher education sector supported the claim that the last decades starting from 2000 demanded the need for a more advanced and tailored form of risk management business.

Risk Management formalised through ISO and COSO

Therefore, a description of the ERM literature would not be complete without reference to the internationally accepted and accredited ISO principles and guidelines adopted in this subject, as well as the COSO risk management framework. In the context of higher education, ERM is viewed as an academically based management process that can be strategically applied throughout the institution.

ISO 31000:2018 Risk Management

Organizations typically use IOS 31000 to get guidance for internal or external audit programs on their risk management procedures and policies. Organizations using ISO 31000 can benchmark their risk management practices against an internationally recognized benchmark, enabling them to adopt ideal principles for effective management and sound corporate governance.

Control and the Risk Management COSO Framework

According to COSO (2017a), this is the main and key factor in the risk management and assessment process. A framework for defining an appropriate conceptual framework for a comprehensive and effective risk management implementation process.

Figure 2.5 – Enterprise Risk Management – Integrating with Strategy and Performance (Adopted from COSO 2017)

Comparing the ISO 31000 and the proposed COSO ERM

To assist in this process, COSO (2017a) emphasizes the importance of defining and maintaining risk management objectives for each organizational level. Additionally, in 2010 the Institute of Internal Auditors (IIA) published a "Practical Guide - Assessing the Adequacy of Risk Management Using ISO 31000" to help organizations choose a framework that better suited their needs, philosophy and resources.

Implementation of Risk Management Framework form ISO and COSO Perspectives

The 2014 project announced by COSO to update their risk management framework aimed to account for the development of risk management theories and practices over the past decade from 2010. Kwak and Stoddard (2004) argue that risk management tools was created to implement convenient risk management practices and increase success.

Benefits of Effective Enterprise Risk Management as per COSO 2017 ERM Framework

These benefits are consistent with the major philosophical premise upon which several researchers have based their approaches to risk management analysis and evaluation, most notably Hillson Beasley, Branson, and Hancock (2012); Walker and Shenkir (2018). Lermack (2008) noted the importance and benefits of effective ERM as it became the industry standard for risk management.

Aspects of ERM Implementation in the context of HEIs

In so many examples of higher education institutions, risk management was not taken seriously (Raanan, 2009). 2013) argue that the first step in the risk management process is to identify and classify the potential risks.

Aspects of ERM Adoption in Higher Education Institutions

In summary, in the early years of the 21st century, most academic works and research on risk management covered only for-profit organizations or companies, not universities. In his presentation of the experience of higher education institutions in England (with reference to the UK Quality Assurance Agency/QAA) he refers to the risk management framework set out by HEFCE in 2000.

Risk Management as an assessment and accreditation tool in the context of HEIs

Several advanced countries in the world have adopted risk management in their higher education system as a proven and successful tool for accreditation and assessment of the academic performance of their HEIs. The British higher education experience in the area of ​​risk-based academic institutional accreditation and quality assurance is worth mentioning here.

ERM Implementation as a Culture and Process

Hillson (2012), one of the most prominent contemporary risk management theorists and practitioners, defines ERM as a process. He explains the risk management process by asking (and answering) six simple questions, summarized as follows:.

Figure 2.7 – Risk Management Process I (Adopted from Vandenberg (2017)

UAE CAA and introducing the Standards

CAA (1029a and 2019b) went further to even support the claim that the Standards have paved the way for the establishment and establishment of the UAE's higher education sector, a role which has always been reflected in their highly inclusive and contextual nature. . This strong national quality assurance system has really helped HEI stakeholders in the UAE to gain more confidence in meeting the Standards' requirements.

How to Measure Academic Effectiveness

As previously mentioned, the academic performance of academic staff is measured mainly and predominantly by "efficiency". However, Campbell (2005) also claims that it is not easy to measure this type of academic performance: "One of the problems in the measurement of effective teaching is the definition of what effective teaching involves.

Risk Maturity and the Risk Maturity Models (RMMs)

However, how to measure risk management and maturity level is more important in this study. In this context, a measurement tool is much needed to help institutions identify areas of improvement and measure progress in implementing risk management and process improvement.

Figure 2.10 – The Structure of Risk Maturity Model – Adopted from Wieczorek-Kosmala (2014, p

Academic Effectiveness and Quality Assurance within the Context of ERM

For this reason, this study adopts the performance and role of people in the ERM implementation process while investigating the perceptions of faculty members and administrators on this topic. In all cases, the conceptual framework of this study suggests academic effectiveness as an end product of the ERM implementation process, which is the focus of the study.

Academic Quality Assurance in the Context of ERM Implementation

Maintaining and improving the quality and effectiveness of academic performance in higher education is the main focus of all private and government universities in the UAE (Warner and Burton, 2017). Furthermore, as initiated earlier in this study, the quality of academic performance is of great importance and importance in fulfilling the UAE National Strategy for Higher Education 2030.

Perceptions of ERM in HEIs

To serve the purpose of risk perception measurements, some research has discussed the use of quantifications when discussing risk, similar to when decision makers tend to be precise when estimating risk using numerical scores and percentages ( Lundquist, 2015). In summary, research and empirical studies of risk have indicated that risk preference, as well as decision-making related to risk, varies with context and the human bias factor and therefore needs to be measured and quantified.

Chapter Summary

In the UAE context, research has indicated that higher education lacks explicit federal regulations that necessitate and require ERM. In simpler terms, UAE higher education lags behind other sectors in terms of ERM adoption, implementation and integration.

Introduction

Therefore, this chapter presents the study approach and design, and its associated philosophical research paradigms. The chapter concludes with the research activity plan adopted by the researcher to achieve the study aim and answer his research questions.

Study Approach – Philosophical Paradigms

In this sense, the postpositivist paradigm is accepted where the researcher intends to examine the main constructs of the study quantitatively and objectively to devise results that support the qualitative findings (Creswell 2014; Creswell & Creswell 2018). At the other end of this research spectrum, where the researcher intends to obtain qualitative data, "the.

Study Design

The follow-up qualitative study then seeks further explanation of the quantitative findings (Creswell & Plano Clark 2011; Johnson & Christensen 2014). To elaborate, for the quantitative part of the research the researcher chose a survey research strategy where a structured questionnaire was designed to be.

Figure 3.2 – Explanatory Study Approach – Adopted from Creswell (2014, p. 220)

Study Setting – Site and Context

The qualitative research approach is seen as the supporting tool of the research line in relation to how document analysis and interviews are conducted at the end of the second research phase. The demographic analyzes of all participants are later utilized in the analysis of the data collected through questionnaire and interviews.

Table 3.2 – Research Sampling Selection Basis

Population, Sampling and Sampling Size

Definition of the Study Population and Basis of Selection

In this sense, the researcher followed certain criteria to define the population and later the specific sample of the study. Based on this criterion, the general population was reduced to be all academic administrators and faculty members of the selected HEIs.

Sampling Selection Technique

In summary, the researcher chose convenience sampling in this study because it takes into account the selection of participants based on their availability, knowledge of the research topic, ease of access, suitability to the study's research question and/or their willingness to participate in the study (Johnson & Christensen 2014) . The researcher avoided convenience sampling at this stage of the study in order to make the "best judgement".

Figure 3.5 – Convenience Sampling Method – Adopted from Fraenkel and Wallen (2015, p. 100)

Sampling Size

The process used for the sample selection was set as ten academic administrators and ten faculty members from each of the targeted institutions. Therefore, since the researcher adopted the convenience and purposive sampling techniques as shown above, the determination of the final and actual sample size of the study came at a later stage.

Data Collection Instruments

Overview of the Data Collection

The first were the same 101 respondents from the quantitative survey whose answers led to the resulting data from the document analysis and interviews. The questionnaire was developed based on key concepts and terminology around the most important concepts and constructs of the study.

Quantitative Instruments – Questionnaire

How the researcher determined the survey questions depends on two factors. The second part of the questions of the first group was aimed at getting answers from the participants about the effectiveness of ERM implementation in their HIEs (ERM Adoption and . Implementation).

Table 3.4 – Quantitative Data Collection Process Step No. Description

Qualitative Instruments – Document Analysis and Interviews

• Document Analysis
• Semi-Structured Interviews

In their definition of interviews as a qualitative research tool, Cohen, Manion and Morrison (2018, p. 506) stated that "the interview is a social, interpersonal encounter, not simply a data collection exercise". In this sense, the researcher used the interviews to add more insights to the findings of the questionnaire.

Reliability, Validity and Trustworthiness

Quantitative Data Reliability and Validity

The results of Lundquist (2015) were based on data from thirty-seven (n=37) university administrators who responded positively to most items on the questionnaire. In other words, the Cronbach Alpha test proved that the scales of items of the questionnaire shared "covariance".

Qualitative Data Validity and Trustworthiness

Several strategies were adopted in the data analysis process to enhance and boost the strength and credibility of the document analysis and interview results. In summary, the researcher used multiple and different measurements to increase the reliability and validity of the study.

Analysis Methods Implementation

Quantitative Data Analysis

This is typical of the overall data analysis in the quantitative section of the study. To make bivariate comparisons of the most important variables identified in the quantitative data, the researcher used the Mann-Whitney test (non-parametric test) because the data from the questionnaire did not meet the conditions for a parametric analysis is not required, such as the T-test.

Qualitative Data Analysis

The sets of figures, graphs and tables produced by the descriptive analysis were used by the researcher to integrate the results of the questionnaire into the research, in preparation for the document analysis and interviews. The results that the researcher obtained from the subsequent qualitative data will be interpreted in a dedicated discussion section.

Summary of Data Analysis Techniques

Saldana (2009, p. 3) defined coding in qualitative research as “a short word or phrase that symbolically assigns a summary, salient, gist and/or evocative attribute to a piece of data based on language or visual". Data considered in this type of analysis may consist of "interview transcripts, participant observations, field notes, journals, documents, literature, artifacts, photographs, videos, websites, email correspondence, and so on" (Saldana 2009, p. 3).

Ethical Considerations

The participants' consent was obtained using the consent forms for voluntary participation in appendices 4-6, after the researcher had secured the necessary approvals and signatures from the Study Doctor (DOS) and the BUiD administration. The researcher also locked his electronic files and folders with a secure password to guarantee their cyber security.

The Role of the Researcher

As a result, the participants often tend to be directly involved in the research process itself" (Fraenkel. In these cases, the researcher relied on his previous knowledge from the ERM literature and motivated the participants to be more proactive when providing their answers.

Research Activity Plan

Continue work on Chapters 4 and 5 based on findings and results and DOS feedback. After receiving feedback on Chapter 4, submit a draft of Chapter 5 to DOS based on the feedback and comments on Chapter 4.

Summary of Study Methodology

8  Begin the final phase of the investigation by conducting document analysis and establishing an interview schedule based on data collected through the questionnaires and document analysis. On the other hand, in the qualitative phase of the study, document analysis and interview tools were used to bring about qualitative data, thematic and coding results.

Introduction

In summary, this chapter has been structured by the researcher to focus on analyzing the data to provide evidence to achieve the main objective of the study. A summary of the research questions and objectives in relation to the data analysis techniques used by the researcher is presented in Table 1.1 of this study.

Results of the Demographic Data Analysis

The list of roles and responsibilities in Table 4.7 indicates the level of engagement of each of the respondents in the risk management process, starting from the basic task of designing and implementing a risk management framework and policy, to the sophisticated and advanced task of risk construction. awareness among stakeholders. According to the role of the respondents, the majority of administrators (n= 75.6%) agreed that ERM tasks are mostly in the hands of the risk manager.

Figure 4.1 – Demographic Distribution of Participants by Role

Results of the Study

Analysis of the Academic Administrators’ and Faculty Members’ Perceptions of the Effectiveness of ERM

• The Cronbach’s Alpha Reliability Test

The longest running ERM program was started in 2002 by one of the selected public institutions, while 3 private institutions had started their ERM program within the last 6 years, in the period 2015-2021. Almost 18% of the institutions in the study have had their ERM program for 8 years or less, and 6.10% have had their ERM program for 4 years or less.

Table 4.10 – Item-Total Statistics of the Questionnaire Reliability Test Item-Total Statistics

Perceptions on the Effectiveness of ERM Adoption

As previously mentioned, the data in Table 4.7 provide some evidence to indicate the level of understanding and awareness of the respondents regarding the adoption of ERM in their institutions. The majority of all respondents (74.5% of respondents at selected public universities and 69.8% of respondents at selected private universities) chose the term "Risk Management".

Table 4.11 – Actual Corresponding Term Used for Risk Management and QA Programme Implementation

Perceptions on the Effectiveness of ERM Implementation and Integration

This means that the majority of responses indicate a moderately mature level of ERM implementation and integration in the selected UAE HEIs, whether the concept used is risk management or ERM. Further investigation into the levels of ERM implementation and integration was also conducted in the document analysis and interview phases of the study.

Table 4.20 – Levels of ERM Implementation Maturity by Years of Application

Perceptions Determining the Maturity Level of ERM Implementation (Q18 to Q34)

The analysis in Table 4.27 presents a general idea of ​​the maturity levels of ERM implementation in selected UAE HEIs based on the perceptions of the survey participants. Therefore, it can be concluded that there is no significant difference between public and private institutions in terms of the level of perception of the effectiveness of the implementation of risk management in their institutions.

Table 4.26 presents the ERM maturity testing results for the first group of ERM maturity testing questions (items Q18 to Q24) based on the above-described and tested model

Current Status of ERM Policies and Practices in UAE HEIs

• Exploring the Status of ERM Policies and Practices in UAE HEIs through Survey Questions
• Exploring the Status of ERM Policies and Practices in UAE HEIs through Document Analysis
• The UAE CAA 2019 Standards
• HEI 1 ERM Policies and Manuals (Risk Management Policy Manual and Risk Procedures Manual)
• HEI 2 ERM Policies and Manuals (The Risk Management Policy)
• HEI 3 ERM Policies and Manuals (Risk Management Policies and Manuals)

After analyzing the Standards, the researcher identified a quantifiable link between academic programs' accreditation and risk management implementation. One of the basic aspects learned from the Standards is that risk management can and should be implemented by.

Table 4.33 – Results of Awareness Regarding the Adoption of a Clear ERM Policy Statement Count Percentage Order (descending)

Building a More Effective ERM Framework in UAE HEIs

• Introduction to the Interview Findings
• Adopted QA and Risk Management Approaches
• Understanding and Defining ERM as a QA Concept
• Defining the Form of Existing Risk Management Policy
• Understanding the Method of Risk Management Policy Formation
• Contribution of Independent Risk Management Committee to Risk Management Policy Formation
• The Role of Risk Management Policy in Risk Identification and Assessment
• The Role of Risk Management Policy in Risk Mitigation and Opportunity Creation
• The Role of Risk Management Policy in the Enhancement of Financial Viability
• The Role of the Risk Management Policy in the Creation of Organisational Change
• The Role of the Risk Management Policy in Support of Institutional Effectiveness

However, the responses to the interview questions were particularly helpful in discussing the findings related to RQ3. For each interview, the researcher made different entries into the NVivo coding based on the main themes of each of the ten interview questions.

Summary of the Qualitative Semi-Structured Interview Data Results

Summary of the Results

Introduction

Discussion of the Results

Discussion of the Results of Research Question 1

Discussion of the Results of Research Questions 2 and 3

Confirmed Conceptual Framework of ERM

Introduction

Contributions of the Research

Limitations of the Study

Recommendations for ERM Professionals and Proposed ERM Guidelines

Recommendations for ERM Professionals and Administrators

Implications for Practice and Policy: Proposed Guidelines for Enhanced ERM Implementation Strategies

Conclusion and Overview of the Study

Questions of the Study

Survey Questionnaire Instrument (Perceptions Survey Questionnaire)

Semi Structured Interview Protocol & Interview Schedule

Sample Request of University Permission

Sample Participants Letter

Sample Informed Consent Form

Participation BUiD Ethics Form