it risk management case study

Enterprise Risk Management Case Studies: Heroes and Zeros

By Andy Marker | April 7, 2021

• Share on Facebook
• Share on LinkedIn

Link copied

We’ve compiled more than 20 case studies of enterprise risk management programs that illustrate how companies can prevent significant losses yet take risks with more confidence.   

Included on this page, you’ll find case studies and examples by industry , case studies of major risk scenarios (and company responses), and examples of ERM successes and failures .

Enterprise Risk Management Examples and Case Studies

With enterprise risk management (ERM) , companies assess potential risks that could derail strategic objectives and implement measures to minimize or avoid those risks. You can analyze examples (or case studies) of enterprise risk management to better understand the concept and how to properly execute it.

The collection of examples and case studies on this page illustrates common risk management scenarios by industry, principle, and degree of success. For a basic overview of enterprise risk management, including major types of risks, how to develop policies, and how to identify key risk indicators (KRIs), read “ Enterprise Risk Management 101: Programs, Frameworks, and Advice from Experts .”

Enterprise Risk Management Framework Examples

An enterprise risk management framework is a system by which you assess and mitigate potential risks. The framework varies by industry, but most include roles and responsibilities, a methodology for risk identification, a risk appetite statement, risk prioritization, mitigation strategies, and monitoring and reporting.

To learn more about enterprise risk management and find examples of different frameworks, read our “ Ultimate Guide to Enterprise Risk Management .”

Enterprise Risk Management Examples and Case Studies by Industry

Though every firm faces unique risks, those in the same industry often share similar risks. By understanding industry-wide common risks, you can create and implement response plans that offer your firm a competitive advantage.

Enterprise Risk Management Example in Banking

Toronto-headquartered TD Bank organizes its risk management around two pillars: a risk management framework and risk appetite statement. The enterprise risk framework defines the risks the bank faces and lays out risk management practices to identify, assess, and control risk. The risk appetite statement outlines the bank’s willingness to take on risk to achieve its growth objectives. Both pillars are overseen by the risk committee of the company’s board of directors.  

Risk management frameworks were an important part of the International Organization for Standardization’s 31000 standard when it was first written in 2009 and have been updated since then. The standards provide universal guidelines for risk management programs.  

Risk management frameworks also resulted from the efforts of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). The group was formed to fight corporate fraud and included risk management as a dimension. 

Once TD completes the ERM framework, the bank moves onto the risk appetite statement. 

The bank, which built a large U.S. presence through major acquisitions, determined that it will only take on risks that meet the following three criteria:

• The risk fits the company’s strategy, and TD can understand and manage those risks. 
• The risk does not render the bank vulnerable to significant loss from a single risk.
• The risk does not expose the company to potential harm to its brand and reputation. 

Some of the major risks the bank faces include strategic risk, credit risk, market risk, liquidity risk, operational risk, insurance risk, capital adequacy risk, regulator risk, and reputation risk. Managers detail these categories in a risk inventory. 

The risk framework and appetite statement, which are tracked on a dashboard against metrics such as capital adequacy and credit risk, are reviewed annually. 

TD uses a three lines of defense (3LOD) strategy, an approach widely favored by ERM experts, to guard against risk. The three lines are as follows:

• A business unit and corporate policies that create controls, as well as manage and monitor risk
• Standards and governance that provide oversight and review of risks and compliance with the risk appetite and framework 
• Internal audits that provide independent checks and verification that risk-management procedures are effective

Enterprise Risk Management Example in Pharmaceuticals

Drug companies’ risks include threats around product quality and safety, regulatory action, and consumer trust. To avoid these risks, ERM experts emphasize the importance of making sure that strategic goals do not conflict. 

For Britain’s GlaxoSmithKline, such a conflict led to a breakdown in risk management, among other issues. In the early 2000s, the company was striving to increase sales and profitability while also ensuring safe and effective medicines. One risk the company faced was a failure to meet current good manufacturing practices (CGMP) at its plant in Cidra, Puerto Rico. 

CGMP includes implementing oversight and controls of manufacturing, as well as managing the risk and confirming the safety of raw materials and finished drug products. Noncompliance with CGMP can result in escalating consequences, ranging from warnings to recalls to criminal prosecution. 

GSK’s unit pleaded guilty and paid $750 million in 2010 to resolve U.S. charges related to drugs made at the Cidra plant, which the company later closed. A fired GSK quality manager alerted regulators and filed a whistleblower lawsuit in 2004. In announcing the consent decree, the U.S. Department of Justice said the plant had a history of bacterial contamination and multiple drugs created there in the early 2000s violated safety standards.

According to the whistleblower, GSK’s ERM process failed in several respects to act on signs of non-compliance with CGMP. The company received warning letters from the U.S. Food and Drug Administration in 2001 about the plant’s practices, but did not resolve the issues. 

Additionally, the company didn’t act on the quality manager’s compliance report, which advised GSK to close the plant for two weeks to fix the problems and notify the FDA. According to court filings, plant staff merely skimmed rejected products and sold them on the black market. They also scraped by hand the inside of an antibiotic tank to get more product and, in so doing, introduced bacteria into the product.

Enterprise Risk Management Example in Consumer Packaged Goods

Mars Inc., an international candy and food company, developed an ERM process. The company piloted and deployed the initiative through workshops with geographic, product, and functional teams from 2003 to 2012. 

Driven by a desire to frame risk as an opportunity and to work within the company’s decentralized structure, Mars created a process that asked participants to identify potential risks and vote on which had the highest probability. The teams listed risk mitigation steps, then ranked and color-coded them according to probability of success. 

Larry Warner, a Mars risk officer at the time, illustrated this process in a case study . An initiative to increase direct-to-consumer shipments by 12 percent was colored green, indicating a 75 percent or greater probability of achievement. The initiative to bring a new plant online by the end of Q3 was coded red, meaning less than a 50 percent probability of success. 

The company’s results were hurt by a surprise at an operating unit that resulted from a so-coded red risk identified in a unit workshop. Executives had agreed that some red risk profile was to be expected, but they decided that when a unit encountered a red issue, it must be communicated upward when first identified. This became a rule. 

This process led to the creation of an ERM dashboard that listed initiatives in priority order, with the profile of each risk faced in the quarter, the risk profile trend, and a comment column for a year-end view. 

According to Warner, the key factors of success for ERM at Mars are as follows:

• The initiative focused on achieving operational and strategic objectives rather than compliance, which refers to adhering to established rules and regulations.
• The program evolved, often based on requests from business units, and incorporated continuous improvement. 
• The ERM team did not overpromise. It set realistic objectives.
• The ERM team periodically surveyed business units, management teams, and board advisers.

Enterprise Risk Management Example in Retail

Walmart is the world’s biggest retailer. As such, the company understands that its risk makeup is complex, given the geographic spread of its operations and its large number of stores, vast supply chain, and high profile as an employer and buyer of goods. 

In the 1990s, the company sought a simplified strategy for assessing risk and created an enterprise risk management plan with five steps founded on these four questions:

• What are the risks?
• What are we going to do about them?
• How will we know if we are raising or decreasing risk?
• How will we show shareholder value?

The process follows these five steps:

• Risk Identification: Senior Walmart leaders meet in workshops to identify risks, which are then plotted on a graph of probability vs. impact. Doing so helps to prioritize the biggest risks. The executives then look at seven risk categories (both internal and external): legal/regulatory, political, business environment, strategic, operational, financial, and integrity. Many ERM pros use risk registers to evaluate and determine the priority of risks. You can download templates that help correlate risk probability and potential impact in “ Free Risk Register Templates .”
• Risk Mitigation: Teams that include operational staff in the relevant area meet. They use existing inventory procedures to address the risks and determine if the procedures are effective.
• Action Planning: A project team identifies and implements next steps over the several months to follow.
• Performance Metrics: The group develops metrics to measure the impact of the changes. They also look at trends of actual performance compared to goal over time.
• Return on Investment and Shareholder Value: In this step, the group assesses the changes’ impact on sales and expenses to determine if the moves improved shareholder value and ROI.

To develop your own risk management planning, you can download a customizable template in “ Risk Management Plan Templates .”

Enterprise Risk Management Example in Agriculture

United Grain Growers (UGG), a Canadian grain distributor that now is part of Glencore Ltd., was hailed as an ERM innovator and became the subject of business school case studies for its enterprise risk management program. This initiative addressed the risks associated with weather for its business. Crop volume drove UGG’s revenue and profits. 

In the late 1990s, UGG identified its major unaddressed risks. Using almost a century of data, risk analysts found that extreme weather events occurred 10 times as frequently as previously believed. The company worked with its insurance broker and the Swiss Re Group on a solution that added grain-volume risk (resulting from weather fluctuations) to its other insured risks, such as property and liability, in an integrated program. 

The result was insurance that protected grain-handling earnings, which comprised half of UGG’s gross profits. The greater financial stability significantly enhanced the firm’s ability to achieve its strategic objectives. 

Since then, the number and types of instruments to manage weather-related risks has multiplied rapidly. For example, over-the-counter derivatives, such as futures and options, began trading in 1997. The Chicago Mercantile Exchange now offers weather futures contracts on 12 U.S. and international cities. 

Weather derivatives are linked to climate factors such as rainfall or temperature, and they hedge different kinds of risks than do insurance. These risks are much more common (e.g., a cooler-than-normal summer) than the earthquakes and floods that insurance typically covers. And the holders of derivatives do not have to incur any damage to collect on them.

These weather-linked instruments have found a wider audience than anticipated, including retailers that worry about freak storms decimating Christmas sales, amusement park operators fearing rainy summers will keep crowds away, and energy companies needing to hedge demand for heating and cooling.

This area of ERM continues to evolve because weather and crop insurance are not enough to address all the risks that agriculture faces. Arbol, Inc. estimates that more than $1 trillion of agricultural risk is uninsured. As such, it is launching a blockchain-based platform that offers contracts (customized by location and risk parameters) with payouts based on weather data. These contracts can cover risks associated with niche crops and small growing areas.

Enterprise Risk Management Example in Insurance

Switzerland’s Zurich Insurance Group understands that risk is inherent for insurers and seeks to practice disciplined risk-taking, within a predetermined risk tolerance. 

The global insurer’s enterprise risk management framework aims to protect capital, liquidity, earnings, and reputation. Governance serves as the basis for risk management, and the framework lays out responsibilities for taking, managing, monitoring, and reporting risks. 

The company uses a proprietary process called Total Risk Profiling (TRP) to monitor internal and external risks to its strategy and financial plan. TRP assesses risk on the basis of severity and probability, and helps define and implement mitigating moves. 

Zurich’s risk appetite sets parameters for its tolerance within the goal of maintaining enough capital to achieve an AA rating from rating agencies. For this, the company uses its own Zurich economic capital model, referred to as Z-ECM. The model quantifies risk tolerance with a metric that assesses risk profile vs. risk tolerance. 

To maintain the AA rating, the company aims to hold capital between 100 and 120 percent of capital at risk. Above 140 percent is considered overcapitalized (therefore at risk of throttling growth), and under 90 percent is below risk tolerance (meaning the risk is too high). On either side of 100 to 120 percent (90 to 100 percent and 120 to 140 percent), the insurer considers taking mitigating action. 

Zurich’s assessment of risk and the nature of those risks play a major role in determining how much capital regulators require the business to hold. A popular tool to assess risk is the risk matrix, and you can find a variety of templates in “ Free, Customizable Risk Matrix Templates .”

In 2020, Zurich found that its biggest exposures were market risk, such as falling asset valuations and interest-rate risk; insurance risk, such as big payouts for covered customer losses, which it hedges through diversification and reinsurance; credit risk in assets it holds and receivables; and operational risks, such as internal process failures and external fraud.

Enterprise Risk Management Example in Technology

Financial software maker Intuit has strengthened its enterprise risk management through evolution, according to a case study by former Chief Risk Officer Janet Nasburg. 

The program is founded on the following five core principles:

• Use a common risk framework across the enterprise.
• Assess risks on an ongoing basis.
• Focus on the most important risks.
• Clearly define accountability for risk management.
• Commit to continuous improvement of performance measurement and monitoring. 

ERM programs grow according to a maturity model, and as capability rises, the shareholder value from risk management becomes more visible and important. 

The maturity phases include the following:

• Ad hoc risk management addresses a specific problem when it arises.
• Targeted or initial risk management approaches risks with multiple understandings of what constitutes risk and management occurs in silos. 
• Integrated or repeatable risk management puts in place an organization-wide framework for risk assessment and response. 
• Intelligent or managed risk management coordinates risk management across the business, using common tools. 
• Risk leadership incorporates risk management into strategic decision-making. 

Intuit emphasizes using key risk indicators (KRIs) to understand risks, along with key performance indicators (KPIs) to gauge the effectiveness of risk management. 

Early in its ERM journey, Intuit measured performance on risk management process participation and risk assessment impact. For participation, the targeted rate was 80 percent of executive management and business-line leaders. This helped benchmark risk awareness and current risk management, at a time when ERM at the company was not mature.

Conduct an annual risk assessment at corporate and business-line levels to plot risks, so the most likely and most impactful risks are graphed in the upper-right quadrant. Doing so focuses attention on these risks and helps business leaders understand the risk’s impact on performance toward strategic objectives. 

In the company’s second phase of ERM, Intuit turned its attention to building risk management capacity and sought to ensure that risk management activities addressed the most important risks. The company evaluated performance using color-coded status symbols (red, yellow, green) to indicate risk trend and progress on risk mitigation measures.

In its third phase, Intuit moved to actively monitoring the most important risks and ensuring that leaders modified their strategies to manage risks and take advantage of opportunities. An executive dashboard uses KRIs, KPIs, an overall risk rating, and red-yellow-green coding. The board of directors regularly reviews this dashboard.

Over this evolution, the company has moved from narrow, tactical risk management to holistic, strategic, and long-term ERM.

Enterprise Risk Management Case Studies by Principle

ERM veterans agree that in addition to KPIs and KRIs, other principles are equally important to follow. Below, you’ll find examples of enterprise risk management programs by principles.

ERM Principle #1: Make Sure Your Program Aligns with Your Values

Raytheon Case Study U.S. defense contractor Raytheon states that its highest priority is delivering on its commitment to provide ethical business practices and abide by anti-corruption laws.

Raytheon backs up this statement through its ERM program. Among other measures, the company performs an annual risk assessment for each function, including the anti-corruption group under the Chief Ethics and Compliance Officer. In addition, Raytheon asks 70 of its sites to perform an anti-corruption self-assessment each year to identify gaps and risks. From there, a compliance team tracks improvement actions. 

Every quarter, the company surveys 600 staff members who may face higher anti-corruption risks, such as the potential for bribes. The survey asks them to report any potential issues in the past quarter.

Also on a quarterly basis, the finance and internal controls teams review higher-risk profile payments, such as donations and gratuities to confirm accuracy and compliance. Oversight and compliance teams add other checks, and they update a risk-based audit plan continuously.

ERM Principle #2: Embrace Diversity to Reduce Risk

State Street Global Advisors Case Study In 2016, the asset management firm State Street Global Advisors introduced measures to increase gender diversity in its leadership as a way of reducing portfolio risk, among other goals. 

The company relied on research that showed that companies with more women senior managers had a better return on equity, reduced volatility, and fewer governance problems such as corruption and fraud. 

Among the initiatives was a campaign to influence companies where State Street had invested, in order to increase female membership on their boards. State Street also developed an investment product that tracks the performance of companies with the highest level of senior female leadership relative to peers in their sector. 

In 2020, the company announced some of the results of its effort. Among the 1,384 companies targeted by the firm, 681 added at least one female director.

ERM Principle #3: Do Not Overlook Resource Risks

Infosys Case Study India-based technology consulting company Infosys, which employees more than 240,000 people, has long recognized the risk of water shortages to its operations. 

India’s rapidly growing population and development has increased the risk of water scarcity. A 2020 report by the World Wide Fund for Nature said 30 cities in India faced the risk of severe water scarcity over the next three decades. 

Infosys has dozens of facilities in India and considers water to be a significant short-term risk. At its campuses, the company uses the water for cooking, drinking, cleaning, restrooms, landscaping, and cooling. Water shortages could halt Infosys operations and prevent it from completing customer projects and reaching its performance objectives. 

In an enterprise risk assessment example, Infosys’ ERM team conducts corporate water-risk assessments while sustainability teams produce detailed water-risk assessments for individual locations, according to a report by the World Business Council for Sustainable Development .

The company uses the COSO ERM framework to respond to the risks and decide whether to accept, avoid, reduce, or share these risks. The company uses root-cause analysis (which focuses on identifying underlying causes rather than symptoms) and the site assessments to plan steps to reduce risks. 

Infosys has implemented various water conservation measures, such as water-efficient fixtures and water recycling, rainwater collection and use, recharging aquifers, underground reservoirs to hold five days of water supply at locations, and smart-meter usage monitoring. Infosys’ ERM team tracks metrics for per-capita water consumption, along with rainfall data, availability and cost of water by tanker trucks, and water usage from external suppliers. 

In the 2020 fiscal year, the company reported a nearly 64 percent drop in per-capita water consumption by its workforce from the 2008 fiscal year. 

The business advantages of this risk management include an ability to open locations where water shortages may preclude competitors, and being able to maintain operations during water scarcity, protecting profitability.

ERM Principle #4: Fight Silos for Stronger Enterprise Risk Management

U.S. Government Case Study The terrorist attacks of September 11, 2001, revealed that the U.S. government’s then-current approach to managing intelligence was not adequate to address the threats — and, by extension, so was the government’s risk management procedure. Since the Cold War, sensitive information had been managed on a “need to know” basis that resulted in data silos. 

In the case of 9/11, this meant that different parts of the government knew some relevant intelligence that could have helped prevent the attacks. But no one had the opportunity to put the information together and see the whole picture. A congressional commission determined there were 10 lost operational opportunities to derail the plot. Silos existed between law enforcement and intelligence, as well as between and within agencies. 

After the attacks, the government moved toward greater information sharing and collaboration. Based on a task force’s recommendations, data moved from a centralized network to a distributed model, and social networking tools now allow colleagues throughout the government to connect. Staff began working across agency lines more often.

Enterprise Risk Management Examples by Scenario

While some scenarios are too unlikely to receive high-priority status, low-probability risks are still worth running through the ERM process. Robust risk management creates a culture and response capacity that better positions a company to deal with a crisis.

In the following enterprise risk examples, you will find scenarios and details of how organizations manage the risks they face.

Scenario: ERM and the Global Pandemic While most businesses do not have the resources to do in-depth ERM planning for the rare occurrence of a global pandemic, companies with a risk-aware culture will be at an advantage if a pandemic does hit. 

These businesses already have processes in place to escalate trouble signs for immediate attention and an ERM team or leader monitoring the threat environment. A strong ERM function gives clear and effective guidance that helps the company respond.

A report by Vodafone found that companies identified as “future ready” fared better in the COVID-19 pandemic. The attributes of future-ready businesses have a lot in common with those of companies that excel at ERM. These include viewing change as an opportunity; having detailed business strategies that are documented, funded, and measured; working to understand the forces that shape their environments; having roadmaps in place for technological transformation; and being able to react more quickly than competitors. 

Only about 20 percent of companies in the Vodafone study met the definition of “future ready.” But 54 percent of these firms had a fully developed and tested business continuity plan, compared to 30 percent of all businesses. And 82 percent felt their continuity plans worked well during the COVID-19 crisis. Nearly 50 percent of all businesses reported decreased profits, while 30 percent of future-ready organizations saw profits rise. 

Scenario: ERM and the Economic Crisis  The 2008 economic crisis in the United States resulted from the domino effect of rising interest rates, a collapse in housing prices, and a dramatic increase in foreclosures among mortgage borrowers with poor creditworthiness. This led to bank failures, a credit crunch, and layoffs, and the U.S. government had to rescue banks and other financial institutions to stabilize the financial system.

Some commentators said these events revealed the shortcomings of ERM because it did not prevent the banks’ mistakes or collapse. But Sim Segal, an ERM consultant and director of Columbia University’s ERM master’s degree program, analyzed how banks performed on 10 key ERM criteria. 

Segal says a risk-management program that incorporates all 10 criteria has these characteristics: 

• Risk management has an enterprise-wide scope.
• The program includes all risk categories: financial, operational, and strategic. 
• The focus is on the most important risks, not all possible risks. 
• Risk management is integrated across risk types.
• Aggregated metrics show risk exposure and appetite across the enterprise.
• Risk management incorporates decision-making, not just reporting.
• The effort balances risk and return management.
• There is a process for disclosure of risk.
• The program measures risk in terms of potential impact on company value.
• The focus of risk management is on the primary stakeholder, such as shareholders, rather than regulators or rating agencies.

In his book Corporate Value of Enterprise Risk Management , Segal concluded that most banks did not actually use ERM practices, which contributed to the financial crisis. He scored banks as failing on nine of the 10 criteria, only giving them a passing grade for focusing on the most important risks. 

Scenario: ERM and Technology Risk  The story of retailer Target’s failed expansion to Canada, where it shut down 133 loss-making stores in 2015, has been well documented. But one dimension that analysts have sometimes overlooked was Target’s handling of technology risk. 

A case study by Canadian Business magazine traced some of the biggest issues to software and data-quality problems that dramatically undermined the Canadian launch. 

As with other forms of ERM, technology risk management requires companies to ask what could go wrong, what the consequences would be, how they might prevent the risks, and how they should deal with the consequences. 

But with its technology plan for Canada, Target did not heed risk warning signs. 

In the United States, Target had custom systems for ordering products from vendors, processing items at warehouses, and distributing merchandise to stores quickly. But that software would need customization to work with the Canadian dollar, metric system, and French-language characters. 

Target decided to go with new ERP software on an aggressive two-year timeline. As Target began ordering products for the Canadian stores in 2012, problems arose. Some items did not fit into shipping containers or on store shelves, and information needed for customs agents to clear imported items was not correct in Target's system. 

Target found that its supply chain software data was full of errors. Product dimensions were in inches, not centimeters; height and width measurements were mixed up. An internal investigation showed that only about 30 percent of the data was accurate. 

In an attempt to fix these errors, Target merchandisers spent a week double-checking with vendors up to 80 data points for each of the retailer’s 75,000 products. They discovered that the dummy data entered into the software during setup had not been altered. To make any corrections, employees had to send the new information to an office in India where staff would enter it into the system. 

As the launch approached, the technology errors left the company vulnerable to stockouts, few people understood how the system worked, and the point-of-sale checkout system did not function correctly. Soon after stores opened in 2013, consumers began complaining about empty shelves. Meanwhile, Target Canada distribution centers overflowed due to excess ordering based on poor data fed into forecasting software. 

The rushed launch compounded problems because it did not allow the company enough time to find solutions or alternative technology. While the retailer fixed some issues by the end of 2014, it was too late. Target Canada filed for bankruptcy protection in early 2015. 

Scenario: ERM and Cybersecurity System hacks and data theft are major worries for companies. But as a relatively new field, cyber-risk management faces unique hurdles.

For example, risk managers and information security officers have difficulty quantifying the likelihood and business impact of a cybersecurity attack. The rise of cloud-based software exposes companies to third-party risks that make these projections even more difficult to calculate. 

As the field evolves, risk managers say it’s important for IT security officers to look beyond technical issues, such as the need to patch a vulnerability, and instead look more broadly at business impacts to make a cost benefit analysis of risk mitigation. Frameworks such as the Risk Management Framework for Information Systems and Organizations by the National Institute of Standards and Technology can help.  

Health insurer Aetna considers cybersecurity threats as a part of operational risk within its ERM framework and calculates a daily risk score, adjusted with changes in the cyberthreat landscape. 

Aetna studies threats from external actors by working through information sharing and analysis centers for the financial services and health industries. Aetna staff reverse-engineers malware to determine controls. The company says this type of activity helps ensure the resiliency of its business processes and greatly improves its ability to help protect member information.

For internal threats, Aetna uses models that compare current user behavior to past behavior and identify anomalies. (The company says it was the first organization to do this at scale across the enterprise.) Aetna gives staff permissions to networks and data based on what they need to perform their job. This segmentation restricts access to raw data and strengthens governance. 

Another risk initiative scans outgoing employee emails for code patterns, such as credit card or Social Security numbers. The system flags the email, and a security officer assesses it before the email is released.

Examples of Poor Enterprise Risk Management

Case studies of failed enterprise risk management often highlight mistakes that managers could and should have spotted — and corrected — before a full-blown crisis erupted. The focus of these examples is often on determining why that did not happen. 

ERM Case Study: General Motors

In 2014, General Motors recalled the first of what would become 29 million cars due to faulty ignition switches and paid compensation for 124 related deaths. GM knew of the problem for at least 10 years but did not act, the automaker later acknowledged. The company entered a deferred prosecution agreement and paid a $900 million penalty. 

Pointing to the length of time the company failed to disclose the safety problem, ERM specialists say it shows the problem did not reside with a single department. “Rather, it reflects a failure to properly manage risk,” wrote Steve Minsky, a writer on ERM and CEO of an ERM software company, in Risk Management magazine. 

“ERM is designed to keep all parties across the organization, from the front lines to the board to regulators, apprised of these kinds of problems as they become evident. Unfortunately, GM failed to implement such a program, ultimately leading to a tragic and costly scandal,” Minsky said.

Also in the auto sector, an enterprise risk management case study of Toyota looked at its problems with unintended acceleration of vehicles from 2002 to 2009. Several studies, including a case study by Carnegie Mellon University Professor Phil Koopman , blamed poor software design and company culture. A whistleblower later revealed a coverup by Toyota. The company paid more than $2.5 billion in fines and settlements.

ERM Case Study: Lululemon

In 2013, following customer complaints that its black yoga pants were too sheer, the athletic apparel maker recalled 17 percent of its inventory at a cost of $67 million. The company had previously identified risks related to fabric supply and quality. The CEO said the issue was inadequate testing. 

Analysts raised concerns about the company’s controls, including oversight of factories and product quality. A case study by Stanford University professors noted that Lululemon’s episode illustrated a common disconnect between identifying risks and being prepared to manage them when they materialize. Lululemon’s reporting and analysis of risks was also inadequate, especially as related to social media. In addition, the case study highlighted the need for a system to escalate risk-related issues to the board. 

ERM Case Study: Kodak 

Once an iconic brand, the photo film company failed for decades to act on the threat that digital photography posed to its business and eventually filed for bankruptcy in 2012. The company’s own research in 1981 found that digital photos could ultimately replace Kodak’s film technology and estimated it had 10 years to prepare. 

Unfortunately, Kodak did not prepare and stayed locked into the film paradigm. The board reinforced this course when in 1989 it chose as CEO a candidate who came from the film business over an executive interested in digital technology. 

Had the company acknowledged the risks and employed ERM strategies, it might have pursued a variety of strategies to remain successful. The company’s rival, Fuji Film, took the money it made from film and invested in new initiatives, some of which paid off. Kodak, on the other hand, kept investing in the old core business.

Case Studies of Successful Enterprise Risk Management

Successful enterprise risk management usually requires strong performance in multiple dimensions, and is therefore more likely to occur in organizations where ERM has matured. The following examples of enterprise risk management can be considered success stories. 

ERM Case Study: Statoil 

A major global oil producer, Statoil of Norway stands out for the way it practices ERM by looking at both downside risk and upside potential. Taking risks is vital in a business that depends on finding new oil reserves. 

According to a case study, the company developed its own framework founded on two basic goals: creating value and avoiding accidents.

The company aims to understand risks thoroughly, and unlike many ERM programs, Statoil maps risks on both the downside and upside. It graphs risk on probability vs. impact on pre-tax earnings, and it examines each risk from both positive and negative perspectives. 

For example, the case study cites a risk that the company assessed as having a 5 percent probability of a somewhat better-than-expected outcome but a 10 percent probability of a significant loss relative to forecast. In this case, the downside risk was greater than the upside potential.

ERM Case Study: Lego 

The Danish toy maker’s ERM evolved over the following four phases, according to a case study by one of the chief architects of its program:

• Traditional management of financial, operational, and other risks. Strategic risk management joined the ERM program in 2006. 
• The company added Monte Carlo simulations in 2008 to model financial performance volatility so that budgeting and financial processes could incorporate risk management. The technique is used in budget simulations, to assess risk in its credit portfolio, and to consolidate risk exposure. 
• Active risk and opportunity planning is part of making a business case for new projects before final decisions.
• The company prepares for uncertainty so that long-term strategies remain relevant and resilient under different scenarios. 

As part of its scenario modeling, Lego developed its PAPA (park, adapt, prepare, act) model. 

• Park: The company parks risks that occur slowly and have a low probability of happening, meaning it does not forget nor actively deal with them.
• Adapt: This response is for risks that evolve slowly and are certain or highly probable to occur. For example, a risk in this category is the changing nature of play and the evolution of buying power in different parts of the world. In this phase, the company adjusts, monitors the trend, and follows developments.
• Prepare: This category includes risks that have a low probability of occurring — but when they do, they emerge rapidly. These risks go into the ERM risk database with contingency plans, early warning indicators, and mitigation measures in place.
• Act: These are high-probability, fast-moving risks that must be acted upon to maintain strategy. For example, developments around connectivity, mobile devices, and online activity are in this category because of the rapid pace of change and the influence on the way children play. 

Lego views risk management as a way to better equip itself to take risks than its competitors. In the case study, the writer likens this approach to the need for the fastest race cars to have the best brakes and steering to achieve top speeds.

ERM Case Study: University of California 

The University of California, one of the biggest U.S. public university systems, introduced a new view of risk to its workforce when it implemented enterprise risk management in 2005. Previously, the function was merely seen as a compliance requirement.

ERM became a way to support the university’s mission of education and research, drawing on collaboration of the system’s employees across departments. “Our philosophy is, ‘Everyone is a risk manager,’” Erike Young, deputy director of ERM told Treasury and Risk magazine. “Anyone who’s in a management position technically manages some type of risk.”

The university faces a diverse set of risks, including cybersecurity, hospital liability, reduced government financial support, and earthquakes.  

The ERM department had to overhaul systems to create a unified view of risk because its information and processes were not linked. Software enabled both an organizational picture of risk and highly detailed drilldowns on individual risks. Risk managers also developed tools for risk assessment, risk ranking, and risk modeling. 

Better risk management has provided more than $100 million in annual cost savings and nearly $500 million in cost avoidance, according to UC officials. 

UC drives ERM with risk management departments at each of its 10 locations and leverages university subject matter experts to form multidisciplinary workgroups that develop process improvements.

APQC, a standards quality organization, recognized UC as a top global ERM practice organization, and the university system has won other awards. The university says in 2010 it was the first nonfinancial organization to win credit-rating agency recognition of its ERM program.

Examples of How Technology Is Transforming Enterprise Risk Management

Business intelligence software has propelled major progress in enterprise risk management because the technology enables risk managers to bring their information together, analyze it, and forecast how risk scenarios would impact their business.

ERM organizations are using computing and data-handling advancements such as blockchain for new innovations in strengthening risk management. Following are case studies of a few examples.

ERM Case Study: Bank of New York Mellon 

In 2021, the bank joined with Google Cloud to use machine learning and artificial intelligence to predict and reduce the risk that transactions in the $22 trillion U.S. Treasury market will fail to settle. Settlement failure means a buyer and seller do not exchange cash and securities by the close of business on the scheduled date. 

The party that fails to settle is assessed a daily financial penalty, and a high level of settlement failures can indicate market liquidity problems and rising risk. BNY says that, on average, about 2 percent of transactions fail to settle.

The bank trained models with millions of trades to consider every factor that could result in settlement failure. The service uses market-wide intraday trading metrics, trading velocity, scarcity indicators, volume, the number of trades settled per hour, seasonality, issuance patterns, and other signals. 

The bank said it predicts about 40 percent of settlement failures with 90 percent accuracy. But it also cautioned against overconfidence in the technology as the model continues to improve. 

AI-driven forecasting reduces risk for BNY clients in the Treasury market and saves costs. For example, a predictive view of settlement risks helps bond dealers more accurately manage their liquidity buffers, avoid penalties, optimize their funding sources, and offset the risks of failed settlements. In the long run, such forecasting tools could improve the health of the financial market. 

ERM Case Study: PwC

Consulting company PwC has leveraged a vast information storehouse known as a data lake to help its customers manage risk from suppliers.

A data lake stores both structured or unstructured information, meaning data in highly organized, standardized formats as well as unstandardized data. This means that everything from raw audio to credit card numbers can live in a data lake. 

Using techniques pioneered in national security, PwC built a risk data lake that integrates information from client companies, public databases, user devices, and industry sources. Algorithms find patterns that can signify unidentified risks.

One of PwC’s first uses of this data lake was a program to help companies uncover risks from their vendors and suppliers. Companies can violate laws, harm their reputations, suffer fraud, and risk their proprietary information by doing business with the wrong vendor. 

Today’s complex global supply chains mean companies may be several degrees removed from the source of this risk, which makes it hard to spot and mitigate. For example, a product made with outlawed child labor could be traded through several intermediaries before it reaches a retailer. 

PwC’s service helps companies recognize risk beyond their primary vendors and continue to monitor that risk over time as more information enters the data lake.

ERM Case Study: Financial Services

As analytics have become a pillar of forecasting and risk management for banks and other financial institutions, a new risk has emerged: model risk . This refers to the risk that machine-learning models will lead users to an unreliable understanding of risk or have unintended consequences.

For example, a 6 percent drop in the value of the British pound over the course of a few minutes in 2016 stemmed from currency trading algorithms that spiralled into a negative loop. A Twitter-reading program began an automated selling of the pound after comments by a French official, and other selling algorithms kicked in once the currency dropped below a certain level.

U.S. banking regulators are so concerned about model risk that the Federal Reserve set up a model validation council in 2012 to assess the models that banks use in running risk simulations for capital adequacy requirements. Regulators in Europe and elsewhere also require model validation.

A form of managing risk from a risk-management tool, model validation is an effort to reduce risk from machine learning. The technology-driven rise in modeling capacity has caused such models to proliferate, and banks can use hundreds of models to assess different risks. 

Model risk management can reduce rising costs for modeling by an estimated 20 to 30 percent by building a validation workflow, prioritizing models that are most important to business decisions, and implementing automation for testing and other tasks, according to McKinsey.

Streamline Your Enterprise Risk Management Efforts with Real-Time Work Management in Smartsheet

Empower your people to go above and beyond with a flexible platform designed to match the needs of your team — and adapt as those needs change. 

The Smartsheet platform makes it easy to plan, capture, manage, and report on work from anywhere, helping your team be more effective and get more done. Report on key metrics and get real-time visibility into work as it happens with roll-up reports, dashboards, and automated workflows built to keep your team connected and informed. 

When teams have clarity into the work getting done, there’s no telling how much more they can accomplish in the same amount of time.  Try Smartsheet for free, today.

Discover why over 90% of Fortune 100 companies trust Smartsheet to get work done.

• Please enable javascript in your browser settings and refresh the page to continue.
• Technology Research /
• Strategy & Governance /
• IT Governance, Risk & Compliance

IT Governance, Risk & Compliance - Case Studies

• Strategy & Governance 8
• Value & Performance 5
• Infrastructure & Operations 6
• Enterprise Architecture 10
• Applications 10
• Project & Portfolio Management 8
• Data & Business Intelligence 3
• Vendor Management 8

Types of Content

• Job Descriptions 4
• Templates & Policies 50
• Case Studies 8
• Blueprints 6
• Storyboards 15

Please confirm the appointment time and click Schedule.

Your call is being booked. A representative will be available to assist you if needed.

• Predict! Software Suite
• Training and Coaching
• Predict! Risk Controller
• Rapid Deployment
• Predict! Risk Analyser
• Predict! Risk Reporter
• Predict! Risk Visualiser
• Predict! Cloud Hosting
• BOOK A DEMO
• Risk Vision
• Win Proposals with Risk Analysis
• Case Studies
• Video Gallery
• White Papers
• Upcoming Events
• Past Events

Fehmarnbelt case study

. . . . . learn more

Lend Lease case study

ASC case study

Tornado IPT case study

LLW Repository case study

OHL case study

Babcock case study

HUMS case study

UK Chinook case study

• EMEA: +44 (0) 1865 987 466
• Americas: +1 (0) 437 269 0697
• APAC: +61 499 520 456

Subscribe for Updates

Copyright © 2024 risk decisions. All rights reserved.

• Privacy Policy
• Cookie Policy
• Terms and Conditions
• Company Registration No: 01878114

Powered by The Communications Group

• Project Management
• Application Development
• Collaboration
• Cloud Virtualization
• Enterprise Apps
• Infrastructure
• News & Trends
• Case Studies
• Books for CIOs

IT Risk Management Guide for 2022

IT risk management allows organizations to prepare for some of the most costly risks they’ll face — every threat presented by devices, applications, and the internet. Successful risk management requires risk and IT teams to frequently work together and is most beneficial when organizations use software to organize their entire approach to risk. 

Table of Contents

What is IT risk management?

Information technology risk management is a specific branch of risk mitigation, prioritization, and optimization that focuses on the probabilities and threats that come from enterprise hardware, software, and networks. Focus areas of risk management include:

• Mitigation — enterprises work to lessen the negative impact of problems that have already occurred
• Prioritization — enterprises decide which risks are most important for them to handle and which are less critical
• Optimization — enterprises discover which risks are worth taking so they can reap the benefits if the risks pay off

Typically, enterprises create a risk management plan (often known as a GRC framework or a business continuity plan ) that involves multiple company stakeholders. Enterprises often use a software platform to digitally track risks; the application alerts them when a new threat arises and shows their progress to becoming compliant with any regulatory standards.

Also read : How to Meet Regulatory Compliance

What are common IT risks?

Examples of IT risks include employee mistakes, software vulnerabilities, and network and device failures. 

Human error 

Employee mistakes are responsible for around 85 percent of data breaches, according to The Psychology of Human Error study conducted by Stanford University and security firm Tessian. These errors include clicking links in emails that download malware onto a device, failing to use a variety of strong passwords , or accidentally giving away company information through a phone call or text. 

Hardware failure

Eventually, servers grow old, laptops die, and storage disks fail. This becomes a risk when the data on that hardware isn’t backed up and when an organization isn’t prepared to replace the devices. 

An unexpected server failure can be catastrophic if the server was running high-performance applications with no way to automatically move them to another server. Storage system failure puts sensitive customer information at risk of loss. It also means the organization could become noncompliant with data regulations .

Network or web server outages 

If either the company Wi-Fi network or a data center network go down, the business loses precious operational time, but it could also lose sales deals. If a network outage causes a user-facing application to pause, then customers won’t be able to access it. The same goes for web servers: if they go down, the website goes down, too. This not only affects a business’s sales but also its reputation. 

Network and data breaches 

Security breaches aren’t the only IT risks an enterprise faces, but they’re one of the hardest to recover from. Some types of malware embed themselves so deeply into a company’s IT infrastructure that even reinstalling a system won’t automatically rid it of the malicious code.

Also read: Data Breach Cost Reaches All-Time High

How does IT risk management work?

Enterprises typically use IT risk management software to centralize and organize their approach to protecting these sectors of the business.

User access to both networks and accounts

 Access risks include attackers breaching the company network, information compromise and theft, and malicious software attacks. IT risk management solutions alert administrators when an unauthorized user attempts to access a system or when network traffic resembles a common security threat. 

Data management

Data risks include exposing customer data, being noncompliant with data protection regulations, and having an entire storage system breached. An IT risk management platform keeps records of each step to compliance, tracking an organization’s progress and sending alerts to stakeholders that have compliance tasks assigned to them. It also prioritizes threats, like a storage breach, that the business should address. 

Third-party software and integrations 

Any software that’s linked to another program has at least limited abilities to control it. This is another vector for attackers to breach a network, especially if the third party application has unpatched vulnerabilities. With the right credentials or backdoor access, attackers could potentially also move from a third party application to the primary application and gain full control of it. IT risk management software offers tools like third-party vendor assessments to gauge how secure the vendor’s platform is. 

Also read: Best Risk Management Software

Why is IT risk management important? 

Between third-party management and compliance regulations, data protection and networks, IT risk management covers every danger presented by technology to an enterprise. As enterprises undergo digital transformation and shift to remote workforces and applications, they need a centralized plan to manage their IT resources safely. 

IT risk management provides a framework for businesses to track every threat presented by devices, networks, and human users. The software that enterprises use record risks and rank their importance, detailing how critical a risk is to business operations and alerting the employees who are responsible for handling it. Without managing information technology and security risks, businesses will rapidly become swamped with compliance tasks, security threats, and endpoint device management. Then they’ll be unable to organize their responses to risk.

Also read: Don’t Overlook IT Risk Compliance When Defending Against Cyberattacks

How to implement IT risk management 

To develop a risk management strategy specific to information technology, consider approaching IT management with team collaboration at the forefront. Be prepared for  enterprise IT risks to scale as your enterprise grows, too: the more employees and device users the business receives, the more internal security threats increase. 

Ensure risk and IT teams work together

An important part of risk management is decreasing silos. If your enterprise has a risk team and an IT department, they’ll need to collaborate to set up a successful IT risk management strategy. Working together means these two teams will be increasingly aware of technology threats and prioritize the ensuing risks. For example, if a storage system is breached, IT or infosec teams will discover patterns within the attack and share all relevant information with the risk team. 

Both teams offer insights that the other needs, according to Joel Friedman, the CTO and co-founder at risk management provider Aclaimant . “Risk managers and IT teams can work in tandem to boost risk management awareness across their business and also ensure all stakeholders can use this technology to its greatest potential,” said Friedman. 

“While most risk managers are inherently an expert in risk and not technology, they can lean on their IT counterparts to boost adoption of understanding of technology and data that will help them more effectively do their job. On the flip side, IT teams should also consider incorporating risk management into their processes, as any technology presents not only opportunities but also potential risks to the overall business.”

Risks and information technology are so closely entwined, it’s nearly impossible—and unwise—to keep them separate. Organizations that recognize the dangers inherent in IT and the consequences they have for enterprises will be better prepared to manage tech and security-related risks.

Prepare for insider risk

Many IT risks come from the employees within the organization. But enterprises don’t pay enough attention to the role their own workers play in creating risk, according to Jadee Hanson, the CIO and CISO at data protection company Code42 . The three Ts — transparency, training, and technology — help enterprises manage those risks.

“A significant aspect of IT security risk management that is commonly (and mistakenly) neglected is insider risk,” said Hanson. “First, you want to have a transparent security-centric culture that prioritizes data protection at every level. Leaders should work with the cybersecurity team to produce well-thought-out protections on data use, handling and ownership, which can be delivered to their employees, contractors, vendors, and partners.”

Collaboration is critical to developing a risk management strategy; that includes informing employees of all the risks related to them. “Employees need to be properly trained on the business impact of their data exposure actions with security and awareness training from initial on-boarding through off-boarding. Gone are the days of hour-long training with no relevance to the work that employees are doing. To address these data exposure issues, we need point-in-time training that occurs right after data exposure events happen,” Hanson said.  

Lastly, monitoring and detection tools reveal what regions of the IT infrastructure have been compromised. “Having a technology solution in place that gives security teams visibility to data moving off endpoints to untrusted cloud destinations, personal devices, and personal emails is key,” Hanson explained. “Today, most ( 71 percent ) security teams lack visibility into what and/or how much sensitive data is leaving their organizations. Without technology providing the right visibility, it’s nearly impossible for security to focus on the right protections and mitigate the overall data exposure risk.”  

Prepare your strategy for organizational scaling 

A successful IT risk management strategy must be able to grow with the company; otherwise, it will need to be reworked regularly. A better approach than redesigning the strategy each year—especially if your organization is in a period of rapid tech growth or change—is to develop a scalable risk management plan, according to Vasant Balasubramanian, VP and & GM of the risk business unit at ServiceNow . 

“The need to ‘plan for scale’ is due to the explosion of technology in every phase of the business: the pace of change, range of threats, growth of suppliers, and more,” Balasubramanian said. “To compound the problem, IT teams are not able to add people at the same rate as the need is growing. Therefore, first and foremost when implementing an IT risk management strategy, you should design the program with scalability in mind.

“This is a journey that cannot be accomplished overnight, but the planning for scalability must be in place up front to achieve the desired maturity over time. Only then can organizations stop the cycle of recreating IT risk programs every few years.”

Examples of planning for scale include:

• Setting up an analysis plan for new technology so the IT risk management team can vet every new application or tech advancement for potential risks and rewards 
• Choosing risk management software your business will still be able to use in a few years, especially if the organization grows substantially
• Building a collaborative IT and risk management team that is established regardless of who leaves or joins the company, and preparing to have new employees move into those roles.

Successful IT risk management strategies must be focused on collaborative and transparent processes between technology teams and risk managers. They also must take into account the many threats that employee errors pose and prepare for the business to grow rapidly, as this can accelerate both IT and human risks. 

Read next : Top Governance, Risk & Compliance (GRC) Tools  

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles

Storage vulnerabilities: the neglected cybersecurity frontier, 7 principles of quality management, domo vs tableau: which is the better bi solution, related articles, best supply chain certifications to get in 2022, best social media crm software 2022, benefits of erp: weighing the pros and cons, how cios can support retention during the great reshuffle: interview with carter busse at workato.

CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need to maintain regulatory compliance for their teams and organizations. CIO Insight is an ideal website for IT decision makers, systems integrators and administrators, and IT managers to stay informed about emerging technologies, software developments and trends in the IT security and management industry.

Advertisers

Advertise with TechnologyAdvice on CIO Insight and our other IT-focused platforms.

• IT Management
• IT Strategy
• Privacy Policy
• California – Do Not Sell My Information

Property of TechnologyAdvice. © 2024 TechnologyAdvice. All Rights Reserved Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Table of Contents

Understanding project risk management, definition and explanation of project risk management, 4 key components of project risk management, risk identification, risk assessment, risk response planning, risk monitoring and control, 5 project risk management case studies, gordie howe international bridge project, fujitsu’s early-career project managers, vodafone’s complex technology project, fehmarnbelt project, lend lease project, project risk management at designveloper, how we manage project risks, advancements in project risk management, project risk management: 5 case studies you should not miss.

May 21, 2024

Exploring project risk management, one can see how vital it is in today’s business world. This article from Designveloper, “Project Risk Management: 5 Case Studies You Should Not Miss”, exists in order to shed light on this important component of project management.

We’ll reference some new numbers and facts that highlight the significance of risk management in projects. These data points are based on legit reports and will help create a good basis of understanding on the subject matter.

In addition, we will discuss specific case studies when risk management was successfully applied and when it was not applied in project management. These real world examples are very much important for project managers and teams.

It is also important to keep in mind that each project has associated risks. However through project risk management these risks can be identified, analyzed, prioritized and managed in order to make the project achieve its objectives. Well then, let’s take this journey of understanding together. Watch out for an analysis of the five case studies you must not miss.

Risk management is a very critical component of any project. Risk management is a set of tools that allow determining the potential threats to the success of a project and how to address them. Let’s look at some more recent stats and examples to understand this better.

Statistics show that as high as 70% of all projects are unsuccessful . This high failure rate highlights the need for efficient project risk management. Surprisingly, organizations that do not attach much importance to project risk management face 50% chances of their project failure. This results in huge losses of money and untapped business potential.

Additionally, poor performance leads to approximated 10% loss of every dollar spent on projects. This translates to a loss of $99 for every $1 billion invested. These statistics demonstrate the importance of project risk management in improving project success rates and minimizing waste.

Let us consider a project management example to demonstrate the relevance of the issue discussed above. Consider a new refinery being constructed in the Middle East. The project is entering a key phase: purchasing. Poor risk management could see important decisions surrounding procurement strategy, or the timing of the tendering process result in project failure.

Project risk management in itself is a process that entails the identification of potential threats and their mitigation. It is not reactionary but proactive.

This process begins with the identification of potential risks. These could be any time from budget overruns to delayed deliveries. After the risks are identified they are then analyzed. This involves estimating the probability of each risk event and the potential consequences to the project.

The next stage is risk response planning. This could be in the form of risk reduction, risk shifting or risk acceptance. The goal here is to reduce the impact of risks on the project.

Finally, the process entails identifying and tracking these risks throughout the life of a project. This helps in keeping the project on course and any new risks that might arise are identified and managed.

Let’s dive into the heart of project risk management: its four key components. These pillars form the foundation of any successful risk management strategy. They are risk identification, risk analysis, risk response planning, and risk monitoring and control. Each plays a crucial role in ensuring project success. This section will provide a detailed explanation of each component, backed by data and real-world examples. So, let’s embark on this journey to understand the four key components of project risk management.

Risk identification is the first process in a project risk management process. It’s about proactively identifying risks that might cause a project to fail. This is very important because a recent study has shown that 77% of companies had operational surprises due to unidentified risks.

There are different approaches to risk identification such as brainstorming, Delphi technique, SWOT analysis, checklist analysis, flowchart. These techniques assist project teams in identifying all potential risks.

Risk identification is the second stage of the project risk management process. It is a systematic approach that tries to determine the probability of occurrence and severity of identified risks. This step is very important; it helps to rank the identified risks and assists in the formation of risk response strategies.

Risk assessment involves two key elements: frequency and severity of occurrence. As for risk probability, it estimates the chances of a risk event taking place, and risk impact measures the impact associated with the risk event.

This is the third component of project risk management. It deals with planning the best ways to deal with the risks that have been identified. This step is important since it ensures that the risk does not have a substantial effect on the project.

One of the statistics stated that nearly three-quarters of organizations have an incident response plan and 63 percent of these organizations conduct the plan regularly. This explains why focusing only on risks’ identification and analysis without a plan of action is inadequate.

Risk response planning involves four key strategies: risk acceptance, risk sharing, risk reduction, and risk elimination. Each strategy is selected depending on the nature and potential of the risk.

Risk monitoring and control is the last step of project risk management. It’s about monitoring and controlling the identified risks and making sure that they are being addressed according to the plan.

Furthermore, risk control and management involve managing identified risks, monitoring the remaining risk, identifying new risks, implementing risk strategies, and evaluating their implementation during the project life cycle.

It is now high time to approach the practical side of project risk management. This section provides selected five case studies that explain the need and application of project risk management. Each case study gives an individual approach revealing how risk management can facilitate success of the project. Additionally, these case studies include construction projects, technology groups, among other industries. They show how effective project risk management can be, by allowing organizations to respond to uncertainties and successfully accomplish their project objectives. Let us now examine these case studies and understand the concept of risk in project management.

The Gordie Howe International Bridge is one of the projects that demonstrate the principles of project risk management. This is one of the biggest infrastructure projects in North America which includes the construction of a 6 lane bridge at the busiest commercial border crossing point between the U.S. and Canada.

The project scope can be summarized as: New Port of Entry and Inspection facilities for the Canadian and US governments; Tolls Collection Facilities; Projects and modifications to multiple local bridges and roadways. The project is administered via Windsor-Detroit Bridge Authority, a nonprofit Canadian Crown entity.

Specifically, one of the project challenges associated with the fact that the project was a big one in terms of land size and the community of interests involved in the undertaking. Governance and the CI were fundamental aspects that helped the project team to overcome these challenges.

The PMBOK® Guide is the contractual basis for project management of the project agreement. This dedication to following the best practices for project management does not end with bridge construction: It spreads to all other requirements.

However, the project is making steady progress to the objective of finishing the project in 2024. This case study clearly demonstrates the role of project risk management in achieving success with large and complicated infrastructure projects.

Fujitsu is an international company that deals with the provision of a total information and communication technology system as well as its products and services. The typical way was to employ a few college and school leavers and engage them in a two-year manual management training and development course. Nevertheless, this approach failed in terms of the following.

Firstly, the training was not comprehensive in its coverage of project management and was solely concerned with generic messaging – for example, promoting leadership skills and time management. Secondly it was not effectively reaching out to the need of apprentices. Thirdly the two year time frame was not sufficient to allow for a deep approach to the development of the required project management skills for this job. Finally the retention problems of employees in the train program presented a number of issues.

To tackle these issues, Fujitsu UK adopted a framework based on three dimensions: structured learning, learning from others, and rotation. This framework is designed to operate for the first five years of a participant’s career and is underpinned by the 70-20-10 model for learning and development. Rogers’ model acknowledges that most learning occurs on the job.

The initial training process starts with a three-week formal learning and induction program that includes the initial orientation to the organization and its operations, the fundamentals of project management, and business in general. Lastly, the participants are put on a rotational assignment in the PMO of the program for the first six to eight months.

Vodafone is a multinational mobile telecommunications group that manages telecommunications services in 28 countries across five continents and decided to undertake a highly complex technology project to replace an existing network with a fully managed GLAN in 42 locations. This project was much complex and thus a well grounded approach to risk management was needed.

The project team faced a long period of delay in signing the contract and frequent changes after the contract was signed until the project is baselined. These challenges stretched the time frame of the project and enhanced the project complexity.

In order to mitigate the risks, Vodafone employed PMI standards for their project management structure. This approach included conducting workshops, developing resource and risk management plan and tailoring project documentations as well as conducting regular lesson learned.

Like any other project, the Vodafone GLAN project was not an easy one either but it was completed on time and in some cases ahead of the schedule that the team had anticipated to complete the project. At the first stage 90% of migrated sites were successfully migrated at the first attempt and 100% – at second.

The Fehmarnbelt project is a real-life example of the strategic role of project risk management. It provides information about a mega-project to construct the world’s longest immersed tunnel between Germany and Denmark. It will be a four-lane highway and two-rail electrified tunnel extending for 18 kilometers and it will be buried 40 meters under the Baltic Sea.

This project is managed by Femern A/S which is a Danish government-owned company with construction value over more than €7 billion (£8. 2 billion). It is estimated to provide jobs for 3,000 workers directly in addition to 10,000 in the suppliers. Upon its completion, its travel between Denmark and Germany will be cut to 10 minutes by automobile and 7 minutes by rail.

The Femern risk management functions and controls in particular the role of Risk Manager Bo Nygaard Sørensen then initiated the process and developed some clear key strategic objectives for the project. They formulated a simple, dynamic, and comprehensive risk register to give a more complete risk view of the mega-project. They also created a risk index in order to assess all risks in a consistent and predictable manner, classify them according to their importance, and manage and overcome the risks in an appropriate and timely manner.

Predict! is a risk assessment and analysis tool that came in use by the team, which helps determine the effect of various risks on the cost of the construction of the link and to calculate the risk contingency needed for the project. This way they were able to make decisions on whether an immersed tunnel could be constructed instead of a bridge.

Lend Lease is an international property and infrastructure group that operates in over 20 countries in the world; the company offers a better example of managing project risks. The company has established a complex framework called the Global Minimum Requirements (GMRs) to identify risks to which it is exposed.

The GMRs have scope for the phase of the project before a decision to bid for a job is taken. This framework includes factors related to flooding, heat, biodiversity, land or soil subsidence, water, weathering, infrastructure and insurance.

The GMRs are organized into five main phases in line with the five main development stages of a project. These stages guarantee that vital decisions are made at the ideal time. The stages include governance, investment, design and procurement, establishment, and delivery.

For instance, during the design and procurement stage, the GMRs identify requisite design controls that will prevent environment degradation during design as well as fatal risk elimination during planning and procurement. This approach aids in effective management of risks and delivery of successful projects in Lend Lease.

Let’s take a closer look at what risk management strategies are used here at Designveloper – a top web & software development firm in Vietnam. We also provide a range of other services, so it is essential that we manage risks on all our projects in similar and effective ways. The following part of the paper will try to give a glimpse of how we manage project risk in an exemplary manner using research from recent years and include specific cases.

The following steps explain the risk management process that we use—from the identification of potential risks to managing them: Discovering the risks. We will also mention here how our experience and expertise has helped us in this area.

Risk management as a function in project delivery is well comprehended at Designveloper. Our method of managing the project risk is proactive and systematic, which enables us to predict possible problems and create successful solutions to overcome them.

One of the problems we frequently encounter is the comprehension of our clients’ needs. In most cases, clients come to us with a basic idea or concept. To convert these ideas into particular requirements and feature lists, the business analysts of our company have to collaborate with the client. The whole process is often a time-waster, and having a chance is missed.

To solve this problem, we’ve created a library of features with their own time and cost estimate. This library is based on data of previous projects that we have documented, arranged, and consolidated. At the present time when a client approaches us with a request, we can search for similar features in our library and give an initial quote. This method has considerably cut the period of providing the first estimations to our clients and saving the time for all participants.

This is only one of the techniques we use to mitigate project risks at Designveloper. The focus on effective project risk management has been contributing significantly to our successful operation as a leading company in web and software development in Vietnam. It is a mindset that enables us to convert challenges into opportunities and provide outstanding results for our clients.

In Designveloper, we always aim at enhancing our project risk management actions. Below are a couple examples of the advancements we’ve made.

To reduce the waiting time, we have adopted continuous deployment. This enables us to provide value fast and effectively. We release a minimum feature rather than a big feature. It helps us to collect the input from our customers and keep on improving. What this translates into for our customers is that they start to derive value from the product quickly and that they have near-continuous improvement rather than have to wait for a “perfect” feature.

We also hold regular “sync-up” meetings between teams to keep the information synchronized and transparent from input (requirements) to output (product). Changes are known to all teams and thus teams can prepare to respond in a flexible and best manner.

Some of these developments in project risk management have enabled us to complete projects successfully, and be of an excellent service to our clients. They show our support of the never-ending improving and our capability to turn threats into opportunities. The strength of Designveloper is largely attributed to the fact that we do not just control project risks – we master them.

To conclude, project risk management is an important element of nearly all successful projects. It is all about identification of possible problems and organization necessary measures that will result in the success of the project. The case studies addressed in this article illustrate the significance and implementation of project risk management in different settings and fields. They show what efficient risk management can result in.

We have witnessed the advantages of solid project risk management at Designveloper. The combination of our approach, powered by our track record and professionalism, has enabled us to complete projects that met all client’s requirements. We are not only managing project risks but rather mastering them.

We trust you have found this article helpful in understanding project risk management and its significance in the fast-changing, complicated project environment of today. However, one needs to mind that proper project management is not only about task and resource management but also risk management. And at Designveloper, our team is there to guide you through those risks and to help you realize your project’s objectives.

Also published on

Share post on

Insights worth keeping. Get them weekly.

Get in touch

Simply register below to receive our weekly newsletters with the newest blog posts

Read more topics

Project Description

Visualizing vulnerability scans & it risk remediation, a technology services case study.

Soon after adopting Onspring to manage IT assets, contracts, and vendors for their global customer base, Leverage Corporation, a CTO-as-a-Service provider,  needed a reporting engine to manage the intake from commercial vulnerability scans. 

Reporting in Onspring needed to provide their team with meaningful visualizations of data with actionable insights. Norman Harber, the CEO, led the creation of a custom-built application in Onspring to launch their new vulnerability management service with customers— all completely designed and created by their own internal team with no dev or IT resources. 

wait to update reports & workflows

Company : Leverage Corporation

Industry : Technology Services & Advising

• Vulnerability Management
• IT Risk Management
• Contract Management
• Vendor Management
• Asset Management

“ The tools Onspring provides really helps us understand our customers better and provide more value back. ”

 Norman Harber, CEO

Leverage Corporation chose to focus on vulnerability and risk management as part of their technology service offering with customers.

Vulnerability management reviews the technological threats to your network, to your overall web presence, and to your overall technology stack as an organization. Leverage Corp was responsible for identifying potential vulnerabilities for customers and remediating them based on certain levels of risk.

They were utilizing commercial software tools to run vulnerability scans against our customer’s networks and organizations. The scan results would come back from those vulnerability scanning tools with very large, concatenated Excel files.

Lingering Questions from Vulnerability Scans

• Where are the vulnerabilities? 
• Where are my gaps? 
• What do I need to remediate? 
• How do I need to remediate? 

It was hard to understand this data and dashboard it into something meaningful, mostly because the vulnerability scanning tools are designed to serve full-time analysts, who do nothing but focus on the data sets and aren’t interested in graphs, charts, numbers – the visualization of information.

The difference here was that Leverage Corp and their customers, who are the executives in their organizations reviewing the data, don’t want to read through a very long spreadsheet.

CEO Norman Harber said, “how do we solve this problem?” They quickly begin to dive into the Onspring platform and created a custom application from the ground up.

CEO Norman Harber and his team started by sitting down to map out the requirements process before customizing Onspring on their own with a brand-new application to ingest hundreds of thousands of rows of data and visualize the meaning.

Their new vulnerability management application in Onspring ingests all critical value scores, severities, data points–anything from IP addresses, down to location.

Not only that, but the new vulnerability management application helped them understand how those results compare to national situations or other vulnerabilities that have been recognized in the mainstream as critical.

All Vulnerabilities by Type

Keep in mind, not every vulnerability has the same level of risk. It is important to understand what vulnerabilities are, how to visualize them, and what remediation you must take.

Staying ahead of the curve in this game is a daily process, so you must always be viewing these dashboards, and ingesting data on a regular basis to understand what the threat landscape looks like for you and your organization.

The customized application Leverage Corp built-in Onspring for vulnerability management looks at all types of scans and compartmentalizes where the risks are, how quickly they need to be remediated, and how. 

Managing Vendors to Remediate Vulnerability

More importantly, Onspring enabled Leverage Corporation to work with its customers and their vendors to remediate vulnerabilities.

Security is all about layers. You can have 25 layers, or you can have two layers. You may only need two layers to be compliant, but your internal folks want five. 

The more layers you have, the more complex this gets, but having all those results in determining your own layers will help you assess what your risks are and help you put in place a management program to manage those vulnerabilities and roll out remediations on a regular, and scheduled basis without just doing things with no plan. 

A very simple, straightforward approach to  outstanding vulnerabilities that need resolution or remediation.

Leverage Corp uses Onspring to track risk associated with vulnerabilities, and more importantly, to track risk acceptance from customers, because they need to understand what their risks are and what it means to their business. 

“It’s important to have a full process and plan behind your vulnerability management. If you don’t, you’re just plugging holes in the dam without knowing what’s going to pop up.” Norman Harber, CEO

Tracking Vulnerabilities & Planning for the Future

Understanding what’s outstanding and what needs to be remediated on any given day is a really important part of the process.

The custom application Leverage Corp built in Onspring tracks vulnerabilities by account, by status, and over time because it is critical to know what those vulnerabilities are through across different customers, not just one customer. They’re looking for commonalities across multiple customers that could be experiencing the same vulnerability.

Because not all organizations patch, upgrade and plug their network at the same time, Onspring allows Leverage Corp to see into customers, both globally and individually, and over time, so they can compare vulnerability across 98% of their customer base.

Resulting data visualized: 

• Details on vulnerability type
• Quick alerts for vulnerability priority based on criticality value score
• Determine what the threat is and what device it resides on
• Determine action plan, if any, to remediate
• Task external providers with documents to execute on secure environments
• Provides auditors with great information
• Think ‘insurance policy time’ when reviewing historicals

Onspring also allows Leverage Corp to show a timeline for audit purposes. Their customers who follow regulations, like the SEC, for example, will need to show that over time they have remediated several vulnerabilities in the network to remain SEC-compliant.

For Leverage Corp it has been a tremendous journey, with Onspring serving as a critical partner to help to grow the company exponentially. 

Related Projects

Focus Brands GRC Management Case Study

ADT BCDR Management Case Study

Northgate Resorts GRC Management Case Study

Platform Features Security Pricing

Customer Service Admin Support Training Community

Company About Media & Press Careers Events

Partners Find a Partner Become a Partner Partner Portal Register a Deal

Contact Us Request a Demo [email protected] +1 913.601.4900

©2024 Onspring Technologies, LLC | Terms  |  Privacy

Case Study: Companies Excelling in Risk Management

In this article

In the modern business landscape, navigating uncertainties and pitfalls is essential for sustainable growth and longevity. Effective risk management emerges as a shield against potential threats – and it also unlocks opportunities for innovation and advancement. In this article, we will explore risk management and its significance and criteria for excellence. We will also examine case studies of two companies that have excelled in this domain. Through these insights, we aim to glean valuable lessons and best practices. As such, businesses across diverse industries can fortify their risk management frameworks.

The Significance of Risk Management

Risk management is vital for the sustenance and prosperity of companies, regardless of their size or industry. At its core, it is the identification, assessment and mitigation of potential risks that may impede organisational objectives or lead to adverse outcomes. Having a robust risk management approach means businesses can safeguard their assets, reputation and bottom line. 

The statistics are somewhat alarming. According to research , 69% of executives are not confident with their current risk management policies and practices. What’s more, only 36% of organisations have a formal enterprise risk management (ERM) programme. 

Proactive risk management isn’t just a defensive measure; rather, it is necessary for sustainability and growth. With 62% of organisations experiencing a critical risk event in the last three years, it is important to be proactive. By identifying and addressing potential risks, organisations can become more resilient to external shocks and internal disruptions. This means they’re better able to survive through difficult times and maintain operational continuity. Moreover, a proactive stance enables companies to seize strategic advantages. It allows them to innovate, expand into new markets and capitalise on emerging trends with confidence.

Criteria for Excellence in Risk Management

Achieving excellence in risk management means adhering to several key criteria:  

• Ability to Identify Risks: Exceptional risk management begins with identifying potential risks comprehensively. This involves a thorough understanding of both internal and external factors that could impact the organisation. It includes market volatility, regulatory changes, cybersecurity threats and operational vulnerabilities.
• Assessment of Risks: Once identified, risks must be assessed to gauge their potential impact and likelihood of occurrence. This involves using risk assessment methodologies like quantitative analysis, scenario planning and risk heat mapping, to prioritise risks based on their severity and urgency.
• Mitigation Strategies and Control Measures: Effective risk management relies on proactive mitigation strategies to minimise the likelihood of risk occurrence and mitigate its potential impact. This may involve implementing control measures, diversifying risk exposure, investing in risk transfer mechanisms such as insurance and enhancing resilience through business continuity planning.
• Adaptability to Change: Organisations need to be ready to adapt to emerging risks and changing circumstances. This requires a culture of continuous learning and improvement. This means lessons are learned from past experiences to enhance risk management practices and anticipate future challenges.
• Leadership Commitment: Effective leaders demonstrate a clear understanding of the importance of risk management. They know how to allocate adequate resources, support and incentives to prioritise risk management initiatives.
• Strong Risk Culture: A strong risk culture permeates every level of the organisation. This involves a mindset where risk management is viewed as everyone’s responsibility.
• Robust Risk Management Frameworks: Finally, excellence in risk management requires robust frameworks and processes to guide risk identification, assessment and mitigation efforts. This includes defining clear roles and responsibilities, implementing effective governance structures and leveraging technology and data analytics to enhance risk visibility and decision-making.

Company A: Case Study in Risk Management Excellence

Now, let’s take a look at a case study that highlights risk management excellence in practice.

ApexTech Solutions is a company known for its exemplary risk management practices. Founded in 2005 by visionary entrepreneur Sarah Lawson, ApexTech began as a small start-up in the tech industry. It specialises in software development and IT consulting services. 

Over the years, under Lawson’s leadership, the company expanded its offerings and diversified into various sectors, including cybersecurity solutions, cloud computing and artificial intelligence. Today, ApexTech is a prominent player in the global technology market, serving clients ranging from small businesses to Fortune 500 companies.

Risk management strategies and successes

ApexTech’s journey to risk management excellence can be attributed to several key strategies and initiatives:

• Comprehensive Risk Assessment: ApexTech conducts regular and thorough risk assessments to identify potential threats and vulnerabilities across its operations.
• Investment in Technology and Innovation: ApexTech prioritises investments in cutting-edge technologies such as AI-driven analytics, predictive modelling and threat intelligence solutions.
• Customer-Centric Approach: ApexTech tailors its risk management solutions to meet specific needs and preferences. This fosters trust and long-term partnerships.
• Cybersecurity Measures: ApexTech has made cybersecurity a top priority. The company employs a multi-layered approach to cybersecurity to mitigate the risk of cyberattacks.
• Continual Improvement and Adaptation: ApexTech fosters a culture of continual improvement and adaptation. The company encourages feedback and collaboration among employees at all levels so they can identify areas for improvement and implement solutions to mitigate risks effectively.

By proactively identifying and addressing operational risks, such as supply chain disruptions and regulatory compliance challenges, ApexTech has maintained operational continuity and minimised potential disruptions to its business operations.

ApexTech Solutions serves as a compelling example of a company that has excelled in risk management excellence by embracing proactive strategies, leveraging advanced technologies and fostering a culture of innovation and adaptation. 

Company B: Case Study in Risk Management Excellence

TerraSafe Pharmaceuticals is a renowned company in the pharmaceutical industry, dedicated to developing and manufacturing innovative medications to improve global health outcomes. Established in 1998 by Dr Elena Chen, TerraSafe initially focused on the production of generic drugs to address critical healthcare needs. 

Over the years, the company has expanded its portfolio to include novel biopharmaceuticals and speciality medications.

TerraSafe Pharmaceuticals has a holistic approach to identifying, assessing and mitigating risks across its operations:

• Rigorous Quality Assurance Standards: TerraSafe prioritises stringent quality assurance measures throughout the drug development and manufacturing process. This ensures product safety, efficacy and compliance with regulatory requirements.
• Investment in Research and Development (R&D): TerraSafe allocates significant resources to research and development initiatives. These are aimed at advancing scientific knowledge and discovering breakthrough therapies. With its culture of innovation and collaboration, the company mitigates the risk of product obsolescence.
• Regulatory Compliance and Risk Monitoring: TerraSafe maintains a dedicated regulatory affairs department. This team stays abreast of evolving regulatory requirements and industry standards. They monitor regulatory changes proactively and engage with regulatory authorities to ensure timely compliance with applicable laws and standards. This reduces the risk of non-compliance penalties and legal disputes.
• Supply Chain Resilience: TerraSafe works closely with its suppliers and logistics partners to assess and mitigate supply chain risks like raw material shortages, transportation disruptions and geopolitical instability. It implements contingency planning and diversification of sourcing strategies.
• Focus on Patient Safety and Ethical Practices: The company adheres to stringent ethical guidelines and clinical trial protocols to protect patient welfare and maintain public trust in its products and services.

By investing in R&D and adhering to rigorous quality assurance standards, TerraSafe has successfully developed and commercialised several breakthrough medications that address unmet medical needs and improve patient outcomes. What’s more, the company’s proactive approach to regulatory compliance has facilitated the timely approval and market authorisation of its products in key global markets. This has enabled the company to expand its geographic footprint and reach new patient populations.

Key Takeaways and Best Practices

Despite being in different industries, both companies share similarities. Both ApexTech and TerraSafe Pharmaceuticals know the importance of proactive risk management. They have procedures in place that work to identify, assess and mitigate risks before they escalate. What’s more, both companies are led by visionary leaders who set the tone for decision-making. They prioritise building a strong risk culture with all employees knowing their role in risk management.

Best practices and strategies employed

• Conducting Regular Risk Assessments: Both companies conduct regular and comprehensive risk assessments to identify potential threats and vulnerabilities across their operations.
• Investing in Training and Education: Both invest in training and education programmes so that employees are equipped with the knowledge and skills necessary to identify and manage risks effectively. Employees at all levels contribute to risk management efforts.
• Collaboration and Communication: Both companies know the importance of collaboration and communication in risk management. They create channels for open dialogue and information sharing. Stakeholders collaborate on risk identification, assessment and mitigation efforts.
• Continual Improvement: Both companies have a culture of continual improvement. They encourage feedback and innovation to adapt to changing circumstances and emerging risks.
• Tailored Risk Management Approaches: Both companies develop customised risk management frameworks and strategies that align with their objectives and priorities.

Emerging Trends in Risk Management

One of the most prominent trends in risk management is the increasing integration of technology into risk management processes. Advanced technologies such as artificial intelligence (AI), machine learning and automation are revolutionising risk assessment, prediction and mitigation. These technologies mean companies can analyse vast amounts of data in real time. This allows them to identify patterns and trends and predict potential risks more accurately.

Data analytics is another key trend reshaping risk management practices. Companies are leveraging big data analytics tools and techniques to gain deeper insights. By analysing historical data and real-time information, they can identify emerging risks, detect anomalies and make more informed risk management decisions.

Cybersecurity risks have become a major concern. Threats such as data breaches, ransomware attacks and phishing scams pose significant risks to companies’ data, operation and reputation. Companies are investing heavily in cybersecurity measures and adopting proactive approaches to protect their digital assets and mitigate cyber risks.

Companies are integrating global risk management into their overall risk management strategy too. They are monitoring global developments, assessing the impact of global risks on their business operations and developing contingency plans.

The Role of Leadership

Leadership plays a pivotal role in shaping organisational culture and driving initiatives that promote risk management excellence. Effective leaders recognise the importance of risk management but also actively champion its integration into the fabric of the organisation. Effective leaders:

• Set the Tone: Leaders set the tone by articulating a clear vision and commitment to risk management from the top down.
• Lead by Example: Leaders demonstrate their own commitment to risk management through their actions and decisions.
• Empower Employees: Leaders empower employees at all levels to actively participate in risk management efforts. They encourage employees to voice their concerns and contribute.
• Provide Resources and Support: Effective leaders invest in training and development programmes to enhance employees’ risk management skills and knowledge.
• Encourage Innovation: Leaders encourage employees to think creatively and experiment with new approaches to risk management.
• Promote Continuous Improvement: Leaders create opportunities for reflection and evaluation to identify areas for improvement and drive learning.

Encouraging a Risk-Aware Culture

For organisations to identify, assess and mitigate risks at all levels effectively, they need to encourage a risk-aware culture. Here are some tips for encouraging a risk-aware culture:

Communication and transparency:

• Encourage open communication channels where employees feel comfortable discussing risks and raising concerns.
• Provide regular updates on the organisation’s risk landscape, including emerging risks and mitigation strategies.
• Foster transparency in decision-making processes, particularly regarding risk-related decisions.

Education and training:

• Provide comprehensive training programmes on risk management principles, processes and tools for employees at all levels.
• Offer specialised training sessions on specific risk areas relevant to employees’ roles and responsibilities.
• Incorporate real-life case studies and examples to illustrate the importance of risk awareness and effective risk management.

Empowerment and ownership:

• Empower employees to take ownership of risk management within their respective areas of expertise.
• Encourage employees to identify and assess risks in their day-to-day activities and propose mitigation strategies.
• Recognise and reward employees who demonstrate proactive risk awareness and contribute to effective risk management practices.

Integration into performance management:

• Include risk management objectives and key performance indicators (KPIs) in employee performance evaluations.
• Link performance bonuses or incentives to successful risk management outcomes and adherence to risk management protocols.
• Provide feedback and coaching to employees on their risk management performance, highlighting areas for improvement and best practices.

Challenges in Risk Management

Challenges in risk management are inevitable, even for companies excelling in this domain. Despite their proactive efforts, all organisations encounter obstacles that can impede their risk management practices. Here are some common challenges and strategies for addressing them:

Complexity and interconnectedness:

• Challenge: The modern business environment is increasingly complex and interconnected, making it challenging for organisations to anticipate and mitigate all potential risks comprehensively.
• Strategy: Implement a holistic risk management approach that considers both internal and external factors impacting the organisation. Create cross-functional collaboration and information sharing to gain a comprehensive understanding of risks across departments and business units.

Rapidly evolving risks:

• Challenge: Risks are constantly evolving due to technological advancements, regulatory changes and global events such as pandemics or geopolitical shifts. Organisations may struggle to keep pace with emerging risks and adapt their risk management strategies accordingly.
• Strategy: Stay informed about emerging trends and developments that may impact the organisation’s risk landscape. Maintain flexibility and agility in risk management processes to respond promptly to new challenges.

Resource constraints:

• Challenge: Limited resources, including budgetary constraints and staffing limitations, can hinder organisations’ ability to invest adequately in risk management initiatives and tools.
• Strategy: Prioritise risk management activities based on their potential impact on organisational objectives and allocate resources accordingly. Leverage technology and automation to streamline risk management processes and maximise efficiency.

Compliance and regulatory burden:

• Challenge: Meeting regulatory requirements and compliance standards can be burdensome and complex.
• Strategy: Stay abreast of regulatory developments and ensure compliance with applicable laws and regulations. Implement robust governance frameworks and internal controls to demonstrate regulatory compliance and mitigate legal and reputational risks. Invest in compliance training and education for employees.

Human factors and behavioural biases:

• Challenge: Human factors such as cognitive biases, organisational politics and resistance to change can undermine effective risk management practices, leading to decision-making errors and oversight of critical risks.
• Strategy: Raise awareness about common cognitive biases and behavioural tendencies that may influence risk perception and decision-making. Create a culture of psychological safety where employees feel comfortable challenging assumptions and raising concerns about potential risks.

Conclusion: Striving for Excellence

In this article, we have explored the importance of effective risk management for businesses. We have delved into the criteria for excellence in risk management, showcasing companies such as ApexTech Solutions and TerraSafe Pharmaceuticals that exemplify these principles through their proactive strategies and robust frameworks.

From embracing technology and fostering a culture of innovation to prioritising regulatory compliance and empowering employees, these companies have demonstrated remarkable achievements in navigating complex risk landscapes and achieving sustainable success.

However, it’s essential to recognise that even companies excelling in risk management face challenges. By acknowledging these and implementing strategies to address them, organisations can enhance their resilience and effectiveness in managing risks over the long term.

Assessing Risk

Study online and gain a full CPD certificate posted out to you the very next working day.

Take a look at this course

About the author

Louise Woffindin

Louise is a writer and translator from Sheffield. Before turning to writing, she worked as a secondary school language teacher. Outside of work, she is a keen runner and also enjoys reading and walking her dog Chaos.

Similar posts

Strategies for Parents Coping with the Loss of a Child

Conflict Management: Strategies for Resolving Disputes Peacefully

The Importance of Clear Communication in Grievance Procedures

Recognising and Reporting Suspicious Activities

Celebrating our clients and partners.

Home / Resources / News and Trends / ISACA Now Blog / 2023 / Proactive IT Risk Management in an Era of Emerging Technologies

Proactive it risk management in an era of emerging technologies.

In today’s business world, ever-evolving and ever-changing technology is presented to us after long research, studying and testing. While the digitization of business processes and database-driven operations increase the efficiency of organizations, they also introduce new and diverse risks. Information technology (IT) risk management is a strategy implemented by organizations to identify, analyze and manage these risks in advance. In today’s world, where innovation, technology, products and research are increasing and diversifying, the risks that enter our lives along with the innovations are naturally increasing. Because of this, the role of risk management in information technology, and the need for proactive risk management, is increasing.

Companies are increasingly forced to store, process and transmit large amounts of data. To do this, they must increase their IT investments and capabilities every day. The security of sensitive information, such as customer data, financial data and trade secrets, can affect a company’s reputation and business continuity. IT risk management is a critical control point to ensure that this sensitive data is protected from unauthorized access, data leakage or malicious attacks. It aims to identify and control potential threats in these areas through risk analysis. IT risk assessment is not limited to information security—risk analysis can be applied to almost any area you can think of.

Reducing business continuity risks is another area of increasing criticality. Information technologies are vital to the proper execution of business processes and services. Unexpected events such as technological failures, human errors, cyberattacks or natural disasters are among the factors that increase business continuity risks. IT risk management is one of the most important tools for organizations to identify the necessary measures and plans to minimize such risks.

New technologies bring new risks

New technologies, products, customizations and systems come with many unknowns. Some of these may also pose risks and threats to organizations. It is not up to organizations to manage all of these on their own—regulators are trying to control them as well.

Information technology is an area in which organizations must comply with certain regulations and industry standards. Data protection laws, customer privacy requirements and industry standards can both constrain and control an organization’s operations. IT risk management helps organizations ensure compliance and take the necessary steps to avoid potential legal sanctions.

The AI factor in risk management

Artificial intelligence (AI), one of the most popular technologies in today’s business landscape, has started to be used extensively in the field of risk management . IT risk management is an essential tool for organizations to ensure data security, business continuity, compliance, competitive advantage and positive reputation. As technology advances and digital threats increase, it is critical for organizations to effectively manage these risks to ensure long-term success. Even though regulators are trying to account for the risks related to emerging technologies, the main responsibility falls on the institutions, which have to manage the risks from new technologies themselves. Performing a large number of risk analyses for so many needed areas, especially one by one for each system or structure within an area, places a very heavy operational burden on expert teams. At this point, especially in areas that can be considered more ordinary and routine, leaving the work entirely to AI and leveraging it for complex issues can both speed things up and ensure a more effective execution.

The more data used in risk analysis, the more accurate the analysis performed by the machine learning method of AI. In other words, the more historical information, risks, risk action plans and related information, the more consistent and sound the results will be. AI offers unique opportunities for analysis, especially for routine tasks such as risk analysis of many suppliers. For example, if the regulation requires risk analysis for all critical suppliers individually and the risk methodology is the same for all suppliers, it would be demotivating to have people do this work. However, if AI were to be applied here, it would enable this routine work to be automated to a great extent with AI support. Removing the relevant experts from such routine tasks and directing them to review the results produced by AI will increase job satisfaction and increase the efficiency and quality of the results.

Although the use of AI in IT risk analysis is still very new today, as the use cases and methodologies increase, the results will far exceed expectations.

ISACA’s expert guidance gives professionals and enterprises the tools, techniques and understanding to manage IT Risk.

@ISACA Article

Artificial intelligence: privacy and information security risk considerations.

Gaining business benefits from artificial intelligence while also mitigating the related risks requires a holistic, multidisciplinary approach that draws upon the expertise of professionals from several disciplines.

Five Actionable Success Tips for Audit Professionals in 2023

Looking toward 2023, IT audit professionals will need to increasingly focus on cloud environments and privacy engineering to keep pace with the changing technology and regulatory environment.

IT Risk Assessments: A Process Your CIO or CISO Will Thank You For

Identifying and quantifying risk can be made more straightforward by following six key steps for IT risk assessments.

ISACA Now By Year

Information

• Author Services

Initiatives

You are accessing a machine-readable page. In order to be human-readable, please install an RSS reader.

All articles published by MDPI are made immediately available worldwide under an open access license. No special permission is required to reuse all or part of the article published by MDPI, including figures and tables. For articles published under an open access Creative Common CC BY license, any part of the article may be reused without permission provided that the original article is clearly cited. For more information, please refer to https://www.mdpi.com/openaccess .

Feature papers represent the most advanced research with significant potential for high impact in the field. A Feature Paper should be a substantial original Article that involves several techniques or approaches, provides an outlook for future research directions and describes possible research applications.

Feature papers are submitted upon individual invitation or recommendation by the scientific editors and must receive positive feedback from the reviewers.

Editor’s Choice articles are based on recommendations by the scientific editors of MDPI journals from around the world. Editors select a small number of articles recently published in the journal that they believe will be particularly interesting to readers, or important in the respective research area. The aim is to provide a snapshot of some of the most exciting work published in the various research areas of the journal.

Original Submission Date Received: .

• Active Journals
• Find a Journal
• Proceedings Series
• For Authors
• For Reviewers
• For Editors
• For Librarians
• For Publishers
• For Societies
• For Conference Organizers
• Open Access Policy
• Institutional Open Access Program
• Special Issues Guidelines
• Editorial Process
• Research and Publication Ethics
• Article Processing Charges
• Testimonials
• Preprints.org
• SciProfiles
• Encyclopedia

Article Menu

• Subscribe SciFeed
• Recommended Articles
• Google Scholar
• on Google Scholar
• Table of Contents

Find support for a specific problem in the support section of our website.

Please let us know what you think of our products and services.

Visit our dedicated information section to learn more about MDPI.

JSmol Viewer

Triangulating risk profile and risk assessment: a case study of implementing enterprise risk management system.

1. Introduction

2. background on the firm, 3. erm literature review, 4. sample and questionnaire data, 5. risk profile and risk assessment, 6. mitigation strategies, 7. conclusions, 8. case requirements.

• Using the average coded responses to selected questions in each of the five risk areas in Table 7 , provide a 500-word summary of the firm’s risk profile.
• Complete the risk matrix in Table A1 , below, by using the input measures from Table 8 : average of likelihood, impact on annual revenue growth, and level of control, along with variance of the expected impact and average control.
• rank the ten risk categories by (i) their expected impact, (ii) by an equally weighted index of expected impact and average control, and (iii) by an equally weighted index of three indices: expected impact, opinion convergence on expected impact, and opinion convergence on control.
• create an equally weighted consolidated ranking of the above three rankings and re-rank the ten risk categories.
• Develop a risk map of all ten risks identified for the firm.
• Using the input in Table 1 , the questionnaire results, and quantitative risk metrics in Table 7 and Table 8 , along with the discussion on key sources and drivers of risk in Section 6 , propose mitigation strategies for the top six risks selected by the board.

Author Contributions

Data availability statement, conflicts of interest, appendix a. instructor’s notes, appendix a.1. background and introduction, appendix a.2. case requirements: implementation.

• Aabo, Tom, John Fraser, and Betty Simkins. 2005. The Rise and Evolution of the Chief Risk Officer: Enterprise Risk Management at Hydro One. Journal of Applied Corporate Finance 17: 62–75. [ Google Scholar ] [ CrossRef ]
• Beasley, Mark, Richard Clune, and Dana Hermanson. 2005. Enterprise Risk Management: An Empirical Analysis of Factors Associated with the Extent of Implementation. Journal of Accounting and Public Policy 24: 521–31. [ Google Scholar ] [ CrossRef ]
• Fabrigar, Leandre, Duane Wegener, Robert MacCallum, and Erin Strahan. 1999. Evaluating the use of exploratory factor analysis in psychological research. Psychological Methods 4: 272–99. [ Google Scholar ] [ CrossRef ]
• Farrell, Mark, and Ronan Gallagher. 2014. The Valuation Implications of Enterprise Risk Management Maturity. The Journal of Risk and Insurance 82: 625–67. [ Google Scholar ] [ CrossRef ]
• Fraser, J., and B. Simkins. 2010. Enterprise Risk Management . Hoboken: John Wiley and Sons. ISBN 9780470499085. [ Google Scholar ]
• Fraser, John, Betty Simkins, and Kristina Narvaez. 2014. Implementing Enterprise Risk Management: Case Studies and Best Practices . Hoboken: John Wiley and Sons. [ Google Scholar ]
• Froot, Kenneth, David Scharfstein, and Jeremy Stein. 1993. Risk Management: Coordinating Investment and Financing Policies. Journal of Finance 48: 1629–58. [ Google Scholar ] [ CrossRef ]
• Grace, Martin, J. Tyler Leverty, Richard Phillips, and Prakash Shimpy. 2014. The Value of Investing in Enterprise Risk Management. The Journal of Risk and Insurance 82: 289–316. [ Google Scholar ] [ CrossRef ]
• Harrington, Scott, Greg Niehaus, and Kenneth J. Risko. 2002. Enterprise Risk Management: The Case of United Grain Growers. Journal of Applied Corporate Finance 14: 71–81. [ Google Scholar ] [ CrossRef ]
• Hoyt, Robert E., and Andre P. Liebenberg. 2011. The Value of Enterprise Risk Management. Journal of Risk and Insurance 78: 795–822. [ Google Scholar ] [ CrossRef ]
• Hristov, Ivo, Riccardo Camilli, Antonio Chirico, and Alessandro Mechelli. 2022. The Integration between Enterprise Risk Management and Performance Management System: Managerial Analysis and Conceptual Model to Support Strategic Decision-Making Process. Production Planning & Control , 1–14. [ Google Scholar ] [ CrossRef ]
• Jalilvand, Abol, and John W. Kostolansky. 2016. Le Beau Footwear: A Business Valuation Case for a Privately Held Firm. Issues in Accounting Education 31: 439–47. [ Google Scholar ] [ CrossRef ]
• Jalilvand, Abol, and Sidharth Moorthy. 2022. Enterprise Risk Management (ERM) Maturity: A Clinical Study of a U.S. Multinational Nonprofit Firm” (with S. Moorthy). Journal of Accounting, Auditing, and Finance . [ Google Scholar ] [ CrossRef ]
• Jensen, Michael C., and William H. Meckling. 1976. Theory of the Firm: Managerial Behavior, Agency Costs and Ownership Structure. Journal of Financial Economics 3: 305–60. [ Google Scholar ] [ CrossRef ]
• Kraus, Alan, and Robert Litzenberger. 1973. A State Preference Model of Optimal Financial Leverage. Journal of Finance 28: 911–22. [ Google Scholar ]
• Leland, Hayne E., and David H. Pyle. 1977. Informational Asymmetries, Financial Structure, and Financial Intermediation. Journal of Finance 32: 371–88. [ Google Scholar ] [ CrossRef ]
• Lindberg, Deborah L., and Deborah L. Seifert. 2011. A Comparison of U.S. Auditing Standards with International Standards on Auditing. The CPA Journal 81: 17–21. [ Google Scholar ]
• McShane, Michael K., Anil Nair, and Elzotbek Rustambekov. 2011. Does Enterprise Risk Management Increase Firm Value? Journal of Accounting, Auditing and Finance 26: 641–58. [ Google Scholar ] [ CrossRef ]
• Miller, Merton. 1977. Debt and Taxes. Journal of Finance 32: 261–75. [ Google Scholar ]
• Miller, Merton H., and Franco Modigliani. 1958. The Cost of Capital, Corporation Finance and the Theory of Investment. American Economic Review 48: 261–97. [ Google Scholar ]
• Miller, Merton H., and Franco Modigliani. 1963. Corporate Income Taxes and the Cost of Capital: A Correction. American Economic Review 53: 433–43. [ Google Scholar ]
• Nocco, Brian W., and René M. Stulz. 2006. Enterprise Risk Management: Theory and Practice. Journal of Applied Corporate Finance 18: 8–20. [ Google Scholar ] [ CrossRef ]
• Rosenburg, Joshua V., and Til Schuermann. 2006. A General Approach to Integrated Risk Management with Skewed, Fat-Tailed Risks. Journal of Financial Economics 79: 569–614. [ Google Scholar ] [ CrossRef ]
• Ross, Stephen A. 1977. The Determination of Financial Structure: The Incentive Signaling Approach. Bell Journal of Economics 8: 23–40. [ Google Scholar ] [ CrossRef ]
• Samanta, P., T. Azarchs, and J. Martinez. 2004. The PIM Approach to Assessing the TRM Practices of Financial Institutions . New York: Standard and Poor’s/McGraw-Hill. [ Google Scholar ]
• Shad, Muhammad Kashif, Fong-Woon Lai, Amjad Shamin, Michael McShane, and Sheikh Muhammad Zahid. 2022. The relationship between enterprise risk management and cost of capital. Asian Academy of Management Journal 27: 79–103. [ Google Scholar ]

Share and Cite

Jalilvand, A.; Moorthy, S. Triangulating Risk Profile and Risk Assessment: A Case Study of Implementing Enterprise Risk Management System. J. Risk Financial Manag. 2023 , 16 , 473. https://doi.org/10.3390/jrfm16110473

Jalilvand A, Moorthy S. Triangulating Risk Profile and Risk Assessment: A Case Study of Implementing Enterprise Risk Management System. Journal of Risk and Financial Management . 2023; 16(11):473. https://doi.org/10.3390/jrfm16110473

Jalilvand, Abol, and Sidharth Moorthy. 2023. "Triangulating Risk Profile and Risk Assessment: A Case Study of Implementing Enterprise Risk Management System" Journal of Risk and Financial Management 16, no. 11: 473. https://doi.org/10.3390/jrfm16110473

Article Metrics

Article access statistics, further information, mdpi initiatives, follow mdpi.

Subscribe to receive issue release notifications and newsletters from MDPI journals

• Harvard Business School →
• Faculty & Research →
• July 2008 (Revised January 2012)
• HBS Case Collection

Enterprise Risk Management at Hydro One (A)

• Format: Print
• | Pages: 22

More from the Author

• Winter 2015
• Journal of Applied Corporate Finance

When One Size Doesn't Fit All: Evolving Directions in the Research and Practice of Enterprise Risk Management

• August 2014
• Faculty Research

Enterprise Risk Management at Hydro One (B): How Risky are Smart Meters?

Learning from the kursk submarine rescue failure: the case for pluralistic risk management.

• When One Size Doesn't Fit All: Evolving Directions in the Research and Practice of Enterprise Risk Management  By: Anette Mikes and Robert S. Kaplan
• Enterprise Risk Management at Hydro One (B): How Risky are Smart Meters?  By: Anette Mikes and Amram Migdal
• Learning from the Kursk Submarine Rescue Failure: the Case for Pluralistic Risk Management  By: Anette Mikes and Amram Migdal

Asking the better questions that unlock new answers to the working world's most complex issues. UK

Trending topics

AI insights

Sustainability in business

EY Center of Board Matters

Technology leaders' agenda

EY podcasts

EY webcasts

EY helps clients create long-term value for all stakeholders. Enabled by data and technology, our services and solutions provide trust through assurance and help clients transform, grow and operate.

EY.ai - A unifying platform

Strategy, transaction and transformation consulting

Technology transformation

Tax function operations

Climate change and sustainability services

EY Ecosystems

EY Nexus: business transformation platform

Discover how EY insights and services are helping to reframe the future of your industry.

Case studies

How Microsoft built a new mobility model for cross-border talent

13 May 2024 EY Global

Private equity

How GenAI is empowering talent at a PE-backed consumer brand

08 May 2024 EY Global

Strategy and Transactions

How carve-outs positioned an automotive giant for future growth

11 Apr 2024 EY Global

We bring together extraordinary people, like you, to build a better working world.

Experienced careers

Student careers

Technology careers

Belonging at EY

EY-Parthenon careers

At EY, our purpose is building a better working world. The insights and services we provide help to create long-term value for clients, people and society, and to build trust in the capital markets.

Press release

Scotland forecast revised upwards with GDP highest since pandemic

14 Aug 2024 EY UK

Two consecutive years of growth in new car registrations

05 Aug 2024 James White

UK economy had a strong start to 2024 with more GDP growth to come

23 Jul 2024 Rob Joyce

No results have been found

Recent Searches

How can you adapt your IPO strategy in a dynamic market?

The EY Global IPO Trends Q2 2024 covers the news and insights on the global, area and regional IPO markets for the first half of 2024. Learn more.

How can the moments that threaten your transformation define its success?

Leaders that put humans at the center to navigate turning points are 12 times more likely to significantly improve transformation performance. Learn More.

Artificial Intelligence

EY.ai - a unifying platform

Select your location

Third-party risk management (TPRM) consulting services

Your business challenge   |    Solution benefits   |    Solution features and functionality   |    Why EY

Your business challenge

In the Transformative Age, businesses that are able to make smart decisions at pace thrive. And there aren’t any decisions more important than choosing whom you partner with.

The most agile organizations work with multiple third parties in order to stay competitive. All these relationships are important, but each one adds risk: cyber risk, regulatory risk, brand risk, etc. 

How Teva Pharmaceutical is managing third-party risk better

The company is using data analytics and workflow design to re-engineer compliance as a driving force for better decision-making and change.

Solution benefits

EY teams offer a complete spectrum of broad services that help enable better decisions about whom you work with and how you manage your third-party risk. Solution benefits include:  

• A proactive, centralized approach to help you develop and enhance your program and monitor unforeseen risks.
• Ability to implement and integrate systems and technologies to help manage your third-party population across the relationship lifecycle.
• Increased efficiency and cost savings that enable growth, confidence and trust.

Solution features and functionality

EY services range from strategic consultancy, data-driven transformation and technology implementation, to ongoing management platforms. 

Identify risk

EY team helps deliver access to the latest public, proprietary and self-reported information. This enables clients to identify and classify a variety of risk factors, including cyber, privacy, information security, bribery, corruption, financial crime and reputational and operational concerns.

Evaluate third-party risk management

EY teams provide due diligence and investigation services in more than 240 countries and 100 languages. We offer off-the-shelf and customized services for clients to evaluate, segment and understand both the risk landscape and quality controls in place at the local, country, regional and global level.

Monitor risk

EY teams help clients understand and implement tactical and strategic methods of managing and mitigating third-party risks. These methods include continuous or periodic monitoring, threat monitoring and alert management processes to make the job of staying on top of risk easier to implement at a lower overall cost.

Innovate third-party risk management

EY teams leverage advanced analytics, robotic process automation, advanced workflow and machine learning to simplify and streamline everyday tasks when implementing and managing effective third-party risk management programs.

Enable third-party risk management

EY teams help deliver a range of services that help clients improve their operational risk management. These services include helping clients design risk frameworks, manage governance and model data. We can also provide clients with an outsourced managed service.

The reach and collective knowledge in helping organizations enable better decision-making with EY third-party risk management makes EY teams appropriately positioned to drive innovation in this space. EY approach leverages technology, people and processes to help you remain agile. 

Netta Nyholm

Kanika seth, chris matteson.

Michael Giarrusso

How EY can Help

&nbsp;</b>Enterprise Resilience" href="/en_uk/services/consulting/enterprise-resilience">   Enterprise Resilience

Discover how EY can help transform your business to navigate disruption with agility, stay competitive in the market and help generate long-term value.

Risk consulting services

Discover how EY's risk consulting team can help your organization embrace disruption and turn risk into a competitive advantage.

Cyber risk, compliance and resilience services

Discover how EY's cybersecurity, strategy, risk, compliance & resilience teams can help your organization with its current cyber risk posture and capabilities.

Our latest thinking

• Legal and privacy
• Modern slavery statement
• Connect with us
• Our locations
• Open Facebook profile
• Open X profile
• Open LinkedIn profile
• Open Youtube profile

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.

Thank you for visiting nature.com. You are using a browser version with limited support for CSS. To obtain the best experience, we recommend you use a more up to date browser (or turn off compatibility mode in Internet Explorer). In the meantime, to ensure continued support, we are displaying the site without styles and JavaScript.

• View all journals
• Explore content
• About the journal
• Publish with us
• Sign up for alerts
• Open access
• Published: 28 August 2024

Global insights on flood risk mitigation in arid regions using geomorphological and geophysical modeling from a local case study

• Adel Kotb   ORCID: orcid.org/0000-0002-8188-3188 1 ,
• Ayman I. Taha   ORCID: orcid.org/0000-0003-4526-1784 2 ,
• Ahmed A. Elnazer   ORCID: orcid.org/0000-0002-7338-0935 3 &
• Alhussein Adham Basheer   ORCID: orcid.org/0000-0001-5283-9201 1  

Scientific Reports volume  14 , Article number:  19975 ( 2024 ) Cite this article

Metrics details

• Environmental sciences
• Natural hazards

This research provides a comprehensive examination of flood risk mitigation in Saudi Arabia, with a focus on Wadi Al-Laith. It highlights the critical importance of addressing flood risks in arid regions, given their profound impact on communities, infrastructure, and the economy. Analysis of morphometric parameters ((drainage density (Dd), stream frequency (Fs), drainage intensity (Di), and infiltration number (If)) reveals a complex hydrological landscape, indicating elevated flood risk. due to low drainage density, low stream frequency, high bifurcation ratio, and low infiltration number. Effective mitigation strategies are imperative to protect both communities and infrastructure in Wadi Al-Laith. Geophysical investigations, using specialized software, improve the quality of the dataset by addressing irregularities in field data. A multi-layer geoelectric model, derived from vertical electrical sounding (VES) and time domain electromagnetic (TDEM) surveys, provides precise information about the geoelectric strata parameters such as electrical resistivity, layer thicknesses, and depths in the study area. This identifies a well-saturated sedimentary layer and a cracked rocky layer containing water content. The second region, proposed for a new dam, scores significantly higher at 56% in suitability compared to the first region’s 44%. The study advocates for the construction of a supporting dam in the second region with a height between 230 and 280 m and 800 m in length. This new dam can play a crucial role in mitigating flash flood risks, considering various design parameters. This research contributes to flood risk management in Saudi Arabia by offering innovative dam site selection approaches. It provides insights for policymakers, researchers, and practitioners involved in flood risk reduction, water resource management, and sustainable development in arid regions globally.

Introduction

Floods have long been recognized as one of the most devastating natural disasters, posing significant threats to communities worldwide 1 . In the Kingdom of Saudi Arabia (KSA), a region characterized by arid landscapes and sporadic rainfall, floods can have catastrophic consequences 2 . This paper aims to address the multifaceted issue of flood risks and their profound impact on the communities of KSA 3 , 4 . Furthermore, it underscores the critical importance of mitigating these risks through the judicious selection of dam sites, emphasizing the utilization of geophysical and geomorphological modeling techniques 5 .

Floods in KSA, while infrequent, are nonetheless devastating when they occur due to the arid nature of the region 6 . These events can lead to loss of life, damage to infrastructure, disruption of livelihoods, and economic losses 7 . Understanding the dynamics of flood risks is essential for safeguarding the well-being of KSA’s communities and ensuring the sustainable development of the region 8 . One pivotal approach to mitigating the impact of floods in KSA is through the strategic placement of dams 9 . These structures play a vital role in flood control, water resource management, and supporting agricultural activities 10 . Therefore, the selection of appropriate dam sites is paramount to the overall flood risk reduction strategy.

In this context, this paper centers its focus on the application of geophysical and geomorphological modeling techniques, specifically within the unique setting of Wadi Al-Laith in KSA 11 . Wadi Al-Laith, characterized by its intricate topography and hydrological features, serves as an exemplary case study to demonstrate the efficacy of these innovative approaches in dam site selection (Fig.  1 ). To contextualize our research, we present a comprehensive review of previous studies related to flood risks and dam site selection within the KSA region 12 . These studies provide valuable insights into the historical context and existing methodologies employed in flood risk management. Acknowledging the limitations and challenges of existing approaches is fundamental to driving innovation in flood risk mitigation 13 . By critically evaluating past strategies, we can identify areas where geophysical and geomorphological modeling can enhance the accuracy and effectiveness of dam site selection 14 , 15 .

location map of the study area, ( a ) spatial location of Saudi Arabia (red) relative to the world (gray) created by map chart, https://www.mapchart.net/world.html , ( b ) spatial location of Wadi Laith (green) relative to Makkah governorate (yellow) in Saudi Arabia created by map chart, https://www.mapchart.net/asia.html , ( c ) spatial location of Wadi Laith [created using 26 .

This study’s objective is toestablish a holistic framework for enhancing flood risk mitigation strategies in the region and contribute to the ongoing discourse on flood risk management in KSA by exploring innovative approaches to dam site selection, particularly through a promising solution of the application of geophysical and geomorphological modeling 16 , 17 . It endeavors to offer recommendations that can advance the planning and selection of optimal locations for new dams, as well as evaluate the performance and efficiency of existing dams 18 , 19 . Ultimately, this research is dedicated to ensuring the protection of both the communities and critical infrastructure within the Kingdom of Saudi Arabia (KSA).

The primary aim of this paper is to comprehensively address the multifaceted issue of flood risks in the Kingdom of Saudi Arabia (KSA), highlighting the unique challenges posed by the region’s arid landscapes and sporadic rainfall. The paper emphasizes the catastrophic consequences floods can have on communities, infrastructure, livelihoods, and the economy within KSA, while also considering global implications. It underscores the critical importance of mitigating flood risks through the judicious selection of dam sites, advocating for the use of advanced geophysical and geomorphological modeling techniques to enhance decision-making processes. Recognizing the devastating impact of floods in KSA despite their infrequency, the study promotes the strategic placement of dams as essential for flood control, sustainable water resource management, and supporting agricultural activities.

The paper specifically focuses on Wadi Al-Laith as a case study to illustrate the efficacy of geophysical and geomorphological modeling techniques in dam site selection. This area’s intricate topography and hydrological features serve as an exemplary setting for showcasing innovative flood risk mitigation strategies that could potentially inform similar efforts globally. To provide a comprehensive context, the paper conducts a thorough review of previous studies related to flood risks and dam site selection within KSA, aiming to offer insights into historical contexts, existing methodologies, and challenges faced in flood risk management.

Moreover, the study aims to contribute to the global discourse on flood risk management by exploring innovative approaches to dam site selection that improve accuracy and effectiveness through advanced modeling techniques. By establishing a holistic framework for enhancing flood risk mitigation strategies in KSA, the paper seeks to provide recommendations that can advance the planning and selection of optimal dam locations and evaluate the performance of existing infrastructure. Ultimately, the research aims to protect communities and critical infrastructure in KSA and beyond, thereby improving global resilience to floods and promoting sustainable development practices worldwide.

Area under investigation

Wadi Al-Laith, located in the Kingdom of Saudi Arabia (KSA), is a distinctive geographical feature within the western region of the country 20 . It is characterized by a variety of unique geographical attributes that shape its landscape and hydrology (Fig.  1 ).

Wadi Al-Laith can be described as a wadi, which is a typically dry riverbed or valley that experiences sporadic and often intense flash floods during the rare rainfall events in the arid region of KSA 21 . The geographical features of Wadi Al-Laith include a meandering topography with a pronounced channel that can expand dramatically during flood events. The valley exhibits a narrow and winding path, surrounded by rocky terrain and outcrops, with the nearby presence of limestone formations 22 .

The region’s hydrology is further influenced by its proximity to the Red Sea and the surrounding mountain ranges, which can contribute to localized weather patterns and rainfall variability 23 . Due to its geological composition and topographical characteristics, Wadi Al-Laith becomes particularly susceptible to flash flooding, making it a pertinent area for studying flood risk mitigation.

Wadi Al-Laith has witnessed several historical flood events, which have had significant repercussions for the surrounding communities and infrastructure 14 , 24 . These flood events are typically associated with the sporadic but intense rainstorms that occasionally occur in the region. Over the years, these floods have resulted in loss of life, damage to property, disruption of transportation networks, and agricultural losses. These historical flood events serve as poignant reminders of the urgent need to develop effective flood risk mitigation strategies in the area 20 , 21 , 25 .

Wadi Al-Laith assumes paramount importance as a case study for flood risk mitigation and dam site selection for several compelling reasons. Firstly, the unique topographical and geological characteristics of the region, such as the presence of limestone formations and rocky outcrops, make it an ideal testing ground for assessing the effectiveness of mitigation measures, including the strategic placement of dams. Secondly, the historical flood events in Wadi Al-Laith provide valuable data and insights into the vulnerabilities and risks associated with flash floods in arid regions, which can inform the development of targeted mitigation strategies. Thirdly, the lessons learned from Wadi Al-Laith can be extrapolated to other wadis and flood-prone areas within KSA and similar arid regions globally, making it a crucial reference point for policymakers, researchers, and practitioners engaged in flood risk management.

Briefly, Wadi Al-Laith in KSA serves as an exemplary study area for comprehensively examining the geographical characteristics, historical flood events, and the imperative role it plays in advancing flood risk mitigation and dam site selection strategies. The insights gained from this case study have the potential to enhance the resilience of communities and infrastructure in arid regions, safeguarding them against the adverse impacts of flash floods.

Geological settings

Wadi Al Lith, situated in the western region of Saudi Arabia, boasts a distinctive geological landscape characterized by its diverse features (Fig.  2 ). The prevailing geological composition of this area primarily consists of sedimentary rocks, prominently marked by the presence of extensive limestone formations 27 . These limestone formations are integral components of the sedimentary sequence affiliated with the Arabian Platform, with origins traceable to the Cretaceous and Paleogene epochs 26 , 28 . Specifically, the study area within Wadi Al-Lith assumes the form of a valley stream typified by a thin sedimentary layer, the close proximity of hard rock strata to the surface, and rocky outcrops flanking the valley’s margins 29 . Notably, in select regions, sediment thickness within the valley gradually increases until it interfaces with the underlying hard rock formations.

Geological map of the area under investigation and its surroundings. [Created using 34 .

The geological framework of the Wadi Al-Lith catchment area comprises four primary rock units, as detailed by 27 , 30 .

Quaternary, encompassing sand, gravel, and silt deposits: yhis unit exhibits the predominant presence of eolian sand-dune formations and sheet sand and silt deposits, with sand deposits covering a substantial portion of the region.

Late- to post-tectonic granitic rocks: represented by various plutonic rock types, including diorite, tonalite, granodiorite, and monzogranite, alongside serpentinite to syenite formations.

Lith suite, Khasrah complex, diorite, and gabbro: constituting a suite of mafic to intermediate plutonic rocks.

Baish and Baha groups: comprising rocks such as basalt–dacite and biotite-hornblende-schist-amphibolite.

Additionally, Wadi Al-Lith encompasses volcanic rocks, notably basalt and andesite, remnants of ancient volcanic activity 2 . These volcanic formations are associated with the Red Sea rift system, a significant geological phenomenon that has profoundly influenced the region’s topographical characteristics 31 .

Structurally, the geology of the Wadi Al-Lith region is shaped by faulting and folding processes. Underlying the sedimentary rocks is the Arabian Shield, a Precambrian-age basement complex 31 . Characterized by its rugged and mountainous terrain, this geological foundation contributes significantly to the diverse topography evident in the area 27 , 32 .

The presence of a multitude of rock types and geological structures within Wadi Al-Lith holds significant implications for water resources and the occurrence of flash floods. Impermeable rock formations, such as limestone, can expedite surface runoff during intense precipitation events, augmenting the susceptibility to flash floods 27 , 32 . Consequently, a profound comprehension of the geological attributes of the region assumes paramount importance in facilitating effective water resource management and the implementation of appropriate mitigation measures aimed at mitigating the impact of flash floods 31 , 32 .

Methodology

The hydrogeological method in this study primarily involves using hydrological models to predict and map regions prone to flash floods. The geophysical methods employed include electrical resistivity sounding (VES) and time-domain electromagnetic (TDEM) methods to investigate subsurface layers. Combining hydrogeological and geophysical methods offers a comprehensive understanding of the factors influencing flash floods. Hydrological models derived from detailed morphometric and land cover analyses are augmented with subsurface information obtained from geophysical measurements. This integrated approach allows for more accurate predictions of flash flood-prone areas by considering both surface characteristics and subsurface conditions, ultimately enhancing flood risk mitigation strategies.

Hydrogeological method

In this study, hydrological models assume a pivotal role in the anticipation and mapping of flash flood-prone regions. The hydrological models used in this study are advanced and multifaceted, incorporating: (a) morphometric analysis which are utilizing parameters like drainage density, stream frequency, and rainage intensity, (b) topographic data derived from high-resolution topographic maps, (c) land cover data (integrated using the ASTER GDEM dataset), (d) subsurface information (enhanced with data from geophysical methods), and e) GIS Software: ArcGIS 10.4.1(for comprehensive data analysis).

These models work together to predict specific locales susceptible to flash floods, considering both surface and subsurface characteristics, to provide a holistic approach to flood risk mitigation in arid regions like the Kingdom of Saudi Arabia. These models find their genesis in morphometric analyses, which entail a comprehensive examination of the terrain's spatial characteristics and configurations. Topographic maps, boasting a horizontal posting resolution of approximately 30 m at the equatorial belt, serve as the primary data source for these morphometric inquiries. This level of detail facilitates an exhaustive comprehension of the landscape’s morphology and its ensuing influence on the hydrological patterns governing water flow.

To bolster the precision of the hydrological models, supplementary data regarding land cover is incorporated into the analytical framework. The research team leverages the ASTER Global Digital Elevation Model (GDEM) Version 3 33 , a dataset that furnishes a worldwide digital elevation model of terrestrial regions. This dataset boasts a spatial resolution of 1 arcsecond, equating to approximately 30 m on the ground. By integrating this land cover information into the hydrological models, the research endeavor accommodates pertinent factors such as vegetation types, soil compositions, and land use patterns, all of which exert substantial influences on the hydrological dynamics across the landscape.

Subsequently, hydrological models are brought into action to predict the specific locales susceptible to flash floods. These models simulate the water’s flow trajectory predicated on the amalgamation of topographic particulars and land cover attributes. In so doing, these models pinpoint areas where the confluence of terrain features and land cover characteristics renders them predisposed to the occurrence of flash floods. To further bolster the predictive capacity of these models, subsurface information procured through geophysical measurements is incorporated.

For the comprehensive analysis of data, including morphometric assessments, ArcGIS 10.4.1 software 34 is employed. This software platform facilitates data visualization, manipulation, and morphometric analyses, enabling a detailed exploration of the study area’s pertinent parameters. Key morphometric parameters essential to this study are presented in Table 1 , encompassing metrics such as drainage density (Dd), stream frequency (Fs), drainage intensity (Di), and infiltration number (If). These parameters, as outlined by 35 , 36 , form the cornerstone of the morphometric analyses undertaken in this investigation.

Geophysical methods

Geophysical methods, including electrical resistivity sounding (VES) and time-domain electromagnetic (TDEM) methods, are employed to investigate subsurface layers. The number of measurements were 157 VES and the same number of TDEM have been conducted in the same place to cover the whole area under investigation (Fig.  3 a). VES measures subsurface electrical resistivity at various points, yielding insights into subsurface composition and properties. In contrast, TDEM employs electromagnetic pulses to assess subsurface characteristics. These geophysical measurements inform the development of subsurface models.

( a ) Geographical distribution of VES and TDEM soundings’ site in the area under investigation [created using 26 , ( b ) example of VES no. 1 interpretation [extracted from 51 , ( c ) example of TDEM sounding no. 1 interpretation [extracted from 52 .

Geoelectrical method

Geoelectrical surveys, also known as the “DC method,” entail injecting direct electric current into the ground using surface-based current and voltage electrodes. The current’s direction is alternated to mitigate natural ground interference.

The vertical electrical sounding (VES) technique, utilizing continuous direct current (DC), is widely employed for groundwater exploration. It gauges values influenced by water content in rocks; higher values are characteristic of unsaturated rocks, while lower values indicate saturation, with salinity influencing measurements 37 .

The method of measuring ground electrical resistance relies primarily on Ohm's law, which states that the electric current flowing through a conductor is directly proportional to the voltage across it Eq. ( 1 ).

Ground electrical resistance is measured in accordance with Ohm’s law, where electric current is injected into the ground via two conductive electrodes (A and B) 38 , 39 Eqs. ( 2 ), ( 3 ).

The apparent electrical resistance (ρa) is determined by dividing the product of the potential difference (∆V) by the current strength (I) and multiplying it by a geometric constant (K), which varies based on the distance between the current and voltage electrodes. This process is conducted using the Schlumberger configuration, which allows for deeper measurements compared to other configurations 40 , 41 .

Simultaneously, the potential difference across two additional electrodes (M and N) within the ground is measured. Apparent electrical resistance (ρa) is calculated by dividing the product of potential difference (∆V) by current strength (I) and multiplying by a geometric constant (K), contingent on the electrode distance. The Schlumberger configuration is employed for deeper measurements Eqs. ( 2 ),( 3 ) 42 .

The geoelectrical survey in the study area was performed using the ARES II/1 43 device, manufactured in the Czech Republic, which has a high capacity to transmit a current of up to 5 A, a voltage of 2000 V, and a capacity of up to 850 W, enabling measurements to be taken until reaching the solid base rocks.

Time domain electromagnetic method (TDEM)

TDEM relies on electromagnetic induction principles, creating a varying magnetic field and measuring induced electrical currents in the subsurface.

A transmitter coil carrying a strong current generates a changing magnetic field penetrating the subsurface. This field induces secondary electrical currents (eddy currents) in conductive materials beneath the surface, resulting in secondary magnetic fields. Upon deactivating the transmitter coil, the eddy currents decay, and the associated magnetic fields diminish. A receiver coil captures changes in the magnetic field over time, known as the decay curve or decaying electromagnetic response, providing subsurface resistivity distribution insights 44 .

Key equations utilized in TDEM include Faraday’s law of electromagnetic induction, Maxwell’s equations Eq. ( 4 ), governing electromagnetic wave propagation, and Ampere’s law, accounting for electric currents and the displacement current.

where ( ∇  × B) is the curl of the magnetic field vector (B), (μ 0 ) is the permeability of free space, a fundamental constant, (J) is the electric current density, and (∂E/∂t) is the rate of change of the electric field vector (E) with respect to time. This equation relates magnetic fields to electric currents and the displacement current (the term involving ∂E/∂t), which accounts for the changing electric field inducing a magnetic field 45 , 46 .

The Cole–Cole model represents complex electrical conductivity in subsurface materials, incorporating parameters (σʹ, σʹʹ, and α) to account for frequency-dependent conductivity Eq. ( 5 ).

where the complex conductivity (σ*) and angular frequency (ω) and (j) is the imaginary unit (√(− 1)) 40 , 41 .

Inversion algorithms, based on forward modeling and optimization techniques, interpret TDEM data and construct subsurface resistivity models. The inversion process involves comparing predicted data with measured data and adjusting the resistivity model to minimize discrepancies. Iterations continue until a satisfactory match is achieved, yielding the best-fitting resistivity distribution. These methodologies enable the estimation of subsurface properties, valuable in groundwater exploration, mineral assessment, and geological formation characterization 47 . Figure  3 b, c illustrates an example of these interpretations.

By combining hydrological models derived from topographic and land cover data with the subsurface model obtained from geophysical measurements, a comprehensive understanding of the factors affecting the occurrence of flash floods can be achieved. This integrated approach allows for more accurate prediction of locations vulnerable to flash floods, as it takes into account surface characteristics and subsurface conditions.

In a clearer and more summarized sense, the hydrological models used in this study are derived from detailed morphometric studies based on topographic maps and land cover data. ASTER’s Global Digital Elevation Model (GDEM) version 3 is used to obtain land cover information. These models, along with subsurface information obtained through geophysical measurements and interpretation using VES and TDEM methods, contribute to predicting locations vulnerable to flash floods through a more comprehensive and accurate understanding of the contributing factors.

Hydrogeological modeling

In this study, a comprehensive analysis of the study area’s topography, hydrology, and precipitation patterns was conducted using various geospatial data sources and techniques. The digital elevation model (DEM) played a central role in extracting valuable insights.

The DEM was employed to delineate the drainage network within the study area, specifically focusing on the Wadi Lith watershed (Fig.  4 a). By assessing stream orders within this watershed, a significant observation emerged. It was noted that as the stream order increased, the number of associated stream segments decreased. Notably, the first-order stream (SU1) displayed the highest frequency, indicating that lower-order streams are more prevalent in the area. This observation underscores the heightened susceptibility of Wadi Lith to drainage-related hazards (Fig.  4 b).

( a ) Digital elevation map of the area under investigation, ( b ) drainage network map of the area under investigation. Created using 34 .

The DEM dataset yielded critical information concerning the topography and hydrology of the study area. Elevation data, flood flow directions, and identification of vulnerable regions were among the key findings derived from the DEM analysis. The elevation levels captured by the DEM ranged from 0 to 2663 m within the study area (Fig.  4 a).

The researchers employed ArcGIS software to generate three essential maps using the DEM data: slope, aspect, and hill shade maps to gain a deeper understanding of the topographic features. These maps provided distinct perspectives on the terrain’s characteristics. The slope map (Fig.  5 a) vividly illustrated the steepness of the rocks in the study area, with higher slope values indicating more pronounced inclinations. The aspect map (Fig.  5 b) revealed that slopes predominantly faced southward within the study area. Furthermore, the hill shade map (Fig.  5 c), employing shading techniques, effectively portrayed the topographical features of hills and mountains. It accentuated relative slopes and mountain ridges, notably highlighting the valley of Al-Lith as particularly susceptible to flood hazards (Table 2 ).

( a ) Slope map of the area under investigation, ( b ) aspect map of the area under investigation, ( c ) Hill shade map of the area under investigation. [created using 34 .

Monthly precipitation data (Table 3 ) were scrutinized to understand the precipitation patterns in the Al-Lith area. The analysis revealed that the average annual precipitation in the area amounted to approximately 9.3 mm. Notably, January, November, and December were identified as the months with the highest recorded rainfall levels, as per data sourced from climate-data.org. The combination of these factors suggests that while Al-Lith typically experiences low annual precipitation, the region is highly susceptible to flash floods during specific months which are January, November, and December. This primary flood risk occurs due to significantly higher precipitation levels during these months, where rainfall is significantly higher. The last historical floods happened in November 2018 and December 2022.

As a combined result of the above, this study harnessed the power of the DEM to conduct an in-depth analysis of the study area's drainage network, stream orders, and topographical features. ArcGIS software facilitated the creation of informative slope, aspect, and hill shade maps, shedding light on the terrain’s characteristics and emphasizing flood vulnerabilities in Al-Lith Valley. Furthermore, the examination of monthly precipitation data unveiled the region’s average annual rainfall patterns, highlighting specific months of heightened precipitation (Table 4 ). These integrated findings contribute to a comprehensive understanding of the study area's hydrological and topographic dynamics, which are crucial for flood risk assessment and mitigation efforts.

Morphometric parameters analysis

In the assessment of the study area’s morphometric characteristics, several key parameters were examined to gain valuable insights into its drainage network and hydrological behavior.

Drainage density (Dd)

Drainage density (Dd) serves as a fundamental metric, calculated as the total length of streams within a drainage basin divided by its area (A). In the present research region, a notably low drainage density of 1.19 km −1 is observed, indicative of a scarcity of streams relative to the area’s expanse. This characteristic can be primarily attributed to the presence of erosion-resistant, fractured, and rough rock formations that facilitate accelerated water flow within the wadi 26 .

Stream frequency (Fs)

Stream frequency (Fs) signifies the abundance of streams within a specific area, quantified as the number of streams per unit area. In the studied domain, the stream frequency is calculated to be 3.32 km 2 , revealing a relatively low stream density. This implies a scarcity of streams per square kilometer, a phenomenon influenced by factors such as modest relief, permeable subsurface materials, and a heightened capacity for infiltration. These conditions collectively contribute to the profusion of streams within the region 48 , 49 .

Bifurcation ratio (Rb)

The bifurcation ratio (Rb) provides insights into the branching pattern within a watershed’s stream network. It is computed as the ratio of the number of streams of a given order to the number of streams of the order directly above it. The mean bifurcation ratio (Mbr) in the study area is determined to be 1.96, signifying a notable degree of branching within the watershed’s stream network 49 .

Infiltration number (If)

The infiltration number (If) represents a comprehensive metric evaluating the infiltration capacity of a watershed, factoring in both drainage density and stream frequency. In the research region, the calculated infiltration number is 3.95, categorizing it as exhibiting low infiltration numbers and high runoff potential. This observation underscores the area’s propensity for high runoff rates due to its limited infiltration capacity 49 .

Flood risk assessment and site suitability

The interplay of drainage density, stream frequency, bifurcation ratio, and infiltration number impart significant insights into the watershed's characteristics and hydrological behavior. Notably, the low drainage density, low stream frequency, high bifurcation ratio, and low infiltration number in the study area collectively contribute to elevated flood risk and heightened potential for runoff. This assessment underscores the imperative necessity for the implementation of effective flood mitigation measures within the region.

Furthermore, a holistic approach was applied by 50 involving the interrelationship of bifurcation ratio, drainage frequency, and drainage density to evaluate the basin’s hazard potential. Based on this analysis, the studied basin is identified as having a considerable likelihood of experiencing flash floods.

Briefly, the comprehensive analysis of morphometric parameters reveals critical insights into the study area’s hydrological behavior and flood risk. The observed characteristics necessitate diligent attention to flood risk mitigation strategies and effective management practices within the region.

Geophysical data processing and interpretation

In the aftermath of an extensive field survey conducted within the study area, a meticulous and structured data processing sequence is enacted. This sequence encompasses several crucial steps geared toward enhancing data consistency and reliability.

Data quality assessment

The initial phase of data processing revolves around the generation of apparent resistance curves employing the field data. These curves serve the pivotal function of identifying and rectifying any irregularities, with particular emphasis on anomalies encountered during the onset of electrical and electromagnetic tests. Aberrant readings undergo rigorous scrutiny and, where necessary, are expunged from the dataset to elevate the overall precision and fidelity of the information.

Utilization of data processing software

Subsequently, specialized data processing software tools come into play, specifically the “Interpex 1DIV” 51 and “ZondTEM1D” 52 programs. These meticulously designed programs take on the responsibility of processing data originating from electrical probes. The dataset encompasses critical information, including electrical resistance, and, in applicable scenarios, resistance and inductive polarization. The primary probe data collected from the study site serves as the foundational data set for this comprehensive processing (Fig.  3 b, c).

Development of a multi-layers model

The third phase in the data processing continuum is marked by efforts to streamline the representation of multi-layered data into a more coherent and manageable form. This procedure necessitates the amalgamation of groups of closely associated resistance values into unified composite resistance layers. The primary objective is to streamline the dataset’s complexity while preserving its intrinsic geoelectric attributes and characteristics.

Characterization of geoelectric layers

The ultimate stage of data processing culminates in the meticulous characterization of geoelectric layers. This encompasses the precise determination of electrical resistivity values, layer thicknesses, and the depths of the discrete geoelectric strata. These defined parameters offer a comprehensive understanding of the geological and geophysical attributes of the study area.

Geophysical insights

The geophysical investigation, with a specific focus on the vicinity proximate to the groundwater dam and the Wadi Al-Leith water station within Wadi Al-Laith, has yielded valuable insights. The primary aim was to harness the dam’s influence on nearby wells, thus mitigating the necessity for extensive station-to-well extensions. Concurrently, the presence of a fractured layer and the heterogeneous topography of the solid base rocks were meticulously documented.

The amalgamated findings underscore the existence of a substantial and adequately saturated sedimentary layer at select locations, coexisting alongside a cracked rocky layer harboring a discernible water content. It is pertinent to note that the predominant characteristic across the valley’s expanse is the prevalence of a notably thin sedimentary layer, characterized by limited water saturation (Fig.  6 ). It is clear from the interpretations that the depth of groundwater in the investigation area ranges from 0.5 to 14 m (Fig.  6 a), and the thickness of the layer containing the water ranges between 0.3 and 33.63 m (Fig.  6 b). The inference of the presence of groundwater was confirmed by an actual review of the results of the electrical resistance values, which ranged from 33.9 to 145 Ω.m (Fig.  6 c).

( a ) Depth map to groundwater bearing layer, ( b ) thickness map of groundwater bearing layer, ( c ) resistivity distributions map of groundwater bearing layer, ( d ) map of hypothetical score calculation by geophysical weighted decision matrix [created using 26 .

In summation, the comprehensive geophysical investigation has unveiled the coexistence of well-saturated sedimentary layers and fractured rocky substrates across the study area. These findings constitute a pivotal resource for groundwater assessment and the judicious utilization of resources within the Wadi Al-Laith region.

Matrix of comparative assessment of dam site suitability

Matrix of the effective geoelectrical model for dam site suitability.

Matrices have been mentioned, as one of the means of evaluating the preference for identifying areas, in many studies that deal with environmental and water assessment processes for proposing or evaluating areas for constructing dams, such as 53 , 54 , 55 , 56 , 57 , 58 , 59 , 60 , 61 , 62 , 63 . The matrices differed in many of them depending on the parameters used and the data available (Tables S1 and S2 supplementary information documents). In this research, a somewhat unique matrix was designed based on the availability of data and the amount of correlation and complementarity between them.

In the comprehensive assessment of the geoelectric model of sublayers as an effective parameter in the suitability matrix for both the first and second regions, a series of parameters were carefully considered, each assigned a weight percentage to reflect its relative importance in the decision-making process. These parameters encompassed critical aspects of the geoelectrical model of sublayers and related factors, including layer resistivity (ρ), layer thickness (h), layer geometry, layer boundaries, electrode configuration, data quality and error estimation, inversion algorithm, geological constraints, and hydrogeological properties (Tables S3 and S4 supplementary information documents).

The weighted decision matrices for both regions were constructed by evaluating the effectiveness of each parameter for its effective power in site suitability. A hypothetical score calculation was then performed by multiplying the weight percentage by the effectiveness score for each parameter and summing these values for each region (Table 5 , Fig.  6 d). The results revealed that the second region excelled in suitability, achieving an impressive score of 60%, whereas the first region scored lower at 40%. This suggests that the second region is significantly more favorable for dam construction, as determined by the geoelectrical model of sublayers and its associated suitability parameters.

Matrix of dam site suitability

In the evaluation of suitable locations for building a dam within the first and second regions, a set of parameters and their respective weightings were considered. These parameters included bifurcation ratio (Mbr), aspect, slope, hill shade of the study area, annual average precipitation, stream length (Lu), drainage density (Dd), stream frequency (Fs), drainage intensity (Di), infiltration number (If), flood possibilities, and the geoelectrical model of sublayers (Table 6 ). Each parameter was assigned a weight percentage reflecting its relative importance in the decision-making process. Subsequently, weighted decision matrices were created for both regions, where the quality of each parameter was assessed for each location.

The hypothetical score calculation was performed by multiplying the weight percentage by the quality score for each parameter and summing these values for each region. Based on this analysis, the first region, where the old dam was located, received a suitability score of 44%, while the second region scored higher at 56%, suggesting that the second region may be a more suitable option for building a dam according to the specified criteria (Fig.  7 ).

Map of hypothetical score calculation by hydrogeological and geophysical weighted decision matrix. Created using 26 .

Evaluating dam site suitability

The assessment conducted through matrix analysis has yielded valuable insights into the suitability of potential dam sites in the specified regions. These findings are rooted in a meticulous evaluation of various parameters and their weighted contributions to the overall suitability score. In this context, the first region emerged with a suitability score of 44%, while the second region demonstrated a notably higher score of 56%. This discrepancy in scores underscores a critical distinction between the two regions in terms of their potential for dam construction (Fig.  7 ).

The higher score awarded to the second region suggests that it may hold distinct advantages when measured against the specific criteria used for evaluation. These criteria, which include factors like bifurcation ratio (Mbr), aspect, slope, hill shade of the study area, annual average precipitation, stream length (Lu), drainage density (Dd), stream frequency (Fs), drainage intensity (Di), infiltration number (If), flood possibilities, and the geoelectrical model of sublayers depended on geoelectrical properties, geological constraints, and hydrogeological considerations, collectively indicate a higher level of suitability for dam construction in the second region. This implies that the second region offers a more promising and feasible prospect for establishing a dam infrastructure, aligning closely with the predefined objectives and prerequisites of the project. As such, the findings of this analysis provide a compelling rationale for considering the second region as the preferred choice for future dam construction endeavors.

Parameters of proposed dam

Although it is impossible to completely eliminate the risk of flash floods, there are a variety of strategies to lessen it. For example, it is possible to identify the areas that are most vulnerable to the hazard by analyzing the drainage system, hydrologic modeling, and the local geology. Dams and canals are suggested solutions to the issue in addition to assisting in collecting and replenishing water for various reasons.

The Al-Lith earthen dam in the study area collapsed on November 23, 2018, as a result of repeated rainstorm events in the upper part of Wadi Al-Lith in western Saudi Arabia 64 . An old Al-Lith dam was built as an altocumulus dam to solve this issue. Its height terminates at the earth's surface and its goal is to store groundwater to supply the wells dug above this dam. To supply a purification plant next to the old dam, a number of wells needed to be sunk at the top of the old dam (Fig.  8 ).

Map of the calculated storage-capacity volume of the proposed dam which is suggested for the area under investigation. Created using 34 .

Based on the morphological analysis of the watershed and to reduce the risk of flash flooding 50 , the study of work suggests improving the proposed dam so that it can have a storage capacity of about 38,187,221.4 m 3 and an area behind the dam of about 3,567,763.9 m 2 . Additionally, it may advocate building a supporting dam around 5 km south of the old Al-Lith Dam. Geologically, the site of the proposed and projected new Dam will be constructed on the two wadi sides with hard rock of quartz–diorite and no faults. The newly proposed dam will have a storage capacity of 114,624,651.1 m 3 , and its size will be 5,104,646.8 m 2 (Fig.  8 ). According to GIS analysis, if the elevation map of the study area ranges from 122 to 617 m, the suggested proposed dam should measure between 230 and 280 m in height and 800 m in length.

The hydrogeological modeling conducted in this study leverages Digital Elevation Model (DEM) data to delineate the drainage network of Wadi Lith, revealing key insights into the region's susceptibility to flood hazards. The DEM analysis underscores the dominance of first-order streams (SU1) in the area, indicating a heightened vulnerability to drainage-related issues. The slope, aspect, and hill shade maps generated using ArcGIS further enhance our understanding of the region’s topography. The slope map highlights areas of steep inclinations, the aspect map shows a predominance of south-facing slopes, and the hill shade map vividly portrays the valley’s topographical features, emphasizing the Al-Lith Valley’s susceptibility to floods.

The analysis of morphometric parameters offers a comprehensive understanding of the drainage characteristics and flood risks within the study area. Drainage density (Dd) shows a value of 1.19 km −1 , the low drainage density indicates a scarcity of streams, attributed to erosion-resistant rock formations that facilitate rapid water flow, contributing to flood risk. Stream Frequency (Fs) shows at 3.32 km 2 , the relatively low stream frequency suggests limited stream presence, influenced by modest relief and high infiltration capacity. The bifurcation ratio (Rb) shows a mean value of 1.96 reflecting significant branching within the stream network, crucial for understanding flood dynamics. Infiltration number (If) illustrates the low infiltration number of 3.95 highlights a high runoff potential, underlining the area’s vulnerability to flash floods. These parameters collectively indicate an elevated flood risk and necessitate effective mitigation strategies.

The geophysical investigation, focusing on the area around the groundwater dam and Wadi Al-Leith water station, reveals the coexistence of well-saturated sedimentary layers and fractured rocky substrates. This duality is crucial for groundwater assessment and highlights the potential for utilizing these resources effectively. The identified groundwater depths (0.5–14 m) and layer thicknesses (0.3–33.63 m) are significant for planning water extraction and management strategies.

The matrix analysis for dam site suitability compares two regions, considering various hydrological, geological, and geoelectrical parameters. The geoelectrical model illustrates that the second region scores higher (60%) compared to the first (40%), indicating better suitability for dam construction based on geoelectrical properties. Overall suitability containing factors like bifurcation ratio, aspect, slope, and precipitation illustrates that the second region again scores higher (56%) versus the first (44%). This comprehensive evaluation suggests that the second region is more favorable for dam construction due to its advantageous geoelectrical and topographical characteristics.

Considering the historical collapse of the Al-Lith Dam in November 2018 and December 2022, the study proposes improvements to the dam structure to enhance its storage capacity and flood mitigation capability. The proposed dam should have a storage capacity of approximately 114,624,651.1 m 3 , with a height of 230–280 m and a length of 800 m. This strategic enhancement aims to bolster the region's flood resilience and water management efficiency.

The integrated hydrogeological, geophysical, and morphometric analyses provide a holistic understanding of the flood risks and water management challenges in Wadi Al-Lith. The proposed mitigation strategies, including the construction of a new dam, are grounded in comprehensive geospatial and geophysical data, ensuring their effectiveness in enhancing the region’s flood resilience and water resource management. This study underscores the importance of leveraging advanced geospatial techniques and comprehensive data analysis for effective flood risk mitigation in arid regions.

The study offers a comprehensive evaluation of flood risk mitigation strategies in Wadi Al-Laith, Kingdom of Saudi Arabia (KSA), emphasizing the critical need to address flood risks in arid regions due to their severe impact on communities, infrastructure, livelihoods, and the economy.

By using the hydrological analysis, the investigation of the morphometric parameters revealed low drainage density, low stream frequency, a high bifurcation ratio, and a low infiltration number, indicating elevated flood risk and high runoff potential in Wadi Al-Laith. These characteristics highlight the need for effective flood risk management to protect communities and infrastructure.

By using geophysical investigation, data processing used specialized software 51 , 52 to process electrical and electromagnetic probe data, ensuring accuracy by correcting field data irregularities. The “multi-layer model” was developed by consolidating resistance values and providing detailed information on electrical resistivity, layer thicknesses, and depths of geoelectric strata. Findings include a well-saturated sedimentary layer and a cracked rocky layer with water content, though a thin, less saturated sedimentary layer is predominant. The study area was divided into two regions for dam construction, with the proposed new dam site scoring 56% in suitability, higher than the old dam sites at 44%.

The study indicates the encouragement and support of combining hydrogeological and geophysical data to offer a thorough understanding of factors contributing to flash floods, including topography, drainage characteristics, and subsurface properties.

Long-term implications of constructing dams have environmental Impacts like (1) dams significantly alter natural water flow, which can impact downstream ecosystems. By regulating water flow, dams can reduce the frequency and severity of floods, but they may also reduce sediment transport, affecting riverine habitats and delta formations. (2) The creation of a reservoir can lead to the submersion of land, affecting local flora and fauna. In arid regions like Wadi Al-Laith, this could disrupt unique desert ecosystems (3) Stagnant water in reservoirs can lead to reduced water quality, promoting the growth of algae and affecting aquatic life.

Also, the long-term implications of constructing dams have a morphological response like (1) the dam will trap sediments, leading to sediment accumulation in the reservoir. This can reduce the dam’s storage capacity over time and necessitate periodic dredging. (2) downstream of the dam, reduced sediment supply can lead to channel erosion, altering the geomorphology of the riverbed and potentially impacting infrastructure and habitats.

While acknowledging the potential long-term environmental implications, the decision to propose dam construction is based on a comprehensive assessment of the specific context of Wadi Al-Laith a recommended advice for building an 800 m-long auxiliary dam with a height of 230–280 m, utilizing quartz–diorite rock. Our analysis of morphometric parameters indicates a high flood risk due to low drainage density, low stream frequency, high bifurcation ratio, and low infiltration number. A strategically placed dam can significantly mitigate these risks. Additionally, the selected dam site in the second region, utilizing sturdy quartz–diorite rock without faults, provides a stable foundation for the proposed structure, ensuring its long-term stability and effectiveness. The proposed auxiliary dam, with a detailed design considering height, diameter, relief holes, surface inclinations, and well placements, aims to enhance flood resilience while addressing the specific hydrological and geological conditions of the area.

In addition to proposing dam construction, our study considered several non-structural and nature-based solutions to mitigate flood risk in Wadi Al-Laith, The study underscores the need for a holistic approach to enhance water resource management and support agriculture, and flood risk mitigation in arid regions like KSA, where infrequent but devastating floods can occur. A holistic approach to flood risk mitigation in arid regions like Wadi Al-Lith in the Kingdom of Saudi Arabia should combine structural and non-structural measures to address both immediate flood threats and long-term resilience, considering the unique hydrological and climatic conditions. Key strategies include (1) integrated watershed management, involving catchment area analysis, land use planning, and soil and water conservation; (2) structural measures, such as building dams, flood channels, and retention basins; (3) non-structural measures, including advanced flood forecasting, community engagement, and sustainable water management policies; (4) geophysical and hydrological monitoring through continuous data collection and geophysical surveys; (5) ecosystem-based approaches, such as restoring natural floodplains and promoting green infrastructure; and (6) adaptive management and research to allow flexibility in strategies and support ongoing research. By integrating these measures, advanced monitoring, and active community involvement, a holistic approach can significantly enhance flood resilience in arid regions like Wadi Al-Lith, addressing immediate risks and building long-term sustainability and adaptability to climate change.

The research contributes to flood risk management discourse in KSA by presenting innovative approaches to dam site selection using geophysical and geomorphological modeling. While our study acknowledges the potential long-term environmental implications of dam construction, it also highlights the necessity of such infrastructure in the specific context of Wadi Al-Laith to ensure effective flood risk mitigation. It offers valuable insights and recommendations to protect communities and infrastructure in arid regions prone to flash floods, promoting sustainable development. Findings can guide policymakers, researchers, and practitioners in KSA and similar arid regions globally.

Data availability

All data generated or analyzed during this study are included in this mnuscript.

Sissakian, V. K., Adamo, N. & Al-Ansari, N. The role of geological investigations for dam siting: Mosul Dam a case study. Geotech. Geol. Eng. 38 (2), 2085–2096. https://doi.org/10.1007/s10706-019-01150-2 (2019).

Article   Google Scholar  

Elsebaie, I. H., Kawara, A. Q. & Alnahit, A. O. Mapping and assessment of flood risk in the Wadi Al-Lith Basin, Saudi Arabia. Water 15 (5), 902. https://doi.org/10.3390/w15050902 (2023).

Talebi, A., Mandegar, A. R., Parvizi, S., Poordara, H. & Barkhordari, J. Underground dam site selection using hydrological modelling and analytic network process. Groundw. Sustain. Dev. 23 , 100976. https://doi.org/10.1016/j.gsd.2023.100976 (2023).

Sharma, S. & Mujumdar, P. P. Baseflow significantly contributes to river floods in Peninsular India. Sci. Rep. 14 (1), 1251 (2024).

Article   ADS   CAS   PubMed   PubMed Central   Google Scholar  

Lin, C. H. et al. Application of geophysical methods in a dam project: Life cycle perspective and Taiwan experience. J. Appl. Geophys. 158 , 82–92. https://doi.org/10.1016/j.jappgeo.2018.07.012 (2018).

Article   ADS   Google Scholar  

Fedorov, M., Badenko, V., Maslikov, V. & Chusov, A. Site selection for flood detention basins with minimum environmental impact. Procedia Eng. 165 , 1629–1636. https://doi.org/10.1016/j.proeng.2016.11.903 (2016).

Sadiq, A. A., Tyler, J. & Noonan, D. S. A review of community flood risk management studies in the United States. Int. J. Disaster Risk Reduct. 41 , 101327. https://doi.org/10.1016/j.ijdrr.2019.101327 (2019).

Havenith, H. B., Torgoev, I. & Ischuk, A. Integrated geophysical–geological 3D model of the right-bank slope downstream from the Rogun Dam construction site, Tajikistan. Int. J. Geophys. 2018 , 1–16. https://doi.org/10.1155/2018/1641789 (2018).

Oyedele, K. F., Oladele, S. & Nduka, A. C. Integrated geotechnical and geophysical investigation of a proposed construction site at Mowe, Southwestern Nigeria. GeoSci. Eng. 64 (3), 21–29. https://doi.org/10.2478/gse-2018-0014 (2018).

Jozaghi, A. et al. A comparative study of the AHP and TOPSIS techniques for dam site selection using GIS: A case study of sistan and Baluchestan province, Iran. Geosciences 8 (12), 494. https://doi.org/10.3390/geosciences8120494 (2018).

Othman, A. A. et al. GIS-based modeling for selection of dam sites in the Kurdistan Region, Iraq. ISPRS Int. J. Geo-Inf. 9 (4), 244. https://doi.org/10.3390/ijgi9040244 (2020).

Rather, M. A. et al. Identifying the potential dam sites to avert the risk of catastrophic floods in the Jhelum Basin, Kashmir, NW Himalaya, India. Remote Sens. 14 (7), 1538. https://doi.org/10.3390/rs14071538 (2022).

Ramadan, E. M., Shahin, H. A., Abd-Elhamid, H. F., Zelenakova, M. & Eldeeb, H. M. Evaluation and mitigation of flash flood risks in arid regions: A case study of Wadi Sudr in Egypt. Water 14 (19), 2945. https://doi.org/10.3390/w14192945 (2022).

Karpouza, M. How could students be safe during flood and tsunami events. Int J Disast Risk Re 95 , 103830. https://doi.org/10.1016/j.ijdrr.2023.103830 (2023).

Diaconu, D., Costache, R. & Popa, M. An overview of flood risk analysis methods. Water 13 (4), 474. https://doi.org/10.3390/w13040474 (2021).

Boulange, J., Hanasaki, N., Yamazaki, D. & Pokhrel, Y. Role of dams in reducing global flood exposure under climate change. Nat. Commun. https://doi.org/10.1038/s41467-020-20704-0 (2021).

Article   PubMed   PubMed Central   Google Scholar  

Rahmani, F. & Fattahi, M. H. Investigation of alterations in droughts and floods patterns induced by climate change. Acta Geophys. 72 (1), 405–418. https://doi.org/10.1007/s11600-023-01043-2 (2024).

Skilodimou, H. D. & Bathrellos, G. D. Natural and technological hazards in urban areas: Assessment. Plan. Solut. Sustain. 13 (15), 8301. https://doi.org/10.3390/su13158301 (2021).

Cencetti, C. & Di Matteo, L. Mitigation measures preventing floods from landslide dams: Analysis of pre- and post-hydrologic conditions upstream a seismic-induced landslide dam in Central Italy. Environ. Earth Sci. https://doi.org/10.1007/s12665-022-10515-5 (2022).

Ibrahim, A. S. et al. Identifying cost-effective locations of storage dams for rainfall harvesting and flash flood mitigation in arid and semi-arid regions. J. Hydrol. Reg. Stud. 50 , 101526. https://doi.org/10.1016/j.ejrh.2023.101526 (2023).

Hamza, M. H. & Saegh, A. M. Flash flood risk assessment due to a possible dam break in urban arid environment, the new Um Al-Khair Dam case study, Jeddah, Saudi Arabia. Sustainability 15 (2), 1074. https://doi.org/10.3390/su15021074 (2023).

Al-Amri, N. S., Abdurahman, S. G. & Elfeki, A. M. Modeling aquifer responses from flash flood events through ephemeral stream beds: Case studies from Saudi Arabia. Water 15 (15), 2735. https://doi.org/10.3390/w15152735 (2023).

Khan, M. Y. A., ElKashouty, M., Subyani, A. M. & Tian, F. Morphometric determination and digital geological mapping by RS and GIS techniques in Aseer-Jazan contact, Southwest Saudi Arabia. Water 15 (13), 2438. https://doi.org/10.3390/w15132438 (2023).

Article   CAS   Google Scholar  

Alqreai, F. N. & Altuwaijri, H. A. Assessing the hazard degree of Wadi Malham Basin in Saudi Arabia and its impact on north train railway infrastructure. ISPRS Int. J. Geo-Inf. 12 (9), 380. https://doi.org/10.3390/ijgi12090380 (2023).

Odersky, M. & Löffler, M. Differential exposure to climate change? Evidence from the 2021 floods in Germany. J. Econ. Inequal. https://doi.org/10.1007/s10888-023-09605-6 (2024).

Surfer V.15.5.382 (64-bit). Golden Software, LLC. https://www.goldensoftware.com/products/surfer/ . Accessed 7 Jun 2018. (2018).

Bajabaa, S., Masoud, M. & Al-Amri, N. Flash flood hazard mapping based on quantitative hydrology, geomorphology and GIS techniques (case study of Wadi Al Lith, Saudi Arabia). Arab. J. Geosci. 7 , 2469–2481. https://doi.org/10.1007/s12517-013-0941-2 (2014).

Lashin, A., Chandrasekharam, D., Al Arifi, N., Al Bassam, A. & Varun, C. Geothermal energy resources of Wadi Al-Lith, Saudi Arabia. J. Afr. Earth Sci. 97 , 357–367. https://doi.org/10.1016/j.jafrearsci.2014.05.016 (2014).

Article   ADS   CAS   Google Scholar  

Rahman, K. U., Balkhair, K. S., Almazroui, M. & Masood, A. Sub-catchments flow losses computation using Muskingum-Cunge routing method and HEC-HMS GIS based techniques, case study of Wadi Al-Lith, Saudi Arabia. Model. Earth Syst. Environ. 3 , 4. https://doi.org/10.1007/s40808-017-0268-1 (2017).

Hussein, M. T., Lashin, A., Al Bassam, A., Al Arifi, N. & Al Zahrani, I. Geothermal power potential at the western coastal part of Saudi Arabia. Renew. Sustain. Energy Rev. 26 , 668–684. https://doi.org/10.1016/j.rser.2013.05.073 (2013).

Amin, A. A. & Mesaed, A. A. The role of the geologic and the geomorphologic factors in the formation of some geotourism sites of Saudi Arabia. In Geotourism in the Middle East. Geoheritage, Geoparks and Geotourism (eds Allan, M. & Dowling, R.) (Springer, 2023).

Google Scholar  

Ejaz, N., Bahrawi, J., Alghamdi, K. M., Rahman, K. U. & Shang, S. Drought monitoring using landsat derived indices and google earth engine platform: A case study from Al-Lith Watershed, Kingdom of Saudi Arabia. Remote Sens. 15 (4), 984. https://doi.org/10.3390/rs15040984 (2023).

ASTER Global Digital Elevation Model (GDEM) Version 3. https://asterweb.jpl.nasa.gov/gdem.asp (2019).

ESRI. ArcGIS Desktop: Release 10.4.1. [Software]. Environmental Systems Research Institute. https://desktop.arcgis.com/en/quick-start-guides/10.4/arcgis-desktop-quick-start-guide.htm (2016).

Horton, R. E. Drainage basin characteristics. Trans. Am. Geophys. Un. 13 , 350–361 (1932).

Faniran, A. The index of drainage intensity—A provisional new drainage factor. Aust. J. Sci. 31 , 328–330 (1968).

Dobrin, M. B. & Savit, C. H. Introduction to Geophysical Prospecting (McGraw-hill, 1960).

Telford, W. M., Geldart, L. P. & Sheriff, R. E. Applied Geophysics (Cambridge University Press, 1990).

Book   Google Scholar  

Mussett, A. E. Applied geophysics by WM Telford, LP Geldart and RE Sheriff, Cambridge University Press, 1991. No. of pages: 770. Price £ 65.00 (hardback), £ 25.00 (soft cover). Geol. J. 27 , 97 (1992).

Reynolds, J. M. An Introduction to Applied and Environmental Geophysics (John Wiley & Sons, 2011).

Vogelsang, D. Environmental Geophysics: A Practical Guide (Springer Science & Business Media, 2012).

Dentith, M. & Mudge, S. T. Geophysics for the Mineral Exploration Geoscientist (Cambridge University Press, 2014).

ARES II - 10- CHANNEL AUTOMATIC RESISTIVITY SYSTEM. http://www.gfinstruments.cz/index.php?menu=gi&cont=aresII_ov .

Nabighian, M. N. In Electromagnetic Methods in Applied Geophysics Theory (ed. Nabighian, M. N.) (Society of Exploration Geophysicists, 1988).

Chapter   Google Scholar  

Hoekstra, P. & Blohm, M. W. Case histories of time-domain electromagnetic soundings in environmental geophysics. In Geotechnical an Environmental Geophysics: Volume II: Environmental and Groundwater 1–16 (Society of Exploration Geophysicists, 1990).

Ward, S. H. In Geotechnical an Environmental Geophysics: Volume I: Review and Tutorial (ed. Ward, S. H.) (Society of Exploration Geophysicists, 1990).

Burger, H. R., Sheehan, A. F. & Jones, C. H. Introduction to Applied Geophysics: Exploring the Shallow Subsurface (Cambridge University Press, 2023).

Reddy, G. P., Maji, A. K. & Gajbhiye, K. S. Drainage morphometry and its influence on landform characteristics in basaltic terrain, central India—A remote sensing and GIS approach. Int. J. Appl. Earth Obs. Geoinform. 6 , 1–16 (2004).

ADS   Google Scholar  

Prabhakaran, A. & Jawahar Raj, N. Drainage morphometric analysis for assessing form and processes of the watersheds of Pachamalai hills and its adjoinings, Central Tamil Nadu, India. Appl. Water Sci. 8 , 31. https://doi.org/10.1007/s13201-018-0646-5 (2018).

El Shamy, I. Recent recharge and flash flooding opportunities in the Eastern Desert, Egypt. Ann. Geol. Surv. Egypt 18 , 323–334 (1992).

Interpex limited. IX1Dv3.52.exe Software. http://www.interpex.com/ix1d/ix1d.htm (2013).

Zond Software LTD. ZondTEM1Dv22. http://zond-geo.com/english/zond-software/electromagnetic-sounding/zondtem1d/ (2001-2024).

Berhane, G., Amare, M., Gebreyohannes, T. & Walraevens, K. Geological and geophysical investigation of water leakage from two micro-dam reservoirs: Implications for future site selection, northern Ethiopia. J. Afr. Earth Sci. 129 , 82–93 (2017).

Sultan, S. A., Essa, K. S. A. T., Khalil, M. H., El-Nahry, A. E. H. & Galal, A. N. H. Evaluation of groundwater potentiality survey in south Ataqa-northwestern part of Gulf of Suez by using resistivity data and site-selection modeling. NRIAG J. Astron. Geophys. 6 (1), 230–243 (2017).

Attwa, M. & Zamzam, S. An integrated approach of GIS and geoelectrical techniques for wastewater leakage investigations: Active constraint balancing and genetic algorithms application. J. Appl. Geophys. 175 , 103992 (2020).

Attwa, M. et al. Toward an integrated and sustainable water resources management in structurally-controlled watersheds in desert environments using geophysical and remote sensing methods. Sustainability 13 (7), 4004 (2021).

Khan, U. et al. Integrating a GIS-based multi-influence factors model with hydro-geophysical exploration for groundwater potential and hydrogeological assessment: A case study in the Karak Watershed, Northern Pakistan. Water 13 (9), 1255 (2021).

Adesola, G. O., Gwavava, O. & Liu, K. Hydrological evaluation of the groundwater potential in the fractured karoo aquifer using magnetic and electrical resistivity methods: Case study of the Balfour formation, Alice, South Africa. Int. J. Geophys. 1 , 1891759. https://doi.org/10.1155/2023/1891759 (2023).

Ball, J. Use of Geoelectrical Techniques with Numerical Modelling for Surveying and Monitoring of Engineered Water Retaining Structures (Lancaster University, 2023).

Dai, L. et al. Electrical resistivity tomography revealing possible breaching mechanism of a Late Pleistocene long-lasted gigantic rockslide dam in Diexi, China. Landslides 20 , 1449–1463. https://doi.org/10.1007/s10346-023-02048-0 (2023).

Ge, S., Hu, S., Chen, G. & Zhao, Y. Characterization of a leaky earth dam using integrated geophysical surveys. J. Appl. Geophys. https://doi.org/10.1016/j.jappgeo.2023.105099 (2023).

Kadam, A. K. et al. Demarcation of subsurface water storage potential zone and identification of artificial recharge site in Vel River watershed of western India: Integrated geospatial and hydrogeological modeling approach. Model. Earth Syst. Environ. 9 , 3263–3278. https://doi.org/10.1007/s40808-022-01656-4 (2023).

Shekar, P. R. & Mathew, A. Assessing groundwater potential zones and artificial recharge sites in the monsoon-fed Murredu river basin, India: An integrated approach using GIS, AHP, and Fuzzy-AHP. Groundw. Sustain. Dev. 23 , 100994. https://doi.org/10.1016/j.gsd.2023.100994 (2023).

Youssef, A. M., Abu-Abdullah, M. M., AlFadail, E. A., Skilodimou, H. D. & Bathrellos, G. D. The devastating flood in the arid region a consequence of rainfall and dam failure: Case study, Al-Lith flood on 23th November 2018, Kingdom of Saudi Arabia. Z. Geomorphol. 63 , 115–136. https://doi.org/10.1127/zfg/2021/0672 (2021).

Download references

Acknowledgements

Special thanks to Dr. Nihal Adel ([email protected]), Associate Professor of English, Department of English Language, Faculty of Al-Alsun, Minya University, Egypt, for reviewing the linguistic, grammar, and scientific moral context of the current research.

Open access funding provided by The Science, Technology & Innovation Funding Authority (STDF) in cooperation with The Egyptian Knowledge Bank (EKB).

Author information

Authors and affiliations.

Geology Department, Faculty of Science, Helwan University, Ain Helwan, Cairo, 11795, Egypt

Adel Kotb & Alhussein Adham Basheer

Geoelectric and Geomagnetism Department, National Research Institute of Astronomy and Geophysics (NRIAG), Helwan, Cairo, 11421, Egypt

Ayman I. Taha

Geological Sciences Department, National Research Centre (NRC), 33 El Bohouth St. (Former El-Tahrir St.), Dokki, Giza, 12622, Egypt

Ahmed A. Elnazer

You can also search for this author in PubMed   Google Scholar

Contributions

All authors contributed to all sections and work stages, field measurements, data collection and measurements using geophysical equipment and reviewed the manuscript. A. K. wrote the theoretical part, research methods, removed the deficiencies that appeared after the interpretation, and strengthened the main parts of the research, wrote the summary and conclusions part, reviewed the research parts, maintained a reduction in the percentage of plagiarism, made tables and arranged the forms to match the idea and form of the research, prepare files to confirm the journal requirements and then submitted the research to the journal after approval rest of the authors. A. I. T. developed the field work plan and acquired the data. A. A. E. contributed to the data interpretation, reviewed the research and arranged its parts. A. A. B wrote the text of the manuscript, developed the field work plan with the first and second authors, coordinated the text, wrote the summary and conclusions part with the first author, reviewed the research parts, maintained a reduction in the percentage of plagiarism with the first author, made tables and arranged the forms to match the idea and form of the research with the first author.

Corresponding author

Correspondence to Adel Kotb .

Ethics declarations

Competing interests.

The authors declare no competing interests.

Additional information

Publisher's note.

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Supplementary Information

Supplementary tables., rights and permissions.

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ .

Reprints and permissions

About this article

Cite this article.

Kotb, A., Taha, A.I., Elnazer, A.A. et al. Global insights on flood risk mitigation in arid regions using geomorphological and geophysical modeling from a local case study. Sci Rep 14 , 19975 (2024). https://doi.org/10.1038/s41598-024-69541-x

Download citation

Received : 11 February 2024

Accepted : 06 August 2024

Published : 28 August 2024

DOI : https://doi.org/10.1038/s41598-024-69541-x

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Mitigating the flood danger
• Arid regions
• Geomorphological analysis
• Geophysical modeling
• Hydrological assessment
• Dam site selection
• Wadi Al-Laith
• Saudi Arabia

By submitting a comment you agree to abide by our Terms and Community Guidelines . If you find something abusive or that does not comply with our terms or guidelines please flag it as inappropriate.

Quick links

• Explore articles by subject
• Guide to authors
• Editorial policies

Sign up for the Nature Briefing newsletter — what matters in science, free to your inbox daily.

Pardon Our Interruption

As you were browsing something about your browser made us think you were a bot. There are a few reasons this might happen:

• You've disabled JavaScript in your web browser.
• You're a power user moving through this website with super-human speed.
• You've disabled cookies in your web browser.
• A third-party browser plugin, such as Ghostery or NoScript, is preventing JavaScript from running. Additional information is available in this support article .

To regain access, please make sure that cookies and JavaScript are enabled before reloading the page.

Blue-Green Infrastructure for Flood Resilience: Case Study of Indonesia

• First Online: 28 August 2024

Cite this chapter

• Ariyaningsih 6 ,
• Riyan Benny Sukmara 7 ,
• Rahmat Aris Pratomo 8 ,
• Nurrohman Wijaya 9 &
• Rajib Shaw 6  

Due to climate change, there is an increasing risk to communities from urban floods especially in developing countries like Indonesia. Massive impacts of flooding can influence the damage cost of infrastructure as well. Furthermore, numerous literature reviews mentioned that the importance of blue-green infrastructure in disaster risk reduction has been recognized for managing urban floods by integrating with urban environmental aspects. Blue-green infrastructure provides numerous opportunities and advantages for tackling the diverse concerns related to the environment, societal well-being, and climate change. This chapter discusses the issues, gaps, opportunities, and implementation of Blue-Green Infrastructure for flood resilience especially city in Indonesia (Bandung, Balikpapan, Samarinda, and Semarang). Case studies highlighting blue-green infrastructure gaps, opportunities, successes, and threats from different cities in Indonesia. In detail, this chapter identifies the background and history of the blue-green policy in a specific area/city followed by the characteristics of the specific case. Moreover, this chapter explains how the selected cities implement blue-green infrastructure and explores its effectiveness and implications to the city.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save.

• Get 10 units per month
• Download Article/Chapter or eBook
• 1 Unit = 1 Article or 1 Chapter
• Cancel anytime
• Available as PDF
• Read on any device
• Instant download
• Own it forever
• Available as EPUB and PDF
• Durable hardcover edition
• Dispatched in 3 to 5 business days
• Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Abidin, H. Z., Andreas, H., Gumilar, I., Sidiq, T. P., & Fukuda, Y. (2013). Land subsidence in coastal city of Semarang (Indonesia): Characteristics, impacts and causes. Geomatics, Natural Hazards and Risk, 4 (3), 226–240. https://doi.org/10.1080/19475705.2012.692336

Article   Google Scholar  

Adedeji, T., Proverbs, D., Xiao, H., Cobbing, P., & Oladokun, V. (2019). Making Birmingham a flood resilient city: Challenges and opportunities. Water ( Switzerland ) , 11 (8). https://doi.org/10.3390/w11081699 .

Agonafir, C., Pabon, A. R., Lakhankar, T., Khanbilvardi, R., & Devineni, N. (2022). Understanding New York City street flooding through 311 complaints. Journal of Hydrology, 605 (November 2021), 127300. https://doi.org/10.1016/j.jhydrol.2021.127300 .

Alexander, K., Hettiarachchi, S., Ou, Y., & Sharma, A. (2019). Can integrated green spaces and storage facilities absorb the increased risk of flooding due to climate change in developed urban environments? Journal of Hydrology, 579 (October), 124201. https://doi.org/10.1016/j.jhydrol.2019.124201 .

Anugrahadi, A., Khomsiyah, H. F. Y., & Triany, N. (2020). The Jakarta flood disaster mapping January 2020. International Journal of Advanced Science and Technology, 29 (5), 602–610.

Google Scholar  

Ariyaningsih, R. B. Sukmara, & Pradita, L. (2021). The Sendai framework for disaster risk reduction: Insight from Covid-19 in Balikpapan City, Indonesia. IOP Conference Series: Earth and Environmental Science, 896 (1). https://doi.org/10.1088/1755-1315/896/1/012068 .

Ariyarathna, I. S., Abeyrathna, W. P., & Jamei, E. (2023). Areview of the application of blue–green infrastructure ( BGI ) as an effective urban flood mitigation strategy for livable and healthy cities in Australia (pp. 461–76).

Ariyaningsih, Sukhwani, V., & Shaw, R. (2023). Vulnerability assessment of Balikpapan (Indonesia) for climate change-induced urban flooding. International Journal of Disaster Resilience in the Built Environment, 14 (3), 387–401. https://doi.org/10.1108/IJDRBE-08-2021-0111

Astuti, K. D., Sariffuddin, S., & Pangi, P. (2020). Integrasi Ruang Biru Pada Rencana Tata Ruang Wilayah Sebagai Instrumen Mitigasi Bencana Banjir di Kota Semarang. TATALOKA, 22 (2), 236–248. https://doi.org/10.14710/tataloka.22.2.236-248 .

Atharinafi, Z., & Wijaya, N. (2021). Land use change and its impacts on surface runoff in rural areas of the upper citarum watershed (case study: Cirasea subwatershed). Journal of Regional and City Planning, 32 (1). https://doi.org/10.5614/jpwk.2021.32.1.3

Bank World. (2002). THE WORLD BANK ANNUAL REPORT 2011 ER R ON I CÔT CÔ E D’ I V O I R E He A R A B R E P U B L I C O F E G Y P T, the Volume t S LO VA K R E P U B L I C.

Battemarco, B. P., Tardin-Coelho, R., Veról, A. P., de Sousa, M. M., da Fontoura, C. V. T., Figueiredo-Cunha, J., Barbedo, J. M. R., & Miguez, M. G. (2022, August). Water dynamics and blue-green infrastructure (BGI): Towards risk management and strategic spatial planning guidelines. Journal of Cleaner Production , 333. https://doi.org/10.1016/j.jclepro.2021.129993 .

BNPB. (2022). Banjir Masih Ganggu Aktivitas Warga Kota Samarinda . Badan Penanggulangan Bencana Nasional (BNPB).

BNPB. (2023). Data Bencana Indonesia . Badan Penanggulangan Bencana Nasional (BNPB).

Budiyono, Y., Aerts, J. C. J. H., Tollenaar, D., & Ward, P. J. (2016). River flood risk in Jakarta under scenarios of future change. Natural Hazards and Earth System Science, 16 , 757–774. https://doi.org/10.5194/nhess-16-757-2016

Caesarina, H. M., & Rahmani, D. R. (2019). Penyediaan Ruang Terbuka Hijau dengan Pendekatan Kota Hijau pada Perkotaan Martapura. Jurnal Planoearth, 4 (1), 11. https://doi.org/10.31764/jpe.v4i1.712 .

Caleiro, F., & Ramos, H. M. (2016). Smart water management (SWM): Flood control and water uses (no. July).

Damayanti, A., Arifianto, F., & Indra, T. L. (2021). Development area for floating solar panel and dam in The Former Mine Hole (Void) Samarinda City, East Kalimantan Province. International Journal on Advanced Science, Engineering and Information Technology, 11 (5), 1713–1720. https://doi.org/10.18517/ijaseit.11.5.14097 .

Dasanto, B. D., Pramudya, B., Boer, R., & Suharnoto, Y. (2014). Effects of forest cover change on flood characteristics in the upper Citarum watershed. Jurnal Manajemen Hutan Tropika, 20 (3), 141–149. https://doi.org/10.7226/jtfm.20.3.141

Demuzere, M., Faehnle, M., Orru, K., Olazabal, E., Geneletti, D., Heidrich, O., Orru, H., & Feliu, E. (2014). Evidence on the contribution of green urban infrastructure to climate change mitigation and adaptation .

Detik.com. (2022). Warga Matraman Tewas Kejeblos Dari Toilet, Ini Kondisi Rumah Bantaran Ciliwung . Detik.com.

Dewi, A. (2007). Community-based analysis of coping with urban flooding: a case study in Semarang, Indonesia . M.Sc. thesis, International Institute for Geo-information Science and Earth Observation, Netherland.

Dhyani, S., Karki, M., & Gupta, A. K. (2020). Opportunities and advances to mainstream nature-based solutions in disaster risk management and climate strategy. In A. Dhyani, M. Karki, & A. K. Gupta (Eds.), Nature-based solutions for resilient ecosystems and societies (pp. 1–26). Singapore, Springer. https://doi.org/10.1007/978-981-15-4712-6_1 .

Drosou, N., Soetanto, R., Hermawan, F., Chmutina, K., Bosher, L., & Hatmoko, J. (2019). Key factors influencing wider adoption of. Water, 11 (6), 1–20. https://www.mdpi.com/2073-4441/11/6/1234 .

Dwiputri, M., Aisha, S., & Mentari, R. (2021). EVALUASI SISTEM DRAINASE POLDER KOTA SEMARANG DILIHAT DARI SUDUT PANDANG KOTA RAWAN BENCANA BANJIR. RUSTIC Jurnal Arstektur, 1 (2), 1–9. http://ojs.itb-ad.ac.id/index.php/RUSTIC .

Dwirahmadi, F., Rutherford, S., Phung, D., & Chu, C. (2019). Understanding the operational concept of a flood-resilient urban community in Jakarta, Indonesia, from the perspectives of disaster risk reduction, climate change adaptation and development agencies. International Journal of Environmental Research and Public Health, 16 (20). https://doi.org/10.3390/ijerph16203993 .

Emam, A. R., Mishra, B. K., Kumar, P., Masago, Y., Fukushi, K. (2016). Impact assessment of climate and land-use changes on flooding behavior in the upper Ciliwung River, Jakarta, Indonesia . Water (Switzerland), 8 (12). https://doi.org/10.3390/w8120559 .

Fatimatuzahra Indra, T. L., Damayanti, A., & Dimyati, M. (2021). Monitoring land cover change in Karang Mumus Watershed, Samarinda City in 2006, 2014, and 2020. IOP Conference Series: Earth and Environmental Science, 716 (1). https://doi.org/10.1088/1755-1315/716/1/012020 .

Fawzy, S., Osman, A. I., Doran, J., & Rooney, D. W. (2020). Strategies for mitigation of climate change: a review. Environmental Chemistry Letters, 18 , 2069–2094. https://doi.org/10.1007/s10311-020-01059-w

Article   CAS   Google Scholar  

García Sánchez, F., Solecki, W. D., & Ribalaygua Batalla, C. (2018). Climate change adaptation in Europe and the United States: A comparative approach to urban green spaces in Bilbao and New York City. Land Use Policy, 79 , 164–173. https://doi.org/10.1016/J.LANDUSEPOL.2018.08.010

Garschagen, M., Kraas, F., Garschagen, M., & Kraas, F. (2011). Urban climate change adaptation in the context of transformation: Lessons from Vietnam. In Resilient cities (pp. 131–139). https://doi.org/10.1007/978-94-007-0785-6_13

Garschagen, M., Surtiari, G. A. K., & Harb, M. (2018). Is Jakarta’s new flood risk reduction strategy transformational? Sustainability, 10 (8), 4–7. https://doi.org/10.3390/su10082934

Ghofrani, Z., Sposito, V., & Faggian, R. (2016). Designing resilient regions by applying blue-green infrastructure concepts. The Sustainable City XI, 1 (Sc), 493–505. https://doi.org/10.2495/sc160421 .

Ghofrani, Z., Sposito, V., & Faggian, R. (2017). A comprehensive review of blue-green infrastructure concepts. International Journal of Environment and Sustainability, 6 (1). https://doi.org/10.24102/ijes.v6i1.728

Ghozali, A., Sukmara, R. B., & Aulia, B. U. (2016). A comparative study of climate change mitigation and adaptation on flood management between Ayutthaya City (Thailand) and Samarinda City (Indonesia). Procedia-Social and Behavioral Sciences, 227 (November 2015), 424–429. https://doi.org/10.1016/j.sbspro.2016.06.096 .

Hadi, S. P. (2017). In search for sustainable coastal management: a case study of Semarang, Indonesia. IOP Conference Series: Earth and Environmental Science, 55 (1), 12054. https://doi.org/10.1088/1755-1315/55/1/012054

Hamel, P., & Tan, L. (2021). Blue–green infrastructure for flood and water quality management in Southeast Asia: Evidence and knowledge gaps. Environmental Management, 69 (4), 699–718. https://doi.org/10.1007/S00267-021-01467-W

Hamel, P., & Tan, L. (2022). Blue–green infrastructure for flood and water quality management in southeast Asia: Evidence and knowledge gaps. Environmental Management, 69 (4), 699–718. https://doi.org/10.1007/s00267-021-01467-w

Hapsari, R. I., & Zenurianto, M. (2016a). View of flood disaster management in Indonesia and the key solutions. American Journal of Engineering Research (AJER), 5 (3), 140–151.

Hapsari, R. I., & Zenurianto, M. (2016b). View of flood disaster management in Indonesia and the key solutions. American Journal of Engineering Research (AJER), 5 (3), 140–151.

Hartono, Y. C., Rebecca Milka, N. B., & Setyawan, P. B. (2023). Making education support media about flood hazard in Samarinda in the form of digital comic. Kata, 25 (00), 126–131. https://doi.org/10.9744/kata.25.00.126-131

Harwitasari, D., & van Ast, J. A. (2011). Climate change adaptation in practice: People’s responses to tidal flooding in Semarang, Indonesia. Journal of Flood Risk Management, 4 (3), 216–233. https://doi.org/10.1111/j.1753-318X.2011.01104.x .

Husnayaen, R. A. B., Osawa, T., Parwata, I. N. S., As-syakur, A. R., Kasim, F., & Astarini, I. A. (2018). Physical assessment of coastal vulnerability under enhanced land subsidence in Semarang, Indonesia, using multi-sensor satellite data. Advances in Space Research, 61 (8), 2159–2179. https://doi.org/10.1016/j.asr.2018.01.026 .

IPCC. (2013). Climate Change 2013 the physical science basis. In T. F. Stocker, D. Qin, G. K. Plattner, M. M. B. Tignor, K. Simon (Eds.), Working group I contribution to the fifth assessment report of the intergovernmental panel on climate change

Isa, M., Fauzi, A., & Susilowati, I. (2019). Flood risk reduction in the Northern Coast of Central Java Province, Indonesia: An application of stakeholder’s analysis. Jamba : Journal of Disaster Risk Studies, 11 (1): 1996–1421. https://doi.org/10.4102/jamba.v11i1.660 .

Istiqomah, L. N., Sabri, L., & Sudarsono, B. (2020). ANALISIS PENURUNAN MUKA TANAH KOTA SEMARANG METODE SURVEI GNSS TAHUN 2019. Jurnal Geodesi Undip, 9 (2), 208–216. http://inaCORS.big.go.id .

Jago-on, K. A., Bianet, S. K., Fujikura, R., Fujiwara, A., Imai, T., Matsumoto, T., Zhang, J., et al. (2009). Urbanization and subsurface environmental issues: An attempt at DPSIR model application in Asian cities. The Science of the Total Environment, 407 (9), 3089–3104. https://doi.org/10.1016/j.scitotenv.2008.08.004

Kabisch, N., Frantzeskaki, N., Pauleit, S., Naumann, S., Davis, M., Artmann, M., Haase, D., et al. (2016). Nature-based solutions to climate change mitigation and adaptation in urban areas: Perspectives on indicators, knowledge gaps, barriers, and opportunities for action. Ecology and Society, 21 (2). https://doi.org/10.5751/ES-08373-210239 .

Kaltim Today. (2020). Menguak Catatan Sejarah Banjir Besar Yang Menerjang Samarinda. Kaltim Today

Kapetas, L., & Fenner, R. (2020). Integrating blue-green and grey infrastructure through an adaptation pathways approach to surface water flooding. Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences, 378 (2168). https://doi.org/10.1098/rsta.2019.0204 .

Kaur, R., & Gupta, K. (2022). Blue-green infrastructure (BGI) network in urban areas for sustainable storm water management: A geospatial approach. City and Environment Interactions, 16 (June), 100087. https://doi.org/10.1016/j.cacint.2022.100087

Khasanah, I. U., Heliani, L. S., & Basith, A. (2016). Trends and seasonal to annual sea level variations of North Java Sea derived from tide gauges data. In Proceedings of the First International Conference on Technology Innovations Society, Padang, West Sumatra, Indonesia, 21 July 2016–22 July 2016 (pp. 308–316). Padang, Indonesia: ITP Press. https://doi.org/10.21063/ICTIS.2016.1049 .

Kompas. (2013). Ridwan Kamil Luncurkan Gerakan Sejuta Biopori Halaman all—Kompas.com . Kompas. https://regional.kompas.com/read/2013/12/20/1214497/Ridwan.Kamil.Luncurkan.Gerakan.Sejuta.Biopori?page=all

Kuehn, F., Albiol, D., Cooksley, G., Duro, J., Granda, J., Haas, S., Hoffmann-Rothe, A., & Murdohardono, D. (2010). Detection of land subsidence in Semarang, Indonesia, using stable points network (SPN) technique. Environmental Earth Sciences, 60 (5), 909–921. https://doi.org/10.1007/s12665-009-0227-x

Lawton, M. P. (1961). “Wolman!” Contemporary Psychology : A Journal of Reviews . https://doi.org/10.1037/006636 .

Law No. 26 Year 2007 On Spatial Management. (2007). Republic of Indonesia.

Liao, K. H., Deng, S., & Tan, P. Y. (2017). Blue-green infrastructure: New Frontier for sustainable urban stormwater management. In Advances in 21st century human settlements (pp. 203–226). https://doi.org/10.1007/978-981-10-4113-6_10/TABLES/9

Lubis, S. W., Hagos, S., Hermawan, E., Respati, M. R., Ridho, A., Risyanto, Paski, J. A. I., et al. (2022). Record-breaking precipitation in Indonesia’s Capital of Jakarta in Early January 2020 linked to the Northerly Surge, Equatorial Waves, and MJO. Geophysical Research Letters, 49 (22). https://doi.org/10.1029/2022GL101513 .

Mahmud, M., Kusumandari, A., Sudarmadji, S., Supriyatno, N. (2018). A study of flood causal priority in Arui Watershed, Manokwari Regency, Indonesia. Jurnal Manajemen Hutan Tropika, 24 (2), 81–94. https://doi.org/10.7226/jtfm.24.2.81 .

Makopondo, R. O. B., Rotich, L. K., & Kamau, C. G. (2020). Potential use and challenges of constructed wetlands for wastewater treatment and conservation in game lodges and resorts in Kenya. Scientific World Journal . https://doi.org/10.1155/2020/9184192

Mamangkey, E. T., Sukmara, R. B., & Ariyaningsih. (2021). Rainwater harvesting as an alternative of freshwater supply in Balikpapan City-a case study of Institut Teknologi Kalimantan. IOP Conference Series: Earth and Environmental Science, 896 (1). https://doi.org/10.1088/1755-1315/896/1/012040 .

Marfai, M. A. (2014). Impact of sea level rise to coastal ecology: A case study on the Northern Part of Java Island, Indonesia. Quaestiones Geographicae, 33 (1), 107–114. https://doi.org/10.2478/quageo-2014-0008

Marfai, M. A., & King, L. (2008). Coastal flood management in Semarang, Indonesia. Environmental Geology, 55 (7), 1507–1518. https://doi.org/10.1007/s00254-007-1101-3

Marfai, M. A., King, L., Sartohadi, J., Sudrajat, S., Budiani, S. R., & Yulianto, F. (2008). The impact of tidal flooding on a coastal community in Semarang, Indonesia. The Environmentalist, 28 (3), 237–248. https://doi.org/10.1007/s10669-007-9134-4

Margareth, Abdullah, O. S., Cahyandito, M. F., & Safitri, K.I. (2021). Buruan Sae in the city of Bandung: Realizing ideas from urban society. IOP Conference Series: Earth and Environmental Science, 918 (1). https://doi.org/10.1088/1755-1315/918/1/012051

Mukherjee, M., & Takara, K. (2018). Urban green space as a countermeasure to increasing urban risk and the UGS-3CC resilience framework. International Journal of Disaster Risk Reduction, 28 , 854–861. https://doi.org/10.1016/J.IJDRR.2018.01.027

Nashrrullah, S., Pasaribu, J. M., Hazarika, M. K., & Samarakoon, L. (2013). Study of flood inundation in Pekalongan, Central Java. International Journal of Remote Sensing and Earth Sciences, 10 (2). https://doi.org/10.30536/j.ijreses.2013.v10.a1845 .

Nirwansyah, A. W., & Braun, B. (2019). Mapping impact of tidal flooding on solar salt farming in Northern Java using a hydrodynamic model. ISPRS International Journal of Geo-Information, 8 (10). https://doi.org/10.3390/ijgi8100451 .

Nofal, O. M., & van de Lindt, J. W. (2022). Understanding flood risk in the context of community resilience modeling for the built environment: Research needs and trends. Sustainable and Resilient Infrastructure, 7 (3), 171–187. https://doi.org/10.1080/23789689.2020.1722546

Novitasari, N., & Kurdi, H. (2022). Flood mitigation in Banjar Regency, South Kalimantan, Indonesia in 2021: Between hydro-meteorological factor and anthropogenic factor. IOP Conference Series: Earth and Environmental Science, 999 (1). https://doi.org/10.1088/1755-1315/999/1/012010 .

O’Donnell, E. C., Lamond, J. E., & Thorne, C. R. (2017). Recognising barriers to implementation of blue-green infrastructure: A newcastle case study. Urban Water Journal, 14 (9), 964–971. https://doi.org/10.1080/1573062X.2017.1279190

O’Donnell, E. C., Thorne, C. R., Alan Yeakley, J., & Chan, F. K. S. (2020a). Sustainable flood risk and stormwater management in blue-green cities; an interdisciplinary case study in Portland, Oregon. Journal of the American Water Resources Association, 56 (5), 757–775. https://doi.org/10.1111/1752-1688.12854

O’Donnell, E., Thorne, C., Ahilan, S., Arthur, S., Birkinshaw, S., Butler, D., Dawson, D., et al. (2020b). The blue-green path to urban flood resilience. Blue-Green Systems, 2 (1), 28–45. https://doi.org/10.2166/bgs.2019.199

O’Donnell, E. C., & Thorne, C. R. (2020). Drivers of future urban flood risk. Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences, 378 (2168), 20190216. https://doi.org/10.1098/rsta.2019.0216

O’Donnell, E. C., Netusil, N. R., Chan, F. K. S., Dolman, N. J., & Gosling, S. N. (2021). International perceptions of urban blue-green infrastructure: A comparison across four cities. Water (Switzerland), 13 (4), 1–25. https://doi.org/10.3390/w13040544

O’Donnell, Emily. (2021). Delivering multiple co-benefits in blue-green cities. https://doi.org/10.55203/pclw1513

Orleans Reed, S., Friend, R., Toan, V. C., Thinphanga, P., Sutarto, R., & Singh, D. (2013). “Shared learning” for building urban climate resilience-experiences from Asian cities. Environment and Urbanization, 25 (2), 393–412. https://doi.org/10.1177/0956247813501136

Pal, I., Doydee, P., Utarasakul, T., Jaikaew, P., Razak, K. A. B., Fernandez, G., Huang, T., & Chen, C. S. (2021). System approach for flood vulnerability and community resilience assessment at the local level–a case study of Sakon Nakhon Province, Thailand. Kasetsart Journal of Social Sciences, 42 (1), 107–116. https://doi.org/10.34044/j.kjss.2021.42.1.17 .

Pauleit, S., Vasquéz, A., Maruthaveeran, S., Liu, L., Cilliers, S. S., Vasquéz, A., Maruthaveeran, S., Liu, L., & Cilliers, S. S. (2021). Urban green infrastructure in the global South (pp. 107–143). https://doi.org/10.1007/978-3-030-67650-6_5

POSKOTA. (2020). Duh, Kali Ciliwung Di Kwitang Alami Pendangkalan . POSKOTA.

Pour, S. H., Abd Wahab, A. K., Shahid, S., Asaduzzaman, M., & Dewan, A. (2020). Low impact development techniques to mitigate the impacts of climate-change-induced urban floods: Current trends, issues and challenges. Sustainable Cities and Society, 62 (June), 102373. https://doi.org/10.1016/j.scs.2020.102373 .

Praditya, E., Suprapto, F. A., Ali, Y., Surjaatmadja, S., & Duarte, R. (2023). Nusantara capital city (IKN): Threats and defense strategies for Indonesia’s new capital. The Journal of Indonesia Sustainable Development Planning, 4 (1), 21–34. https://doi.org/10.46456/jisdep.v4i1.420 .

Pramantha, R. Q., Agustian, E., Suminar, L., Refnitasari, L. (2021). The characteristics of riverbank slum settlement in Indonesia. Case study: Depok, Palembang, Surabaya, and Surakarta. IOP Conference Series: Earth and Environmental Science, 916 (1). https://doi.org/10.1088/1755-1315/916/1/012012 .

Pratiwi, M. A. N., Nuraini, N., Nugroho, H., & Kurniani, D. (2016). Kajian Kinerja Sistem Polder dengan Balance Scorecard. Jurnal Karya Teknik Sipil, 5 (1), 79–89.

Pratomo, R. A., Samsura, D. A. A., & van der Krabben, E. (2022). Living on the edge: Comparing the quality of life transformation of local communities induced by new town development in different Peri-Urban areas. Sustainability ( Switzerland ) , 14 (20). https://doi.org/10.3390/su142013435 .

Pratomo, R. A., Samsura, D. A. A., & van der Krabben, E. (2023). Towards sustainable life of local communities in coastal cities: A longitudinal study of new town development in Makassar. In S. Roitman, & D. Rukmana (Eds.), Routledge hanbook of urban Indonesia (1st ed., p. 14). Routledge.

ProKaltim. (2022). Samarinda Menuju Kota Pusat Peradaban Di Tengah Persoalan Banjir, Benahi Tata Ruang, Perbanyak Kawasan Hijau. ProKaltim.

Reckien, D., Salvia, M., Heidrich, O., Church, J. M., Pietrapertosa, F., De Gregorio-Hurtado, S., d’Alonzo, V., et al. (2018). How are cities planning to respond to climate change? Assessment of local climate plans from 885 cities in the EU-28. Journal of Cleaner Production, 191 , 207–19. https://doi.org/10.1016/j.jclepro.2018.03.220 .

Reed, S. O., Friend, R., Jarvie, J., Henceroth, J., Thinphanga, P., Singh, D., Tran, P., & Sutarto, R. (2015). Resilience projects as experiments: Implementing climate change resilience in Asian cities. Climate and Development, 7 (5), 469–480. https://doi.org/10.1080/17565529.2014.989190

Rezagama, A., & Tamlikha, A. (2016). Identifikasi Pencemar Waduk Manggar Kota Balikpapan. Jurnal Pengembangan Kota, 4 , 40. https://doi.org/10.14710/jpk.4.1.40-48

Rizaldi, A., Moe, I. R., Farid, M., Aribawa, T. M., Bayuadji, G., & Sugiharto, T. (2019). Study of flood characteristic in Cikalumpang River by using 2D flood model. MATEC Web of Conferences, 270 , 04010. https://doi.org/10.1051/matecconf/201927004010

Sahani, J., Kumar, P., Debele, S., Spyrou, C., Loupis, M., Aragão, L., Porcù, F., Shah, M. A. R., & Di Sabatino, S. (2019). Hydro-meteorological risk assessment methods and management by nature-based solutions. Science of the Total Environment, 696 , 133936. https://doi.org/10.1016/j.scitotenv.2019.133936

Santos, A., Sousa, N., Kremers, H., & Bucho, J. L. (2020). Building resilient urban communities: The case study of Setubal Municipality, Portugal. Geosciences (Switzerland), 10 (6), 1–13. https://doi.org/10.3390/geosciences10060243

Santoso, E. B., Rahmadanita, A., & Ryandana, M. D. (2022). Ruang Terbuka Hijau Di Kota Samarinda: Pencapaian, Permasalahan Dan Upayanya. Jurnal Ilmu Pemerintahan Widya Praja, 48 (1), 103–26. https://doi.org/10.33701/jipwp.v48i1.2828 .

Sari, A. D., & Prayoga, N. (2018). Enhancing citizen engagement in the face of climate change risks: A case study of the flood early warning system and health information system in Semarang City, Indonesia. In S. Hughes, E. K. Chu, & S. G. Mason (Eds.), Climate change in cities: Innovations in multi-level governance (pp. 121–137). Springer International Publishing. https://doi.org/10.1007/978-3-319-65003-6_7 .

Sensuse, D. I., Putro, P. A. W., Rachmawati, R., & Sunindyo, W. D. (2022). Initial cybersecurity framework in the New Capital City of Indonesia: Factors, objectives, and technology. Information (Switzerland), 13 (12), 1–10. https://doi.org/10.3390/info13120580

Singh, K. K., Katewongsa, P., Wijaya, N., & Kwan, S. C. (2021). Green, open spaces and transport for healthy and sustainable cities in Asian developing countries. Malaysian Journal of Medicine and Health Sciences, 17 (3), 2636–9346.

Solihuddin, T., Husrin, S., Mustikasari, E., Heriati, A., Kepel, T. L., Salim, H. L., Risandi, J., & Dwiyanti, D. (2021). Coastal inundation and land subsidence in North Coast of West Java: A new hazard? IOP Conference Series : Earth and Environmental Science, 925 (1), 0–14. https://doi.org/10.1088/1755-1315/925/1/012015 .

Stanton-Geddes, Z., & Vun, Y. J. (2019). Strengthening the disaster resilience of Indonesian cities. Time to ACT: Realizing Indonesia’s Urban Potential , no. September, 161–171. https://doi.org/10.1596/978-1-4648-1389-4_spotlight1 .

Statistics of Bandung Municipality. (2023). Bandung municipality in figures 2023. https://bandungkota.bps.go.id/publication/2023/02/28/13fdfc9d27b1f2c450de2ed4/kota-bandung-dalam-angka-2023.html

Sugianto, S., Deli, A., Miswar, E., Rusdi, M., & Irham, M. (2022). The effect of land use and land cover changes on flood occurrence in Teunom Watershed, Aceh Jaya. Land, 11 (8). https://doi.org/10.3390/land11081271 .

Suseno, N. V., Widyastuti, M. (2017). Analisis Kualitas Air PDAM Tirta Manggar Kota Balikpapan. J Bumi Indones 6 (1):1–8.

Suliyati, T. (2014). Penataan Drainase Perkotaan Berbasis Budaya dalam Upaya Penanganan Banjir di Kota Semarang. HUMANIKA, 19 (1), 59–69.

Sunaris, M. L., & Tallar, R. Y. (2019). Green polder system: Kajian Konsep Infrastruktur Berkelanjutan Pada Wilayah Pesisir. Seminar Nasional Inovasi Dan Aplikasi Teknologi Di Industri, 2019 , 372–376.

Swain, D. L., Wing, O. E., Bates, P. D., Done, J. M., Johnson, K. A., & Cameron, D. R. (2020). Increased flood exposure due to climate change and population growth in the United States. Earth’s Future, 8 (11). https://doi.org/10.1029/2020EF001778 .

Tarigan, S. D. (2016). Land cover change and its impact on flooding frequency of Batanghari Watershed, Jambi Province, Indonesia. Procedia Environmental Sciences, 33 , 386–392. https://doi.org/10.1016/j.proenv.2016.03.089

Thorne, C. R., Lawson, E. C., Ozawa, C., Hamlin, S. L., & Smith, L. A. (2018). Overcoming uncertainty and barriers to adoption of blue-green infrastructure for urban flood risk management. Journal of Flood Risk Management, 11 , S960–S972. https://doi.org/10.1111/jfr3.12218

Walsh, C. J., Booth, D. B., Burns, M. J., Fletcher, T. D., Hale, R. L., Hoang, L. N., Livingston, G., et al. (2016). Principles for urban stormwater management to protect stream ecosystems. Freshwater Science, 35 (1), 398–411. https://doi.org/10.1086/685284

Warsilan, W. (2019). Dampak Perubahan Guna Lahan Terhadap Kemampuan Resapan Air (Kasus: Kota Samarinda). Jurnal Pembangunan Wilayah & Kota, 15 (1), 70. https://doi.org/10.14710/pwk.v15i1.20713 .

Wells, J. A., Wilson, K. A., Abram, N. K., Nunn, M., Gaveau, D. L., Runting, R. K., Tarniati, N., Mengersen, K. L., & Meijaard, E. (2016). Rising floodwaters: Mapping impacts and perceptions of flooding in Indonesian Borneo. Environmental Research Letters, 11 (6). https://doi.org/10.1088/1748-9326/11/6/064016 .

Wen, K., Ren, G., Li, J., Zhang, A., Ren, Y., Sun, X., & Zhou, Y. (2019). Recent surface air temperature change over Mainland China based on an urbanization-bias adjusted dataset. Journal of Climate, 32 (10), 2691–2705. https://doi.org/10.1175/JCLI-D-18-0395.1

Wijaya, N. (2015). Deteksi Perubahan Penggunaan Lahan dengan Citra Landsat dan Sistem Informasi Geografis: Studi Kasus di Wilayah Metropolitan Bandung, Indonesia. Geoplanning: Journal of Geomatics and Planning, 2 (2), 82–92. https://doi.org/10.14710/GEOPLANNING.2.2.82-92

Wijaya, U. A. A., & Suhardi, D. (2022). Penanganan Permasalahan Banjir di Kota Semarang. Seminar Keinsinyuran, 2022 , 181–183.

Wijayanti, P., Zhu, X., Hellegers, P., Budiyono, Y., & van Ierland, E. C. (2017). Estimation of river flood damages in Jakarta, Indonesia. Natural Hazards, 86 (3), 1059–1079. https://doi.org/10.1007/s11069-016-2730-1

Wijayanti, W. P., & Pratomo, R. A. (2016). Adaptation of social-economic livelihoods in coastal community: The case of Mangunharjo Sub-District, Semarang City. Procedia—Social and Behavioral Sciences, 227 , 477–484. https://doi.org/10.1016/j.sbspro.2016.06.103

Wismarini, Th. D., & Ningsih, D. H. U. (2010). Analisis Sistem Drainase Kota Semarang Berbasis Sistem Informasi Geografi dalam Membantu Pengambilan Keputusan bagi Penanganan Banjir. Jurnal Teknologi Informasi DINAMIK, XV (1), 41–51.

Yulianto, F., Sofan, P., Zubaidah, A., Sukowati, K. A. D., Pasaribu, J. M., & Khomarudin, M. R. (2015). Detecting areas affected by flood using multi-temporal ALOS PALSAR remotely sensed data in Karawang, West Java, Indonesia. Natural Hazards, 77 (2), 959–985. https://doi.org/10.1007/s11069-015-1633-x

Yuniartanti, R. K., Handayani, W., & Waskitaningsih, N. (2016). Monitoring and evaluation effectiveness in flood early warning system project in Semarang City. International Journal of Society Systems Science, 8 (1), 49–77. https://doi.org/10.1504/IJSSS.2016.076004

Yuwono, B. D., Abidin, H. Z., & Hilmi, M. (2013). Analisa Geospasial Penyebab Penurunan Muka Tanah Di Kota Semarang. Prosiding Seminar Nasional Sains Dan Teknologi, 4 , 2013.

Zeng, X., Yu, Y., Yang, S., Lv, Y., & Sarker, M. N. I. (2022). Urban resilience for urban sustainability: Concepts, dimensions, and perspectives. Sustainability (Switzerland), 14 (5), 1–27. https://doi.org/10.3390/su14052481 .

Zhang, X., & Li, H. (2018). Urban resilience and urban sustainability: What we know and what do not know? Cities, 72 , 141–148. https://doi.org/10.1016/J.CITIES.2017.08.009

Download references

Author information

Authors and affiliations.

Graduate School of Media and Governance, Keio University Shonan Fujisawa Campus, Fujisawa, Japan

Ariyaningsih & Rajib Shaw

Department of Civil Engineering, National Central University, Taiwan and Institut Teknologi Kalimantan, Balikpapan, Indonesia

Riyan Benny Sukmara

Urban and Regional Planning, Institut Teknologi Kalimantan, Balikpapan, Indonesia

Rahmat Aris Pratomo

Urban and Regional Planning, Institut Teknologi Bandung, Bandung, Indonesia

Nurrohman Wijaya

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Ariyaningsih .

Editor information

Editors and affiliations.

School of Environmental Sciences, Jawaharlal Nehru University, New Delhi, Delhi, India

P. K. Joshi

Department of Botany, University of Delhi, New Delhi, Delhi, India

Delhi College of Arts and Commerce, University of Delhi, New Delhi, Delhi, India

Rahul Bhadouria

Upadhyaya College, Dept of Botany, University of Delhi, Deen Dayal, New Delhi, Delhi, India

Sachchidanand Tripathi

Department of Botany, Panjab University, Chandigarh, Punjab, India

Rishikesh Singh

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Ariyaningsih, Sukmara, R.B., Pratomo, R.A., Wijaya, N., Shaw, R. (2024). Blue-Green Infrastructure for Flood Resilience: Case Study of Indonesia. In: Joshi, P.K., Rao, K.S., Bhadouria, R., Tripathi, S., Singh, R. (eds) Blue-Green Infrastructure for Sustainable Urban Settlements. Springer, Cham. https://doi.org/10.1007/978-3-031-62293-9_11

Download citation

DOI : https://doi.org/10.1007/978-3-031-62293-9_11

Published : 28 August 2024

Publisher Name : Springer, Cham

Print ISBN : 978-3-031-62292-2

Online ISBN : 978-3-031-62293-9

eBook Packages : Earth and Environmental Science Earth and Environmental Science (R0)

Share this chapter

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Publish with us

Policies and ethics

• Find a journal
• Track your research