ISO 31000 Risk Management in Practice: Adoption Challenges and Benefits in Qatar’s Leading Construction Firm
DOI:
https://doi.org/10.11594/ijmaber.06.08.33Keywords:
ISO 31000, risk management, construction industry, capacity-building, Qatar, challenges, enterprise risk managementAbstract
The construction industry frequently faces a range of risks, including safety concerns, financial uncertainty, and operational interruptions that can result in substantial costs. Given these ongoing challenges, adopting a structured approach to risk management has become increasingly important. This study examines the application of the ISO 31000 risk management framework in practice at XYZ Construction in Qatar, with a particular focus on the challenges encountered during implementation and the benefits observed by employees. Data were collected through a structured survey using a convenience sampling method, involving 56 employees from different levels of the organization, to evaluate the effectiveness of the applied risk management practices. The top five benefits identified were enterprise-wide risk perspective, alignment with organizational goals, proactive approach to risk, cost reductions, and increased stakeholder confidence. Nonetheless, implementation faced several barriers, such as knowledge and skills gaps, cultural and operational integration difficulties, limited training and leadership involvement, resistance to change, and inadequate resource allocation. This study utilized multiple regression analysis to investigate the simultaneous influence of various factors on the adoption of ISO 31000. Despite the comprehensive assessment of multiple variables, the findings indicated no statistically significant effect, implying that additional determinants may affect the adoption process. The findings highlight leadership support, clear communication, and strategic planning as vital for embedding risk management. Recommendations focus on targeted training, stronger leadership involvement, tailored risk tools, and improved cross-departmental collaboration to enhance resource allocation, cultural integration, and overall risk management effectiveness.
Downloads
References
Alaa Hussein, H., & Kamel Jawad, M. (2024). Evaluation of risk management in the ministry interior of iraq according to the standards (ISO 31000: 2018). Journal of Economics and Administrative Sciences, 30(142), 69–85. https://doi.org/10.33095/e21b7x84
Albasyouni, W., Kamara, J., & Heidrich, O. (2025). Key challenges and opportunities to improve risk assessments in the con-struction industry. Buildings, 15(11), 1832. https://doi.org/10.3390/buildings15111832
Al-Khazaleh, S., Badwan, N., Qubbaj, I., & Al-mashaqbeh, M. (2025). Level of financial disclosures for listed insurance compa-nies using ISO 31000: Empirical evidence from Jordan and Palestine. Asian Review of Accounting, 33(2), 386–407. https://doi.org/10.1108/ARA-05-2024-0151
Banaitiene, N., & Banaitis, A. (2012). Risk management in construction projects. In Risk Management—Current Issues and Challenges. IntechOpen. https://doi.org/10.5772/51460
Barney, J. (1991). Firm resources and sus-tained competitive advantage. Journal of Management, 17(1), 99–120. https://doi.org/10.1177/014920639101700108
Becker, G. S. (1993). Human Capital: A Theo-retical and Empirical Analysis, with Spe-cial Reference to Education (3rd ed.). University of Chicago Press.
Berends, T., Stewart, R., Cretu, O. (2011). Risk Management for Design and Construc-tion. John Wiley & Sons, Inc.
British Standards Institution. (2011). Risk management – Code of practice and guid-ance for the implementation of BS ISO 31000 (BS 31100:2011). British Stand-ards Institution.
Chenya, L., Aminudin, E., Mohd, S., & Yap, L. S. (2022). Intelligent risk management in construction projects: Systematic litera-ture review. IEEE Access, 10, 72936–72954. https://doi.org/10.1109/ACCESS.2022.3189157
Connair, S. (2013). Enterprise risk manage-ment: From silos to strategic objectives. Armed Forces Comptroller, 24-26.
COSO. (2004). Enterprise Risk Management - Integrated Framework. Committee of Sponsoring Organizations of the Tread-way Commission.
Cronbach, L. J. (1951). Coefficient Alpha and the Internal Structure of Tests. Psy-chometrika, 16, 297-334. https://doi.org/10.1007/BF02310555
Dela Cruz, G. S., & Polinar, M. A. N., (2023). Contract management system among se-lected construction companies in qatar. International Journal of Multidisciplinary: Applied Business and Education Re-search, 4(8), 2853–2862. https://doi.org/10.11594/ijmaber.04.08.23
Elbashbishy, T. S., Hosny, O. A., Waly, A. F., & Dorra, E. M. (2022). Assessing the impact of construction risks on cost overruns: A risk path simulation–driven approach. Journal of Management in Engineering, 38(6), 04022058. https://doi.org/10.1061/(ASCE)ME.1943-5479.0001090
Fraser, J., Quail, R., & Simkins, B. (2021). En-terprise Risk Management: Today’s Lead-ing Research and Best Practices for To-morrow’s Executives (2nd ed.). Wiley.
Fraser, J., & Simkins, B. (2016). The challenges of and solutions for implementing enter-prise risk management. Business Hori-zons, 59(6), 689–698. https://doi.org/10.1016/j.bushor.2016.06.007
Gleißner, W., & Berger, T. B. (2024). Enterprise risk management: Improving embedded risk management and risk governance. Risks, 12(12), 196. https://doi.org/10.3390/risks12120196
GWC secures ISO 31000:2018 recertification. (2025, March 20). The Peninsula. https://thepeninsulaqatar.com/article/20/03/2025/gwc-secures-iso-310002018-recertification?utm_source=chatgpt.com
Hardjomidjojo, H., Pranata, C., & Baigorria, G. (2022). Rapid assessment model on risk management based on ISO 31000:2018. IOP Conference Series: Earth and Envi-ronmental Science, 1063(1), 012043. https://doi.org/10.1088/1755-1315/1063/1/012043
Hopkin, P. (2018). Fundamentals of Risk Man-agement: Understanding, Evaluating and Implementing Effective Risk Management (Fifth). Kogan Page.
Hutchins, G. (2018). ISO 31000:2018 Enter-prise Risk Management.
ISO. (2018). ISO 31000:2018 – Risk manage-ment – Guidelines. International Organi-zation for Standardization.
ISO 31000:2009 Certificate Award for QPM. (2019, August 27). Qatar Project Man-agement Company (QPM). https://www.qpm.com.qa/english/MediaCenter/News/Pages/Press-28082019.aspx?utm_source=chatgpt.com
ISO 31000 Certification in Qatar. TopCertifier. Retrieved April 3, 2025, from https://www.iso-certification-qatar.com/iso-31000-certifica-tion.html?utm_source=chatgpt.com
Kendrick, T. (2015). Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project (Third). American Management Association.
Kerstin, D., Simone, O., Nicole, Z., & Lehner, O. (2014). Challenges in implementing en-terprise risk management. ACRN Journal of Finance and Risk Perspectives, 3(3). 1-14.
Kotter, J. P. (1996). Leading change. Boston, MA: Harvard Business School Press.
Leitch, M. (2010). Iso 31000:2009—The new international standard on risk manage-ment. Risk Analysis, 30(6), 887–892. https://doi.org/10.1111/j.1539-6924.2010.01397.x
Lewin, K. (1951). Field theory in social sci-ence: Selected theoretical papers (D. Cartwright, Ed.). New York: Harper & Brothers.
Leyronnas, K. (2022, January 3). Better com-pliance with risk framework ISO 31000? Here’s how. Zenya Software Blog. https://zenya-software.com/en/knowledge/iso-31000/
Msheireb Properties awarded the internation-al ISO 31000:2009 Risk Management Standard. (2013, March 16). BSI Group. https://www.bsigroup.com/en-AE/About-BSI/Media-Center/Press-releases/2014/March/Msheireb-Properties-awarded-the-international-ISO-310002009-Risk-Management-Standard/?utm_source=chatgpt.com
Moeller, R. R. (2011). COSO Enterprise Risk Management: Establishing Effective Gov-ernance, Risk, and Compliance Processes. (2nd ed.). Wiley.
Okika, M. C., Vermeulen, A., & Pretorius, J. H. C. (2025). A systematic approach to identify and manage supply chain risks in con-struction projects. Journal of Financial Management of Property and Construc-tion, 30(1), 42–66. https://doi.org/10.1108/JFMPC-09-2023-0057
Ökmen, Ö., Leijten, M., Stratton, T., Bosch-Rekveldt, M., & Bakker, H. (2024). Em-ployee perspectives on risk management in a construction company. Journal of Risk Research, 27(3), 404–422. https://doi.org/10.1080/13669877.2024.2328202
Pagach, D.P., & Warr, R.S. (2011). The charac-teristics of firms that hire chief risk offic-ers. Journal of Risk and Insurance, 78(1), 185-211.
PMI. (2013). A guide to the project manage-ment body of knowledge (PMBOK® Guide) (5th ed.). Project Management In-stitute.
PMI. (2021). A guide to the project manage-ment body of knowledge (PMBOK® Guide) (7th ed.). Project Management In-stitute.
Purwanti, L., Triyuwono, I., Maski, G., Pusposari, D., Prakoso, A., & Ibrahim, M. (2025). The impact of ISO 31000 adop-tion on the performance of banking com-panies in Indonesia. Cogent Business & Management, 12(1), 2507222. https://doi.org/10.1080/23311975.2025.2507222
Putri, N. L., & Wijaya, A. F. (2023). Information technology risk management in educa-tional institutions using iso 31000 framework. Journal of Information Sys-tems and Informatics, 5(2), 630–649. https://doi.org/10.51519/journalisi.v5i2.468
Qatar Charity obtains 5 ISO certificates. (2024, January 2). Qatar Charity. https://www.qcharity.org/en/qa/news/details/22827-qatar-charity-obtains-5-iso
Renault, B., Agumba, J.N., & Balogun, O.A. (2016). Drivers for and obstacles to en-terprise risk management in construction firms: a literature review. Procedia Engi-neering, 164, 402-408. doi: 10.1016/j.proeng.2016.11.637
Schein, E. H. (Ed.). (2010). Organizational cul-ture and leadership (4th ed). Jossey-Bass.
Sharma, S. & Gupta, A.K. (2019). Risk identifi-cation and management in construction projects: literature review. International Journal of Humanities, Arts and Social Sciences, 5(6), 224-231, https://dx.doi.org/10.20469/ijhss.5.20002-6
Smiechewicz, W. (2001). Case study: imple-menting enterprise risk management. Bank Accounting & Finance, 14(4):21-27.
Sousa, V., Almeida, N., & Dias, L. (2012). Risk management framework for the con-struction industry according to the iso 31000:2009 standard. Journal of Risk Analysis and Crisis Response, 2(4), 261-274.
Soubra, L., Al-Mohannadi, A., Berzan, Y., Con-sunji, R., El Menyar, A., Al Thani, H., Al-Marri, M. A., & Al-Hajri, H. S. (2025). Im-pact of risk mitigation strategies on non-fatal injuries in the construction sector in Qatar: A retrospective analysis. Interna-tional Archives of Occupational and Envi-ronmental Health. https://doi.org/10.1007/s00420-025-02126-x
Truslow, D.K. (2003). Operational Risk Man-agement: It’s Everyone’s Job. The RMA Journal, 85(5):34-37
Yousri, E., Sayed, A. E. B., Farag, M. A. M., & Abdelalim, A. M. (2023). Risk identifica-tion of building construction projects in Egypt. Buildings, 13(4), 1084. https://doi.org/10.3390/buildings13041084
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Gerelyn S. Dela Cruz, Alex P. Ocampo
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See the Effect of Open Access).
