Identifying effective risk management frameworks for complex socio-technical systems

Abstract

The advent of truly complex systems inside the last two decades has invalidated the approach of now-antiquated risk management frameworks. Antiquated frameworks remain applicable to complicated systems but are ineffective when applied to systems that are made dynamic by the integration of social structures with technical elements. Complex systems feature emergent functions and hazards when operating as designed (without failure) though not as intended, with consequences that are not constrained to individuals. Managers with responsibility for complex, socio-technical systems will require a risk management framework for complex systems, a framework that can deliver decision support in an operationally relevant timeframe.This systematic review of contemporary literature finds reason to recognise the paradigm shift in technology toward complexity, to move past vestiges of complicated systems. Though an optimal framework was not found, examination of the characteristics of complex, socio-technical systems enabled identification of the attributes of risk management frameworks that are effective with complex socio-technical systems. These attributes were found to be: systems thinking, a top-down perspective, use of non-Bayesian approaches, recursive approaches and communicating risk concepts using literary means to convey nuance. Identification of attributes of effective risk management frameworks for use with complex socio-technical systems supports managers in critically assessing which elements to include in their bespoke risk frameworks and baselines the direction of further research.