Index

Abstract

The purpose of this paper is to discuss the main challenges and obstacles that local authorities may face in implementing risk management. Interest in this issue in the public sector, and especially in local authorities, is relatively recent, and only a few studies have been performed in this area concerning some developed and emerging countries. Consequently, this research aims to explore risk management adoption and diffusion in Moroccan local authorities. To this end, a risk management model developed in our previous research was used. This model is based on a comparison of nine of the soundest risk management standards released by national and international professional bodies. A research framework was created to transpose and test this model within Moroccan local authorities. In addition, an exploratory study was carried out based on qualitative data collected from interviews with middle and high officers from four Moroccan municipalities. The results show that Moroccan local authorities are facing both strategic and operational challenges in their implementation of risk management. To overcome these challenges, key recommendations are proposed to successfully implement risk management. Accordingly, this study provides an overview of risk culture, risk awareness, and risk management practices among Moroccan local authorities. It offers a practical guide for local authorities’ stakeholders who want to promote risk culture and lay a foundation for risk management implementation.

Keywords: Local authorities, Risk management, Risk management standards, Risk.

Received: 15 December 2022 / Revised: 26 January 2023 / Accepted: 10 February 2023/ Published: 13 March 2023

Contribution/ Originality

This research contributes to filling the existing gap in the literature regarding risk management implementation in the public sector and particularly in local authorities. Indeed, this study is the first to deal with risk management adoption and diffusion among local authorities in a developing country, specifically Morocco.

1. INTRODUCTION

Our modern era is characterized by risk and uncertainty. Risk can be either a threat or an opportunity. It is a multidimensional construct that relates to uncertainty and negative consequences (Buratti & Allwood, 2019). Risk management consists of all activities related to identifying, analyzing, evaluating, treating, monitoring, and communicating risks. Therefore, risk management is a necessity and a key tool in the management of any organization that wants to achieve its strategic goals and objectives (Ahmeti & Vladi, 2017). Indeed, risk management has become a universal but, in most circumstances, unstructured activity, based on common sense, relevant knowledge, experience, and instinct (Rehacek, 2017). Consequently, many risk management standards have been released to guide the formalization and implementation of a unified risk management strategy.

Reviewing the risk management standards literature, we found copious amounts concerning risk and risk management theory in private sector organizations. However, the literature on risk management in public sector organizations is lacking (Alijoyo & Fisabilillah, 2021; Erlina, Putri, Muda, & Harnoninsah, 2019). This is particularly true for local authorities; there is a multiplicity of risk management standards but a lack of risk management standards dedicated to local authorities and responding to their specific needs.

Indeed, we found few studies on risk management adoption and diffusion across local authorities. These studies concerned some developed and emerging countries. Some countries, such as Australia, Canada, the United Kingdom, and others, have reached a high level of maturity in the field of risk management. They have developed their own methodology, tools, and terminology to support and ensure a high level of risk management in the public sector, including local authorities. In this regard, we refer to Oulasvirta and Anttiroiko (2017), who explored and discussed the main reasons for comprehensive and formal risk management adoption in Finnish local governments. Their study focused on the COSO standard. They found that the COSO standard is largely insensitive to public sector organizations’ needs and realities. Furthermore, they specified that risk management models and tools are not sufficiently tailored to meet local governments’ needs, leading to a low level of adoption.

Some emerging countries, such as Indonesia and Brazil, are aware of the importance of implementing risk management in the public sector. In this context, Ahmeti and Vladi (2017) studied the public sector risk management literature and argued that introducing the International Organization for Standardization (2009) standard positively affected risk management by providing a largely unified and formalized language. They also observed that it is necessary to raise awareness of risk management in the public sector, particularly in emerging and developing countries. They noted that by relying on the ISO 31000 standard and other frameworks, researchers could propose risk management models to meet the specific needs of public organizations in different countries.

Others authors have discussed the influence of international standards in the local implementation of risk management. Souza, Braga, Cunha, Santos, and Sales (2020) analyzed how international risk management standards such as ISO 31000 and COSO could be adopted by the Brazilian federal public administration through regulations and guidelines. The authors observed a strong influence of international frameworks in implementing risk management at the local level. However, this influence does not ensure effective application and adoption.

On the other hand, many authors have described and analyzed the main challenges of risk management adoption in the public sector. For instance, Alijoyo and Fisabilillah (2021) conducted a study to understand the issues and challenges that public sector organizations face in implementing the ISO 31000 standard. Indeed, they specified that governance and human factors are the main challenges Indonesian public sector organizations must overcome. Also, they observed a rising awareness of the importance of risk management in public sector organizations’ performance and success. Moreover, they stated that there is a need, relevancy, and urgency to adopt specific guidance concerning the implementation of risk management standards.

For developing countries, to date, no study has addressed risk management implementation in local authorities. In this regard, the present research aims to tackle this issue in Moroccan local authorities. We ask the following question: what are the main challenges Moroccan local authorities face in their efforts to implement risk management?

To answer this question, we draw on the findings of our previous paper (Haddad & Laghzaoui, 2020), in which we developed a model based on a comparison of nine of the soundest national and international risk management standards. This comparison led us to develop our risk management process based on the standards’ common phases. The present study transposes and tests this model within four Moroccan municipalities. It also discusses the main challenges preventing risk management adoption and diffusion in local authorities, particularly in Morocco. In addition, it offers some key recommendations for the successful implementation of risk management. Therefore, Section 2 presents a literature review. Section 3 describes the materials and methods used to answer the question we formulated. Section 4 presents the main results. Finally, Section 5 discusses the findings and proposes recommendations for the successful implementation of risk management in Moroccan local authorities.

2. LITERATURE REVIEW

Local authorities are public bodies that are created to administer a territory. Their management is provided by the political and administrative spheres. The first sphere is elected and composed of the president and the council, while the second sphere comprises the president and all administrative staff (Haddad, 2020). Local authorities’ roles and professions cannot be compared to those of any private company. While companies and local authorities have the quest for performance in common, local authorities have a complementary and specific social mission to ensure the well-being of the population of the territory they administer. Given their nature and activities, risks are an everyday component of local authorities’ life. In their efforts to face risks and implement a risk management strategy, local authorities can rely on several standards. However, despite their increasing number, no single one has been developed to meet local authorities’ needs and take their specificities into consideration.

2.1. Standards Presentation

To develop our model, we used nine of the most well-known standards. These standards were chosen because they adopt a general approach to dealing with risks and focus on the organizational side of risk management. Table 1 presents a list of the utilized standards, their authors, and the scope of each.

Table 1. Risk management standards.

Standard

Author

Scope

AS/NZS 4360: 1995 risk management

Standards Australia/ Standards New Zealand Standards Association

It provides a generic guide for the establishment and implementation of the risk management process involving the identification, analysis, assessment, treatment, and ongoing monitoring of risks.

BS 8444-3: 1996: Risk management - Part 3: Guide to risk analysis of technological systems

British Standards Institution

It presents guidelines for selecting and implementing risk analysis techniques, primarily for risk assessment of technological systems.

CAN/CSA-Q850-97: Risk management: Guideline for decision-makers

Canadian Standards Association

It aims to assist decision-makers in managing all types of risk issues, including injury or damage to health, property, the environment, or something else of value.

Treasury Board of Canada: Integrated risk management framework

Secretariat of the Treasury Board of Canada

It proposes a comprehensive approach to better integrate risk management into strategic decision-making.

JIS Q 2001: 2001 guidelines for development and implementation of a risk management system

Japanese Standards Association

It provides principles and elements for establishing a risk management system.

OGC: Management of risk: Guidance for practitioners, the stationery office books

Office of Government Commerce

It intends to help organizations put in place an effective framework for taking informed decisions about risks.

Institute of Risk Management (IRM), Association of Insurance and Risk Managers (AIRMIC), National Forum for Risk Management in the Public Sector (ALARM), and Federation of European Risk Management Associations (FERMA): Risk management standard

Institute of Risk Management (IRM) and Association of Insurance and Risk Managers (AIRMIC)

It deals with risk management best practices that organizations can implement.

COSO enterprise risk management - integrated framework

Committee of Sponsoring Organizations of the Treadway Commission

It offers practical techniques used by organizations in applying enterprise risk management principles.

ISO: 31000 risk management - principles and guidelines

International Organization for Standardization

It gives principles and guidelines for risk management implementation.

Source:

Haddad and Laghzaoui (2020).

2.2. Risk Management Model

 As a result of our comparison of the nine standards, we developed a risk management model. This model describes a process composed of five consecutive and interconnected phases, which indicate the main tasks to be carried out to effectively manage uncertainty and improve organizational resilience. Figure 1 shows those phases.

Figure 1. Risk management process.

Source:

Haddad and Laghzaoui (2020).

This model includes the following steps: establishing the context, risk assessment, risk treatment, monitoring and review, and finally risk communication. The model is iterative; the different phases follow each other until risk occurrence. Thus, this process must be repeated to deal with each new circumstance.

2.3. Research Framework

To transpose and test this model in Moroccan local authorities, we studied the implementation of risk management through the following key elements: establishing the context, risk assessment, risk treatment, monitoring and review, and risk communication. Also, we introduced new items that influence risk management implementation in Moroccan local authorities. Figure 2 provides an overview of the research framework.

Figure 2. Research framework.

3. MATERIALS AND METHODS

To transpose and test our model within Moroccan local authorities, we adopted a qualitative research method. Corbin and Strauss (2014) argued that when conducting a qualitative study, the researcher is involved in collecting and interpreting the data; therefore, the researcher becomes an integral part of the research process. This study was performed using qualitative research to explore and gain an understanding of the main challenges and obstacles that Moroccan local authorities may face in implementing risk management. This method was appropriate to our research question. Both primary and secondary data were used in the data collection process.

3.1. Secondary Data

Secondary data is a type of data that was previously produced and generated by others. By analyzing and interpreting this data, a researcher may develop new outputs for the purpose of his research. Thietart et al. (2014) distinguished internal and external secondary data. Internal secondary data is related to data already released by individuals or organizations. It does not aim to meet the researcher's needs. Nevertheless, it may provide valuable information for any researcher. On the other hand, external secondary data is data produced by national or international, public or private organizations. It tracks the evolution of a research area over time.

This research made use of external secondary data. We identified many data sources released by national and international standardization bodies, including ISO 31000: 2099, COSO: 2004, BS 8444-3:1996, CAN/CSA-Q850-97, Treasury Board of Canada: 2001, and AS/NZS 4360. Also, we studied research papers produced by researchers and scholars from developed and emerging countries. This gave us a better understanding of the main issues behind the implementation of risk management standards in the public sector and especially in local authorities.

3.2. Primary Data

The second data collection step was to conduct multiple case studies. Yin (1994) stated that case studies allow a contemporary phenomenon to be studied within its context even if the boundaries between the phenomenon and its context are not evident. Given the nature and characteristics of our research question, we opted for a purposive sampling strategy. This strategy allows for a thorough understanding of the cases by providing rich information.

Due to the reality of Moroccan local authorities, identifying and negotiating research sites were fundamental elements of our research process. Indeed, we decided to perform an exploratory study by interviewing officers associated with four municipalities in the Tanger-Tetouan-Al Hoceima region. These municipalities were chosen for the following reasons: they belong to an economically significant region, they vary in size from small to large, and they have different maturity levels in the area of risk management implementation.

Therefore, 124 interviews were conducted with middle and senior officers. To build an atmosphere of trust and gather as much information as possible, the interviews were semi-structured. Table 2 presents the distribution of the interviewed officers in each case.

Table 2. Interviewed officers’ distribution.

Case studies

Senior officers

Middle officers

Total

Case study 1

6

25

31

Case study 2

7

47

54

Case study 3

4

14

18

Case study 4

5

16

21

Total

22

102

124

Table 3. List of items.

Analysis level

Items

Establishing the context

  • Stakeholders’ commitment
  • Risk perception
  • Risk-taking
  • Risk competences
  • Risk management entity
  • Legal framework

Risk assessment

  • Risk identification
  • Risk analysis
  • Risk evaluation

Risk treatment

  • Curative measures
  • Preventive measures

Monitoring and review

  • Database
  • Historical data

Communication

  • Risk communication

3.3. Data Analysis

Data analysis was carried out using the descriptive content analysis method. This method was developed in the United States in the 1920s to study press articles and political speeches. It aims to reveal the actor’s interests and concerns through their repetition of certain items in their speech (Thietart et al., 2014). Therefore, we analyzed the importance of the items related to our research framework in the speeches of the interviewed officers. Table 3 shows an exhaustive list of the utilized items.

To analyze the data, we chose to conduct a manual analysis. Next, to understand and interpret the data, we performed a progressive analysis to establish coherence and convergence among all data sources.     

4. RESULTS

This section highlights the main results. Accordingly, it provides important information gathered from 124 local authorities officers belonging to four Moroccan municipalities in the Tangier-Tetouan-Al Hoceima Region (North Morocco). The results are provided in the form of a list of the most important challenges Moroccan local authorities face when implementing risk management. These are grouped into two categories: strategic and operational challenges.

4.1. Strategic Challenges

Strategic challenges are issues that interfere with risk management implementation. They comprise the main obstacles that prevent laying down the foundations of risk management. In our case, they establish a context that aims to identify the main factors that may influence risk management implementation. We discuss the following points in order: stakeholders’ commitment, risk perception, risk-taking, risk competences, risk management entity, and legal framework.

4.1.1.Stakeholders’ Commitment

Local authorities’ realities are complex as they deal with multiple stakeholders, exist in an environment that is in permanent evolution, and carry out a variety of activities. Also, they deal with high-level bureaucracy, with many requirements and regulations. Consequently, implementing risk management in public sector organizations is a complex and challenging mission (Erlina et al., 2019). This concerns local authorities as well, as they are managed by a dual structure that includes both legislative and administrative components. Although the administrative component is stable, the legislative one changes every six years.

The interviewees mentioned that elections lead to frequent changes in management and leadership. They also noticed conflicts of interest between the administrative and legislative components. This may generate overlapping responsibilities among the different components.

4.1.2.Negative Risk Perception

Risk perception is all about people’s behavior toward risk. It consists of beliefs, attitudes, judgments, and feelings that people have about risk. It includes social and cultural values that people hold about hazards (Rother, 2019). In general, many factors can influence risk perception, such as the real risk, risk target, and individual cognitive abilities of the person making the judgments (Buratti & Allwood, 2019).

In our cases, we asked officers about their exposure to risk and their understanding of the concept. A few officers argued that they were not exposed to risks since risk and risk management were other stakeholders’ responsibilities. Other interviewees expressed many difficulties in understanding the concept of risk. They considered a risk to be a harmful event that may occur. Thus, they only saw the risks' downsides. They associated risks with threats; they did not believe that risks included both threats and opportunities. Also, the interviewees perceived few risk types. They apprehended only natural hazards, financial risks, and professional risks.

4.1.3.Risk-Taking is not Encouraged

Interviewees argued that risk-taking was an unsuitable and unnecessary measure. They linked risk occurrence with potential loss or harm caused by an unexpected event. Indeed, they were motivated to avoid risks as much as possible since risk exposure was perceived negatively. Thus, no one wanted to take risks or be a risk owner.

4.1.4. Lack of Risk Competences

Moroccan local authorities are experiencing shortfalls in financial and qualified human resources. Staffing ratios are low, and personnel who retire are not replaced by new recruits. This is particularly true for those with risk management competences. Of the 124 interviewed officers, only 9 middle officers confirmed they had participated in training dedicated to risk management. They voluntarily undertook the training to meet their specific needs in dealing with everyday exposure to risks. This training concerned natural hazards, professional risks, and financial risks.

Consequently, there is a great variation in local authorities’ officer competences. Though some have a good understanding of risk and risk management, others do not have the necessary competences to manage risk appropriately. Furthermore, risk and risk management encompass a multitude of concepts that are interconnected and of which the meaning is not clear.

4.1.5.Absence of Risk Management Entity

Examining the organizational charts of the four municipalities, we noticed that only two of them contained entities that were directly or indirectly involved in dealing with risks. The C2 organizational chart showed two functions that aimed to deal with risks: internal audit and administrative police. The internal audit function had only been created a few years ago and was composed of an engineer and a middle manager. This significantly limited the functions it could carry out. Since its creation, therefore, it has only carried out three missions. On the other hand, the administrative police function was charged with taking the necessary measures to prevent fires, disasters, floods, and all other public calamities, to oversee abandoned, deserted, or ruinous buildings, and to prevent or combat endemic or dangerous diseases. However, it only had four employees, which was insufficient to cover the municipality’s territory. C4 also had an internal audit function; however, it was not yet operational. C1, meanwhile, was planning to create two entities: one to take responsibility for auditing and internal control and another to deal with major risks.

4.1.6.Lack of Legal Framework

Morocco has enacted numerous regulations to deal with risks. However, these laws only cover a few risk categories and only focus on certain aspects of crisis management, such as prevention and treatment. Given the non-binding nature of these measures, their implementation remains optional and faces many challenges. On the one hand, local authorities are facing shortfalls in human and financial resources to implement the provisions of these laws. On the other hand, the provisions regarding the nature of measures and tools to be implemented remain unclear, opening the way to various interpretations.

4.2.Operational Challenges

Operational challenges relate to the technical aspects that do not support risk management implementation within Moroccan local authorities.

4.2.1.Risk Assessment is not Performed

Performing a risk assessment is a key milestone of risk management implementation. It consists of three fundamental elements: risk identification, risk analysis, and risk evaluation.

4.2.1.1. Risks are not Identified

Risk identification aims to create a comprehensive list of all events that may help or hinder an organization in achieving its goals. It is important to list both internal and external risk factors.

In Moroccan local authorities, many officers highlighted they have not yet developed an overview of the risks. While some specific risks are identified, such as natural hazards, professional risks, and financial risks, others remain unidentified and are consequently poorly controlled. Also, many officers expressed the need to identify risks to take the necessary measures to limit their negative impact on goal achievement.

4.2.1.2. Risks are not Analyzed

The purpose of risk analysis is to describe how risks evolve. Here, causes and consequences are determined for each identified risk. Since few risks are identified by Moroccan local authorities, risk analysis is not performed.

4.2.1.3. Risks are not Evaluated

Risk evaluation focuses on determining risks’ frequency, severity, and criticalness. It can be performed using qualitative, quantitative, or semi-quantitative methods. Interviewees argued that risk evaluation was not being carried out, even for natural hazards, professional risks, and financial risks.

4.2.2.Risk Treatment is More Curative than Preventive

Risk treatment is a key step in the risk management process. It consists of considering, selecting, and implementing one or more measures to address the assessed risks.

Contrary to what we may think, Moroccan local authorities do manage their risks. However, these practices may still be described as informal since they are not part of a risk management policy. In this sense, Moroccan local authorities adopt more curative than preventive measures to deal with risks. Their actions focus on managing emergency situations rather than adopting preventive measures to limit risk occurrence. The interviewees confirmed that accident or incident occurrences are what prompt curative measures to be undertaken.

4.2.3. Monitoring and Review are not Conducted

Monitoring risks refers to checking and surveilling risks. It involves all measures that should be taken to set up a risk database. The interviewees mentioned that none of the four municipalities had set up a database to record risk occurrence, frequency, severity, and losses incurred. This means they have no historical data on risks and their impacts.

4.2.4.Risk Communication is Informal

According to the International Organization for Standardization (2009), organizations must conduct risk communication to provide, share, and obtain information, and to engage in a dialogue with stakeholders concerning risk management. The interviewed officers confirmed that was their responsibility to inform the hierarchy when risks occurred. They also attested to receiving instructions regarding the measures to take to handle risks. They emphasized that the undertaken measures were not part of a risk management policy. The actions carried out focused on managing the emergency rather than adopting preventive measures to limit risk occurrence.

5. DISCUSSION AND RECOMMENDATIONS

This section discusses the main challenges of implementing risk management within Moroccan local authorities. Also, it provides key recommendations for the successful implementation of risk management in Moroccan local authorities.

5.1. Discussion

The results show that implementing risk management in Moroccan local authorities is a complex and challenging task. In this sense, it is necessary to make adjustments to take into account the local authorities’ needs and specificities. This matches Ahmeti and Vladi's (2017) findings, which stated that risk management can be implemented in the public sector if the necessary adjustments are made to enhance the accuracy of models and principles.

In Moroccan local authorities, the concepts of risk and risk management are misunderstood. Many interviewees revealed their limited understanding of the benefits of risk and risk management and the added value they could provide to both individuals and local authorities in pursuing their objectives. The same is pointed out by Erlina et al. (2019), who claimed that many local government officers do not grasp risk management, which leads to limited awareness and knowledge of risk management benefits.

The interviews indicated that the adoption of risk management tools and methods remains voluntary. Although two municipalities launched structures to deal directly or indirectly with risks, these structures are not yet entirely operational and lack qualified human resources and financial resources. Overall, we agree with Oulasvirta and Anttiroiko (2017), who claimed that the specificities of public organizations do not provide a strong motivation for politicians and public managers to voluntarily adopt a comprehensive risk management model.

Furthermore, the results show that, in general, Moroccan local authorities have not yet implemented risk management. This is due to many strategic challenges, such as stakeholder commitment, negative perception of risk, and lack of risk management competences. This is in line with Erlina et al.'s (2019) findings, which noted that Indonesian local governments have not yet implemented a risk management strategy. They linked this with the fact that top management has not yet recognized the importance of risk management implementation.

Nevertheless, the interviews showed that there is a rising awareness across Moroccan local authorities of the importance and benefits of risk management in optimizing performance and achieving goals. Also, many interviewees expressed their desire to implement frameworks, methodologies, and guidelines to support risk management implementation. This result confirms Alijoyo and Fisabilillah’s (2021) finding; they discovered that many Indonesian public sector officers believe that managing risk is important to the performance and success of their organization and express their views on the necessity, relevancy, and urgency of specific guidance to implement risk management standards.

5.2.Toward a Successful Implementation of Risk Management

Having identified the main issues and challenges facing Moroccan local authorities when implementing risk management, it is important to reflect on strategies to overcome them. Therefore, the following subsections suggest some key recommendations to achieve this objective.

5.2.1. Stakeholders’ Commitment

Given the nature of local authorities’ activities and their multiple stakeholders, implementing and maintaining a risk management strategy requires stakeholders’ commitment. This can be accomplished through:

5.2.2. Defining a Legal Framework

Defining a legal framework is an important step forward to insure the implementation of a risk management strategy by Moroccan local authorities. The law will need to:

5.2.3. Need for External Input

Local authorities are suffering from a lack of competences related to risk and risk management. Therefore, Moroccan local authorities must be able to rely on external input to raise awareness and share experience and expertise in this field. This will enable them to acquire the necessary competences and skills to successfully implement and maintain a risk management strategy.

In this context, local authorities can develop three forms of partnerships. The first is a public-public partnership, in which universities and supervisory authorities provide training and support for local authority officers to develop their risk management competences and skills. The second is a private-public partnership between private-sector companies and local authorities. This will create synergies and lead to a concerted and coordinated approach to risks by using the resources and expertise of the private sector in the field of risk management. The third is a north-south partnership. This consists of sharing experiences between developed and emerging countries that have achieved maturity and expertise in the risk management field and Moroccan local authorities.

5.2.4. Create a Risk Management Function

Given the nature and characteristics of local authorities, creating a risk management function is no longer optional, it has become a necessity. This transversal function aims to contribute to the adoption of a risk management strategy and its diffusion within local authorities; it will provide adequate responses to risks by:

6. CONCLUSION

The present study has revealed many notable findings. First, we tested a model developed in our previous research (Haddad & Laghzaoui, 2020). This model describes a risk management process based on a comparison of nine of the soundest risk management standards. We transposed this model to explore and understand risk culture and risk awareness and provide an overview of the risk management practices of Moroccan local authorities. Secondly, the findings show that implementing risk management in Moroccan local authorities is a complex mission that involves many activities and actors, both internally and externally. Although there is a growing awareness of the benefits of risk management and the value it adds to achieving local authorities’ goals, risk culture is still in an embryonic phase. Thirdly, when implementing risk management, local authorities must overcome many challenges. For instance, to lay the foundation for risk management and promote risk culture, they must overcome a lack of stakeholder commitment, negative risk perception, a lack of competences, and other challenges. They must also cope with operational challenges related to risk management’s technical aspects, such as risk assessment, risk treatment, risk monitoring and review, and risk communication. In this regard, Moroccan local authorities must shift from informal risk practices to more structured risk management by adopting the necessary tools, methodologies, and guidelines. Fourthly, to overcome both strategic and operational challenges, this paper has proposed recommendations to help Moroccan local authorities promote risk culture and successfully implement risk management.

The applications of these findings are both theoretical and practical. On the one hand, by furthering an understanding of the issue of risk management in local authorities, the study contributes to filling the existing gap in the literature through an exploratory study conducted in the Moroccan public sector, specifically in local authorities. On the other hand, it provides a practical guide for local authority actors who want to implement risk management. It presents useful recommendations to assist and support local authorities on this journey.

In general, future studies would do well to expand on our sample, which in this research was limited to four municipalities, and to conduct a quantitative study based on a more significant sample to gain a fuller understanding of risk management adoption in Moroccan local authorities. In addition, it would be advisable to include other types of local authorities, such as regions, prefectures, and provinces. Finally, the main factors that determine the commitment of local authority stakeholders could be explored in more depth.

Funding: This study received no specific financial support.  

Competing Interests: The author declares that there are no conflicts of interests regarding the publication of this paper.

REFERENCES

Ahmeti, R., & Vladi, B. (2017). Risk management in public sector: A literature review. European Journal of Multidisciplinary Studies, 2(5), 323-329. https://doi.org/10.26417/ejms.v5i1.p323-329

Alijoyo, A., & Fisabilillah, A. M. (2021). Risk management implementation in public sector organizations: A case study of Indonesia. Organizational Cultures: An International Journal, 22(1), 1-23. https://doi.org/10.18848/2327-8013/cgp/v22i01/1-23

Buratti, S., & Allwood, C. M. (2019). The effect of knowledge and ignorance assessments on perceived risk. Journal of Risk Research, 22(6), 735-748. https://doi.org/10.1080/13669877.2018.1459795

Corbin, J., & Strauss, A. (2014). Basics of qualitative research (4th ed.). Thousand Oaks, California Sage.

Erlina, E. S., Putri, D., Muda, I., & Harnoninsah, H. (2019). The model of successful risk management implementation in local government. International Journal of Civil Engineering and Technology, 10(2), 310-319.

Haddad, H. (2020). Towards a proposal of a local authority model based on the systemic approach. International Journal of Public Policy and Administration Research, 7(1), 34-43. https://doi.org/10.18488/journal.74.2020.71.34.43

Haddad, H., & Laghzaoui, F. (2020). Review of risk management standards: Convergences and divergences. Moroccan Journal of Quantitative and Qualitative Research, 2(1), 71-82. https://doi.org/10.48379/IMIST.PRSM/mjqr-v2i1.20740

International Organization for Standardization (2009). Risk management - Principles and guidelines on implementation. Retrieved from ISO Standard No. 31000.

Oulasvirta, L., & Anttiroiko, A.-V. (2017). Adoption of comprehensive risk management in local government. Local Government Studies, 43(3), 451-474. https://doi.org/10.1080/03003930.2017.1294071

Rehacek, P. (2017). Risk management standards for project management. International Journal of Advanced and Applied Sciences, 4(6), 1-13.

Rother, H. A. (2019). Challenges in pesticide risk communication. Encyclopedia of Environmental Health, 566-576. https://doi.org/10.1016/B978-0-12-409548-9.02150-3

Souza, F., Braga, M., Cunha, A., Santos, & Sales, P. (2020). Incorporation of international risk management standards into federal regulations. Public Administration Magazine, 54(1), 59-78. https://doi.org/10.1590/0034-761220180117

Thietart, R. A., Allard-Poesi, F., Angot, J., Baumard, P., Blanc, A., Cartier, M., & Ehlinger, S. (2014). Research methods and management (4th ed.). Paris: Dunod.

Yin, R. (1994). Case study research: Design and methods (2nd ed.). Thaousand Oaks, California: Sage Publications.

Views and opinions expressed in this article are the views and opinions of the author(s), International Journal of Public Policy and Administration Research shall not be responsible or answerable for any loss, damage or liability etc. caused in relation to/arising out of the use of the content.