Knowledge risks in organizational networks: An exploratory framework

Journal of Strategic Information Systems 21 (2012) 1–17

Contents lists available at SciVerse ScienceDirect

Journal of Strategic Information Systems journal homepage: www.elsevier.com/locate/jsis

Knowledge risks in organizational networks: An exploratory framework Peter Trkman a,⇑, Kevin C. Desouza b,1 a b

University of Ljubljana, Faculty of Economics, Kardeljeva ploscad 17, 1000 Ljubljana, Slovenia Metropolitan Institute, Center for Public Administration and Policy, Virginia Tech., 1021 Prince Street, Suite 100, Alexandria, VA 22314, United States

a r t i c l e

i n f o

Article history: Received 24 October 2010 Received in revised form 2 November 2011 Accepted 2 November 2011 Available online 26 November 2011 Keywords: Organizational networks Knowledge Knowledge sharing Risk management Management frameworks Transaction cost economics

a b s t r a c t In a networked environment, it is essential for organizations to share knowledge among themselves if they want to achieve the global objectives such as collaborative innovation and increased effectiveness and efficiency of operations. However, sharing knowledge is not risk-free. An organization might lose its competitive edge if it shares too much or certain key knowledge. In addition, an organization might suffer if its intellectual property is improperly handled by its business partners. While the literature has touted the value of knowledge sharing within networks, there is a conspicuous absence of studies examining the risks of sharing knowledge. To address this gap, we develop an exploratory framework that categorizes knowledge-sharing risks across multiple dimensions. Such a framework is a structured approach to knowledge risk management and complements the practicebased approach to knowledge risk management that is presented in (Marabelli and Newell, this issue). Our framework outlines the various kinds of knowledge risks that organizations are facing. We use a combination of knowledge-based and transaction cost theories to show how knowledge risk impacts knowledge transfer among entities in the network, the whole network, and the risk mitigation options. Ó 2011 Elsevier B.V. All rights reserved.

1. Knowledge sharing is not risk-free Today’s competitive environment calls for organizations to focus on their core capabilities (Gupta et al., 2009). To this end, most organizations participate in networks to satisfy their ancillary needs. Some organizations (e.g., Amazon, Dell) also rely on their networks for their core needs. For example, Amazon relies on the logistical capabilities of its business partners (e.g., UPS, FedEx) to attain its core business objectives. As organizations become more dependent on these networks, it is clear that these networks are more than just a vehicle to acquire physical resources (e.g., raw materials) or operational capabilities (e.g., logistics) (Davis and Spekman, 2003). Networks are also critical vehicles for acquiring knowledge-based resources and capabilities. Consider the case of the Boeing Dreamliner (787). Boeing is utilizing a network of 15 business partners from Japan to Italy. For example, Mitsubishi Heavy Industries from Japan designed the wing box, while Vougut and Alexia collaborated in the building of the horizontal stabilizer and the fuselage (Baloh et al., 2008). As noted by Grant (1996b), a firm’s role is to integrate the disparate pieces of knowledge in its midst and leverage them to help attain its organizational objectives. Today, we can extend this thinking to networks. Unless networked organizations leverage the disparate and diverse collection of the knowledge found across the organizations in networks they belong

⇑ Corresponding author. Tel.: +386 1 5892 400; fax: +386 1 5892 698.

1

E-mail addresses: [email protected] (P. Trkman), [email protected] (K.C. Desouza). URL: http://www.kevindesouza.net (K.C. Desouza). Tel.: +1 206 859 0091.

0963-8687/$ - see front matter Ó 2011 Elsevier B.V. All rights reserved. doi:10.1016/j.jsis.2011.11.001

2

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

and participate in, they will fail to meet their objectives (Agterberg et al., 2010). Consider the case of one of the most information- and knowledge-intensive networks, the US Intelligence Community (USIC). USIC’s inability to share effectively information and knowledge has led to several disastrous consequences, as for example, its inability to prevent the attacks of September 11, 2001 and its incorrect assessment of Iraq’s so-called weapons of mass destruction capability amply demonstrate (Desouza, 2009). While knowledge sharing is valuable it cannot be done in a haphazard fashion. The improper sharing of knowledge and a loss of knowledge during transfer can have disastrous results (Hackney et al., 2008). In addition, knowledge sharing requires an organization to be dependent on another vital entity: for example, while major multinational pharmaceutical organizations are improving their performance through knowledge sharing via outsourcing arrangements, in the long run they may be eroding core competencies like drug discovery and clinical research (Gupta et al., 2009). A critical challenge organizations face within networks is, therefore, how to manage the risks associated with knowledge sharing. This involves balancing between too much and too little knowledge sharing and knowing how to protect and secure the knowledge that is being shared in the network. The optimal management of these risks requires a careful consideration of the nature of the risks, the types of collaborative relationships, and the context of the network. Unfortunately, the literature on inter-organizational networks provides little theoretical or practical guidance on how to do this. Most emphasizes the importance of the exchange of information (e.g., designs, client lists, prices, customer profiles, sales forecasts, and order history) among firms in a network (Altay and Ramirez, 2010; Gunasekaran and Ngai, 2004; Zhou and Benton, 2007). Competency in information exchanges does not necessarily imply competency in knowledge transfer, however (Tarafdar and Gordon, 2007). Moreover, while the literature on supply chain management has witnessed swift growth, a vast portion of this research focuses on a single (focal) firm managing the risks in its environment. Most often, only risk due to adverse events, either from a single firm within the network (e.g., partner non-performance) or from outside (e.g., low-probability high-impact events such as terrorism, natural disasters) are addressed (Chopra and Sodhi, 2004; Faisal et al., 2006; Finch, 2004; Hallikas et al., 2004; Ritchie and Brindley, 2007; Trkman and McCormack, 2009). Most of this research focuses on risks in purchasing and supply behavior. Little has focused on the importance of managing the risks that can arise from sharing knowledge in a network setting. Given these gaps in the literature, the goal of this paper is to construct an exploratory framework that may facilitate the study of the various kinds of knowledge risks that emerge within networks. The framework is derived from the premise that different types of risk are perceived differently by decision makers and carry considerably different perceived costs for their mitigation. Thus, the impact of different types of risks on knowledge transfer, the network’s operation and risk mitigation activities can vary considerably. While this premise may be reasonable, the practice-based approach presented in (Marabelli and Newell, this issue) provides a complementary account. The blind use of our framework could lead managers to believe that knowledge transfer is a fully manageable process that could cause them to neglect important issues such as the role of mediators in translating knowledge given its ‘‘stickiness’’ (Szulanski, 1996). Our framework is meant to be used as a sensitizing device in combination with the practice-based view articulated in Marabelli and Newell (this issue). The structure of the paper is as follows: in the next section we first define the term ‘network’. Next, we outline the knowledge-based view of organizations and the role of transaction cost economics in managing risks. Then, knowledge risk management is discussed. Following this, we develop our theoretical framework to classify knowledge risks and demonstrate its implications.

2. Theoretical background 2.1. Networks The term ‘network’ is often used casually (Cova et al., 2010). Various kinds of networks are postulated (Cova et al., 2010), such as alliance network (Baum et al., 2000); alliance partners (Becerra et al., 2008); business net (Möller and Svahn, 2006); cluster (Liao, 2010); collaborative or cooperative arrangement (Provan et al., 2007); co-opetition (Li et al., 2011); external knowledge sourcing (Carayannopoulos and Auster, 2010); innovation outsourcing (Baloh et al., 2008); inter-organizational knowledge network (Dawes et al., 2009; Hackney et al., 2008); knowledge-sharing network (Dyer and Nobeoka, 2000); network of practice (Agterberg et al., 2010); strategic alliance (Connell and Voola, 2007); supply network (Kärkkäinen et al., 2003; Straub et al., 2004), and vertical partnership (Kotabe et al., 2003) – to mention just a few. In this paper, we conceptualize a network as a group of three or more organizations connected in ways that facilitate the achievement of a common goal (Provan et al., 2007). It includes a set of actors connected by a set of ties (Borgatti and Foster, 2003) and consists of the tangible and intangible investments that comprise the connected relationships (Hakansson et al., 2009). A network is characterized by sets of purposeful and connected exchange relationships which evolve over time (Andersen and Christensen, 2005). It is a coalition of autonomous but interdependent organizations that are willing to exchange information and coordinate some of their actions, and sometimes even to submit part of their activities and decision domains to centralized control, in order to achieve benefits that are greater than any single member of the network can create independently (Möller and Svahn, 2006; Straub et al., 2004). A network serves as a locus of innovation because it provides timely access to knowledge and resources that are otherwise unavailable (Powell et al., 1996).

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

3

Relationships among network members are primarily nonhierarchical, and participants often have substantial operating autonomy. Connections may be informal and completely trust-based, or more formalized, as through a contract (Provan et al., 2007). The partners in such networks are heterogeneous and may cover vertical and horizontal collaborations along the entire value chain (Hutzschenreuter and Horstkotte, 2010). Innovation is no longer the product of a single person or group within an organization, but a collective effort of groups of people in different organizations (Erden et al., 2008).

2.2. Knowledge, knowledge transfer and knowledge based theory To avoid confusion, we first clearly discriminate between the three distinct constructs – data, information, and knowledge (Galliers and Newell, 2003; Wadhwa and Saxena, 2007). Data are observed, raw, unanalyzed and uninterrupted patterns with no meaning; they are an input to an interpretation process (Aamodt and Nygård, 1995). Information is created through the aggregation of data via the application of mathematical, statistical, or logical processing techniques, and made sense of by the application of knowledge. Knowledge is the collection of experiences, know-how, expertise, and gut instincts that help us make sense of information (Choo, 1996; Nonaka, 1994). Knowledge is a fluid mix of framed experience, values, contextual information, and expert insight. Knowledge often becomes embedded, not only in documents or repositories (that are easily shared among organizations), but also in organizational routines, processes, practices, and norms. Knowledge helps in the interpretation of data and information as it provides the necessary context. Knowledge-based theory, an extension of the resource-based view (Barney, 1991), postulates that knowledge is a firm’s key resource for creating and sustaining economic rent (Chen et al., 2006; von Krogh, 2009). Knowledge-based resources that are difficult to imitate and are socially complex may produce long-term sustainable competitive advantage (Alavi and Leidner, 2001). The knowledge-based view of the firm thus sees a firm as a knowledge-creating entity, and argues that knowledge and the capability to create and utilize it, are the most important source of a firm’s sustainable competitive advantage (Nonaka et al., 2000). The firm is then an institution which exists to permit individuals to specialize in developing expertise, while establishing mechanisms through which individuals coordinate to integrate their different knowledge bases in the transformation of inputs into outputs (Grant, 1999). Various epistemologies bring unique, and contradictory, views on what is (and is not) knowledge (Popper, 1972; Russell, 1912; Swain, 1981); whether knowledge can be managed (Alvesson and Kärreman, 2001; Merali, 2000; Polanyi, 1958; Wilson, 2002); processes for sharing knowledge (Desouza, 2003; Galliers, 2006; McLure Wasko and Faraj, 2000; Nonaka, 1991; Brown and Duguid, 1998; Swan et al., 1999), and even the issues of how appropriations from knowledge are allocated (Adler, 2001; Cowan and Foray, 1997; Teece, 1998). In this paper, we subscribe to the view that knowledge is socially constructed (Cook and Brown, 1999). Specifically, we assert the following: within each firm, organizational knowledge is generated from the combination of knowledge that exists within individuals, processes, and their interactions (Grant, 1999). In the same vein, in a network setting, network-level knowledge is generated from the combination of knowledge that exists within each organization. To this end, it is critical that knowledge is transferred between the organizations participating in the network to enable its combination, synthesis, and utilization beyond the boundaries of an individual firm. Knowledge transfer involves the sharing of experience, expertise, know-how, and learning from one member of the network to another (Christopher and Gaudenzi, 2009; Connell and Voola, 2007). Since each organization has only limited knowledge and resources to leverage knowledge, the sharing of knowledge is essential for the development of new products, services, and practices (Choo, 1996; Desouza and Evaristo, 2003; Easterby-Smith et al., 2008). Knowledge transfer can occur between two parties (where one is a source and the other a recipient) or in a multi-party arrangement (where one or more firms are sources, and one or more firms are recipients); thus our framework distinguishes between risks in dyadic relationships and in a network setting. We acknowledge that the above discussion is relevant only if one applies a structural/cognitive perspective on knowledge, where knowledge is treated as a resource than can be transferred across sites. However, regardless, it is not sufficient for organizations to merely focus on leveraging the knowledge within their midst. Instead, they need to leverage knowledge found outside the organization (i.e., the knowledge other entities have or may have access to) (Leidner, 2010; Straub et al., 2004). Knowledge transfer is time- and resource-intensive for all parties involved (Modi and Mabert, 2007). To this end, it becomes critical that the organization has sound mechanisms in place to seek, evaluate, and share knowledge with the external entities with which it engages. In this paper, we focus on knowledge sharing with external entities that belong to the networks in which an organization participates. The diffusion of knowledge can enable the successful management of partner relationships and consequently enhance the productivity of partners (Giannakis, 2008). Therefore, the competitive performance of each organization, and the entire network, depends on effective knowledge sharing and the reuse of collective knowledge (Bogner and Bansal, 2007; Erden et al., 2008; von Krogh, 2009). The lack of knowledge sharing has consistently been found to be the most critical failure factor in networks (Ke and Wei, 2007). Nevertheless, while the importance of effective knowledge management for mitigating other (e.g., financial) risks is well established (Andersen, 2008), it is surprising that the management of knowledge risks is rarely mentioned in the literature. If we assume that knowledge is a firm’s most important resource (Grant, 1996a), then the effective identification and management of risks connected with this resource are crucial. We argue that, within networks, knowledge and related risks should be managed with the same care as with tangible assets (Connell and Voola, 2007). The criticality of managing knowledge risks in these environments increases as knowledge flows between organizations intensify.

4

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

Thus, previous literature has focused on whether to share knowledge and how to manage the sharing relationship (Ke and Wei, 2007) and much less on management of the risks arising from this sharing. The literature on supplier relations tends to focus on transaction costs, assets and location specificity, and the like – and not on supplier-focused knowledge management (Lakshman and Parente, 2008). Today we are witnessing the growing infusion of information and communication technologies (ICT) into networks. Typical examples are collaboration platforms such as Covisint (see Howard et al., 2006, for a discussion of changes in the automotive industry due to Covisint and the barriers to its full development/implementation). ICT is thus expanding opportunities for knowledge sharing in networks. Yet, as we have noted, little research exists on the management of knowledge risks and no classification of these risks, and approaches to monitoring them, exist. This represents a significant gap in our understanding of the underlying structures and processes for knowledge dissemination (Giannakis, 2008). 2.3. Risk management and the role of transaction cost economics Knowledge risk management needs to be economical. Many firms have spent enormous amounts of time and resources to manage their knowledge resources better (Watson and Hewett, 2006), and this can greatly interfere with effective knowledge networks (Dawes et al., 2009). Different types of risk can have considerably different risk profiles, consequences of events and transaction costs of knowledge sharing/risk mitigation. Thus, the risks and costs of the three main ways of acquiring knowledge (in the market, through networks or by building knowledge internally (Reus et al., 2009)) should be considered. In classical decision theory, risk is most commonly conceived as reflecting a variation in the distribution of possible outcomes, their likelihoods and their subjective values (March and Shapira, 1987). However, risk is not a single, quantifiable construct but depends on the perception of a decision-maker (Sitkin and Pablo, 1992). This is even more true of knowledge risks which are harder to quantify, since knowledge is both sophisticated and widely dispersed. Further, an investment in knowledge is a specific asset (Aubert et al., 2004), and hence wrong investments in knowledge sharing are harder to recuperate (an investment in, for example, physical assets can be at least partly regained by selling the assets); this further amplifies the risks. Accordingly, different types of risk will lead to varying perceptions and labeling of situations by decision-makers (Sitkin and Pablo, 1992). In complex situations, decision-makers are subject to cognitive limitations (Williamson, 1996), and so it is likely that the knowledge risk management approach will depend on the perception of the decision-maker; mainly the perceived risks and perceived transaction costs of taking a different approach to managing knowledge. For instance, the risks and consequences in a proximate relationship may be the same as in a non-proximate one, but decision-makers would be more inclined to ignore them. Managers’ perceptions of risks in the network may therefore influence their preference for a governance structure and control mechanisms (Langfield-Smith, 2008). In terms of costs, the importance of transaction costs connected with the acquisition of knowledge and the management of its risks has to be underlined. In line with Desouza and Awazu (2004), ‘‘transactions’’ include the creation, modification, deletion and transfer of a knowledge object. Transaction cost economics (TCE) is as a useful approach to examining management control issues (Covaleski et al., 2003) and is the most common theoretical framework used to study strategic alliances (Langfield-Smith, 2008).The main costs of knowledge management are the ‘‘purchasing’’/development costs for knowledge acquisition in alternative modes, such as network, market, or internal (Reus et al., 2009). In this article, we focus on management of knowledge in networks. If knowledge is obtained through networks, the additional costs are the costs of creating/maintaining the ties in the network and managing the risk of the knowledge transfer. While acquisition costs in a network are lower, the costs of maintaining ties and managing knowledge risk can be higher, especially due to the high fixed costs of establishing the relationship (Ellram et al., 2008). However, importantly, the higher costs involved in maintaining the network can reduce the costs of managing knowledge risks, due to the early detection of potential issues (Blome and Schoenherr, 2011). The common focus of TCE is about control structure choice that serves purposive control in organizations (Chen and Chen, 2003). Yet, control structure choice and the manner in which purposive control is carried out is more nuanced than a mere instrumental focus on efficiency (Covaleski et al., 2003). Managers’ perceptions of trust and risk may influence the choice of the governance structure (Langfield-Smith, 2008). According to TCE, the choice of a network as an alternative to a market or hierarchy is explained by coordination and appropriation costs (Chen and Chen, 2003). In line with TCE, networks are useful when market and/or technological uncertainty is relatively high, knowledge is fairly generic or codified and, hence, hard to appropriate (Hallikas et al., 2004). The appropriate investment in knowledge risk management may depend on the type of knowledge transferred and its potential to impact the proper operations of the company (cf., Blome and Schoenherr, 2011). To summarize: both risks and transaction costs are either different, or at least perceived to be different, for various types of knowledge risks. Consequently, both the responses/mitigation activities concerning risks and the impact on the supply network vary for different types of risk. For example, while binding contracts may be a viable option for treating knowledge risks in a dyadic relationship, the transaction costs of such mitigation in networks are prohibitively high. Similarly, the type of risk importantly defines the transaction costs firms are prepared to cover. On one extreme, some firms bring their business partners completely into the design process while, on the other, we have firms (like defense organizations) that have strict controls, and even split the coding work up by components so that no single supplier holds all of the knowledge. In this way, they are prepared to bear considerably higher transaction costs of knowledge risk management.

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

5

2.4. Knowledge risk management Knowledge risk, as a subset of general risks in a company, needs to be further explored, specifically the role of perception and transactions costs in knowledge risk management. Knowledge risk is defined as a likelihood of any loss from an event connected with the identification, storage or protection of knowledge that may decrease the operational or strategic benefit of any party involved in the network (cf., Perrot, 2007). The study of knowledge risks is critical due to the prominence of alliances and networks in which organizations participate, and the influence of external entities on product development (Araz and Ozkarahan, 2007). While collaboration across firms is becoming increasingly necessary, whenever two or more different organizations share knowledge, the possibility of a security breach arises (Majchrzak, 2004). Therefore, there may be an unwillingness to share knowledge for fear of losing control, and consequently rents from the resource (Ensign and Hébert, 2009). At times, the risks can even outweigh the benefits of knowledge sharing or even of joining the network: firms pursuing above-average levels of focused commitment may be subject to risks that offset the benefits if other parties do not perform at the same level (Swink and Zsidisin, 2006). Even the most comprehensive literature reviews/theory-building papers in the knowledge and supply network management domains (Alavi and Leidner, 2001; Baskerville and Dulipovici, 2006; Grant, 1999; Nonaka, 1994; Nonaka et al., 2000; Scheepers et al., 2004) do not tackle the issue of knowledge risks. Occasionally, only the risks connected with knowledge deficiencies are studied (Drew, 1999; Perrot, 2007). Others even directly ignore the issue, claiming that the value grows each time a knowledge transfer or conversion takes place because knowledge does not leave the creator (Sveiby, 2001). Put another way, the assumption here is that knowledge is an infinite resource that does not depreciate, whose value is not diminished if it not handled with care and that no transaction costs arise from its handling. While appropriate for knowledge that is of a public nature (i.e., knowledge that is common across parties), this thinking does not hold true for knowledge that is of a private nature (Larsson et al., 1998; Smith, 1910) and which is a source of economic rents (Argote and Ingram, 2000; Desouza and Vanapalli, 2005; Garud and Karnøe, 2001). In a network setting, unless organizations have knowledge risk management strategies in place, the chances are high that a knowledge transfer will not lead to a competitive advantage. On the one hand, the organization might share its most valuable knowledge without protecting itself. On the other, it might not share the knowledge needed to foster collaborative innovation that could in turn benefit its operations. The presence of strategies to address knowledge risks will not only protect the organization, but also send a clear signal that the organization is taking a deliberate approach to its knowledge transfer strategy and mechanisms. This, in turn, will help with building trust and establishing clear expectations of how the organization conducts transactions with its business partners. Organizations need to protect and monitor flows of their valuable knowledge assets throughout the network if they hope to maintain, and advance, their long-term competitive positions (Soper et al., 2007).

3. A framework for classifying knowledge risks Different types of knowledge risk may have similar probability distributions of risk; however, the perceived risks and transaction costs connected with different approaches towards management of that risk may be considerably different. Thus, the impact on knowledge transfer is different for different types of risk. In light of this, the proposed framework of risks (Table 1) classifies them according to five dimensions: the nature of collaboration; the nature of the network; proximity; the type of action, and the range of risk. These five dimensions are the most popular issues/concepts being studied in the organizational network research space. Further reasons for their inclusion in line with TCE are as follows: 1. Nature of collaboration (symmetric, asymmetric) is included due to role of asymmetry in describing characteristics of inter-firm alliances and a different role of TCE in symmetric and asymmetric networks (Papadopoulos et al., 2008). Wen and Chuang (2010) go even further to connect the knowledge-based view and TCE to show that both knowledge and symmetry affect the governance structure in knowledge sharing. 2. Nature of the network (functional, agile, risk hedging, innovative): different types of supply networks (Lee, 2002) have differences in terms of coordination costs and appropriation concerns. Further, the types of transaction costs vary across the factors of production and over the stages of the production process (Alston and Gillespie, 1989). Different types of network can have different transaction costs for knowledge risk management. Thus, and in line with Gulati and Singh (1998), we argue that the magnitude of controls in supply networks is influenced by anticipated coordination costs and by expected appropriation concerns. The extent of the anticipated interdependence between partners can vary substantially and depends on the tasks included and the likely division of activities (Gulati and Singh, 1998); this division is considerably different in different types of networks. Thus the nature of the network affects both transaction costs and risk mitigations. For the purpose of our paper we selected the types most often met in the supply chain/supply network literature. 3. Proximity (proximate, non-proximate): the transaction costs in non-proximate relationships are not only higher but also differently structured. Transactions types and the associate costs influence the selection of efficient governance modes for the relationship or network (Buvik and Andersen, 2002). Further, transaction costs are a primary motivation to vertically

6

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

Table 1 Knowledge risk framework. Dimension

Type

Risk example

Impact on knowledge transfer

Impact on the network

Mitigation possibilities

Nature of collaboration

Symmetric

One firm in a network can utilize the knowledge of others to improve its competitive position

Firms will be careful to balance the receiving and sending of knowledge

Firms will play a quid-proquo game which will slow down the progress of knowledge sharing

Asymmetric

The focal firm within the network can exploit others in knowledge transfers

The focal firm will only receive knowledge that is in demand. Other firms in the network will have no incentive to share knowledge with the focal firm.

The focal firm will be unable to engage in collaborative innovation with other members of the network. The network will be unstable and opportunistic in nature.

Formal reciprocity agreements A non-redeployable, relationship-specific investment Increasing the dependency of the focal firm (a move towards the symmetric type)

Functional

The use of knowledge to squeeze the profit margins of suppliers

Firms will be reluctant to share production-related knowledge (unless forced to)

Agile

Reconfiguration of a network/replacement of one link

Risk hedging

Use of knowledge about demand in the network to increase market share

Innovative

The commercialization of a new patent by one firm

Firms withhold some of the knowledge to avoid the possibility of being replaced Firms may withhold customer-related knowledge to avoid losing demand/customers to competitors Knowledge is hoarded and there is little collaborative innovation that could benefit all organizations

Knowledge sharing will mainly be on the surface level (more information than knowledge), enabling efficient operations but not continuous improvement/ joint projects/innovations Agility will be impeded as firms will attempt to reduce their replaceability

Proximate

‘‘Stealing’’ experts from other firms

If firms perceive this risk they might prevent their experts fully participating in network activities

Non-proximate

Other firms may use knowledge to develop their more proximate suppliers

Knowledge sharing will likely be limited

Deliberatecompany

A firm selling know-how to competitors

An individual selling the know-how to competitors

The firm uses legal instruments for all arrangements; transaction costs are high Knowledge sharing depends on inter-personal relationships

Contracts

Deliberateindividual

Non-deliberate

Unintended knowledge transfer in informal conversations

If a firm perceives such a risk it will stop all formal and informal know-ledge sharing Informal knowledge sharing will be limited to cases with interpersonal trust Employees unwilling to share anything in fear that it may be confidential

The culture of ‘‘fear’’ preventing individuals from developing their ideas

Training employees; an appropriate organizational culture and rules

Single

Other departments use knowledge to reduce the role of a department/ employee Partner selling confidential knowledge to a competitor One firm in the network appropriating the knowledge to offer a product themselves or as a part of another network

Creation of a silo culture within an organization

Poor cooperation between departments

Similar to deliberate (company) Firms not making complete contributions to the network

Similar to deliberate (company) The network is operating sub-optimally since firms seek a local instead of a global optimum

Employee development, a decrease in employee turnover Contracts

Nature of the network

Proximity

Type of action

Range of risk

Dyadic Network

Demand/supply chainconnected risks will be higher; the supplied quantity exceeds the demand The network remains focused on meeting operational needs and not on gaining strategic advantages Knowledge sharing will be both formal and informal; close interaction without formal contracts is possible The focal firm will receive standardized products from its partners

Long-term contracts; a joint capital investment

Revenue-sharing agreements

Formal agreements on sharing the revenue/ volume of transactions

Trust, intellectual property sharing agreements, collaborative experimentation spaces Trust

Contracts, on site visits

Socialization activities

The culture of a virtual organization

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

7

coordinate via nonmarket arrangements (Frank and Henderson, 1992) – this is only possible in proximate relationships. Thus, increasing proximity will affect coordination and appropriations concerns. 4. Type of action (deliberate–company; deliberate–individual; non-deliberate): different types of action can expose companies to risk. While trust is a substitute or a complement for formal control mechanisms in the management of appropriation concerns (Dekker, 2004), both individual and inter-firm trust in economic transactions should be considered (Gulati and Singh, 1998; Pavlou 2002; Shankar et al., 2002). Thus different trusts (inter-personal, inter-company) between individuals and companies will differently affect the appropriation concerns. Coordination between individuals and between organizations and the transaction costs of this coordination are also considerably different. Further, trust has several components: most importantly benevolence (the extent to which a party is believed to want to do good for the trusting part) and ability (group of skills, competencies, and characteristics that enable a party to influence/decrease knowledge risks) (Mayer et al., 1995; Schoorman et al., 2007). Thus, we distinguish between deliberate (as a consequence of a lack of benevolence) and non-deliberate (as a consequence of a lack of ability). 5. Range of risk: while TCE focuses mainly on dyadic relationships, this is insufficient, since transaction costs in networks may vary considerably (Provan, 1993). The way dyadic transactions are embedded in network structures influences their transaction costs and risks (Kim, 2009). Because of the extraordinarily complex nature of networks, effects of their embedded network context should be considered (Anderson et al., 1994). Networks are different in terms of coordination as well – if a company fails to actively influence relations in networks, it faces the risk of losing a significant portion of its control (Wilhelm, 2011). Thus, the single, dyadic and network types of knowledge risks are considered in our framework. For each of the types of knowledge risk, the impact on knowledge transfer, impact on network and possible mitigation activities, are discussed. These categories broadly follow those suggested by Bahli and Rivard (2003) in their research on information technology outsourcing risks that studied scenarios; the likelihood of each scenario; its consequences, and the risk mitigation mechanisms. The development of this framework is important in the context of strategic information management for three further reasons. First, the identification of risks is vital for their communication and management in the network. In general, such frameworks provide a common language that all of the participants can use to describe the basic elements. If partners do not share the same understanding of risk they may disagree over what may or may not be shared (Dawes et al., 2009). Second, a proper approach to either proactive or reactive risk management may differ considerably for various types of risk. Third, the potentially prohibitive effect on the trust building needed for continuous organizational collaboration and knowledge sharing may vary for different types of risk. Notwithstanding, since knowledge risk management is a highly complex area, this or any other attempt to develop a framework cannot encompass all possible dimensions of knowledge risk types. Like Goh (2002), we do not contend that these are the only factors that need to be considered when managing knowledge risks. We do contend, however, that they are important elements that may influence the accomplishment of effective knowledge risk management. Before outlining our framework, let us be clear as to its limitations. Every framework is based on a narrow interpretation of economic objectives; the same critique applies for TCE on which this framework is partly based (Ghoshal and Moran, 1996). Further, the use of such a framework can lead to misleading consequences if managers make the assumption that knowledge and associated risks in knowledge sharing can be fully managed, or that any such framework can encompass all potential situations in practice, as noted in greater depth in Marabelli and Newell (this issue). 3.1. The nature of collaboration Collaboration can be defined as two or more entities working together towards a common goal (Tarafdar and Gordon, 2007). The two main types of collaboration found in networks are symmetric and asymmetric. With symmetric collaboration, relative dependence exists when both partners are equally dependent on each other. Interdependence is positively related to information sharing and a general strategic partnering orientation (Mentzer et al., 2000). By contrast, asymmetric relationships are more dysfunctional, less stable, less committed and less trusting (Mentzer et al., 2000). The literature has examined how information asymmetries impact transaction risks that result from the stronger integration of decisions and operations (Kim and Umanath, 2005). While information asymmetries play a critical role in arriving at decisions, especially day-to-day and tactical decisions (for example demand planning), knowledge asymmetries may impact the nature of collaboration. Specifically, we argue that greater knowledge asymmetries between organizations within a network increase the transaction costs of knowledge exchange. Knowledge risks will thus differ considerably depending on the nature of the interdependence in the relationship (Ryu and Eyuboglu, 2007). In asymmetrical relationships, the weaker party guards itself against exploitation, while the stronger party tends to identify exploitation opportunities (Ganesan et al., 2009). The focal firm in asymmetric collaborations may seek to obtain the lowest possible price by creating strong competition between suppliers and negotiating with them. The relationship is usually adversarial (Bayraktar et al., 2009), and the focal firm will seek to maintain a central network position to enlarge and control the acquisition of new knowledge from other firms (van Wijk et al., 2008). In such an arrangement it is likely that the transaction costs of knowledge risk management would be high and knowledge sharing may be limited. As shown by Xu and Beamon (2006), asymmetric and cooperative networks will have little knowledge sharing since the risks are high for the less powerful firm; thus the transaction costs to protect against these risks are also high. In

8

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

asymmetric and competitive networks, the less dependent firm will seek to exploit its power, again increasing the risks for the less powerful firm. In asymmetric relationships, the focal firm will only improve its operational performance and will not be able to engage in a collaborative innovation with other members of the network. The overall network will be unstable and opportunistic in nature. A typical example of risks in an asymmetric relationship is Wal-Mart (Crook and Combs, 2007). It has a reputation for being a tough negotiator when it comes to pricing and delivery, and often uses reverse auctions and bidding when negotiating with competing suppliers, thus changing the structure of the network (Blanchard et al., 2008). (See also, Webster (1995) for a similar example.) Suppliers may therefore be unwilling to share knowledge with either Wal-Mart or other partners in the network. On the other hand, the Wal-Mart mandates may cause vendors and trucking companies to cooperate more closely in order to meet the increasing demands from Wal-Mart (Cassidy, 2010) since they are involved in symmetric collaboration with each other. Nevertheless, even with a symmetric collaboration, it can be expected that firms will play a quid-pro-quo game that will make the progress of knowledge sharing slower. Formal reciprocal agreements may increase knowledge sharing but would not considerably lower transaction costs. Thus, non-redeployable, relationship-specific investments are a better option for building trust. Writing binding contracts prior to firms making relationship-specific investments is as a result difficult or even impossible (Taylor and Plambeck, 2007). A typical example of such a relationship-specific investment in a symmetric relationship is the collaboration between the Whitbread Beer Company and Anheuser Busch in implementing a co-managed inventory and the just-in-time principle. This required a considerable amount of knowledge sharing, while suppliers also had to invest considerable funds in a fully automated inter-organizational information system. Such suppliers later received extended contracts, more than compensating for their investment in the technology (Christopher and Jüttner, 2000). In such a way, each firm has shown its commitment and further increased the symmetry of the relationship, thereby decreasing the risks and increasing knowledge sharing. 3.2. The nature of the network We consider four main types of networks, namely efficient, agile, risk hedging and innovative (adapted from Lee, 2002). Efficient networks aim at creating the highest cost efficiencies (ibid.). Agile networks strive to improve the ability of an organization in responding rapidly to changes in demand. They are appropriate for volatile markets with short life cycles (Christopher, 2000). Risk hedging networks pool and share resources to reduce and share risks. They are appropriate for situations of low demand and high supply uncertainty (Neher, 2005). Such networks can also be used to reduce a firm’s exposure to uncertainty, risk and opportunism (Borgatti and Foster, 2003). Innovative networks are problem sharing networks and comprise parties that exchange problems and solutions. An example of such a network is Procter and Gamble (P&G)’s Connect + Develop network. Instead of using formal alliances to find the best research and innovations, P&G now circulates problem stories throughout a network. The sources of innovation in the network are technology entrepreneurs around the world, suppliers and open networks (e.g., NineSigma, YourEncore, and Yet2.com) (Huston and Sakkab, 2006). The problem stories are presented to these groups and anyone with an answer can respond. The traditional R&D department on site does not have the answers, but can formulate the problem. The goal of ‘‘connect and develop’’, as this networking strategy is called, is not to replace but to supplement internal innovators. The top customers’ needs are turned into ‘‘science problems’’ that are sent out to the network for solution. These science problems are ways of simplifying big questions so that knowledge can be more easily transferred. The strategy is to turn crucial R&D problems into visible, solvable problems that can be given over to a network of researchers without damaging the originating organization (Anthes, 2004). Other firms, such as NineSigma, act as knowledge brokers, helping organizations identify which particular scientists might be best able to solve a problem on a contractual basis (Anthes, 2004). This classification is important because the focus of the network determines the underlying business model of the network. In turn, this influences the risk profile of the network (Christopher and Lee, 2004) and the transaction costs of risk management. More specifically, each strategy type requires a different knowledge development capacity and intellectual capital to create superior firm performance (Craighead et al., 2009). The costs, benefits and risk of knowledge sharing in different types of networks may thus differ considerably. For example, an agile network requires the teaming and free flow of knowledge across the entire network to take both reactive and proactive actions given changes in the environment (Yusuf et al., 2004). An innovative network requires a high degree of trust and the sharing of not only solutions but also problems. The exposition of knowledge problems reveals an organization’s knowledge deficiencies, which could prove to be costly (e.g., if a competitor can then identify how to take advantage of the knowledge gaps). Functional networks are focused on efficiency, thus mainly the exchange of data and information may be beneficial with a limited exchange of knowledge. This also applies to risk hedging networks, where the exchange of information on available supply capabilities for the efficient pooling of resources is needed. The main risk of knowledge transfer in a functional network is the use of knowledge to redistribute rewards. A typical example is the suppliers to US automotive producers who did not want to share their cost data in fear that the manufacturers would use it to squeeze their margins (Narayanan and Raman, 2004). In an innovative network, as discussed earlier, knowledge risks can arise from exposure to knowledge deficiencies. In addition, as the focal organization may not be in a position to evaluate a solution to a knowledge problem, the provider has an opportunity to act with guile (e.g., by installing a Trojan horse on a software program) or even to charge abnormal fees for the knowledge. Conversely, failure to share knowledge can also have detrimental consequences. For example, due to the lack of sharing of knowledge on market trends, members of a risk hedging network may produce too many products at short notice (Naylor

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

9

et al., 1999). The most typical example is Cisco’s risk hedging network of distributors. While the sharing of knowledge on production was sufficient, the lack of sharing of customer-related knowledge let to too many double orders and consequently overproduction, which brought a write-off of billions of inventories (Armony and Plambeck, 2005). Inadequate knowledge sharing, coupled with a misalignment of incentives produced this (Narayanan and Raman, 2004). The main mitigation approaches also depend on the type of the network. In a functional network, a variety of contractual and legal mechanisms may be imposed to protect specific knowledge from unwanted appropriation (Norman, 2001). This can be coupled with a joint capital investment that can assure each firm will acquire part of the benefits generated through continuous improvements. In an agile network, an agreement about the sharing of revenues generated from sales to the final customer may be beneficial. In a risk hedging network, firms may reach a formal or informal agreement on sharing the volume of transactions. In an innovative network, in addition to trust building mechanisms, it is important to focus on the development of flexible intellectual property sharing agreements. Moreover, the development of a trusted collaborative space, where the credentials of the partners participating in the network are verified (as in the case of the Connect + Develop program of Procter and Gamble), is critical. An important point is that, despite the risks associated with knowledge sharing, some networks, especially those focused on innovation and agility, do not have the option to hoard knowledge and not share. Failure to share knowledge in an effective and efficient manner will call into question the very premise on which the network exists (Häusler et al., 1994; Tripsas et al., 1995). 3.3. Proximity Geographical proximity can be defined as ‘‘a spatial separation and relations in terms of distance’’ (Lemarie et al., 2001), meaning the physical closeness of the partnering firms and the measures taken by the firms for improved, synergistic performance (Narasimhan and Nair, 2005). However, proximity is not measured simply by the geographical distance between firms. Geographical proximity is different to organizational proximity, which is based on affiliation and similarity (Davenport, 2005; Lemarie et al., 2001). Boschma (2005) goes further and defines five types of proximity: cognitive; organizational; social; institutional, and geographical. These are interrelated since, for example, geographical proximity can help to facilitate social proximity in the form of greater information and personnel exchange (Handfield and Bechtel, 2002). In general, socially proximate actors have an advantage over distant actors in knowledge sharing, and the compatibility between the partners enables a more open and easy exchange (Cheung et al., 2010; Sorenson et al., 2006). Proximity between firms is also important when it comes to the classification of risks since transaction costs of knowledge sharing between firms separated by either geographical or social distance may be considerably higher. Thus, we have two types of risk, namely risk between proximate and between non-proximate firms. Inter-firm trust between geographically close partners is higher than between distant partners (Bönte, 2008), and strong ties lead to greater knowledge transfer (van Wijk et al., 2008). Different local cultures, languages, and practices reduce the effectiveness of knowledge sharing (e.g., for demand forecasting and material planning, Meixell and Gargeya, 2005), and can thus increase risk while at the same time decreasing the benefits of sharing. Without proximity, even supplier development programs may be ineffective since suppliers aim to produce evidence that the program was effective (e.g., by using previously identified solutions as evidence of success) (Rogers et al., 2007). This decreases the benefits of the attempt to share knowledge. Conversely, proximity (especially geographical) tends to intensify the problem of coincidental knowledge spillovers to competitors (Liao, 2010); the distinction between deliberate and coincidental actions is discussed in the next section. Being distant in terms of organizational proximity can also increase knowledge risks. Consider a simple case: some industries (e.g., pharmaceuticals or medical) have stringent rules and regulations that govern the sharing of knowledge within and across their entities. Hence, if two medical institutions were to exchange knowledge, it might be expected that the two entities would have an appreciation for knowledge protection rules and transfer protocols. This may not be true in knowledge exchanges across industries, where the governance frameworks for knowledge sharing are incompatible. As an example, a medical firm will be hard pressed to have its knowledge protected if it is dealing with a firm in the news industry. Hence, the closer the proximity of organizations in terms of the frameworks governing their knowledge exchanges, the greater the potential for smooth knowledge transfer. This does not mean that knowledge transfer will actually take place: The two entities may choose not to share any knowledge as either or both deem the risks to be too high. To summarize: it is likely that the extent of knowledge sharing is considerably higher among proximate actors. While both the likelihood of knowledge risks and transaction costs connected with sharing may be considerably lower, the impact of a knowledge breach may be greater due to a high level of sharing. The main mitigation possibilities in non-proximate relations are based on either formal actions (e.g., contracts) or activities to increase the proximity (e.g., on site visits, socialization activities). In proximate relations, trust is the main factor reducing risk, while a special emphasis should also be put on nondeliberate actions that can lead to considerable damage due to high levels of knowledge transfer. 3.4. The type of action The effect of risk can differ considerably if the perceived risks arise due to a systematic deliberate action (e.g., using or selling the acquired knowledge to create a competitive product or using the knowledge to replace a partner); the deliberate action of an individual (e.g., quitting a job and joining a competitor), or a non-deliberate action of an individual (also called a

10

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

‘‘knowledge leak’’; for example, accidentally transferring know-how at a trade fair or through an Internet-based personal knowledge exchanges (Gosain, 2007)). This distinction is important because interpersonal and inter-organizational trust are two distinct constructs that play different roles in affecting exchanges between organizations (Zaheer et al., 1998). Knowledge leakage frequently depends on the choices made by individuals who work within the network on a daily basis and come into regular contact with network partners (Norman, 2001). A typical example of a company’s deliberate action was Microsoft which was engaged by Apple to develop several applications for Mac computers. In the process, Microsoft acquired critical knowledge about Apple’s graphical user interface, and this enabled its engineers to develop the Windows operating system (Norman, 2001). A typical example of an individual’s deliberate action is a former employee of Cadence who took six megabytes of source code before leaving the firm. The employee was hired by a rival firm, which was thereby able to steal hundreds of engineering hours of work (Helms et al., 2000). However, knowledge leaks can also occur without opportunistic actions, and in this case the donor would often perceive risks associated with the unintended transfer of such knowledge (Easterby-Smith et al., 2008; Norman, 2002). While mitigation activities to decrease the deliberate actions of firms were discussed in other sections, more informal ways need to be used to reduce the risks of individual knowledge breaches. Since individual knowledge is hard to codify, the transaction costs of formal ways of mitigation (e.g., contracts) may be prohibitively high. As mentioned, trust building is one of the most important activities to reduce perceived risks. The socialization of firm employees in a network increases interpersonal trust and has a positive impact on knowledge sharing routines (Cousins and Menguc, 2006). Typical examples to develop closer relationships are the use of cross-functional teams, social events and supplier conferences (Cousins and Menguc, 2006). In addition, at the organizational level, it becomes critical for entities to have appropriate service-level agreements that govern how the knowledge will be used, exchanged, and protected while in transit and in possession of the allied organization (Desouza, 2007). In order to decrease individual knowledge risks, educating personnel is a key factor in effectively protecting knowledge without limiting the benefits (Norman, 2001). The main challenge is how to motivate employees to participate and openly share valuable knowledge while preventing undesirable spillovers to competitors (Dyer and Nobeoka, 2000). A typical action would be to make it clear to all employees that some things cannot be discussed in any circumstances outside the work environment (Helms et al., 2000). However, employees often may not know which knowledge is critical for the firm. At Alpha Computers, managers from different functional areas identified diverse core competencies. Consequently, a marketing manager was willing to share knowledge that an engineer considered critical and would not share (Norman, 2001). Another option is to decrease the informal knowledge sharing to decrease the risks. As an extreme example, Compaq did not attend the popular Comdex computer convention due to a heavy information compromise that occurred at a previous attendance (Helms et al., 2000). While such actions decrease the knowledge risks they may also significantly decrease the benefits of sharing.

3.5. The range of risks Finally, the impact of knowledge risks can vary considerably if knowledge sharing is taking place in a single company, as part of a dyadic relationship or in a whole network. Risks due to sharing, or the lack of sharing, within a single company are discussed at great length in the literature (Alavi and Leidner, 2001; Lee and Choi, 2003; McDermott and O’Dell, 2001), and are deemed to fall outside the scope of this paper. In dyadic relationships, risk can arise either due to a lack of knowledge concerning the actions of the other company (e.g.,e lead in the suppliers’ paint for children’s toys, Raiborn et al., 2009) or a lack of knowledge and/or response to available information (e.g., Ericsson’s non-reaction to a fire at a Philips plant, Chopra and Sodhi, 2004). An example of dyadic risk due to knowledge sharing is a supplier who uses a firm’s knowledge of products and processes for its own forward integration attempts (Giunipero and Eltantawy, 2004). However, knowledge risks can also materialize across the whole network. Previous research and practice have mostly addressed the first tier of partners, neglecting the implications for other partners in the network (Meixell and Gargeya, 2005). The whole network is considerably harder and more costly to control and the position in the network is vital: organizations that occupy central positions have better access to the new knowledge developed by other members (Tsai, 2001). Networks are hence increasingly complex, often short-term, and possess an ever increasing quantity and specificity of knowledge, while the network’s internal capacity to deal with complexity is limited (Kärkkäinen et al., 2003; Shaw and Holland, 2010). Recipients are often in a position to receive knowledge in a network and use this knowledge elsewhere (Sorenson et al., 2006), something that can be problematic for the knowledge sender. The risks in the whole network are particularly important since knowledge is often viewed as the property of the network (Dyer and Nobeoka, 2000). Strategic alliances are inherently incomplete contracts in which the property rights associated with alliance output and profits may not be well defined (Baum et al., 2000). The risks concerning the whole network are further exacerbated by the flexibility in configuring and reconfiguring the network (Agterberg et al., 2010). Selected partners may be brought in for short periods for very focused tasks. The sharing company can limit the source from sharing its knowledge with other firms while they are alliance partners. However, this constraint evaporates once the alliance comes to an end (Carayannopoulos and Auster, 2010). As a consequence, companies may attempt to extract as much knowledge from the others while contributing as little as possible (Baum et al., 2000), leading to the sub-optimal operation of the network, with each member looking for a local instead of a global optimum.

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

11

The main activities to mitigate the risks of knowledge sharing in a single company relate to employee development – a decrease in staff fluctuations and an increase in the process view of employees who should understand how the activities of others contribute to performance (Trkman, 2010). If employees understand their role in the business process, it is more likely that they will realize when/if the benefits of knowledge sharing exceed the risks. An increase of training costs should lead to lower transaction costs (due for example, to lower levels of monitoring required) of every-day sharing. For a dyadic relationship, most of the mitigation activities discussed in the previous sections also apply here; the importance of the risks depends on the type of dyadic relationship. The risks of knowledge sharing in a multi-firm environment are considerably more complex and can only be efficiently mitigated by developing a cooperative knowledge sharing and development platform along with adequate intellectual property agreements. As discussed in the next section, such an approach can only develop over time and therefore the development of proper knowledge risk management in alliances is a longitudinal process. In addition, there is a need for overall governance rules that both incentivize desirable knowledge sharing behavior and penalize firms that act with guile and seek to hoard knowledge or share less knowledge than they receive. In line with our previous discussion, such rules need to have low transaction costs. The transaction costs of searching for, screening, and selecting contributors grow as the network becomes larger and can become prohibitive (Pisano and Verganti, 2008). Thus, governance in innovative networks is often informal with orientation toward highly socially embedded, normbased interactions with a substantial amount of technology sharing and deliberate spillovers (Boudreau and Lakhani, 2009). A typical example of such a network is Innocentive, where the problem holder broadcasts their solution requirements to the whole world. Deliberate efforts are made to reduce the transaction costs of knowledge risk management. For example, Innocentive does not do any pre-screening of solvers and anybody with internet access can register as a potential solver. Further, there is no cost of examining the contents of the problem statement and thus a solver may examine several statements before picking the appropriate one (Jeppesen and Lakhani, 2009).

4. Implications for knowledge sharing and risk management In addition to the importance of identifying and classifying risks and proper mitigation activities, the main issue is how the organization manages these risks in the long run and how the structure of its cooperation evolves over time. Obviously, firms engage in knowledge sharing because they need certain knowledge that is not available in their own organization. The main alternative to sharing knowledge within a network would be to acquire this knowledge via the market by, for example, hiring new employees or consultants. Collaboration within a network brings an opportunity to acquire new knowledge from partners without paying the full price that would need to be paid otherwise. Yet this inevitably brings new risks (Dawes et al., 2009), and certain transaction costs. For example, if an employee calls a colleague from another company and exchanges experience with him or her, this brings ‘‘non-deliberate’’ individual risks. Joint projects or alliances between companies bring ‘‘deliberate’’ risks at the company level. As a result, the balancing act each firm has to perform to protect its knowledge, whilst trying to share knowledge that benefits the whole network, needs to be investigated. If the benefits of sharing are not clear, or if the exchange appears to be one sided, the sharing is not likely to occur (Dawes et al., 2009). Another important issue is how this balance changes over time. The company needs to balance the benefits and risks; it may share in instances, where the direct tangible benefits of the parts (links, products or services) that are of interest to it outweigh the risks and transaction costs of sharing. We postulate that the perceived risk depends on the type of risk and the pre-existing trust between the partners. It can thus be expected that the type of risk in the particular framework importantly affects the initial perceived risk. For example, the perceived risks in asymmetrical cooperation are higher than in the symmetrical form. This does not mean that knowledge sharing in such an arrangement will not happen, but that the perceived benefits for both/all firms need to be higher in order for the sharing to start. If the initial experience is beneficial to both sides, the breadth of knowledge sharing may increase over time. Trust between partners and its evolution over time is thus one of the key prerequisites of a knowledge transfer in a network (Bönte, 2008; Dawes et al., 2009; Easterby-Smith et al., 2008; Rosenbaum, 2000; van Wijk et al., 2008). Obviously, trust importantly influences the perceived risks by reducing the considerable antagonism between network members that may occur due to mutual distrust and relationship difficulties before and during the collaboration (Simatupang and Sridharan, 2002). Further, trust lowers the potential for opportunism between the parties to an exchange and thus lowers the transaction costs of this exchange since fewer control mechanisms are needed (Humphreys et al., 2004). Conversely, the inability to predict a partner’s action in future knowledge sharing has the opposite effect (Ke and Wei, 2007). In addition, the perceived reputation of other companies is a key motivator in any decision to share or withhold knowledge; a longer duration of interaction also positively affects reputation (Ensign and Hébert, 2010). At low levels of experience (and therefore cumulative collaboration), there is little reputational information on the source, making the knowledge sharing riskier (Carayannopoulos and Auster, 2010). An initial level of trust is therefore needed for knowledge sharing to begin (Lee and Mellat-Parast, 2009); the expected long-term net benefits need to outweigh the perceived risks. Further, the ability to start the knowledge exchange depends on the redundancy of contributions – the perceived ability of the network to create value in the absence of complete contributions by all partners (McCarter and Northcraft, 2007). If the initial knowledge sharing is beneficial for both/all sides, inter-company trust may increase and lead to a decreased perceived risk and increased willingness to share more intensively, and more delicate knowledge. One form of trust building

12

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

occurs when each party makes a non-redeployable, relationship-specific investment, signaling a commitment to the relationship (Kim and Umanath, 2005). Another similar form of trust building is clearly initial knowledge sharing; on the other hand, if firms hide information and actions among network partners, inter-company collaboration is restrained (Yeung et al., 2009). Generally speaking, cooperative activity is a key factor for facilitating knowledge sharing by creating an interdependent, trustful, mutually helpful and communication-intensive atmosphere between the partners (Li et al., 2011). In time, the type of knowledge transferred and the nature of the collaboration may also change with its own dynamics (Hutzschenreuter and Horstkotte, 2010; von Krogh, 2009). For example, the weaker part in an asymmetric relationship has the opportunity to alter the dependence balance by, for instance, achieving product/process excellence (Matopoulos et al., 2007). A move towards symmetric collaboration would also happen by increasing the dependency of the stronger firm; intensive knowledge sharing almost certainly leads to this. It is important to study how different activities may enhance levels of trust between partners, mitigate risk and complement formal controls to form an effective control package (LangfieldSmith, 2008). In contrast, certain risks may also grow if the knowledge sharing is intensified. These risks need to be continuously monitored. If the risks exceed certain thresholds, mitigation activities might be needed to prevent high-impact events. Put another way, a risk might be considered low and, if an appropriate intervention is put in place (e.g., tying key employees to the firm with long-term contracts to reduce individual deliberate risk), the probability of the risk materializing might be suppressed. Alternatively, if the risk is not attended to in a timely manner, the probability of the risk materializing might be enhanced. The need to manage risks should not overburden the operations of the network, or curtail the interactions among the various organizations involved (Agterberg et al., 2010). It is important for a network to be able to estimate the benefits realized from the knowledge sharing. In addition, damage (loss) that occurs from ineffective and inefficient knowledge sharing should also be estimated, along with the costs of mitigating these risks. In line with TCE, companies will thus search for such arrangements, where the perceived risk-adjusted transactions costs of knowledge acquisition are lowest. For example, in proximate companies, it may be ‘‘cheaper’’ to get the knowledge from the partner; in non-proximate companies, it would be cheaper to hire a consultant due to perceived risks due to sharing of company’s knowledge with its non-proximate partner. This analysis may also explain how and why new inter-organizational forms (such as virtual or network organizations and e-clusters) develop over time. If knowledge sharing is important but a merger is not a viable option for various reasons, the transaction costs of a knowledge transfer and its risk management may be too high to facilitate a continuous high level of knowledge sharing. Thus, firms are seeking other arrangements, such as a virtual organization. This decreases risk management costs (although still substantial, and never reaching zero), while not increasing the coordination/transaction costs as much as a merger could do. Hence, such organizational forms can be expected to form in industries, where it is important to share knowledge and, where there are high costs of managing a knowledge transfer and its risks. This, for example, explains the role of the Internet/e-business in knowledge sharing – it may decrease the costs of sharing, thereby increasing the net benefits. Conversely, it might also increase the proximity between firms, thus lowering the risks. While planning for risks is diligent and necessary, it is impossible for all networks to account for possible risks a priori; the use of such frameworks can reduce but certainly not eliminate this problem. It is only natural that the network will also face unexpected risks. It is, however, important not only to recover from risk incidents, but to use them as learning opportunities to improve the knowledge risk management strategies or perhaps even the composition of the network. This is important since, currently, most results-based efforts favor a narrow process improvement (i. e., single-loop learning – in other words, dealing with a single risk while basically using the same process), rather than a broad understanding of current policy choices and effectiveness and their potential change (i.e., double-loop learning) (Moynihan, 2005). Building knowledge within organizations can thereby help to improve the efficiency of knowledge risk management (McDaniels and Gregory, 2004). Thus, the whole process of knowledge risk management should be rethought in line with the newly identified risks.

5. Conclusion This paper has reviewed issues connected with risks due to knowledge sharing in networks. Its contribution is in the classification of such risks and the development of a common language for knowledge risk management. It investigated how the type of knowledge risk affects the perceived risk of knowledge sharing and the transaction costs of sharing/risk mitigations; this influences both the decision to begin knowledge sharing and its evolution. Nevertheless, while the framework can help in identifying, classifying and mitigating risks, it provides only a high level guidance for these efforts. Of course, our framework needs to be integrated with other views and lenses on risk so that a more holistic understanding could be achieved. This constructivist-based approach may seem contradictory to the practice-based view discussed by Marabelli and Newell (this issue). We believe this not to be the case: we would argue that companies should use the framework introduced herein in order to put some structure in an inherently unstructured area of knowledge risk management. Managers could use the framework as a guide/sense-making device in identifying the main types of risk facing their organization, and the potential detrimental impacts of those risks. Possible means of ameliorating those risks might then be considered. It goes without saying that any framework such as this cannot hope to encompass all possible issues. For example, in a certain situation, managers could decide not to share knowledge since the perceived risks may outweigh the potential benefits. However, they

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

13

should be aware that knowledge ‘‘management interventions cannot direct change (and promote or restrict knowledge sharing) automatically within a network’’ (ibid.; p. ??). Thus, it is not possible to simply ‘‘decide’’ not to share, but interventions that might hinder knowledge translation could be carefully devised. Notwithstanding, the findings have several practical implications for both companies and government policy. Companies should be aware of the risks and analyze the possibilities of mitigating them. Risks that cannot be mitigated should be considered when making decisions to share knowledge and/or commit to various types of networks. In terms of public funding, it is highly questionable whether fully-funded governmental initiatives (like centers of excellence) aimed at creating virtual networks will bring the desired benefits. Such an approach bypasses the usual way of alliance-building and may not bring about the desired increase in trust and reputation. According to Kovacˇ (2010), such incentives are only useful if they reduce the transaction costs of a firm attempting to enter into new collaborations, which it would not otherwise do due to the high costs involved. The main limitation of this paper is that the framework has not as yet been empirically validated. Nonetheless, having now been constructed, this can now be undertaken. As noted, we realize that such frameworks can never be complete and that certain categories may have been neglected. Further testing will nonetheless facilitate enhancements. Additionally, the risks may also depend on the industry and type of the organizations included. A longitudinal single case study or multi case studies are needed to test how risks are changing and how these changing risks are managed in networks. Alternatively, a retrospective survey of a sample of companies could be conducted to gain insights on cause-effect relationships between knowledge sharing, risk taking, and benefits, transaction costs and financial losses of such sharing. Different risk types should be studied in detail, and future research should focus on these dynamics by examining how organizations manage to put processes and practices in place to manage the evolution of risks. A more detailed study of the possible interventions that suppress and/or enhance each of the risks is also needed; these will be critical in determining appropriate risk mitigation strategies. As we have hinted above, an examination of how appropriate knowledge risk management strategies and approaches change over time would be beneficial. Specifically, following the concepts of single- and double-loop learning, the main question is whether firms ‘‘merely’’ learn to execute the process of knowledge risk management better or whether they are also able to improve the process as such. Finally, another promising approach to managing risk based on options is presented by Benaroch et al. (2007). This approach helps in choosing which options to deliberately embed in an investment so as to optimally control the balance between risks and rewards. A similar approach could also be applied to the management of knowledge risks. This wide array of topics for further research is meant to indicate that the proposed framework offers a way to interpret knowledge sharing in networks and the management of its risks. It should encourage empirical research in applying the framework, testing its comprehensiveness and assessing the benefits to be gained from its use. Acknowledgments We would like to thank the editor-in-chief Bob Galliers and both reviewers, and authors, of the complementary paper, Marco Marabelli and Sue Newell, for their thoughtful comments and ideas that considerably improved the paper. All errors and omissions remain solely our responsibility. References Aamodt, A., Nygård, M., 1995. Different roles and mutual dependencies of data, information, and knowledge – an AI perspective on their integration. Data & Knowledge Engineering 16, 191–222. Adler, P.S., 2001. Market, hierarchy, and trust: the knowledge economy and the future of capitalism. Organization Science 12, 215–234. Agterberg, M., Van Den Hooff, B., Huysman, M., Soekijad, M., 2010. Keeping the wheels turning: the dynamics of managing networks of practice. Journal of Management Studies 47, 85–108. Alavi, M., Leidner, D.E., 2001. Knowledge management and knowledge management systems: conceptual foundations and research issues. MIS Quarterly 25, 107–136. Alston, L.J., Gillespie, W., 1989. Resource coordination and transaction costs: a framework for analyzing the firm/market boundary. Journal of Economic Behavior & Organization 11, 191–212. Altay, N., Ramirez, A., 2010. Impact of disasters on firms in different sectors: implications for supply chains. Journal of Supply Chain Management 46, 59–80. Alvesson, M., Kärreman, D., 2001. Odd couple: making sense of the curious concept of knowledge management. Journal of Management Studies 38, 995– 1018. Andersen, P.H., Christensen, P.R., 2005. Bridges over troubled water: suppliers as connective nodes in global supply networks. Journal of Business Research 58, 1261–1273. Andersen, T.J., 2008. The performance relationship of effective risk management: exploring the firm-specific investment rationale. Long Range Planning 41, 155–176. Anderson, J.C., Håkansson, H., Johanson, J., 1994. Dyadic business relationships within a business network context. Journal of Marketing 58, 1–15. Anthes, G., 2004. Innovation inside out. Computerworld 38, 49–51. Araz, C., Ozkarahan, I., 2007. Supplier evaluation and management system for strategic sourcing based on a new multicriteria sorting procedure. International Journal of Production Economics 106, 585–606. Argote, L., Ingram, P., 2000. Knowledge transfer: a basis for competitive advantage in firms. Organizational Behavior and Human Decision Processes 82, 150– 169. Armony, M., Plambeck, E.L., 2005. The impact of duplicate orders on demand estimation and capacity investment. Management Science 51, 1505–1518. Aubert, B.A., Rivard, S., Patry, M., 2004. A transaction cost model of it outsourcing. Information & Management 41, 921–932. Bahli, B., Rivard, S., 2003. The information technology outsourcing risk: a transaction cost and agency theory-based perspective. Journal of Information Technology 18, 211–221.

14

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

Baloh, P., Jha, S., Awazu, Y., 2008. Building strategic partnerships for managing innovation outsourcing. Strategic Outsourcing: An International Journal 1, 100–121. Barney, J.B., 1991. Firm resources and sustained competitive advantage. Journal of Management 17, 99–120. Baskerville, R., Dulipovici, A., 2006. The theoretical foundations of knowledge management. Knowledge Management Research & Practice 4, 83–105. Baum, J.A.C., Calabrese, T., Silverman, B.S., 2000. Do not go it alone: alliance network composition and startups’ performance in Canadian biotechnology. Strategic Management Journal 21, 267–294. Bayraktar, E., Demirbag, M., Koh, S.C.L., Tatoglu, E., Zaim, H., 2009. A causal analysis of the impact of information systems and supply chain management practices on operational performance. Evidence from manufacturing SMEs in Turkey. International Journal of Production Economics 122, 133–149. Becerra, M., Lunnan, R., Huemer, L., 2008. Trustworthiness, risk, and the transfer of tacit and explicit knowledge between alliance partners. Journal of Management Studies 45, 691–713. Naylor, J.B., Naim, M.M., Berry, D., 1999. Leagility: integrating the lean and agile manufacturing paradigms in the total supply chain. International Journal of Production Economics 62, 107–118. Benaroch, M., Jeffery, M., Kauffman, R., Shah, S., 2007. Option-based risk management: a field study of sequential it investment decisions. Journal of Management Information Systems 24, 103–140. Blanchard, C., Comm, C.L., Mathaisel, D.F.X., 2008. Adding value to service providers: benchmarking Wal-Mart. Benchmarking: An International Journal 15, 166–177. Blome, C., Schoenherr, T., 2011. Supply chain risk management in financial crises – a multiple case-study approach. International Journal of Production Economics 134, 43–57. Bogner, W.C., Bansal, P., 2007. Knowledge management as the basis of sustained high performance. Journal of Management Studies 44, 165–188. Bönte, W., 2008. Inter-firm trust in buyer–supplier relations: are knowledge spillovers and geographical proximity relevant? Journal of Economic Behavior & Organization 67, 855–870. Borgatti, S.P., Foster, P.C., 2003. The network paradigm in organizational research: a review and typology. Journal of Management 29, 991–1013. Boschma, R., 2005. Proximity and innovation: a critical assessment. Regional Studies 39, 61–74. Boudreau, K.J., Lakhani, K.R., 2009. How to manage outside innovation. MIT Sloan Management Review 50, 69–76. Brown, J.S., Duguid, P., 1998. Organizing knowledge. California Management Review 40, 90–111. Buvik, A., Andersen, O., 2002. The impact of vertical coordination on ex post transaction costs in domestic and international buyer–seller relationships. Journal of International Marketing 10, 1–24. Carayannopoulos, S., Auster, E.R., 2010. External knowledge sourcing in biotechnology through acquisition versus alliance. A KBV approach. Research Policy 39, 254–267. Cassidy, W.B., 2010. Wal-mart tightens delivery deadlines. Journal of Commerce, February 8, 2010. Chen, C.-Y., Chen, C.-Y., Lo, W.-S., 2006. Supply chain management implementation in perspective of knowledge transfer. In: IEEE International Conference on Systems, Man, and Cybernetics, pp. 2148–2155. Chen, H., Chen, T.-J., 2003. Governance structures in strategic alliances: transaction cost versus resource-based perspective. Journal of World Business 38, 1– 14. Cheung, M.-S., Myers, M.B., Mentzer, J.T., 2010. Does relationship learning lead to relationship value? A cross-national supply chain investigation. Journal of Operations Management 28, 472–487. Choo, C.W., 1996. The knowing organization: how organizations use information to construct meaning, create knowledge and make decisions. International Journal of Information Management 16, 329–340. Chopra, S., Sodhi, M.S., 2004. Managing risk to avoid supply-chain breakdown. Sloan Management Review 46, 53–61. Christopher, M., 2000. The agile supply chain: competing in volatile markets. Industrial Marketing Management 29, 37–44. Christopher, M., Gaudenzi, B., 2009. Exploiting knowledge across networks through reputation management. Industrial Marketing Management 38, 191– 197. Christopher, M., Jüttner, U., 2000. Developing strategic partnerships in the supply chain: a practitioner perspective. European Journal of Purchasing & Supply Management 6, 117–127. Christopher, M., Lee, H., 2004. Mitigating supply chain risk through improved confidence. International Journal of Physical Distribution & Logistics Management 34, 388–396. Connell, J., Voola, R., 2007. Strategic alliances and knowledge sharing: synergies or silos? Journal of Knowledge Management 11, 52–66. Cook, S.D.N., Brown, J.S., 1999. Bridging epistemologies: the generative dance between organizational knowledge and organizational knowing. Organization Science 10, 381–400. Cousins, P.D., Menguc, B., 2006. The implications of socialization and integration in supply chain management. Journal of Operations Management 24, 604– 620. Cova, B., Prévot, F., Spencer, R., 2010. Navigating between dyads and networks. Industrial Marketing Management 39, 879–886. Covaleski, M.A., Dirsmith, M.W., Samuel, S., 2003. Changes in the institutional environment and the institutions of governance. Extending the contributions of transaction cost economics within the management control literature. Accounting, Organizations and Society 28, 417–441. Cowan, R., Foray, D., 1997. The economics of codification and the diffusion of knowledge. Industrial and Corporate Change 6, 595–622. Craighead, C.W., Hult, G.T.M., Ketchen Jr., D.J., 2009. The effects of innovation-cost strategy, knowledge, and action in the supply chain on firm performance. Journal of Operations Management 27, 405–421. Crook, T.R., Combs, J.G., 2007. Sources and consequences of bargaining power in supply chains. Journal of Operations Management 25, 546–555. Davenport, S., 2005. Exploring the role of proximity in sme knowledge-acquisition. Research Policy 34, 683–701. Davis, E.W., Spekman, R.E., 2003. The Extended Enterprise: Gaining Competitive Advantage through Collaborative Supply Chains. Prentice Hall-FT Press, New Jersey. Dawes, S.S., Cresswell, A.M., Pardo, T.A., 2009. From ‘‘Need to Know’’ to ‘‘Need to Share’’: Tangled Problems, Information Boundaries, and the Building of Public Sector Knowledge Networks (vol. 69), Public Administration Review, May|June 2009, pp. 392–402. Dekker, H.C., 2004. Control of inter-organizational relationships: evidence on appropriation concerns and coordination requirements. Accounting, Organizations and Society 29, 27–49. Desouza, K.C., 2003. Facilitating tacit knowledge exchange. Communications of the ACM 46, 85–88. Desouza, K.C., 2007. Managing Knowledge Security: Strategies for Protecting Your Company’s Intellectual Assets. Kogan Page, London, 2007. Desouza, K.C., 2009. Information and knowledge management in public sector networks: the case of the us intelligence community. International Journal of Public Administration 32, 1219–1267. Desouza, K.C., Awazu, Y., 2004. ‘‘Need to Know’’ – organizational knowledge and management perspective. Information–Knowledge–Systems Management 4, 1–14. Desouza, K.C., Evaristo, R., 2003. Global knowledge management strategies. European Management Journal 21, 62–67. Desouza, K.C., Vanapalli, G.K., 2005. Securing knowledge in organizations: lessons from the defense and intelligence sectors. International Journal of Information Management 25, 85–98. Drew, S., 1999. Building knowledge management into strategy: making sense of a new perspective. Long Range Planning 32, 130–136. Dyer, J.H., Nobeoka, K., 2000. Creating and managing a high-performance knowledge-sharing network: the toyota case. Strategic Management Journal 21, 345–367. Easterby-Smith, M., Lyles, M.A., Tsang, E.W.K., 2008. Inter-organizational knowledge transfer: current themes and future prospects. Journal of Management Studies 45, 677–690.

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

15

Ellram, L.M., Tate, W.L., Billington, C., 2008. Offshore outsourcing of professional services: a transaction cost economics perspective. Journal of Operations Management 26, 148–163. Ensign, P.C., Hébert, L., 2009. Competing explanations for knowledge exchange: technology sharing within the globally dispersed R&D of the multinational enterprise. Journal of High Technology Management Research 20, 75–85. Ensign, P.C., Hébert, L., 2010. How reputation affects knowledge sharing among colleagues. MIT Sloan Management Review 51, 79–81. Erden, Z., von Krogh, G., Nonaka, I., 2008. The quality of group tacit knowledge. Journal of Strategic Information Systems 17, 4–18. Faisal, M., Banwet, D.K., Shankar, R., 2006. Supply chain risk mitigation: modeling the enablers. Business Process Management Journal 12, 535–552. Finch, P., 2004. Supply chain risk management. Supply Chain Management – an International Journal 9, 183–196. Frank, S.D., Henderson, D.R., 1992. Transaction costs as determinants of vertical coordination in the US food industries. American Journal of Agricultural Economics 74, 941–950. Galliers, R.D., 2006. Material knowing: ‘‘The Scaffolding of Human Knowledgeability: Reflections on Orlikowski’’. European Journal of Information Systems 15 (June). Galliers, R., Newell, S., 2003. Back to the future: from knowledge management to the management of information and data. Information Systems and EBusiness Management 1, 5–13. Ganesan, S., George, M., Jap, S., Palmatier, R.W., Weitz, B., 2009. Supply chain management and retailer performance. emerging trends, issues, and implications for research and practice. Journal of Retailing 85, 84–94. Garud, R., Karnøe, P. (Eds.), 2001. Path Dependence and Creation. Lawrence Erlbaum Associates, Mahwah, NJ. Ghoshal, S., Moran, P., 1996. Bad for practice. a critique of the transaction cost theory. Academy of Management Review 21, 13–47. Giannakis, M., 2008. Facilitating learning and knowledge transfer through supplier development. Supply Chain Management: An International Journal 13, 62–72. Giunipero, L., Eltantawy, R., 2004. Securing the upstream supply chain: a risk management approach. International Journal of Physical Distribution & Logistics Management 34, 698–713. Goh, S.C., 2002. Managing effective knowledge transfer: an integrative framework and some practice implications. Journal of Knowledge Management 6, 23–30. Gosain, S., 2007. Mobilizing software expertise in personal knowledge exchanges. Journal of Strategic Information Systems 16, 254–277. Grant, R.M., 1996a. A knowledge-based theory of inter-firm collaboration. Organization Science 7, 375–387. Grant, R.M., 1996b. Toward a knowledge-based theory of the firm. Strategic Management Journal 17, 109–122. Grant, R.M., 1999. The knowledge-based view of the firm: implications for management practice. Long Range Planning 30, 45–454. Gulati, R., Singh, H., 1998. The architecture of cooperation: managing coordination costs and appropriation concerns in strategic alliances. Administrative Science Quarterly 43, 781–814. Gunasekaran, A., Ngai, E.W.T., 2004. Information systems in supply chain integration and management. European Journal of Operational Research 159, 269– 295. Gupta, S., Woodside, A., Dubelaar, C., Bradmore, D., 2009. Diffusing knowledge-based core competencies for leveraging innovation strategies: modelling outsourcing to knowledge process organizations (Kpos) in pharmaceutical networks. Industrial Marketing Management 38, 219–227. Hackney, R.A., Desouza, K.C., Irani, Z., 2008. Constructing and sustaining competitive inter-organizational knowledge networks: an analysis of managerial web-based facilitation. Information Systems Management 25, 356–363. Hakansson, H., Ford, D., Gadde, L.-E., Snehota, I., Waluszewski, A., 2009. Business in Networks. John Wiley, Chichester. Hallikas, J., Karvonen, I., Pulkkinen, U., Virolainen, V.-M., Tuominen, M., 2004. Risk management processes in supplier networks. International Journal of Production Economics 90, 47–58. Handfield, R.B., Bechtel, C., 2002. The role of trust and relationship structure in improving supply chain responsiveness. Industrial Marketing Management 31, 367–382. Häusler, J., Hohn, H.-W., Lütz, S., 1994. Contingencies of innovative networks: a case study of successful interfirm R&D collaboration. Research Policy 23, 47– 66. Helms, M.M., Ettkin, L.P., Morris, D.J., 2000. Shielding your company against information compromise. Information Management & Computer Security 8, 117–130. Howard, M., Vidgen, R., Powell, P., 2006. Automotive E-Hubs: exploring motivations and barriers to collaboration and interaction. Journal of Strategic Information Systems 15, 51–75. Humphreys, P.K., Li, W.L., Chan, L.Y., 2004. The impact of supplier development on buyer–supplier performance. Omega 32, 131–143. Huston, L., Sakkab, N., 2006. Connect and develop: inside Procter & Gamble’s new model for innovation. Harvard Business Review 84, 58–66. Hutzschenreuter, T., Horstkotte, J., 2010. Knowledge transfer to partners: a firm level perspective. Journal of Knowledge Management 14, 428–448. Jeppesen, L.B., Lakhani, K.R., 2009. Marginality and problem solving effectiveness in broadcast search. Organization Science 20, 1–44. Kärkkäinen, M., Ala-Risku, T., Främling, K., 2003. The product centric approach: a solution to supply network information management problems? Computers in Industry 52, 147–159. Ke, W., Wei, K.K., 2007. Factors affecting trading partners’ knowledge sharing: using the lens of transaction cost economics and socio-political theories. Electronic Commerce Research and Applications 6, 297–308. Kim, H.H., 2009. Market uncertainty and socially embedded reputation. American Journal of Economics and Sociology 68, 679–701. Kim, K.K., Umanath, N.S., 2005. Information transfer in B2b procurement: an empirical analysis and measurement. Information & Management 42, 813–828. Kotabe, M., Martin, X., Domoto, H., 2003. Gaining from vertical partnerships: knowledge transfer, relationship duration and supplier performance improvement in the US and Japanese automotive industries. Strategic Management Journal 24, 293–316. Kovacˇ, M., 2010. Sour-Sweet Subvention for Companies (in Slovenian). Finance, August 31. Lakshman, C., Parente, R.C., 2008. Supplier-focused knowledge management in the automobile industry and its implications for product performance. Journal of Management Studies 45, 317–342. Langfield-Smith, K., 2008. The relations between transactional characteristics, trust and risk in the start-up phase of a collaborative alliance. Management Accounting Research 19, 344–364. Larsson, R., Bengtsson, L., Henriksson, K., Sparks, J., 1998. The interorganizational learning dilemma: collective knowledge development in strategic alliances. Organizational Science 9, 285–305. Lee, H., 2002. Aligning supply chain strategies with product uncertainties. California Management Review 44, 105–119. Lee, H., Choi, B., 2003. Knowledge management enablers, processes, and organizational performance. An integrative view and empirical examination. Journal of Management Information Systems 20, 179–228. Lee, S.M., Mellat-Parast, M., 2009. The formation of initial trust in the strategic supply chain partnership. International Journal of Management and Enterprise Development 7, 28–43. Leidner, D.E., 2010. Globalization, culture, and information: towards global knowledge transparency. Journal of Strategic Information Systems 19, 69–77. Lemarie, S., Mangematin, V., Torre, A., 2001. Is the creation and development of biotech smes localised? Conclusions drawn from the french case. Small Business Economics 17, 61–76. Li, Y., Liu, Y., Liu, H., 2011. Co-opetition, distributor’s entrepreneurial orientation and manufacturer’s knowledge acquisition: evidence from China. Journal of Operations Management 29, 128–142. Liao, T.-J., 2010. Cluster and performance in foreign firms: the role of resources, knowledge, and trust. Industrial Marketing Management 39, 161–169. Majchrzak, A., 2004. Human issues in secure cross-enterprise collaborative knowledge-sharing: a conceptual framework for understanding the issues and identifying critical research. In: Report for Department of Homeland Security. Center for Telecommunications Management, Los Angeles.

16

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

Marabelli, M., Newell, S., this issue. Knowledge risks in organizational networks: the practice perspective. Journal of Strategic Information Systems. doi:10.1016/j.jsis.2011.11.002. March, J.G., Shapira, Z., 1987. Managerial perspectives on risk and risk taking. Management Science 33, 1404–1418. Matopoulos, A., Vlachopoulou, M., Manthou, V., Manos, B., 2007. A conceptual framework for supply chain collaboration: empirical evidence from the agrifood industry. Supply Chain Management: An International Journal 12, 177–186. Mayer, R.C., Davis, J.H., Schoorman, D.F., 1995. An integrative model of organizational trust. Academy of Management Review 20, 709–734. McCarter, M.W., Northcraft, G.B., 2007. Happy together?: Insights and implications of viewing managed supply chains as a social dilemma. Journal of Operations Management 25, 498–511. McDaniels, T., Gregory, R., 2004. Learning as an objective within a structured risk management decision process. Environmental Science & Technology 38, 1921–1926. McDermott, R., O’Dell, C., 2001. Overcoming cultural barriers to sharing knowledge. Journal of Knowledge Management 5, 76–85. McLure Wasko, M., Faraj, S., 2000. ‘‘It Is What One Does’’: Why people participate and help others in electronic communities of practice. The Journal of Strategic Information Systems 9, 155–173. Meixell, M.J., Gargeya, V.B., 2005. Global supply chain design: a literature review and critique. Transportation Research Part E: Logistics and Transportation Review 41, 531–550. Mentzer, J.T., Min, S., Zacharia, Z.G., 2000. The nature of interfirm partnering in supply chain management. Journal of Retailing 76, 549–568. Merali, Y., 2000. Individual and collective congruence in the knowledge management process. Journal of Strategic Information Systems 9, 213–234. Modi, S.B., Mabert, V.A., 2007. Supplier development: improving supplier performance through knowledge transfer. Journal of Operations Management 25, 42–64. Möller, K., Svahn, S., 2006. Role of knowledge in value creation in business nets. Journal of Management Studies 43, 985–1007. Moynihan, D.P., 2005. Goal-based learning and the future of performance management. Public Administration Review 65, 203–216. Narasimhan, R., Nair, A., 2005. The antecedent role of quality, information sharing and supply chain proximity on strategic alliance formation and performance. International Journal of Production Economics 96, 301–313. Narayanan, V., Raman, A., 2004. Aligning incentives in supply chains. Harvard Business Review 82, 94–102. Neher, A., 2005. The configurational approach in supply chain management. In: Kotzab, Herbert, Seuring, Stefan, Mueller, Martin, Reiner, Gerald (Eds.), Research Methodologies in Supply Chain Management. Physica-Verlag, HD, pp. 75–89. Nonaka, I., 1991. The knowledge creating company. Harvard Business Review 69, 96–104. Nonaka, I., 1994. A dynamic theory of organizational knowledge creation. Organization Science 5, 14–37. Nonaka, I., Toyama, R., Nagata, A., 2000. A firm as a knowledge-creating entity: a new perspective on the theory of the firm. Industrial and Corporate Change 9, 1–20. Norman, P.M., 2001. Are your secrets safe? Knowledge protection in strategic alliances. Business Horizons 44, 51–60. Norman, P.M., 2002. Protecting knowledge in strategic alliances: resource and relational characteristics. Journal of High Technology Management Research 13, 177–202. Papadopoulos, A., Cimon, Y., Hébert, L., 2008. Asymmetry, heterogeneity and inter-firm relationships: organizing the theoretical landscape. International Journal of Organizational Analysis 16, 152–165. Pavlou, P.A., 2002. Institution-based trust in interorganizational exchange relationships: the role of online B2B marketplaces on trust formation. Journal of Strategic Information Systems 11, 215–243. Perrot, B.E., 2007. A strategic risk approach to knowledge management. Business Horizons 50, 523–533. Pisano, G.P., Verganti, R., 2008. Which kind of collaboration is right for you? Harvard Business Review 86, 78–86. Polanyi, M., 1958. Personal Knowledge: Towards a Post-Critical Philosophy. University of Chicago Press, Chicago, IL. Popper, K.R., 1972. Objective Knowledge: An Evolutionary Approach. Oxford University Press, Oxford, 1972. Powell, W.W., Koput, K.W., Smith-Doerr, L., 1996. Interorganizational collaboration and the locus of innovation: networks of learning in biotechnology. Administrative Science Quarterly 41, 116–145. Provan, K.G., 1993. Embeddedness, interdependence, and opportunism in organizational supplier–buyer networks. Journal of Management 19, 841–856. Provan, K., Fish, A., Sydow, J., 2007. Interorganizational networks at the network level: a review of the empirical literature on whole networks. Journal of Management 33, 479–516. Raiborn, C.A., Massoud, M.F., Raiborn, M.F., 2009. Product recalls: what’s your offshore production liability? Journal of Corporate Accounting & Finance 20, 31–43. Reus, T., Ranft, A., Lamont, B., Adams, G., 2009. An interpretive systems view of knowledge investments. Academy of Management Review 34, 382–400. Ritchie, B., Brindley, C., 2007. Supply chain risk management and performance. A guiding framework for future development. International Journal of Operations & Production Management 27, 303–322. Rogers, K.W., Purdy, L., Safayeni, F., Duimering, P.R., 2007. A supplier development program: rational process or institutional image construction? Journal of Operations Management 25, 556–572. Rosenbaum, H., 2000. The information environment of electronic commerce. Information imperatives for the firm. Journal of Information Science 26, 161– 171. Russell, B., 1912. The Problems of Philosophy. Oxford University Press, New York. Ryu, S., Eyuboglu, N., 2007. The environment and its impact on satisfaction with supplier performance. An investigation of the mediating effects of control mechanisms from the perspective of the manufacturer in the USA. Industrial Marketing Management 36, 458–469. Scheepers, R., Venkitachalam, K., Gibbs, M.R., 2004. Knowledge strategy in organizations: refining the model of Hansen, Nohria and Tierney. Journal of Strategic Information Systems 13, 201–222. Schoorman, D.F., Mayer, R.C., Davis, J.H., 2007. An integrative model of organizational trust: past, present, and future. Academy of Management Review 32, 344–354. Shankar, V., Urban, G.L., Sultan, F., 2002. Online trust: a stakeholder perspective, concepts, implications, and future directions. The Journal of Strategic Information Systems 11, 325–344. Shaw, D.R., Holland, C.P., 2010. Strategy, networks and systems in the global translation services market. Journal of Strategic Information Systems 19, 242– 256. Simatupang, T., Sridharan, R., 2002. The collaborative supply chain. Journal of Logistics Management 13, 15–30. Sitkin, S.B., Pablo, A.L., 1992. Reconceptualizing the determinants of risk behavior. The Academy of Management Review 17, 9–38. Smith, A., 1910. An Inquiry into the Nature and Causes of the Wealth of Nations. Everyman’s Library, New York. Soper, D.S., Demirkan, H., Goul, M., 2007. An interorganizational knowledge-sharing security model with breach propagation detection. Information Systems Frontiers 9, 469–479. Sorenson, O., Rivkin, J., Fleming, L., 2006. Complexity, networks and knowledge flow. Research Policy 35, 994–1017. Straub, D., Rai, A., Klein, R., 2004. Measuring firm performance at the network level: a nomology of the business impact of digital supply networks. Journal of Management Information Systems 21, 83–114. Sveiby, K.-E., 2001. A knowledge-based theory of the firm to guide in strategy formulation. Journal of Intellectual Capital 2, 344–358. Swain, M., 1981. Reasons and Knowledge. Cornell University Press, Ithaca. Swan, J., Newell, S., Scarborough, H., Hoslop, D., 1999. Knowledge management and innovation; networks and networking. Journal of Knowledge Management 3, 262–275. Swink, M., Zsidisin, G., 2006. On the benefits and risks of focused commitment to suppliers. International Journal of Production Research 44, 4223–4240.

P. Trkman, K.C. Desouza / Journal of Strategic Information Systems 21 (2012) 1–17

17

Szulanski, G., 1996. Exploring internal stickiness: impediments to the transfer of best practice within the firm. Strategic Management Journal 17, 27–43. Tarafdar, M., Gordon, S.R., 2007. Understanding the influence of information systems competencies on process innovation: a resource-based view. Journal of Strategic Information Systems 16, 353–392. Taylor, T.A., Plambeck, E.L., 2007. Supply chain relationships and contracts: the impact of repeated interaction on capacity investment and procurement. Management Science 52, 1577–1593. Teece, D., 1998. Capturing value from knowledge assets: the new economy, markets for know-how, and intangible assets. California Management Review 40, 55–79. Tripsas, M., Schrader, S., Sobrero, M., 1995. Discouraging opportunistic behavior in collaborative R & D: a new role for government. Research Policy 24, 367– 389. Trkman, P., 2010. The critical success factors of business process management. International Journal of Information Management 30, 125–134. Trkman, P., McCormack, K., 2009. Supply chain risk in turbulent environments-a conceptual model for managing supply chain network risk. International Journal of Production Economics 119, 247–258. Tsai, W., 2001. Knowledge transfer in intraorganizational networks: effects of network position and absorptive capacity on business unit innovation and performance. Academy of Management Journal 44, 996–1004. van Wijk, R., Jansen, J.J.P., Lyles, M.A., 2008. Inter- and intra-organizational knowledge transfer: a meta-analytic review and assessment of its antecedents and consequences. Journal of Management Studies 45, 830–853. von Krogh, G., 2009. Individualist and collectivist perspectives on knowledge in organizations: implications for information systems research. Journal of Strategic Information Systems 18, 119–129. Wadhwa, S., Saxena, A., 2007. Decision Knowledge Sharing: Flexible Supply Chains in Km Context. Production Planning & Control 18, 436–452. Watson, S., Hewett, K., 2006. A multi-theoretical model of knowledge transfer in organizations: determinants of knowledge contribution and knowledge reuse. Journal of Management Studies 43, 141–173. Webster, J., 1995. Networks of collaboration or conflict? Electronic data interchange and power in the supply chain. Journal of Strategic Information Systems 4, 31–42. Wen, S., Chuang, C.-M., 2010. To teach or to compete? A strategic dilemma of knowledge owners in international alliances. Asia Pacific Journal of Management 27, 697–726. Wilhelm, M.M., 2011. Managing coopetition through horizontal supply chain relations: linking dyadic and network levels of analysis. Journal of Operations Management 29, 663–676. Williamson, O., 1996. Economic organization: the case for candor. Academy of Management Review 21, 48–57. Wilson, T.D., 2002. The Nonsense of ‘Knowledge Management. Information Research 8, Paper No. 144. . Xu, L., Beamon, B.M., 2006. Supply chain coordination and cooperation mechanisms: an attribute-based approach. Journal of Supply Chain Management 42, 4–12. Yeung, J.H.Y., Selen, W., Zhang, M., Huo, B., 2009. The effects of trust and coercive power on supplier integration. International Journal of Production Economics 120, 66–78. Yusuf, Y.Y., Gunasekaran, A., Adeleye, E.O., Sivayoganathan, K., 2004. Agile supply chain capabilities: determinants of competitive objectives. European Journal of Operational Research 159, 379–392. Zaheer, A., McEvily, B., Perrone, V., 1998. Does trust matter? Exploring the effects of interorganizational and interpersonal trust on performance. Organization Science 9, 141–159. Zhou, H., Benton, J.W.C., 2007. Supply chain practice and information sharing. Journal of Operations Management 25, 1348–1365.