The United Arab Emirates (UAE) has emerged as a global leader in digital governance, yet public sector risk management practices remain fragmented and compliance driven. This review examines how UAE public institutions manage strategic, operational, financial, and reputational risks amid rapid digital transformation and increasing uncertainty. Despite advancements such as AI integration and enterprise risk management (ERM) adoption, gaps persist in coordination, cultural acceptance, and ethical oversight. Drawing upon contingency theory, institutional theory, and stewardship perspectives, this study synthesizes peer-reviewed literature, policy documents, and regional case studies to map the UAE’s evolving risk landscape. Key findings reveal tensions between compliance and value creation, siloed risk practices, and underdeveloped frameworks for climate and AI-related risks. The paper contributes by identifying theoretical-practical mismatches and recommending priorities for future research particularly in ethical AI, PPP risk-sharing, and federal coordination. It offers policymakers a foundation for developing more resilient, adaptive, and strategically aligned risk governance systems.
Alzarooni, A. I., Alhashmi, S. M., Lataifeh, M., & Rice, J. (2024). Navigating digital transformation in the UAE: Benefits, challenges, and future directions in the public sector. Computers, 13(11). https://doi.org/[Insert DOI if available]
Dabbeek, J., Silva, V., Galasso, C., & Smith, A. (2020). Probabilistic earthquake and flood loss assessment in the Middle East. International Journal of Disaster Risk Reduction, 49, 101662. https://doi.org/10.1016/j.ijdrr.2020.101662
Joseph, C., & Jonathan, L. (2014). ISO 14001 implementation in a Malaysian city council: Insights from neo-institutional theory. ResearchGate, 2–4. https://www.researchgate.net/[Insert full URL]
Lechner, P., & Gatzert, N. (2018). Determinants and value of enterprise risk management: Empirical evidence from Germany. European Journal of Finance, 24(10), 867–887. https://doi.org/[Insert DOI if available]
McShane, M. K., Nair, A., & Rustambekov, E. (2011). Does enterprise risk management increase firm value? Journal of Accounting, Auditing and Finance, 26(4), 641–658. https://doi.org/10.1177/0148558X11409160
Methri, G. (2025). UAE SMEs lead the digital payment wave, 92% now cash-free. IBS Intelligence. https://ibsintelligence.com/ibsi-news/uae-smes-lead-the-digital-payment-wave-92-now-cash-free
Morshed, A., & Khrais, L. T. (2025). Cybersecurity in digital accounting systems: Challenges and solutions in the Arab Gulf region. [Publication details pending completion].
Murikah, W., Nthenge, J. K., & Musyoka, F. M. (2024). Bias and ethics of AI systems applied in auditing: A systematic review. Scientific African, 25, e02281. https://doi.org/10.1016/j.sciaf.2024.e02281
Rodríguez-Espíndola, O., Chowdhury, S., Dey, P. K., Albores, P., & Emrouznejad, A. (2022). Analysis of the adoption of emergent technologies for risk management in the era of digital manufacturing. Technological Forecasting and Social Change, 178, 121562. https://doi.org/10.1016/j.techfore.2022.121562
Saif Almuraqab, N. A. (2020). E & M-government and smart city: A review of ICT strategies and plans in the United Arab Emirates. International Journal of Management, 11(3), 1–19. https://doi.org/[Insert DOI if available]
U.A.E Ministry for Artificial Intelligence. (2023). UAE national strategy for artificial intelligence 2031. [Publisher]. https://www.[Insert URL]
UAE Ministry of Climate Change and Environment. (2023). The United Arab Emirates’ first long-term strategy (LTS). [Publisher]. https://www.[Insert URL]
Yang, Y., Jia, F., Chen, L., Wang, Y., & Xiong, Y. (2021). Adoption timing of OHSAS 18001 and firm performance: An institutional theory perspective. International Journal of Production Economics, 231, 107870. https://doi.org/10.1016/j.ijpe.2020.107870
Davis, J. H., Schoorman, F. D., & Donaldson, L. (1997). Toward a stewardship theory of management. Academy of Management Review, 22(1), 20–47. https://doi.org/10.5465/amr.1997.9707180258
Donaldson, L. (2001). The contingency theory of organizations. Sage Publications.
Hood, C. (2002). The risk game and the blame game. Government and Opposition, 37(1), 15–37. https://doi.org/10.1111/1477-7053.00085
Meyer, J. W., & Rowan, B. (1977). Institutionalized organizations: Formal structure as myth and ceremony. American Journal of Sociology, 83(2), 340–363. https://doi.org/10.1086/226550
Palermo, T. (2014). Accountability and expertise in public sector risk management: A case study. Financial Accountability & Management, 30(3), 322–341. https://doi.org/10.1111/faam.12034
Power, M. (2007). Organized uncertainty: Designing a world of risk management. Oxford University Press.
Woods, M. (2009). A contingency theory perspective on the risk management control system within Birmingham City Council. Management Accounting Research, 20(1), 69–81. https://doi.org/10.1016/j.mar.2008.10.003
Ali, E. S. R. A. Al, & Alshami, S. A. (2025). Strategic Risk Governance in the Digital Era: A Review of Public Sector Risk Management in the UAE. International Journal of Academic Research in Business and Social Sciences, 15(8), 1986–1994.
Copyright: © 2025 The Author(s)
Published by Knowledge Words Publications (www.kwpublications.com)
This article is published under the Creative Commons Attribution (CC BY 4.0) license. Anyone may reproduce, distribute, translate and create derivative works of this article (for both commercial and non-commercial purposes), subject to full attribution to the original publication and authors. The full terms of this license may be seen at: http://creativecommons.org/licences/by/4.0/legalcode
