Risk Management Practices in the Post-Pandemic World

The COVID-19 pandemic was not only a global health crisis; it was a stress test for risk management systems in organizations, governments, and communities around the world. Many traditional approaches focused on isolated risks, linear planning, and static assumptions. The pandemic exposed how inadequate such models can be when facing systemic, cascading, and long-lasting disruptions. In the post-pandemic world, risk management is no longer an optional support function; it has become a central element of strategy, governance, and organizational culture.

This article examines how risk management practices have evolved since the pandemic, with particular attention to strategic, operational, human, and digital risks. It combines contemporary management research with three theoretical lenses: Bourdieu’s concepts of economic, cultural, social, and symbolic capital; world-systems theory and its focus on core–periphery dynamics; and institutional isomorphism, which explains why organizations facing similar pressures often converge on similar risk practices. The paper adopts a conceptual methodology based on recent literature from the last five years, covering sectors such as supply chains, tourism, public institutions, higher education, and digital organizations.

The analysis shows that post-pandemic risk management is increasingly oriented toward resilience, agility, and learning. It moves from siloed risk registers to integrated enterprise risk management, from narrow financial risk views to broader stakeholder and societal perspectives, and from purely technical tools to approaches that recognize the importance of culture, power, and legitimacy. The findings highlight how organizations are building new capabilities in scenario analysis, business continuity, remote work management, cyber risk, and mental health support, while also responding to global inequalities and institutional pressures. The article concludes with implications for practitioners and scholars, emphasizing that risk management in the post-pandemic world is fundamentally about balancing vulnerability, resilience, and transformation.

1. Introduction

The COVID-19 pandemic disrupted nearly every dimension of economic and social life. Global supply chains were halted, tourism collapsed, offices closed overnight, and entire sectors were forced to reinvent business models in a matter of weeks. Many organizations discovered that risks they had formally documented—such as pandemics, system outages, or supply interruptions—had been understood mostly in abstract terms. When the crisis materialized, traditional risk registers, static business continuity plans, and fragmented responsibilities proved insufficient.

As the world moves into a post-pandemic phase, the core question is no longer whether organizations need risk management, but what kind of risk management they need. Several features of the post-pandemic environment stand out:

• High uncertainty and overlapping crises: Health emergencies now coincide with geopolitical tensions, climate-related disasters, energy shocks, and financial volatility.

• Deep global interdependence: Disruptions in one part of the world quickly spread through trade, logistics, finance, and digital networks.

• Acceleration of digitalization: Remote work, online services, platform economies, and cloud computing have expanded quickly, increasing both opportunities and cyber vulnerabilities.

• Heightened social expectations: Stakeholders now expect organizations to protect not only financial performance but also employee well-being, public health, and community resilience.

Traditional risk management approaches, which treated risks as discrete events with measurable probabilities and fixed impacts, are being replaced or supplemented by more systemic and dynamic perspectives. Concepts such as resilience, adaptability, and “learning under uncertainty” are at the center of post-pandemic discussions.

At the same time, risk management is not purely technical. It is shaped by culture, power relations, global inequalities, and institutional pressures. Who defines what counts as a risk? Whose interests are protected? Which vulnerabilities are considered acceptable, and which are not? To answer these questions, this article draws on three theoretical perspectives:

• Bourdieu’s theory of capital, which highlights how economic, cultural, social, and symbolic capital structure practices and outcomes.

• World-systems theory, which frames the global economy as a hierarchy of core, semi-periphery, and periphery regions with unequal capacities to manage risk.

• Institutional isomorphism, which explains how organizations converge toward similar structures and practices in response to regulatory, mimetic, and professional pressures.

Using these perspectives, the article explores how risk management practices have changed after the pandemic, what kinds of capabilities are emerging, and how power and inequality shape the distribution of risk and resilience in the global system.

2. Background and Theoretical Framework

2.1 Post-Pandemic Shifts in Risk Management

Recent literature emphasizes that the pandemic has accelerated a shift from risk prevention to resilience and adaptation. While pre-COVID approaches often assumed that good planning could prevent most serious disruptions, post-pandemic thinking recognizes that some crises will inevitably occur and that the key question is how organizations absorb shocks, continue functioning, and learn.

Three broad trends are notable:

1. From narrow financial risk to enterprise risk managementMany organizations have broadened risk management from financial and compliance concerns to integrated enterprise risk management, encompassing strategic, operational, reputational, environmental, and social risks. Boards and senior leaders increasingly treat risk as a strategic issue rather than a technical afterthought.

2. From linear planning to scenario thinkingThe pandemic showed that single “best estimate” plans are fragile. Organizations are adopting scenario planning, stress testing, and dynamic simulations to explore multiple futures, including unlikely but high-impact events.

3. From siloed responsibility to shared accountabilityRisk management is moving from a specialized department to a shared responsibility across functions. Operations, HR, IT, finance, and communications all play direct roles in identifying, mitigating, and communicating risks.

These changes are visible in sectors such as supply chain management, tourism, higher education, public administration, and critical infrastructure, where post-pandemic reports stress resilience, redundancy, flexibility, and continuous learning.

2.2 Bourdieu’s Forms of Capital in Risk Management

Bourdieu’s framework distinguishes between four major forms of capital:

• Economic capital: financial resources, tangible assets, and material infrastructure.

• Cultural capital: knowledge, skills, professional qualifications, and analytical competences.

• Social capital: networks, relationships, trust, and informal collaboration.

• Symbolic capital: prestige, legitimacy, and recognized authority.

In the context of risk management, these forms of capital are crucial.

• Organizations with strong economic capital can invest in robust infrastructures, backup systems, diversified suppliers, and comprehensive insurance. They can afford reserves and redundancies that less wealthy organizations cannot.

• Cultural capital matters because risk assessment, modeling, and crisis response require specialized knowledge. Firms with skilled risk professionals, data analysts, and experienced managers are better equipped to interpret complex signals and respond appropriately.

• Social capital plays a central role in crisis coordination. High levels of trust within organizations and across partners ease information sharing and joint problem-solving. Conversely, low trust environments slow decision-making and encourage blame-shifting.

• Symbolic capital affects how risk communication is received. Organizations that enjoy high legitimacy and reputational strength are more likely to persuade stakeholders to follow guidance, accept temporary sacrifices, or support recovery plans.

Post-pandemic risk management therefore involves more than tools and frameworks; it is deeply tied to how capital is distributed within and between organizations and societies.

2.3 World-Systems Theory: Global Inequalities in Risk and Resilience

World-systems theory sees the global economy as a structured system composed of core, semi-periphery, and periphery regions. Core countries enjoy advanced industries, strong institutions, and significant control over financial and technological resources. Peripheral regions often rely on commodity exports, low-wage labor, and weaker institutional capacity.

The pandemic revealed that capacity to manage risk is unevenly distributed across this global system. Core countries generally had more resources for vaccine development, digital infrastructure for remote work, and financial support for businesses and workers. Peripheral countries frequently faced limits in healthcare capacity, social protection, and digital access, which magnified both health and economic risks.

In the post-pandemic world:

• Global supply chains are being reassessed for resilience, with some core firms diversifying production or nearshoring to reduce exposure to distant shocks.

• Tourism-dependent economies in the periphery and semi-periphery are seeking to balance health risks with economic survival, often with limited fiscal space.

• Unequal access to vaccines, data, and credit affects how quickly regions can recover, illustrating that risk management is not purely a technical matter but intertwined with global power structures.

World-systems theory thus reminds us that risk management practices cannot be understood in isolation from global inequalities. The capacity to absorb shocks and adapt is often greatest where resources and institutional depth are already strong.

2.4 Institutional Isomorphism and Convergence of Risk Practices

Institutional isomorphism explains why organizations in the same field tend to become more similar over time. It identifies three main sources of convergence:

1. Coercive pressures from laws, regulations, and powerful stakeholders.

2. Mimetic pressures arising from uncertainty, leading organizations to imitate peers perceived as successful or legitimate.

3. Normative pressures driven by professional education, standards, and networks.

During and after the pandemic, these pressures have strongly influenced risk management:

• Governments and regulators introduced new rules on health protocols, reporting, supply chain transparency, and business continuity, producing coercive convergence.

• Many organizations copied high-profile responses such as work-from-home policies, digital contact tracing, or hybrid event formats, illustrating mimetic behavior.

• Professional bodies issued guidelines on pandemic preparedness, resilience, and remote auditing, spreading normative standards across sectors.

As a result, risk management systems in different industries now share more common structures, vocabularies, and metrics than before. While this can strengthen overall standards and comparability, it can also create blind spots when organizations adopt fashionable practices without adapting them to their specific context.

3. Methodology

This article employs a conceptual and integrative methodology, aiming to synthesize current knowledge on post-pandemic risk management through the chosen theoretical lenses. Rather than collecting primary data, it relies on a structured review of existing research and policy analyses.

3.1 Literature Base

The article draws on:

• Academic publications from the last five years that analyze organizational resilience, risk management, supply chain disruption, tourism adaptation, public sector responses, and remote work.

• Theoretical and conceptual works that predate the pandemic but provide essential frameworks, including Bourdieu’s theory of capital, world-systems theory, and classic institutionalist studies.

• Post-pandemic reports and analytical studies that discuss emerging risk practices in areas such as enterprise risk management, tourism recovery, and digital security.

Focusing on recent studies ensures that the article addresses current practices and debates while still grounding them in long-standing theoretical traditions.

3.2 Analytical Procedure

The analytical procedure followed three stages:

1. Mapping: Identification of key themes in post-pandemic risk management, such as resilience, supply chain risk, digital vulnerabilities, employee well-being, and tourism recovery.

2. Theoretical framing: Application of Bourdieu’s capital, world-systems theory, and institutional isomorphism to interpret how these themes are shaped by structural forces and social dynamics.

3. Synthesis: Development of an integrated narrative that links concrete practices (e.g., scenario planning, remote work policies, sustainability measures) with broader patterns of capital distribution, global inequality, and institutional convergence.

This conceptual methodology allows the article to propose a holistic understanding of risk management that can inform both future research and organizational practice.

4. Analysis

4.1 From Risk Avoidance to Resilience and Learning

One of the most significant shifts in the post-pandemic period is the move from risk avoidance to resilience and learning. Before the pandemic, risk management systems often emphasized compliance and prevention: identifying threats, assigning probabilities, and implementing controls to stop them from occurring.

The pandemic showed that certain risks—global health emergencies, large-scale climate events, geopolitical shocks—cannot be fully prevented or predicted. Instead, organizations need structures that enable them to respond quickly, absorb shocks, and learn. This has led to:

• Stronger emphasis on business continuity management, including backup locations, diversified suppliers, and flexible staffing.

• Development of organizational resilience frameworks that highlight monitoring, anticipation, response, and learning as key capabilities.

• Recognition that soft factors—leadership, communication, psychological safety, and trust—are as important as formal procedures in crisis performance.

From a Bourdieusian perspective, this shift reflects a revaluation of different forms of capital: cultural and social capital (knowledge and networks) become as crucial as economic capital; symbolic capital (trust and legitimacy) becomes central in risk communication and compliance.

4.2 Supply Chain and Operational Risk

Global supply chains were among the most visibly affected systems during the pandemic. Factory closures, port congestion, transport restrictions, and sudden demand spikes created shortages in sectors ranging from medical supplies to semiconductors and food.

Post-pandemic risk practices in supply chains include:

• Multi-sourcing and nearshoring to reduce dependency on single suppliers or distant regions.

• Investment in digital visibility tools, such as real-time tracking and integrated data platforms, to detect disruptions early.

• Increased attention to supplier resilience, including financial stability, health and safety standards, and contingency planning.

• Integration of sustainability and social criteria into supplier evaluation, recognizing that poor working conditions or weak environmental practices can create reputational and regulatory risks.

World-systems theory helps explain why these changes are uneven. Core firms with more resources can diversify suppliers, invest in technologies, and redesign networks, while small firms or those in peripheral regions may remain locked into fragile positions.

Institutional isomorphism is visible in the adoption of similar supply chain risk frameworks, standards, and certifications across industries. Large buyers often impose their risk expectations on smaller suppliers, spreading new practices through coercive and normative pressures.

4.3 Human Capital, Remote Work, and Psychosocial Risk

The rapid expansion of remote work and hybrid models transformed organizational risk landscapes. While remote work helped sustain operations, it brought new challenges: digital overload, blurred boundaries between work and home, inequality of access, and increased psychosocial stress.

Post-pandemic risk management increasingly includes:

• Assessment of employee well-being, burnout risk, and mental health, recognizing that human capital is both vulnerable and central to resilience.

• Policies on flexible work, ergonomic support, and digital disconnection to prevent chronic stress.

• Training in digital collaboration tools and cybersecurity practices for employees working from home.

• Development of inclusive policies to avoid widening inequalities between workers who can and cannot work remotely.

From Bourdieu’s perspective, remote work reconfigures the distribution of cultural and social capital. Workers with high digital skills and strong networks may thrive, while those with limited access to technology or less comfortable home environments may be disadvantaged. Organizations are learning that managing these inequalities is itself a form of risk management.

4.4 Digital and Cyber Risk

The shift to online services, cloud computing, and remote operations significantly expanded digital exposure. Cyberattacks against hospitals, universities, small businesses, and critical infrastructure increased during and after the pandemic, making cyber risk one of the most prominent concerns in the post-pandemic world.

Emerging practices include:

• Integration of cybersecurity into enterprise risk management, treating it as a strategic rather than purely technical issue.

• Regular penetration testing, encryption, and multi-factor authentication.

• Investment in employee awareness training, recognizing that many incidents begin with human error or social engineering.

• Development of incident response plans that combine technical containment with communication, legal, and reputational strategies.

Digital risk management reflects all forms of capital: economic capital for technology investments, cultural capital for technical and analytical skills, social capital for coordinated responses across departments and partners, and symbolic capital when organizations need to restore trust after breaches.

4.5 Tourism and Service Sector Risk

The tourism sector experienced extreme disruption, with border closures, travel bans, and changes in consumer confidence. Post-pandemic risk management in tourism and related services focuses on:

• Health and hygiene protocols to reassure visitors and workers.

• Flexible booking and cancellation policies, reducing perceived risk for customers.

• Diversification toward domestic and regional tourism, reducing dependence on long-haul markets.

• Greater investment in digital marketing and experience design, including virtual tours and online engagement.

For tourism-dependent economies, especially in semi-periphery and periphery regions, these practices are directly tied to survival. World-systems theory helps explain why many such destinations face a double vulnerability: they are highly exposed to global travel disruptions but have limited fiscal space to support businesses during crises.

Institutional isomorphism is evident in the widespread use of similar health labels, safety certifications, and “safe travel” standards promoted by governments and industry organizations. While these can help rebuild trust, they can also pressure smaller firms to adopt procedures that are costly or complex relative to their capacities.

4.6 Public Sector, Higher Education, and Multi-Level Governance

Governments, public agencies, and universities were at the front line of the pandemic response. In the post-pandemic setting, public sector risk management faces expectations of transparency, coordination, and preparedness for future crises. Practices include:

• Establishing or strengthening national risk assessment and crisis coordination bodies.

• Developing whole-of-society approaches that involve public, private, and civil society actors.

• Investing in data systems for health surveillance, mobility monitoring, and early warning.

• Reviewing legal frameworks to balance public health, privacy, and economic freedoms.

Higher education institutions, in particular, managed rapid transitions to online teaching, accommodation closures, and international student disruptions. Post-pandemic, many universities are institutionalizing hybrid teaching models, rethinking campus risk, and revising crisis communication strategies.

Institutional isomorphism is highly visible here: universities around the world adopted similar measures, guided by governmental directives, accreditation bodies, and professional networks.

4.7 Culture, Power, and the Politics of Risk

Beyond specific techniques, the post-pandemic world has stimulated reflection on the politics of risk. Decisions about lockdowns, vaccine distribution, mask mandates, school closures, and border restrictions all involved value judgments and trade-offs.

Bourdieu’s concepts help highlight whose voices counted in risk debates. Groups with more cultural and symbolic capital—scientific experts, large employers, major media outlets—had greater influence over the definition of acceptable risk. At the same time, communities with less economic and social capital often bore disproportionate burdens, from job loss to health risks.

World-systems theory underscores similar patterns at the global level, where core countries had more access to vaccines, protective equipment, and digital infrastructure. Peripheral regions sometimes faced prolonged waves of infection and slower recovery.

The post-pandemic development of risk management, therefore, cannot be reduced to neutral technical improvements. It is also a struggle over how risks and protections are distributed across different groups and regions.

5. Findings and Discussion

The conceptual analysis, informed by recent literature and sociological theory, leads to several interrelated findings about risk management in the post-pandemic world.

5.1 Risk Management Has Shifted Toward Resilience and Adaptation

Organizations increasingly recognize that not all crises can be avoided. Risk management is evolving into a discipline of resilience: the ability to withstand shocks, maintain core functions, and adapt under stress. This involves both structural measures (redundancy, diversification) and cultural elements (learning, openness, psychological safety).

5.2 Multiple Forms of Capital Determine Risk Capacity

Bourdieu’s framework reveals that resilience is strongly linked to how economic, cultural, social, and symbolic capital are distributed. Organizations with strong financial reserves, expert staff, cohesive internal networks, and trusted reputations are better positioned to manage crises. Efforts to enhance risk management should therefore include investment in skills, relationships, and legitimacy, not only systems.

5.3 Global Inequalities Shape Exposure and Recovery

World-systems theory shows that the ability to manage risk is unequally distributed across the global system. Core countries and large firms have more options for diversification, digitalization, and financial support. Peripheral regions and small organizations often face higher vulnerability and slower recovery. Post-pandemic risk management cannot ignore these structural inequalities.

5.4 Convergence of Practices Brings Both Benefits and Risks

Institutional isomorphism has led to widespread adoption of similar risk frameworks, standards, and protocols. This can raise minimum standards, support cross-border cooperation, and provide shared languages for risk. However, excessive convergence can also produce blind spots, groupthink, or adoption of models that are poorly suited to local conditions.

5.5 Digitalization and Remote Work Transform Risk Profiles

The rapid expansion of digital technologies and remote work has opened new avenues for resilience but also introduced new vulnerabilities. Cybersecurity, data protection, digital inclusion, and mental health are now central elements of risk management. Successful organizations treat digital risk as a strategic issue and integrate it into enterprise risk frameworks.

5.6 Human-Centered Risk Management Is Gaining Prominence

There is growing recognition that employees’ well-being, engagement, and trust are critical components of resilience. Post-pandemic risk management therefore increasingly includes psychosocial risks, workload management, flexible work arrangements, and support for mental health. This reflects a broader shift from purely financial risk indicators to more holistic views of organizational health.

6. Conclusion

The post-pandemic world has transformed our understanding of risk. The COVID-19 crisis showed that low-probability, high-impact events can materialize quickly and have global, long-lasting effects. It exposed weaknesses in traditional risk models and accelerated the evolution toward resilience-oriented, human-centered, and globally aware approaches.

This article argued that risk management practices today must be understood within broader social and structural contexts. Bourdieu’s theory of capital reveals how different forms of resources and power condition the capacity to cope with crises. World-systems theory shows that risk and resilience are unevenly distributed across the global economy, with core actors enjoying structural advantages. Institutional isomorphism explains why, in the face of uncertainty, organizations tend to converge on similar risk frameworks, for better and worse.

In practical terms, effective post-pandemic risk management requires:

• Integrating risk thinking into strategy, culture, and day-to-day operations.

• Investing in people’s skills, well-being, and networks as key resilience assets.

• Acknowledging global interdependence and structural inequalities when designing supply chains, tourism strategies, and public policies.

• Balancing the benefits of standardization with the need for context-sensitive solutions.

For scholars, the post-pandemic period offers rich opportunities to study how different forms of capital, global structures, and institutional pressures shape the evolution of risk practices across sectors and countries. For practitioners, the main lesson is clear: in the twenty-first century, risk management is not only about defending against threats; it is also about building resilient organizations and societies capable of learning, adapting, and transforming in the face of uncertainty.

Hashtags

1. #RiskManagement

2. #PostPandemicWorld

3. #OrganizationalResilience

4. #EnterpriseRisk

5. #SupplyChainResilience

6. #DigitalTransformation

7. #CrisisManagement

References

• Bourdieu, P. (1986). The forms of capital. In J. Richardson (Ed.), Handbook of Theory and Research for the Sociology of Education (pp. 241–258). Greenwood.

• Fabiano, B. (2024). Lessons learned from COVID-19 towards resilience of complex industrial systems. Chemical Engineering Transactions, 111, 241–248.

• Galleli, B., et al. (2022). Sustainable development goals, COVID-19 and institutional pressures on organizations. RAUSP Management Journal, 57(4), 321–335.

• Guo, Y., et al. (2025). Supply chain resilience: A review from the inventory management perspective. Journal of Industrial and Business Economics, 52(2), 187–210.

• Jidda, D., et al. (2025). Enterprise risk management, resilience capability and supply chain performance. SAGE Open, 15(1), 1–18.

• Marín, A., et al. (2016). Social capital in post-disaster recovery trajectories. Global Environmental Change, 38, 153–164.

• Morsut, C., & Kruke, B. (2022). Linking resilience, vulnerability, social capital and risk governance. Journal of Contingencies and Crisis Management, 30(3), 227–238.

• Okeke-Uzodike, O. E., et al. (2025). Resilience during crisis: COVID-19 and the new age of remote work. Administrative Sciences, 15(3), 92–115.

• Qiao, G., et al. (2023). Risk management of tourism in the post-COVID-19 era: A systematic review. Risk Management and Healthcare Policy, 16, 1437–1450.

• Riepl, J. (2024). Risk management during the COVID-19 crisis: The role of social and informal controls. Finance and Stochastics Review, 28(2), 201–225.

• Ringsmuth, A. K., et al. (2022). Lessons from COVID-19 for managing transboundary systemic risks. Environmental Science and Policy, 128, 113–122.

• Ruel, S., et al. (2023). Organizational legitimacy, institutional isomorphism and digitalization of supply chains under COVID-19 uncertainty. Transportation Research Part E: Logistics and Transportation Review, 177, 103209.

• Uekusa, S. (2018). Rethinking resilience: Bourdieu’s contribution to disaster research. Disaster Prevention and Management, 27(1), 19–31.

• Wallerstein, I. (1974). The Modern World-System I: Capitalist Agriculture and the Origins of the European World-Economy in the Sixteenth Century. Academic Press.

• World Economic Forum. (2022). Refreshing resilience: From COVID-19 lessons to a whole-of-society response. In Global Risks Report 2022 (Chapter 6).

• Yoshikuni, A. C., et al. (2023). Information systems, analytics and strategic flexibility in management accounting and risk. International Journal of Accounting and Information Management, 31(3), 411–432.