The current issue and full text archive of this journal is available on Emerald Insight at:

https://www.emerald.com/insight/2059-5891.htm

VJIKMS
54,3 Mitigating knowledge-sharing
risks among ICT knowledge
workers in the government sector
616 Zainab Al-Ajmi and Kamla Ali Al-Busaidi
Information Systems Department, College of Economics and Political Science,
Received 28 June 2021 Sultan Qaboos University, Muscat, Oman
Revised 30 January 2022
Accepted 18 February 2022

Abstract
Purpose – This study aims to assess the knowledge-sharing risks and controls in the government sector
from the knowledge workers’ perspective.
Design/methodology/approach – This qualitative study combines two techniques. First, the study
uses the Delphi technique to identify the risks and rank them. Second, the study used a follow-up interview
approach to identify the needed controls to mitigate these identified risks.
Findings – The Delphi study revealed the top knowledge-sharing risks are related to organizational and
individual risks. Furthermore, the study identified the top controls that needed to mitigate these identified
risks from technology, process and people dimensions. The study findings suggested that implementing
controls on people and processes is the most important, and the focus must be on them, especially in the
government sector.
Originality/value – The study offers several practical implications for the government sector to establish
a knowledge-sharing risks management strategy. Such study has been given little attention in previous
research, especially in developing countries.
Keywords Knowledge sharing, Knowledge workers, Knowledge-sharing risk,
Knowledge-sharing control, Government sector, Delphi technique
Paper type Research paper

1. Introduction
Knowledge is considered to be one of the most important competitive and strategic assets; it
is an enabler for improving the economy and the development of society. It also allows
organizations and people to learn from the skills and previous experiences of others, which
can greatly improve work performance (Connelly et al., 2014). Knowledge should be
managed and shared, especially knowledge within the minds of people (the tacit knowledge).
Among several knowledge management (KM) processes, knowledge sharing (KS) is
considered to be the most vital (Al-Busaidi and Olfman, 2017).
KS is the process through which knowledge is communicated to other individuals (Bock
et al., 2005). KS is a critical aspect of organizational effectiveness (Simeonova, 2018) and
operational efficiency (Al Yami et al., 2021). However, KS is a challenging process in
organizations because, first, the nature of tacit knowledge makes it difficult to share, and,
second, KS is a voluntary activity, and sharing knowledge with another organization may
add complexity to the KS process (Al-Busaidi and Olfman, 2017; Halisah et al., 2021), but it is
VINE Journal of Information and
Knowledge Management Systems
critical to enhancing the organization’s competitiveness.
Vol. 54 No. 3, 2024
pp. 616-637
However, the challenge in KS is how to manage the risks associated with it. KS requires
© Emerald Publishing Limited the identification of risks and mitigation controls to assess those risks (You et al., 2005). Risk
2059-5891
DOI 10.1108/VJIKMS-06-2021-0102 mitigation measures can influence the success (Viswanathan et al., 2020).
 Because government organizations and several private-sector organizations are in Mitigating
knowledge-intensive environments, knowledge risk awareness should be highlighted (Cong knowledge-
and Pandya, 2003). However, there is a difference between KS in the government sector and
sharing risks
the private sector. Employees in the government sector may resist sharing knowledge
because it lessens their power and control (Liebowitz and Yan, 2004; Al Yami et al., 2021;
Zenk et al., 2022) or be afraid of being misunderstood or not adding value (Lartey et al.,
2021). Also, organizational inertia in public sector organizations negatively affects KM 617
practices adoption (Ashok et al., 2021). In addition, government sector organizations
consider knowledge to be an important asset. Knowledge is considered to be a central
resource to governments to be effective (Cong and Pandya, 2003), and KM processes had a
significant effect on the operational efficiency of the public sector (Al Yami et al., 2021).
Furthermore, the structure and culture of the government organizations are considered to be
compartmentalized. Thus, KS can be more challenging for government organizations than
private sector organizations.
The identification and management of the risks associated with knowledge are crucial to
promoting KS in a government sector because little has been done on this sector compared
to the private sector. A literature review shows that most studies on KS have focused on the
private sector (Kim and Shim, 2019). Furthermore, many public sectors still are struggling in
effectively implementing KM practices in comparison to the private sector (Ganapathy et al.,
2021).
Therefore, the overall objective of this study is, first, to assess knowledge-sharing risks
in a government sector and, second, to assess the controls that mitigate these risks. This
study will attempt to answer the following questions:

Q1. What are the key knowledge-sharing (individual and organizational) risks in the
government sector?
Q2. What are the key knowledge-sharing controls (technology, processes and people)
that mitigate the risks in the government sector?

2. Background literature
2.1 Knowledge sharing in government sector
The government sector is a sector that is controlled and funded by governments. It delivers
government programs, services and goods, but is pressured to reduce operational costs and
waste of resources (Al Yami et al., 2021). KS between workers has a significant impact on the
work performance in both government and private sectors. KS improves organizational
effectiveness (Simeonova, 2018) and operational efficiency (Al Yami et al., 2021). However,
the government sector organizations are different from ones in the private sector from many
perspectives: First, the organizational goals in the government sectors are hard to measure
and more inconsistent than in the private sector; the organizational goals are affected by
political influences (Willem and Buelens, 2007). Second, bureaucracy and authority bounded
by the rules and regulations result in organizational inertia in public sector organizations,
and a lack of understanding of this challenge on KM practices results in failed
implementation (Ashok et al., 2021). Third, the structure and culture of the government
organizations are considered to be compartmentalized.
In the government sector, employees resist sharing knowledge (Al Yami et al., 2021),
because they believe sharing may lessen their authority, power and control which may lead
to a negative impact on their careers (Liebowitz and Yan, 2004). Public sector employees also
VJIKMS may resist sharing knowledge if they are worried about being misunderstood or if they feel
54,3 that their knowledge will not be used adequately (Lartey et al., 2021).
To have a proper knowledge-sharing environment, awareness of knowledge-sharing
risks should be highlighted (Cong and Pandya, 2003). In the public sector, if knowledge
workers’ perceived control in KS is high compared to the risks involved, the intention to
share knowledge increases (Turyahikayo et al., 2021). Inter-organizational knowledge
618 sharing (IOKSS) includes technical, strategic and behavioral views (Aljafari and Sarnikar,
2009). Knowledge may be shared outside the organizational boundaries, which is why
knowledge protection is critical (Gold et al., 2001).

2.2 Knowledge-sharing risk management

The International Standards Organization (ISO) defines risk management (RM) as a set of
arranged activities implemented to direct and control risk (ISO, 2009). The Institute of Risk
Management (2018) defines RM as a process used methodically by organizations to address
the risks associated with the organization’s activities, with the purpose of achieving
continuous benefits from each activity. RM requires executives to first assess outcome risk
from an exposure, and one of the classic motivations for corporate RM is the necessity to
mitigate the effects of risks or constraints on the firm’s ability and performance (Bodnar
et al., 2019). According to ISO, RM has five stages (ISO, 2009): establishing the context, risk
identification, risk analysis, risk evaluation and risk response. Risk mitigation measures can
influence success (Viswanathan et al., 2020).
The below sections and related tables present a literature review for knowledge sharing
risks (KSRs) and knowledge-sharing controls (KSCs).
2.2.1 Knowledge-sharing risks. The ISO defines RM as a set of arranged activities
implemented to direct and control risk (ISO, 2009). The Institute of Risk Management (2018)
defines RM as a process used methodically by organizations to address the risks associated
with the organization’s activities, to achieve continuous benefits from each activity. RM
requires executives to first assess outcome risk from exposure, and one of the classic
motivations for corporate RM is the necessity to mitigate the effects of risks or constraints
on the firm’s ability and performance (Bodnar et al., 2019).
According to ISO, RM has five stages (ISO, 2009): establishing the context, risk
identification, risk analysis, risk evaluation and risk response. Risk mitigation measures can
influence the success (Viswanathan et al., 2020).
The below sections and related tables present a literature review for KSR and KSC.
2.2.2 Knowledge-sharing risks. Knowledge risk is defined as being the likelihood of any
potential loss from an activity linked with the identification and protection of knowledge
that may minimize the operational benefits of any party in the organization (Perrott, 2007).
Thus, KSR refers to the likelihood of any potential loss during the knowledge-sharing
process. The risk could have a negative impact on knowledge-sharing behaviors (Ding et al.,
2013). Risk is a danger, which has to be reduced or eliminated. The best way to manage the
risks is to have a clear idea of their nature (Trkman and Desouza, 2012).
Many organizations do not have a proper explicit knowledge protection strategy; many
forms of KS bring significant competitive advantages but they also create challenges for
information and knowledge RM (Ding et al., 2013; Trkman and Desouza, 2012). In a
government sector, employees resist sharing knowledge because they believe sharing may
damage their authority, power and control, which may have a negative impact on their
career (Liebowitz and Yan, 2004).
The process of KS in one organization is surrounded by serious risks and challenges.
These risks and challenges are even greater when knowledge is exchanged between
organizations (Al-Busaidi and Olfman, 2017). There are major differences in KS within Mitigating
one organization and sharing between different ones; IOKSS could benefit both knowledge-
organizations by the integration of knowledge between firms (Al-Busaidi and Olfman,
2017). However, despite all benefits associated with sharing knowledge, it could entail
sharing risks
undesired risks at organizational levels such as knowledge leakage (Ritala et al., 2015),
knowledge spill-over (Hurmelinna-Laukkanen and Puumalainen, 2007) and knowledge
loss (Perrott, 2007).
Table 1 provides the list of KSRs that have been cited by KM literature in general. The 619
list includes 22 KS individual and organizational risks; the most common are knowledge
leakage, knowledge spill-over, knowledge hoarding, absorptive capacity, losing power,
opportunistic behavior/moral and KS efforts. For instance, several researchers (i.e.
Frishammar et al., 2015) identified knowledge leakage as one of the common KSRs. Ilvonen
and Vuori (2013) list four major risks associated with KS: the knowledge spill-over risk,
the opportunistic behavior risk, conflict with partner’s risk and losing KS efforts at
the individual level. Nguyen and Nafula (2016) discuss risks: “the learning race,” absorptive
capacity, the knowledge spill-over risk and opportunistic behavior risk. Table 1 provides the
full list of KSR highlighted in the literature.

S.no. Risk Supporting references

1 Knowledge leakage Ma et al. (2011); Ahmad et al. (2014), Ritala et al. (2015); Raza-Ullah
and Eriksson (2017)
2 Opportunistic behavior/ Aljafari and Sarnikar (2009), Howard (2010); Liu (2010), Ilvonen and
moral Vuori (2013); Nguyen and Nafula (2016)
3 Knowledge spill-over Hurmelinna-Laukkanen and Puumalainen (2007), Ilvonen and Vuori
(2013); Nguyen and Nafula (2016)
4 Knowledge hoarding Holten et al. (2016), Muqadas et al. (2017); Zenk et al. (2022)
5 Losing power Liebowitz and Yan (2004), Amayah (2013); Muqadas et al. (2017)
6 Absorptive capacity Bogers (2011), Ilvonen and Vuori (2013); Nguyen and Nafula (2016)
7 Knowledge sharing Zhang and Dawes (2006), Ilvonen and Vuori (2013); Ahrend et al.
efforts (2014)
8 Losing core competence Howard (2010), Ahrend et al. (2014)
9 Conflicat with partners Zineldin (1998), Ilvonen and Vuori (2013)
10 Financial Zhang and Dawes (2006), Top (2012)
11 Fear of criticism Bock et al. (2005), Ahrend et al. (2014); Hamza et al. (2021)
12 Stealing experts Liu (2010), Trkman and Desouza (2012)
13 Hiding behind Ahrend et al. (2014)
formalities
14 Learning race Bogers (2011), Nguyen and Nafula (2016)
15 Selling know-how to Trkman and Desouza (2012)
competitors
16 Fear of transparency Ahrend et al. (2014), Hamza et al. (2021)
17 Knowledge diffusion Aljafari and Sarnikar (2009)
18 Losing knowledge Liu (2010)
exclusive ownership
19 Imitation Bolisani et al. (2013)
20 Reducing employee’s Trkman and Desouza (2012)
role
21 Organization cultural Liu (2010) Table 1.
diversity Illustration of
22 Restrictive laws and Zhang and Dawes (2006), Ashok et al. (2021) knowledge-sharing
regulations risks
VJIKMS In public sector organizations, a major risk that hinders KM, including KS practices, is
54,3 restrictive laws and regulations which lead to organizational inertia (Ashok et al., 2021) and
financial budgetary issues (Al Yami et al., 2021). Major risks and concerns from individual
employees’ perspectives include fear of losing power (Lartey et al., 2021) and fear of
transparency (being misunderstood and criticized) (Al Yami et al., 2021; Zenk et al., 2022).
2.2.3 Knowledge-sharing risk controls. Risk control is the process whereby an
620 organization draws up and implements a set of actions to address risks; this process
includes measures to mitigate risks. The controls are divided into three elements, which are
“people,” “processes” and “technology.” Edwards (2011) investigates KM in terms of people,
processes and technology: “People” are the heart of leveraging and creating knowledge for
the competitiveness of the organization, “Technology” refers to the systems and technologies
used to support KM and “Processes” can be defined as an array of specific practices which
facilitate the flow and value of knowledge (Chan, 2017). Figure 1 illustrates how these
elements are linked together and it shows their reciprocal relationship (Edwards, 2011).
Several KSCs have been identified in the literature at people, processes and technology
(see Table 2). For instance, Liu (2010) discusses several controls on the inter-organization
knowledge networks: “Complementary knowledge’ to enhance cooperation between
members; Establish and maintain trust” to reduce opportunism risk in KS; and “Increase
specific asset input in the knowledge network” to promote cooperation among members.
Also, Trkman and Desouza (2012) list mitigation possibilities, including formal reciprocity
agreements, long-term contracts and training employees, which mitigate accident spill-over.
However, most of the KSC studies are in the private sector such as Ritala et al. (2015),
Ilvonen and Vuori (2013), Bolisani et al. (2013), Trkman and Desouza (2012), Liu (2010) and
Schmiele and Sofka (2007). Limited studies are assessed in the government/public sector.
Some of these studies include Ahrend et al. (2014), Lartey et al. (2021), Ganapathy et al.
(2021), Ashok et al. (2021) and Turyahikayo et al. (2021). Studies, such as You et al. (2005)
and Ahmad et al. (2014), investigated KSCs in general not specifically in the public sector.

3. Research direction and methodology

3.1 Research direction
Figure 2 illustrates the study direction based on the previous sections. The figure shows that
risks are categorized into individual and organizational risks, while controls are categorized
according to knowledge-sharing pillars as explained previously.

Figure 1.
KM pillars
SN Control Supporting references
Mitigating
knowledge-
1 Intellectual property rights agreement Schmiele and Sofka (2007), Bolisani et al. (2013); sharing risks
and contracts. Element: Processes Trkman and Desouza (2012)
2 Enhance trust. Element: People Liu (2010), You et al. (2005); Ahrend et al. (2014),
Ilvonen and Vuori (2013); Lartey et al. (2021)
3 Rewarding/motivation systems. Element: You et al. (2005), Ahrend et al. (2014); Bock et al.
People/Processes (2005), Nguyen and Prentice (2020); Ganapathy et al. 621
(2021)
4 Training employees. Element: People/ You et al. (2005), Trkman and Desouza (2012); Ahmad
Processes et al. (2014), Ganapathy et al. (2021)
5 Monitor the knowledge flows. Element: Ahmad et al. (2014), Desouza and Vanapalli (2005)
Processes
6 Decide limits on knowledge sharing. Ahmad et al. (2014), Desouza and Vanapalli (2005)
Element: Processes
7 User-friendly information technology. Cabrera and Cabrera (2005), Ahrend et al. (2014)
Element: Technology
8 Top management support. Element: Ma et al. (2011); Cabrera and Cabrera (2005), Ashok
People et al. (2021); Turyahikayo et al. (2021)
9 Implementation of guidelines, procedures Ahmad et al. (2014), Gold et al. (2001)
and policies. Element: Processes
10 Implement knowledge-sharing systems. Top (2012), You et al. (2005); Ahmad et al. (2014),
Element: Technology Lartey et al. (2021)
11 Force a dynamic and flexible You et al. (2005), Ahrend et al. (2014)
management. Element: Processes
12 Knowledge classification. Element: Ahmad et al. (2014), Ritala et al. (2015)
Processes
13 Legal frameworks. Element: Processes Ahmad et al. (2014), Schmiele and Sofka (2007)
14 Complex designs. Element: Processes Ilvonen and Vuori (2013), Bolisani et al. (2013)
15 Knowledge champion. Element: People You et al. (2005); Jones, Herschel, and Moesel (2003)
16 Authentication mechanisms (passwords, Ahmad et al. (2014), Anderson (2008)
encryption, firewalls). Element:
technology
17 Electronic audit systems. Element: Ahmad et al. (2014), Shedden et al. (2011)
Technology
18 Risk assessment. Element: Processes Ahmad et al. (2014), Shedden et al. (2011)
19 Enhance employees policymaking power. You et al. (2005)
Element: Processes
20 Anonymization of shared knowledge. Ahrend et al.(2014)
Element: People
21 Invest complementary knowledge. Liu (2010)
Element: Processes
22 Organization structure adjustment. You et al. (2005), Al-Alawi et al. (2007)
Element: Processes
23 Increase specific asset input in knowledge Liu (2010) Table 2.
network. Element: Processes Knowledge-sharing
24 Knowledge audit. Element: Processes Serrat (2017) controls

3.2 Identifying the key risks methodology

3.2.1 Delphi technique. The Delphi study was used to identify and rank the KSR as
recommended by ISO risk assessment methodology for prioritizing the risks (ISO, 2009).
The Delphi technique allows researchers to gather reliable data from experts who are skilled
and experienced in the related field through a strategically designed survey (Hallowell and
Gambatese, 2010). The Delphi technique can improve the validity of the research results
VJIKMS
54,3

622

Figure 2.
Study design
diagram

because of the iteration process, which aims to reach a consensus among the participant’s
experts on a specific issue (Schmidt, 1997). The most adopted format of this technique is
developed by Schmidt (1997), and which consists of brainstorming, selecting (deciding the
most important issues) and ranking. However, another trend is to skip the brainstorming
stage by identifying the list from the literature and presenting them in the selection stage for
the experts as conducted by Pare et al. (2013).
3.2.2 Expert selection and profile. An expert in a Delphi study is any individual who has
knowledge and experience in a relevant topic; thus, purposive sampling is applied according
to their knowledge in the area being investigated (Schmidt, 1997). The panel size of Delphi
study can range from 4 to 3,000 (Thangaratinam and Redman, 2005).
The information and communication technology (ICT) experts from 13 government
organizations were invited to participate in this study. Initial invitation to participate in this
study was sent to all government organizations; however, 13 organizations approved to
have their ICT workers participate in this study. ICT professionals have significant
importance in their role in the organization regarding activities such as KS, organizational
learning and KM; first, sharing knowledge between professionals and users and, second,
sharing knowledge between other units (Eurostat Statistics Explained, 2018). Oman’s long-
term vision and national strategy emphasized on the development of the knowledge and
digital economy, and the development of ICT (Al-Busaidi, 2020). The eOman strategy is
another of the ITA efforts to transform the Sultanate into a digital society and ICT
ecosystem (Information Technology Authority of Oman, 2022). Thus, ICT is a key pillar for
Oman’s digital transformation, and sharing practices and trends among government
employees is critical. Identifying problems and challenges, and creating a plan for a
continuous development, is key success factor of digital transformation (Oman Portal, 2022).
Table 3 presents the participants’ profile of the Delphi study. About 40 participants
participated in Round 1 of the Delphi study.
3.2.3 Delphi data collection. The Delphi technique requires at least two numbers of
rounds (Thangaratinam and Redman, 2005). Round 1, the selection round, is conducted
through a questionnaire, which also includes demographic questions such as age and
gender. An initial list of items was generated through the literature review presented in
Table 1; 21 risks were listed with their definitions and each one was given a score from 1 to 5
on the Likert scale (1 = not at all important, 2 = slightly important, 3 = neutral, 4 =
moderately important and 5 = extremely important); this step was a replacement for a
brainstorming process; the same approach having been used by Pare et al. (2013).
 Delphi frequency Interviews frequency
Mitigating
(n = 40) (n = 10) knowledge-
sharing risks
Gender
Female 17 4
Male 23 6
Age
20–30 years old 6 2
623
30–40 years old 29 6
40–50 years old 5 2
Education
Bachelor’s degree 28 2
Master’s degree 9 7
PhD degree 3 1
Job position
Senior Network Engineer 10 3
Senior Programmer 6 1
Table 3.
Senior Network Administrator 3 2
Senior Specialist IS 7 1 Delphi and
Senior Information Security Engineer 8 1 interviews
Electronic Services Supervisor 5 1 participants profile
Senior Server Engineer 1 1 participants’ profile

The second round (Round 2) is to rank the top selected items (based on the risks selected in
previous round). In this round, the idea is to narrow down the list of items to a reasonable
number that has been identified by the participants in Round 1.

3.3 Identifying the key controls methodology

3.3.1 Interview data collection. The second objective of this research is achieved by using a
qualitative semi-structured interview, which is a type of interview that has key questions
that help the interviewer to identify the areas that need to be covered during the session
(Gill et al., 2008). Interviews help the researcher to obtain an in-depth understanding about a
specific phenomenon. Therefore, interviews are most appropriate when there is already a bit
known about the situation (Gill et al., 2008). The validity of the interviews was assessed
based on face validation and pretesting. Pretesting is the process of validating instrument
and its measures; expert-driven pre-tests are crucial when assessing the face validity and
construct validity (Ruel et al., 2016).
The objective of the interview was to validate the Delphi study’s risks results and to
investigate what types of controls are needed to mitigate these risks. Thus, in addition to
demographic questions, a question was developed for each risk. Examples of these
questions are: “Do you think presence of restrictive laws and regulations could be a risk to
KS? If yes, how could it be mitigated and controlled? In qualitative interviews, open-ended
questions should be asked to obtain more details about the topic (Gill, Stewart, Treasure,
and Chadwick, 2008). The participants were encouraged by the interviewer to answer freely
and give their perceptions. The key knowledge-sharing (technology, processes or/and
people) controls mapped to the top ten risks.
The secondary source of data is the use of different articles, papers and theses through
accessing academic databases. The purpose of using this source is to gather and analyze
previously discussed information about the topic.
VJIKMS 3.3.2 Interview sampling. Purposive sampling, the most appropriate in qualitative
54,3 research, was used to interview the participants (Lambert and Lambert, 2012). Creswell and
Creswell (2017) recommend having four to five participants when combined with other
methods, and minimum sample size of ten participants. Table 3 presents a summary of the
ten interview participants and their profiles. The participants of the interviews are the only
ten participants of the Delphi study who accepted to participate in the follow-up interview.
624 Sampling is actually commonly used in qualitative research, where selected participants are
chosen to participate in a relevant study according to their characteristics, and researchers
choose participants according to their accessibility or their willingness to be part of the
study (Anderson, 2010).

4. Data analysis and results

4.1 Delphi study risks analysis
Round 1 of Delphi technique is conducted by providing participants with a list of pre-
defined KSRs based on the literature review findings. The participants were requested to
rate the risks based on their importance on a scale of one to five points using Likert scale
method. The results were analyzed by averaging weighted responses for each score. The
researcher then selected the top 16 risks to be ranked in Round 2 of the Delphi study based
on the top rating average (3 and above on a scale of 5).
Round 2 of Delphi study was the ranking stage, where participants rank the most
important items (Schmidt, 1997). Participants were required to avoid ties at this stage. This
round was analyzed by reporting the average rank score. Table 4 illustrates the Delphi
technique rounds analysis. The top ten ranked KSRs are majority organizational-level risks
in addition to individual risks: restrictive laws and regulations; core competence-losing risk;
fear of transparency; financial risk; KS (losing individual efforts); absorptive capacity;

Round 2: Ranking analysis Round 1: Selection analysis

Rank Risk AVG rank Order Risk AVG score

1 Restrictive laws and 4.95 1 Restrictive laws and 3.95

regulations regulations
2 Core competence-losing risk 6.33 2 Knowledge leakage 3.70
3 Fear of transparency 6.62 3 Fear of transparency 3.7
4 Financial risk 7.43 4 Knowledge spill-over 3.65
5 Knowledge sharing 7.57 5 Core competence losing risk 3.58
(losing individual efforts)
6 Absorptive capacity 7.71 6 Opportunistic behavior 3.53
7 Opportunistic behavior 7.86 7 Knowledge-sharing efforts 3.43
(losing individual level)
8 Organization cultural 8.00 8 Organization cultural diversity 3.38
diversity
9 Knowledge spill-overs 8.38 9 Knowledge diffusion 3.35
10 Knowledge leakage 8.67 10 Absorptive capacity 3.3
11 Financial risk 3.3
12 Stealing experts from other 3.3
firms
13 Conflict with partners 3.25
14 Learning race 3.2
15 Imitation 3.08
Table 4. 16 Selling know-how to 3.03
Delphi study results competitors
opportunistic behavior; organization cultural diversity; knowledge spill-overs; and Mitigating
knowledge leakage. knowledge-
sharing risks
4.2 Controls interview analysis and discussions
4.2.1 Controls interview analysis. The objective of this section is to identify the KSCs based
on the previous Delphi study. The objective of this part was achieved by follow-up questions
on the importance of the ten risks found in the previous Delphi study, followed by questions 625
about mitigation controls for each of the ten top-ranked risks.
In this study, interviews were transcribed and documented, as many of the participants
refused to be recorded in the interviewing session, which lasted for 45 min. Based on the
systematic literature review, the interview direction was developed based on three controls
elements/themes: processes, technology and people. Participants were requested to discuss
all processes, technology and people controls that are needed to mitigate each of the ten
investigated IOKSS risks. Data collected has been analyzed using a deductive thematic
analysis approach. This approach is a process where themes are identified through the
reading of the existing data (Rice and Ezzy, 1999). It is a form of patterns where the data
analysis is based on categories (Fereday and Muir-Cochrane, 2006). The thematic analysis
approach requires coding; it involves capturing an important attribute and encoding it prior
to a process of clarification. Encoding data is important because it is a tool to organize
similar segments of related text and it helps in interpretation (Rice and Ezzy, 1999; Fereday
and Muir-Cochrane, 2006). For this research, the codes were defined according to KM pillars
which are people, processes and technology. As indicated in the methodology, the secondary
source of data (literature review on controls – Table 2) was used to help deduct controls
related to these themes.
4.2.2 Controls interview findings and discussion. Table 5 illustrates risks and controls
matrix. Controls are not mutually exclusive. Each risk can be mitigated by several process,
people and/or technology controls. The controls which are in bold font represent the most
highlighted ones by the participants. Table 5 illustrates the key knowledge-sharing
(technology, processes or/and people) controls mapped to the top ten risks.
Risk 1: Restrictive laws and regulations – Being subject to restrictive legal policy or
regulations, knowledge workers may fear the risk of committing legal violations by sharing
knowledge. Legislation may limit the development of collaboration (Zhang and Dawes,
2006).
The top participants’ identified controls to mitigate this risk are related to process
controls, including legal frameworks (60%), implementation of guidelines, procedures and
policies (40%), knowledge classification (40%) and enhanced employee’s policymaking
power (30%); other identified processes controls are risk assessment (20%), decide limits on
KS (20%), monitor knowledge flows (20%) and knowledge audit (10%). Identified people
controls include training (30%) and top management support (10%).
On this risk and its controls, Participant 8 stated, “There is always a lack of clear laws
and regulations. There is a need for flexible laws and regulations which can be modified
for each government sector.” Participant 5 stated, “Knowledge sharing will be limited
because of the fear of sharing more knowledge than is required. ‘Classification of
knowledge’ is important for knowing which knowledge is labelled as confidential so as not
to share it.” One participant demonstrated that “top management support” to “creating a
new culture for knowledge sharing”: “All knowledge sharing comes through people.
Organizations should set a new culture.” Comparing results to the literature, Zhang et al.
(2006) highlight this risk in their research, referring to it as legal and policy risk. They
illustrate that “Presence of legal policy or guidance to guide who can access what” can
 54,3

626

matrix
Table 5.
VJIKMS

risks and control

Knowledge-sharing
Theme R1 R2 R3 R4 R5 R6 R7 R8 R9 R10

Processes Intellectual property rights, agreement and contracts 60% 10% 20%
Implementation of guidelines, procedures and policies 40% 40% 30% 20% 10% 10% 20% 20%
Organization structure adjustment 10%
Knowledge classification 40% 10% 10% 10% 10% 20%
Monitor the knowledge flows 20% 50% 10% 30%
legal frameworks 60% 10% 10% 30% 20%
Increase Specific Asset Input in Knowledge network
Complex designs
Force a dynamic and flexible management 10% 10%
Invest Complementary Knowledge 10% 10% 20%
Enhance employees’ policymaking power 30%
Risk assessment 20% 20%
Knowledge audit 10% 20% 10% 30% 60%
Decide limits on knowledge sharing 20%
Allocate dedicated budget 50%
Non-disclosure agreement 20%
People Enhance trust 70% 80% 20% 10%
Training 30% 10% 10% 10% 10% 10% 60% 10% 60%
Rewarding 10% 20% 70%
Knowledge champion 10% 30%
Anonymization of shared knowledge 10%
Top management support 10% 10% 40% 40% 10%
Collaboration 10%
Create new culture/awareness 10% 10%
Technology User-friendly information technology 40% 10%
Authentication mechanisms 10% 30% 40%
Implement KS systems 10% 20% 10% 10% 10%
Electronic audit 10% 20% 10% 10%

Notes: R1: restrictive laws and regulations; R2: core competence losing risk; R3: fear of transparency; R4: financial risk; R5: knowledge sharing (individual
efforts); R6: absorptive capacity; R7: opportunistic behavior; R8: organization cultural diversity; R9: knowledge spill-overs; R10: knowledge leakage; %: % of
participants highlighted the specific control (listed on the table’s row) to the specific risk (listed on the table’s column). Bold controls are new controls identified by
participants
result in increasing the risks associated with KS. Specifically, six participants showed that Mitigating
this risk can be controlled through legal frameworks (e.g. non-disclosure agreements), and knowledge-
this control was also listed by Ahmad et al. (2014).
Risk 2: Core competence-losing risk – The core competence-losing risk describes how the
sharing risks
organization is responsible for protecting its own core knowledge during KS process.
Unprotected core knowledge may lead to imitation by competitors, resulting in them losing
their competitive advantage (Howard, 2010).
The top identified mitigation controls for this risks are related to “processes” controls, 627
including intellectual property rights, agreement and contract (60% of participants) and
implementation of guidelines, procedures and policies (40%). Other processes controls are
knowledge audit (20%), knowledge classification (10%), invest a complementary knowledge
(10%), in addition to “people” controls: training (10%) and technology controls such as
electronic audit systems (10%) and authentication mechanisms (10%).
On this risk and its mitigation controls, participants identified controls, Participant 7
stated, and “Knowledge-sharing systems, if used, need to be highly secured and monitored.”
Six participants have indicated that “intellectual property rights, agreement and contract” is
a mitigation control for this risk, because knowledge in this situation requires not to be
modified, and is kept as organization property. Participant 7 stated, “This risk is more
linked to private sectors because they have core knowledge about their products which they
do not want to share.”
Comparing these results to the literature, the majority, about 60% of the participants,
indicated that “intellectual property rights, agreement and contract” could control this risk
to protect the knowledge shared between parties. This control is used to mitigate
opportunistic behavior risks associated while sharing knowledge (Schmiele and Sofka,
2007). However, four participants indicated that this risk is linked more to the private sector
than to the government sector. The literature also reported this risk was mostly raised in
private sector studies as in Howard (2010).
Risk 3: Fear of transparency – Fear of transparency refers to the fear of revealing or
disclosing knowledge about operations, outcomes, performance and decisions in forms that
permit others to easily obtain the knowledge and use it (Ahrend et al., 2014).
The majority, 70% of participants, indicated this risk could be mitigated through
“people” control: enhancing the trust between employees (70% of participants); other
“people” controls are anonymization of shared knowledge (10%), top management support
(10%) and rewarding (10%). Participants’ identified processes controls include
“implementation of guidelines, procedures and policies” (30%), knowledge classification
(10%) and forcing dynamic and flexible management (10%) in addition to “implementation
knowledge-sharing systems” (10%) technology control.
On this risk and its mitigation controls, Participants 2 and 5 suggested non-disclosure
agreements to mitigate this risk when knowledge is exchanged with an external party.
Participant 4 stated, “The organization can restrict the access of people to classified
knowledge.” She suggested “implementation knowledge sharing systems” and “knowledge
classification.” Ahrend et al. (2014) highlighted this risk and linked it to employees being
judged and criticized, because of socialization issues, and the organizational culture. In
comparison, most of the participants linked this to restrictive laws and regulations they face
in the government sector.
Risk 4: Financial risk – The lack of dedicated and reliable funding may stop knowledge-
sharing projects (Zhang and Dawes, 2006). About 50% of the participants indicated this risk
is not an important one and does not affect KS. Participant 3 stated, “Not very high risk
because the most important factor for knowledge sharing is people.” On the other hand, 50%
VJIKMS of the participants indicated this risk could be mitigated through “processes” control
54,3 specifically “dedicated budget.” Only 10% of participants indicated people control: training.
On this risk and reported controls, Participant 4 stated, “Financial support should be
included in one of the top guidelines for the progress of the organization in terms of KM
projects.” Participant 6 stated, “Dedicated budget for knowledge sharing projects for
example KS systems.” Participant 10 stated, “This risk will affect technology if the
628 organization is planning to have KS systems and train people.” Comparing these results to
the literature, similarly, Zhang et al. (2006) illustrated how financial risk could be an obstacle
in knowledge-sharing projects because of lack of dedicated and reliable funding.
Risk 5: KS (individual efforts) – These are efforts and commitments invested in the KS
process; reducing commitment reduces the likelihood of the success of KS projects (Zhang
and Dawes, 2006). Knowledge workers may not share knowledge because of the risk of
losing efforts.
The top participants’ identified controls for this risk include people control [top
management support (40% of participants)] and technology controls [such as user-friendly
information system (40%)]. Other processes controls are rewarding (20%), training (10%)
and knowledge champion (10%); technology control KS systems (20%); processes controls
organization structure adjustment (10%); and force dynamic and flexible management
(10%). Moreover, 20% of the participants declared that this risk was not a high risk to them.
On this risk and its controls, Participants 2, 3, 4 and 8 suggested that user-friendly
information technology could mitigate this risk because it will make KS easier. Seba et al.
(2012) indicated that time allocation could be a serious obstacle in KS because knowledge
workers may not have limited time. Participant 2 stated, “Top management should set rules
in order to organize proper time schedules for knowledge-sharing sessions”; Participant 4
stated: “Motivate people to share knowledge and conduct competitions where people can
become champions in sharing knowledge and get rewarded for it.” Participant 10 added a
new control which is “clear vision and plan.” These results were similar to Cabrera and
Cabrera (2005) and Al-Busaidi (2014).
Risk 6: Absorptive capacity – Absorptive capacity is a risk associated with KS (Bogers,
2011; Ilvonen and Vuori, 2013). It refers to the ability of an organization to recognize the
value of new external knowledge and align it with its own innovations.
If the absorptive capacity of the partner is considered to be low, then the KS will be less.
The top participants’ identified control is related to processes controls specifically:
monitor knowledge flows (50%); other processes controls were implementation of
guidelines, procedures and policies (20%); invest complementary knowledge (10%),
knowledge audit (10%) and legal frameworks (10%) in addition to people control [training
(10%)]. About 20% of the participants declared that this did not pose a very high risk,
especially in sharing knowledge in general IT and as an IT expert.
On this risk and its identified mitigation controls, Participant 4 highlighted “Monitoring
knowledge flows to see the benefits of the new knowledge and how it can be managed.”
Participant 3 stated that “the risk is external. Knowledge may not be compatible with our
environment, especially in IT,” and highlighted “investing in complementary knowledge” as
it plays a role in sharing general experiences and best practices with others. Participant 5
focused on training to make employees use external knowledge without affecting the quality
of current work, and make them aware of the knowledge classification. In comparison,
Ahmad et al. (2014) suggested that “monitoring knowledge flow” control could mitigate
“KSR.”
Risk 7: Opportunistic behavior – Opportunistic behavior is defined as being self-interest
behaviors with deception which lead to deceit-orientated promises; opportunistic behavior
could fail the process of KS when one partner tries to obtain more benefits than the other Mitigating
(Ilvonen and Vuori, 2013). knowledge-
The top identified control for this risk is “enhancing trust” (80%) people control. Other
controls identified by participants to mitigate this risk includes “knowledge audit” (30%),
sharing risks
“electronic audit systems” (30%), “monitor knowledge flow” (20%), “knowledge
classification” (10%), “legal frameworks” (10%), training (10%) and “implementation of
guidelines, procedures and policies” (10%). Participants 9 and 10 suggested new controls:
job stability and supporting culture (Participant 9) and a forum to record all tacit knowledge 629
(Participants 10).
On this highlighted risk and controls, Participant 2 stated: “We face this risk mostly
when we have knowledge-sharing sessions with vendors.” Trust must be enhanced between
government sector employees and IT vendors to create proper KS. Participant 4 added
“conduct knowledge audits to ensure accuracy of knowledge shared.”
Participant 7 stated, “It’s a risk which can affect the organization’s reputation” and
should be mitigated by implementing “knowledge-sharing systems” and “electronic audit
systems.”
In comparison to the literature, 80% of the participants illustrated that this risk could be
controlled through enhancing trust, similar to Loebbecke et al. (2016), Ilvonen and Vuori
(2013), Al-Alawi et al. (2007) and You et al. (2005).
Risk 8: Organization cultural diversity – Organization cultural diversity refers to how a
different enterprise culture and different working habits and mindset could raise a
communication problem in a knowledge network, and this could be a risk to KS (Liu, 2010).
The top identified mitigation controls are people controls, including “rewarding” (70% of
participants) and training (60%). Other identified people controls are “top management
support” (40%), “knowledge champion” (30%), “enhance trust” (20%) in addition to
“implementation of guidelines, procedures and policies” (10%) processes control and “user-
friendly information technology” (10%) control.
On this risk and its identified controls, Participant 3 stated, “People from different
cultures have different mind-sets. Knowledge-sharing systems in this situation will make
knowledge sharing easier.” Liu (2010) described how diversity could raise a communication
problem in the knowledge network. Participant 6 added: “the responsibility of management
is to create a healthy working environment for all people despite their differences.” In
comparison to the literature, the majority (70%) of the participants illustrated that this risk
could be controlled through “rewarding.” Ahrend et al. (2014) and Al-Busaidi et al. (2010)
also indicated “rewarding” as being a tool to motivate people to share knowledge.
Risk 9: Knowledge spill-over – Knowledge spill-over refers to knowledge being
exchanged with a third party, or knowledge which is not supposed to be shared with
another party (Ilvonen and Vuori, 2013).
The top identified control for this risk is authentication mechanisms technology control
and “legal frameworks” but by only 30% of participants, followed by “implementation of
guidelines, procedures and policies” (20%), “invest complementary knowledge” (20%),
intellectual property rights, agreement and contracts (10%), knowledge classification (10%),
knowledge audit (10%), implement KS systems by Participant 6 (10%) and electronic audit
by Participant 6 (10%).
On this risk and its controls, Participant 2 stated, “It depends on the type of knowledge; if
it’s general IT then it’s not risky, but core knowledge will be considered as a risk.” He
declared that the mitigation of this risk could only be achieved through “processes” by the
“implementation of guidelines, procedures and policies” and “legal frameworks.” Participant
2 had similar inputs to (Ilvonen and Vuori, 2013) as they explained how clear classification
VJIKMS of knowledge assets makes it clear for individuals to share knowledge. Participants 3 and 4
54,3 suggested “authentication mechanisms” and recommended “highly secured systems to
avoid the wrong people accessing the wrong folders.” Participant 6 stated, “If it’s sharing
general IT knowledge it’s not a risk, but other knowledge related to core business can be
risky.”
Risk 10: Knowledge leakage – Knowledge leakage happens mostly in IOKSS. It occurs
630 when sensitive knowledge such as strategies, policies and customer information of the
organization is breached or accessed by unauthorized people through human errors or
knowledge being available in sources which are not well protected (Ahmad et al., 2014).
The top identified mitigation control for this risk is knowledge audit processes control
(60%), authentication mechanisms technology control (40%), followed by monitor the
knowledge flows (30%), intellectual property rights, agreement and agreement (20%),
implementation of guidelines, procedures and policies (20%), knowledge classification
(20%), risk assessment (20%), legal frameworks (20%), implement KS systems (10%) and
electronic audit (10%). Participants also suggested new control: awareness sessions
(10%).
On this risks and its mitigation controls, Participant 1 stated that “this risk is not really
important in the government sector” but it can be mitigated through “monitor knowledge
flows,” “knowledge audit” and “authentication mechanisms.” Participants 3 and 5 divided
the cause of knowledge leakage into two categories: caused by people; and caused by
systems. Participant 3 suggested the “people” element to control this risk through
“awareness sessions” along with “training.”
Raza-Ullah and Eriksson (2017) described this risk as the dark side of KS because it may
cause firms to lose their valuable knowledge, and thus their competitive advantage. Ahmad
et al. (2014) explained how the implementation of technologies such as “authentication
mechanisms” could control this risk. The inputs by this researcher are similar to 40% of the
participants. All the controls indicated by Ahmad et al. (2014) were also indicated by the
participants except for “training.”
Integrating the above risks and controls results, it is clear that implementing controls on
“people” and “processes” is the most important, especially in the government sector, as
indicated in Table 5. On the other hand, “technology” controls are important too, but there is
a requirement to introduce the types of technology needed for people to share knowledge. It
is also clear that in Oman, and specifically in ICT, the knowledge workers did not seem to
recognize knowledge as power in the way that it is mentioned by other researchers in
the government sectors. This can make a difference to the mindset of the ICT knowledge
workers compared to other knowledge workers from different departments in the
government sector. This study result is similar to the findings of prior Middle Eastern
studies including Al-Alawi et al.’s (2007) study in Bahrain in both the private and public
sectors and Al-Busaidi et al.’s (2010) study in the private sector in Oman. These two studies
also highlighted that trust, management support, rewards, and information systems are
positively related to KS.

5. Conclusion
5.1 Key findings and contributions
This research aimed to identify the key KSRs and controls in the government sector from
ICT knowledge workers. The first stage of the study identified the top risks of KS from ICT
knowledge workers’ perspective. The rounds of Delphi produced the following top ten risks,
in order: restrictive laws and regulations, core competence-losing risk, fear of transparency,
financial risk, KS (individual efforts), absorptive capacity, opportunistic behavior,
organization cultural diversity, knowledge spill-overs and knowledge leakage. Because most Mitigating
of the previous studies were in the private sector, “knowledge leakage”, “knowledge knowledge-
spillovers”, and “opportunistic behavior” were highly highlighted as major risks in the
literature, as indicated in Table 1. However, this study’s results showed they were the
sharing risks
lowest-ranked risks for the public sector organizations. Sharing government resources to
enhance government services is the norm practice even from an ICT perspective as indicated
by the information technology authority of Oman (ITA, 2022).
On the other hand, the major concern and risk is “restrictive laws and regulations.”
631
Studies indicated that bureaucracy and authority bounded by the rules and regulations
result in organizational inertia in public sector organizations, which resulted in failed
implementation (Ashok et al., 2021). “Fear of transparency” and “individual efforts” are
other top risks; employees in the government sector may resist KS because they are afraid to
be misunderstood and criticized (Lartey et al., 2021), and individual perceived control is low
(Turyahikayo et al., 2021) respectively. Furthermore, “financial risk” is critical to
government organizations because these organizations are required to reduce operational
costs and waste resources (Al Yami et al., 2021).
The second stage of the study is to identify the different controls that are needed to
mitigate each of the top ten risks. Based on semi-structured interviews, the participants
highlighted different culture, processes and technology controls to mitigate the top ten risks.
Some of the most highlighted controls are processes-related controls (such as the
implementation of guidelines, procedures and policies, knowledge classification, monitor the
knowledge flows, legal frameworks, knowledge audit), culture-related controls (such as
enhance trust, training, rewarding, top management) and technology-related controls (such
as authentication mechanisms, implement KS systems and electronic audit, which were also
highlighted in the prior studies illustrated in Table 2).
Thus, this study provided an integrated perspective on KSRs and the required controls to
mitigate these risks in public sector organizations. The study also provided dimensions of
these risks and controls.

5.2 Implications
5.2.1 Theoretical implications. This study helps in fulfilling the literature gaps in identifying
knowledge risks and controls that mitigate these risks, which are under-investigated,
especially in the government sector and in the Middle Eastern developing countries.
Researchers can use this study as a foundation and build on the findings to carry out wider
research, which can cover more areas in the government sector because this study is
conducted only on ICT workers. In addition, this research study aims to contribute to KM as
a whole, by providing a study that combines KSRs and controls. Literature reviews
indicated that most knowledge-sharing studies focus on the private sector (Kim and Shim,
2019), and studies indicated that in comparison to private sector organizations, the public
sector organizations are struggling in implementing KM practice effectively (Ganapathy
et al., 2021).
5.2.2 Practical implications. The study also provides several implications for
practitioners. Practitioners in the government sector should establish knowledge-sharing
RM that includes simple and clear laws and regulations to mitigate risks. In addition, the
employees must be given the right introduction and awareness of these laws and
regulations. Because there are differences in the roles and services of each government
sector, there should be dedicated laws and regulations for each government sector based on
their roles, services and tasks.
VJIKMS KS should be embedded within the organization’s culture. As indicated by the
54,3 interviewees, it has to be supported by the top management to be successful and operational.
In addition to the above, an organization has to develop incentives mechanisms to reward
and motivate employees. Also, proper training programs must be provided to all employees
to spread awareness of KS and its value.
To promote KM in any government sector entity, several technologies, processes and
632 people controls should be established to manage risks associated with IOKSS. There
should be a well-prepared plan and a dedicated budget for such projects, which include
training employees, having knowledge-sharing systems, rewarding, etc. The
“implementation of guidelines, procedures and policies is the most highlighted control for
many risks.” The organization should involve employees in such control and make it
clear to them.
From a technology perspective, ICT knowledge workers contributed to showing a strong
will to use knowledge-sharing systems. It was clear that they felt the responsibility of
educating non-ICT knowledge workers about these systems. With the e-government
transformation, collaboration and KS in electronic services implementations are increasing;
hence, the role of ICT knowledge workers is intensifying. “Effective knowledge-sharing
strategy requires a social platform, which includes technology tools that can create a
common environment to link people and relevant resources together” (Lartey et al., 2021,
p. 5).
Finally, every government sector entity should recognize the benefits of KS for the
organization and individuals. This recognition could be introduced through awareness
sessions and meeting with KM consultants.
The study also provides several implications for practitioners. Practitioners in the
government sector should establish a KSR management that includes a simple and clear
laws and regulations to mitigate risks. In addition, the employees must be given the right
introduction and awareness to these laws and regulations. Because there are differences in
the roles and services of each government sector, there should be dedicated laws and
regulations for each government sector based on their roles, services and tasks.
Organizational culture can facilitate knowledge-sharing practice. As indicated by the
literature and this study results, top management support is critical for knowledge sharing
success. In addition, developing incentives mechanisms can motivate employees’
knowledge-sharing behaviors. Furthermore, developing a proper training program is crucial
to spread awareness of KS and its value.
To promote KM in any government sector entity, several technologies, processes and
people controls should be established to manage risks associated with IOKSS. There should
be a well-prepared plan and a dedicated budget for such projects, which include training
employees, having KS systems, rewarding, etc.
The “implementation of guidelines, procedures and policies” is the most highlighted
control for many risks. The organization should involve employees in such control and
make it clear to them.
From a technology perspective, ICT knowledge workers contributed to show a strong
will to use knowledge-sharing systems. It was clear that they felt the responsibility of
educating non-ICT knowledge workers about these systems. With the e-government
transformation, government organizations collaboration and KS in electronic services
implementations are increasing, hence the role of ICT knowledge workers is intensifying.
“Effective knowledge-sharing strategy requires a social platform, which includes
technology tools that can create a common environment to link people and relevant
resources together” (Lartey et al., 2021, pg. 5).
 Finally, every government sector entity should recognize the benefits of KS for the Mitigating
organization and individuals. This could be introduced through awareness sessions and knowledge-
meeting with KM consultants.
sharing risks
5.3 Research limitations and future work
The research was conducted only on ICT knowledge workers, and this could be the first
limitation; hence, future research should include non-ICT knowledge workers. Also, the 633
study was conducted in only one country, Oman. In addition, the study is based on a
qualitative approach. Future studies should re-investigate this issue by including more
participants, and validate the results using a quantitative approach in future studies.
Further studies can overcome these limitations and include a managerial perspective and
integrate a quantitative approach to enhance the validation of the results. Finally, future
research should compare the findings of this study with those of other Gulf and Middle
Eastern countries and other sectors.

References
Ahmad, A., Bosua, R. and Scheepers, R. (2014), “Protecting organizational competitive advantage: a
knowledge leakage perspective”, Computers and Security, Vol. 42, pp. 27-39.
Ahrend, N., Pittke, F. and Leopold, H. (2014), “Barriers and strategies of process knowledge sharing in
public sector organizations”, Paper presented at the Multikonferenz Wirtschaftsinformatik,
Paderborn, Germany.
Al Yami, M., Ajmal, M.M. and Balasubramanian, S. (2021), “Does size matter? The effects of public
sector organizational size’on knowledge management processes and operational efficiency”,
VINE Journal of Information and Knowledge Management Systems.
Al-Alawi, A., Yousif Al-Marzooqi, N. and Fraidoon Mohammed, Y. (2007), “Organizational culture and
knowledge sharing: critical success factors”, Journal of Knowledge Management, Vol. 11 No. 2,
pp. 22-42.
Al-Busaidi, K.A. (2014), “Knowledge workers’ perception of potential benefits and challenges of Inter-
Organizational knowledge sharing systems: a Delphi study in health sector”, Knowledge
Management Research and Practice, Vol. 12 No. 4, pp. 398-408.
Al-Busaidi, K.A. (2020), “Fostering the development of Oman’s knowledge economy pillars through
ICT”, VINE Journal of Information and Knowledge Management Systems, Vol. 50 No. 4,
pp. 691-714.
Al-Busaidi, K.A. and Olfman, L. (2017), “Knowledge sharing through inter-organizational knowledge
sharing systems”, VINE Journal of Information and Knowledge Management Systems, Vol. 47
No. 1, pp. 110-136.
Al-Busaidi, K.A., Olfman, L., Ryan, T. and Leroy, G. (2010), “Sharing knowledge to a knowledge
management system: examining the motivators and the benefits in an Omani organization”,
Journal of Organizational Knowledge Management, Vol. 2010 No. 1, pp. 928-935.
Aljafari, R. and Sarnikar, S. (2009), “A framework for assessing knowledge sharing risks in
interorganizational networks”, The Proceedings of the Fifteenth Americas Conference on
Information Systems, San Francisco, CA.
Amayah, A.T. (2013), “Determinants of knowledge sharing in a public sector organization”, Journal of
Knowledge Management, Vol. 17 No. 3, pp. 454-471.
Anderson, R.S. (2008), Security Engineering, (second ed. Vol. 1), Wily Publishing, IN.
Anderson, C. (2010), “Presenting and evaluating qualitative research”, American Journal of
Pharmaceutical Education, Vol. 74 No. 8, pp. 1-7.
VJIKMS Ashok, M., Al, M.S.M.A.B., Madan, R. and Dzandu, M.D. (2021), “How to counter organisational inertia
to enable knowledge management practices adoption in public sector organisations”, Journal of
54,3 Knowledge Management, Vol. 25 No. 9, pp. 2245-2273.
Bock, G.-W., Zmud, R.W., Kim, Y.-G. and Lee, J.-N. (2005), “Behavioral intention formation in
knowledge sharing: examining the roles of extrinsic motivators, social-psychological forces, and
organizational climate”, MIS Quarterly, Vol. 29 No. 1, pp. 87-111.
634 Bodnar, G.M., Giambona, E., Graham, J.R. and Harvey, C.R. (2019), “A view inside corporate risk
management”, Management Science, Vol. 65 No. 11, pp. 5001-5026.
Bogers, M. (2011), “The open innovation paradox: knowledge sharing and protection in R&D
collaborations”, European Journal of Innovation Management, Vol. 14 No. 1, pp. 93-117.
Bolisani, E., Paiola, M. and Scarso, E. (2013), “Knowledge protection in knowledge-intensive business
services”, Journal of Intellectual Capital, Vol. 14 No. 2, pp. 192-211.
Cabrera, E.F. and Cabrera, A. (2005), “Fostering knowledge sharing through people management
practices”, The International Journal of Human Resource Management, Vol. 16 No. 5,
pp. 720-735.
Chan, I. (2017), “Knowledge management hybrid strategy with people, technology and process pillars”,
in Halilem, M.N., Kobir, A. and Yuliang, C. (Eds.). Knowledge Management Strategies and
Applicationsin Mohiuddin, BoD–Books on Demand.: InTech.
Cong, X. and Pandya, K.V. (2003), “Issues of knowledge management in the public sector”, Electronic
Journal of Knowledge Management, Vol. 1 No. 2, pp. 25-33.
Connelly, C.E., Ford, D.P., Turel, O., Gallupe, B. and Zweig, D. (2014), “I’m busy (and
competitive)!’Antecedents of knowledge sharing under pressure”, Knowledge Management
Research and Practice, Vol. 12 No. 1, pp. 74-85.
Creswell, J.W. and Creswell, J.D. (2017), Research Design: Qualitative, Quantitative, and Mixed Methods
Approaches, Sage publications.
Desouza, K.C. and Vanapalli, G.K. (2005), “Securing knowledge in organizations: lessons from the
defense and intelligence sectors”, International Journal of Information Management, Vol. 25
No. 1, pp. 85-98.
Ding, Z., Ng, F.F. and Wang, J. (2013), “The mediation role of trust in knowledge sharing”, Engineering,
Construction and Architectural Management, Vol. 20 No. 6, pp. 604-619.
Edwards, J. (2011), “A process view of knowledge management: it ain’t want you do, it’s the way that
you do it”, Electronic Journal of Knowledge Management, Vol. 9 No. 4, pp. 1-10.
Eurostat Statistics Explained (2018), “ICT specialists in employment”, http://ec.europa.eu/eurostat/
statistics-explained/index.php/ICT_specialists_in_employment#General_developments_in_the_
demand_for_ICT_specialists
Fereday, J. and Muir-Cochrane, E. (2006), “Demonstrating rigor using thematic analysis: a hybrid
approach of inductive and deductive coding and theme development”, International Journal of
Qualitative Methods, Vol. 5 No. 1, pp. 1-11.
Frishammar, J., Ericsson, K. and Patel, P.C. (2015), “The dark side of knowledge transfer: exploring
knowledge leakage in joint R&D projects”, Technovation, Vol. 41, pp. 75-88.
Ganapathy, S., Mansor, Z., Ahmad, K. and Nor, M.Z.M. (2021), “Factors that discourage knowledge
management practices in the Malaysian public sector using Rasch model”, In 2021 International
Conference on Electrical Engineering and Informatics (ICEEI) (pp. 1-6). IEEE.
Gill, P., Stewart, K., Treasure, E. and Chadwick, B. (2008), “Methods of data collection in qualitative
research: interviews and focus groups”, British Dental Journal, Vol. 204 No. 6, pp. 291-295.
Gold, A.H., Malhotra, A. and Segars, A.H. (2001), “Knowledge management: an organizational
capabilities perspective”, Journal of Management Information Systems, Vol. 18 No. 1,
pp. 185-214.
Halisah, A., Jayasingam, S., Ramayah, T. and Popa, S. (2021), “Social dilemmas in knowledge sharing: Mitigating
an examination of the interplay between knowledge sharing culture and performance climate”,
Journal of Knowledge Management, Vol. 25 No. 7.
knowledge-
Hallowell, M.R. and Gambatese, J.A. (2010), “Qualitative research: application of the Delphi method to
sharing risks
CEM research”, Journal of Construction Engineering and Management, Vol. 136 No. 1,
pp. 99-107.
Hamza, M.A., Rehman, S., Sarwar, A. and Choudhary, K.N. (2021), “Is knowledge a tenement? The
mediating role of team member exchange over the relationship of big five personality traits and 635
knowledge-hiding behavior”, VINE Journal of Information and Knowledge Management
Systems.
Holten, A.-L., Robert Hancock, G., Persson, R., Marie Hansen, Å. and Høgh, A. (2016), “Knowledge
hoarding: antecedent or consequent of negative acts? The mediating role of trust and justice”,
Journal of Knowledge Management, Vol. 20 No. 2, pp. 215-229.
Howard, W.R. (2010), “Lean-Agile software development: achieving enterprise agility”, Kybernetes,
Vol. 39 No. 5, pp. 844-845.
Hurmelinna-Laukkanen, P. and Puumalainen, K. (2007), “Nature and dynamics of appropriability:
strategies for appropriating returns on innovation”, R&d Management, Vol. 37 No. 2,
pp. 95-112.
Ilvonen, I. and Vuori, V. (2013), “Risks and benefits of knowledge sharing in co-opetitive knowledge
networks”, International Journal of Networking and Virtual Organisations, Vol. 13 No. 3,
pp. 209-223.
Iso, I. (2009), 31000: 2009 Risk Management – Principles and Guidelines, International Organization for
Standardization, Geneva, Switzerland.
Jones, N.B., Herschel, R.T. and Moesel, D.D. (2003), “Using ‘knowledge champions’ to facilitate
knowledge management”, Journal of Knowledge Management, Vol. 7 No. 1, pp. 49-63.
Kim, N. and Shim, C. (2019), “Taking it personally: how to increase interorganizational knowledge
sharing in a tourist district”, Tourism and Hospitality Research, Vol. 19 No. 1, pp. 85-97.
Lambert, V.A. and Lambert, C.E. (2012), “Qualitative descriptive research: an acceptable design”,
Pacific Rim International Journal of Nursing Research, Vol. 16 No. 4, pp. 255-256.
Lartey, P.Y., Kong, Y., Afriyie, S.O., Santosh, R.J. and Bah, F.B.M. (2021), “Knowledge management
issues in India: a public sector perspective”, International Journal of Public Administration,
Vol. 44 No. 3, pp. 215-230.
Liebowitz, J. and Yan, C. (2004), Knowledge Sharing Proficiencies: The Key to Knowledge Management
Handbook on Knowledge Management 1, (pp. 409-424), Berlin, Germany, Springer.
Liu, D. (2010), “Research on risk control of knowledge share in knowledge network based on relation
Capital”, Paper presented at the IEEE International Engineering Management Conference,
Wuhan, China.
Loebbecke, C., van Fenema, P.C. and Powell, P. (2016), “Managing inter-organizational knowledge
sharing”, The Journal of Strategic Information Systems, Vol. 25 No. 1, pp. 4-14.
Ma, Y., Diao, L., Zhang, G. and Peng, S. (2011), “The selection model on schemes of knowledge leakage
risk control in alliance”, in 2011 International Conference on Multimedia Technology, IEEE,
pp. 5185-5188.
Muqadas, F., Rehman, M., Aslam, U. and Ur-Rahman, U.-. (2017), “Exploring the challenges, trends and
issues for knowledge sharing: a study on employees in public sector universities”, VINE Journal
of Information and Knowledge Management Systems, Vol. 47 No. 1, pp. 2-15.
Nguyen, H. and Nafula, K. (2016), Balancing the Tension between Knowledge Sharing and Knowledge
Protection in Coopetition: Empirical Study of High-Tech Companies, UMEÅ school of business
and economics, Sweden.
VJIKMS Nguyen, T.M. and Prentice, C. (2020), “Reverse relationship between reward, knowledge sharing and
performance”, Knowledge Management Research and Practice, doi: 10.1080/14778238.
54,3 2020.1821588
Oman Portal (2022), “Digital transformation program”, available at: https://omanportal.gov.om/wps/
portal/index/etransformationplan/!ut/p/a1/hc7LDoIwEAXQb3HBUmaghKi7ilERTWN8QTcGT
K0kSEmton8vGjcmPmZ3J-dmBjjEwMv0ksvU5KpMi0fm_pbNHd8ZM4w6SAKk_YB5nkORrd
wGJA3AL0PxX38hStgAfzKCI0TWDWfRckbRJevhpDv1yWDgvcCPMxPgslDZ8-WElhnpSOB
636 a7IUW2j7rZn0wpjr1LLSwrmtbKiULYe_U0cJPlYM6GYjfJVTH-Bq2eXaraesOeZl4Fg!!/dl5/d5/L0l
KQSEvUUt3SS80RUkhL2Vu/
Pare, G., Cameron, A.-F., Poba-Nzaou, P. and Templier, M. (2013), “A systematic assessment of rigor in
information systems ranking-type Delphi studies”, Information and Management, Vol. 50 No. 5,
pp. 207-217.
Perrott, B.E. (2007), “A strategic risk approach to knowledge management”, Business Horizons, Vol. 50
No. 6, pp. 523-533.
Raza-Ullah, T. and Eriksson, J. (2017), Knowledge Sharing and Knowledge Leakage in Dyadic
Coopetitive Alliances Involving SMEs Global Opportunities for Entrepreneurial Growth:
Coopetition and Knowledge Dynamics within and across Firms, (pp. 229-252), Bingley, UK,
Emerald Publishing Limited:
Rice, P.L. and Ezzy, D. (1999), Qualitative Research Methods: A Health Focus, (Vol. 21). Authority of the
Minister of Health, Canada.
Ritala, P., Olander, H., Michailova, S. and Husted, K. (2015), “Knowledge sharing, knowledge leaking
and relative innovation performance: an empirical study”, Technovation, Vol. 35, pp. 22-31.
Ruel, E., Wagner, E.W., Joseph, B. and Gillespie, B.G. (2016), The Practice of Survey Research: Theory
and Applications, Thousand Oaks, CA. Sage Publications, Inc.
Schmidt, R.C. (1997), “Managing Delphi surveys using nonparametric statistical techniques”, Decision
Sciences, Vol. 28 No. 3, pp. 763-774.
Schmiele, A. and Sofka, W. (2007), “Internationalizing R&D co-opetition: dress for the dance with the
devil”, ZEW-Centre for European Economic Research Discussion Paper (07-045).
Seba, I., Rowley, J. and Delbridge, R. (2012), “Knowledge sharing in the Dubai police force”, Journal of
Knowledge Management, Vol. 16 No. 1, pp. 114-128.
Serrat, O. (2017), Auditing Knowledge. In Knowledge Solutions, (pp. 15-20), Singapore, Springer.
Shedden, P., Scheepers, R., Smith, W. and Ahmad, A. (2011), “Incorporating a knowledge perspective
into security risk assessments”, VINE Journal of Information and Knowledge Management
Systems, Vol. 41 No. 2, pp. 152-166.
Simeonova, B. (2018), “Transactive memory systems and web 2.0 in knowledge sharing: a conceptual
model based on activity theory and critical realism”, Information Systems Journal, Vol. 28 No. 4,
pp. 592-611.
Thangaratinam, S. and Redman, C.W. (2005), “The delphi technique”, The Obstetrician and
Gynaecologist, Vol. 7 No. 2, pp. 120-125.
The Institute of Risk Management (2018), “A risk management standard”, available at: https://www.
theirm.org/ (accessed 2 January 2019)
Top, S. (2012), “Assessing the knowledge sharing in terms of risk level in-house service sector
assisted with logistic regression model”, Procedia – Social and Behavioral Sciences, Vol. 58,
pp. 802-811.
Trkman, P. and Desouza, K.C. (2012), “Knowledge risks in organizational networks: an exploratory
framework”, The Journal of Strategic Information Systems, Vol. 21 No. 1, pp. 1-17.
Turyahikayo, E., Pillay, V. and Muhenda, M.B. (2021), “Antecedents of knowledge sharing behaviour in
the public sector”, Electronic Journal of Knowledge Management, Vol. 19 No. 1, pp. 33-42.
Viswanathan, S.K., Tripathi, K.K. and Jha, K.N. (2020), “Influence of risk mitigation measures on Mitigating
international construction project success criteria–a survey of Indian experiences”, Construction
Management and Economics, Vol. 38 No. 3, pp. 207-222. knowledge-
Willem, A. and Buelens, M. (2007), “Knowledge sharing in public sector organizations: the effect of sharing risks
organizational characteristics on interdepartmental knowledge sharing”, Journal of Public
Administration Research and Theory, Vol. 17 No. 4, pp. 581-606.
You, T., Liu, X. and Fan, Z. (2005), “Evaluation and control strategy of knowledge sharing risk in
organization”, In Proceedings. 2005 IEEE International Engineering Management Conference, 637
IEEE, Vol. 2, pp. 584-588.
Zenk, L., Hynek, N., Edelmann, N., Virkar, S., Parycek, P. and Steiner, G. (2022), “Exploring motivation
to engage in intraorganizational knowledge sharing: a mixed-methods approach”, Kybernetes,
Vol. 51 No. 13, pp. 18-32.
Zhang, J. and Dawes, S.S. (2006), “Expectations and perceptions of benefits, barriers, and success in
public sector knowledge networks”, Public Performance and Management Review, Vol. 29 No. 4,
pp. 433-466.
Zhang, J., Paro, T.A. and Sarkis, J. (2006), “MACROS: case study of knowledge sharing system
development within New York State government agencies”, in Cases on Information
Technology: Lessons Learned, IGI Global, Vol. 7, pp. 419-439.
Zineldin, M.A. (1998), “Towards an ecological collaborative relationship management”, European
Journal of Marketing, Vol. 32 Nos 11/12, pp. 1138-1164.

Corresponding author
Kamla Ali Al-Busaidi can be contacted at: [email protected]

For instructions on how to order reprints of this article, please visit our website:
www.emeraldgrouppublishing.com/licensing/reprints.htm
Or contact us for further details: [email protected]