1. Crisis Management How would you ‘cope’?
5. If you were a terrorist, what business areas would you threaten? physical security
document security
personnel security
hardware security
telecommunications security
software security
6. So what is Risk Analysis?
7. So what is risk analysis? Risk Analysis has been defined as:
"a formal process of determining risks and developing a plan to deal with them"
Risks do not arise all by themselves. A risk is normally a product of two factors:
threats (something could go wrong)
and vulnerabilities (the information system/s used by the business will allow things to do wrong). http://www.tutor2u.net/business/ict/intro_security_risk_analysis.htm
Print this on handout
http://www.tutor2u.net/business/ict/intro_security_risk_analysis.htm
Print this on handout
8. Threats & vulnerabilities Threats include
Deliberate manipulation of information
Impersonation of a legitimate user
Untrained or poorly trained staff
Vulnerabilities include:�- Poor website or network design (e.g. which can allow "hackers" into a system or web site)�- Poor recruitment procedures Print this on handout
Print this on handout
9. Stages of Risk analysis Risk Analyst's need to identify….
The potential cost of the loss of ‘data’
The probability of problem occurring
The cost of measures to protect
The inconvenience to staff – security measures are useless if everyone bypasses them! Print this on handout
Print this on handout
10. Disaster Avoidance….
11. What can a business do to avoid the following ‘disasters’? Fire in building
Power supply breakdown
Virus infection
Theft of equipment
Theft of customer data
Got to here in lessonGot to here in lesson
12. So why should anyone bother with disaster management?
13. Effects can be catastrophic 90% of businesses who suffer major loss of data go out of business within 2 years
43% go out of business almost immediately
In the UK, company and directors may be prosecuted by the Health & Safety Executive
In financial and insurance sectors, customer may well sue
14. More recent crisis? 2008
15. Can you think of any businesses that have had to deal with a ‘crisis’ recently?
18. Can ‘crisis’ be avoided? Companies can have contingency plans established in order for staff to know how to deal with a crisis when it occurs!
20. Contingency Planning The very nature of this unit reflects that businesses have to be able to respond to change and change can be unpredictable
What is contingency planning?
The process by which organisations try to prepare for unexpected and potentially disastrous events
What is crisis management?
The manner in which an organisation responds to an unexpected and potentially disastrous event
21. Contingency Plans Value
Sense of security
Limits damage
Speeds up recovery process
Informs staff training
Preventative measures can be part of CSR Limitations
Costly and time consuming
Including opportunity cost
Needs reviewing
Lack of predictability
22. Contingency Plan Cadbury’s testing out of date
Cadbury’s withdraws products made in China
Cadbury’s is fined
23. How would you cope?
24. Group work In twos or threes
You will be given a crisis to decide on a contingency plan
Be prepared to feedback how you would react as the MD/BoD to your scenario
You need to consider each stakeholder group!
25. Long term strategy Need to consider the BIG picture!
What will be the impact on ALL sectors of the business…
HRM
Operational Management
Marketing
Finance
26. Strategy issues include Profit margins – what will the impact be?
(short term less important than the LONG TERM!)
Risks & uncertainty
– what is the business’ attitude to risks?
Opportunity costs
Business objectives
Constraints – internal & external
Ethics
Business culture
Ansoff matrix & Boston matrix
32. Homework Revise for assessment next lesson!
