Risk Management Strategy
Project 1 | An e-Business risk management strategyfor Quality Forest and Timber Services | Name: | Kevin Palisi | CIT Number: | CIT070118 | Course: | Diploma of Business (flexible) | Due Date: | 3 Dec 2010 | Teacher: | Mr. Ian Heugh | No of Pages: | [ 14 ] pages | Words | (1,500 – 3,000 words) |
Contents Executive Summary 3 1. Introduction 4 2. Methodology 5 2.1 Risk context 5 2.2 Identify risks 5 2.3 Analyse risks 6 2.4 Risk treatments 6 3. Risk Management Strategy 8 4. Discussion 12 5. Conclusion 13 6. References 14
Executive Summary
‘Business performance ... requires ... each job be directed toward the objectives of the whole business’ (Drucker, 1954, page 105). Business practices have developed to include a focus on optimising the management of components in a business system (see Deming, 1994, page 30) or the business processes to achieve the organisations objectives. Risk management processes are the management of components of a business system to avoid, reduce, transfer or retain business risks using performance principles, such as ALARP (as low as reasonably practical) (Smallprint, 2009, page 51).
Quality Forest and Timber Services (QFTS) uses e-Business to assist its membership in wood sales, procurement and management services using e-Business registration, sales/procurement and logistics processes. These e-Business processes operate through hardware, software, data, networks and human resources.
The risks associated with this e-Business infrastructure include: * Hardware: physical failure, obsolescence, theft or end of project life * Software: malfunctions & bugs, security attack, hacking, end of support, interoperability, obsolescence * Data: errors, corruption, hacking, loss, theft & privacy * Network: communications failure, non availability of band width, hacking and attack * Human resources: lack of skills, sabotage, concentration of skills (Srinivasan,
Contents Executive Summary 3 1. Introduction 4 2. Methodology 5 2.1 Risk context 5 2.2 Identify risks 5 2.3 Analyse risks 6 2.4 Risk treatments 6 3. Risk Management Strategy 8 4. Discussion 12 5. Conclusion 13 6. References 14
Executive Summary
‘Business performance ... requires ... each job be directed toward the objectives of the whole business’ (Drucker, 1954, page 105). Business practices have developed to include a focus on optimising the management of components in a business system (see Deming, 1994, page 30) or the business processes to achieve the organisations objectives. Risk management processes are the management of components of a business system to avoid, reduce, transfer or retain business risks using performance principles, such as ALARP (as low as reasonably practical) (Smallprint, 2009, page 51).
Quality Forest and Timber Services (QFTS) uses e-Business to assist its membership in wood sales, procurement and management services using e-Business registration, sales/procurement and logistics processes. These e-Business processes operate through hardware, software, data, networks and human resources.
The risks associated with this e-Business infrastructure include: * Hardware: physical failure, obsolescence, theft or end of project life * Software: malfunctions & bugs, security attack, hacking, end of support, interoperability, obsolescence * Data: errors, corruption, hacking, loss, theft & privacy * Network: communications failure, non availability of band width, hacking and attack * Human resources: lack of skills, sabotage, concentration of skills (Srinivasan,
References: Deming W.E. (1994). The New Economics. For Industry, Government and Education. USA: The W. Edwards Deming Institute. Drucker P Smallprint (2009). BSBRSK501A Manage risk. Australia: Smallprint. Srinivasan G. & Abi-Raad M. (2003). Risk factors associated with e-Business infrastructure in SMEs. 1st Australian Information Security Management Conference, 24 November 2003, Perth Western Australia. 7. Bibliography AIRMIC, ALARM, IRM (2002) AIRMIC, ALARM, IRM (2010). A structured approach to Enterprise Wide Risk Management (ERM) and the requirements of ISO31000. United Kingdom: AIRMIC, ALARM, IRM. AUSTRAC (2008). Risk Management – A tool for small to medium sized businesses. Canberra: Australian Government. BHP Billiton (2009). Risk Management Policy. Australia: BHP Billiton Group. Department of Innovation, Industry, Science and Research (2009). Legal Issues Guide for Small Business – The website guide for some 1 million small businesses across Australia. (One day training program – workbook). Canberra: Australian Government. Department of Treasury and Finance (2007). Victorian Government Risk Management Framework. Melbourne: Victorian Government. International Organisation for Standardisation (2008). Risk Management – principles and guidelines on implementation. Geneva: ISO/DIS 31000. McLeay M. (2008). Part 1 – Liability Risk Assessment Guide. Retrieved from www.innovation.gov.au. Website version 2/08/2009.