Risk Management for E-Business Sustainability - Literature review Example

? Risk Management for e-business sustainability Introduction E-business or electronic business entails business functionalities constituted in network value; attending to consumer growth and exploiting information communication technology in an assimilative way depending on the networked economy’s cultural and organizational convention (Canzer 2006). E-business includes direct and indirect business operations like sales, marketing and human resource management, change management and business process re-engineering among others (Tassabehji 2003). In addition, Tassbehji (2003) highlights that e-commerce is extensive and entail large scale trade of commodities between different countries through electronic media. While e-business is concerned with the micro-environment of a firm, e-commerce deals with organization macro-environment (Bontis 2004). One aspect that comes with e-business is the need for effective risk management through proper identification, assessment and mitigation to satisfactory level. Nastase and Nastase (2007) define risk as a function of the possibility that some sources of threats will cause vulnerability leading to adverse effects on the organization. Unlike traditional boardroom risk management, today the business mainstream has become part of risk management to ensure that the organization achieves optimum profitability in a business environment characterized by elevating regulatory demands (Accenture 2011). This paper discuses risk management for e-business sustainability. Importance of sustainable risk management For all companies engaging in e-business, it is essential to align profit goals to the organizational policies on the environment through the process of sustainable risk management (Rouse 2010). According to Anderson (2007) and Kajan (2011), sustainable risk management guarantees corporate survival in a business environment where corporations are expected to be responsible for both social and environmental aspects (Watt 2002) in addition to financial bottom line. With the discovery of technology, the internet technologies are critical in improving business productivity and profitability (Canzer 2006). Stanford-Smith and Kidd (2000) reveal that e-business is tentative and there is passionate need to be conscious of the precise risks which vary for various businesses and companies. In addition, risks in electronic business do not reduce but increase owing to changing management circumstances and operation modes (Jia and Zhou 2005).The core focus of sustainability in e-business risk management is through detection of emerging issues that would affect production, supply chain and operations (Napier, Rivers and Wagner 2006). The most crucial emerging issues in business nowadays are changing government regulations (Grefen 2010). Through the IT departments in organizations, data on emergent issues is managed based on its association with the sustainability goals of the organization (Kalakota and Robinson 2001) while ensuring the providence of automated auditing and reporting capabilities (Gasos and Thoben 2003). Brock and Azim-Khan (2008) argue that the realization of e-business risks administration determines the future state of the business. For most start-ups and established companies, investment in e-business is often wrong with less promising future (Yilmz and Flouris 2009). Failed e-business is a revelation that affected businesses failed to fully integrate into their strategy, both sustainability and risk management (Dylick and Hockerts 2002). Through proper integration of strategy and risk and sustainability management, businesses are sure of making money to remain afloat in a competitive environment (Holbrook 2010). The risks associated to business originate either internally or externally (Wilson 2003; Australian Government 2009) and this means that business executives are obliged to distinguish, weigh and limit risks (Hamel and Sampler 1998; Bontis 2004). According to Globe-net (2012), it is impossible to have stable financial systems without taking to account new and emerging risks, depletion of resources, changes in climate and destruction of ecosystem (Viehland 2002; Nastase and Nastase 2007). Rackspace support (2012) reveals that having an overall e-business strategy is the key to identification of risks associated with performance, security, scalability and availability and the establishment of an effective risk mitigation strategy. Factors affecting formation of e-business Prior to the founding of e-business, one has to consider both internal and external drivers. External drivers of e-business are technological, political, social and economic factors (Tassabehji 2003). Technological factors include telecommunication infrastructure, bandwidth and access to new advancements in technology among others (Mariga 2003). Political factors affect e-business through legislation, public policies and number and forms of government incentives (Hamel and Sampler 1998). Social factors affecting e-business are among others, workforce skills, number of online uses, education level and number of online users (Tassabehji 2003). Economic drivers to e-commerce include economic growth or GDP, technology costs, telecommunication access costs, innovative business models and commercial infrastructure. Internal factors that drive e-business are organizational culture, commercial benefits, skilled and dedicated workforce, customers and suppliers’ requirements, and competition (Tassabehji 2003). Risk identification Management of risk sustainably requires that risks are effectively acknowledged, analyzed and controlled (Dylick and Hockerts 2002). Effective risk management is the role of organizational management and entails the generation of awareness on what is at risk, the incurred loss in case of risks and the cost of controls and reductions. According to Srinivasan and Abi-raad (2003), risks identification in e-business is more difficult given that there is constant change in technology and frequent detection of latest vulnerabilities (Mariga 2003). In order to effectively detect risks, three variables are put into consideration and these are criticality, threat and vulnerability. Srinivasan and Abi-raad (2003) point out that the relevance of an infrastructure to the organization depicts risk identification criticality; the compromising, damaging and destruction of the organizational infrastructure represents vulnerability and the presence of an entity or process that could abuse vulnerability (Holbrok 2010). In the presence these three variables, risk is at highest level and proper strategies should be put into place to minimize their impact (Mariga, 2003). In addition, risk management must be cost effective in terms of operational cost incurred in workforce, fiscal resources and training. Generic forms of risk Depending on the e-business areas affected, risks are classified into business, financial, legislation, regulatory and compliance, and operational risks Srinivasan and Abi-raad (2003). Viehland (2002) reveals that business risk arises from improper realization of e-business strategies resulting to poor standing and support from suppliers and clients. In order to avoid business risks, Srinivasan and Abi-raad (2003) reveal that organizations are required to be flexible and agile in taking gain of software reinforcing output or new collaborations through partnerships. For different organizations, Kajan (2011) points out that business risks are unique and organizations have to recognize the business processes that limit them for successful mitigation. Financial risks involve random vulnerabilities to an organization that are expressed in terms of precise numerical probabilities which mean that they can be quantified (Stanford-Smith and Kidd 2000). With quantifiable risks, it is easy to avoid and manage them (Kalakota 2001). In e-business, the direct revenue loss or expense arising from hardware or software is a common financial risk. In order to manage financial risks, the adoptions of techniques that will allow the organization to remain viable in the market are necessary (Mariga 2003). Risks arising from legal, regulatory or compliance issues are found in scenarios such as software piracy, exclusive rights’ contravention, illegitimate business performance and reprehensible distribution of susceptible information and others (Rackspace support 2012). Prior to taking on e-business, organizations should look for permissible advice early enough to shun any possible difficult outcomes (Srinivasan and Abi-raad (2003). In addition, organizations have to remain aware of new legislation, regulations and compliance requirements introduced in response to e-business technology (Watt 2002). In the UK, relevant legislation laws include e-communications, human rights and data protection. In the existence of unpredictable infrastructure, the operational risks are high and include among others, system failure, virus attacks and obsolete systems (Holbrook 2010). Operational risks result from hardware, software, people, and network and data issues (Grefen 2010). Organizations should work towards shielding themselves from hardware and software problems through habitual upgrades and where possible outsourcing to keep up against obsolescence (Hapier, Rivers and Wagner 2006). Data errors and corruption are great risk to e-business and organizations need to effectively manage data related risks through regular audits, being aware of data rules, having data retention and disclaimer policy and clear security (Srinivasan and Abi-raad 2003). The backbone to e-business operations is internet connectivity coupled with network security and bandwidth (Bontis 2004). Internet connectivity guarantees the accurate and smooth business operations. However, internet downtime results to lost business which leads to significant loss of consumers given their loss of confidence in the organization (Gasos and Thoben 2003). Businesses should ensure that they sustain their transactions and have the ability to protect their sensitive personal data such that customers’ confidence remains and avoid any legal implications (Srinivasan and Abi-raad 2003). In addition, organizations should avoid instances of technology mishandling or employment of the erroneous technologies needed to meet the needs of business (Miller and Engemann n.d). In e-business, network bandwidth should be managed such that it is possible to use organizational technological resources within the shortest time even when there is seasonal high demand (Srinivasan and Abi-raad 2003). Since people’s skills are essential in running activities in e-business, lack of skilled personnel exposes an organization to low productivity and poor quality of services or products. Srinivasan and Abi-raad (2003) reveals that regular training and outsourcing are effective ways of meeting shortages in skills while safeguarding e-business’ against risks. Risk factors affecting infrastructure in e-business The infrastructure in e-business is affected by factors such as rapidly changing technology, security, privacy, integrating issues, return on investment, and new business models. Rapidly changing technology is responsible for high rates of equipment and software obsoleteness (Viehland 2002). E-business is exposed to the risk of operating under slow computers, low memory storage, slower chips and outdated switches and routers (Srinivasan and Abi-raad 2003). As a result, it is impossible to transmit data at extremely high speeds. In order to remain competitive, e-business organizations have to put up with technology pressure (Stanford-Smith and Kidd 2000) and ensure that decision-making process is timely and aimed at constant devotion to e-business infrastructure (Wilson 1995). E-business communications is also rendered to the risk of security. This is because there are always new methods of intrusion and hacking that come with new technology (Anderson 2007). Brock and Azim-Khan (2008) argue that both large and small organizations are exposed to security pressure even with proficiency security control. E-business organizations have to invest in sufficient and reliable security measures (Dylick and Hocerts 2002) such that electronic facts can be traced in case of hacking or intrusion. Depending on the needs of the e-business of an organization, security needs should be defined while putting into thought people, network, data, hardware and software (Accenture 2011). In addition, Gasos and Thoben (2003) support that organization’s e-business must guarantee that no information falls in the erroneous hands while affirming personal confidentiality through stipulation of information on how accumulated private data is used. In order to have e-business into an existing business, business process reengineering is required such that there is value addition to the overall business process (Hamel and Sampler 1998). In so doing, resistance is possible from the employees or management thereby requiring organizations’ e-business goals fit into the company’s presented approach of conducting business to shun inconsistency with existing business models (Srinivasan and Abi-raad 2003). In order to capitalize on e-business enterprise worth, central business processes have to be dealt with given that cost and revenues of e-business are dependent on the business processes (Yilmz and Flouris 2010). As a result, it is essential to quantify e-business contribution in terms of financial, customer satisfaction, organization and process (Srinivasan and Abi-raad 2003). With the right information, return on investment determines an organization’s bottom line. After attaining the right technology, integration into the old system should be done seamlessly (Wilson 1995). Faultless integration is a risk (Watt 2002) particularly where human involvement is exterminated and external service providers engaged. E-business implementation should involve clear and precise definition of requirements prior to the elimination of human intervention and engagement of external service providers (Nastase and Nastase 2007). Risk control in e-business Risk identification calls for the adoption of effective risk handling approach (Srinivasan and Abi-raad 2003). Miller and Engemann (n.d.) define the four common risk handling approaches as risk avoidance, mitigation, acceptance and transfer. Regardless of the approach adopted, organizational management must document and schedule regular examination to discover any amendments in the factors impinging on risks (Jia and Zhou 2005). Through the adoption of conventional methods and software tools, risks can be managed through daily surveillances and scanning, heuristic methods that combine scientific thinking and development of checklists and use of expert judgment and security standards (Kalakota and Robinson 2001). Conclusion The paper reveals that successful organization’s e-business resolves to engage in intensive risk identification, risk assessment and risk mitigation. As a result, risk management is viewed as a strategic element of the value chain thereby delivering organizational growth and innovation sustainably. Organization management must be willing and ready to identify, analyze and mitigate risks in order to remain competitive and sustain successful e-business implementation. Bibliography Accenture 2011, The changing face of risk management, viewed 10 April 2013, < http://www.accenture.com/us-en/Pages/insight-changing-face-risk-management.aspx > Anderson, D 2007, Sustainability Risk Management as critical components of enterprise Risk management: Global Warming-Climate change risks, University of Wisconsin-Madison School of Business, viewed 9th April 2013, http://www.iisonline.org/files/uploads/2011/05/Anderson_%20Dan%20R._%20Sustainability%20Risk%20Management%20_IIS%20Berlin_%202007.ppt Australian Government Department of the Environment, Water, Heritage and the Arts 2009, Corporate Sustainability business and industry sustainability, viewed 9 April, 2013, Bontis, N 2004, E-Business essentials (Hc), Information Age Publishing Inc., United States of America. Brock, A, Azim-Khan, R 2008, E-business: The Practical Guide to the Laws, Spiramus Press Ltd, United Kingdom. Canzer 2006, E-Business: strategic thinking and practice, Cengage learning, Boston. Dylick, T, Hockerts, K 2002, “Beyond the business case for corporate sustainability, Business strategy and the environment,” John Wiley & Sons, Ltd. And ERP Environment, Vol. 11, no. 2, pp. 130-141. Gasos, J, Thoben, KD 2003, e-business applications: technologies for tomorrow’s solutions, Springer, Belgium. Globe-net 2012, Why sustainability is crucial to risk management, viewed 9 April, 2013, < http://www.greenbiz.com/news/2012/07/24/why-sustainability-crucial-risk-management> Grefen, P 2010, Mastering e-Business, Routeledge, New York. Hamel G, Sampler, J 1998, The e-Corporation: More than just Web-based, It’s Building a New Industrial Order, viewed 9 April, 2013, < http://money.cnn.com/magazines/fortune/fortune_archive/1998/12/07/252120/index.htm>. Hapier, HA, Rivers, O, Wagner, SW 2006, Creating a winning e-business, Thomson Learning Inc., USA. Holbrook, E 2010, sustainability: managing a major business risk, viewed 9 April, 2013, < http://www.riskmanagementmonitor.com/sustainability-managing-a-major-business-risk/> Jia, X, Zhou, X 2005, “Risk management and monitoring of electronic business.” IEEE Explore digital library, Vol.1, pp.805-808. Kajan, E 2011, Electronic Business Interoperability: Concepts, Opportunities and Challenges, IGI Global, United States of America. Kalakota, R, Robinson, M 2001, e-business 2.0: Roadmap for success, Addison-Wesley Professional, New Jersey. Mariga, J 2003, Managing e-commerce and mobile computing technologies, Idea Group Inc. IGI, United States of America. Miller, H, and Engemann, K n.d., managing risks in electronic commerce, viewed 10 April 2013, < http://www.muhlenberg.edu/depts/abe/business/miller/ecrisks.html> Nastase, F, Nastase, P 2007, “Risk Management for e-business.” Revista Informatica Economica, Vol. 3, no. 43, pp. 56-59. Rackspace support 2012, Critical risk factors in an e-commerce environment, 9 April 2013, < http://www.rackspace.com/knowledge_center/article/critical-risk-factors-in-an-e-commerce-environment> Rouse, M 2010, Sustainability Risk Management (SRM), viewed 9 April 2013, Srinivasan, G, and Abi-raad, M 2003, Risk factors associated with e-business infrastructure of SME’s, 1st Australian Information Security Management Conference, Perth, Western Australia, viewed 10 April, 2013, < http://igneous.scis.ecu.edu.au/proceedings/2003/infosec/pdf/21_final.pdf > Stanford-Smith, B, Kidd, B 2000, E-Business: Key issues, Applications and Technologies, IOS Press, Amsterdam. Tassabehji, R 2003, Applying E-Commerce in Business, Sage Publications Ltd, London. Viehland, D 2002, “Risk E-Business”: Assessing Risk in Electronic Commerce.” Decision line, May 2002, pp. 9-11. Watt, D 2002, E-Business implementation, Routeledge, Oxford. Wilson, M 1995, “Corporate sustainability: What is it and where does it come from?” Ivey Business Journal, Vol. 67, no. 6, pp. 1-5. Yilmz, AK, Flouris, T 2010, “managing corporate sustainability: Risk management process based perspective,” African Journal of Business management, Vol. 4, no. 2,pp. 162-171. Read More