Risk Management for Rural Internet Kiosk Project - Essay Example

?EXECUTIVE SUMMARY This report concentrates on risk management for the Rural Internet Kiosk Project will full details of project management for the Rural Internet Kiosk Project. A risk is mainly described as a particular event that its occurrence might cause either a negative impact to that project that it occurs to. It might have one or more causes and in a case that it occurs it be will have an impact or two. If this uncertain event occurs the impact will either be on the project performance or the project cost. All upcoming projects assume a particular risk, and through risk management techniques are applied to monitor and minimized these events that the potential to arise and cause harm to the final project outcome. It is a continuous ongoing process throughout the project life, and it includes process of planning, identification, analysis and finally monitoring and control. With new risk identified with time these processes are updated. With the Rural Internet Kiosk, quite a number of risks are assessed to happens along the setting up of the whole organization and is mainly divided into four; the general management, personnel policies, insurance and general protection against fraud, terrorism and many other potential threats. The potential risk focused at the main four areas need senior management consideration because they will end up affecting the final project production, because for a organization to be secure and firm it need good management, with good management comes good personnel policy for the employees, both employee and whole organization insurance and finally the general protection from harm e.g. theft, fraud, robbery. This plan clearly shows how these stated risks are considered and the finally actions taken to monitor them for the successful running of the Rural internet kiosk to benefit the whole community. This process of identifying and documenting these events that pose this major threats to the outcome of the rural internet kiosk is just the first step. It’s of a vital importance to monitor all risks on a scheduled basis by a risk management team and finally give a report on the project status. RISK MANAGEMENT STRATEGY The risk management strategy is divided into 3 parts, these are risk identification, risk responsibility and risk response. Risk identification is where the risk is selected, the responsibility is where this particular risk is distributed to different stakeholder and response are the steps taken to monitor the risk . BASIC PROJECT MANAGEMENT RISKS AND TRAINING RISKS GOOD MANAGEMENT Rural internet kiosk should have a strategic plan and effective leadership that will make sure that the organizational resources are closely aligned to accomplish the organizational mission, all its staff and other volunteers are fairly treated to comply with rules and regulations. Joe the Chief executive officer will be in charge monitoring all the risk related to management. With all the risk considered, the role of the Board and its executives are defined and respected, us the executive director appointed as the manager of the organization’s operation the board will be focused on policy and planning. The board of directors will be recruited, selected and employ the executive director providing clear expectations and qualifications of the position including reasonable compensation . UP-TO-DATE, REVIEWED PERSONNEL POLICIES: It’s good practice for every organization to have up-to date policies that guide the various relationships between staff and management. Ann who is in charge of Human resource department will monitor risk that affect human personnel. From heuristics, it’s clearly noticed that lawsuits regarding harassment, wrongful termination and discrimination, salary actions and disagreements about promotions are on the increase. For this Rural Internet Kiosk, parties to this lawsuit will include the management and the organization members. It’s also good practice that these personnel policies should be reviewed at least once a year by experts about all of the employee-related laws and regulations. For the Human resource department the organization has well written personnel handbook that clearly stipulate on how recruitment, hiring and termination and the general standard work rules for all staff. This will minimize the risk of going against government regulations including equal employment opportunity act, occupational health and safety act and affirmative action plan. The organization will have to follows unbiased hiring practices and will have clearly stipulated job description which include reporting relations, duties and other key indicators . WELL-DESIGNED INSURANCE COVERAGE: Since Rural Internet Kiosk owns a physical space, it should have general liability insurance. Being an insurance expert and financial adviser, am a consultant who will handle the companies insurance with assistants form the management. This is a cover for its clients or visitors and employees who might trip and fall down stairs. It would be important if employees and management or board members are added as additional insured in this coverage. It should also have non-owned auto coverage, because this will protect an employee who might be driving a family car for business reasons and it also covers rental cars. It’s usually contained in the general liability policy, but its good practice to make sure to check if it is in. Through “Insured vs. Insured” exclusion wrongful termination coverage which might be added will be prevented because insurance can’t be used to protect against internal strife . The insurance coverage might sound dreadful, but with two hours being scheduled to study the policies with experts, and all questions posed to the experts. The experts will then provide us a written, clear description regarding any ambiguities with company letterhead with his or her signature. With insurance the difficult part is to discuss is directors and officers insurance, this is also intimately concerned to fidelity coverage. Large amounts of money should have fidelity coverage to cover possible criminal acts e.g. robbery, theft or burglary . MISCELLANEOUS AND FINANCE RISKS PROTECTING AGAINST FRAUD, FORGERY, THEFT AND TERRORISM Rural Internet Kiosk should have up to date, board-approved policies for employees. Personnel policies will specify how personnel should be hired, how they should supervised and hired according with employment laws that will ensure fair and legally compliant treatment of others. Those who supervise others should also be trained on the policies . During the hiring of new employees, there should be background checks conducted, these will detect if the person has committed crimes, either major or minor in nature because it will suggest tendencies on how the person will behave in his new place of work . Conduct orientation by the board once a year, this will make employees aware of the unique aspects of the board and organization, including the board’s policies for example, conflict of interest, whistleblower and ethics. A policy should be established stating how employees, board members and others could report if an organization behavior is illegal or inappropriate without retaliation to the whistleblower. A board ethics policy should be established which will specify behaviors to be conducted by the board members in a manner that will treat others fairly and that the conduct is legally compliant. A financial audit or review should be conducted that verifies the accuracy and usefulness of all or some aspects of financial management. This increases the likelihood that financial numbers and reports are indeed accurate. A board approved and up to date fiscal policies and procedures should also be established to ensure that financial management is conducted in an accurate and useful manner that minimizes any likelihood of malfeasance, this includes fraud or misappropriation of funds . Data Security risk Most organization face a constant data security threat, worms, malware hacking that keep small business owners and their IT managers awake all night just to make sure their network is safe. Overwhelmed by this type of fear, Rural Interne Kiosk attempts not to be a victim of “security paralysis,” so a few best practices are applied hoping that they will work for them. A five step approach is taken to make sure data security is beefed up. 1. Identifying Information Assets; this is achieved by identifying the primary type of information that the system handles, this includes, payment cards, social security numbers, human resource data and patients numbers. This will help make a priority plan on how they will be protected. 2. Locating information assets is the second main step; this will help in identifying where these information assets reside within the organization. For example the file servers, personal digital assistants, mobile phones, laptops, workstations, removable media, databases. 3. Classifying these information assets comes third. This will be achieved through assigning a rating of the organization information asset list. Rural internet kiosk will consider the following plan in classifying information assets. Public information , this includes marketing campaigns, finalized financial reports and contact information come first in the 1-5 scale with 5 being the most important. For the Internal, but not secret, information for example, organizational charts, phone lists and office policies come second. Sensitive internal information for example the business plans, strategic initiatives and those items subject to non-disclosure agreements. Classified in-house information for example compensation information, merger and acquisition plans and the organization layoff plans . Finally the regulated information for example the patient data and classified information comes fifth. 4. Conducting a threat-modeling exercise comes next and its achieved through rating the type of threats that tend to face rural internet kiosk top-rated information assets.  An external consultant with experience in this particular area will facilitate this exercise and a report finally written down. 5. Final step is to finalize data and start planning. The result of this a rational and comprehensive ranking of any kind of threat to rural internet kiosk. This will include the importance of the assets at both the pale and extensive spectrum of possible emergencies.  With a reasonable security plan, risk identified by the highest numbers in the rural internet kiosk will be tackled .  References ACKERMANN, F., EDEN, C., WILLIAMS, T. & HOWICK, S. 2007. Systemic Risk Assessment: A Case Study. The Journal of the Operational Research Society, 58, 39-51. ALAVI, M. & LEIDNER, D. E. 2001. Review: Knowledge Management and Knowledge Management Systems: Conceptual Foundations and Research Issues. MIS Quarterly, 25, 107-136. CHELST, K. & BODILY, S. E. 2000. Structured Risk Management: Filling a Gap in Decision Analysis Education. The Journal of the Operational Research Society, 51, 1420-1432. CROUHY, M., GALAI, D. & MARK, R. 2000. Risk management, Ne York, McGraw Hill. DAS, S. 2006. Risk management, New Jersey, John Wiley & Sons. FOCARDI, S., JONAS, C. & ASSOCIATES, F. J. F. 1998. Risk management: framework, methods, and practice, New Hope, Frank J. Fabozzi Associates. FRENKEL, M., HOMMEL, U., DUFEY, G. & RUDOLF, M. 2005. Risk management: challenge and opportunity, New York, Springer. GOLUB, B. W. & TILMAN, L. M. 2000. Risk management: approaches for fixed income markets, New York, Wiley. HATTON, I. A., MCCANN, K. S., UMBANHOWAR, J. & RASMUSSEN, J. B. 2006. A Dynamical Approach to Evaluate Risk in Resource Management. Ecological Applications, 16, 1238-1248. JOHNSON, C., PENNING-ROWSELL, E. & PARKER, D. 2007. Natural and Imposed Injustices: The Challenges in Implementing 'Fair' Flood Risk Management Policy in England. The Geographical Journal, 173, 374-390.  Read More