Political Risk and Methods of Risk Management - Essay Example

Risk Register Risk Risk level Probability Impact Target date Owner Increasing competition high 3 3 11-09-13 William Shrinking customer base high 3 3 07-01-14 James Fraud is consistently evolving medium 2 1 17-8-13 Crixus Difficulties in keeping up with changes in IT medium 3 2 02-09-13 Knepper Reputational risk due to low innovation high 2 3 10-10-13 Hill Regulatory risks due to changing geo and political economic low 1 2 09-06-14 Kirubi Political risks particularly in the emerging markets low 1 1 28-12-13 Agnes Risks of losing personnel to other industry players medium 3 3 07-09-13 Smart Political Risk Political risk is one of the major issues which Blackberry may have to contend with in the near term. In 2010 the UAE and Saudi Arabia banned the use of Blackberry in their domains claiming that the encryption used on the phones made it impossible to monitor communications particularly messaging. The bans were effected on the grounds of national security since the governments asserted that it was impossible for security agencies to monitor any messages sent over Blackberry. National security in the UAE and Saudi Arabia are very critical issues given the rising risk of terrorism in the region. While this risk was mainly localized in the Arabian Gulf, it must be asserted that these actions pose potential risk to the company not only in the emerging markets but also in the developed world. The developed markets account for over 70% of the customer base with the emerging markets taking up the rest. Political risk in the emerging markets is however very high and these bans could potentially set a precedent in important markets such as China, Brazil and South Africa. Western markets which account for the greater market volume could see governments seek to promote the use of devices that are less encrypted thus hurting BlackBerry. It has to be ascertained that since Western governments are usually the targets of terrorism, national security may pose a very huge risk of changes in policy which may hurt BlackBerry’s bottom-line in these markets. Sources of risk Increasing risk of competition in the Smartphone industry has gone up in recent years due to the emergence of new companies with very high market appeal. Companies such as Apple and Samsung and Nokia have become very competitive taking away, Blackberry’s market share. The company’s customer base faces the risk of a shrinking market base which would make it inefficient. This is brought about by changing needs of the consumer which other companies have done a better job at meeting as compared to Blackberry. Fraud is a component of the company that made it beloved to consumers but increased need for national security is making it hard for the company to maintain its niche customer base. Improvements in technology have resulted in the technology of the company being replicated by companies such as Google with its Android technology. Losing its reputation as an innovative company falling behind Apple and Samsung are risks that have to be addressed. Regulatory regimens due to the enhanced need for better surveillance are increasingly putting the Blackberry product at risk of falling foul of legislation. The enhanced competition in the industry and the technology sector means Blackberry has to fight harder to keep important personnel who want to move to the more glamorous companies such as Apple. Political forces portent a very real risk to Blackberry due to the influence on policies they portent. New legislation put forth by many government may pose a risk to the Blackberry model since they would seek Blackberry to be more transparent thereby conflicting with its ethical use of data and protection of customer information. Rate of Risk, Probability of Occurrence, Impact and Controllability Competition is very high risk has severe impact and has a very high probability of occurrence for Blackberry. The high risk of enhanced competition would likely cause the organization fail altogether having seen its market share to 4% in 2012. The probability of occurrence of enhanced competition is high while this is not controllable unless Blackberry was to aggressively grow market share which is highly unlikely. While there remains a stable market share of clients with the need for privacy in their business communications the risk of losing this is very high and this could possibly sound a death knell for the company. The probability of occurrence of this is however low since other companies in the industry have yet to innovate to the levels of Blackberry. However if the other companies were to innovate and come up with high security algorithms the company would lose its competitive edge and be forced to shut down. This is an aspect which if it were to happen would be uncontrollable given that the company is not as highly capitalized and has lagged behind the others in technology development. Fraud is however low risk of the company that is remote and if it were to occur easily controllable. Fraud is low risk since the company uses complex algorithms which are hard to crack. Probability of fraud is however high given that fraudsters are always looking for gaps and lops in order to infiltrate secure systems. The impact of such an occurrence would be bad for the company as it would destroy the reputation of the company. Such an occurrence I unfortunately uncontrollable and can only be mitigated after occurrence. Improvements in IT are high risk for the company since it has been left behind in technological innovation allowing other companies to move ahead. The probability of occurrence is very high as development in technology is certain in such an industry. The impact of such developments will result in further loss of market share. This risk is controllable only to an extent given the huge strides of the competitor. However better encryption technology ought to continue being developed in order to control risk in loss of market share in its niche. Loss of its reputation as a premier innovative company is also highly risky since the company market share is maintained by the client’s need to be deemed as cool or better technologically. The probability of occurrence is very high sine the company has invested very little in innovation in the recent past; however this could be controlled through better funding for innovation. The risk of regulation in its main markets of Europe and Asia is very low given the nature of policy making in such markets. The probability of occurrence is low but rising given geopolitical developments which call for more transparency in communications. If such were to happen the company would see a further dent in its fortune as it would lose its appeal as a secure means of communication. This may be controlled through lobbying of the governments in the important markets to pass friendly policies. Loss of personnel is very high risk due to the highly mobile nature of the present marketplace. The probability of this occurring is very high if the company does not improve its fortunes as personnel will leave to firms deemed to have brighter futures. This would have an impact of making the company fall further in innovativeness. In the short term while better salaries could stem the tide of personnel loss this aspect is uncontrollable in the long term if these personnel get better offers elsewhere. Enhanced risk due to political forces and modern realities of national security is a great risk. However this is highly improbable given civil liberties in these markets. If such were to happen Blackberry stands to lose its niche due to policies of governments which are uncontrollable except through lobbying which may be expensive. Risk Response The risk of competition may be dealt with through greater investment in innovation and greater marketing efforts of the company. Other companies in the industry are very visible as compared to RIM which hardly seems to advertize and hence better presence in the market through advertizing and affirmation of its core ethical values of consumer protection would serve to keep the competition at bay. Blackberry still has a loyal clientele and if these clients were to be maintained they could serve as useful marketers for the product. Better investment in innovation, development and the hiring of better personnel would serve to produce innovative products that would enable the company to retain its market share. Fraud which I a high risk for communications may be controlled and mitigated through greater developments and innovation on its proprietary algorithms in order to maintain its reputation. Fraud which is a low risk for the company ought to be maintained and antifraud measures enhanced through better encryption since while the other industry players offer other functionalities Blackberry still offers best value in security of customer information and data. Innovations need to be undertaken in order to reduce the risk of the company becoming obsolete. In order to ensure the company is not left behind the company has to invest in personnel to drive innovation and ensure that its key personnel do not leave to the competitors. Through aggressive hiring of qualified and driven personnel and retaining their own personnel the company will have made a major step towards longevity. Reputation loss as an innovative company will also benefit from hiring of personnel with required experience to innovate for the company and prevent it falling too far behind the market leaders. The companies which are taking away its market share have focused on the cool factor and hence the company needs to invest in technologies which would make its product appear cool to the market. While regulation risk is low level it still has a probability of occurrence and hence Blackberry ought to seek to form better strategic partnerships with security agencies in its major markets. This will ensure that the company can cooperate with security agencies while at the same time protect the welfare of its clients. Better compensation packages, confidence in the company going forward and job satisfaction through offering better opportunities would reduce the risk of losing personnel to the competition.Top of FormBottom of Form In the short term while better salaries could stem the tide of personnel loss this aspect is uncontrollable in the long term if these personnel get better offers elsewhere. Pre-incidence Aspects This contingency plan puts forth the procedures to be adhered to in the instance of the occurrence of a major catastrophe that would pose a risk to consumer data. It is procedure set forth towards recovery and return of the company to normalcy following the disruption of such a catastrophe. The plan has put in place the following objective towards the restoration of normalcy. Maximization of the efficiency of the contingency procedures by following a plan that is structured in terms of; Activation/Notification after detection and assessment of damage so as to put the plan in motion Recovery to ensure temporary operations are set up and damage is recovered Reconstitution of normal operations and systems Identify critical aspects, procedures and resources essential to resume operations in a certain capacity during the interruption. Assign duties towards normalization to the necessary personnel Offer guidance towards recovery procedures during interruptions that may be prolonged for any given time. Ensure actions of all members of the organization are coordinated during the event This report is intended for the managing director of Blackberry and all other officers who would play an important part in the event of a catastrophic event Pre-Disaster Mitigation Plan: Fire hazards which may be caused by the disaster will be taken into account and hence there will be a switch off of power including automatic stand by generators immediately after the occurrence of the disaster. Water contamination of important data will also be considered and hence water will not be used in the storage areas of the critical data unless expressly authorized by the management in consultation with technicians. Clear exits will be designated for persons on every level of the building with drills being conducted regularly to ensure all persons are competent in evacuation procedures. Emergency Operations Plan: Temporary shelter will be provided for the technicians and other important employees needed to keep operations running Evacuation of the building and the sensitive data will be performed through a security company that has been different from the regular company in conjunction and with the supervision of the IT department and regular security company. Operations will be moved offsite with only critical personnel being maintained at the new site with the rest of the personnel sent home until the situation stabilizes. Impact of the catastrophe is determined within 6 hours in order to determine how long it will take to return operations to normalcy. Continuity of Operations Plan: The company being located in two continents with each having almost similar capacity for operations will direct traffic to the center not affected by the disaster until the other center is back in operation. Operations will be immediately transferred to the offsite location in order to ensure no disruption until the extent of the damage is ascertained. Data stored in the company’ servers will be backed up on a weekly basis and stored offsite. After the server is brought back to normalcy any data lost in the catastrophe will then be restored. The company will keep the different range of hardware and software needed in the offsite location and in the secondary server site storage in order to ensure that operations resume normalcy as soon as possible Ethical Use and Protection of Sensitive Data Given the nature of the company and the high rates of dependence by many individuals and companies and organizations on Blackberry for their communications, a catastrophic event that interrupts operations will have critical repercussions. Blackberry as a communications company has a strict policy regarding the ethical use and protection of sensitive data. In the event of a catastrophic event it is not only the data of the consumers which will be in danger but also copyrights and intellectual property of the company which will be at risk. In the event of the occurrence of such a catastrophic event, data stored at the company headquarters servers may be accessed by unauthorized people and personnel. Blackberry will seek to prevent this and promote the ethical use and protection of sensitive data through making sure that there are certain persons charged with the responsibility of ensuring that data stored in the company servers is kept safe through encryption or removal from site. Procedures will also be set in place that will ensure that access to data in times of catastrophic events is controlled through a multiple person procedure in order to ensure that only authorized persons access the data. In this regard access to data and its use will only be authorized through the chain of command starting from the managing director, his subordinates down to IT staff. Ethical use and protection of customer records The plan will seek to ensure that it is compliant with the ethical use and protection of customer records policies of the company. Such an event will result in chaos and hence there is a very high possibility that the ethical values of Blackberry regarding ethics and protection of customer records may be compromised. The company has access to private and confidential record of many people around the globe that use it to transact important business. As such a catastrophe such as fire would lead to potential gaps in the security apparatus which may be taken advantage of by unauthorized persons. In the instance of a catastrophe such as a fire or earthquake the company will ensure that consumer data is protected through a system that bars access to all information on the servers until the backup start running. Following the Computer Security Act of 1987, Blackberry will put in place contingency means that will enhance the security procedures for access through a two layered verification system for all clients and authorized personnel. Customer records and their private information will be backed up on an offsite server when the catastrophic situation is deemed severe enough to put the safety of that information at peril. Communication plan A communication plan during the occurrence of the catastrophic event is important and hence the plan has put in place procedures for notification and activation. Immediately after the occurrence of a major catastrophic event the personnel in charge of data and IT will inform the communications personnel in order to inform all concerned. The management and the IT team will then assess the severity of the disruption. There will be several options for notifying all the members of the team responsible for putting in place contingency measures. After the occurrence of the catastrophic event the management, IT and communications departments will be informed through phone calls or emails. If response by the team members exceeds one hour the members assembled will assess the situation and write the preliminary report and measures to be undertaken immediately. IT will be in charge of assessment and this assessment will be undertaken with a senior member of the department present in order to ensure safety of the information. The management and Communications team leaders will be charged with communicating with all important members and coordination of the contingency effort. The team will form a committee of eight persons drawn from each department to assess the impact of the catastrophe and draw up recovery plans. The criteria for notification of the team members and the drawing up of the plans for the recovery will depend on the assessment drawn up by IT. Restoring Operations The central objective of the contingency plan will be to resume normalcy as soon as possible. Recovery options available will include the activation of a different server that is offsite in order to ensure that customers have access to Blackberry services. Another option available for Blackberry would be to route the traffic from the servers in the country to the mother server at headquarters. This will be executed after IT has ascertained that the host country server has been damaged that it cannot offer services hence calling for rerouting. The head of IT will be responsible for coordinating the assessment process but the final decision on what has to be done will be undertaken by the CEO. IT will then test the new systems and ascertain if they are working after which the team will seek to determine whether a semblance of normalcy has been achieved. The objective of getting the systems back up will be deemed to be complete when the switchboard receives a similar amount of queries and calls as compared to normal times. Read More