An e-Business risk management strategyfor Quality Forest and Timber Services
| Kevin Palisi
| Diploma of Business (flexible)
| 3 Dec 2010
| Mr. Ian Heugh
No of Pages:
| [ 14 ] pages
| (1,500 – 3,000 words)
Risk Management Strategy
‘Business performance ... requires ... each job be directed toward the objectives of the whole business’ (Drucker, 1954, page 105). Business practices have developed to include a focus on optimising the management of components in a business system (see Deming, 1994, page 30) or the business processes to achieve the organisations objectives. Risk management processes are the management of components of a business system to avoid, reduce, transfer or retain business risks using performance principles, such as ALARP (as low as reasonably practical) (Smallprint, 2009, page 51). Quality Forest and Timber Services (QFTS) uses e-Business to assist its membership in wood sales, procurement and management services using e-Business registration, sales/procurement and logistics processes. These e-Business processes operate through hardware, software, data, networks and human resources. The risks associated with this e-Business infrastructure include: * Hardware: physical failure, obsolescence, theft or end of project life * Software: malfunctions & bugs, security attack, hacking, end of support, interoperability, obsolescence * Data: errors, corruption, hacking, loss, theft & privacy * Network: communications failure, non availability of band width, hacking and attack * Human resources: lack of skills, sabotage, concentration of skills (Srinivasan, 2003, page 4). QFTS should develop a risk management strategy to outline treatment or recovery from these risks when they appear so they do not threaten e-Business processes that achieve organisations objectives.
Risk is the likelihood something will weaken the operation of a business process that achieves an organization’s objectives or threaten the achievement of an organization’s objectives (Smallprint, 2009, page 7). A risk management strategy is a framework for business processes so an organization can avoid, reduce, transfer or retain risks increasing the probability of successfully achieving its objectives. A risk management strategy must outline an organizations strategic purpose, value proposition, objectives, stakeholders, administrative arrangements and performance criteria (Smallprint, 2009, page 8). The strategy should contain a policy statement, planning, implementation, and monitoring and review statement. To develop the risk management strategy requires processes to define risk context, identify and analyze risks and select and implement risk treatments. Corporate governance describes ‘the system by which organisations are directed, controlled and held to account’ and refers to the responsibilities of the board of directors and senior managers (Smallprint, 2009, page 7). Risk management is the process which enables directors and senior managers, employees and stakeholders, to maintain a reasonable degree of confidence the organisation will achieve its objectives by managing risk in the operation of business processes. This paper uses the coursework in BSBRSK501A Manage Risk to design and develop an e-Business risk management strategy for QFTS. The organisations objective for the risk management strategy is e-Business delivery to its membership services which also supports the liquidity and profitability of the enterprise.
3.1 Risk context
Corporate governance of an organization should establish a...
References: Deming W.E. (1994). The New Economics. For Industry, Government and Education. USA: The W. Edwards Deming Institute.
Smallprint (2009). BSBRSK501A Manage risk. Australia: Smallprint.
Srinivasan G. & Abi-Raad M. (2003). Risk factors associated with e-Business infrastructure in SMEs. 1st Australian Information Security Management Conference, 24 November 2003, Perth Western Australia.
AIRMIC, ALARM, IRM (2002)
AIRMIC, ALARM, IRM (2010). A structured approach to Enterprise Wide Risk Management (ERM) and the requirements of ISO31000. United Kingdom: AIRMIC, ALARM, IRM.
AUSTRAC (2008). Risk Management – A tool for small to medium sized businesses. Canberra: Australian Government.
BHP Billiton (2009). Risk Management Policy. Australia: BHP Billiton Group.
Department of Innovation, Industry, Science and Research (2009). Legal Issues Guide for Small Business – The website guide for some 1 million small businesses across Australia. (One day training program – workbook). Canberra: Australian Government.
Department of Treasury and Finance (2007). Victorian Government Risk Management Framework. Melbourne: Victorian Government.
International Organisation for Standardisation (2008). Risk Management – principles and guidelines on implementation. Geneva: ISO/DIS 31000.
McLeay M. (2008). Part 1 – Liability Risk Assessment Guide. Retrieved from www.innovation.gov.au. Website version 2/08/2009.
Please join StudyMode to read the full document