Executive Summary
The current situation posed by Covid-19 has forced some companies to advise their employees to work from home. Most of the work done is therefore managed virtually with online meetings being the order of the day. The adoption of this method by company management exposes some of the weaknesses of these companies to several risks. Nevertheless, few opportunities such as an increase in online marketing have equally risen. Directors have also devised new methods of supervising their staff, they achieve this by having an insight into the prevailing risk factors that the pandemic may cause to their routine operations(Frigo and Anderson, 2014).
This paper focuses on the challenges, opportunities, risks, and mitigation measures that a company should integrate to achieve their goals. The discussions in this paper are based on the current situation and the authenticity is drawn from the interviews held among company employees, in the appendix section.
Important Risk Factors that could Prevent Employers from achieving their Goals
Risk factors such as security and fraud in a company prevent an employer from achieving their goals, as identified in the interviews covered, their setbacks in a company that relies on online services (Frigo and Anderson, 2014). Network protection for secure communication was cited as a widespread problem in modern companies. Moreover, there are financial risk factors brought by emergencies like the current Covid-19pandemic.
The employees work virtually from home, this poses challenges that hamper gross profit that a company makes in relation to the previous normal conditions before the Covid-19 pandemic. Such incidences have seen companies retrenching some employees while others get a total shut down. Risks such as massive loss of assets and accumulation of debts and low productivity of the staff are, therefore, common problems. Finally, operational risk forms part of current businesses facing the challenges as a result of Covid-19(Fragnière, and Sullivan, 2006). Managers find it hard to supervise workers who do their jobs from home. Some of the workers require strict supervision which may not easily be done by administrators in a setting such as working from home.
Risk Mitigation Plans
These are steps that help managers to reduce the extent to which a particular risk affects the organization’s output. Security and fraud risk can be well addressed by business administration by first identifying the targets(Fragnière, and Sullivan, 2006). For effective mitigation measures, computer networkand other IT assets security can be protected by applying strong security protocols (Sadgrove, 2016). Besides, there’s need to train the staff on the basic operations of the computer network of a company.
On the other hand, stressing on the necessity to install an antivirus that prevents malware infections to computers is a crucial aspect. Risk mitigation plans of a company such as securing the computers with passwords and anti-hackers’ software are therefore fundamental for a company(Berry and Berry, 2010).Through proper implementation of Business Continuity Programs, threat and risks such as security and fraud have been successfully instigated in some of the companies(Fragnière, and Sullivan, 2006). In equal measure, administrators and staff should identify the loopholes to prevent occurrences s of such risk.
Due to the Covid-19, working from home has been adopted by many companies. With a dramatic increase in the number of social media users, several incidences of cyberbullying and crimes have been reported. Preventing possible occurrences is the most formidable way to achieve secure operations in a firm, which in turn promotes the productivity of the business.
SMART Framework
To ensure the success of the risk mitigation plan, it is necessary to ensure that it targets achievable objectives. The SMART framework helps create goals that can be implemented at the organization without excessive difficulty, thus helping achieve this target. The first component of the acronym is specificity, or the need to set well-defined objectives. In this case, a reasonable goal would be to reduce the threat that cybersecurity attacks and other issues pose to the organization. The second letter, M, stands for measurability and denotes the need to be able to track changes in the target. In this case, a measurable metric that can be used to judge the plan’s progress is the number of cybersecurity-related incidents that take place in a specific period. The organization will aim to reduce this metric by 50%, representing improved usage of safety and threat prevention guidelines.
The third component is achievability, which serves as a reminder that some goals cannot be reached regardless of the effort that is put into them. In this case, the organization cannot prevent cybersecurity issues entirely because of human error as well as the overall complexity of the technologies involved. As such, the presented goal of a 50% reduction is more reasonable and may be reached with improved security practices. The fourth item is relevance, as reaching the goal has to benefit the organization in some way. In this case, it will be more secure from dangers such as data theft, which can incur massive damage. Lastly, the fifth component is time, as the goal needs a specific deadline so that efforts can be tailored toward reaching it. In this case, the organization will aim to reach the goal within the next three months.
Critical Incident
The critical incident described in this paper involves data theft, the first of the three risks described above. In this scenario, a nefarious party is able to obtain an employee’s credentials using a phishing attack. They then access the organization’s servers, downloading information about a substantial number of its clients. This information is then disseminated on the black market, and the breach eventually becomes known to the public. As a result, the customers whose data has been leaked sue the organization, and it has to settle for a large sum. It also loses the trust of its clientele, which doubts the security of its information and prefers to switch over to alternatives it perceives as more secure. Having conducted an audit, the organization learns who was responsible for the leak.
The business continuity plan for this problem begins with the identification of the impact that the incident had on the organization. It lost money due to having to settle cases with disgruntled clients, and its information system has been compromised. To recover it, the company will need to review its security systems and provide new credentials to all employees, preferably with additional security measures such as multi-factor authentication.
A team of management, lawyers, and IT personnel will be created to perform these actions, settle any outstanding client issues, and train personnel so that they avoid any future phishing attacks. The new measures will be tested with the purpose of determining their appropriateness, and the results of the testing will be incorporated into the framework to address any weaknesses that may have been identified.
Reference List
Berry, C.T., and Berry, R.L., (2018). An initial assessment of small business risk management approaches for cybersecurity threats. International Journal of Business Continuity and Risk Management, 8(1), pp.1-10. Web.
Fragnière, E. and Sullivan, G, (2006). Risk management: safeguarding company assets. George Sullivan.
Frigo, M.L., and Anderson, R.J. (2014) ‘Risk management frameworks: adapt, don’t adopt: here’s a primer on how to use two well-known approaches’, Strategic Finance, 95(7), 49+. Web.
Frigo, M.L., and Anderson, R.J., (2011). Strategic risk management: a foundation for improving enterprise risk management and governance. Journal of Corporate Accounting &Finance, 22(3), pp.81-88. Web.
Sadgrove, K., 2016. The complete guide to business risk management.Routledge.
Appendix A
Interviews
Narrate in Chronological Manner, a typicalday workingfrom Home
Response from an interviewee
working from home has been quite challenging since the pandemic struck. My day started very early in the morning by taking a cold bath. After which, I join my family members at the table for breakfast which normally lasts 15 minutes. From 7 am to 10 am, I check and respond to emails and from our clients. Working as a customer service representative, I always encounter a lot of questions posted on social media platforms such as Facebook, Tweeter, and Whatsup of the company.
I ensure that I respond satisfactorily to the posted questions. At the same time, customers make phone calls about our products and services. On average, I spend approximately three hours on calls and 2 hours responding to prompts from the customers through social media and emails. After responding to class and emails, I break at 12:30 pm for lunch which I take from the house.
At 1:00 pm, I write reports on the matters arising from the calls and the social media posts including customer requests. From 2 pm to 4 pm, the company holds an online meeting with the executive and other members of staff. This is done through Whatsup or Google online classes. We give reports gathered throughout the day and the administration gives solutions to the company’s identified problems, raised through customers. Between 4 pm to 5 pm, I always document all the information regarding the current days’ work, write a plan for the next day’s duties, and file my documents.
What are the Opportunities and Challenges Related to working from Home?
Response: there are numerous opportunities related to my customer service job. I work online most of the time, the company management suggested that through this, online marketing of our products was the way to go. I embraced this opportunity to learn how to how to create simple websites for posting the company products. This has attracted many customers to buy place orders and choose their preferred products easily.
On the other hand, challenges ranging from poor internet connectivity to cybercrimes have been on the rise due to the use of virtual marketing strategies. Reports of fraudsters impersonating our staff have been on the rise, attempts of cyber-crimes such as hacking our internet connections have also been on records. Another challenge arises from distractions from friends visiting my house frequently. I keep on turning them back and some of them don’t take it lightly. Power blackouts are also part of the challenges faced while working from home.
Every electronic gadget I use to reach the customers are only efficient in presence of electric power. Blackouts are rampant in my areas due to poor weather like winds and rains. A setback that has derailed my daily programs sometimes most of the time. Finally, the sales have been dramatically declining since we cannot reach a large number of customers physically. Virtual meetings are part and parcel of working remotely and therefore, it is a challenge to our clients who solely depended on the physical transactions.
If you could make 3 wishes for makingwork from Home more Enjoyable, and Productivewhat couldthese be?
Response: Working from home can be more enjoyable if the time for work is reduced, it is boring to work alone in a room making phone class and having virtual meetings. Learning the client’s true needs requires some face to face meetings to read their body languages. Besides, individuals working remotely may not have adequate protection from malware and cybercrime such as hacking. Therefore, strong network security should be provided by the company to ensure secure connections. To make working from home much better and enjoyable, staff should be trained on the use of modern ICT equipment.
For an individual staff, power backups such as an uninterruptible power supply must be installed alongside computers to eliminate inconvenience. Additionally, company administrators should create a platform that enhances connectivity among workers. The platforms are also ideal for staff interaction, sharing out problems having informal charts sometimes breaks the boredom as a result of working home in a lonely environment.