Disaster Recovery Planning in Risk Management Models for Businesses

Topics: Disaster, Management Words: 1491 Pages: 6

The meaning of risk to an organization

When evaluating the risks based on the criterion of their origins, political and economic risks can be distinguished. Political risks are defined by the situations in the political environment influencing operation activities. For instance, the high level of corruption or autocratic forms of political organization may result in business expropriation and the lack of mutual benefits; poorly developed investment culture and infrastructure – in greater financial constraints; and the overall economic depression – in large taxes and declining financial profitability. Economic risks are defined by the changes in the organizational or national economy. The most frequent forms of economic risks are changes in the market environment and unbalanced liquidity which may result in a significant financial loss. There are also internal risks that depend on organizational operational activities and may be related to inefficient financial management, asset, and capital structures, aggressive risk-taking behavior, etc. These risks can either lead to economic instability or disruption of productivity.

Additionally, risks may be categorized by their financial outcomes. There are risks that entail merely an economic loss – it is the worst type of risk that is detrimental to organizational sustainability. The risks associated with the loss of profit are softer than the former type – they characterize the situation in which a company cannot perform a planned operation due to particular circumstances, e.g., cannot get a necessary credit due to a decrease in the credit rating. Lastly, risks that entail both economic loss and additional profits (the speculative financial risks) are usually associated with speculative financial operations, e.g., the realization of an investment project with an uncertain level of profitability.

The responsibilities for risk management at the operational management level

Operational management aims to supervise all activities related to the transformation of resources, information, and customers. It can be considered effective if a significant level of cost efficiency is achieved. Concerning risk management at the operational level, it implies the prevention of threats and losses associated with the mentioned activities. At this level, managers should strive to reimburse expenses, and rationalize investments by maintaining control over production, purchase, and quality operations.

A risk management model: SWOT analysis

SWOT analysis is a method of expert risk assessment. It implies the evaluation of the actual organizational state and its strategic perspective. The model is based on the analysis of strong (S) and weak (W) areas of a company’s performance, its market opportunities (O), and potential environmental threats (T). SWOT analysis has both managerial and strategic value because it combines the factors present in the internal and external environments and informs about the resources and skills which the company needs to implement to reduce risk.

Risk management criteria against which risk can be assessed

The criteria for the assessment of internal risks are as follows: staff skillfulness, high level of organizational competitiveness, clear-cut corporate strategy, cost-efficiency. Personnel competence is an essential prerequisite of high productivity, performance effectiveness, and efficiency, as well as the quality of service and products. The factor of staff skillfulness contributes to the strengthening of the corporate competitive position, improvement of profitability, and overall sustainability. A well-developed strategy and understanding of organizational goals among employees are essential for effective coordination of internal activities and operations and, thus, it is core to organizational growth. And lastly, cost efficiency contributes to profitability increase.

The criteria for the external risk assessment include a high level of resource availability, weak legislation impacts, favorable shifts in currency rate. Weak legislation impacts imply limited operational and financial restrictions. It is an important criterion because the strict financial and operating regulations interfere with business expansion and profitability increase. Favorable shifts in currency rates are associated with greater cost efficiency and financial capabilities. Lastly, the availability of required resources including materials, human resources, funds, etc. is associated with greater operational stability and productivity.

Techniques to specify risk including risk interdependencies

Periphery monitoring (assessment of the area where internal and external factors meet) is one of the essential methods of risk management. When applying this technique, managers consider negative consequences of risks, estimate a potential loss, and define where it can lead their organization. Based on the data accumulated through periphery monitoring, managers make decisions about risk refusal or acceptance. It is observed that many risks emerge in a gradual manner. Thus, the technique of periphery monitoring helps to avoid critical situations. Another effective method of risk assessment is a cross-sectional assessment. When risk monitoring is fulfilled by a cross-sectional team, it is easier to find connections between the weak and strong organizational spots as well as external influences. Moreover, the consideration of multiple views helps to approach the issue in a more creative and innovative way.

Organizational SWOT-matrix

		Strengths		Weaknesses
		Well-defined strategic orientation	A relatively stable position in the market	Some gaps in employee knowledge	A relatively low level of operational cost-efficiency
Opportunities	Abundant resources	0	1	1	3
Opportunities	Domestic low taxation policy	0	0	0	1
Threats	High level of currency volatility	0	-1	0	-3

The graphically presented matrix allows us to combine scores and identify interdependencies among the factors. For instance, it is observed that the combination of external instability in currency rate and internal organizational cost efficiency index represents the major risk to organizational profitability. Therefore, the improvement of cost efficiency is the current strategic priority. At the same time, the availability of resources creates the opportunity for the improvement of cost efficiency as the company may consider the use of alternative supply sources.

A risk management model to quantify the risk

By building SWOT-matrix, managers become able to understand if organizational strengths are effectively implemented; if its weaknesses are associated with a great level of vulnerability; what favorable circumstances increase the chance for success; and what threat should be considered in the first place. In this way, it leads to the development of a strategic matrix.

To increase the validity of the analysis results, the examination of various factors should be conducted by a group of experts from different departments because, when administered by a single person, the test outcomes may be biased.

Evaluation of the level of risk against pre-established criteria

The assessment of risk based on the pre-established criteria by implementing SWOT-matrix can be considered effective because it helped to identify the interdependencies among various factors and, moreover, evaluate the degree of their significance and impacts on organizational well-being.

Evaluation of activities to eliminate, mitigate, deflect or accept the risk

Risk	Method	Justification
Reduced cost-efficiency	Risk limitation	It is possible to say that decreased cost efficiency is detrimental to organizational revenues and, therefore, the acceptance of risk is not recommended. The company should undertake some measures which could reduce the negative impacts. These measures can include audit and development of new partnerships. First of all, the management should analyze the current cost of operations against the desired cost limit and external, industry-accepted expectations, and average numbers. After this, the research of available options for change is required.
Gaps in organizational knowledge	Ambiguous threat analysis	The result of the SWOT analysis showed the weak significance of the given factor. However, ineffective knowledge management can be detrimental to the company’s well-being as it indicates the inability to manage the information which may affect the competitive position. For starters, the company may commence the evaluation of organizational culture, cognition abilities, and team dynamics. As soon as the major areas of concern are identified, managers can develop the intervention plan and limit the impacts of the risk.
High currency volatility	Risk tracking	The selected risk assessment activity implies the regular review of environmental dynamics and updates. Since currency rates belong to the external factors, the management does not have control over it, yet managers can observe the changes and respond to them promptly. In this way, it becomes possible to mitigate financial risk.

A process for implementing and managing a disaster recovery plan

Disaster recovery planning is meant to protect organizations from the influence of foreseeable disasters and return to operational stability in the shortest time. It usually implies the creation of data backup reserves which help to restore the company’s information resources. When developing such a plan, managers need to focus on the continuation of the business, and since most areas of firms’ activities are interdependent, the disaster management approach should be holistic. It means that when creating a plan, the management should consider all types of potential catastrophes: natural, technologic, and human-made.

Recovery planning may include the following steps: data gathering, analysis of events in the business environment, risk analysis, the design of recovery strategies, plan validation, enforcement of its maintenance. The understanding of its own business environment is basic to effective disaster recovery planning. The management thus should evaluate the probability and severity of environmental risks. To keep the plan in a validated state, the regular monitoring and system reviews are needed. In this way, it will be possible to manage data loss and recovery operations more efficiently.