Risk Analysis
It is a sound practice for companies to perform an assessment on a regular basis to determine any possible threats that can harm the company internally or externally. There are many different facets to risk analysis from assessing on a regular basis which leads to identifying risks and determining what measures should be taken for each risk. All companies should go through this process so that they know how to manage any risk that their company might face. Not only should companies know what their risks are, they should also know which risk poses high and low threats. This will help them to determine what is considered an acceptable risk and what isn't. Because the business environment is ever-changing and information is constantly flowing globally, risk analysis is a necessity (Startiene and Remeikiene, 2007).
Organizations should take risk analysis to protect what they value. This could be employees, hardware, software, sensitive records and data among other things. Companies should assess and place a monetary value on these things in order to evaluate the cost/benefit of each. In terms of employees, an assessment of their skills and value to the company can be done. In case of impending layoffs, this will help the company decide who will stay and who will be let go. We know that a different model of most types of hardware is manufactured nearly every year. It does not make good business sense to try to salvage something when a newer model can be bought for a few dollars more.
The story is much the same for software. Newer versions are created on an almost yearly basis, so software should probably not carry too high of a value when companies are performing an analysis. However, the records and documents created by using the software which is more than likely stored on a server need to be examined closely. Most records that companies keep include sensitive and confidential information. A backup server is a necessity just in case there is damage to the main server.
What is considered an acceptable risk is different for each company. In order to know what is acceptable in terms of risk, the company must first perform the risk assessment to find out which threat poses the most risk and which poses the least. A company should always place a higher value on sensitive information as they do not want this to be leaked to the public. They should also place a higher risk on any assessment that could mean the loss of large sums of revenue. If a company can tolerate and easily recovery from a threat, it should more than likely be considered a lower risk and acceptable. If the company is a manufacturing one, it must assess whether a market will continue to exist for its products. This will determine the level of risk acceptance (Day, 2007).
You’re 81% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.