997 resultados para Business continuity
Resumo:
This project aims to delineate recovery strategies for a Portuguese Bank, as a way to increase its preparedness towards unexpected disruptive events, thus avoiding an operational crisis escalation. For this purpose, Business Continuity material was studied, a risk assessment performed, a business impact analysis executed and new strategic framework for selecting strategies adopted. In the end, a set of recovery strategies were chosen that better represented the Bank’s appetite for risk, and recommendations given for future improvements.
Resumo:
BCM (business continuity Management) is a holistic management process aiming at ensuring business continuity and building organizational resilience. Maturity models offer organizations a tool for evaluating their current maturity in a certain process. In the recent years BCM has been subject to international ISO standardization, while the interest of organizations to bechmark their state of BCM agains standards and the use of maturity models for these asessments has increased. However, although new standards have been introduced, very little attention has been paid to reviewing the existing BCM maturity models in research - especially in the light of the new ISO 22301 standard for BCM. In this thesis the existing BCM maturily models are carefully evaluated to determine whetherthey could be improved. In order to accomplish this, the compliance of the existing models to the ISO 22301 standard is measured and a framework for assessing a maturitymodel´s quality is defined. After carefully evaluating the existing frameworks for maturity model development and evaluation, an approach suggested by Becker et al. (2009) was chosen as the basis for the research. An additionto the procedural model a set of seven research guidelines proposed by the same authors was applied, drawing on the design-science research guidelines as suggested by Hevner et al. (2004). Furthermore, the existing models´ form and function was evaluated to address their usability. Based on the evaluation of the existing BCM maturity models, the existing models were found to have shortcomings in each dimension of the evaluation. Utilizing the best of the existing models, a draft version for an enhanced model was developed. This draft model was then iteratively developed by conducting six semi-structured interviews with BCM professionals in finland with the aim of validating and improving it. As a Result, a final version of the enhanced BCM maturity model was developed, conforming to the seven key clauses in the ISO 22301 standard and the maturity model development guidelines suggested by Becker et al. (2009).
Resumo:
This thesis reveals the topic of reputational risk management as a key element for business continuity and value maximization. The purpose of the work is to investigate reputational risk from the side of its definition, management (including legal requirements on this risk category) and measurement and to analyse reputational risk’s impact on business continuity and value maximization. To be able to do this, different respective articles, reports of financial institutions are gathered and constructive summaries and analysis are made. In order to deeply investigate the impact of reputational risk on business continuity and value maximization, it was chosen to study it from three aspects: 1) check the impact of stock valuation of 7 companies that experienced reputational catastrophe / risk, 2) analyse a case study on disagreements in management of reputational risk among case companies and impact on their respective performance, and 3) conduct a survey of financial sector companies in Liechtenstein to see how reputational risk management works in practice. The findings of the research showed a significant impact of reputation decadence on company’s value and trading volume, and showed crucial importance of post-crisis management for the company’s financial performance. The results of the qualitative research based on survey proved that companies consider reputational risk management as a one of the key elements for their business continuity and value maximization.
Resumo:
The present paper examines to what degree the Entrepreneurial Orientation (EO) construct is prolific in explaining business activity of firms with a transgenerational outlook. In particular, we are challenging the fundamental claim by entrepreneurship scholars that the more entrepreneurial a firm is, hence the higher it scores in the five EO dimensions, the more successful it should be in the long-run.
Resumo:
Worldwide floods have become one of the costliest weather-related hazards, causing large-scale human, economic, and environmental damage during the recent past. Recent years have seen a large number of such flood events around the globe, with Europe and the United Kingdom being no exception. Currently, about one in six properties in England is at risk of flooding (EA, 2009), and the risk is expected to further increase in the future (Evans et al., 2004). Although public spending on community-level flood protection has increased and some properties are protected by such protection schemes, many properties at risk of flooding may still be left without adequate protection. As far as businesses are concerned, this has led to an increased need for implementing strategies for property-level flood protection and business continuity, in order to improve their capacity to survive a flood hazard. Small and medium-sized enterprises (SMEs) constitute a significant portion of the UK business community. In the United Kingdom, more than 99% of private sector enterprises fall within the category of SMEs (BERR, 2008). They account for more than half of employment creation (59%) and turnover generation (52%) (BERR, 2008), and are thus considered the backbone of the UK economy. However, they are often affected disproportionately by natural hazards when compared with their larger counterparts (Tierney and Dahlhamer, 1996; Webb, Tierney, and Dahlhamer, 2000; Alesch et al., 2001) due to their increased vulnerability. Previous research reveals that small businesses are not adequately prepared to cope with the risk of natural hazards and to recover following such events (Tierney and Dahlhamer, 1996; Alesch et al., 2001; Yoshida and Deyle, 2005; Crichton, 2006; Dlugolecki, 2008). For instance, 90% of small businesses do not have adequate insurance coverage for their property (AXA Insurance UK, 2008) and only about 30% have a business continuity plan (Woodman, 2008). Not being adequately protected by community-level flood protection measures as well as property- and business-level protection measures threatens the survival of SMEs, especially those located in flood risk areas. This chapter discusses the potential effects of flood hazards on SMEs and the coping strategies that the SMEs can undertake to ensure the continuity of their business activities amid flood events. It contextualizes this discussion within a survey conducted under the Engineering and Physical Sciences Research Council (EPSRC) funded research project entitled “Community Resilience to Extreme Weather — CREW”.
Resumo:
Nykyaikaisessa liiketoimintaympäristössä yritysten kriittisiksi resursseiksi ovat muodostuneet liiketoimintaa tukevat tietojärjestelmät. Mahdollisuus hyödyntää näitä resursseja riippuu ko. liiketoiminnalle kriittisten järjestelmien luotettavuudesta ja hyödynnettävien sovellusten saatavuudesta. Eräs tilanne jossa järjestelmien kyky tukea todellisia liiketoimintaprosesseja vaarantuu on katastrofi. Vaikutukseltaan katastrofi voi olla paikallinen tai kattaa laajojakin alueita. Eri tyyppisiin katastrofeihin on varauduttava niiden edellyttämin tavoin. Eräs kriittisten tietojärjestelmien arkkitehtuuriin vaikuttanut trendi 90-luvulla on ollut client/server lähestymistapa. Client/server paradigman mukaan sovellus jaetaan tasoihin siten että esitys-, sovellus- ja tietokantakerrokset voidaan erottaa fyysisesti toisistaan näiden silti muodostaessa loogisesti yhtenäisen kokonaisuuden. Liiketoiminnan näkökulmasta 90- luvun mullistavia IT-uutuuksia olivat toiminnanohjausjärjestelmät, joiden avulla oli mahdollista hallita koko tuotantoketjua ja muita prosessikokonaisuuksia lähes reaaliajassa. Monikerroksisten toiminnanohjausjärjestelmien luotettavuus on osoittautunut haastavavaksi sillä kaikkien kerrosten suojaaminen kaikilta mahdollisilta katastrofeilta täydellisesti on nykyisellä teknologialla mahdotonta. Kompromissien tekemiseksi on oltava selvillä kunkin menetetyn prosessin aiheuttamista taloudellisista ja liiketoiminnallisista vaikutuksista. Tämän vuoksi juuri toiminnanohjausjärjestelmät ovat mielenkiintoisia, vaikuttavathan ne liiketoimintaprosesseihin läpi koko yrityksen prosessiketjun. Monikerroksisten client/server arkkitehtuuriin pohjautuvien toiminnanohjausjärjestelmien suojaamisessa katastrofeilta onkin sovellettava useita tekniikoita ja teknologioita, ja yhdistettävä kokonaisuus prosessikehykseen. Näin voidaan luoda suunnitelmallinen osa IT strategiaa, joka ottaa kantaa liiketoiminnan jatkuvuuteen katastrofitilanteessa ja mahdollistaa nopean ja täydellisen palautumisen kaikissa olosuhteissa.
Resumo:
This paper presents an overview of the role and responsibilities of the system administrator, focusing on the need to monitor its technological infrastructure. The informatics infrastructure monitoring is, nowadays without a doubt, one of the main key points in business support. Large enterprises are no longer the only ones to feel the need to use these monitoring tools, but small and medium-sized enterprises, which also have IT environments of an increasing complexity, feel such a need. This results directly from the operation of how the business is supported on IT platforms as support for people and processes. When a system, which is vital to the organization, fails either at the hardware or software level, compromises the operating capacity and consequently the business continuity. Having this always in mind, it is extremely important to adopt monitoring systems that proactively or reactively, reduce the overall time of breaks caused by failures. A monitoring system is the way to ensure confidence in all components and the operational readiness of IT infrastructure.
Resumo:
As Corporate Reputation (CR) evolves into an important asset for organizations, crises and disasters stand as threats to the preservation of the reputation capital since they usually result to negative projections to their audiences and to problematic evaluations by their stakeholders. Viewing CR as the accumulated trust and positive evaluations of the stakeholders, this paper proposes a conceptual and normative framework for Reputation Continuity, which enhances the ability of organizations to preserve their reputation, instead of working for its recovery in the post-crisis period. In our approach, we propose a process of maintaining trusted links, instead of restoring them and establishing a reputation resilient organization, instead of one struggling to recover from reputation losses, after the crisis has emerged. Working closely with stakeholders during the crisis, injecting a sense of normality continuity through effective leadership and mitigating image problems are seen as critical concerns, alongside a set of managerial practices to be followed. Ultimately, it is argued that, the value-based and strategically integrated view of Business Continuity must be enhanced and supported by Reputation Continuity activities.
Resumo:
Dissertação para a obtenção de Grau de Mestre em Engenharia e Gestão Industrial
Resumo:
Portugal, having responsibilities at European level, needs to ensure compliance with European standards, particularly with regard to the European Security Plan for Critical Infrastructures. National critical infrastructures should be a focus of attention with regard to the management of public risks, since these represent "a set of services that are essential to the functioning of the country and the functioning of the forces that ensure national defense." (Soares, 2008) This contribution on national critical infrastructures (CI) has the essential objective of clarifying the development of the strategy adopted by Portugal in pursuit of the security of these fundamental infrastructures. The goal lies not only through producing a descriptive document, but also carry a brief confrontation between the legal framework related to these subjects and the reality in which the Critical Infrastructure Operators and the National Civil Protection Authority (ANPC) operate. It is intended, in this sense, to understand the development of the project for the national security program of critical infrastructures and what effects of its measures on operators. As for the methodology, we followed a methodological strategy, where we combine the literature with data obtained through semi-structured interviews. Portugal, being a geographically peripheral country and having no record of incidents capable of causing major contingencies in key services for the normal development of society, does not have a structured and regulator plan that substantiates the need for operators responsible for CI to invest in security. This same approach is expected at the State level, believing that even though this theme has be widely explored by international institutions, Portugal has not yet tried to give the attention it deserves. Without the existence of an institution and a regulatory system, CI operators can become less available to comply with the legal framework.
Resumo:
Fast development in the operating environment and fierce competition have driven companies to pursue efficiency and success through lean and global supply chains. At the same time overall uncertainty has increased in the business environment and supply chains have become a priority in risk management since their vulnerability may endanger business continuity. Although risk management should start at procurement strategy development phase, proactive contingency planning is also essential because it enables correct reaction and fast changes in process execution in the case of risk realization. This thesis is a case study conducted in the pharmaceutical industry where purchasing and materials management organizations face a number of challenges and limitations that have to be considered in supply risk management. The goal of the study was to discuss the operating environment, and identify and analyze supply risks and potential risk management practices. The study was concluded with suggestions for purchasing strategy development that take risk management considerations into account. This copy is the public version of the thesis.
Resumo:
Tietojärjestelmät ovat kehittyneet kriittisiksi tekijöiksi yritysten liiketoiminnassa. Niitä on vaikea tai lähes mahdoton korvata. Toisaalta tietojärjestelmät ovat edesauttaneet yrityksiä tehostamaan toimintaansa. Yrityksen toimialalla tai koolla ei nykyään ole merkitystä erilaisten tietoteknisten järjestelmien ja sovellusten hyödyntämisessä. Riskienhallinnan avulla yritys pyrkii ennaltaehkäisemään tunnettuja riskejä. Liiketoiminnan jatkuvuudenhallinta pyrkii puolestaan varautumaan riskin aiheuttamaan liiketoiminnan häiriöön ja siitä toipumiseen. Tietojärjestelmien ollessa korvaamattomia tulee yrityksen kohdistaa resursseja ennaltaehkäiseviin toimiin, lisäksi sen on pyrittävä lyhentämään häiriöstä toipumisen aikaa. Tutkimuksen tarkoituksena oli tunnistaa kohdeyrityksen tietojärjestelmien merkittävimmät riskit, jotka uhkaavat oleellisesti liiketoiminnan jatkuvuutta. Liiketoiminnan jatkuvuuden tarkastelussa hyödynnettiin yrityksen käyttämää suorituskykymittaristoa (Balanced Score Card). Työllä tuetaan yrityksen laatujärjestelmän vaatimuksia liiketoiminnan turvaamisessa. Tutkielma toteutettiin pääasiassa teemahaastatteluiden muodossa, laadullista tutkimusmenetelmää hyödyntäen. Tutkimuksessa todettiin yrityksen tietojärjestelmien ja niiden ylläpidon olevan hyvällä tasolla. Muutamia kriittisiä vikaantumispisteitä kuitenkin havaittiin, joiden pohjalta laadittiin kehitysehdotuksia tietojärjestelmien vikasietoisuuden parantamiseksi liiketoiminnan jatkuvuudenhallinnan näkökannalta.
Resumo:
Diplomityö on tehty Suur-Savon Sähkö Oy:lle koskien liiketoiminnan jatkuvuuden turvaamista yrityksen IT-palveluissa. Työn tavoitteena oli selvittää Suur-Savon Sähkön liiketoiminnan jatkuvuuden turvaamisen tilaa IT-palveluissa ja antaa kehitysehdotuksia sen parantamiseksi. Työn teoreettinen tausta rakentuu tietohallinnon johtamisen, IT-palveluiden tuottamisen ja liiketoiminnan jatkuvuudenhallinnan ympärille. Tutkittaessa liiketoiminnan jatkuvuuden turvaamista IT-palveluissa, on olennaista ymmärtää tietohallinnon rooli yrityksessä ja miten tietohallintoa ja sen tuottamia palveluja johdetaan. Yhtä olennaista on ymmärtää liiketoiminnan jatkuvuudenhallinnan periaatteet ja niiden yhteys IT-palveluiden tuottamiseen. Työssä tutkittiin lomakehaastattelun, yhtiön sisäisten dokumenttien ja tutkijan tekemien havaintojen keinoin liiketoiminnan jatkuvuudenhallinnan tilaa Suur-Savon Sähkön IT-palveluissa. Työn tuloksena syntyi joukko kehitysehdotuksia, joiden avulla liiketoiminnan jatkuvuuden turvaamisen tilaa Suur-Savon Sähkön IT-palveluissa voitaisiin parantaa. Työn keskeiset tulokset liittyvät liiketoiminnan ja tietohallinnon yhteistyön kehittämiseen, jatkuvuudenhallinnan osaamistason kohottamiseen ja järjestelmällisen jatkuvuudenhallinnan käynnistämiseen koko konsernissa.
Resumo:
Nyky-yhteiskunta nojautuu vahvasti tietojärjestelmiin luoden laajemman arkkitehtuurisen kokonaisuuden, kybertoimintaympäristön. Liiketoimintaa tukevat tietojärjestelmät tukevat myös organisaatioiden prosesseja kokonaisvaltaisesti. Jotta näitä tärkeitä kyberympäristön tietojärjestelmä- sekä liiketoimintaympäristöresursseja pystytään käyttämään, tulee järjestelmien olla luotettavia ja sovellusten saatavilla vuorokauden ympäri tai aina tarvittaessa. Tilanteet, joissa järjestelmän käytettävyys vaarantuu, voivat eskaloitua yllättäen suuremmiksi, jos poikkeustilanteisiin ei ole varauduttu. Poikkeustilanteisiin varautumiseen tarvitaan jatkuvuudenhallintaa, joka on kiinteästi osa kattavampaa IT-strategiaa ja koko yhteiskunta-/yrityskulttuuria. Työ on toteutettu yhdistäen empiriaa ja teoriaa eli tavoitteena on teoreettisen tietämyksen ja käytännön kokemuksellisen oppimisen ja tietämyksen kautta luoda konstruktiivisella otteella toipumissuunnitelman testauksessa käytettävä simulaatiotestausmalli. Dynamics AX -toiminnanohjausjärjestelmän toipumissuunnitelman simulaatiotestausmallista rakentui selkeä ja kevyt työkalu asiakasyritysten toipumissuunnitelman simulaatiotestauksiin. Diplomityössä kuvatuilla keinotekoisilla järjestelmän häiriötilanteilla pystytään simuloimaan Dynamics AX:n toipumissuunnitelman testauksissa oikeita häiriötilanteita suhteellisen kattavalla tasolla.
