The report is based on the risks involved in managing a website of the organization. The researcher has selected Citistore, the largest departmental store of Hong-Kong. Websites play a major role in the development of a company. A proper website helps the management to create a brand value and increase the communications between the service users and the service providers. The websites also provide a detailed awareness on the articles that are on sale and the other types of services that are provided by the organization, share the knowledge and generate support for the organization. The website is also integral to the operations of the organization. The modern day websites of an organization are generally integrated with CRM software to increase their efficiency and make them user friendly. Websites are also considered to be the epicenter of organizational strategy as they serve as a welcome note for the audiences of the organization. Citistore has a dedicated website that caters to all the demands of the customers and also serves the purpose of the company for having a positive impact on the growth of the organization. Websites generally faces a lot of problems. Experts believe that it is much more difficult to maintain a website properly than to create one of them. Although the modern day technologies have acted as a boon for developing the websites on modern lines with the implementation of the latest technology, there are also some potential threats to the stability of the websites as serious harm can be done to these websites.
There are different frameworks that can be followed to mitigate the risks involved in maintaining a certain website of an organization. Some of them are;
The risk management process is based upon the development of the new website and its proper maintenance and functioning. The following management will be based on the
|
Group Participants |
||||
|
Name of stakeholder and position (internal or external) |
Role in risk management process |
Issues or concerns raised |
Method of communication |
When and how often |
|
Managing director |
· To formulate and manage risk management framework on a global level · To ensure implementation of risk administration structure and development and ongoing risk estimation of risks |
Financial matters takes in the requirements of budgets, cash flow, obligations for tax, management related to creditor and debtor, along with general account and remuneration management apprehensions. Regarding equipments it generally extends to the usage of the equipment in conducting of the business and inclusive of the regular continuance and convention, theft safety and upgrades. For organizational perspectives it relates to the internal needs of the business, extending to the structural, cultural along with human resources relevant to the business. Security factor takes in the premises of the business, people and the assets. It also extends the security purpose of the information of company, intellectual possessions along with technology. Legal and regulatory observance takes into account the factors of regulations, legislation, and practice codes along with contractual needs. It also extends for conformity with added ‘rules’ like the processes and policies that might be set by the contracts, social environment or the customers. The factor of reputation entails the reputation threat of the business for the conducting of the entity on whole, the feasibility of the services along with the products or the conducting of the employees or certain others connected with business. |
E-mails, meetings, memos |
Weekly |
|
Project manager |
· Ensure implementation and compliance with the risk management policy and process |
Operational factors takes in the regular planning along with activities of operations inclusive of people and supporting the obligatory within the business resulting in successful improvement and liberation of products and services. Contractual – Obligations related to meeting required within a contract takes in quality of product or service, delivery, warranties and guarantees, requirements related to statutory and insurance and non-performance. Service delivery – It is generally been related to the service delivery, inclusive of the service quality that is been provided or in the manner in which a product is being delivered. It takes in interaction of customers and service that is generally after-sales. |
E-mails |
Weekly |
|
Risk manager |
· To define the risk management policy and implement management strategies and policies |
Commercial – It includes the risks connected with the placement of the market, growth of the business, development of product along with commercial achievement. Also the commercial feasibility of the products and services that is generally enlarging through the enterprises, retention along with growth of the base of customers and return. Project – It takes in equipment management, finances, technology, resources along with the people who are involved within the management process of projects. Pulling out the operational projects of internal nature, development of business and the external projects like those assumed for the clients. Safety – It takes into account everyone who is generally allied with the business like the individual, public safety and workplace. It also applies to the cover of the products or the services that is being delivered by the business process. |
E-mails, meetings |
Weekly |
|
Junior supervisor |
· To participate in the review and update of operational risks · To ensure that the risks are properly identified, managed and monitored |
Workplace safety – Every business possess a duty of care that is being underpinned by the legislation elated to State and Federal agencies. This takes in the sensible steps that need to be taken for protection of the healthy and safety measures of everyone positioned at workplace. Occupational health and safety is incorporated with the total strategy related to risk management ensuring risks and exposures are always recognized and testified. Measures should also be taken in lessening the factor of exposure to the risks as much as possible. Refer to Workplace safety for more relevant information. |
E-mails, meetings |
Daily |
|
Management trainee |
· Ensuring that the risks are properly and timely recorded to facilitate the risk management reporting |
Technology – This takes into account the process of implementation, protection and management along with upgradation with the technology. It is being extended in identifying complex infrastructure of IT and loss of the exacting function/service for an extensive epoch of time. It further takes in the requirement and cost advantage connected with the technology as part of the strategy of business development. |
E-mails |
Daily |
|
Customer service representatives |
· To ensure that proper services are provided to the customers in order to reduce the number of customer complaints |
Client-customer relationship – Probable loss of the clients due to the existing internal and external factors. |
E-mails |
Daily |
PEST Analysis
|
Political |
Economic |
|
· The regulations of web data security in different countries · The policies of the company and the country on web security |
· Increase in reputation leads to increase in revenue · Proper Savings from displaying other web contents like advertising |
|
Social |
Technological |
|
· Different social media sites can be helpful to interact with the service users · Customers voice their concerns which are addressed with the help of social media |
· Latest technology to maintain the website · Use of Cloud technology helps to bring modern features and efficiency |
|
Strengths |
Weaknesses |
|
· Website must not be complex in nature and should be easier to operate · Website must be attractive and appealing to the service users |
· The failure to optimize the website for use in phones at a age when smart phones rules the world · The long queue of confirmation process |
|
Opportunities |
Threats |
|
· The website must be simple · The language should be understandable and must have a translate option to a number of different leading languages of the world |
· Use of Social media in a large scale · Website hacks |
Some of the most common problems that are;
Some of the most common types of risks that exist are;
Risk Register
|
Category ID |
Risk Description |
Consequence rating |
Likelihood rating |
Existing controls |
Mitigation actions |
Cost |
Risk level |
Risk priority |
Risk owner |
Risk rating after treatment |
Review date |
Risk control reviewer |
|
Provide a unique ID no. |
Describe the risk & impact on org. |
e.g. serious |
e.g. likely |
Any existing management / treatment control already in place |
Specify planned strategies. May be preventative or contingency |
$ |
e.g. high |
e.g. 1 |
e.g. Name of person & position |
e.g. high to low |
Date |
Name |
|
1596 |
Poor designing of the website: · Unattractive websites reduces the brand value and the reputation of the company. · Designing the websites is believed to be a work of art and thus the simplicity of the websites makes the page unattractive to the customers. The absence of graphic designing in the websites creates a constraint for the industry |
Serious |
Likely |
Yes |
designing of the websites must be done by an expert website designer to increase the brand awareness of the company |
$10,000 |
High |
1 |
IT department |
High-low |
NA |
31/10/17 |
|
2365 |
Exposure of e-mail address: Emails are filled up with spam mails or there are chances of the mails being hacked. Absence of latest encryption technologies also does not help the organization. |
Serious |
Likely |
Yes |
Implementing latest encryption technologies for the email address |
$25,000 |
High |
1 |
IT department |
High-low |
NA |
05/11/17 |
|
7895 |
Broken link: The site stops working Google may impose a penalty for not keeping the website content updated The users of the system will be frustrated and will come to the conclusion that the people behind the maintenance of these websites fails to regularly keep a close tab on the website |
Serious |
Likely |
Yes |
Recommending the use of Xenu link Sleuth and other protective links |
$12,000 |
High |
1 |
IT department |
High-low |
NA |
06/11/17 |
|
6571 |
No mobile version: The company is automatically bound to lose at least 20% to 30% of the users |
Medium |
Likely |
Yes |
Launching mobile app by considering the demand of the customers |
$20,00 |
High |
2 |
IT department |
High-low |
NA |
10/11/17 |
|
|
Impact |
|||||
|
|
Very Low |
Low |
Medium |
High |
Very High |
|
|
|
Very High |
|
|
|
A slow decision making process as it involves a lot of shareholders |
Lack of Preparation before starting the web development process The absence of popular support by the sponsors of the project |
|
|
High |
|
|
|
Increasing the overall budget of the particular project |
The problems arising when there is a formal request for change in the project when it is almost completed |
|
Medium |
|
|
|
|
|
|
|
Low |
|
|
|
|
|
|
|
Very Low |
|
|
|
|
|
|
Project/Function/Activity: Risk treatment plan |
|||
|
1. Risk: Huge budget increase |
Risk ID #: 1 |
||
|
Summary: The managers and the people in charge of the project must have a proper and transparent estimate of the project cost and have an efficient monitoring plan to control the budget and prevent it from increase |
|||
|
Action Plan 1. Proposed actions Must use detailed information regarding the project Control the budget tightly Tight monitoring |
|||
|
2. Resource equipment Project tool and related software used in such cases of monetary control |
|||
|
3. Responsibility (overall accountability for Actions) Manager in charge of the project |
|||
|
4. Timing (specific milestones) Review reports both weekly and monthly Meetings |
|||
|
5. Repeating and monitoring required Management software Timeline |
|||
|
6. Monitoring record Management software and tools |
|||
|
Compiled By: |
Date: |
Reviewed by: |
Date: |
|
Project/Function/Activity: Risk treatment plan |
|||
|
Risk: Lack of preparation before the start of the web development process |
Risk ID #: 2 |
||
|
Summary: Assembling all the different information and efficient planning |
|||
|
Action Plan 1. Proposed actions Collection of all information The use of different effective methods that will be helpful to tackle any organizational changes Effective planning for the management of the project |
|||
|
2. Resource equipment Document for the planning of the project Development and testing of the website |
|||
|
Responsibility project manager |
|||
|
4. Timing (specific milestones) Use of the required document Engagement of the stakeholders Planning the project |
|||
|
5. Repeating and monitoring required Daily meetings to assess the improvement Continuous assessment Weekly progress reviews |
|||
|
6. Monitoring record User requirement document Management of the project plan |
|||
|
Compiled By: |
Date: |
Reviewed by: |
Date: |
|
Project/Function/Activity: Risk treatment plan |
|||
|
Risk: Decision making process gets stagnant due to the involvement of a large number of stakeholders. |
Risk ID #: 3 |
||
|
Summary: Involve less number of stakeholder |
|||
|
Action Plan 1. Proposed actions Involve less number of stakeholder Effective communications with stakeholders Reporting clearly to the stakeholders |
|||
|
2. Resource equipment Stakeholder management |
|||
|
3. Responsibility (overall accountability for Actions) Project manager |
|||
|
4. Timing (specific milestones) Weekly stakeholder meetings and preparing proper reports |
|||
|
5. Repeating and monitoring required Stakeholder management document |
|||
|
6. Monitoring record Stakeholder Document for communicating effectively and properly |
|||
|
Compiled By: |
Date: |
Reviewed by: |
Date: |
|
Project/Function/Activity: Risk treatment plan |
|||
|
Risk: Sudden Change in the whole system in the midst of the project |
Risk ID #:4 |
||
|
Summary: Managing the project effectively from the beginning of the project. It uses a project management approach that is effective to change and allows severalchanges |
|||
|
Action Plan 1. Proposed actions Legalization of the documents Involvement of the client throughout the project and make sure that it has been implemented by the project team Effective management of the project scope |
|||
|
2. Resource equipment Documents required by the user Management documents that defines the scope of the project Project management plan documents |
|||
|
3. Responsibility (overall accountability for Actions) Manager in charge of the project |
|||
|
4. Timing (specific milestones) Weekly progress reviews Displaying work breakdown structure where all developers and client can see them |
|||
|
5. Repeating and monitoring required Gantt chart |
|||
|
6. Monitoring record User requirements document Scope management document |
|||
|
Compiled By: |
Date: |
Reviewed by: |
Date: |
Task 7: Risk Monitoring and Evaluation
|
Risk |
Monitoring Tool |
Monitoring Performance after risk treatment |
|
Increase in budget |
To control the cost in an effective manner |
Use of effective management tools and management software |
|
Lack of preparation before the start of the web development process |
Keeping or allocating long time to plan Meetings must be conducted to have a clear idea |
Greater awareness, better idea, proper preparation, better anticipation reduces the risk |
|
Decision making process gets stagnant due to the involvement of a large number of stakeholders. |
Preparing a Stakeholder identification and management plan |
Key stakeholders identified and an appropriate communications put in place and used for communication; decisions are now made faster leading to reduced risk |
|
Sudden Change in the whole system in the midst of the project |
Proper and efficient management Scope management |
Proper scope management strategy, following proper methods to adopt to sudden changes |
Risk Management of large organizations like Citi stores have to be maintained in such a way that it protects the internal information of the organization. The organization has installed SCRUM Master which is designed to make necessary changes to the risk management document. It helps the management of the following organization to get a printed receipt of the company whenever required. It can be used for reviews, internal assessments and used to assess the risks while a meeting takes place. The following is printed on a hard copy or a soft copy whenever needed by the organization.
The following project will be requiring a high quality and accurate records that will be used to execute the project. The document can be archived and stored for a period of seven years in the organization. These documents are archived to help the organization when the company faces any legal problems from managing risks.
The categories of risk would be helping the break-down of the procedure for the prospective recognition of risk. It is significant in remembering the fact that identification of risk would be restricted by the knowledge and viewpoint of those carrying out the analysis of risk. The areas of problems along with the risks need to be best recognized by the usage of consistent foundations. There exist several examples of risk in the business of risk. The categories of risk need to be taken in one by one, offering a structured method in the identification of the risk. This enables bigger focus on an exacting group, stimulating the thought process and augmenting the opportunity in recognizing a wider assortment of risks.
Common categories of risk recognized by the management of citistore take in:
Given the complexity of risk management (and the rather long list above), the following four categories have been provided to simplify the types of risk an organization and/or industry may face.
Having a translucent knowledge of the segments of risk can help the organization in planning of the risk and communication of the risk information. They offer a formation for recognizing the risk factor and are often recognized at initial level through the exercise of brainstorming. Adding to that is the understanding of the segments assisting the owners of the business in selecting the best possible tools and techniques for the identification of risk and evaluation. For instance, if a exacting category of risk is generally technical in nature, the methodology of identification of risk would involve important research and compilation of the existing information about the exposure of risk. A risk segment with more strategic focus, like the commercial risk, might engross a structured workshop.
References
Amin, M. R., & Hussin, H. (2014, November). E-commerce adoption in SME retail sector: A conceptual model. In Information and Communication Technology for The Muslim World (ICT4M), 2014 The 5th International Conference on (pp. 1-6). IEEE.
April, B. (2016). U.S. Patent No. 9,241,004. Washington, DC: U.S. Patent and Trademark Office.
Bogorad, W., & Antonov, V. (2014). U.S. Patent No. 8,667,587. Washington, DC: U.S. Patent and Trademark Office.
Chen, H., Beaudoin, C. E., & Hong, T. (2017). Securing online privacy: An empirical test on Internet scam victimization, online privacy concerns, and privacy protection behaviors. Computers in Human Behavior, 70, 291-302.
Chen, R., Gokhale, M., Phillips, E., Wang, L., Nijjer, R., Grover, S., … & Tsai, J. (2014). U.S. Patent Application No. 14/488,115.
Da Silveira, A. C. P., Nijjer, R., Mukherjee, R., & Grover, S. (2014). U.S. Patent Application No. 14/488,102.
Gao, X., Yang, Y., Fu, H., Lindqvist, J., & Wang, Y. (2014, November). Private browsing: An inquiry on usability and privacy protection. In Proceedings of the 13th Workshop on Privacy in the Electronic Society (pp. 97-106). ACM.
Gutteling, J. M. (2015). Risk communication. John Wiley & Sons, Inc..
Haimes, Y. Y. (2015). Risk modeling, assessment, and management. John Wiley & Sons.
Haimes, Y. Y. (2015). Risk modeling, assessment, and management. John Wiley & Sons.
Hirotomo, M., Nishio, Y., Kamizono, M., Fukuta, Y., Mohri, M., & Shiraishi, Y. (2017, August). Efficient Method for Analyzing Malicious Websites by Using Multi-Environment Analysis System. In Information Security (AsiaJCIS), 2017 12th Asia Joint Conference on (pp. 48-54). IEEE.
Karthikeyan, R. G., & Sethuraman, R. (2014). Phishing Website Detection and Prevention of Phishing Attacks: a Field Experiment. International Journal of Science, Engineering and Technology Research (IJSETR), 3(2).
Kashyap, A., & Shekhar, S. (2015). U.S. Patent No. 9,160,766. Washington, DC: U.S. Patent and Trademark Office.
McNeil, A. J., Frey, R., & Embrechts, P. (2015). Quantitative risk management: Concepts, techniques and tools. Princeton university press.
Mockus, D. S., & Segal, M. C. (2014). U.S. Patent No. 8,781,622. Washington, DC: U.S. Patent and Trademark Office.
Prasad, A. V. K. (2016). Architecture for improving security in web environment. In Design Solutions for Improving Website Quality and Effectiveness (pp. 316-333). IGI Global.
Schwalbe, K. (2015). Information technology project management. Cengage Learning.
Sridharan, K., & Kumar, P. S. (2016). An Integration of Web Mining and Security for Ensuring the E-Marketing Websites. Asian Journal of Research in Social Sciences and Humanities, 6(12), 975-991.
Wan, X., Huang, X., & Dong, Y. (2016). The Moderating Role of Product Categories in the Relationship between Online Fulfillment, Procurement, and Consumer Repurchase Intention: A Hierarchical Analysis. Journal of Supply Chain Management, 52(4), 63-76.
Williams, M., Siebers, L. Q., & Xun, J. (2014). 9 Chinese retail policy and strategy. Retailing in Emerging Markets: A Policy and Strategy Perspective, 200.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download