D-6

profilenrvamcni143

  

Question :1 (please do respond of this answer in your own words about 150 words)

If a risk presents an unwanted negative consequence, you may be able to completely avoid those consequences. By stepping away from the business activities involved or designing out the causes of the risk you can successfully avoid the occurrence of the undesired events. One way to avoid risk is to exit the business, cancel the project, close the factory, etc. This has other consequences, yet it is an option. Another approach is to establish policies and procedures that assist the organization to foresee and avoid high-risk situations. By not starting a project that includes a high unwanted risk successfully avoids that risk. Testing or screening of products that may have a latent defect which may lead to unwanted and unacceptably high field failures is an option. Screening is not 100% effective yet may reduce the risk of field failures sufficiently. Design out of a product or process the elements that permit an unwanted risk to arise. A product design change to a more robust material avoids unwanted failures due to unacceptable wear of a less robust material. Implementing engineering design reviews in the product lifecycle process may help identify high-risk areas of a new product or process prior to the decision to start shipping.

Question :2 (please do respond of this answer in your own words about 150 words)

These five controls ended up at the heart of the Residual Risk tool, and they are the ones that I think would be most beneficial for you to concentrate on as you manage the business continuity plan risk in your organization. Here they are:

1. Business Impact Analysis. The BIA is one of the most important controls. In order to help the organization manage and control its risk, you should conduct regular BIAs, and they should be current, comprehensive, and properly assess the level of criticality in the continuity plan.

2. Recovery Strategy. Once you have the results from a good BIA you can use them as the foundation for your second control, the Recovery Strategy. The strategy should reflect how quickly you need to recover the business unit, and should be fully implemented and validated.

3. Recovery Plan. The task here is to write a plan that comprehensively outlines the steps and actions you need to take in order to utilize the recovery strategy to recover the business unit and its critical processes.

4. Recovery Exercises. Have you tested your strategy and plan to make sure you can actually recover based on them? This is about not just stress testing, but practice as well, and most organizations don’t do nearly enough of it.

5. Third-party Suppliers. With some business units this might not be an issue, with others it’s critical. If you have a significant dependency on a third-party supplier, your operation is only as resilient as theirs is. You can have a great strategy and plan, but a chain is only as strong as its weakest link. Are your third-party suppliers the weak link in your unit’s recoverability? This issue is becoming more important as more companies shift vital operations to cloud-based services run by third-party vendors.

    • 5 years ago
    • 5
    Answer(1)

    Purchase the answer to view it

    blurred-text
    NOT RATED
    • attachment
      order_115842_297057.doc