Risk Analysis and Business Continuity for a small business
Andersen, Jonas (2012)
Andersen, Jonas
Laurea-ammattikorkeakoulu
2012
All rights reserved
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2016111716398
https://urn.fi/URN:NBN:fi:amk-2016111716398
Tiivistelmä
This thesis is an attempt to put together a set of methods to aid a small business in managing its The basis of this thesis was the need of one company to manage its risks and plan for potential crises in a cost-efficient way.
The main problem for the company with doing this kind of process on its own was its lack of resources. The goal of the thesis then became to generate a method that would allow the company to have a solid Risk Analysis and Business Continuity program that could be main-tained with the resources that the company possesses.
The development process started with the idea that the company needed both continuity and risk management processes. To make it simple and small enough it was decided to inte-grate Risk Analysis methods and Business Continuity methods to make a whole that could be a tool that would cover all the risk and continuity needs of the company.
When the system had been made, information was gathered from the company to complete a revelation of the process wheel of the system. The methods used for gathering information was both qualitative and quantitative. There were several interviews conducted, inspec-tions of the premises of the company and a workshop to go through the results and validate certain assumptions made in the process.
The process of going through their business has mapped out the different vulnerabilities and risk factors that the company is facing. The next step was to find out how to handle the different vulnerabilities and risk factors in a cost-efficient way and within their capabilities. The process resulted in executable plans to mitigate risks, handle crisis and recover business processes that gives the company clear planning options for its further development.
The main problem for the company with doing this kind of process on its own was its lack of resources. The goal of the thesis then became to generate a method that would allow the company to have a solid Risk Analysis and Business Continuity program that could be main-tained with the resources that the company possesses.
The development process started with the idea that the company needed both continuity and risk management processes. To make it simple and small enough it was decided to inte-grate Risk Analysis methods and Business Continuity methods to make a whole that could be a tool that would cover all the risk and continuity needs of the company.
When the system had been made, information was gathered from the company to complete a revelation of the process wheel of the system. The methods used for gathering information was both qualitative and quantitative. There were several interviews conducted, inspec-tions of the premises of the company and a workshop to go through the results and validate certain assumptions made in the process.
The process of going through their business has mapped out the different vulnerabilities and risk factors that the company is facing. The next step was to find out how to handle the different vulnerabilities and risk factors in a cost-efficient way and within their capabilities. The process resulted in executable plans to mitigate risks, handle crisis and recover business processes that gives the company clear planning options for its further development.