Understanding Information Security Risk Management
VerifiedAdded on 2020/06/03
|14
|4231
|90
AI Summary
This assignment delves into the crucial topic of information security risk management. It examines various aspects, including risk assessment methodologies, risk mitigation strategies, and the implementation of effective risk management frameworks. The provided readings explore diverse perspectives on risk management in different sectors, such as critical infrastructure, chemical plants, and financial enterprises. Understanding the complexities of information security risk management is essential for individuals and organizations aiming to protect sensitive data and ensure operational resilience.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
SECURITY AND RISK
MANAGEMENT
MANAGEMENT
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Table of Contents
INTRODUCTION...........................................................................................................................1
PART 1............................................................................................................................................1
Briefing of the report...................................................................................................................1
PART 2............................................................................................................................................2
Brief description of significant risk and safety issue..................................................................2
Consideration of the possible impact and continuity issues that are arises ................................3
Scoring of risk importance that is based on numeric weightings of probability and impact......4
Methods that are used in quantity of risk and critique of their effectiveness.............................5
Description and justification to suggested and management of the risk.....................................7
How organizational characteristics influence the measures and approach.................................8
CONCLUSION................................................................................................................................9
REFERENCES..............................................................................................................................10
INTRODUCTION...........................................................................................................................1
PART 1............................................................................................................................................1
Briefing of the report...................................................................................................................1
PART 2............................................................................................................................................2
Brief description of significant risk and safety issue..................................................................2
Consideration of the possible impact and continuity issues that are arises ................................3
Scoring of risk importance that is based on numeric weightings of probability and impact......4
Methods that are used in quantity of risk and critique of their effectiveness.............................5
Description and justification to suggested and management of the risk.....................................7
How organizational characteristics influence the measures and approach.................................8
CONCLUSION................................................................................................................................9
REFERENCES..............................................................................................................................10
INTRODUCTION
Uncertain economic times conditions during past few years have effected companies’
functions and operations. With the help of forecasts and projections, banking industry operates
smoothly to manage risk and security within industry. It is the main cause of uncertainty within
an enterprise. In this context, present report is based on Central Bank of Ghana which provides
different types of products and services in various areas (McNeil, Frey and Embrechts, 2015).
Risk is the main reason due to which businesses are affected. In order to focus on the banking
industry, it covers description of risk and safety issues in the market. Furthermore, it assesses
impact of these issues on functions and operations. Moreover, methods are undertaken that
assists to determine quantity of risk and its effectiveness. At last, report discuss about
organisational characteristics which influence to measurement of approaches.
PART 1
Briefing of the report
The Central bank of Ghana is used in the report to study Security and risk management.
The bank was established in 1957 and is situated in Accra. It is also a unit of Alliance for
Financial Inclusion. Conference which was held in March 2002, bank announced that some
commitments would be made by it under Maya Declaration.
From the assessment conducted it can be concluded that in carrying out various business
operations, there are different kinds of risks that are associated with the working practices such
as loss of data, capital and liquidity risk and many more. The chosen risk for the firm is
importance of information for the cited firm. In banking sector, security of data is very critical
issue that is needed to be considered. It is very important to keep information and details of
customers confidential because loss of data could incur heavy losses for the venture (Fenz,
Heurix and Pechstein, 2014). Thus, risk management strategies are required for handling various
kinds of issues that have potential to impact working practices of the firm. Therefore, certain
standards have been developed by the organisations that helps in identification of threats and
vulnerabilities of occurrence of risk. It has been suggested that processes associated with it
should add value to the firm and it should be an important unit of it. All the issues and
uncertainties should be able to be addressed properly. It also needed that it should be structured
properly so that overall efficiency could be enhanced. Various techniques could be used for
1
Uncertain economic times conditions during past few years have effected companies’
functions and operations. With the help of forecasts and projections, banking industry operates
smoothly to manage risk and security within industry. It is the main cause of uncertainty within
an enterprise. In this context, present report is based on Central Bank of Ghana which provides
different types of products and services in various areas (McNeil, Frey and Embrechts, 2015).
Risk is the main reason due to which businesses are affected. In order to focus on the banking
industry, it covers description of risk and safety issues in the market. Furthermore, it assesses
impact of these issues on functions and operations. Moreover, methods are undertaken that
assists to determine quantity of risk and its effectiveness. At last, report discuss about
organisational characteristics which influence to measurement of approaches.
PART 1
Briefing of the report
The Central bank of Ghana is used in the report to study Security and risk management.
The bank was established in 1957 and is situated in Accra. It is also a unit of Alliance for
Financial Inclusion. Conference which was held in March 2002, bank announced that some
commitments would be made by it under Maya Declaration.
From the assessment conducted it can be concluded that in carrying out various business
operations, there are different kinds of risks that are associated with the working practices such
as loss of data, capital and liquidity risk and many more. The chosen risk for the firm is
importance of information for the cited firm. In banking sector, security of data is very critical
issue that is needed to be considered. It is very important to keep information and details of
customers confidential because loss of data could incur heavy losses for the venture (Fenz,
Heurix and Pechstein, 2014). Thus, risk management strategies are required for handling various
kinds of issues that have potential to impact working practices of the firm. Therefore, certain
standards have been developed by the organisations that helps in identification of threats and
vulnerabilities of occurrence of risk. It has been suggested that processes associated with it
should add value to the firm and it should be an important unit of it. All the issues and
uncertainties should be able to be addressed properly. It also needed that it should be structured
properly so that overall efficiency could be enhanced. Various techniques could be used for
1
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
handling it accurately and be capable enough to adopt and acquire change. Risk management
strategy basically involves identification, analysis, assessment and evaluation phase. Mitigation
and monitoring factors are also included into it. Once it has been identified and potential factors
has been analysed it also important that it should be monitored properly so that it could be
reviewed and modifications can be introduced if required.
PART 2
Brief description of significant risk and safety issue
Risk, safety and security are important elements that create issues for customers, banks
and other people. These elements come from internal and external sources. Internal elements are
controllable within the company (Silva, de Gusmão and Costa, 2014). Furthermore, external
sources are not controllable by the businesses. In Central Bank of Ghana, protecting information
confidentially assists to make security and objectives at workplace. With the help of good
understanding of business operations, banking industry need to know about security and risk
management. There are several issues faced by the bank that are as follows:
Sensitive data loss prevention is the main key area in which focus needs to be given in
light of industry. Further, government regulations and potential for large scale of negative
publicity.
With the help of proper business case in respect to financial analysis security objectives
required in every business required so that security and project run smoothly.
Outermost account management and access the control that is constricts the ability to
access important things.
Governance frameworks in security and risk management is successful to work over
longer period of time.
These types of issues continuously creates impact on Central bank of Ghana. This is
because, high amount of finance is needed to develop effective results within the enterprise. In
respect to develop certain services and products banks have to concentrate on identifying
problems and mitigating risk. Hence, its impact could be understood that take place in the
business. Further, safety is another element which influence to work in priority basis. In the
chosen enterprise, following safety issues can be take place:
2
strategy basically involves identification, analysis, assessment and evaluation phase. Mitigation
and monitoring factors are also included into it. Once it has been identified and potential factors
has been analysed it also important that it should be monitored properly so that it could be
reviewed and modifications can be introduced if required.
PART 2
Brief description of significant risk and safety issue
Risk, safety and security are important elements that create issues for customers, banks
and other people. These elements come from internal and external sources. Internal elements are
controllable within the company (Silva, de Gusmão and Costa, 2014). Furthermore, external
sources are not controllable by the businesses. In Central Bank of Ghana, protecting information
confidentially assists to make security and objectives at workplace. With the help of good
understanding of business operations, banking industry need to know about security and risk
management. There are several issues faced by the bank that are as follows:
Sensitive data loss prevention is the main key area in which focus needs to be given in
light of industry. Further, government regulations and potential for large scale of negative
publicity.
With the help of proper business case in respect to financial analysis security objectives
required in every business required so that security and project run smoothly.
Outermost account management and access the control that is constricts the ability to
access important things.
Governance frameworks in security and risk management is successful to work over
longer period of time.
These types of issues continuously creates impact on Central bank of Ghana. This is
because, high amount of finance is needed to develop effective results within the enterprise. In
respect to develop certain services and products banks have to concentrate on identifying
problems and mitigating risk. Hence, its impact could be understood that take place in the
business. Further, safety is another element which influence to work in priority basis. In the
chosen enterprise, following safety issues can be take place:
2
Workplace violence: Violence at workplace is not limited to the physical harm. In this
aspect, workplace safety issues take place due to verbal abuse, sexual harassment and
bullying. It can be lead to sick leave, productivity falling and loss of revenue. In Bank of
Ghana it is also considered death of workers (Lam, 2014). Hence, the enterprise need to
determine safety for them so that proper work can be manage as suspicious activity. Electrical dangers: Near each workplace, sort of electrical services need to make safety
that create impact on health of people. There are many workers that are not known about
use of electrical appliances so that such equipments are need to be extension of proper
cords and wire.
Visitors: When Central bank of Ghana allowed to visitors to build responsible with safety
at workplace, they have to make familiar with some potential dangers. It also assists to
pose threat of employees in which they are not aware or unaware (Root III, 2017).
Consideration of the possible impact and continuity issues that are arises
In order to perform several functions and operations, there are several issues take place in
front of Central bank of Ghana. In this aspect, there profitability and productivity is reducing
continuously. Impact that are arises at workplace are as follows:
Currency recall impact: The banking system witnessed to the unprecedented stress and
reputational risk. Growth of the business and banking sector need to be shown in significant
manner that is compare data to face challenges (Brender and Markov, 2013). Central Bank of
Ghana has effective financial reputation that is governs to create high value to access liquidity.
Transform the domestic economy is the greater intermediation and that transform stability in
financial report.
Stability matters: In financial and economic crises also suggests that deteriorating the
stability is potential threat that create impact on gross non performing advance ratio. In Central
bank of Ghana, macroeconomic stability. In the public sector, this element required to determine
impact for high growth of risk provision. Sectoral credit risk as evident from the macro test
revealed in the sector of banking industry.
High risk: Crises and many other issues creates high risk in banking sector that
determines quality of large borrowers. Capital to risk weighted asset ratio for the public sector is
continues working with banking sector operations. There has been contraction in which profit
after tax is growing as higher risk provision that also recorded losses.
3
aspect, workplace safety issues take place due to verbal abuse, sexual harassment and
bullying. It can be lead to sick leave, productivity falling and loss of revenue. In Bank of
Ghana it is also considered death of workers (Lam, 2014). Hence, the enterprise need to
determine safety for them so that proper work can be manage as suspicious activity. Electrical dangers: Near each workplace, sort of electrical services need to make safety
that create impact on health of people. There are many workers that are not known about
use of electrical appliances so that such equipments are need to be extension of proper
cords and wire.
Visitors: When Central bank of Ghana allowed to visitors to build responsible with safety
at workplace, they have to make familiar with some potential dangers. It also assists to
pose threat of employees in which they are not aware or unaware (Root III, 2017).
Consideration of the possible impact and continuity issues that are arises
In order to perform several functions and operations, there are several issues take place in
front of Central bank of Ghana. In this aspect, there profitability and productivity is reducing
continuously. Impact that are arises at workplace are as follows:
Currency recall impact: The banking system witnessed to the unprecedented stress and
reputational risk. Growth of the business and banking sector need to be shown in significant
manner that is compare data to face challenges (Brender and Markov, 2013). Central Bank of
Ghana has effective financial reputation that is governs to create high value to access liquidity.
Transform the domestic economy is the greater intermediation and that transform stability in
financial report.
Stability matters: In financial and economic crises also suggests that deteriorating the
stability is potential threat that create impact on gross non performing advance ratio. In Central
bank of Ghana, macroeconomic stability. In the public sector, this element required to determine
impact for high growth of risk provision. Sectoral credit risk as evident from the macro test
revealed in the sector of banking industry.
High risk: Crises and many other issues creates high risk in banking sector that
determines quality of large borrowers. Capital to risk weighted asset ratio for the public sector is
continues working with banking sector operations. There has been contraction in which profit
after tax is growing as higher risk provision that also recorded losses.
3
Sustainability: Findings of the stability can be occur at workplace with taking of certain
issues. Trends and progress of the banking is released with concern of terms that indicates
profitability on return on assets and return on the equity (Sweeting, 2017). Hence, it is essential
to developing recovery of economy which assists to make credit of marginal outcomes.
Scoring of risk importance that is based on numeric weightings of probability and impact
Risk impact assessment is the process in which probability and consequences assists to
measure hazards at workplace of chosen enterprise. Results of this assessment have been used
that established critical important ranking. It is the term of ranking that assist to make project
with different resources. High consequence risk events priorities roles and expectations working
on government programs.
In the first step, each risk event impact on project of Central Bank of Ghana
(Albakri,Shanmugam and Ahmed, 2014). With assessment considers event which could be
4
Illustration 1: Risk Management: Fundamental Steps
Source: (Risk Impact Assessment and Prioritization, 2017)
issues. Trends and progress of the banking is released with concern of terms that indicates
profitability on return on assets and return on the equity (Sweeting, 2017). Hence, it is essential
to developing recovery of economy which assists to make credit of marginal outcomes.
Scoring of risk importance that is based on numeric weightings of probability and impact
Risk impact assessment is the process in which probability and consequences assists to
measure hazards at workplace of chosen enterprise. Results of this assessment have been used
that established critical important ranking. It is the term of ranking that assist to make project
with different resources. High consequence risk events priorities roles and expectations working
on government programs.
In the first step, each risk event impact on project of Central Bank of Ghana
(Albakri,Shanmugam and Ahmed, 2014). With assessment considers event which could be
4
Illustration 1: Risk Management: Fundamental Steps
Source: (Risk Impact Assessment and Prioritization, 2017)
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
impact on cost, schedule and technical performances objectives. Impacts are not limit of these
criteria so that political, economic consequence may also need to be considered. Probability
Risk rating is the determines on the probability which can be impact on the level of
numeric weightings. It can be seen in the following manner to ascertain probability and its
impact:
Negligible Minor Moderate Serious Critical
0 - 10% LOW LOW LOW MED MED
11 - 40% LOW LOW MED MED HIGH
41 - 60% LOW MED MED MED HIGH
61 - 90% MED MED MED MED HIGH
91- 100% MED HIGH HIGH HIGH HIGH
At workplace of Central bank of Ghana, operational risk management and risk
prioritization can be serve as measures of probability and severity that create loss from exposure
to risk (Habash, Groza and Burr, 2013). Weighted average model is used to compute overall risk
score to assess risk element. It is provides most critical rank in order to the hazards.
Methods that are used in quantity of risk and critique of their effectiveness
For every organisation, loss of data is major problem that could not be bear by anyone.
Information loss can place a venture at stake. Importance of data for Central bank of Ghana
could be identified by considering two models that are discussed below: Non-Financial methods:
1. Integral value of data: Overall business value id taken into consideration into this.
Quality of data is identified by breaking it into pieces so that individually its accuracy
and effectiveness in context of organisational practises could be identified. It is also
important to identify completeness of the information as well because improper and
insufficient could lead to errors in the working practices of the bank. Each of the data
characteristics is provided with ratings so that its efficiency could be identified (Henrie,
5
criteria so that political, economic consequence may also need to be considered. Probability
Risk rating is the determines on the probability which can be impact on the level of
numeric weightings. It can be seen in the following manner to ascertain probability and its
impact:
Negligible Minor Moderate Serious Critical
0 - 10% LOW LOW LOW MED MED
11 - 40% LOW LOW MED MED HIGH
41 - 60% LOW MED MED MED HIGH
61 - 90% MED MED MED MED HIGH
91- 100% MED HIGH HIGH HIGH HIGH
At workplace of Central bank of Ghana, operational risk management and risk
prioritization can be serve as measures of probability and severity that create loss from exposure
to risk (Habash, Groza and Burr, 2013). Weighted average model is used to compute overall risk
score to assess risk element. It is provides most critical rank in order to the hazards.
Methods that are used in quantity of risk and critique of their effectiveness
For every organisation, loss of data is major problem that could not be bear by anyone.
Information loss can place a venture at stake. Importance of data for Central bank of Ghana
could be identified by considering two models that are discussed below: Non-Financial methods:
1. Integral value of data: Overall business value id taken into consideration into this.
Quality of data is identified by breaking it into pieces so that individually its accuracy
and effectiveness in context of organisational practises could be identified. It is also
important to identify completeness of the information as well because improper and
insufficient could lead to errors in the working practices of the bank. Each of the data
characteristics is provided with ratings so that its efficiency could be identified (Henrie,
5
2013). Any type of data which is unique and specific for the firm and is unavailable to
other competitors have more value for the present organisation.
2. Business value of data: To measure value of information for different business processes,
this model could be utilized. Available is evaluated so that its relevancy in given context
could be analysed and how timely it is available for various business processes could also
be measured. To identify characteristics of information that is being available from third
party, this model could be made used.
3. Performance value of data: Key performance indicators that is KPI could be utilized for
measuring impact of data on businesses over a given time period. It is thus helpful in
identification of its value and if improvements are required, then it could be introduced to
make it effective and add value to it. For example, if bank has access to the competitors'
data and policies then they could make necessary modifications in their working plan so
that more number of customers could be attracted to hold their account in Central bank of
Ghana (Vogel, 2017). Thus, it is very important to identify and analyse the performance
of information because quality information contributes into business growth. Financial methods:
1. Cost value of data: it is very essential for organisation to identify and analyse the cost
value of the information. It helps in finding the cost that would incur if the data gets lost
in certain circumstances. Loss of data is major risk factor for banks as they hold critical
and crucial information about their customers which is not shareable. This model could
be utilized for the measurement of cost of data. In this segment there is replacement cost
of information as well. For measurement of cost, data is assigned with a value that
benefits in finding price that would be incurred in acquiring it back.
2. Economic value of information: the stated model could be utilized to identity the
importance of information for the given organisation. This model also contributes into
analysing data and its value in revenue generation. It is also kind of KPI model but here
revenue is given more focus rather than KPI indicators (Coker, 2014). Thus, if a given set
of information is contributing factor in generating income for the Central bank of Ghana
then in that case loss of data could lead to greater losses for the firm. Life span of data is
also taken into consideration.
6
other competitors have more value for the present organisation.
2. Business value of data: To measure value of information for different business processes,
this model could be utilized. Available is evaluated so that its relevancy in given context
could be analysed and how timely it is available for various business processes could also
be measured. To identify characteristics of information that is being available from third
party, this model could be made used.
3. Performance value of data: Key performance indicators that is KPI could be utilized for
measuring impact of data on businesses over a given time period. It is thus helpful in
identification of its value and if improvements are required, then it could be introduced to
make it effective and add value to it. For example, if bank has access to the competitors'
data and policies then they could make necessary modifications in their working plan so
that more number of customers could be attracted to hold their account in Central bank of
Ghana (Vogel, 2017). Thus, it is very important to identify and analyse the performance
of information because quality information contributes into business growth. Financial methods:
1. Cost value of data: it is very essential for organisation to identify and analyse the cost
value of the information. It helps in finding the cost that would incur if the data gets lost
in certain circumstances. Loss of data is major risk factor for banks as they hold critical
and crucial information about their customers which is not shareable. This model could
be utilized for the measurement of cost of data. In this segment there is replacement cost
of information as well. For measurement of cost, data is assigned with a value that
benefits in finding price that would be incurred in acquiring it back.
2. Economic value of information: the stated model could be utilized to identity the
importance of information for the given organisation. This model also contributes into
analysing data and its value in revenue generation. It is also kind of KPI model but here
revenue is given more focus rather than KPI indicators (Coker, 2014). Thus, if a given set
of information is contributing factor in generating income for the Central bank of Ghana
then in that case loss of data could lead to greater losses for the firm. Life span of data is
also taken into consideration.
6
3. Market value of data: it represents what value the available information holds into
marketplace. For this we can take into consideration it selling price, renting etc. factors
that would make us examine extent of risk for the cited firm in case of information loss.
Thus, all the above methods could be utilized to analyse and examine the effectiveness of the
data and value associated with it. It is thus contributing factor in measurement of risk of loss of
information for the bank.
Description and justification to suggested and management of the risk
Data security issues have come into existence over the years and it is very important to
look into this aspect as loss of information could incur heavy losses for the firm which becomes
difficult to recover in many situations. Risk of data to be hacked ans stolen in businesses is very
high. Data protection Act has also been established by the government under which nobody is
allowed to have access for the data unless permission is provided (Mandaraka-Sheppard, 2014).
If someone is found indulged into such practises then it is considered as criminal offence and
liable to punishments.
To mitigate and manage different kinds of risks such as prevention of data loss, credit
risk, liquidity risk, etc. in banking sector, risk management strategy could be adopted by the
Central bank of Ghana. In cases where data of customers are handled by external party, then it is
their responsibility only to ensure data security at all the ends. Some of the steps that could be
taken up by the organisation in the given context could be presented as: Human and operational controls: Staff members should be provided with trainings so
that customer's data could be handled properly. It is very essential to hold information
securely because its losses can cause greater damages. Therefore, different policies
should be framed which should ensure data privacy and security. Technical measures: there should be advanced use of technology so that information
could be protected from getting hacked. Software's could be installed for ensuring
protective measures in terms of asking for passwords whenever someone wants to
retrieve information and use of firewalls so that malicious malware and viruses could be
protected from entering into information system of bank (Grace, Leverty and Shimpi,
2015). They could also make use of encryption technique in which data is transferred
from one system to another in the form of encrypted data and at the end of destined
7
marketplace. For this we can take into consideration it selling price, renting etc. factors
that would make us examine extent of risk for the cited firm in case of information loss.
Thus, all the above methods could be utilized to analyse and examine the effectiveness of the
data and value associated with it. It is thus contributing factor in measurement of risk of loss of
information for the bank.
Description and justification to suggested and management of the risk
Data security issues have come into existence over the years and it is very important to
look into this aspect as loss of information could incur heavy losses for the firm which becomes
difficult to recover in many situations. Risk of data to be hacked ans stolen in businesses is very
high. Data protection Act has also been established by the government under which nobody is
allowed to have access for the data unless permission is provided (Mandaraka-Sheppard, 2014).
If someone is found indulged into such practises then it is considered as criminal offence and
liable to punishments.
To mitigate and manage different kinds of risks such as prevention of data loss, credit
risk, liquidity risk, etc. in banking sector, risk management strategy could be adopted by the
Central bank of Ghana. In cases where data of customers are handled by external party, then it is
their responsibility only to ensure data security at all the ends. Some of the steps that could be
taken up by the organisation in the given context could be presented as: Human and operational controls: Staff members should be provided with trainings so
that customer's data could be handled properly. It is very essential to hold information
securely because its losses can cause greater damages. Therefore, different policies
should be framed which should ensure data privacy and security. Technical measures: there should be advanced use of technology so that information
could be protected from getting hacked. Software's could be installed for ensuring
protective measures in terms of asking for passwords whenever someone wants to
retrieve information and use of firewalls so that malicious malware and viruses could be
protected from entering into information system of bank (Grace, Leverty and Shimpi,
2015). They could also make use of encryption technique in which data is transferred
from one system to another in the form of encrypted data and at the end of destined
7
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
system it gets recovered by using decryption techniques. This kind of methodology
provides high level of data security for the organisations.
Capital risk: Banking sectors are directly or indirectly gets affected by capital
availability. It is a major risk factor for the Central Bank of Ghana and for handling this
issue, several rules and regulations have been framed so that capital adequacy ratio could
be maintained in the bank. A directive was issued by the Central bank of Ghana to all the
corresponding banks to increase paid up capital up to US$ 8 million till 2006 year. All
the banks got engaged into this direction. Thus, it is very essential for banks to hold
sufficient balance in order to deal with safety issues. Capital also presents lending
capacity of a bank. It is also helpful in holding customers with the organisation.
How organizational characteristics influence the measures and approach
Risks are something that affects overall performance of the organisation in various fields.
Thus, it becomes very essential for the ventures to identify potential risks that could affect
working practices by reducing growth and performance of the firm.Risks are thus needed to be
handled properly so that it does not affect other sectors of the business. There are various
characteristic's that affects risk management within the firm such as organisational structure and
culture.
Risks are generally based on corporate beliefs which are inherited by others are as well.
Thus, these practices could affect risk management strategies (Khakzad, Martinez and Reniers,
2017). Effect of culture and structure could be understand as many organisations have their own
ethics and values of work which might not be acceptable for others. Individuals assigned with
tasks are not capable enough to perform it or directly they deny to work on it presents their
attitude and behaviour.
Culture within an organisation includes the way in business processes and operations are
conducted and accordingly decisions are taken up against it. Culture basically represents attitude
and etiquettes of working individuals. it also involves what are the communication patterns and
workplace ethics in the firm. As per the analysis , in Central bank of Ghana there is limitation of
interaction among people between various levels of hierarchy that limits flow of information.
When there is effective implementation of working culture, then chances of uncertainty in work
also reduces. It is very important to have involvement of employees at all the possible levels in
8
provides high level of data security for the organisations.
Capital risk: Banking sectors are directly or indirectly gets affected by capital
availability. It is a major risk factor for the Central Bank of Ghana and for handling this
issue, several rules and regulations have been framed so that capital adequacy ratio could
be maintained in the bank. A directive was issued by the Central bank of Ghana to all the
corresponding banks to increase paid up capital up to US$ 8 million till 2006 year. All
the banks got engaged into this direction. Thus, it is very essential for banks to hold
sufficient balance in order to deal with safety issues. Capital also presents lending
capacity of a bank. It is also helpful in holding customers with the organisation.
How organizational characteristics influence the measures and approach
Risks are something that affects overall performance of the organisation in various fields.
Thus, it becomes very essential for the ventures to identify potential risks that could affect
working practices by reducing growth and performance of the firm.Risks are thus needed to be
handled properly so that it does not affect other sectors of the business. There are various
characteristic's that affects risk management within the firm such as organisational structure and
culture.
Risks are generally based on corporate beliefs which are inherited by others are as well.
Thus, these practices could affect risk management strategies (Khakzad, Martinez and Reniers,
2017). Effect of culture and structure could be understand as many organisations have their own
ethics and values of work which might not be acceptable for others. Individuals assigned with
tasks are not capable enough to perform it or directly they deny to work on it presents their
attitude and behaviour.
Culture within an organisation includes the way in business processes and operations are
conducted and accordingly decisions are taken up against it. Culture basically represents attitude
and etiquettes of working individuals. it also involves what are the communication patterns and
workplace ethics in the firm. As per the analysis , in Central bank of Ghana there is limitation of
interaction among people between various levels of hierarchy that limits flow of information.
When there is effective implementation of working culture, then chances of uncertainty in work
also reduces. It is very important to have involvement of employees at all the possible levels in
8
the venture so that decision making capabilities could be enhanced. When there are number of
participating people, then chances of getting productive outcomes also increases.
The other factor that influences risk management in the organisation is design and
structure which is required to be transparent so that everybody in the bank could have equal
opportunity to showcase their talent and contribute in organisational growth (Shameli-Sendi,
Aghababaei-Barzegar and Cheriet, 2016). People should be encouraged to share and exchange
ideas so that others could also acquire learning. Team work culture should be there in the
organisations so that tasks could be divided into different individuals and accordingly risk of
committing mistakes also reduces.
Cultural differences could have positive as well as negative impacts on the people. When
individuals come from varied backgrounds, they could present various perspectives on the given
subject. It creates supportive environment and provides opportunities as well. Effective
communication is required for handling risks in the banking sector. Employees should be
communicated to continuously work on the presented issue so that risks could be minimized and
improved.
In Central bank of Ghana, if third party is hired for maintaining customers details then it
is required for them to manage associated risks according to the given standards of management.
Employees could also be provided with training sessions in order to handle risks and how it
should be managed if it is encountered (Root III, 2017). Thus, risk management involves
analysis and assessment of potential factors that could affects working practices of the firm and it
is very essential that no limitations or obstacles come into existence to handle them. It is the
responsibility of firm itself to identify potential risks that could be faced in the near future and
accordingly planning should be done for its mitigation. Employees are also needed to be trained
so that they could handle at their level if possible which would save time and cost for the
venture.
CONCLUSION
From the above report it can be concluded that security and risk management is an
important consideration in business practices. There are various types of risks that could be
encountered by Central bank of Ghana such as loss of data, terrorism and credit risks and many
more. In contrast to this, various methods could be adopted for mitigating it such as data
9
participating people, then chances of getting productive outcomes also increases.
The other factor that influences risk management in the organisation is design and
structure which is required to be transparent so that everybody in the bank could have equal
opportunity to showcase their talent and contribute in organisational growth (Shameli-Sendi,
Aghababaei-Barzegar and Cheriet, 2016). People should be encouraged to share and exchange
ideas so that others could also acquire learning. Team work culture should be there in the
organisations so that tasks could be divided into different individuals and accordingly risk of
committing mistakes also reduces.
Cultural differences could have positive as well as negative impacts on the people. When
individuals come from varied backgrounds, they could present various perspectives on the given
subject. It creates supportive environment and provides opportunities as well. Effective
communication is required for handling risks in the banking sector. Employees should be
communicated to continuously work on the presented issue so that risks could be minimized and
improved.
In Central bank of Ghana, if third party is hired for maintaining customers details then it
is required for them to manage associated risks according to the given standards of management.
Employees could also be provided with training sessions in order to handle risks and how it
should be managed if it is encountered (Root III, 2017). Thus, risk management involves
analysis and assessment of potential factors that could affects working practices of the firm and it
is very essential that no limitations or obstacles come into existence to handle them. It is the
responsibility of firm itself to identify potential risks that could be faced in the near future and
accordingly planning should be done for its mitigation. Employees are also needed to be trained
so that they could handle at their level if possible which would save time and cost for the
venture.
CONCLUSION
From the above report it can be concluded that security and risk management is an
important consideration in business practices. There are various types of risks that could be
encountered by Central bank of Ghana such as loss of data, terrorism and credit risks and many
more. In contrast to this, various methods could be adopted for mitigating it such as data
9
encryption technology which provides security at high level. Several factors are there such as
culture and structure of the firm that might impact the planning and mitigation strategies.
10
culture and structure of the firm that might impact the planning and mitigation strategies.
10
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
REFERENCES
Books and Journals
Albakri, S. H., Shanmugam, B. and Ahmed, A., 2014. Security risk assessment framework for
cloud computing environments. Security and Communication Networks. 7(11). pp.2114-
2124.
Brender, N. and Markov, I., 2013. Risk perception and risk management in cloud computing:
Results from a case study of Swiss companies. International journal of information
management. 33(5). pp.726-733.
Coker, C., 2014. Globalisation and Insecurity in the Twenty-first Century: NATO and the
Management of Risk. Routledge.
Fenz, S., Heurix, J. and Pechstein, F., 2014. Current challenges in information security risk
management. Information Management & Computer Security. 22(5). pp.410-430.
Grace, M. F., Leverty, J. T. and Shimpi, P., 2015. The value of investing in enterprise risk
management. Journal of Risk and Insurance. 82(2). pp.289-316.
Habash, R. W., Groza, V. and Burr, K., 2013. Risk management framework for the power grid
cyber-physical security. British Journal of Applied Science & Technology. 3(4). p.1070.
Henrie, M., 2013. Cyber security risk management in the SCADA critical infrastructure
environment. Engineering Management Journal. 25(2). pp.38-45.
Khakzad, N., Martinez, I. S. and Reniers, G., 2017. Security risk assessment and management in
chemical plants: Challenges and new trends. Process Safety Progress.
Lam, J., 2014. Enterprise risk management: from incentives to controls. John Wiley & Sons.
Mandaraka-Sheppard, A., 2014. Modern maritime law and risk management. CRC Press.
McNeil, A. J., Frey, R. and Embrechts, P., 2015. Quantitative risk management: Concepts,
techniques and tools. Princeton university press.
Shameli-Sendi, A., Aghababaei-Barzegar, R. and Cheriet, M., 2016. Taxonomy of information
security risk assessment (ISRA). Computers & Security. 57. pp.14-30.
Silva, M. M., de Gusmão, A. P. H. and Costa, A. P. C. S., 2014. A multidimensional approach to
information security risk management using FMEA and fuzzy theory. International
Journal of Information Management. 34(6). pp.733-740.
Sweeting, P., 2017. Financial enterprise risk management. Cambridge University Press.
11
Books and Journals
Albakri, S. H., Shanmugam, B. and Ahmed, A., 2014. Security risk assessment framework for
cloud computing environments. Security and Communication Networks. 7(11). pp.2114-
2124.
Brender, N. and Markov, I., 2013. Risk perception and risk management in cloud computing:
Results from a case study of Swiss companies. International journal of information
management. 33(5). pp.726-733.
Coker, C., 2014. Globalisation and Insecurity in the Twenty-first Century: NATO and the
Management of Risk. Routledge.
Fenz, S., Heurix, J. and Pechstein, F., 2014. Current challenges in information security risk
management. Information Management & Computer Security. 22(5). pp.410-430.
Grace, M. F., Leverty, J. T. and Shimpi, P., 2015. The value of investing in enterprise risk
management. Journal of Risk and Insurance. 82(2). pp.289-316.
Habash, R. W., Groza, V. and Burr, K., 2013. Risk management framework for the power grid
cyber-physical security. British Journal of Applied Science & Technology. 3(4). p.1070.
Henrie, M., 2013. Cyber security risk management in the SCADA critical infrastructure
environment. Engineering Management Journal. 25(2). pp.38-45.
Khakzad, N., Martinez, I. S. and Reniers, G., 2017. Security risk assessment and management in
chemical plants: Challenges and new trends. Process Safety Progress.
Lam, J., 2014. Enterprise risk management: from incentives to controls. John Wiley & Sons.
Mandaraka-Sheppard, A., 2014. Modern maritime law and risk management. CRC Press.
McNeil, A. J., Frey, R. and Embrechts, P., 2015. Quantitative risk management: Concepts,
techniques and tools. Princeton university press.
Shameli-Sendi, A., Aghababaei-Barzegar, R. and Cheriet, M., 2016. Taxonomy of information
security risk assessment (ISRA). Computers & Security. 57. pp.14-30.
Silva, M. M., de Gusmão, A. P. H. and Costa, A. P. C. S., 2014. A multidimensional approach to
information security risk management using FMEA and fuzzy theory. International
Journal of Information Management. 34(6). pp.733-740.
Sweeting, P., 2017. Financial enterprise risk management. Cambridge University Press.
11
1 out of 14
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.