Week 7 Disc responses Bus Info
MissMsw01
BusInfoSystmsWeek7Discresponses.docxRespond to two or more of your colleagues in one or more of the following ways:
· Analyze the risks faced by Engro that were identified by your colleagues, and compare them with those you identified. Comment and discuss the similarities and/or differences.
· Analyze the features identified by your colleague that were omitted from the plan, and compare them with those you identified. Comment and discuss the similarities and/or differences.
· Provide an alternative perspective on the best practices for business continuity planning. Use examples based on your experience or observations to support your perspective.
· Offer your ideas about how the best practices suggested by your colleague could be used at your organization. Explain why you think these might offer a competitive advantage for your organization.
Please remember to use citations and references as appropriate and necessary.
1st Colleague to Respond to:
Engro Chemicals Pakistan Limited—Business Disaster Overcome" by Muntazar B. Ahmed.
What were the risks faced by Engro after the fire had left its head office in ruins?
Despite our best efforts and precautions, disasters of all kinds eventually strike an organization, usually unanticipated and unannounced. Natural disasters and other events can threaten the very existence of an organization. For instance, “a fire in the PNSC building, which housed the Engro head office, had destroyed a substantial portion of the company’s hard-copy records relating to the financial years 2004/05 and 2005/06, as well as the period from January 1, 2007, to August 19, 2007; however, the electronic data had remained largely intact. (Ahmed, 2013)” This posed a huge risk for the company to face because due to the fire they lost the financial records their auditors needed to review.
Explain the purpose of the Business Continuity (Disaster Recovery) Plan. What features were omitted from the plan?
The purpose of the Business Continuity (Disaster Recovery) The plan is to prepare Engro in the event of natural disasters caused by factors beyond their control. The BCP differs from the traditional disaster recovery plan DRP) in the fact that a BCP covers all aspects of the business and incorporates the DRP as part of it. The DRP focuses on restoring data and on information technology only.
However, the one important feature that Engro omitted from their plan was a procedure for storing their documents, as well as safeguarding and retrieval procedures for their vital records. By storing their documents and all their vital records in a secure off-site location will not only survive the disaster but will be accessible immediately following the disaster.
Many businesses have 2 locations to store their documents, a temporary area where hard copies are located, and a more permanent area where records are scanned in, then destroyed. It is important that Engro’s know-how and where to access these records in their secure locations, however, they should also set up strict rules about who has access to these areas. Some could have key access only, while others could have badge access or security code access.
The systems were not integrated, and this made it simpler for Engro to recover from the disaster: Does this negate the concept of Enterprise Resource Planning (ERP)? Why, in your opinion, did Engro deviate from the Business Continuity (Disaster Recovery) Plan?
The systems were not integrated, and this made it simpler for Engro to recover from the disaster. However, I believe this is negating from the concept of Enterprise Resource Planning (ERP). Enterprise Resource Planning is a business management system that integrates all facets of the business, including planning, manufacturing, sales, and marketing. As the ERP methodology has become more popular, software applications have emerged to help business managers implement ERP in business activities such as inventory control, order tracking, customer service, finance, and human resources (Curtis, 2006).
The ERP should also cover the techniques and concepts employed for the integrated management of businesses, from the viewpoint of the effective use of management resources, to improve the efficiency of the enterprise. In addition, ERP packages are integrated software packages that support ERP concepts.
There are many different systems in Engro’s "back office," including planning, manufacturing, distribution, shipping, and accounting. Therefore, there Enterprise resource planning (ERP) should be a system that integrates all these functions into a single system, designed to serve the needs of each different department within the enterprise.
Evaluate the overall plan and implementation:
Overall, the plan and implementation did help the company in recovering quickly from the disaster. However, it failed to protect the organization's records before the disaster struck. In my opinion, cloud computing may be the best location for storing vital records. Cloud computing will not only be cost-efficient, but it will provide Engros an unlimited amount of storage for their documents.
Engro should be aware of the importance of backing up their data so they do not lose everything in the case of a system failure or other disasters. The Cloud will not only simplify the process by allowing their data to automatically update as they work, but it will also create copies their data off-site where it will be safe from any local natural disasters, theft, or malfunction.
What best practices or lessons can you learn from Engro, and how might you apply those at your organization?
In conclusion, the business world of today protecting an organization is more than just locking the doors, turning on the security alarm, or posting guards at the entrance. Technology and an extremely competitive global market have given cause for an increased cybercrime, service interruptions, and cooperate espionage. Mother Nature also plays a part in the success and demise of big business. Natural disasters have devastated nearly every country in the world and will continue to do so. Due to financial limitations, procrastination, or the crazy thought of not needing to prepare, proper planning for disasters and crisis situations are more likely overlooked or avoided. Protecting an organization against man-made threats and Mother Nature will cause for the implementation of a contingency plan. I learned that as we head into 2015, the number of threats against an organization will continue to grow. Any excuse for not having a contingency plan in place is no longer acceptable.
For example, my organization is successful because of their intensive preparation. The company has a full-time director of business continuity. Unlike Engro, they also have a detailed business continuity plan, and clear lines of responsibility that were put in place before a disaster can occur.
In the end, well-executed planning and protection can greatly reduce the number of successful attacks, but protection is never perfect. Even companies with good security must be prepared to handle successful attacks.
Reference
Ahmed, M. B. (2009). Engro Chemicals Pakistan Limited—Business disaster overcome. (Ivey Publishing Case No. 909-E24). Retrieved fromhttps://cb.hbsp.harvard.edu/cb/pl/23289610/23289647/06af50cafaf4f78568149bdee9d1ab00
Carver, J. (2013). Importance of business continuity planning: Ineffective data storage practices leave business data at risk. Operations Management, 39(3), 39–40. Retrieved from the Walden Library databases.
Curtis, S. (2006). ERP Integration. Journal of Business Enterprises 8(3). 54-59.
2nd Colleague to respond to:
Businesses face unpredicted events and exposures every day. Managing these risks by developing a business continuity strategy is key to the survival of any organization. Business continuity planning is one of the most important components of any recovery strategy (Carver, 2013). Engro Chemicals Pakistan Limited is a perfect example as to why a business continuity plan is vital to the survival of any organization. Engro Chemicals Pakistan Limited has domineered in the manufacture of fertilizers in the nation of Pakistan. The risks faced by Engro after the fire were there business control systems, IT infrastructure at the head office, there application systems at the head office, never being able to regain lost paperwork and files, and potential loss of employees (Ahmed, 2009). The occurrence of the fire tragedy saw the destruction of the company’s documentation and records implying the lack of evidence for accountability. The following essay analyzes the business disaster overcome by the company while drawing meaningful judgments. Disaster recovery plan (DRP) is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human- induced disaster. Disaster recovery is a subset of business continuity. The purpose of the Business Continuity (Disaster Recovery) Plan is to be able to resume operations in the aftermath of a catastrophic natural disaster and to resume IT operations as quickly as possible (Carver, 2013). The features that were omitted from plan was the locations.
Despite our best efforts and precautions, disasters of all kinds eventually strike an organization, usually unanticipated and unannounced. Natural disasters and other events can threaten the very existence of an organization. For a company with such financial positioning to experience the tragedy of fire destruction in the head office, the company was exposed to the vulnerability to risks associated with businesses. Among such risks include but not limited to the following. First, a fire in the PNSC building, which housed the Engro head office, had destroyed a substantial portion of the company’s hard-copy records relating to the financial years 2004/05 and 2005/06, as well as the period from January 1, 2007, to August 19, 2007; however, the electronic data had remained largely intact. (Ahmed, 2013). Additionally, this posed a huge risk for the company to face because due to the fire they lost the financial records their auditors needed to review.
Business Continuity Planning (BCP) identifies an organization's exposure to internal and external threats and synthesizes hard and soft assets to provide effective prevention and recovery for the organization, whilst maintaining competitive advantage and value system integrity (Carver, 2013). A function may be considered critical if the implications for stakeholders of damage to the organization resulting are regarded as unacceptable. Perceptions of the acceptability of disruption may be modified by the cost of establishing and maintaining appropriate business or technical recovery solutions.
Information security is crucial in organization. All information stored in the organization should be kept secure. Information security will be defined as the protection of data from any threats of virus. The information security in important in the organization because it can protect the confidential information, enables the organization function, also enables the safe operation of application implemented on the organization’s Information Technology system, and information is an asset for an organization. Even though the information is important in organization, there are several challenges to protect and manages the information as well. One of challenges faced in an organization is the lack of understanding on important of information security. When employees are lack of information security knowledge in term of keeping their information, the organization is easy to be attacks by hackers or other threats that try to steal or get the organization confidential information. So, it is crucial and important to all staff in an organization to have knowledge and understanding about the importance information security practice in an organization to protect the confidential data.
References
Ahmed, M.B. Engro Chemicals Pakistan Limited-Business Disaster Overcome. (Ivey Case No.909-E24).
Carver, J. (2013). Importance of business continuity planning: Ineffective data storage practices leave business data at risk. Operations Management, 39(3), 39–40.
