Risk Assessment of Sangrafix Video Design Company

Risk Assessment of Sangrafix Video Design Company Introduction SanGrafix is a technologically oriented company that uses cutting edge technologies in designing of mobile and PC platform games with market orientation. Due to the demanding nature of the gaming industry, the company has decided to perform a risk assessment to ensure they consistently continue to meet the customer demands without interruptions in service delivery. Securing of their network assets is aimed at ensuring they remain competitive in their productions. Aim of the security policy The risk assessment process can sometimes be a simple process i.e. noting a threat in a password written down on a note or some unlocked door to the sensitive data centers or rooms and seeking to address it. However, in some cases, risk assessment can be a complex task that may require a group of security assessment members and months to fully do the assessment depending on the complexity of the company and the sensitivity of the network assets to be protected (Davenport, 2013). A large environment may include multiple locations, complex network, diverse activities, a wide range of activities and resources that have to be evaluated. In risk assessment, you dont need to apply complex networking methodologies as the mainly you have to learn how to apply knowledge methodically to produce accurate and useful data. Approaching a risk assessment task without a predefined strategy could lead to wasting of resources, repetition of steps, low results or in a worst case missing the critical information. The executive management of SanGrafix Company is tasked with the responsibility of assessing all risks of injury and health issues that may result from the use of the companys resources to both the employees and customers of their goods and services. Satisfying this ensures that the company meets the government legal requirements and providing appropriate precaution measures to reduce these effects (Harrington, 2014). Risk assessment is a detailed analysis of the diverse factors that may present risks in the business environment. Health issues and accidents present adverse effects to the business as they can result in endangering of lives or damage to business products and other outputs. This can subsequently lead to legal suits and increased insurance costs. Risk assessment serves to address these issues and make a safer working environment for all the employees and customers. The most important factor in this type of assessment is the determination of the hazards present in working places and determining their significance i.e. electricity in the working environment is a huge hazard to the employees but if properly protected the risk it presents to the employees becomes insignificant. There are five steps involved in risk assessment of the workplace environment; Taking a tour of the workplace and to get a better understanding of all the processes involved in the workplace and identifying possible potential dangers. Talking to the other employees can help provide insights through opinions on how accidents have occurred in the past. Deciding on the affected parties as a result of a given potential hazard and to what extent is the risk harmful. The reviewing team should analyze who is particularly at risk i.e. new employees, trainees and expectant mothers. In addition to this the public in form of customers who are not familiar with the general layout of the company is at risk of being affected. The risk assessment team should evaluate on the existence of enough measures to counter these hazards i.e. through the use of precaution signs. For each risk established what are the preventive and protective measures put in place by the management to ensure risk is reduced. The assessment takes into consideration the legal requirements on health and safety of the law. Besides this, the assessment team should find additional measures that can be implemented to support the existing measures i.e. protective clothing and guard rails for hazardous places (Harrington, 2014). Recording of the findings of the assessment team indicating all the hazards reviewed and the recommendations to the management on how to deal with them. The findings should also evaluate the affected victims and what hazards are yet to be handled whose significance is reasonably low. The final step is for the reviewing of the findings and implementations of the recommendations given by the assessment teams. The team should also address the future handling of new machinery or work procedure implementations that might present threats allowing for a risk-free working environment. Risk Assessment Methodology As we have already established there are different approaches through which a team can carry out a risk assessment process. However, all these approaches have to ensure they have; Identified the potential threats/ hazards Identifying of the underlying risk Reviewing of the existing control measures Evaluation of the risks Implementation of additional control measures Recording of the assessment findings Monitoring and review Informing of the responsible bodies The identification of available hazards can be achieved through observations, interviewing the employees or through firsthand experience by working there. Additional data can be gathered through consultation of data sheets (COSHH), workplace inspections, hazard crib sheets, instruction manuals and accidents/ health issues data. The main focus should be on the hazards that are significantly harmful. In SanGrafix, the machine operators, members of the office staff, the public and maintenance personnel are at risk of general work hazards. Special attention should be dedicated to disabled staff as they are at the highest risk, lone workers, inexperienced workers and temporal staff. The assessment team should analyze the adequacy of the current control procedures and further create a ranking system to determine the residual risk (Hallikas, 2010). Evaluate the risk The significance of a risk is measured by the likelihood and the severity of its impact. Here is a ranking system for the risks in order of significance Highly likely Unlikely Possible Probable Certain There should also be a harm or impact severity ranking system Trivial injuries i.e. scratches Minor injuries i.e. cuts Major injuries ( an injury that could require a week to heal i.e. fracture) Major injuries i.e. amputations Death These two rankings will be used to give the residual ranking of the risk as Low, medium or high. If the risk is low then it can be skipped as it presents a negligible threat. Medium and high-level risks have to be mitigated to ensure that the potential risk is reduced to acceptable levels. SUNGRAFIX PROCESSES ASSOCIATED RISKS TARGETS OF THE RISK RISKS EVALUATION CONTROL MEASURES Game design treatment -quick review of the target audience and provision of unique features Reviewing of this risks is time and human resource intensive which translates to costs Risks of the idea getting stolen. Users Company management The idea being stolen could most likely affect the companys operations as it operates in a competitive industry. Circulate your design treatment to the largest possible number of users for testing and collect some feedback. If the result is positive then advances to the creation of demos can work out. Game preliminary design- discussing the games content, behavior, and rules in a qualitative way given theÂÂ   current situation. Missing of critical processes Production department The quality assessment of the product can reveal shortcoming that could result in additional costs The design phase is very important to the product and cannot be reduced as this could present adverse effects. Preliminary design roughly takes 5 to 10 weeks for the designer, and an additional 10 to 30 hours for the other people involved in brainstorming. Final design- the previous document re-write of products features . Whether we plan well or follow the best practices some designs will just fail. Thats the nature of business Design department Failing to capture the product features could affect the marketing strategies but rigorous counter checking can resolve the issue soÂÂ   impact is unlikely to happen Knowing in advance the parts that are disposable allows for the team to be able to deliver in time. Besides, the risky parts that are cut can be scheduled for later, so that if it needs to be taken out, so that the teams time and effort wont have been wasted. The product specification- details how the implementation of features adopted in the final design will be done. overtime, extra costs, in the last months of production and Delay of final delivery. . Design department These is probable if the team doesnt follow their schedule efforts should be dedicated to ensuring the product specification is as realistic as possible and thorough The graphic bible- determines the look and feel of the games props, maps, characters, etc. The appearance of the game should be in line with the predefined vision. Design department User acceptance of the games is highly dependent on the graphical feel hence should be prioritized. Testing of the prototype to get user feedback and implementation of the user feedbacks into the designs. The interactive screenplay Lack of User -involvement Design department Users expect an interactive game although its unlikely to happen it has major impacts on user acceptance Provide for a way through which users can interact with the system i.e. with dialogs and implementation of the storyline into the product. Distribution Failure of delivery or poor handling of products Supply department These can result in major impacts in declined user satisfaction Working on improving service delivery as it directly impacts the user satisfaction. Sales Lower supply than the production rate Marketing sales departments ensuring the customer gets their services to ensure they satisfy demand as gaming industry is a perishable service. convincing potential customers to purchase your products and services. Billing and Collections Losses Accounts The company has to gain a monetary value to be a business. Lack of a billing system could result in bankruptcy customers are required to pay for their goods or services Accounts Receivable managing of records on earnings Poor record keeping accounts This can lead to lack of accountability There should be a system to monitor records and generate reports Purchasing- acquiring the necessary inputs required to support production. Low production quality Low production Purchases Low-quality products will certainly push customers away Enhance production process to create quality products that can satisfy demand Accounts Payable- Poor accountability Accounts evaluating the expenditure of the company There should be a system to monitor records and generate reports Finance- Poor accountability accounts managing organizations monetary resources There should be a system to monitor records and generate reports Marketing- establishing willing buyers and establishing their needs and requirements. Research-. Small market share marketing This directly impacts the sales of the products and services analyzing market for new value sources in the business Product Development- Lower product recognition and acceptance levels Management marketing This affects the product acceptance levels Creating new strategies to promote products and services. Legal- seeking of legal advice and protecting against legal suits. Legal suits Public relations These can have adverse events that could have major impacts on the company image The company should look to settle outside the court as this could tarnish the companys reputation Human Resource Personnel- finding, recruiting, and compensating affected people. Under-staffing or overstaffing Logistics Understaffing or overstaffing may have certainly cause the company losses Without these data the human resource department cannot make the required plans to support its service delivery hence good planning should be done in advance Implementation of new control measures cases where the risks are not well controlled it is advisable to use new control procedures to ensure they reduce the chance of accidents happening, severity of the accident or both. The following hierarchy of controls helps in deciding what new controls are required Elimination: is it possible to get rid of the risk or the process causing the threats altogether? Substitution: can the current process be exchanged for an alternative that is less severe and risky? Physical controls: separation or isolation of the hazardous regions or processes. Eliminating contact with the hazards is effective through controlling accessibility to such regions Administrative controls: designing of the rule regarding contacts with hazards to creating safe systems procedures of working. Instructions, informing, training and supervision: informing people of the present hazards and training them how to deal with the hazards. Personal protective equipment: proper dressing can go a long way in reducing the impact or severity of the hazards. However, this should be used as additional counter measures and not as the primary and only control measure. Control measures should be easy to implement and practical, able to reduce risks, acceptable by the employees and easy to follow. Since the organization is continuously growing and uses new technologies every day, there should be re-ranking of the risks after implementing of new control measures so as to determine the new residual risk (Hallikas, 2010). Recording the assessment findings The assessments records are of paramount importance as they are usually required by inspectors. There should be records of all the risk assessments done and the implemented changes. Monitoring and reviewing The implemented control measures should be effective in performing the expected controls. Regular reviewing of the control measures should be based on new staff or changes in processes and acquiring of new machines. Informing the relevant stakeholders Its a legal responsibility of the organization to relay the findings of the assessment to all the relevant stakeholders who might be affected by its implementations. The workforce should also be notified of the new changes in control measures and the appropriate emergency procedures that have been developed. Conclusion The consequences of not delivering critical services and products are severe especially in a competitive industry in which SanGrafix operates. Preparation of the organization to potential threats helps reduce the risks and potential impacts of the disasters. Risk assessment allows for moderation of risks and continued delivery of services despite any disruptions (Nigro et al., 2011). Identification and analyzing of business processes has to be anchored to products, customers, orders, suppliers or a combination of all these. Caution should be exercised in the use of input -process- output model as the thinking framework guiding business processes. Customers to a huge extent are not concerned of the internal functioning of the organization resulting in service delivery or the transformational processes in production. In fact this is part of the bigger streams of activity that involve the unending loop between customers and their suppliers. Defining of the business process is an iterative and vexing process and is a result of committed hard work on continuous improvement (Harrington, 2014). References Davenport, Thomas H., (2013). Process Innovation: Reengineering Work through Information Technology.Harvard Business Press: Cambridge. Hallikas, J., Virolainen, V. M., Tuominen, M. (2010). Risk analysis and assessment in network environments: A dyadic case study. International journal of production economics, 78(1), 45-55. Harrington, H. James, (2014). Business Process Improvement. McGraw-Hill: New York. Nigro, G. L., Abbate, L. (2011). Risk assessment and profit sharing in business networks. International Journal of Production Economics, 131(1), 234-241.