Do You Feel Safe? How to Develop a Risk Treatment Plan

Author: Ahmad Naboulsi

Published:

A couple months ago, we posted our very first gE blog series on Global Entrepreneurship. One of the topics we had discussed was the growing ease of not only starting a business, but also expanding your reach internationally due to increased access to computer and information technology. The internet in particular is a key development in this respect.

One of the things that I thought was relevant to this increase in access, for both businesses big and small, would have to be the increased risk of threats to your business. It would be a modest estimate to say that 25% of personal computers, especially in the US where many people have access to more than one computer on any given day, have had their safety compromised by viruses, adware, spyware, hackers, etc. Because businesses are becoming more reliant on the internet every day, ensuring the safety of your computer network and servers should be of utmost importance.

Here are a few tips from Gamma, a UK based information security firm, on how to assess the risks to your network and develop an appropriate Risk Treatment Plan. Keep in mind that these aren't just tips for technology, but also for the overall wellbeing of your business:

1. Identify the events- whether it's user fraud, hacking, viruses, or even a fire or break in, think of the potential problems that could compromise the safety of your business.

2. Identify the assets- what stuff do you specifically need to protect? Paper documents, the building, networks, servers, computers are all among the things you should be thinking about.

3. Identify the impacts- in the event that you do suffer loses, what specific events will occur because of specific loses? Customer dissatisfaction, loss of revenue, and unanticipated costs all count.

4. Identify the threats- threats are simply the things that would cause the events described in Step 1. Gamma lists a few on their website, including fire, disaffected staff, spies, hackers, and even mistakes made by you or your staff. At this point, you should also assess the magnitude and likelihood of each threat.

5. Produce Risk Treatment Plans for each individual event- compile the information that you've collected and finalize your plan of action.

6. Tidy up- tie up some loose ends, make sure that your business is safe by accounting for your entire inventory, ensuring that the possible avenues for threats to access your business are secured, make sure that you have accounted for control failures, and make sure you have a plan B!

Depending on whether your international presence is virtual or physical, you may also need to assess the safety of the region you are expanding to. For that, we recomend checking your contry of interest's risk rating in Country Insights, where you will find detailed risk assessments for over 200 countries. Don't leave your businesses's safety up to chance- have a plan!