Business Continuity Planning and Disaster Recovery Planning

Posted: January 4th, 2023

Business Continuity Planning and Disaster Recovery Planning

Student’s Name

Institutional Affiliation

Course Title

Instructor

Due Date

Business Continuity Planning and Disaster Recovery Planning

Introduction

Businesses, whether big or small, should watch out for the possible risks that could affect their activities and take appropriate measures towards preventing additional threats. An institution that thinks it is superior and that it can overcome all its tribulations is wrong, and might not be ready to handle or mitigate on issues that present considerable organizational threat. The study focuses on Amazon, which is the leading retailer globally. The multinational technology company in Seattle focuses on a number of activities, including artificial intelligence (AI), digital streaming, cloud computing and e-commerce (Amazon 2020). Many regard it as one of the big four tech companies, along with Facebook, Google, and Apple. The retailer is famous and is undoubtedly one of the highly influential cultural and economic forces globally, as well as the most appreciated brand. Amazon is a leader in disrupting well-formed industries through its technological prowess and mass production (Amazon 2020). It currently holds the number one position as the largest internet firm by revenue in their entire globe, and second largest private employer in America. The group commenced its operations in 1994 as an online platforms for purchasing books, but slowly added other products onto its portfolio, including jewelry, apparel, electronics, food, and software among many other products (Amazon 2020). The company streams music and video, manages a studio and a publishing house, and produces a number of smart devices that help users in many ways. Amazon has had its fair share of risks that have threatened its operations, which compel business leaders to embrace effective mitigating approaches. The corporation faces cyber-attack, political, legal, and sociocultural risks that could interfere with its activities. The firm should embrace more effective ways for mitigating the risks if it does not want to experience any disruptions. Mitigating the risks provides Amazon with more avenues to perform its activities and increases its chances of becoming competitive.

Strategies and Management

The leaders at Amazon understand that the business is not free from risks and try to enact some prevention and mitigation measures to prevent any fatal repercussions. The group uses risk management, which entails recognition, valuation, and prioritization of uncertainties or risks followed by reducing, monitoring, and regulating the effects of potential risks or advancing intervention approaches using economic and coordinated resources (Amazon 2020). The management at Amazon appreciates the fact that risk management is important in its operations because it provides an opportunity to predict returns on investments and to project all possible constraints the corporation could experience by beginning a new endeavor.

Amazon usually considers five essential steps when dealing with the risks before it. The corporation considers this to be an effective risk management plan. The corporation begins with identifying the risk that the company is exposed to in its setting or operating environment (Amazon 2020). The firm first considers whether the issue falls within environmental, regulatory, legal, or market risk to know what approach to take. The group then moves to analyzing the risk and finding out how it is likely to affect the organizational operations. The firm at this stage tries to understand the scope of the risk, and to know the connection between the risks and various factors within the firm (Amazon 2020). The team in charge of dealing with the risk tries to assess the seriousness and severity of the issue by examining how many business operations it can affect. The group allocates much time to find out if the risk can bring the entire organization to a standstill, or if it can only cause insignificant inconveniencies (Amazon 2020). Amazon proceeds to the third phase, which is evaluating or ranking the risks to know the ones that require more attention. The team ranks lowly those risks that can have insignificant effect and highly those that can have severe implications. Amazon values ranking the risks because it allows the firm to acquire a holistic perception of the risk exposure of the entire business (Amazon 2020). The group handling risks may not require upper management intervention when handling low-level risks, but this could be necessary when handling high-rating risks. Amazon then proceeds to the fourth phase, which is treating the risk. The online retailer acknowledges that each risk needs to be removed or managed as much as possible (Amazon 2020). The group at this stage incorporates various specialists, especially from the risk to which the risk belongs to. Conventionally, Amazon would contact relevant stakeholders and set up meetings where everyone can talk and address the matter (Amazon 2020). The company sends a notification from within the system, who all contribute towards finding an amicable solution. The risk management team evaluates the potential solutions and provides updates straight from within the intervention crew.

The final phase Amazon uses to manage the risks it currently experiences is monitoring and reviewing the risk. The team uses this phase to identify whether the adopted solutions yield the desirable outcome, or if more need to happen to come up with better approaches to mitigating the risk (Amazon 2020). The retailer knows that it is impossible to completely eliminate all the risks, especially environmental, political, and market risks that will always require close monitoring. The firm assigns certain individuals to closely monitor the progress and rule out if better structures must be in place to fully eradicate the threat (Amazon 2020). The professional at the final phase ensure that they keep watch of all risk factors because it may be difficult to predict which would reemerge, and which will not. Amazon is increasingly embracing technology to monitor risks, which makes it easier for everyone to identify an issue in case of any resurgence.

Risk Analysis

Amazon has experienced several risks in the course of its activities, and although the firm tries to mitigate the issue each time an incident happens it is apparent that such threats have adverse implications on organizational activities. For instance, at least 100 merchants dealing with the online retailer became victims of hacking in 2018 (Steiner 2019). The extensive fraud resulted in the stealing of money from the vendors’ accounts. But rather than its own systems being violated, the company thinks the merchants were conned into submitting their login information for personal accounts (Steiner 2019). Specialists at Amazon blame the increased sophistication of hacking techniques that make it possible for violators to use phishing emails to collect individual information and using it for unscrupulous ways (Steiner 2019). Consequently, the fraudsters managed to siphon money to their own accounts. The attack on vendors sends a strong signal to Amazon that becomes cautious to avoid any violation on its systems. The infringement indicates that cyber threat is real and failing to enact mitigating measures is equal to inviting attackers. Furthermore, Amazon has learned that it cannot solely rely on law enforcers to protect it and its stakeholders, and is already embarking on developing effective crisis management plans.

The risk of cyber-attack is a major concern that Amazon should give uttermost priority considering that it performs most of its activities over the internet. Belani (2020) asserts that the risk and seriousness of cybercrime have escalated over the recent years. Mankind has experienced the most terrific cases of cybercrimes connected to interference with microchips, intense violation of personal data, and many other related cases (Bendovschi, 2015). The growth in technology and the wide utilization of digital media is improving how attackers conduct their activities by the day. Belani (2020) describes how organizations that perform most of their activities online will experience cyber-attacks under three major subcategories; disruption, deterioration, and distortion. Amazon and other companies conducting their operations online must enhance their cybersecurity guidelines and be ahead of threats rather than postponing them. Amazon and other leading companies use cloud storage, but the Oracle and KPMG Cloud Threat Report 2019 exposes that cloud vulnerability is and will continue to be one of the major cybersecurity concerns organizations face and must address (2020). Businesses should act very fast if they must leverage cloud applications and store confidential data relating to their workers and corporate activities on the cloud. Belani (2020) writes that owing to its capacity to have a significant implication on marketing operations, supply chain management (SCM), security, and other areas, AI is increasingly establishing its way into the business world. Companies must be cautious of risks such as machine learning poisoning and AI fuzzing that are set to be the next major cybersecurity concerns (Belani 2020). Cyber threat is a major risk Amazon must overcome to protect its operations from online attackers who are increasingly becoming clever.

Political risks present considerable threat to Amazon, and the company must come up with appropriate intervention approaches to prevent adverse implications. Jeff Bezos started having problems with political policies in the U.S. soon after President Trump assumed power for the second term in office. Trump gave Amazon a major blow by claiming that the company does not remit its taxes in accordance with the law, and even accused the CEO of misusing The Washington Post to get favors from politicians (Mac 2017). The President later said in a presser with Fox News that the company has a serious antitrust issue (Mac 2017). Amazon’s leader refrains from attacking Trump knowing that such a move could jeopardize operations. However, Bezos has continually criticized some regulations introduced by Trump, including the new taxation policy that seeks to cut tax and eliminate other regulations and the immigration executive order (Mac 2017). The CEO believes that America is a country of immigrants whose backgrounds, point of view, and ideas vary and enacting stricter immigration policies could affect business. Most firms experience considerable challenges maintaining safe configuration for their cloud-resident workloads, and gratifying their security teams that they handle cloud infrastructure safely. Furthermore, the online retailer and other corporations must be keen with how they engage with AI and machine learning that have transformed every sector.

Amazon must deal with the legal risks that have considerable implications on its activities. Amazon and Expedia moved to court to challenge the travel ban imposed by Trump through the new immigration laws, and joined the State of Washington in opposing the directive (Mac 2017). The Ninth Circuit appeals court ruled in San Francisco that the order remains blocked until all parties clear pending issues (Mac 2017). The company has dealt with other legal issues, which suggest that it must take suitable interventions to prevent any fatal repercussions. goFit from Austria and Ortlieb Sportartikel from Germany, which manufacture mats and  bicycle bags, respectively took Amazon to court in 2018 objecting the how the online retailer handles consumer searches and the way purchasers request for products from the two companies (DW 2018). Amazon Earlier in April 2020, the company battled Coty, which owns Davidoff perfume. Coty asserted that Amazon sells the product on its platform without valid license, thus violating its trademark rights (BBC 2020). However, the European Court of Justice (ECJ) ruled in favor of Amazon the case does not offer tangible evidence. Amazon appears to be facing many legal risks that may be threatening if the retailer fails to embrace an effective mitigating plan.

The company deals with social risks that have considerable implications on how the firm performs its activities. The firm is at risk of failing to meet the consumers’ desires and interests as it happened in China. When the group announced that it would cease its operations in the Chinese market, consumers in the region hardly appeared disappointed (Ye 2019). Most Chinese buyers feel that the company deserves to be ejected because of its incapacity to adjust in their country. Buyers in China are no longer able to purchase goods from third-party vendors in the country unless they buy from the company’s global store (Ye 2019). The incident in China informs Amazon and other businesses venturing into foreign markets that it is imperative to know appropriate buyer trends and attitudes that support and advocate for innovation (Ye 2019). Amazon learns the importance of acquiring a broader view of the fast-changing retail sector by getting lessons from both within and beyond the industry (Ye 2019). More fundamentally, the potential social risks informs Amazon the values of developing and implementing effective strategies to help guide future decision-making and support development of new products.

Crisis Management Plan

Addressing Risk of Cyber-Attack 

Dealing with the risk of cyber-attacks requires the company to take multiple approaches to achieve the best outcome. A vital requirement is to train employees about the various possible attacks they are likely to experience in the course of their service (Wallace & Webber 2010). For instance, employees should know it is possible to encounter cases of malware attacks such as spoofing, viruses, spamming, Trojans, and spyware (Bendovschi 2015). Workers should understand other probable attacks they may encounter in the course of duty, such as password sniffing, system infiltration, website defacement, and intellectual property theft among others (Bendovschi 2015). Training members of staff equips them with valuable information that they can use to prevent violations via internet of things (IoT) devices. Knowledge should guide workers on how to install a firewall that defend users against attacks. A firewall structure will prevent the system from damage in case of an attack (Bendovschi 2015). Furthermore, Amazon should embrace an organizational culture that promotes backing of data to avoid severe downtime, severe financial loss, and loss of vital data. Employees should use their skills to protect their Wi-Fi because this is one of the safest way to safeguard the system against serious attacks. The firm should set secret codes for its systems, and must try to come up with passwords that are not easy to guess (Bendovschi 2015). Having the same password for every application the organization uses can be harmful, and it is advisable to use unique codes for each application. Amazon can effectively defend itself against cyber attackers if it focuses on encrypting its data. Encryption provides the company with an upper hand when the data falls into dangerous hands. Encrypting data makes it useless even if a hacker impounds on it (Bendovschi 2015). Finally, the company would evade attacks by using anti-malware solutions such as anti-viruses that are increasingly becoming protective.

Addressing Political Threats

The study already discusses how political activities present several risks to Amazon, which requires the firm to handle the issue in the most prolific manner. A suitable way to avoid political issues is complying with all the regulations. The company should assign a special committee to ensure the company adheres to all the legislations in the U.S. and in foreign markets. Compliance helps the firm to avoid the legal repercussions that often come with non-adherence to legislations and political regulations (Benedek 2012). Compliance is necessary now that firms are increasingly witnessing high rates of corruption in various operational areas. Amazon should know that being able to say that it complies with all political directives develops a strategy that may help it build competitive advantage (Benedek 2012). It suggests that the firm conducts its activities in a transparent manner and want to display high sense of management maturity. Complying with all the legislations indicate that the team leaders and their subjects are effectively controlling the processes and practices, executed with effective behavioral, labor, and political compliance (Benedek 2012). Non-compliance, on the other hand, puts the company at high risk, which can result in market, equity, and financial consequences among other adverse effects (Benedek 2012). Achieving strict compliance with laws and regulations requires the management at Amazon to adjust its leadership approaches, and alter the way the firm handles information as well as how employees conduct themselves regularly, in order to attain a level of excellence in adherence regardless of the market.

An alternative approach to addressing the political risks is risk avoidance, which is an approach that many organizations use to evade threats to their operations. The process entails eliminating the hazards, exposures, and activities that can adversely interfere with organizational operations and assets (Bhoola, Hiremath & Mallik 2014). The approach seeks to deflect as many risks as possible in order to avoid the disruptive and costly repercussions of political threats. Risk avoidance is suitable because it takes into account that it is impossible to eliminate some risks completely, thereby embracing an approach that would deflect as many threatening factors as possible (Bhoola, Hiremath & Mallik 2014). Amazon in this case, can use risk avoidance to prevent political risks by avoiding corrupt dealings, complying with all laws, and staying away from contractual violations. Besides, Amazon would not enter into wrangles with political leaders as much as it may want to defend its position as this can heighten its political risk. Risk avoidance may help Amazon avoid the political risks that may disrupt its activities.

Solutions to Legal Risks

Amazon faces legal risks that may interfere with its activities and possibly tarnish its reputation if the management fails to take suitable interventions. Compliance with laws and regulations is equally essential in this case, and the company follow all regulations to avoid any confrontations that could lead to litigation. The group should hire qualified counsels who provide guidelines on how to use risk transfer agreements and how to comply with rules and regulations. The lawyer would direct the company on how to maintain records in a way that no legal disputes occur from any side. The counsel would guide Amazon on how to incorporate a legal management program that can alert interveners of potential legal risks. In addition, the attorney would guide the leading retailer on how to handle the legal issues occurring from the various operational areas. Failing to address legal risks could lead to court cases that usually take long to settle and require immense financial input.

Addressing Sociocultural Risks

Amazon would deal with the sociocultural risks that may affect its activities by adhering to the cultural models that define how cultures and societies vary in their practices and beliefs. A suitable plan is Hofstede’s five dimensions of culture that requires the firm to consider how power distance, individualism versus collectivism, long-term orientation, uncertainty avoidance, and masculinity versus femininity contribute towards cultural variations (Hofstede Insights 2020). The company should understand that the mental programing of the human brain which differentiates one group of people from another play a crucial role in determining whether a business will succeed or fail in a particular region. The programming of the mind impacts ways of thinking which are depicted in the meanings people assign to various facets of life, and which become entrenched in the societal institutions (Hofstede Insights 2020). Borrowing from the teachings by Hofstede would inform Amazon that that not every person in a particular society thinks the same way because there are substantial variations between individuals. Applying the Hofstede’s model requires the company to consider how power distance, individualism, masculinity, uncertainty avoidance, long term orientation, and indulgence vary in the various markets where it operations (Hofstede Insights 2020). For instance, the company should know that China scores higher in power distance than the U.S., which means that hierarchy is adequately formed and implemented in Chinese society (Hofstede Insights 2020). Thus Amazon would only perform well in China if it establishes clear distinctions in hierarchy. The online retailer should consider how differences in individualism versus collectivism could influence its operations in foreign markets. The company would have to embrace a collective approach if it wants to perform well in China, which embrace an individualism approach while operating in markets such as the U.S., Canada, and the UK that score high in individualism (Hofstede Insights 2020). The corporation must consider the vital aspects of Hofstede’s dimension if it wants to address the social risk.

Settling the social risk requires the company to pay much attention to the other features of Hofstede’s cultural model. Following the guidance of uncertainty avoidance would help the retailer to know how customers or the society reacts to the unknown (Hofstede Insights 2020). Sometimes the company may venture into a market where people embrace the unknown reluctantly, which may disrupt investment. Consequently, a company should know whether the society or buyers would accept the organizational approach or not by following the guidelines of uncertainty avoidance. Moreover, Amazon should consider how the society’s perception on masculinity is likely to impact on its foreign investment. For example, the Chinese scores high in masculinity than the U.S., which is the home country for Amazon, which means that the firm should focus on building assertiveness, heroism, and success (Hofstede Insights 2020). The seller is at a better position to address its social risks if it understands how long-term orientation versus short-term orientation may influence its activities. Serving in a market like China with high degree of long-term orientation requires Amazon to be flexible and pragmatic in the way it handles its activities (Hofstede Insights 2020). Finally, dealing with social risk requires the firm to consider how indulgence versus restraint could impact on its foreign operations and take appropriate measures. The dimension refers to the measure of freedom that societal standards give to individuals in meeting their personal desires (Hofstede Insights 2020). Functioning in a market like China where restraint prevails requires Amazon to embrace a structure that regulates satisfaction of needs and manages it by way of severe social norms. The Hofstede’s structure provides a suitable framework for mitigating the social risks that may interfere with the operations of Amazon.

Conclusion

The study illustrates how Amazon must embrace an effective crisis management plan to help it deal with the risks that could affect its operations. Amazon is a leading online retailer worldwide, but faces significant threat of cyber-attacks that are increasingly becoming rampant. The corporation already has a plan for mitigating risks, which involves identifying, analyzing, ranking, treating, and monitoring the threat. Technological advancement equips cyber attackers with increased capacity to attack organizational systems. The company should not think advanced technologies such as ML, AI, and cloud storage are free from violations, and use the knowledge to enact a proper containment plan. The online seller faces political risks that could disrupt its operations, such as the enactment of policies that do favor its activities. The President of America thinks Amazon violates key legislations, which puts the company in an uncomfortable position. Specifically, the firm regards the recent taxation and immigration policies as being harmful to the business. The group faces considerable legal risks, and has so far battled several cases in court, and must develop plans to combat sociocultural threats that make it difficult to operate in some markets such as China. The company is susceptible to legal risks that could affect its operations, and has battled several cases already. The corporation must overcome the sociocultural risks that is already affecting its activities in places like China where the culture differs from that of Western countries. The group should develop effective counter measures to avoid cyber threats that are increasingly becoming threating for multinational firms, especially those that rely on the internet like Amazon. The company should comply with directives and legislations to avoid political and legal risks that have substantial impact on the retailer. Dealing with the sociocultural threats requires Amazon to follow the Hofstede’s cultural model, which requires implementers to consider how societies differ and how this variation influence their buying behaviors.

References

Amazon. (2020). Amazon. Retried from

http://www.amazon.com/

BBC. (2020). Amazon wins trademark battle over Davidoff perfume. Retrieved from https://www.bbc.com/news/technology-52135941

Belani, G. (2020). 5 cybersecurity threats to be aware of in 2020. Retrieved from https://www.computer.org/publications/tech-news/trends/5-cybersecurity-threats-to-be-aware-of-in-2020

Bendovschi, A. (2015). Cyber-attacks – trends, patterns and security countermeasures. Procedia Economics and Finance, 28, 24-31. doi: 10.1016/S2212-5671(15)01077-1

Benedek, P. (2012). Compliance management – a new response to legal and business challenges. Acta Polytechnica Hungarica, 9(3), 135-148.

Bhooda, V., Hiremath, S., & Mallik, D. (2014). An assessment of risk response strategies practices in software projects. Australasian Journal of Information System, 18(3), 161-191. doi: 10.3127/ajis.v18i3.923

DW. (2018). Amazon in German court battle over search results. Retrieved from https://www.dw.com/en/amazon-in-german-court-battle-over-search-results/a-42600715

Hofstede Insights. (2020). Compare countries. Retrieved from https://www.hofstede-insights.com/product/compare-countries/

Mac, R. (2017). Amazon identifies a new business risk: Trump’s trade policies. Retrieved from https://www.forbes.com/sites/ryanmac/2017/02/10/amazon-identifies-a-new-business-risk-trumps-trade-policies/#6d7581926510

Steiner, I. (2019). Amazon seller accounts hacked according to Bloomberg. Retrieved from https://www.ecommercebytes.com/2019/05/09/amazon-seller-accounts-hacked-according-to-bloomberg/

Wallace, M., & Webber, L. (2010). The disaster recovery handbook: A step‑by‑step plan to ensure business continuity, and protect vital operations, facilities, and assets. New York, NY: AMACOM.

Ye, J. (2019). Consumers say Amazon failed in China because it didn’t adapt. Retrieved from https://www.scmp.com/abacus/tech/article/3029294/consumers-say-amazon-failed-china-because-it-didnt-adapt