Risk Assessment of Sangrafix Video Design Company

 

Introduction

SanGrafix is a technologically oriented company that uses cutting edge technologies in designing of mobile and PC platform games with market orientation. Due to the demanding nature of the gaming industry, the company has decided to perform a risk assessment to ensure they consistently continue to meet the customer demands without interruptions in service delivery. Securing of their network assets is aimed at ensuring they remain competitive in their productions.

Aim of the security policy

The risk assessment process can sometimes be a simple process i.e. noting a threat in a password written down on a note or some unlocked door to the sensitive data centers or rooms and seeking to address it. However, in some cases, risk assessment can be a complex task that may require a group of security assessment members and months to fully do the assessment depending on the complexity of the company and the sensitivity of the network assets to be protected (Davenport, 2013).

A large environment may include multiple locations, complex network, diverse activities, a wide range of activities and resources that have to be evaluated. In risk assessment, you don’t need to apply complex networking methodologies as the mainly you have to learn how to apply knowledge methodically to produce accurate and useful data. Approaching a risk assessment task without a predefined strategy could lead to wasting of resources, repetition of steps, low results or in a worst case missing the critical information.

The executive management of SanGrafix Company is tasked with the responsibility of assessing all risks of injury and health issues that may result from the use of the company’s resources to both the employees and customers of their goods and services. Satisfying this ensures that the company meets the government legal requirements and providing appropriate precaution measures to reduce these effects (Harrington, 2014). Risk assessment is a detailed analysis of the diverse factors that may present risks in the business environment.

Health issues and accidents present adverse effects to the business as they can result in endangering of lives or damage to business products and other outputs. This can subsequently lead to legal suits and increased insurance costs. Risk assessment serves to address these issues and make a safer working environment for all the employees and customers. The most important factor in this type of assessment is the determination of the hazards present in working places and determining their significance i.e. electricity in the working environment is a huge hazard to the employees but if properly protected the risk it presents to the employees becomes insignificant.

There are five steps involved in risk assessment of the workplace environment;

  1. Taking a tour of the workplace and to get a better understanding of all the processes involved in the workplace and identifying possible potential dangers. Talking to the other employees can help provide insights through opinions on how accidents have occurred in the past.
  2. Deciding on the affected parties as a result of a given potential hazard and to what extent is the risk harmful. The reviewing team should analyze who is particularly at risk i.e. new employees, trainees and expectant mothers. In addition to this the public in form of customers who are not familiar with the general layout of the company is at risk of being affected.
  3. The risk assessment team should evaluate on the existence of enough measures to counter these hazards i.e. through the use of precaution signs. For each risk established what are the preventive and protective measures put in place by the management to ensure risk is reduced. The assessment takes into consideration the legal requirements on health and safety of the law. Besides this, the assessment team should find additional measures that can be implemented to support the existing measures i.e. protective clothing and guard rails for hazardous places (Harrington, 2014).
  4. Recording of the findings of the assessment team indicating all the hazards reviewed and the recommendations to the management on how to deal with them. The findings should also evaluate the affected victims and what hazards are yet to be handled whose significance is reasonably low.
  5. The final step is for the reviewing of the findings and implementations of the recommendations given by the assessment teams. The team should also address the future handling of new machinery or work procedure implementations that might present threats allowing for a risk-free working environment.
Read also  How Effective is Metadata?

Risk Assessment Methodology

As we have already established there are different approaches through which a team can carry out a risk assessment process. However, all these approaches have to ensure they have;

  1. Identified the potential threats/ hazards
  2. Identifying of the underlying risk
  3. Reviewing of the existing control measures
  4. Evaluation of the risks
  5. Implementation of additional control measures
  6. Recording of the assessment findings
  7. Monitoring and review
  8. Informing of the responsible bodies

The identification of available hazards can be achieved through observations, interviewing the employees or through firsthand experience by working there. Additional data can be gathered through consultation of data sheets (COSHH), workplace inspections, hazard crib sheets, instruction manuals and accidents/ health issues data. The main focus should be on the hazards that are significantly harmful. In SanGrafix, the machine operators, members of the office staff, the public and maintenance personnel are at risk of general work hazards. Special attention should be dedicated to disabled staff as they are at the highest risk, lone workers, inexperienced workers and temporal staff. The assessment team should analyze the adequacy of the current control procedures and further create a ranking system to determine the residual risk (Hallikas, 2010).

Evaluate the risk

The significance of a risk is measured by the likelihood and the severity of its impact. Here is a ranking system for the risks in order of significance

  1. Highly likely
  2. Unlikely
  3. Possible
  4. Probable
  5. Certain

There should also be a harm or impact severity ranking system

  1. Trivial injuries i.e. scratches
  2. Minor injuries i.e. cuts
  3. Major injuries ( an injury that could require a week to heal i.e. fracture)
  4. Major injuries i.e. amputations
  5. Death

These two rankings will be used to give the residual ranking of the risk as Low, medium or high. If the risk is low then it can be skipped as it presents a negligible threat. Medium and high-level risks have to be mitigated to ensure that the potential risk is reduced to acceptable levels.

SUNGRAFIX PROCESSES

ASSOCIATED RISKS

TARGETS OF THE RISK

RISKS

EVALUATION

CONTROL MEASURES

  1. Game design treatment -quick review of the target audience and provision of unique features

Reviewing of this risks is time and human resource intensive which translates to costs

Risks of the idea getting stolen.

Users

Company management

The idea being stolen could most likely affect the company’s operations as it operates in a competitive industry.

Circulate your design treatment to the largest possible number of users for testing and collect some feedback. If the result is positive then advances to the creation of demos can work out.

  1. Game preliminary design- discussing the game’s content, behavior, and rules in a qualitative way given the  current situation.

Missing of critical processes

Production department

The quality assessment of the product can reveal shortcoming that could result in additional costs

The design phase is very important to the product and cannot be reduced as this could present adverse effects.

Preliminary design roughly takes 5 to 10 weeks for the designer, and an additional 10 to 30 hours for the other people involved in brainstorming.

  1. Final design- the previous document re-write of product’s features .

Whether we plan well or follow the best practices some designs will just fail. That’s the nature of business

Design department

Failing to capture the product features could affect the marketing strategies but rigorous counter checking can resolve the issue so  impact is unlikely to happen

Knowing in advance the parts that are disposable allows for the team to be able to deliver in time. Besides, the “risky” parts that are cut can be scheduled for later, so that if it needs to be taken out, so that the team’s time and effort won’t have been wasted.

  1. The product specification- details how the implementation of features adopted in the final design will be done.

overtime, extra costs, in the last months of production

and

Delay of final delivery.

.

Design department

These is probable if the team doesn’t follow their schedule

efforts should be dedicated to ensuring the product specification is as realistic as possible and thorough

  1. The graphic bible- determines the look and feel of the game’s props, maps, characters, etc.

The appearance of the game should be in line with the predefined vision.

Design department

User acceptance of the games is highly dependent on the graphical feel hence should be prioritized.

Testing of the prototype to get user feedback and implementation of the user feedbacks into the designs.

  1. The interactive screenplay

Lack of User -involvement

Design department

Users expect an interactive game although its unlikely to happen it has major impacts on user acceptance

Provide for a way through which users can interact with the system i.e. with dialogs and implementation of the storyline into the product.

  1. Distribution –

Failure of delivery or poor handling of products

Supply department

These can result in major impacts in declined user satisfaction

Working on improving service delivery as it directly impacts the user satisfaction.

  1. Sales –

Lower supply than the production rate

Marketing

sales departments

ensuring the customer gets their services to ensure they satisfy demand as gaming industry is a perishable service.

convincing potential customers to purchase your products and services.

  1. Billing and Collections

Losses

Accounts

The company has to gain a monetary value to be a business. Lack of a billing system could result in bankruptcy

customers are required to pay for their goods or services

  1. Accounts Receivable

managing of records on earnings

Poor record keeping

accounts

This can lead to lack of accountability

There should be a system to monitor records and generate reports

  1. Purchasing- acquiring the necessary inputs required to support production.

Low production quality

Low production

Purchases

Low-quality products will certainly push customers away

Enhance production process to create quality products that can satisfy demand

  1. Accounts Payable-

Poor accountability

Accounts

evaluating the expenditure of the company

There should be a system to monitor records and generate reports

  1. Finance-

Poor accountability

accounts

managing organization’s monetary resources

There should be a system to monitor records and generate reports

  1. Marketing- establishing willing buyers and establishing their needs and requirements.
  1. Research-.

Small market share

marketing

This directly impacts the sales of the products and services

analyzing market for new value sources in the business

  1. Product Development-

Lower product recognition and acceptance levels

Management

marketing

This affects the product acceptance levels

Creating new strategies to promote products and services.

  1. Legal- seeking of legal advice and protecting against legal suits.

Legal suits

Public relations

These can have adverse events that could have major impacts on the company image

The company should look to settle outside the court as this could tarnish the company’s reputation

  1. Human Resource Personnel- finding, recruiting, and compensating affected people.

Under-staffing or overstaffing

Logistics

Understaffing or overstaffing may have certainly cause the company losses

Without these data the human resource department cannot make the required plans to support its service delivery hence good planning should be done in advance

Read also  Types Of Mobile Computing Computer Science Essay

Implementation of new control measures

cases where the risks are not well controlled it is advisable to use new control procedures to ensure they reduce the chance of accidents happening, severity of the accident or both.

The following hierarchy of controls helps in deciding what new controls are required

  1. Elimination: is it possible to get rid of the risk or the process causing the threats altogether?
  2. Substitution: can the current process be exchanged for an alternative that is less severe and risky?
  3. Physical controls: separation or isolation of the hazardous regions or processes. Eliminating contact with the hazards is effective through controlling accessibility to such regions
  4. Administrative controls: designing of the rule regarding contacts with hazards to creating safe systems procedures of working.
  5. Instructions, informing, training and supervision: informing people of the present hazards and training them how to deal with the hazards.
  6. Personal protective equipment: proper dressing can go a long way in reducing the impact or severity of the hazards. However, this should be used as additional counter measures and not as the primary and only control measure.

Control measures should be easy to implement and practical, able to reduce risks, acceptable by the employees and easy to follow. Since the organization is continuously growing and uses new technologies every day, there should be re-ranking of the risks after implementing of new control measures so as to determine the new residual risk (Hallikas, 2010).

Recording the assessment findings

The assessments records are of paramount importance as they are usually required by inspectors. There should be records of all the risk assessments done and the implemented changes.

Read also  A Study On Adobe Flash Cs4 Computer Science Essay

Monitoring and reviewing

The implemented control measures should be effective in performing the expected controls. Regular reviewing of the control measures should be based on new staff or changes in processes and acquiring of new machines.

Informing the relevant stakeholders

It’s a legal responsibility of the organization to relay the findings of the assessment to all the relevant stakeholders who might be affected by its implementations. The workforce should also be notified of the new changes in control measures and the appropriate emergency procedures that have been developed.

Conclusion

The consequences of not delivering critical services and products are severe especially in a competitive industry in which SanGrafix operates. Preparation of the organization to potential threats helps reduce the risks and potential impacts of the disasters. Risk assessment allows for moderation of risks and continued delivery of services despite any disruptions (Nigro et al., 2011).

Identification and analyzing of business processes has to be anchored to products, customers, orders, suppliers or a combination of all these. Caution should be exercised in the use of input -process- output model as the thinking framework guiding business processes. Customers to a huge extent are not concerned of the internal functioning of the organization resulting in service delivery or the transformational processes in production. In fact this is part of the bigger streams of activity that involve the unending loop between customers and their suppliers. Defining of the business process is an iterative and vexing process and is a result of committed hard work on continuous improvement (Harrington, 2014).

References

Davenport, Thomas H., (2013). Process Innovation: Reengineering Work through Information Technology.Harvard Business Press: Cambridge.

Hallikas, J., Virolainen, V. M., & Tuominen, M. (2010). Risk analysis and assessment in network environments: A dyadic case study. International journal of production economics, 78(1), 45-55.

Harrington, H. James, (2014). Business Process Improvement. McGraw-Hill: New York.

Nigro, G. L., & Abbate, L. (2011). Risk assessment and profit sharing in business networks. International Journal of Production Economics, 131(1), 234-241.

Order Now

Order Now

Type of Paper
Subject
Deadline
Number of Pages
(275 words)