Professional Documents
Culture Documents
Ebffiledoc 4073
Ebffiledoc 4073
https://textbookfull.com/product/the-routledge-companion-to-
anthropology-and-business-1st-edition-raza-mir/
https://textbookfull.com/product/routledge-companion-to-media-
and-risk-1st-edition-bhaskar-sarkar-bishnupriya-ghosh/
https://textbookfull.com/product/rethinking-risk-in-national-
security-lessons-of-the-financial-crisis-for-risk-management-1st-
edition-michael-j-mazarr-auth/
https://textbookfull.com/product/the-routledge-companion-to-art-
and-politics-first-published-in-paperback-edition-martin/
The Routledge Companion to the Geography of
International Business Gary Cook
https://textbookfull.com/product/the-routledge-companion-to-the-
geography-of-international-business-gary-cook/
https://textbookfull.com/product/the-routledge-companion-to-
accounting-information-systems-first-edition-edition-quinn/
https://textbookfull.com/product/the-routledge-companion-to-
eighteenth-century-philosophy-first-issued-to-paperback-edition-
garrett/
https://textbookfull.com/product/the-routledge-companion-to-
accounting-in-china-haiyan/
https://textbookfull.com/product/the-routledge-companion-to-
comics-1st-edition-frank-bramlett/
The Editor, Professor Kurt Engemann, along with the effort of contributing authors,
has created an important resource for scientists, practitioners and students by
producing The Routledge Companion to Risk, Crisis and Security in Business. This
quality book provides a thorough exploration of numerous significant issues and
methods, not commonly covered in textbooks in this vital field.
– Terje Aven, PhD, Professor of Risk Analysis and Risk Management,
University of Stavanger, Norway
Aware that a single crisis event can devastate their business, managers must be prepared for
the worst from an expansive array of threats. The Routledge Companion to Risk, Crisis and
Security in Business comprises a professional and scholarly collection of work in this critical
field. Risks come in many varieties, and there is a growing concern for organizations to respond
to the challenge. Businesses can be severely impacted by natural and man-made disasters
including: floods, earthquakes, tsunami, environmental threats, terrorism, supply chain risks,
pandemics, and white-collar crime. An organization’s resilience is dependent not only on their
own system security and infrastructure, but also on the wider infrastructure providing health
and safety, utilities, transportation, and communication.
Developments in risk security and management offer a path towards resilience and recovery
through effective leadership in crisis situations. The growing body of knowledge in research
and methodologies is a basis for decisions to safeguard people and assets, and to ensure the
survivability of an organization from a crisis. Not only can businesses become more secure
through risk management, but an effective program can also facilitate innovation and afford
new opportunities.
With chapters written by an international selection of leading experts, this book fills a
crucial gap in our current knowledge of risk, crisis and security in business by exploring a
broad spectrum of topics in the field. Edited by a globally-recognized expert on risk, this
book is a vital reference for researchers, professionals and students with an interest in current
scholarship in this expanding discipline.
Kurt J. Engemann, PhD, is Professor of Information Systems and Director of the Center for
Business Continuity and Risk Management, Iona College, USA.
Routledge Companions in Business, Management
and Accounting
Edited by
Kurt J. Engemann
First published 2018
by Routledge
2 Park Square, Milton Park, Abingdon, Oxon OX14 4RN
and by Routledge
711 Third Avenue, New York, NY 10017
Routledge is an imprint of the Taylor & Francis Group, an informa business
© 2018 selection and editorial matter, Kurt J. Engemann; individual chapters, the
contributors
The right of Kurt J. Engemann to be identified as the author of the editorial material,
and of the authors for their individual chapters, has been asserted in accordance with
sections 77 and 78 of the Copyright, Designs and Patents Act 1988.
All rights reserved. No part of this book may be reprinted or reproduced or utilised in
any form or by any electronic, mechanical, or other means, now known or hereafter
invented, including photocopying and recording, or in any information storage or
retrieval system, without permission in writing from the publishers.
Trademark notice: Product or corporate names may be trademarks or registered
trademarks, and are used only for identification and explanation without intent to
infringe.
British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the British Library
Library of Congress Cataloging-in-Publication Data
Names: Engemann, Kurt J., 1950– editor.
Title: The Routledge companion to risk, crisis and security in business /
edited by Kurt J. Engemann.
Other titles: Routledge companion to risk, crisis and security in business
Description: 1st Edition. | New York : Routledge, [2018] | Series: Routledge
international handbooks | Includes bibliographical references and index.
Identifiers: LCCN 2017046181 | ISBN 9781138643109 (hardback) |
ISBN 9781315629520 (ebook)
Subjects: LCSH: Risk management. | Crisis management. |
Business enterprises—Security measures.
Classification: LCC HD61. R675 2018 | DDC 658.15/5—dc23
LC record available at https://lccn.loc.gov/2017046181
ISBN: 978-1-138-64310-9 (hbk)
ISBN: 978-1-315-62952-0 (ebk)
Typeset in Times New Roman
by Apex CoVantage, LLC
Contents
List of figuresxi
List of tablesxiii
List of contributors xiv
PART I
Developing, implementing and maintaining risk strategies 1
PART II
Natural and man-made disasters 91
vii
Contents
PART III
Infrastructure risks 171
PART IV
Systems security for business resiliency 237
viii
Contents
PART V
Risk in business sectors 307
PART VI
Qualitative and quantitative risk modeling 401
ix
Contents
Index469
x
Figures
xi
Figures
xii
Tables
xiii
Contributors
Mitchell J. van den Adel is PhD student of Operations Management at the Faculty of Econom-
ics and Business at the University of Groningen, the Netherlands.
Benigno E. Aguirre is core faculty member of the Disaster Research Center and Professor in
the Department of Sociology and Criminal Justice at the University of Delaware, USA.
Shoshana Altschuller is Associate Professor and Chair of Information Systems at the Hagan
School of Business, Iona College, USA.
Frank Asche is Professor of Resource Economics at the University of Florida, USA, and the
University of Stavanger, Norway.
Mark Billington is Fellow Chartered Accountant (FCA) of the Institute of Chartered Account-
ants in England and Wales (ICAEW) and Regional Director of ICAEW South East Asia.
Roy E. Dahl is Associate Professor of Industrial Economics, Risk Management and Planning
at the University of Stavanger, Norway.
xiv
Contributors
Natalie M. Dengler is Adjunct Professor in the Hagan School of Business at Iona College,
USA.
Dirk Pieter van Donk is Full Professor of Operations Management at the Faculty of Econom-
ics and Business at the University of Groningen, the Netherlands.
Kurt J. Engemann is Professor of Information Systems and Director of the Center for Busi-
ness Continuity and Risk Management at Iona College, USA.
Marco Frey is Full Professor of Management at the Scuola Superiore Sant’Anna–Pisa, Italy.
Barbara Gaudenzi is Associate Professor of Supply Chain Management and Risk Manage-
ment at the University of Verona, Italy.
Jutta Geldermann is Full Professor for Production and Logistics at the Georg-August-
University of Göttingen, Germany.
Bingurath Ingirige is Professor and Chair of Project Management and Resilience at the Global
Disaster Resilience Centre (GDRC), University of Huddersfield, UK.
Phil Kelly is Senior Lecturer on the post-graduate team at the Liverpool Business School and
Principal Examiner for risk assessment with the IRM, UK.
Matthew Lagana is Director and Chief Information Security Officer at MBIA Inc., USA.
Nirmita Mehrotra is Head of the Department of Architecture and Planning, Gautam Buddha
University, Greater Noida, India.
xv
Contributors
Roy Nersesian is Professor in the Department of Management and Decision Sciences, Leon
Hess Business School at Monmouth University, USA.
Yossi Sheffi is Elisha Gray II Professor of Engineering at MIT and Director of the MIT Center
for Transportation and Logistics, USA.
Gayan Wedawatta is Lecturer at the School of Engineering and Applied Science, Aston Uni-
versity, UK.
Wei Ning Zechariah Wong is Business Continuity Management Lead at Horizon Nuclear
Power, UK.
Ronald R. Yager is Professor of Information Systems and Director of the Machine Intelligence
Institute at Iona College, USA.
Stephen Young is Founder and Managing Director of Turning Point Crisis Management,
Australia.
xvi
Part I
Developing, implementing and
maintaining risk strategies
1
Developments in risk security
Kurt J. Engemann
Understanding risk
Unanticipated crises can lead to immense negative consequences for businesses. Analyzing
these risks and making appropriate decisions regarding them is very challenging but necessary
to generate requisite security. A framework for risk management suggests that threats can lead
to crisis events which can result in significant losses.
An important principle of risk management is that while risks cannot be eliminated, they
can be controlled, thus organizations benefit from effective crisis management that should
cover their entire enterprise. The most important goal of risk management is to preserve life
and to provide safety, and failure to plan properly can not only be detrimental to humans
but can also affect the entire system’s operation. Choosing a risk management strategy is, in
part, an economic decision, based on losses and costs. Specific risk events arise from threats
such as hurricanes, fire, earthquakes, cyber-attacks, floods, power outages, strikes, crime and
terrorism.
Risk management encompasses assessing risks, appraising alternatives and applying solu-
tions. Identification of threats requires understanding what events can occur, what their likeli-
hoods of occurrence are, and what the losses that they can generate are. Management must be
involved at the outset to provide direction regarding threats, events, controls and the level of
risk they are prepared to incur.
Collecting and evaluating information is a central activity during a crisis. The availabil-
ity of timely, pertinent and accurate information will affect the course of actions as the cri-
sis unfolds. Information analysis necessitates system understanding. If decision makers are
unversed with the system they are dealing with, information can be misunderstood and need-
less time can be spent on bringing the decision makers up to speed regarding the matter being
considered. Clearly defined roles with solid leadership is an effective way to reach a timely,
correct decision; in addition, many decisions would need to be done in a decentralized mode.
Fundamental values manifest themselves in crisis decisions. Crisis situations do not lend
themselves to the time for explicit discussions about values, however, they do illustrate how
the core values of organizations and decision makers manifest themselves in decisions made
under pressure. Crises lend themselves to systemic solutions. An institution in a crisis will be
3
Kurt J. Engemann
willing to take a risk, but given the option, only up to a certain level. Whenever possible, it will
try to redefine the problem and share the risk among other stakeholders in the system.
Business organizations consider risk as a source of potential crisis events and as a basis of
potential reward. The media generally place greater emphasis on negative events and the news
overflows with reports of disasters which endanger people and organizations.
While viewpoints regarding risk and its treatment have transformed considerably over the
last century, managing risk is a huge challenge that all businesses encounter. This develop-
ment generally advanced from a narrow emphasis on risk transfer, to expanded organizational
expertise to reduce losses, and more recently, to enterprise-wide risk management using a
holistic approach. Businesses not only require comprehensive internal risk management pro-
cesses but also need to manage extra-organizational risks.
There is a substantial body of knowledge regarding managing risk within organizations,
from which risk professionals draw guidance. Scholars developed fundamental principles and
the theories on the subject. Over time, the sense of risk and risk management has evolved.
Traditionally, risk professionals viewed risk from a negative perspective which could be cal-
culated objectively. More recently there is more of an inclusion of the positive aspects that
risk may yield, while not neglecting the potential negative consequences. Moreover, while
the early viewpoint focused on risk to physical properties, now risk professionals also place
emphasis on organizational goals.
Myriad definitions of risk have been proposed: as uncertainty, an event, a probability, a
consequence, a probability of loss, and as an effect of uncertainty on objectives. Essentially,
risk may be defined as the possibility of experiencing an event characterized by probabil-
ity and impact (Engemann and Henderson, 2012). Some definitions treat risk in an objective
way while others consider it subjectively. Risk can be a quantitative or a qualitative concept.
The risk perspective chosen clearly influences the means with which risk is analyzed and
thus has important implications for risk management and decision making (Aven, 2012). All
approaches add value to our discernment of risk, with a goal of qualitative insight, preferably
through quantitative analysis.
Judgment and intuition play a vital role in crisis decision making. Effectiveness depends
upon the decision maker’s experience in the domain, the time constraints, and on the decision
maker’s task expertise. Relying on intuition in decision making is juxtaposed with the ana-
lytical processes that are powered by algorithms and data. Intuitive decision making often is
viewed as more natural and may be given more credence than it deserves, and decisions that
turn out right often do so more by chance than by intention.
The role of intuition in making decisions for crisis events may be unavoidable, especially
when urgent actions are needed and insufficient data are available (Kahneman and Klien,
2009). The necessity for an intuitive decision should not be conflated with the predilection for
intuitive decisions over analytical decisions, as the drawbacks of trusting too deeply on intui-
tion, especially when other options are available, are profound.
Intuition, although frequently inexplicable by those using it, is a manifestation of identify-
ing and acting on patterns. This recognition often encompasses the subconscious processes of
assembling and evaluating previous information, and subsequently determining future deci-
sions. Intuition is most valuable when data is unavailable and time restrictions necessitate
instant action. Nevertheless, the choice of depending on intuitive decision making exclu-
sively is not an assurance that the intuitive decision will be reliable. Intuition may be rea-
sonably successful when a decision maker has both expertise in the task and experience in
the domain in which the decision is being made. Progress in business analytics and artificial
4
Developments in risk security
intelligence promise to modify intuition’s role for crisis managers, and increasingly decision
makers will need to refine their skills in using data and algorithms even in immediate decision
environments.
Business continuity management has developed in response to the volatility of the busi-
ness environment. The role of this profession in corporate governance has transformed from a
technological role into a holistic business service. Although its value is generally recognized,
its role predominantly remains process-driven, focusing on operational issues as to opposed
strategic initiatives. Usually business continuity professionals focus on the physical and eco-
nomic issues such as rapid recovery of critical services, information technology, and supply
chain. This mindset is drawn from the early developments in technical advances to ensure reli-
ability in the performance of essential activities. This is particularly the case in industries such
as finance, energy and healthcare, which have significant impact on the public and substantial
regulatory requirements.
Increasingly, practitioners and managers are endeavoring to pursue broader goals when
applying business continuity at the corporate level. One definition of business continuity
management is that it is a holistic management process that identifies potential threats to an
organization and the impacts to business operations those threats, if realized, might cause, and
which provides a framework for building organizational resilience with the capability of an
effective response that safeguards the interests of its key stakeholders, reputation, brand and
value-creating activities (International Organization for Standardization, 2014). Organizations
that certify professionals in the field mutually promote the significance of business continuity
management to an extensive range of activities across all organizational levels. At its core,
the discipline offers a range of perspectives, from anticipative, managing the availability of
business activities, to strategic, focusing on strengthening an organization’s market position.
Accidents occur because those who manage complex systems are not sufficiently able to
anticipate the problems generated by those systems (Weick, 1993). Safety may be considered
as the minimization of risk, and correspondingly, significant breaks in safety may lead to
disaster. Safety may also be viewed as a social construct; thus, safety climate is a socially con-
structed understanding of what is perceived to be valued in terms of safety and safe behavior.
Where the environment is dynamic and the potential for loss is great, such as for high reli-
ability organizations, it is imperative to engage knowledge that permits coordinated action.
Members of a high reliability organization recognize what is expected and rewarded in terms
of supporting knowledge. By facilitating collaboration, a high reliability organization has the
capacity to succeed.
Knowledge is critical for the individual and the organization. For the individual, knowledge
improves decision making; for the organization, knowledge is a key factor of overall viabil-
ity. The conceptualization of knowledge has been advanced by many theoretical viewpoints
(Engemann, 2017). Whether knowledge creation is encouraged to become a prescribed activ-
ity in a high reliability organization or it remains an unarticulated ongoing process, it must be
remembered that knowledge can enable coordinated action.
Safety climate may improve understanding of emerging threats and vulnerabilities. Strate-
gies to mitigate the risks are aspects of larger investments and involve technologies that affect
systems and other organizations. These investment decisions are complicated by uncertainties
involving costs and benefits because of rapid changes in the underlying technologies.
Organizations are reliant on each other and coordinate with partners who can provide
critical products and services, even when crisis events occur. Risk management provides an
approach to enable that the business functions, both in the short term and long term.
5
Kurt J. Engemann
Emerging crises
Events such as hurricanes, tornadoes, winter storms, earthquakes, tsunamis and power outages
have underscored business organizations’ vulnerability to natural disasters. Add to this list acci-
dents, man-made disasters, terroristic activities, cyber-attacks, failing infrastructure, financial
crises, crime, energy shortages and so on, and it is obvious that organizations need to identify
threats and employ mitigating strategies. Furthermore, due to the inter-connectedness of busi-
ness enterprises, even minor crisis events, if occurring in an exposed link, can be systemically
devastating. In response, organizations are implementing risk management programs, utilizing
structured management processes.
Given the increasing vulnerability, risk managers are confronted with the challenges of
preventing and preparing for disasters, protecting life and safety, protecting the environment,
minimizing asset destruction and providing continuous service to customers. Organizations
need to have a have a plan to recover from disaster and resume operations in what may be a
degraded operating environment. Risk assessment involves estimating the likelihood of crisis
events, nevertheless, determining event probabilities is difficult because of the relatively small
probabilities of event occurrences, and estimating potential losses is also challenging given the
hypothetical nature of the task.
To be effective, the risk management must be business driven; business managers must
frame priorities and provide overall guidance and support. Once the business priorities have
been determined and risks assessed, structured methodologies can be used to develop the
overall risk management plan.
Business continuity planning improves the likelihood of continuous business operations,
as well as more broadly, emergency management in the region. Catastrophic events as well
as localized events such as power outages and fires affect business operations. There is an
increasing mindfulness of the need for systematic enterprise risk management, with organi-
zations implementing prescribed risk management procedures necessitating a top-down risk
assessment and enhanced internal risk controls. Enterprise risk management is becoming more
standardized through the efforts of professional groups and international standards organiza-
tions. This has led to an increased awareness in protecting the environment, indisputably seen
as a crucial resource for the economy. However, there is limited attention given to the con-
nection between ecological degradation and the increased risk of disasters. Various levels of
resources are available to governments, and those that are part of larger areas usually have
access to more resources. Regulations regarding resource utilization as well as infrastructure
development set the framework for promoting resiliency and sustainability.
Enterprise risk management mainly concentrates on risks to the organization’s resources,
including compliance, environmental, financial, governance, safety and security risks. Risks
encountered by business include overall business risks that can disturb supply chains, such as
product recalls or supplier bankruptcy, or the risks intrinsic in the operation of the supply chain
due to financial, operational or strategic exposures
As businesses strive for increased market share, reduced costs and improved economies
of scale, their dependence on more complex supply chains have created unintended risk con-
sequences. Dependency on raw materials from distant suppliers creates risks of supply dis-
ruption. Businesses address supply disruption risks with familiar strategies, such as alternate
suppliers and surplus inventories. However, modern global supply chains create new catego-
ries of risks that are outside the perimeter of the organization and its direct business partners
(Sheffi, 2007). Consolidation and the growth of dominant suppliers, which then provide large
proportions of global demand for numerous commodities, pose a risk of demand interruption
6
Developments in risk security
outside the influence of the organization, and exceeding the capacities of enterprise risk man-
agement of separate organizations.
Globalization has created supply chains that are more efficient but are also now further dis-
posed to serious disruption from distant events. Worldwide competition drives businesses to
outsource more operations, thus increasing complexity and risk. Centralization of production
capacity creates vulnerabilities as single points of failure arise outside a company’s controlling
capability. Thus, distant disruptions can now spread further along supply chains and can dis-
rupt organizations in related industries. Risk exposures are linked to suppliers, customers and
competitors, and supply chain risks ensue at a deeper industry level because of organizations’
increasing interdependence. Thus, businesses expand risk management practices through their
supply chains to manage risk linked to the global supply chains upon which they depend.
Because risks lie outside the business, organizations are pushing enterprise risk management
deep into the supply chain and are collaborating to create industry-wide risk management
strategies.
Miller and Engemann (2008) present a model that simulates the effects of natural disaster
risks for a hypothetical three-tier supply chain. Drawing on concepts from reliability theory
and capacity analysis, the model is structured such that diminutions of service capacity at
nodes lower in the supply chain can affect higher tier nodes. The model is used to examine
various scenarios, including examining correlation among node locations, the effectiveness of
disaster recovery plans and dual sourcing. In addition, the size of the lower tier of the supply
chain is expanded and the ensuing results are compared to those for leaner supply chains.
A crisis requires a direct and decisive response from the leadership of an organization.
During a crisis, all aspects of leadership are subject to intense scrutiny, thereby challenging an
organization’s viability. A crisis is a unique negative event for which there is no suitable prear-
ranged response (Leonard, 2009). It is outside the bounds of a standard emergency response
because of its complexity and magnitude. A routine emergency has an element of predictabil-
ity because of its frequency of occurrence and because of extensive preparation and training.
Effective resolution of a crisis requires the involvement of decision makers, operations
managers, specialists and senior leaders. Regardless of the type of crisis, an appropriately
managed crisis can significantly benefit a senior leader by drawing attention to his or her
leadership ability. Successful crisis leaders are decisive, intelligent and dependable, and are
frequently recruited by other organizations to help lead them through their crisis. Conversely,
a mishandled crisis can expose a weak leader who is incapable of functioning under pres-
sure. The characteristics that make someone an executive are not always beneficial in leading
through a crisis. Crisis leaders need to know how to initiate a crisis response, how to organize,
who to call upon for assistance, how to delegate, how to interact with the media and how to
lead an organization through to survive the event. Crises include natural disasters, techno-
logical crises, or cyber-attacks, organizational misdeeds, financial crises, workplace violence,
rumors, product failures, terrorist attacks and other forms of man-made disasters, including
white-collar crime.
White-collar crime is a crisis event that can challenge an organization’s viability. White-
collar crimes include bribing government officials, corruption, embezzlement and fraud.
Numerous recent white-collar crime events have led to an increased awareness that white-collar
crime is a crisis for which organizations must be alert and be prepared for. Victims of white-
collar crime include the organizations themselves, employees, banks, customers, shareholders
and suppliers. White-collar crime can lead to organizations being punished with substantial
fines and executives being prosecuted criminally. If organizations survive serious white-collar
crime, they need to go through a complete renovation of organizational structure and culture.
7
Kurt J. Engemann
Not all organizations survive white-collar crime. Numerous executives involved in white-
collar crime are aware that they were violating the law, but act to benefit themselves and
their organization. The violation of integrity at the organizational level can lead to a crisis
of the organization’s legitimacy and has strong negative effects on stakeholders’ trust in the
organization.
Some businesses collapse when the organization is hit by a white-collar crime crisis in
terms of detection and prosecution (Soltani, 2014). Some companies can recover after white-
collar crime detection and prosecution. Recovery of collapse depends on numerous issues
including the relationship between the perceived circumstances and applied actions. If senior
management perceives the situation realistically and implements actions consistent with the
situation, then recovery is likely. If senior management has an inaccurate perception of the
situation, then collapse becomes a more likely outcome.
Infrastructure risks
Infrastructure refers to the basic framework on which society operates. Critical infrastruc-
tures are telecommunications, electrical power systems, gas and oil storage and transportation,
banking and finance, transportation, water supply systems, emergency services (including
medical, police, fire and rescue) and continuity of government. Infrastructure’s purpose is to
facilitate commerce, travel, education, health care, security and so on. Infrastructure is usually
taken for granted and comes into the spotlight only when things go wrong. There are chal-
lenges involved with building, operating and maintaining infrastructure so that it is effective,
efficient and safe.
Modern civilisation depends upon electricity, whose availability is mostly taken for
granted. Electricity is used by commerce, industry, households and transportation. The electric
grid is a network for transporting electricity from its source to consumers. Threats exist that
can substantially impact the grid’s operation and performance over extended periods of time.
The consequences of these events can be extreme and even catastrophic. Measures involving
securing the entire grid are beyond the scope of any one organisation, however organisations
can still act, even though the mitigating effects may be limited (Miller and Engemann, 2015).
Infrastructure for an organization also includes buildings, building systems and equipment.
The starting point for the construction of a disaster resilient building is location. Neverthe-
less, site selection is only the beginning of the decision sequence that also includes building
structure and layout. Every location is susceptible to threats which can disrupt a business. In
selecting a new site location, those threats need to be determined along with the organization’s
tolerance level.
For natural disasters, such as blizzards, cyclones, dust storms, earthquakes, hurricanes and
tornadoes, data regarding their frequency and magnitude may be available. These natural dis-
asters can damage an organization’s infrastructure and disrupt operations for some period.
Some of these events may provide warnings and therefore allow time to prepare. Other natural
events will occur with no or very limited notice, as in the case of an earthquake or tornado.
Information regarding natural disasters may be obtained from various governmental and pri-
vate sources. Once obtained, expertise is required to make informed decisions regarding the
level of risk to accept.
Infrastructure outages may also be caused by man-made events, that is accidents or malicious
acts. Oil spills, train derailments and fires are a few examples of events that may be caused by
human error. Proximity to transportation lines may provide benefits to a business, however the
possibility of a hazardous material spill needs to be assessed in making a site location decision.
8
Developments in risk security
Deliberate man-made events, such as civil unrest, also need to be addressed. Social issues and
the political climate may have negative implications for a location. In addition, possible assis-
tance from the local government and other external agencies needs to be assessed.
The type of building construction should be based upon the potential disasters. Recent
innovations in earthquake resistant construction may allow a building to survive the resultant
shaking from certain magnitude earthquakes. Buildings need to withstand not only the wind
associated with a storm but also the associated rainfall and resultant flooding. To minimize
risk, engineers need to determine the appropriate building construction to mitigate potential
disasters.
Infrastructure risk is inherent in the construct of the megacity, defined as such because
of the enormous population. The density and complexity of urban processes increases the
vulnerability of megacities to disruption of utilities, communication, power and transporta-
tion. The interdependence of various urban functions increases risk substantially. Megacities
typically have an extremely dense building infrastructure and the consequential high level of
air pollution. Inadequacy and worsening of the infrastructure pose a risk, especially as the
population increases. Harmful effects of chemicals, air pollution and ecosystem deteriora-
tion to which humans are being increasingly exposed, present potential risks to human health
(Marolla, 2016). The stability of the economy and society are dependent on megacities and
public health. Epidemics in one megacity can rapidly spread to other parts of the world, lead-
ing to widespread public health concerns.
Occurrences of crises in megacities are inevitable, thus the megacities’ infrastructures must
be resilient enough to endure these events. An effective response to a sudden event will deter-
mine if there will be disorder with significant losses or recovery with mitigated losses. The
health care sector is fundamental to the general well-being of the population and in the sup-
pression of pandemics. Disruptions to the health care infrastructure would be devastating to
the health of the community, while innovative technologies can support its function and are
pivotal to dynamically safeguard the population. The transportation system is at risk of disrup-
tions in many ways, whereas intelligent transportation systems can aid in preparedness. Public
safety in megacities is enhanced through intelligent systems, providing a dynamic resource
management system and rapid emergency response. Megacities continue to be a dominant
feature of society and can be secure with proper risk management.
As is evident when disaster strikes at the infrastructure, local groups and individuals need
to respond immediately, often without the direction and assistance of centralized authorities.
There is a need to address the role of these emerging groups in the process of response and
recovery from catastrophic events. Lalonde (2004) pointed to emergence of new leaders at the
level of local community as a disaster unfolds over time. The framework for assessment of
resilience is deduced from self-organization in complex chaotic environments. These emerg-
ing leaders may not be part of a hierarchical response system, yet they drive the redesign of
the organization. Cutter et al. (2010) points to the shift from vulnerability to disaster resilience
as a more proactive and positive expression of community engagement. The challenges are a
mixture of local issues and global dynamics in a period when nature can activate technological
disasters and technology can stimulate natural disturbances.
A paradigm change in risk management in urban planning and governance is evolving.
Disaster management systems which deal only with limited uncertainty need to be improved
to handle events which cannot be so easily compartmentalized. Simple categorizations and
disjointed methods are not effective any longer and crisis events increasingly validate that
the current approach is ineffective. Innovative institutional changes are required to integrate
sectoral issues of disaster management and make it sustainable.
9
Kurt J. Engemann
Systems security
An important area of interest in risk management is information technology (IT), with cost
relationships governing IT being dynamic and benefits often uncertain. Vulnerability is
10
Developments in risk security
11
Kurt J. Engemann
organization to achieve its goals and to enhance its reputation. By employing security concepts
throughout the software development life cycle, the integration of security into the system will
be seamless and effective.
Fundamental to the mission of information security is that of providing availability, integ-
rity and confidentiality of an organization’s information assets. The components and methods
within the field of information security have transformed over the years as the threats confront-
ing organizations have evolved and become more complex and insidious. Traditional security
approaches, with heavy emphasis on boundaries, are outdated and no longer effective. As
the perimeters for organizations and software systems continuously morph, modern security
defenses must recognize threats from anywhere. Nevertheless, the proper blend of awareness,
policies, practices, professionals and technology can effectively guard against the multitude
of threats.
Threats continue to evolve and can only be effectively treated by adequately incorporating
the components that comprise complete security. Information security is a synchronization
of people, process and technology, each of which is integral to successful security. Security
teams must continually develop their knowledge by collaboration with the broader security
community; organizational policies, protocols and procedures must adapt to evolving threats;
and finally, security platforms and analytics must effectively be applied. The strength of the
alignment among these three components determines the success of an organization’s overall
security program.
Business computing has progressed through transaction processing systems, management
information systems, decision support systems, office automation and personal productivity
systems, with the benefits of improving the efficiency of operations and enhancing the effec-
tiveness of decision making. Information systems were developed around traditional central-
ized computer centers, responsible for running business applications using a blend of batch
and online applications. With the introduction of enterprise servers, client server computing,
internet technologies and cloud computing, businesses became more IT dependent. In today’s
e-business world, the whole business is IT-dependent and data-driven. Business computing
has evolved into an organizational engine that drives business and provides a powerful source
for competitive advantage.
From the very first years of the e-business era, the availability of information system plat-
forms has determined significantly e-business success. Downtime costs are tremendously high
for businesses of all sizes and across all industries. Businesses can lose millions of dollars in
failures lasting less than an hour, and cannot tolerate the same levels of downtime that they
could in previous years. While transaction systems once characterized the critical aspects of
an organization, today, systems of engagement are equally important; employees need access
their productivity tools and communication channels. A major goal is to transform modern
business into an always-on e-business by identifying and implementing continuous computing
technologies.
Location-based services are an increasingly growing market in which companies can mar-
ket to nearby users. Location-based services provide useful information about the area around
a user and provide services based on the user’s current location. Location-based services are
used for mobile workforce management, store locations, location-awareness, travel informa-
tion, proximity-based marketing, local news and weather. Due to these useful features, and
because of the increase in the number of smartphone devices, location-based services have had
tremendous growth all around the world, with continued growth expected (Basiri et al., 2016).
However, there are major privacy threats because an adversary can track a user, which can
lead to a leak of personal information about the user. An adversary can find out a person’s
12
Another random document with
no related content on Scribd:
LXXXV.—No. 41, BEDFORD SQUARE.
Ground landlord and lessee.
Ground Landlord, His Grace the Duke of Bedford, K.G.;
lessee, Anthony Hope Hawkins, Esq.
General description and date of
structure.
On 20th November, 1777, a lease[753] was granted of the
thirteenth house from Charlotte Street, on the south side of Bedford
Square. This is now No. 41, Bedford Square.
The premises have been considerably modernized, but four
chimneypieces remain, that in the front room on the ground floor
being Greek in character, with panelled pilasters and acanthus
capitals. The one in the rear room on the same floor is treated with
three-quarter Ionic columns carrying the cornice directly over, to
which a shelf of later date has been added.
On the first floor, the chimneypiece in the front room (Plate
95) has coupled and bracketed pilasters and sculptured frieze. That
in the rear room (Plate 95) is inlaid with mottled green marble. It
retains the original cast-iron grate. The ornamental plaster ceiling in
this room has four oval plaques in square panels. According to Mr.
Anthony Hope Hawkins, the present occupier, it is composed partly
of old portions of a ceiling formerly in No. 30 or No. 31, Bedford
Square, the remaining part being a copy of a ceiling still existing in
one of these houses. The ceiling appears to be a replica of that in the
rear room of No. 31 (Plate 88), with the exception that it is of less
width, and consequently the central design, instead of being circular,
is compressed into an oval form.
Condition of repair.
The premises are in good repair.
Biographical notes.
According to the ratebooks, Robert Peers took the house in 1782 and
remained there until after the close of the century.
The Council’s collection contains:—
Detail of marble chimneypiece in front room on ground floor
(photograph).
Detail of marble chimneypiece in rear room on ground floor
(photograph).
[754]Marble chimneypiece in front room on first floor (photograph).