Risk Management

 

Risk Management for Charities

The charity commission require each charity to meet SORP regulations in their financial statements by carrying out regular risk

assessments. These risk assessments cover the work place and involve at least an annual review where each member of staff assess their working location for potential risks (e.g. wires that can trip people, loose carpet or badly lit stairs).

The SORP requires that the trustees’ Annual Report should include a “statement confirming that the major risks to which the charity is exposed, as identified by the trustees, have been reviewed and that systems have been established to manage those risks” (paragraph 45). (extract from Charity Commission site)

But there is more to managing your risks than inside your premises, what is outside?

What are other organisations doing around yours?

Do you know what the organisations do in the adjacent buildings to you or in other parts of your shared building? Do they use hazardous materials that could leak or cause a fire? If they are above you and they have a burst water pipe or overflowing toilet the water tends to come through the floor and out of your ceiling. This could bring down your ceiling, damage your equipment because it is no longer water but lime water. Having insurance can restore the equipment at a later stage but how do you keep in business while this is delivered and configured?

Is Risk Analysis a waste of money?

Often the cost of risk analysis is deemed a waste of money preparing for something that may never happen, or is taking funds away from your marketing campaign, or stopping you employ another member of staff to service customers better or grow the business. That is why the appropriate level of risk assessment is required and needs to be tailored to your requirements. The legal issues that must be considered, the assessment of risk are all skills that take time to acquire and it is not until you have a real live situation do you find out all the things you wish you knew about your business, telephone system, IT or fire equipment.

This is why utilising the expertise of a trained eye that spots risks and can assess their risk factor can save you time and avert potential problems.

Disaster Recovery Management

Our Business Risk Manager has prepared detailed plans for large corporates to small charities and has managed through a number of incidents from minor to major loss of business and overcome them successfully. Being prepared saved the day, quick thinking and picking the brains of people who could fill in the gaps saved another time, thinking outside the box saved over £5 million loss.

Can you afford not to take your business risks seriously? A risk audit does not have to take long nor cost a fortune but will give you peace of mind as to where your risks are and what can be done about them.

Did you know Fire Regulations changed significantly in April 2007?

The changes in fire regulations has put the onus for the life and safety of the fire and rescue people right at the door of the owner or site manager. The explosion at a fireworks factory in 2006 injured many people and sadly cost two fire-fighters their lives. Risk management is no longer a nice to have it is a necessity. The owners of this factor faced imprisonment and sizeable fines.

A Helping Hand

We at LazenbyIT would like to help you evaluate your risks, understand them and where possible mitigate them, so you can focus on developing your business while keeping all your hard work safe.

Project Management

Not only can we help with analysis but we can assist the resolution of the issues raised through managing the project on your behalf. With over 18 years of project management of managerial, strategic and technical projects we can help with web based projects, risk mitigation projects, scoping and championing the carrying out trial incidents to train you and your staff on what is vital to keep you in business.

Data Backup and Migration

It has been said the “Information is the life blood of any organisation”, the unique information you have created or obtained over years of trading is irreplaceable in the short time to keep trading. This is why knowing which information (data) is critical, important, replaceable determines the value of the information and is key to the strategy of protection (archiving) that needs to be designed, tested and put into production.

We often use backup and restore systems to effect a migration of data from one system to another. Most backup systems compress the data and if selected encrypt the data as well as password protect it to ensure if the backup media (tape, disk, disk drive) is lost or stolen.

Most people have some kind of backup system but the process is often haphazardly used and rarely tested for restoration of this vital information.

Eset Amdroid (Sonny)Backup systems are a critical part of disaster recovery, the incident could be a virus infecting a PC, a server that must be rolled back to before the virus infection if there is no other way of recovery. This is because new viruses and trojans are released every day. So anti-virus software, including Norton, BullGuard, Eset or even McAfee sometimes may not be able to find it.

When systems are damaged or destroyed by fire or flood again the data needs to be restored to another replacement system, but if it was destroyed or stolen with the original the backup is no longer of any value.

Today there are many off-line storage systems over the internet, there systems copy the files you select to a secure backup system somewhere in the world.

This has some advantages:- the data is held securely at another location, the data centre is protected from physical instances such as fire and theft.

There are some disadvantages:- the speed of the internet link although greatly improved from dial up telephone lines is still a slow service when the information to be stored is large over a Gigabyte. The result is the backup can take many hours or even days which is not really effective, by the time the data is archived the file may have been updated multiple times or the system could be damaged before the backup takes place.

The size of external drives has grown rapidly and 1-6 Terabyte drives are now common and affordable, but these devices tend to be locally connected and at the same risks as the computer containing the original from damage or loss. These drives are useful but are considered as near-line backup.

We hope this has explained some of the complexities of data backup and migration. We have many years of experience of a variety of systems and keep up to date with developments to be able to impart our experience to assist any organisation with the most effective solution to meet your requirements and budgets.

Once the system is in place it needs careful monitoring and management to ensure the system continues to offer the protection required. We call this Backup Managed Services.