Implementation Business Global Managementâ€Myassignmenthelp.Com

Question: Discuss About The Implementation Business Global Management? Answer: Introduction: As stated by Lave (2013), risk assessments have always been the best practice for the sake of Business Continuity Management (BCM). Increasing pressure from the existing and potential customers, corporate governance and the insurers have forced the organisations to focus on the business continuity management as a part of their risk management strategy. In the view point of Haimes (2015), business continuity management is all about identifying the part of the business that the organisation cannot afford to lose. These include information, stock, premises as well as the staffs to plan how these particular things can be maintained in case if any incident occurs (Christensen et al. 2016). This particular evaluation report focuses on the implementation of risk assessment as a part of the business continuity management. Global Aerospace Logistics (GAL) has been selected as the organisation for the case study. A detailed analysis of how the organisation focuses on the risk assessment as a p art of their business continuity management shall be carried on in this study. As commented by Aven (2015), with the increasing pressure of improving the productivity and the efficiency of the organisation, there has been less resilience towards coping up with the emergencies and the emerging threats due to a flat organisational structure. The organisations need to pay greater attention in order to understand the critical factors that affect the employees, their families and the communities as well (Harrison 2016). Among all these factors, reputation is another factor that is important to take care of in front of the internal and external stakeholders. As revealed by Covello et al. (2013), good corporate governance always demand an effective and transparent management policy that should be known to all in order to mitigate any kind of risk that might occur at any point of time. Risk assessment and risk management is an established organisational discipline that should become an important agenda of the business. To consider the business continuity management, th ere are many times when risks arises as an event of disruption in the organisation and the management shall be responsible for entire risk assessment and decision making process (Collier and Lakoff 2015). Overview of Global Aerospace Logistics (GAL): Global Aerospace Logistics (GAL) is the Abu Dhabi based subsidiary of the Emirates Defence Industries Company. GAL provides professional aerospace services including aviation maintenance, repair, overhaul and specialized support services by the means of excellent service quality, safety, reliability and value for the customers. The service portfolio includes Engineering and Technical Services, Maintenance and Technical Services, Logistics and Supply Chain Management, Components and System Repair, Aircraft Sales and Aviation Consulting and Project Management (GAL.ae 2017). The vision of the organisation is to become the leading organisation by contributing to the defence industry of the UAE by building a new generation of national leaders and by building a prosperous future for the people of UAE that would eventually help them become leaders in the field of aviation services. Their mission is to provide world class services and products supported by highly qualified professionals fulf illing the needs of the customers. GALs top management is highly committed to provide a sustainable high quality service in a responsible way in an injury free, safe and secure manner (GAL.ae 2017). GAL is responsible for promoting a healthy and safety environment at the workplace and believes in investigating and preventing any incident that would harm their safety. Aims and objectives of the study: The aim of the evaluation report is to evaluation of the risk assessment as a part of the business continuity management (BCM), focusing on Global Aerospace Logistics (GAL). The idea is to evaluate the risk assessment processes that can help the organization to find the gaps of implementation and help the implementers to close these gaps and mitigate risks in BCM as best practice. The objectives of the study are: To assess the different risk assessment standards to understand its importance as a best practice to overcome the challenges faced by an organisation To find out the gaps of implementation of the risk assessment To recommend better ways that would help in risk assessment for the business continuity management Rationale of the study: Brindley (2017) commented that a business or an organisation is vulnerable to both internal and external threats. Identifying the potential threats can save an organisation from major disruption to the business operation. Exposure to both internal and external threats has become a serious issue for the organisations. Business continuity and disaster recovery has direct impact on an organisation. The failure of an organisation to address the issue might create downstream impact on the organisation. In order to get things done in a timely manner, it is important to focus upon the critical decisions of the business and agree upon a point that would help them to overcome the problems and issues faced by the organisation (Kapucu and Hu 2016). The increase competition and the increasing level of expectation of the consumers have made it important for the organisations to think about the practice that they could adopt that they do not have to face any kind of internal or external threats (Boin et al. 2016). This study will focus on the evaluation of risk assessment for the business continuity management. In order to do so, the study shall focus on the various risks assessment standards that are adopted by an organisation as a means of best practice to overcome the challenges faced by the organisation. International Organisation of Standardization (ISO) of risk management: ISO 31000 is considered as a family of standards relating to risk management that is codified by the International Organisation for Standardization. The idea is to provide principles and generic guidelines on risk management and assessment (Sylves 2014). ISO 31000 provides a paradigm that is universally recognised among the companies and practitioners in order to replace the myriad of the existing standards and methods that actually differs among the different industries and regions. The purpose of ISO is to be applicable to any public, private and community enterprise or association, group or an individual (Archer 2014). The idea is to provide the best practice structure and guidance to the operations that are directly concerned with the risk management. ISO 31000:2009 provides a generic guideline that actually design, implement and maintain the entire risk management process in an organisation. The scope is to be given to all the strategic, management as well as operational tasks o f an organisation throughout different projects and functions that to be aligned to risk management objectives. In this respect, Hopkinn (2017) highlighted that the ISO is intended to a broader group of stakeholders that include executive level stakeholders, risk analysts and management officers, line managers and project managers and the individual practitioners as well. As pointed out by Lam (2014), that by using ISO 31000 an organisation is likely to achieve its objectives and improve the identification of the opportunities and any kinds of threats and they shall be able to actively allocate and use the resources needed for treating the risk. Most importantly, this particular standard provides guidance for the internal and the external audit program. Any organisation can easily compare their risk management practices with any internationally recognised benchmark and come up with a sound principle for the sake of effective management and corporate governance (Sadgrove 2016). This standard is aligned with a sequence of steps that supports the continuity of improvement and overcome any risk. ISO proposes four steps to the risk assessment. These are; designing a risk management framework, implementation, monitoring and reviewing the risk assessment plan and a continual improvement based on the changes that need to be done in order to remain effective i n the business (Bromiley et al. 2015). Fig: Steps of risk assessment (Source: Bromiley et al. 2015) The scope of implementing the ISO standard is to provide generic guidelines for the design, implementation and the maintenance of the complete risk management process throughout the particular organisation. The scope of this management is to align with a set of common risk management objectives that enable all strategic, management and the operational tasks of an organisation (Kadar 2014). National Emergency Crisis and Disasters Management Authority (NCEMA): NCEMA provides a Business Continuity Management Standard that helps in building the capability of an organisation that it continues its function and deliver its prioritised activities if the companys operations are disrupted due to certain emergency or crises (Spremic et al. 2013). The authority is responsible for the stability of the country and the disaster management as a part of the business continuity management standard designed in 2012. The aim was to enhance the standard with the international standard by sensing best practices and guidelines. According to Pritchar (2014), this particular standard, guidelines and toolkit have been developed in order to build the entities systematically to build the business continuity capability during or after any kind of disaster occurred in an organisation. The ultimate aim of this initiative is to ensure that the ongoing performance of prioritized services and functions in case of both private and public sector should enhance the national stability of UAE (Watanabe 2014). In case of any risk faced by the government entities and its private sector partners, the aim is to handle the emergencies and the crises in a well coordinated manner that would help to recover the situation in the right way. McNeil et al. (2015) pointed out an important thing in this respect that it depends on the nature of the business, its size and complexity based on which the top management of an organisation shall maintain the continuity plan, crisis and the incident in order to come up for an emergency response plan. Fig: The Business Continuity Action Model (Source: Bahr 2014) The purpose of the business continuity management is to improve the capability of the organisation and help in continuing the essential functions and services during or after an emergency that could have a potential disruption over the business (Bahr 2014). The business continuity management for the government of UAE or the local governments of the emirates is to maintain a continuity of the prioritized activities in both the public and private sector. The main objective is to secure supply chain required for the purpose of business continuity and set up effective business continuity plan in order to deliver prioritized activity when there is any emergency (Caselli et al. 2016). The idea is to remain prepared in a planned and controlled manner and develop proactive business continuity at the federal and local levels in UAE in both the public and private sectors. The legislative and the licensing body can even establish certain further specifications to ensure safety and security in o rder to promote the nations security. British Standards Institution (BSI): The British Standard Institution or BSI group marks technical standards on a wide range of products and services and produces technical standards on them. It also supplies certification and standard related services to the businesses (Ko et al. 2016). This group operates in more than 182 countries and the core business remains standard related services and earns its revenue from management systems assessment and certification works. BSI is the business standard company that helps the organisations to make excellence a habit when it comes to delivering products or services. As commented by Rausand (2013), for more than a century, the products and services have been challenging the mediocrity and the complacency in order to embed excellence in the way people and products work. The idea is to show how a business can perform better by reducing risk and achieve a sustainable growth in the following years of the business. Implementing risk assessment as the best practice, and challenges faced by an organisation: As stated by Sadgrove (2016), risk assessment is done in two major steps. The primary step is to identify the source of the risk that helps to identify the actual variables that cause the risks; and secondly, the risk needs to quantify using mathematical calculations that would help to understand the risk profile of the instrument. As argued by Halford (2016), depending on the general framework of risk identification, different techniques can be applied depending on different situations, products and instruments. Several practitioners believe that risk assessment should be the priority of an organisation as it enables one to identify the exposures to risks and issues and help them to mitigate certain issues to reduce the threats to the organisation (Reuter 2015). The purpose of the risk assessment is to establish a priority that the most serious risk can be easily identified and it can be addressed first because the aim of the management should always focus on reducing the risk to an acceptable level. Effective program in an organisation to overcome the risk can ensure business continuity management and help to maintain a particular capability within an organisation (Folkers 2017). In order to maintain the capability, it is important to suggest or nominate an individual who shall be responsible for undertaking certain programs in order to maintain the risks in an organisation. Olson and Wu (2015) revealed various ways of fighting against the risks in an organisation. Typically, the objective of risk assessment is to evaluate all types of risks and rank them according to their impact and probability. For any kind of damage to the physical objects or the equipments, insurance is a better option for overcoming any kind of risk but there are other risk factors as well that can occur in an organisation and it might cause great trouble (Sahebjamnia et al. 2015). The idea of business continuity management is focused on keeping the organisation working even if there is disruption of any event. Risk assessment will consider all the threats that an organisation can face and that can affect the organisational program. The idea of risk assessment as the best policy to be undertaken for an organisation is to provide a safer environment for the employees to work in the particular organisation. Risk assessment can cover a wide range of risks depending on the type of acti vity carried on in the organisation (Koen et al. 2016). Recognising a particular area that would help in overcoming the overall risks that an organisation can face is the main idea behind the risk assessment. Assessing the risk requires certain approaches that would fit all kinds of ineffective issues in an organisation. In order to be sure about the upcoming plans of the organisation, it is advisable to review the documents and the business plan that the organisation has future plans with (Xing and Jio 2016). Area of investigation: In order to carry out the risk assessment plan, there are certain areas that need to be investigated first, so that the assessment can be carried on in a better way. In the view point of Torabi et al. (2014), the primary thing of risk assessment is to record the things that might cause certain risks to the particular organisation. In order to do so, it is important to record the significant findings like the hazards that might harm people. In order to keep a record of the risk assessment procedure, it is important to carry out paperwork and communicate and manage the risks in the business (Jrvelinen 2013). For instance, it can be said that Global Aerospace Logistics might face risks in terms of health and safety of the employees because they have to work with complete dedication in order to support the government and private customers locally and regionally. The aim of the organisation is to provide sustainable high quality services and products in an injury free, safe, secure and re sponsible way that would have minimum impact on the environment (Lam 2014). In order to achieve this particular aim, it has been evident that GAL has implemented a company-wide IMS policy and the organisation is completely committed to comply with the legislation and the operational standards in force (Torabi et al. 2014). In doing so, the organisation follows the legislation and the operational standard in force that include the Abu Dhabi EHS Policy and the Sector Regulatory Authority EHS Policy. In the view point of Jarvelainen (2013), the identification and recording risk needs to follow a number of steps. These are: Identification of the hazards: Anything which might cause harm to the workforce and has possible physical, mental, chemical and even biological hazards need to be identified. For example, lifting of heavy objects, slippery floor, poor condition of machines are some physical hazards; while over time at work, workplace bullying create mental pressure on the employees (Torabi et al. 2014). On the other hand, the workplace might be infected with certain disease causing germs that would result in some biological problems as well. Deciding who might get harmed: It also falls on the responsibility of the management to find it out who might be more affected in an organisation. For instance, the employees who are responsible for repairing the parts of the aircrafts are more prone to get injured than those who are responsible for other kinds of jobs. So focus should be made on them who are more prone to injury (Olson and Wu 2015). Quality check and management is an important part of responsibility for GAL. The organisation is fully committed to assure integrated and quality standard to the clients, partners and other stakeholders. Thus, they have a team of investigators who are continually at their work and take feedback from both the internal and external stakeholders for the sake of continual improvement. Assessing the risk and take prime action: It might happen that even after taking all kinds of precautions, the employees are faced with certain hazards. It is then important to assess the situation and find out the cause of the risk (Halford 2016). Based on the findings, correct actions can be taken. It has also been evident that if they face any kind of risk, they always focus on overcoming the issues and take prime action in doing so. Keeping a record of the findings: Based on the assessment, it is important to record the findings so that the same information can be used for the future and the level of risk can be mitigated to certain extent (Bahr 2014). Keeping a record is a necessary measure that the authority undertakes in order to encourage others to improve their quality, health and safety. Reviewing the risk assessment: Lastly, when all the things are done, it is important to take a note of the overall findings and review the measures and instructions that have been found in the overall risk assessment. Gap in implementation of risk: At the time of risk assessment, there might be certain gaps that hinder the overall process of the risk assessment. In such cases, it is important to identify those gaps so that the management could build up a bridge in order to overcome the gap. The most common gap faced during the risk assessment is the leadership approach. The leader is the one who is accountable for the complete decision making (Aven 2015). It happens that the right people do not make the right judgement and the organization as a whole has to suffer. Secondly, there might be lack of meaningful risk assessment program. The authorities responsible for assessing the risk also lack the meaningful assessment process. A meaningful process of the risk assessment based on the goals and objectives of the organisation needs to be set up. As commented by Xing and Zio (2016), comparing the different approaches to be undertaken for a particular matter actually helps to overcome the gap in the assessment of risk. Sometimes, it also happens that the action taken against a risk is not communicated to people and the overall attempt fails due to lack of proper communication. Risk mitigation planning, implementation and monitoring the progress is another important part of the risk assessment process. In order to mitigate the risks, primarily the requirements of the project should be clear that it would be feasible for everyone to understand the situation and that better actions can be taken (Covello et al. 2013). Next, it is important to come up with the right team who shall be responsible for taking care of the overall risk assessment program. Communicating the overall risk management approach is the most vital part of risk mitigation (Brindley 2017). Not only communicating but in addition to this, it is also needed to take the feedback from the people. Comparing the feasibility of the application of the particular concept and then using the same approach for risk mitigation is the best suitable way. Data collection methods: The evaluation report has been written with the help of both secondary and primary data. For the secondary analysis, the existing information related to the risk assessment has been used. For the primary data, qualitative approach has been undertaken. Three important managers of GAL have been interviewed with a set of predefined questionnaire where they were asked how risk assessment is carried on in their organisation. The research philosophy used for this report is interpretivism where the findings and the analysis of the report has been made on the basis of the perception of the managers of the organisation (Koen et al. 2016). However, it has to be mention that a detailed analysis of the risk assessment strategies has also been carried out in order to interpret the topic in a logical manner. In case of research approach, deductive approach has been used where the data collected from the managers by the means of interview has been taken under consideration for the overall findings (Glesne 2015). In the complete report, there has been no use of theories and models of risk assessment and so deductive approach has not been undertaken in this case. Again, the exploratory research design has been selected for the purpose of evaluating the outcomes of the findings. By the means of this research design, the aspect of the managers of the organisation can be known and the analysis can be done in a better way (Taylor et al. 2015). As mentioned, interview procedure has been selected in order to get acknowledged about the actual way the risk assessment is carried out in the organisation. Non-probability sampling technique has been selected for interviewing the managers. In order to analyse the qualitative data collected by the means of interview, a thematic approach has been undertaken. Ethical approach has been undertaken and the consent of the managers was taken for interviewing them (Matthews and Ross 2014). None of them were forced to respond and they were asked to sign the consent form. Data collected from the qualitative analysis: Three managers of the Global Aerospace Logistics have been interviewed and they have been asked to describe about their experience when they carry out risk assessment for their organisation. A collective response collected from the respondents can be evaluated here: Description: All the managers were very concerned about the safety and security of the workforce working for the purpose of repairing the aircrafts. According to the respondents, the workers have to work with great concern when it comes to their work and there always remain the risk that they would get hurt or injured. Therefore, the main concern of risk is related to the health and safety of the workers working in the organisation. One of the managers in fact shared an event when a worker was moulding a part of the aircraft and had to use certain instruments and equipments. During his work, the employee had great injury in his hand due to mishandling of the tools and the equipments. This was the time, when the necessity of risk assessment was felt. Feelings: All the respondents were part of this organisation for a long time and they were well aware of the several incidents that took place in the organisation. On discussing the matter on health and safety concern, it has been known that all of them were deeply saddened because the incident that took place could have been prevented if proper precautions were taken beforehand. In this respect one of the respondents even mentioned that it should be the primary responsibility of the management and the authorities to carry out the risk assessment than the workforce do not have to suffer. That particular incident created a stir among the managers and it was felt that one should be careful in carrying out the risk assessment. Evaluation: When asked about the safety standards that need to be followed as a part of the organisational safety standard, it was known from one respondent that they consider the organisational standard as an important part in the risk assessment process. The experience taught the employees a lesson. They have understood that they should be more careful towards the organisational operations and safety measures. The worker immediately got medical help but there is no doubt that the person had to suffer due to carelessness of the organisation. Conclusion: There were definitely many other ways that could have been adopted in order to avoid the situation that resulted in the losing the safety of the workers. The safety standards could have been used and proper precautions could have been taken. In fact, it falls under the responsibility of the organisation to think about the workers and take necessary action that would actually help them to remain free of any kind of worry and tension regarding their health and safety issues. Action plan: After the incident, the managers became more concern towards the health and safety of the workers. It has also been evident that there are certain gaps that the management faces at the time of carrying out the risk assessment and the major concern is to overcome these gaps. In response to the actions that they could take in future for the purpose of better risk assessment, it has been found that they would recruit a better team who shall be responsible for taking care of the overall risk assessment of the organisation. In addition to this, they shall also involve the workforce of the organisation for the major decisions. Taking feedback from the employees at a regular interval is another important step that they would undertake in order to improve the current situation. Findings and analysis: The detailed investigation made in this report on evaluation of risk assessment implementation of business continuity management has made it clear that there are certain standards that have been set by different governmental and non-governmental bodies. These standards clearly made it evident that the organizations should consider risk assessment as a part of their organizational objectives in order to focus on the business continuity management. GAL provides all kinds of services including repairing and maintenance of the aerospace services. An organization has been facing both internal and external threats and risks might come from any point. It might be related to health and safety of the workers or it might also be related to the economy of the organization. However, there can be serious ways by which the risk can be assessed and the same can be mitigated as well. The international organization of standardization or the ISO of risk management provides the principle guidelines on the risk assessment. This standardization is applicable to both public and private sector organizations and it provides a better guideline that can be followed in order to overcome any kind of risk that might take place in an organization. In fact, the project managers and the practitioners can actually use this particular framework to evaluate the various risks that can occur in an organization. There are certain stages in the complete risk assessment plan and one needs to follow them in order to carry out risk assessment in an organization. The National Emergency Crisis and Disasters Management Authority also look at the capability of an organisation and its disruption that it faces at times. It has been observed that the authority is responsible for the overall disaster management and there is a systematic approach on dealing with the challenges faced by the organis ation. The aim is to come up with the approach that the work of the organisation goes on without any hindrance. There are different capabilities for different types of organisation and the risks vary accordingly. Most importantly, there are different standards for different types of organisation as well. The British Standard Institution is another mark that is also used to signify the standards of a business. This standard helps a business to mark its standard in terms of the product or service offered by the organisation. It is when this mark is found, the risk is reduced to a great extent. It has also been found that implementing risk assessment is the best practice that an organisation can undertake in order to overcome any barrier in its business activities. It is only when an organisation focuses on reducing the risk, the chances of business management continuity increases. There are various reasons for which it becomes very important to assess risks. It is important to protect any physical equipment or save the employees from any kind of hazards. It is only when there remains the security of safety measures, the employees and the workforce can consider it to be a better place to work and would work with better dedication. In addition to this, business continuity management is an equally important part for the continuity of the business and that can be achieved by the means of the better risk assessment strategy. With the qualitative analysis, it has been evident that there are many situations when the organisation has to face risks and the management is responsible for the risk assessment. The major risk associated with the occupation of this particular organisation is related to the health and safety of the workforce. It has been found that there are many instances when the employees might have to face risk due to poor health and safety measures. It should be the prime responsibility of the organisation to consider better ways that would help the workforce to overcome the risk that they face while they work. In fact, the managers are also concerned with the increasing risk that the workforce might have to face. In order to combat against the increasing risk, the management has come up with the approach of including a new group of people who shall be responsible for analysing the risk and managing the overall organisational condition. The organisation has been working on the safety and preca ution of the aerospace services but at times, it has failed in providing the safety and precaution to the workforce working in the organisation. Although the organisation follows the standard of the safety measures, there needs to be better check made on the regular work that the organisation is engaged in. If these things are checked properly then the overall functions of the organisation will improve and the work culture will improve to greater extent. Conclusion A detailed analysis of the evaluation of risk assessment implementation for business continuity management has been carried on in this report. The aim of the report was to anlayse the different standards that are used by different organisations in order to overcome the risks and challenges faced by an organization. The different standards have been discussed and it has been rightly observed that the organization in UAE uses various international standards in order to carry out the risk management in their organization. GAL has been using various standards as well and has been carrying out risk assessment as a part of their organizational activities. The ISO standard could be considered as the most important benchmark that the organization can undertake in order to improve their work culture. For every organization there should be certain guidelines that the organization needs to follow. This would automatically reduce the number of accidents and create a better and secure place for t he workforce to work. The organization has been successful to great extent but there are still opportunities for improving the situation. The other objective of the report was to find out the gaps in the implementation of risk assessment. In this respect, it shall be mentioned that good leadership approach could be one of the major reason that creates gap. Other important issues include lack of proper approach undertaken by the organization. In order to recommend certain better ways to improve the business continuity management, certain recommendations have been proposed here. Recommendations: In order to carry out the risk assessment in a proper way, certain recommendations can be made. Conducting voluntary risk assessment: It has been evident that the organisation carries out the risk assessment based on the laws and regulations that are meant for particular business activity. However, the intensity and type of risk might vary from one organisation to the other; this is the reason that an organisation should always consider conducting voluntary risk assessment in the particular workplace. The management should have a flawed attitude and should consider that all kinds of risks are business risks and they should deal with these risks to minimise any kind of ill effect over the organisation. Using a well designed risk assessment form: It is a wise decision to come up with a list or plan of risk assessment that should be followed by the management of the organisation in order to proceed with the risk assessment is a well prepared way. This way, the risk assessment will be prone to lesser human error and the assessment can be completed more quickly. Identifying the workplace specific risks: As mentioned, the risks might vary from one organisation to other but one should be effective enough to understand the potential areas in the organisation where there are greater chances of risk. Identifying the specific risk is important and working on the same will fetch better result in overcoming the risks that the organisation might face. Involving the internal personnel: The wisest decision of overcoming the risks of the particular organisation is by involving the internal personnel of the organisation in overcoming the issues. There is no doubt that the internal people would be more aware of the necessary steps that could be taken for the sake of overcoming any issue faced by the organisation. Seeking the input of the internal people will help in better risk assessment form. Moreover, the internal people will adapt to the changes more easily than others and that they can come up with better measures than others. Heeding risk assessment and not just keeping it aside: The management should also be responsible for heeding the risk assessment and think of better and sufficient safety measures to identify any kind of hazards or issues that can occur at any point of time. It is when the organisation will always remain ready for any kind of risk; it can overcome any issue that might occur in the organisation. References: Archer, C., 2014.International organizations. Routledge. Authority, C.A.S., 2014. Business Continuity Management. Aven, T., 2015. Implications of black swans to the foundations and practice of risk assessment and management.Reliability Engineering System Safety,134, pp.83-91. Bahr, N.J., 2014.System safety engineering and risk assessment: a practical approach. CRC Press. Boin, A., Stern, E. and Sundelius, B., 2016.The politics of crisis management: Public leadership under pressure. Cambridge University Press. Brindley, C. ed., 2017.Supply chain risk. Taylor Francis. Bromiley, P., McShane, M., Nair, A. and Rustambekov, E., 2015. Enterprise risk management: Review, critique, and research directions.Long range planning,48(4), pp.265-276. Bsigroup.com 2017 About BSI Available at: https://www.bsigroup.com/en-AE/About-BSI/ [Accessed on: 3-8-2017] Caselli, F., Reyes, M., Beale, M., Akakura, Y. and Ono, K., 2016. Methodology and procedure of business impact analysis for improving port logistics business continuity management.IDRiM Journal,6(1), pp.1-29. Christensen, T., Lgreid, P. and Rykkja, L.H., 2016. Organizing for crisis management: building governance capacity and legitimacy.Public Administration Review,76(6), pp.887-897. Collier, S.J. and Lakoff, A., 2015. Vital systems security: Reflexive biopolitics and the government of emergency.Theory, Culture Society,32(2), pp.19-51. Covello, V.T., Lave, L.B., Moghissi, A.A. and Uppuluri, V.R.R. eds., 2013.Uncertainty in risk assessment, risk management, and decision making(Vol. 4). Springer Science Business Media. Folkers, A., 2017. Continuity and catastrophe: business continuity management and the security of financial operations.Economy and Society, pp.1-25. Gal.ae 2017 About us Available at: https://www.gal.ae/ [Accessed on: 3-8-2017] Glendon, A.I., Clarke, S. and McKenna, E., 2016.Human safety and risk management. Crc Press. Glesne, C., 2015.Becoming qualitative researchers: An introduction. Pearson. Haimes, Y.Y., 2015.Risk modeling, assessment, and management. John Wiley Sons. Halford, C.D., 2016.Implementing Safety Management Systems in Aviation. Routledge Harrison, S. ed., 2016.Disasters and the media: Managing crisis communications. Springer. Hopkin, P., 2017.Fundamentals of risk management: understanding, evaluating and implementing effective risk management. Kogan Page Publishers. Iso.org 2017 A practical guide for risk assessment Available at: https://www.iso.org/standard/43170.html [Accessed on: 3-8-2017] Iso.org 2017 International Organization for Standardization Available at: https://www.iso.org/iso-31000-risk-management.html [Accessed on: 3-8-2017] Jrvelinen, J., 2013. IT incidents and business impacts: Validating a framework for continuity management in information systems.International journal of information management,33(3), pp.583-590. Kadar, M., 2014. Development and implementation of a business continuity management risk index.Journal of business continuity emergency planning,8(3), pp.238-251. Kapucu, N. and Hu, Q., 2016. Understanding multiplexity of collaborative emergency management networks.The American Review of Public Administration,46(4), pp.399-417. Ko, J., Na, S. and Cheung, C., 2016. A Study on Continuity Management framework to build.Journal of Korean Society of Disaster and Security,9(1), pp.1-7. Koen, R., Von Solms, R. and Gerber, M., 2016, May. ICT Readiness for Business Continuity in local government. InIST-Africa Week Conference, 2016(pp. 1-11). IEEE. Lam, J., 2014.Enterprise risk management: from incentives to controls. John Wiley Sons. Lave, L.B. ed., 2013.Risk assessment and management(Vol. 5). Springer Science Business Media. Matthews, B. and Ross, L., 2014.Research methods. Pearson Higher Ed. McNeil, A.J., Frey, R. and Embrechts, P., 2015.Quantitative risk management: Concepts, techniques and tools. Princeton university press. NCEMA.GOV.AE 2017 Business Continuity Management Standard and Guide Available at: https://www.ncema.gov.ae/content/documents/BCM%20English%20NCEMA_29_8_2013.pdf [Accessed on: 3-8-2017] NCEMA.GOV.AE 2017 Business Continuity Management Standard Available at: https://www.ncema.gov.ae/vassets/6d82b712/AE_SCNS_NCEMA_7000_2015_ENGLISH.pdf.aspx [Accessed on: 3-8-2017] Olson, D.L. and Wu, D.D., 2015.Enterprise risk management(Vol. 3). World Scientific Publishing Co Inc. Pritchard, C.L. and PMP, P.R., 2014.Risk management: concepts and guidance. CRC Press. Rausand, M., 2013.Risk assessment: theory, methods, and applications(Vol. 115). John Wiley Sons. Reuter, C., 2015. Towards efficient security: business continuity management in small and medium enterprises.International Journal of Information Systems for Crisis Response and Management (IJISCRAM),7(3), pp.69-79. Sadgrove, K., 2016.The complete guide to business risk management. Routledge. Sahebjamnia, N., Torabi, S.A. and Mansouri, S.A., 2015. Integrated business continuity and disaster recovery planning: Towards organizational resilience.European Journal of Operational Research,242(1), pp.261-273. Spremi?, M., Bajgori?, N. and Turulja, L., 2013. Implementation of IT governance standards and business continuity management in transition economies: The case of banking sector in Croatia and Bosnia-Herzegovina.Ekonomska istraÃ… ¾ivanja,26(1), pp.183-202. Sylves, R., 2014.Disaster policy and politics: Emergency management and homeland security. CQ Press. Taylor, S.J., Bogdan, R. and DeVault, M., 2015.Introduction to qualitative research methods: A guidebook and resource. John Wiley Sons. Torabi, S.A., Soufi, H.R. and Sahebjamnia, N., 2014. A new framework for business impact analysis in business continuity management (with a case study).Safety Science,68, pp.309-323. Watanabe, K., 2014. Establishing Social Resilience with (Public-Private Partnership)-Based BCM (Business Continuity Management). InImproving Disaster Resilience and Mitigation-IT Means and Tools(pp. 63-72). Springer, Dordrecht. Xing, J. and Zio, E., 2016, September. An integrated framework for business continuity management of critical infrastructures. InESREL 2016.