The Impact of Smallpox on the New World Essay -- American America Hist

The Impact of Smallpox on the New World  Transportation and relocation has been imperative to Homo sapiens since the hour of the agrarian. People have utilized the various techniques for transportation since this time for various reasons (for example endurance on account of the agrarian, to spread religion, or so as to look for valuable minerals and flavors). What not many of these human voyagers neglected to acknowledge is that frequently infections were moving with them. This article will take a gander at the spread of the malady smallpox. In the accompanying I would like to uncover the historical backdrop of smallpox just as why it crushed the New World. So as to comprehend the historical backdrop of smallpox one initially needs to see how sicknesses like it advance. Much like different species, infections that make due over the long haul are the microorganisms that most viably repeat and can discover appropriate spots to live. For an organism to successfully repeat, it must be characterized numerically as the quantity of new contaminated per every unique patient. This number will to a great extent rely upon to what extent every casualty can spread the infection to different casualties (Diamond, 198). Other than multiplication, a microorganism needs an appropriate situation to endure. Much of the time this condition is an enormous creature populace. With this sort of condition a microorganism can make due by, unexpectedly, not executing everybody off. On the off chance that a populace is little and thick, the organism will spread to all the creatures in the prompt region and, if deadly, slaughter the whole species off. This not just parts of the bargains the creature in this prompt populace, yet the presence of the organism since it has no transporter to filter itself to. In this manner, the perfect populace for a destructive microorganism is a populace t... ...nt of the Western Hemisphere. Today, for instance, Jamaica, the Bahamas, Haiti, Cuba, and Puerto Rico all have considerable or dominatingly dark populaces instead of indigenous Indians lost to smallpox. (Thomson, 122) This, thus, lead to the triangle slave exchange, which delivered the biggest level and wide spread act of subjection at any point seen. Numerous students of history concur that these unforeseen development couldn't have occurred without smallpox. This single microorganism not just changed the populace cosmetics of the New World, however everlastingly changed the New World culture and economy. Sources 1) Diamond, Jared, Ch. 11: Lethal endowment of animals, in Firearms, Germs, and Steel W.W. Norton and Co, 1997, ISBN 0-393-03891-2, pp. 195-214 2) Thomson, Mark. Junior Division Winner: The Migration of Smallpox and Its Indelible Footprint on Latin American History. The History Teacher. 1998.

Bank of the Philippine Islands Free Essays

BANK OF THE PHILIPPINE ISLANDS Bank of the Philippine Islands (BPI) is that country’s second-biggest bank, trailing just Metropolitan Bank ; Trust. It is likewise the Philippines’ most established bank and one of the most established of every single Asian bank. BPI offers a full scope of business and retail monetary administrations, including corporate money administrations, resource the board, and financier and other budgetary counseling administrations. We will compose a custom exposition test on Bank of the Philippine Islands or then again any comparable subject just for you Request Now BPI’s retail organize incorporates in excess of 700 branches all through the Philippines, just as branches in New York, Hong Kong, and Tokyo. The bank additionally works a system of in excess of 1,200 computerized teller machines and in excess of 8,500 retailer-based retail location machines. In 1999, BPI spearheaded internet banking in the Philippines with the dispatch of online bank BPI Direct in 1999. Notwithstanding its financial items and administrations, BPI has likewise built up a solid non-disaster protection activity, primarily under auxiliary BPI/MS Insurance Corporation. Recorded on the Philippines Stock Exchange, BPI has for some time been dominant part constrained by Philippines combination Ayala Corporation. * pioneer in electronic banking, having presented the majority of the firsts in the business, for example, * robotized teller machines (ATMs), * a retail location charge framework * stand banking * telephone banking web banking * versatile banking * possessed by the Ayala Corporation Business Evolution * post World War II time, BPI advanced from a simply business bank to a completely expanded all inclusive bank * achieved primarily through mergers and acquisitions in the eighties when it ingested a venture house, a stockbrokerage organization, a renting organization, a reserve funds bank, and a retail money organization * Since the late 1990s †fulfilled three b ank mergers * 1996 †converged with City Trust Banking Corporation 2000 * culminated the greatest merger then in the financial business when it converged with the previous Far East Bank ; Trust Company (FEBTC) * formalized its procurement of three significant insurance agencies in the life, non-life and reinsurance fields * 2005 †obtained and converged with Prudential Bank MERGERS April 2007 †Bank of the Philippine Islands (Europe) Plc * October 2008 †BPI, Ayala Corporation and Globe Telecom consented to a Memorandum of Arrangement to shape the country’s first portable microfinance bank * 2009 †went into a key bancassurance association with The Philippine American Life Insurance Company (Philamlife) to shape BPI-Philam Life Assurance Corp Principal Subsidiaries * BPI Family Savings Bank, Inc. * BPI Capital Corporation * BPI Leasing Corporation * BPI Direct Savings Bank * BPI International Finance Limited, Hong Kong BPI Express Remittance Corporation * Bank of the Philippine Island (Europe) Plc, * Ayala Plans, Inc. * BPI/MS1 Insurance Corporation Reasons Of merger * Jaime Augusto Zobel de Ayala, BPI’s Chairman, said the buy would assist â€Å"enhance† the activities of BPI with expanded or extended system. * New motivating force bundle by BSP concerning mergers and acquisitions * BPI has been keeping watch for some great acquisitions so as to support its situation as a rising local monetary powerhouse. The merger supposedly offers a decent key fit to BPI in infiltrating the appealing client section of Prudential made generally out of center market business visionaries. * With the merger, BPI will set its situation as the country’s second biggest manage an account with consolidated resources totaling P456. 09 billion. * BPI hopes to pick up at any rate 200,000 new records with the securing. BPI and FAR EAST BANK TRUST COMPANY MERGER The greater part investors of the Bank of Philippine Islands (BPI) and Far East Bank and Trust Co. FEBTC) endorsed the merger of the two banks, making the consolidated element the tenth biggest budgetary organization in the area with over $3. 5 billion in capital. The merger slung BPI/FEBTC as the country’s biggest bank, representing 14 percent of the whole banking industry’s all out assets with combinedâ assets of P372. 4 billion. The blended organization will likewise have the biggest branch system of 680. BPI president Xavier Loinaz, in a meeting, said they expect the combination of the two banks to be solidified before the finish of March this year. We feel that by end of March this year, they (merger process) would be falling into place,† Loinaz stated, when gotten some information about the merger timetable. FEBTC president Octavio Espiritu guaranteed FEBTC representatives that they will work out approaches to sift out residual issues in regards to the merger especially the conceivable huge uprooting of FEBTC staff. While they are co ncluding the incorporation, both Loinaz and Espiritu said the exhibition of their separate banks in 1999 was moderately â€Å"flat†. â€Å"We haven’t seen any development for the year, essentially a similar level as a year ago. Advances are level for 1999,† Loinaz stated, including that BPI’s bottomline was additionally â€Å"flat†. Something very similar with FEBTC, Espiritu said the bank’s pay was down because of credits provisioning adding up to about P2 billion for the year. This year, Loinaz said they are as yet trusting that the economy will pivot. â€Å"Last year was very disillusioning. We demonstrated a slight drop in (bottomline) the past year,† he included. Loinaz said they don't expect â€Å"too much† from the main year of merger of BPI and FEBTC. In any case, he educated the investor that for 2000, the expert forma anticipated income per share for the blended bank would be 5. 37 percent, 6. 31 percent in 2001 and 6. 79 percent in 2001. In light of BPI’s shutting cost on Oct. 20, 1999, the day that the merger understanding was marked and declared, the trade proportion spoke to a suggested estimation of P82. 50 for every FEBTC share or an inferred premium of 18 percent to FEBTC’s shutting cost on that day. As per Loinaz, they anticipate working with DBS Bank which presently possesses around 20 percent of the combined bank. DBS Bank is the second biggest bank in the area. The most effective method to refer to Bank of the Philippine Islands, Essay models

Innovation Management with MindMeister and OnePoint - Focus

Innovation Management with MindMeister and OnePoint - Focus This is a guest post by Gerald Aquila, CEO of our strategic partner OnePoint 360 ° Enterprise Project Management. Here he discusses the values and benefits of using MindMeister together with OnePoint Project as a complete Innovation Management process. In order to remain competitive, you or your company must consistently be on the lookout for new opportunities. Where are your new ideas coming from? Do you have a process in place to collect, analyze, and realize these ideas? Mind mapping at its core is a graphic representation of thoughts and ideas. Based on the nature of its use and positive output, mind mapping is a method ideally suited for today’s innovation management process. At the front end of the innovation management process strategic goals must be formulated and divided into focus areas. Once focus areas are defined, the entire company can then contribute to the new idea generation process through MindMeister. Every idea can be considered as a potential project, and team members will add their own ideas, generating a number of potential variants of this initial idea. Once ideas have reached a semi-mature point, the team may then start adding “Pros and Cons” to each idea, as well as conduct a SWOT analysis. By adding the collective input and envisioning multiple versions of the same core idea, participants have self-selected the most promising solutions. Through MindMeister’s history view, top-level management is able to see the entire creation process and begin defining feasibility requirements. Together with the innovation management team, preliminary project management plans may then be constructed. It is during this critical phase where an enterprise project management (EPM) solution such as Onepoint Project can bring ideas to life. The preliminary project plan can easily be imported from MindMeister into Onepoint Project and then enhanced with accurate duration and effort data. By using Onepoint’s project management solution, project managers can generate an accurate estimate of project length and cost, as well as generating detailed cost and human resource breakout lists. Top management will have the ability to gain a complete overview of the project through various project size and scope estimates, thus empowering their “Go/No Go” decision. When used together, the MindMeister/Onepoint Project solution can provide for a collaborative innovation management data collection point, right on through to final production. With an Innovation Pipeline based on MindMeister and Onepoint Project in place, your company can be ready to strike when the iron is hot, and take full advantage of your next “Big Thing”. To learn more about Onepoint Project, and what they can do for you please visit them at onepoint-project.com Innovation Management with MindMeister and OnePoint - Focus This is a guest post by Gerald Aquila, CEO of our strategic partner OnePoint 360 ° Enterprise Project Management. Here he discusses the values and benefits of using MindMeister together with OnePoint Project as a complete Innovation Management process. In order to remain competitive, you or your company must consistently be on the lookout for new opportunities. Where are your new ideas coming from? Do you have a process in place to collect, analyze, and realize these ideas? Mind mapping at its core is a graphic representation of thoughts and ideas. Based on the nature of its use and positive output, mind mapping is a method ideally suited for today’s innovation management process. At the front end of the innovation management process strategic goals must be formulated and divided into focus areas. Once focus areas are defined, the entire company can then contribute to the new idea generation process through MindMeister. Every idea can be considered as a potential project, and team members will add their own ideas, generating a number of potential variants of this initial idea. Once ideas have reached a semi-mature point, the team may then start adding “Pros and Cons” to each idea, as well as conduct a SWOT analysis. By adding the collective input and envisioning multiple versions of the same core idea, participants have self-selected the most promising solutions. Through MindMeister’s history view, top-level management is able to see the entire creation process and begin defining feasibility requirements. Together with the innovation management team, preliminary project management plans may then be constructed. It is during this critical phase where an enterprise project management (EPM) solution such as Onepoint Project can bring ideas to life. The preliminary project plan can easily be imported from MindMeister into Onepoint Project and then enhanced with accurate duration and effort data. By using Onepoint’s project management solution, project managers can generate an accurate estimate of project length and cost, as well as generating detailed cost and human resource breakout lists. Top management will have the ability to gain a complete overview of the project through various project size and scope estimates, thus empowering their “Go/No Go” decision. When used together, the MindMeister/Onepoint Project solution can provide for a collaborative innovation management data collection point, right on through to final production. With an Innovation Pipeline based on MindMeister and Onepoint Project in place, your company can be ready to strike when the iron is hot, and take full advantage of your next “Big Thing”. To learn more about Onepoint Project, and what they can do for you please visit them at onepoint-project.com

The Legion Of Cyber Crime - 2410 Words

Davit Temurian English 115 M-W Dawahare 15 November 2014 Legion of Cyber Crime Black hat, grey hay, white hat, all terms to identify different classes or cyber criminals, all tied together under the label of hacker. Whether it is for the greater good or for pure evil, cyber security seems to be breached every day as the media puts out headlines of major retailers, governments, and social media sites being broken into for personal information, mockery, or even to instigate real physical war. The recent surge of technological advances has brought attention to a deadly force once overlooked by all, the hackers. These individuals commit cyber-crimes because they can retain anonymity, it is easier and less dangerous than a physical crime, and it makes it easy to draw attention on whatever it is they are attacking, which is why we as a society need to be educated on their motives and means of attack to protect us from their criminal actions. Criminals seem to be evolving at a quicker rate than technology, learning lessons from past criminals being caught and/or kille d and adapting to the changing â€Å"smart† society. Millennials always hear from their parents to be wary of what they post online because it stays there forever, but the hackers of today laugh at that and are virtually invisible in any crimes they choose to commit. They are able to keep their anonymity through data encryption, computer zombification, and deep web browsers. Data encryption is one basic tool used byShow MoreRelatedThe Growing Harm Of Not Teaching Malware873 Words   |  4 Pages and private individuals have been exposed to a number of cyber threats and cyber-attacks. Cyber war, cyber terror, cyber-attacks, or anything cyber has become a buzzword for any crime that occurs via the World Wide Web. Even United States of America (U.S.), the most powerful nation on earth, has not been able to stave off these virtual threats. With just a single click on the internet, unscrupulous hackers could delete or corrupt legions of files via sending malware such as worms, bugs, Trojan horseRead MoreEnemy Of The System1454 Words   |à ‚  6 Pagespeople and the United States, but what he was truly doing was considered an act of war according to the Pentagon. The Pentagon delineates that an act of computer sabotage from another country is the basis for war (Potter, Ruder, Roth, 4: Examples of Cyber Terrorism). Hacktivism calls for a redefining of what is truly democratic and to what extent hacktivism can go before being considered destructive. Many would argue that this young boy acted as patriotic as any soldier or airman we have protectingRead MoreHacking sweeps the nation Essay2084 Words   |  9 Pagesbegan, younger hackers actually became professionals in breaching computer networks, this started and uproar of cyber crime incidents in the 1990s. From the 1990s to the 2000s, hackers started to really be recognized as a threat as they hacked into many federal government websites and large companies. This brought great controversy about what approach to take in stopping computer crimes. In the 2000s, hackers m anaged to make a huge name for themselves and became a main attraction to the public theyRead MoreEthical Hacking2871 Words   |  12 Pagesand Groups 1983:KidsGames, Movie War Games introduces public to hacking. THE GREAT HACKER WAR Legion of Doom vs Masters of Deception; online warfare; jamming phone lines. CRACKDOWN (1986-1994) 1986: Congress passes Computer Fraud and Abuse Act; crime to break into computer systems. ââ€"   1988: The Morris Worm Robert T. Morris, Jr., launches self-replicating worm on ARPAnet. ââ€"   1989: The GermansRead MoreHacking: Implications for Computerized Accounting Information System2858 Words   |  12 Pagesbroke into phone networks to make free calls. In the next decade, phone phreaks began to move into the territory of computer hacking, and the electronic bulletin board systems (BBSs) came into being. Hacking groups began to form. Among the first were Legion of Doom in the United States, and Chaos Computer Club in Germany. In the last decade, with the advent of internet, hackers moved all the hacking related information from old BBSs to new hacker Web sites. The face of hacking changed rapidly with easyRead MoreEthical Hacking8365 Words   |  34 Pagesdefinitions. The first definition refers to the hobby/profession of working with computers. The second definition refers to breaking into computer systems. While the first definition is older and is still used by many computer enthusiasts (who refer to cyber-criminals as crackers), the second definition is much more commonly used. [3] In the context of ethical hacking, hacking refers to the second definition breaking into computer systems. It can be assumed that hacking is illegal, as breaking into aRead MoreEthical Hacker5200 Words   |  21 PagesConduct Ethical Hacking? How Do They Go About It? Approaches to Ethical Hacking Ethical Hacking Testing Ethical Hacking Deliverables Computer Crimes and Implications Legal Perspective (U.S. Federal Law) Section 1029 and Penalties Section 1030 and Penalties Japan Cyber Laws United Kingdom Cyber Laws Australia Cyber Laws Germany’s Cyber Laws Singapore’s Cyber Laws Summary Page  Module: Footprinting Scenario Module Objectives Revisiting Reconnaissance Defining Footprinting Information GatheringRead MoreChallenges of Youths in Our Contemporary World4314 Words   |  18 Pagesavailable on the internet. However, one must not lose sight of the evil associated with these devices (internet, GSM and computer). Many (including children, youth and even older people) are introduced to do world of deceit, indecency, immorality crime, sexual perversions, violence and many other vices through the use of these inventions of modern technology. The computer and the internet have more damaging influence on the youth. Youths spend long hours watching digital videos (DVD) or playing violentRead MoreOne Significant Change That Has Occurred in the World Between 1900 and 2005. Explain the Impact This Change Has Made on Our Lives and Why It Is an Important Change.163893 Words   |  656 Pagesappearance and quality to those built in Europe, deteriorated so badly, and were supervised so poorly, that all those who could manage to leave them did. By the 1970s, city governments across the United States began to tear down these largely empty, crime-ridden structures. As the civil rights movement of the 1960s exposed the racial injustices of the United States, a series of riots swept across the black ghettos of more than twenty American cities. They reached a crescendo in 1968, following theRead MoreEssay on Fall of Asclepius95354 Words   |  382 Pagesheadquarters for the districts law enforcement. The place contained ammunition and weapons that was used to re-supply stations in the surrounding area. How our city was picked for the headquarters was beyond me. I believed it had something to do with the crime rate and strategic placing. Anyways... This place will have all the ammunition well ever need. There may also be some ETF uniforms that can be used to replace our bike armour. Even though the bike armour is very light, it would never stand against

War Hawks and the War of 1812

The War Hawks were members of Congress who put pressure on President James Madison to declare war against Britain in 1812. The War Hawks tended to be younger congressmen from southern and western  states. Their  desire for war was prompted by expansionist tendencies. Their agenda included adding Canada and Florida to the territory of the United States as well as pushing the frontier further west despite resistance from Native American tribes. Reasons for War The War Hawks cited multiple tensions between the two 19th-century powerhouses as arguments for war. Tensions included violations that the British committed regarding U.S. maritime rights, the effects of the Napoleonic Wars and lingering animosity from the Revolutionary War.   At the same time, the western frontier was feeling pressure from Native Americans, who formed an alliance to stop the encroachment of white settlers. The War Hawks believed that the British were financing the Native Americans in their resistance, which only incentivized them to declare war against Great Britain even more. Henry Clay Although they were young and even called the boys in Congress, the War Hawks gained influence given the leadership and charisma of Henry Clay. In December 1811, the U.S. Congress elected  Henry Clay  of Kentucky as speaker of the house. Clay became a spokesperson for the War Hawks and pushed the agenda of war against Britain. Disagreement in Congress Congressmen mainly from northeastern states disagreed with the War Hawks. They did not want to wage war against Great Britain because they believed their coastal states would bear the physical and economic consequences of an attack by the British fleet more than southern or western states would. War of 1812 Eventually, the War Hawks swayed Congress. President Madison was eventually convinced to go along with the demands of the War Hawks, and the  vote to go to war  with Great Britain passed by a relatively small margin in the U.S. Congress. The War of 1812 lasted from June 1812 to February 1815. The resulting war was costly to the United States. At one point British troops marched on Washington, D.C. and  burned the White House and the Capitol. In the end, the expansionist goals of the War Hawks were not achieved as there were no changes in territorial boundaries. Treaty of Ghent After 3 years of war, the War of 1812 concluded with the Treaty of Ghent. It was signed on December 24, 1814 in Ghent, Belgium. The war was a stalemate, thus the purpose of the treaty was to restore relations to status quo ante bellum. This means that U.S. and Great Britain borders were to be restored to the condition they were in before the War of 1812. All captured lands, prisoners of war and military resources, such as ships, were restored.   Modern Usage The term hawk still persists in American speech today. The word describes someone who is in favor of beginning a war.

Business Continuity Plan as a Part of Risk Management Free Essays

Celem niniejszej pracy jest zaprezentowanie roli i znaczenia Planu Ciaglosci Funkcjonowania Przedsiebiorstwa w calosciowym procesie zarzadzania ryzykiem w firmie oraz przedstawienie przykladowej tresci takiego planu. Rozdzial pierwszy zawiera ogolne wprowadzenie do zagadnienia zarzadzania ryzykiem. Przedstawia on definicje ryzyka w sensie, w jakim jest ono rozumiane w niniejszej pracy. We will write a custom essay sample on Business Continuity Plan as a Part of Risk Management or any similar topic only for you Order Now Ponadto, znajduje sie w nim opis wielorakich zagroSen, ktore sa zwiazane z funkcjonowaniem przedsiebiorstwa, a takSe lista metod sluSacych do pomiaru ryzyka oraz opis przykladowych postaw, jakie sa przybierane wobec zagroSen. W rozdziale drugim zaprezentowano pojecie Zarzadzania Ciagloscia Funkcjonowania Przedsiebiorstwa. Znajduje sie tu charakterystyka ewolucji tego zagadnienia oraz wyjasnienie, dlaczego Plan Ciaglosci Funkcjonowania Przedsiebiorstwa jest dokumentem o ogromnym znaczeniu dla firmy i jej interesariuszy. Ponadto, w rozdziale tym poddano dyskusji pewne szeroko rozpowszechnione mity dotyczace Zarzadzania Ciagloscia Fukncjonowania Przedsiebiorstwa. Ta czesc pracy konczy sie opisem Analizy Wplywu na Przedsiebiorstwo jako glownego narzedzia, ktorym posluguje sie opisywany typ zarzadzania. W rozdziale trzecim przedstawiono rezultaty dokonanej przez autorke analizy roSnych Planow Ciaglosci Funkcjonowania Przedsiebiorstwa i ich szablonow. To studium bylo podstawa do zaprezentowania przykladowej struktury Planu oraz opisu najczesciej spotykanych w nim bledow. Ostatni rozdzial zawiera takSe charakterystyke faz wprowadzania i testowania Planu, ktore sa rownie waSne jak etap jego przygotowania. Wspolczesne przedsiebiorstwa nie moga sobie pozwolic na postawe reaktywna wobec realnych zagroSen, gdyS wydarzenia bedace w stanie zaklocic ich funkcjonowanie sa liczne i moga zaistniec zarowno w wewnetrznym, jak i zawnetrznym srodowisku firmy. Profesjonalnie przygotowany i skrupulatnie 5 aktualniany Plan Ciaglosci Funkcjonowania Przedsiebiorstwa cechuje postawe proaktywna. Jest nie tylko ogromnie pomocny w przezwycieSaniu trudnosci, ale dla interesariuszy firmy stanowi takSe dowod jej wiarygodnosci. MoSna wiec oczekiwac, Se coraz wiecej przedsiebiorstw bedzie sie staralo zdobyc ten nieoceniony atut. 6 ABSTRACT The aim of this thesis is to present the role and significance of a Business Continuity Plan (BCP) in the holistic process of a company’s Risk Management, and to provide a characteristic of exemplary BCP contents. The first chapter contains a general introduction into Risk Management. It delivers the definition of risk as it is understood in the context of the present thesis. Moreover, there is a description of multiple risks which are relevant to a company’s activity, as well as a list of the risk measurement methods and an account of exemplary attitudes towards threats. The second chapter presents the question of Business Continuity Management (BCM). It characterizes the evolution of this concept and explains the reasons why the BCP is a document of utmost importance to the company and its stakeholders. What is more, certain wide-spread myths concerning BCM are also disputed there. This part of the thesis ends with a description of Business Impact Analysis as the main tool of Business Continuity Management. The third chapter provides the results of the author’s analysis of various Business Continuity Plans and their templates. That study has been the basis for the presentation of an exemplary structure of a Business Continuity Plan, as well as for the description of the most frequent mistakes which occur in BCPs. The last chapter also contains a characterization of implementation and testing phases which are as significant as the preparation of a Business Continuity Plan. Modern companies cannot afford a reactive stance towards possible threats as the dangers which may disrupt their functioning are multiple and come both from the inner and outer environment. A professionally prepared and carefully updated Business Continuity Plan characterizes a proactive attitude. Not only does it significantly help to overcome difficulties, but it is also a convincing proof of the firm’s reliability to all its stakeholders. Therefore, it may be expected that more and more companies will attempt to acquire this invaluable asset. 7 INTRODUCTION The present thesis is the result of the author’s interest in various aspects of Risk Management, especially in the procedures which are applied by companies in case their functioning is faced with a serious threat. The most effective method used by business units is called Business Continuity Management (BCM) and focuses on the preparation and implementation of a Business Continuity Plan (BCP). The aim of this thesis is to present the role and significance of a Business Continuity Plan in the holistic process of a company’s Risk Management, and to characterize the contents of an exemplary Plan. The first chapter contains a general introduction into Risk Management and includes, inter alia, a description of multiple threats which are relevant to the company’s activity and a list of risk measurement methods. The second chapter discusses the concept of Business Continuity Management, explains the importance of Business Continuity Plan and characterizes the steps which lead to the development and implementation of this document. In the third chapter, there is a description of the contents which should be included in a Business Continuity Plan. That presentation is based on the author’s analysis of various BCPs and their templates. The exemplary materials enclosed in appendices have been provided by Punk, Ziegel Company, Business Link, London Borough and Wallsal Council. All the translations which are enclosed in the present thesis have been made by the author. The references have been edited in accordance with the traditional Footnote/Endnote System. 8 CHAPTER 1 RISK MANAGEMENT This chapter contains an introduction into the nature and types of risk, as well as a description of the methods by which risk is assessed and managed. All these issues are inseparably connected with the concept of Business Continuity Plan, which aims at making provisions for the whole spectrum of present and future threats that may put a company’s proper activity into danger. When a company decides to prepare and implement such a plan, it has to carry out a complex and accurate analysis of all the factors which may influence its operation, so that even the least expected dangers are taken into consideration. The first phase of drafting a BCP requires the recognition of existing and prospective risks, evaluation of their possible impacts and assumption of particular attitudes towards them. These vital steps are covered by Risk Management, which helps to organize the findings and solutions in a logical way. The proactive nature and principles of this comprehensive process will be presented and explained in the following chapter. 1. 1. The Definition of Risk Risk and uncertainty are inseparable parts of every aspect of life. As Jan Mikolaj writes, â€Å"risk is connected with human activity, while uncertainty applies to the environment. †1 When these terms are used in the scientific context, they must be precisely defined. Some of the authors of economic and financial literature do not stress the difference between them. For example, Allan Willet states that â€Å"risk is objective uncertainty of the occurrence of an undesirable event. †2 In his opinion, â€Å"risk changes in accordance with uncertainty, not with probability level. †3 Similarly, Joseph Sinkey defines risk as â€Å"uncertainty connected with some occurrence or profit 1 2 Jan Mikolaj, Risk Management, (RVS FSI ZU, Zilina 2001), p. 17. Allan Willet, The Economic Theory of Risk Insurance, (Philadelphia 1951), p. . 9 in the future. †4 Frank Reilly thinks that â€Å"risk is the uncertainty that the investment may not bring the expected return. †5 However, the prevailing trend in modern professional literature is to differentiate between them. According to the Dictionary of Economic and Financial Terminology by Bernard and Colli, risk is â€Å"the probability of incurring losses by a business unit as a consequence of making a certain economic decision by this unit. The probability results from the uncertainty of the future. 6 The same source states further that â€Å"the concept of uncertainty is used in the situation when calculus of probability cannot be applied, whereas the term risk concerns recurrent events which possibility of occurrence can be calculated using the calculus of possibility. †7 Similar classification is introduced by Frank Knight. In his opinion, risk is a â€Å"measurable uncertainty,†8 while â€Å"immeasurable uncertainty†9 is uncertainty sense stricto. According to Irving Pfeffer, â€Å"risk is the combination of hazard and is measurable by probability mathematics, whereas uncertainty is measured by the level of confidence. Risk is a state of the world while uncertainty is a state of mind. †10 To summarize, risk means â€Å"a condition in which there exists a possibility of deviation from an outcome that is expected or hoped for. †11 Risk â€Å"can be expressed as a probability, ranging from 0 to 100 percent. †12 What is important, although not often mentioned in professional literature, there is not only the negative aspect of risk, but also the positive one. Thus, it is a possibility of loss as well as gain. 3 4 ibid. Joseph Sinkey, Commercial Bank Financial Management, (New York: Macmillan Publishing Co. 1992), p. 391. 5 Frank Reilly, Investments, The Dryden Press, (London: Intenational Edition, Collins, 1988), p. 463 6 Bernard and Colli, Slownik ekonomiczny i finansowy, (Wydawnictwo â€Å"KsiaSnica†, 1995), p. 156. 7 ibid. , p. 157. 8 Frank Knight, Risk, Uncertainty and Profit, (Boston: University of Boston Press, 1921), p. 233. 9 ibid. 10 Irving Pfeffer, Insurance and Eco nomic Theory, (Illinois: Irvin Inc. Homewood, 1956), p. 42. 11 Reto Gallati, Risk Management and Capital Adequacy, (New York: Mc Graw Hill, 2003), p. 7. 12 ibid. , p. 8. 10 1. 2. Risk in Business Activity The volume and diversity of risk obviously depend on a company’s type and branch of economy, but risk as such is a phenomenon which accompanies in its versatile forms any kind and field of business activity. It may come from the external environment of a company as well as from the internal one. For some entrepreneurs, risk is a necessary evil, whereas for others it is an additional motivation, if not the main one. Whatever the point of view is, if a given business activity is to succeed, it is essential to recognize what are the kinds of possible risk, asses their possible impact and acknowledge ways of reacting towards them. Such identification will considerably help in developing a suitable attitude, which allows minimizing a potential loss and maximizing a gain. 1. 2. 1. Types of Risk Types of risk which threaten a company’s activity are complex and numerous. Classifications of risk provided by professional literature differ with regard to the assumed criteria. The following comprehensive categorization is based mainly on the division presented in the book Risk Management in Emerging Markets. How to Survive and Prosper by Carl Olsson13: †¢ business risk (also called strategic risk) concerns potential results of inappropriate strategies, inadequate allocation of resources and changes in economic or competitive environment; †¢ market risk is associated with potential results of changes in market prices. It can be divided into: – interest rate risk, –foreign exchange risk, – commodity price risk, Carl Olsson, Risk Management in Emerging Markets. How to Survive and Prosper, (London, Pearson Education United, 2002), pp. 35-36. 13 11 shares price risk; †¢ †¢ †¢ †¢ †¢ †¢ †¢ †¢ †¢ †¢ †¢ †¢ †¢ †¢ credit risk means that a debtor may not pay in due time; industry risk regards operating in a particular industry; liquidity risk applies to inability to pay debts because of the lack of available funds; operational risk means potential results of actions by people, processes, and infrastr ucture; accounting risk concerns a possibility of financial accounts not being in accordance with the reality; reputation risk regards the results of changes in a company’s reputation; country risk is associated with effects which the mother ountry’s and foreign countries’ economic policies may have over the company; sovereign risk applies to lending money to the government or a party guaranteed by the government; political risk means results of changes in political environment; legal/regulatory risk is associated with the consequences of non-compliance with legal or regulatory requirements; environmental/ecological risk applies to the changes in natural environment which affect a company; systemic risk concerns small events which may produce much larges results than expected; technological risk is associated with the consequences of bringing new technology products to the market and introducing new IT systems; natural risk concerns natural and space disasters. All these risks usually appear simultaneously and their effects are synergic. Therefore, none of them should be ignored when considering the company’s situation. After realizing the large number and complex nature of different types of risk involved in all aspects of business activity, a logical step is to try to estimate their potential impact and results. 12 1. 2. 2. Methods of Risk Evaluation An assessment of a particular risk, both internally- and externally-driven, allows taking an appropriate attitude towards it. As Andrzej Stanislaw Barczak writes, such a measurement involves both subjective and objective elements. 14 The subjective component consists in assuming a priori particular stipulations of a given evaluation tactic, as well as interpreting obtained results in a specific way. The objective constituent derives from the common agreement of the business circle on the methods widely applied to the assessment of risk. Two main types of risk measurement tactics are quantitative risk assessment and qualitative risk assessment. 1. 2. 2. 1. Quantitative Risk Assessment The main conception of quantitative risk assessment is to determine the cost of a given unwelcome occurrence, i. e. o calculate how big the loss would be if an adverse event happened. As it is pointed out in The Security Risk Management Guide, â€Å"it is important to quantify the real possibility of a risk and how much damage, in monetary terms, the threat may cause in order to be able to know how much can be spent to protect against the potential consequence of the threat. †15 This method involves: †¢ evaluation of assets (determining the overall value of a company’s assets, the immediate financial impact of losing the asset and the indirect value of losing the asset); †¢ measurement of the Single Loss Expectancy (SLE), which means â€Å"the total amount of revenue that is lost from a single occurrence of the risk. 16 It is calculated by â€Å"multiplying the asset value by the exposure factor (EF). The 14 Andrzej Stanislaw Barczak, Ryzyko – kategoria obiektywna czy subiektywna? , (Poznan: WSB, 2000), s. 30. 15 Microsoft, The Security Risk Management Guide, (Microsoft Corporation, 2004), p. 19. 16 ibid. , p. 18. 13 exposure factor represents the percentage of loss that a realized threat could have on a certain asset. †17 †¢ assessment of the Annual Rate of Occurrence (ARO), which is â€Å"the number of times that one can reasonably expect the risk to occur du ring one year. †18 This step is very difficult; it bases on historical data and previous experiences, and requires consultation with experts. calculation of the Annual Loss Expectancy (ALE), which stands for â€Å"the total amount of money that an organization will lose in one year if nothing is done to mitigate the risk. †19 This figure is established by multiplying the SLE and the ARO. †¢ valuation of the Cost of Controls (ROSI), i. e. establishing â€Å"accurate estimates on how much acquiring, testing, deploying, operating, and maintaining each control would cost. â€Å"20 It is estimated by using the following equation: (ALE before control) – (ALE after control) – (annual cost of control) = ROSI Although quantitative risk analysis provides clearly defined goals and results, all of the involved calculations are based on subjective estimates, which may prove inaccurate. Moreover, the whole process can be long and costly. 1. 2. 2. 2. Qualitative R isk Assessment In opposition to the quantitative method, qualitative risk assessment does not â€Å"assign hard financial values to assets, expected losses, and cost of controls†21 but instead, 17 18 ibid. , p. 19. ibid. , p. 19. 19 ibid. , p. 19. 20 ibid. , p. 19. 21 ibid. , p. 20. 14 â€Å"calculates relative values. †22 It involves distribution of questionnaires among people in the company who have relevant skills and knowledge, and workshops. The questionnaires are designed to discover what assets and controls are already deployed, and the information gathered can be very helpful during the workshops that follow. In the workshops participants identify assets and estimate their relative values. Next they try to figure out what threats each asset may be facing, and then they try to imagine what types of vulnerabilities those threats might exploit in the future. The information security experts and the system administrators typically come up with controls to mitigate the risks for the group to consider and the approximate cost of each control. Finally, the results are presented to management for consideration during a cost-benefit analysis. 23 This tactic does not require a lot of time and it is not a big burden for the people involved. What is more, the results of the implemented solutions are quickly visible. However, the estimated figures are often perceived as too vague. These two presented approaches are often used together in order to obtain the most comprehensive information about a potential threat. Although scientific methods of risk assessment are helpful in estimating the possible impact which particular occurrences may have on the company’s activity, it is essential to remember that none of the methods can be perceived as 100% trustworthy and absolutely infallible. However, even if it is impossible to predict all threats and provide for all undesirable events, the significance of risk evaluation tactics combined with human knowledge, experience, imagination and intuition cannot be questioned. 1. 3. Risk Management in Business Activity The fact that the phenomenon called risk is measurable and its occurrence may be predicted means that it is also possible to take preventive measures and proactive attitude towards it. As Reto Gallati stresses, â€Å"the term Risk Management is a recent creation, but the actual practice of risk management is as old as civilization itself. †24 In everyday life, people face risk in a varying degree all the time and they manage it in a natural way so as to minimize undesired impact and render possible profits. 22 23 ibid. , p. 20. ibid. , p. 20. 15 Certain individuals even enjoy plunging into extraordinarily dangerous situations in order to check how they will cope in difficult moments. However, Andrew Holmes notices that â€Å"at the individual level, if a person takes a risk and fails to manage it properly, the damage is limited to him, and maybe his near relatives,†25 while â€Å"the management of risk for organizations is not as simple. †26 As it was presented in the part 1. 2. 1, the company is a subject to various and multiple threats. Holmes stresses that â€Å"ultimately, all risks have a financial impact. †27 The complexity of the required actions aimed at coping with the risk means that â€Å"within the modern corporation, risk management must encapsulate managing strategic, business, operational, and technical risks, rather than those associated with pure finance such as credit, interest rate, and currency risk. †28 Nowadays, Risk Management is not an extra feature added to a company’s basic activity, but â€Å"an essential skill of all modern corporations. †29 All usiness units should realize its great importance , because it is essential not only for their success but simply survival. According to Holmes, a company’s attitude towards the risk depends on its risk sophistication, which can be divided into five stages30: †¢ at the lowest level of sophistication (reactive stance), risks are dealt with only when they turn into live issues or when crisis strikes. There is no effort to recognize and measure possible risks in advance. †¢ At a slightly more sophisticated stage, a company understands the importance of risk management and takes the trouble to identify and manage threats more actively. It tends to seek out the best practice and views adverse events in a wide context. At the next level, there are organizations which acknowledge the need to manage risks throughout the organization and usually develop some form of 24 25 Reto Gallati, Risk Management and Capital Adequacy, (New York: McGraw Hill, 2003), p 11. Andrew Holmes, Risk Management (Oxford: Capstone Publishing, 2002 ), p. 2. 26 ibid. 27 ibid. 28 ibid. 29 ibid. 30 ibid. , p. 8. 16 risk management framework to ensure consistency of approach. †¢ At the following stage, a company understands the link between risk and reward. It is aware that for every risk there is an associated opportunity which can be exploited. Such a business unit is often a market leader and is willing to take risks to achieve its strategic objectives. At the ultimate level of risk sophistication, there are organizations which integrate risk management with the goal of enhancing shareholder value. Thus, they shift the responsibility for risk management away from the traditional areas of audit and compliance to everyone within the organization. Of course, the active process of Risk Management requires commitment and focus as it means following a deliberate set of actions which are designed to identify, quantify, manage and then monitor the events or actions that could lead to financial loss. Often, there is too little data about a given risk, and therefore, this kind of management may involve a large degree of judgment and assumptions concerning the future. 1 Yet, all the effort is worthwhile as â€Å"successful organizations tend to be excellent risk managers, not only because they understand the risks they face, but also because of how they manage them. Conversely, those organizations that are poor at risk management spend no time scanning the risk horizon, instead leaving their futures to fate. This invariably means shocks, falling market share, takeovers and missed opportunities. †32 As Holmes reflects, â€Å"risk management is both an art and a science, and being successful depends on how well the two are kept in balance. †33 1. 3. 1. Methods of Risk Management John Holliwell, the managing director of Smith Williamson Consultancy, once said, â€Å"There is nothing wrong with risk. It is the lifeblood of business and the test of entrepreneurs and managers. What matters is how you handle risk and the culture in 31 32 ibid. ibid. 17 which you operate. ’’34 A similar thought is expressed by Clifford Tijok, â€Å"Entrepreneurial behaviour demonstrated in real life entails, i. a. , the ability to enter into calculated risk, so that return-driven opportunities can be pursued and the ability to identify the relevant risks associated with these opportunities and the decision on appropriate behaviour to address these risks. †35 When a company decides on its risk management techniques, it usually analyses the following features: Table 1. Factors influencing the type of risk management framework required by the organization36ors the type of risk managementframework required by an organizatio FACTORS INFLUENCING RISK MANAGEMENT REQUIREMENT DIMENSIONS TO CONSIDER Strategy risk appetite of owners/risk managers industry geographical coverage aggressive or conservative risk taking or risk averse sunrise or sunset industry; primary, manufacturing, service sector local, national, regional or global is the company critically dependent on critical success factors one or two factors which require close management? volatility is the environment likely to change significantly or unpredictability? monopoly, few or limited number of osition in industry players, or free market with many players and no barriers to entry is the area of operations highly controlled by regulatory environment legislation and/or regulatory bodies? are regulators intrusive or hands off? 33 34 ibid. ibid. , p. 2. 35 Clifford Tijok, Risk Management in Finance, (Lehrverangstaltung, 2005), p. 8. 36 Carl Olsson, Risk Management in Emerging Markets†¦ pp. 110-111. 18 is deregulation occurring or the level of regulation increasing? management style centralized or decentralized adequate or inadequate people and resources technology resources, financial position – adequate funds available, highly or lowly geared. tatus/ownership Organizational culture Public or privately owned Is the culture strong or weak? are they simple and predictable or nature of risks faced complex/ unpredictable? is the size of risks manageable or is catastrophic risk a cause for concern? Such an analysis leads to adopting one of the main risk management techniques, as presented by Cliff Tijok37: †¢ †¢ †¢ risk limitation – a company establishes its range of tolerance towards a given risk and constantly monitors whether the limits are not breached; risk avoidance – a company chooses the least risky option or none of them; risk transfer – a company reduces or completely transfers specific risks by hedging against a risk (i. e. , obtaining insurance) or diversification. Whatever the approach is, managing risks â€Å"takes a degree of courage and requires the organization to take responsibility for its actions. †38 It is a continuous process, which is â€Å"based on a distinct philosophy and follows a well-defined sequence of steps. †39 After the application of the methods and rules provided by risk management, the obtained data are organized in a clear and logical way. This is the basis which allows the company to go one level up and prepare action schedules that will be used in case a recognized danger occurs. An essential part of such planning is encompassed by Business Continuity Management and will be discussed in the next chapter. 37 38 Cliff Tijok, Risk Management†¦ pp. 12-13. Andrew Holmes, Risk Management†¦ p. 2. 39 Reto Gallati, Risk Management†¦ p. 11. 19 CHAPTER 2 BUSINESS CONTINUITY MANAGEMENT This chapter provides information on what is Business Continuity Management, when it appeared in the history of manag ement, what purposes it serves and how it should be organized and introduced into a company’s activity. Moreover, it contains a description of the steps which lead to the preparation of a Business Continuity Plan and of the implementation process that follows. Business Continuity Management forms an integral part of Risk Management. It met with particularly deep interest in the 1990s as the result of the frenzy which concerned the year 2000. At that time, there were many anticipated business continuity problems, implicated by the date change in computer systems. Business Continuity Management became even a bigger focus of attention in 2001, after the terrorist attack in New York. As Michael Gallagher observes, that huge calamity â€Å"increased awareness of business interruption issues, resulted in a better understanding of critical processes and vulnerabilities and improved co-operation and collaboration between public and private sectors on emergency management questions. †40 Lyndon Bird adds that â€Å"‘business today has far more economic interdependency between regions than ever before. There are often global consequences when risk becomes reality. 41 Yet, at the same time â€Å"there is a growing awareness of what business continuity really is about and why it is so important to both businesses and individuals. †42 8 2. 1. The Concept of Business Continuity Management Business Continuity Manage ment (also called BCM) is defined by the Business Continuity Institute as â€Å"a holistic management process which identifies potential Michael Gallagher, Business Continuity Management, (Edinburgh: Pearson Education Limited, 2003), p. 7 41 Lyndon Byrd, â€Å"Business Continuity Management in a shrinking world,† Business Continuity Risk Management (a supplement distributed in The Times), July 26 2006, p. 2 40 20 mpacts that threaten an organization and provides a framework for building resilience and the capability for an effective response that safeguards the interests of its key stakeholders, reputation, brand and value creating activities. † Its main purpose is to enable the company’s regular functioning, even though everyday operations are disrupted. As Lorraine Lane observes, â€Å"organizations must be capable of withstanding the shocks that can so easily distract management from their primary purpose of meeting and beating their ‘normal’ o perational goals. †43 BCM appears as the solution that is exactly needed to guarantee such stability to the business. Obviously, BCM looks different in various companies as each organization is a unique system of multiple factors and interdependencies. Dr David Smith explains that â€Å"because of its all-embracing nature, the way BCM is carried out will inevitably be dependent upon, and must reflect, the nature, scale and complexity of an organization’s risk profile, risk appetite and the environment in which it operates. †44 Gallagher supports this view by stating that â€Å"the plan must fit comfortably with the culture and management style of the organization. For example, the type of plan that suits a financial institution would be totally inappropriate in a radio or television broadcasting organization. †45 It is also very important to acknowledge that the company’s BCM must be continuously revised and tested, in order to stay valid and fulfill its tasks. As Dr Smith emphasizes, â€Å"BCM is, by necessity, a dynamic, proactive and ongoing process. It must be kept up-to-date and fit-for-purpose to be effective. 46 Maintaining the validity of proper plans and policies is actually more difficult than establishing them, but this is what constitutes the point of developing BCM by a business. On the following page, there is an approximate structure of steps involved in Business Continuity Management, which is focused on planning. 42 43 ibid. â€Å"Corporate resilience: the new regime,† Business Continuity Risk Management,†¦, p. 11 44 David Smith, â€Å"Business continuity and crisis management,† Management Quarterly, July 2003, p. 27 45 Michael Gallagher, Business Continuity Management,†¦, p. 43 46 ibid. 21 Scheme 2. 1. Procedures involved in Business Continuity Management47 INPUTS 1. 2. 3. 4. 5. 6. scope definition desired objectives policies and standards inventory – information, technology, people management commitment finance ANALYSIS ASSET ASSESSMENT BUSINESS IMPACT ANALYSIS TECHNICAL REQUIREMENTS 1. analyze BIA and Asset Assessment 2. list technical strategies based on the analysis of each asset and business process in scope 3. document drawbacks and advantages of each listed strategy 1. identify and quantify asset needs 2. document ownership 3. assign weight based on importance 4. assess exposure 5. identify access control and other preventive measures 1. rate processes based on criticality 2. identify dependencies 3. identify custodian 4. identify threats and consequences 5. identify safeguards needed/possible 6. list critical resource requirement 7. quantify acceptable owntime and and losses DEVELOPMENT 1. 2. 3. define continuity goals and chosen strategy in the form of a plan acquire resources needed for preparing and implementing the continuity plan test the plan RESULTS 1. 2. 3. 4. preventive control Business Continuity Plan continuity team training plan for team 47 Padmavathy Ramesh, Business Con tinuity Planning, (Tata Consultancy services, 2002), p. 28 22 2. 1. 1 The Evolution of BCM As Halls observes, â€Å"Business Continuity Management is a relatively modern idea. Its first mentions can be found in the 1980s, although it was only in the very late 1990s that it became a more widespread as a business discipline. 48 In fact, Business Continuity Management is â€Å"the outcome of a process that started in the early 1970s as computer Disaster Recovery Planning (DRP) and then moved through an era where the emphasis was on business continuity planning rather than on management. †49 In that time, computer managers were responsible for DRP. Soon, they realized that â€Å"the concentration of systems and data in itself created new risks; computer operations management introduced formal procedures governing issues such as backup and recovery, access restrictions, physical security, resilience measures such as alternative power supply, and change control. †50 In 1970 s, if a big problem appeared, the tolerated downtime was not measured in hours, but days. Therefore, â€Å"the cost of back-up computers sitting idle in an alternative location waiting for a disaster to happen was prohibitive. However, for some companies, data safety was a priority; no matter at what cost it would be obtained. As Gallagher points out, â€Å"organizations such as banks were in a more vulnerable position and invested considerable resources in installing and testing computers at alternative sites. Back-up tapes or disks were increasingly stored at protected locations well away from the computer centre. †51 Later, in the 1980s, commercial recovery sites offering services started to appear, often on a shared basis. â€Å"This was the start of the sophisticated recovery centers that operate today,†52 notes Gallagher. However, they all concerned mainly IT: â€Å"The disaster recovery plans documented the actions required to safeguard and restore computer op erations. These covered computer processing, computer applications, telecommunications services and data after a disruptive event. The objectives were to 48 49 Michael Halls, â€Å"What is Business Continuity Management? † †¦ Michael Gallagher, Business Continuity Management,†¦, p. 6 50 ibid. 51 ibid. 52 ibid. 23 prevent or at least minimize the impact that such an event would have on the business. †53 Such plans were far from being perfect as â€Å"they were more concerned with, for example, restoring a company’s financial systems to an operational state than with worrying about whether there would be accommodation available to allow the staff of the finance department actually to use the systems. 54 Not much attention was paid to implementing BCL into every aspect of the company’s activity. In 1990s, a significant change in the IT environment took place and the movement from DRP to Business Continuity Planning became considerably quicker. Gallagher confi rms that â€Å"throughout this decade, and into the 2000s, there were significant changes in the IT approach to DRP/BCP and in what constituted acceptable downtime. The emphasis moved from being mainly on IT to an approach that considered all aspects of an organization’s business and relationships. †55 It is only then that â€Å"BCP has become BCM with the emphasis on management – not just planning. This encompasses the emphasis on risk management and the measures to be taken to reduce risk. BCM is no longer regarded as a project – it is now a program, emphasizing that it is a continuous process rather than a task with a defined enddate. †56 The next step is to make managers of all companies aware of the importance of BCM as â€Å"the increased recognition of BCM means that a greater budget allocation may be available to it. More significantly, the message preached by business continuity practitioners for years that business continuity principles should be an integrated part of the business planning process may be heard. † 57 2. 1. 2 The Significance of BCM Thanks to proper Business Continuity Management, a company has a professional plan which allows acting as quickly and efficiently as possible in case a dangerous 53 54 ibid. ibid. 55 ibid. 56 ibid. 57 ibid. 24 event happens, because â€Å"BCM not only aims to provide continuity in customer service at a minimum acceptable level, it also aims to limit the impact on the financial position of an organization by ensuring that its critical functions continue to operate during a crisis and that the remainder are recovered in a controlled manner. †58 Therefore, when a BCP is applied, there are no chaotic, haphazard attempts to minimize the losses as clear and logical procedures have been devised earlier and communicated to the staff. As Mel Gosling notices, â€Å"decisions made in the first few hours of an event that causes serious disruption to an organization’s operations are critical, and actions undertaken in the first few days will have a significant financial impact†59 and â€Å"a company that has an effective and well-tested Business Continuity Plan is more likely to take the right decisions in the first few hours and to subsequently undertake the best actions to limit the impact on its financial position. It has a better chance of incurring significantly less additional expenditure at the time of a disruption. †60 Moreover, â€Å"one of the benefits that implementing business continuity management brings to a firm, which is not immediately apparent, is an understanding of what the business does and what is important to it. †61 In this way, a company can analyze its allocation of resources and improve it, as well as â€Å"find out what is critical and of value, and what can be outsourced or left undone. †62 Besides, certain companies, e. g. , financial institutions, are legally obliged to develop BCM and maintain an effective business continuity plan. It is also becoming increasingly common that businesses require from their suppliers to be presented with their BCM plans. This facilitates the process of assessing the supplier’s infallibility and constitutes an element of developing a sound business relationship. Mel Gosling, â€Å"Why invest in business continuity,† 1 February 2007, . 59 ibid. 60 ibid. 61 ibid. 62 ibid. 62 ibid. 58 25 The investment into Business Continuity Management is beneficial not only in the matter of a business being prepared for multiple diverse crises. It also adds significantly to the company’s reputation and brand image by â€Å"demonstrating effective and efficient governance to the media, markets and stakeholders. 63 Moreover, it enhances the competitive advantage of the business, because to some investors and customers it may be a vital factor in deciding to which company they should entrust their capital. Osborne explains it as follows, â€Å"To a firm’s shareholders it ’s part of investor relations – you are showing your commitment to keeping their investment safe. To a firm’s staff it is labour relations – you are showing your willingness to protect the livelihood of your staff. †64 Furthermore, he stresses that â€Å"it’s customer relations too – you’re demonstrating your commitment to providing a service for them even in the most extreme of circumstances. †65 Last but not least, devising professional plans and keeping them updated increases the company’s credibility in the eyes of nsurers and auditors because they are becoming increasingly aware of the importance of BCM. As Osborne observes, â€Å"Five years ago, auditors simply would have said to their clients, do you have a plan in place? A couple of years ago, they would have wanted to inspect it, to see if every contingency was covered and how practical it appeared to be. Nowadays, they will ask how it worked in practice. When it was last tested and what were the results? †66 What is more, â€Å"insurers like to see evidence that all reasonable steps have been taken to understand the past accident record and that actions have been put in place to prevent them from happening again. 67 This is confirmed by Gosling, who states that â€Å"insurance companies themselves are now starting to realize the opportunities that business continuity provides for loss reduction, and it is becoming increasingly common for a condition of insurance cover to be the existence of a business 63 64 David Smith, â€Å"Business continuity and crisis management,† †¦ p. 27 Ask the panel of business continuity experts,† †¦ 65 ibid. 66 ibid. 67 â€Å"Pro-active Risk Management: Avoiding catastrophe. † Business Continuity Risk Management,†¦, p. 14 26 continuity plan. †68 All in all, devising and implementing an effective BCM plans brings versatile advantages to a company, while th e failure to do so â€Å"means taking an unnecessary risk with an organization’s future and profitability. †69 2. 1. 4 Continuity Culture in a Company A vital step in forming Business Continuity Management in a company is to instill a proper attitude in the staff. Michael Gallagher believes that â€Å"it is about creating a continuity culture in the organization. This can be at least as important as producing the actual plans. †70 He also states that â€Å"for BCM to work, it must be driven from the top. â€Å"71 Therefore, senior managers must understand that BCM is â€Å"not just another expense but also a significant resource,’ 72 as Mike Osborne assures. However, the amount of data that has to be taken into consideration while developing preventive measures is overwhelming. Lane points out that â€Å"while responsibility for corporate resilience sits firmly with the executive board, the skills and experience required to combat the growing list of disruptive threats exists throughout the organization. 73 Thus, in large companies, it is a wise move to appoint a full-time Business Continuity Manager, whose tasks are to accumulate the relevant knowledge from all departments and co-ordinate proper procedures, as well as devise professional plans and keep them updated. Smaller businesses may use the services offered by consulting companies. The staff’s awareness of specific procedures ready to be applied in case of any foreseeable disaster enhances their efficiency and identification with the company. Instructing them of the specific plans encourages them to pay bigger attention to the safety issues, which significantly contributes to the BCM process. 68 69 Mel Gosling, â€Å"Why invest in business continuity,† †¦ ibid. 70 Michael Gallagher, Business Continuity Management,†¦, p. XI 71 ibid. 72 â€Å"Ask the panel of business continuity experts,† Business Continuity Risk Management,†¦, p. 12 73 David Smith, â€Å"Business continuity and crisis management† †¦ p. 27 27 Gallagher explains that â€Å"if the business continuity culture is sufficiently developed, the continuity considerations will be a natural part of the development of the plans. †74 2. 2 BCM and the Company’s Size For the definite majority of large corporations, BCM is a regular part of their activity but, as Gallagher states, â€Å"there is a feeling that it is not a matter of concern to the smaller business. 75 This happens because â€Å"a lot of the emphasis in the business continuity press, and in business continuity material generally, relates to large organizations and to the financial services industry. † 76 While â€Å"for the largest corporations and those with enormous sums of money at stake, the complexity of planning is breathtaking,†77 â€Å"small and medium-sized enterprises tend to get ignored when talking about business continuity planning. The planning is more prosaic. The challenges are fewer. And most importantly, their budgets are smaller. †78 Another problem is the fact that â€Å"smaller companies are typically less aware of the correct procedures than larger firms where systems have been developed. 79 The managers of small and medium-sized businesses simply tend to think that their company’s size is a kind of safeguard against a disaster, or that potential recovery will be quick and simple, so â€Å"the process of developing a plan is perceived as too complicated, involving excessive costs and management time. †80 However, Mike Osborne emphasizes that â€Å"the issue for small to medium sized businesses is that they often do not have the inherent resilience that say, a UK multinational has. †81 He warns the managers against an illusive safety feeling as â€Å"smaller firms often trade from a single location and do not benefit from vast armies of support staff and Michael Gallagher, Business Continuity Management,†¦, p. 88 Michael Gallagher, Business Continuity Management,†¦, p. 28 76 ibid. 7 Michael Halls, â€Å"What is Business Continuity Management? † Business Continuity Risk Management,†¦, p. 3 78 Michael Halls, â€Å"Small is still beautiful (but riskier too),† Business Continuity Risk Management,†¦, p. 10 79 ibid. 80 â€Å"It’s never too late to plan for the future,† Business Continuity Risk Management,†¦, p. 15 75 74 28 specialists who can react to and recover from an incident. If they are hit by a disaster, the impact is greater then it would be the case in a larger organization. †82 This view is supported by Gallagher, who states, â€Å"Sm all businesses should remember that their biggest threats do not come from high profile incidents such as earthquakes or terrorist bombs. It is the dozens of relatively minor issues such as prolonged power outages or computer network failures that may cause the problems. The vast majority of problems are caused by people or process failures. †83 He points out that â€Å"this is where the effort and investment should be concentrated. Because of size, the process is simpler and the cost will be proportionally less than for larger organizations. The consequences of not having a plan are, however, likely to be disastrous. †84 Therefore, as Michael Halls stresses, â€Å"Business Continuity Management is a must for companies of all sizes. A small firm that loses its data will go out of business just as surely as a larger one. †85 2. 3 BCM in Relation to Insurance Some managers wonder why they should engage themselves into Business Continuity Management while their company is insured. To them, devising a BCM plan seems to be an unnecessary waste of time and money, because they think that risks are looked after by the insurers and thus, there is no need to worry. But these are absolutely false conclusions. As Mark Baylis emphasizes, â€Å"insuring the risk is not the answer, because it is better for the business that the problem does not happen at all. † 86 This view is supported by Gallagher, who states that â€Å"insurance is simply a necessary part of the total business protection and recovery plan – but it is only a part. 87 Although it is true that insurance provides financial aid in case a disaster strikes, the money may 81 82 ibid. ibid. 83 Michael Gallagher, Business Continuity Management,†¦, p. 28 84 ibid. 85 Michael Halls, â€Å"Small is still beautiful (but riskier too),† †¦ 86 Mark Baylis, â€Å"Weak links in the supply chain,† Business Continuity Risk Management,†¦, p. 11 87 Michael Gallagher, Business Continuity Management,†¦, p. 33 29 arrive after quite a long period. Moreover, â€Å"insurance for loss of profits, or for increased cost of working, will cover only a defined period – which in practice may prove to be inadequate. †88 Besides, â€Å"proving loss of profits can be very difficult. The outcome may be based on historical performance and may not take account of recent market developments. †89 It is also very important to notice that insurance will not â€Å"keep customers supplied or guarantee that market share will be recovered,†90 nor will it â€Å"protect the organization’s reputation and image. †91 Last but not least, as it was mentioned in the previous paragraph, there may be a situation when the insurer refuses to provide a cover unless the company devises a BCM, because nowadays businesses are required to act more actively in protecting themselves from various possible risks. Therefore, it is vital for a firm to have efficient Business Continuity Management in order to obtain insurance on favourable terms. To sum up, managers must remember that â€Å"insurance is reactive – while it has its place, the whole protection process must be more proactive and BCM is the key. †92 2. 4 Business Impact Analysis Business Impact Analysis (also known as BIA) is the most important tool of Business Continuity Management. Gallagher defines it as â€Å"a management-level analysis that identifies the impacts of losing company resources. It measures the effect of resource loss and escalating losses over time in order to provide senior management with reliable data upon which to base decisions on risk mitigation and continuity planning. †93 The BIA process â€Å"identifies and ranks the business processes, 88 89 ibid. , p. 34 ibid. 90 ibid. 91 ibid. 92 ibid. 93 ibid. , p. 146 30 criticalities and dependencies. 94 It is closely related to risk analysis, which was discussed in the previous chapter, therefore, it may base on the materials that have already been gathered during the gener al Risk Management process in the company. The method by which BIA is carried out â€Å"depends on the nature of the organization – size, structure, local or international, etc. †95 Generally, in order to maximize the efficiency of a BIA processes, standardized questionnaires should be used. They should contain questions which are formed in such a way as to provide information that concerns the following issues: †¢ †¢ the nature of given problems; the impact of the problems, which should be presented from different perspectives, e. g. the company’s reputation, costs involved, loss of future business, etc. †¢ †¢ †¢ the influence that may be caused by the problems at different times of the day, week, month and year; the kind of resilience that may be currently provided in a quick and easy way; the recovery from the addressed problems (time needed for recovery, priorities for resumption, duration of backlog, additional costs, insurance cove r); †¢ †¢ the available workarounds and the way they operate; the continuity and recovery requirements, e. g. , accommodation, computer systems, etc. 96 After the questionnaires have been filled in, the Business Continuity Manager prepares a comprehensive report which presents the company’s Business Impact Analysis. The report is composed of the following parts: 1. Introduction 2. Executive Summary 3. Background to Study 94 95 ibd. , p. 47 ibid. 96 cf. Michael Gallagher, Business Continuity Management,†¦, p. 57 31 4. Current State Assessment 5. Threats and Vulnerabilities 6. Critical Business Functions/Operations 7. Business Impacts – Operational and Financial 8. Potential Strategies 9. Recommendations 10. Conclusion 11. Appendices97 Thanks to the logical and substantial structure, the report fully represents the current standing of the company, clearly indicates its weak points and realistically describes possible procedures. Business Continuity Management is an extremely important process, which not only enables the assumption of proper attitudes towards multiple threats that endanger a firm’s functioning, but it also significantly deepens the understanding of the business and improves the staff’s morale. Proper implementation of BCM in a company leads to the creation of a Business Continuity Plan, which will be discussed in detail in the following chapter. 32 CHAPTER 3 BUSINESS CONTINUITY PLAN In the previous chapters, the importance of Business Continuity Management was explained and it was stated that devising a Business Continuity Plan is one of the main tasks of this type of management. This chapter provides information on how to construct, implement and test a Business Continuity Plan. Moreover, it contains a description of the most frequent mistakes that appear while drafting a BCP and advises how to avoid them. The exemplary plans and templates on which the analysis is based are attached as Appendices B, C, D, E and F at the end of the present thesis. 3. 1 The Structure of an Exemplary Business Continuity Plan Business Continuity Plans vary in length and are divided into different parts, which mostly depends on the size and type of a company. However, certain sections are vital and thus common for all the plans. They should be organized in such a way as to enable quick access to the required information. These crucial parts will be successively discussed herein. 3. 1. 1 Front Page and Introduction On the front page of a Business Continuity Plan, there should be written the name of the company, the issue date and a distinct lettering stating BUSINESS CONTINUITY PLAN. Moreover, if the Plan is confidential, it should be indicated on the front page as well. Optional elements inserted here may include contact details for feedback, references, the revision date, etc. These components are followed by an introduction, which consists of a distribution list (copy number, name and location) and a table of contents. 97 cf. Michael Gallagher, Business Continuity Management,†¦, p. 57 33 3. 1. 2 Aim This section should contain the description of the purpose for which the Plan has been created. It usually gives examples of possible disasters and explains the objectives which the plan is intended to meet in case of a calamity. What is more, a company which wishes to convey an especially powerful message concerning its reliability may include in this part a summary of the extensive works and professional researches which have been involved in the development of the Plan. 3. 1. 3 Critical Functions Checklist Critical Functions are these activities without which the company would not be able to perform. In order to prepare a Critical Functions Checklist, the following steps should be completed: †¢ †¢ †¢ †¢ †¢ the identification of Critical Functions, e. g. , sales and distribution; the description of the Functions in terms of the impact which may be caused by their interruption in the first 24 h, 48 h, one week and two weeks; the prioritization of the Functions; the ascription of a reasonable timeframe within which the recovery is possible; the determination of resources which will be necessary in the recovery process, such as: a) the staff – the required number of people, their knowledge and skills; b) alternative location – e. g. the staff working at home or provisional premises; together with necessary equipment like computers, cars; c) data – information and documents, e. g. , insurance certificate, service, customers and suppliers details ; d) communications – all ways in which customers, suppliers, the staff and media can be contacted in case of disaster. 34 Such a Checklist allows ensuring that â€Å"critical tasks are completed on time and according to a pre-agreed priority schedule. It may also be used to provide a handover document between different shifts in the recovery process. †98 3. 1. 4 Risk Analysis Table This part should contain a table comprising a list of dangers which may interrupt and threaten the activity of the company. The matrix presented below may be used to ascribe values to the particular risks with regard to the likelihood of their occurrence and their potential impact. Table 3. 1. 4 Risk Matrix LIKELIHOOD NEGLIGIBLE CATASTROPHIC RARE UNLIKELY POSSIBLE PROBABLE M M M L L H H M L L VH VH H M L VH VH H M L VH VH H M L IMPACT SIGNIFICANT MODERATE MINOR INSIGNIFICANT Legend: L – low, M- medium, H – high, VH – very high Moreover, there may be also attached a list of possible losses, endangered people and equipment, as well as the actions which had to be taken in case a particular risk occurs. 98 Appendix D, p. 77. 35 3. 1. 4 Emergency Response Checklist Such a Checklist greatly facilitates the performance of people involved in fighting a potential adverse event. It also acts a concise register of actions that were taken after the disaster happened. It should be later analyzed, developed and improved. It is preferable that tasks to be completed are organized in the form of a table, together with a column in which the date of termination will be written down. The actions may be listed as follows: †¢ during the first 24 h a) to establish the Actions and Expenses Log, which is a more detailed and comprehensive version of the Emergency Response Checklist; b) to contact emergency services; c) to identify and approximately assess the damage which has been incurred by the staff, equipment, buildings, data, etc. d) to determine the critical functions which have been interrupted; e) to decide on the steps that need to be taken within the recovery process, which is based on the Critical Function Checklist; f) to contact the staff, customers, suppliers, insurers, relevant authorities and other stakeholders in order to assure them that the situation is under control; g) to issue a special PR statement to the media. †¢ daily within the recovery period a) to update the Actions and Expenses Log; b) to provide valid information to the staff, customers, suppliers, insurers, relevant authorities and other stakeholders, as well as the media; †¢ after the recovery period a) to interview the staff with respect to their welfare needs; b) to analyze the Emergency Response Checklist and Actions and Expenses Log in order to introduce possible improvements into the Business Continuity Plan. 36 As it can be seen, the response to the crisis should focus on its effects, not on the causes. The reasons of the adverse event should be identified as quickly as possible, but a comprehensive analysis of them must not be performed before the main steps of the recovery process have been taken. 3. 1. 5 Roles and Responsibilities This section should contain information and contact details regarding the people who are responsible for the shape and content of the Business Continuity Plan (e. g. , Business Continuity Manager, the BCM Team). Moreover, there may be included a list of duties which are ascribed to the particular staff members in case an adverse event happens. Last but not least, it is necessary to indicate the names and contact details of the co-ordinators of the recovery process, help-line numbers (possibly, with pre-recorded messages) and location of meeting rooms and the Business Recovery Command Centre, together with maps. 3. 1. 6 Contact List In this part, there should be listed the following contact details: †¢ staff members (divided in respect to the departments) and their next of kin a) name, b) address, c) work telephone number, d) home telephone number, e) mobile telephone number, f) e-mail address; †¢ key suppliers a) name, b) provided goods, c) address, d) telephone/fax number, 37 e) e-mail address; †¢ key customers a) name, b) service/good used, c) address, d) telephone/fax number, e) e-mail address; †¢ mergency services (ambulance, fire service, flood line, hospitals, police) a) address, b) telephone number; †¢ utilities (water, telecommunication, gas and electricity companies) a) name, b) telephone number, c) e-mail address; †¢ insurers and banks a) name, b) address, c) telephone/fax number, d) e-mail address; †¢ authorities a) name b) address c) telephone/fax number; †¢ media a) name, b How to cite Business Continuity Plan as a Part of Risk Management, Essay examples

Question Papers Essay Example

Question Papers Essay Model Question Paper Subject Code: BC 0058 Subject Name: Data Warehouse Credits: 4 Marks: 140 Part A (One mark questions) 1. When a large number of transactions are taken and stored to be dealt with at a later time without the presence of a user, the process is known as †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦.. a. OLTP system b. batch processing. c. Data warehousing d. None of the above. 2. OLTP stands for a. Online Transaction Processing b. Offline Transaction Processing c. Online Transfer Process d. Offline Transfer Process 3. Who is the Father of Data Warehouse? a. Michael Reed b. Bill Inmon c. Ralph Kimball d. Dr. Rakesh Agarwal. 4. Which is not a type of data warehouse. a. Federated Data warehouse b. Distributed Data warehouse c. Real time Data warehouse d. Subject oriented Data warehouse 5. Which is not a Key Issue during data warehouse construction. a. Values and expectations. b. Risk assessment. c. a b both d. None of the above 6. The _____approach is to start by building individual data marts one by one. a. Top down b. Bottom up c. best-of-breed d. None of the above 7. _________ is known worldwide as an innovator, writer, educator, speaker and consultant in the field of Data Warehousing. a. Michael Reed b. Bill Inmon c. Ralph Kimball d. Dr. Rakesh Agarwal 8. With the ___________ approach, compatibility among the tools from different vendors could become a serious problem a. Top down b. Bottom up c. best-of-breed d. None of the above 9. The structure that brings all the components of a Data Warehouse together is known as the†¦Ã¢â‚¬ ¦. a. Organization b. Architecture c. System d. structure 10. Which data is supported by different database systems and operating systems and is the data from many vertical applications. a. Production Data b. Internal Data c. External Data d. Archived Data 11. We will write a custom essay sample on Question Papers specifically for you for only $16.38 $13.9/page Order now We will write a custom essay sample on Question Papers specifically for you FOR ONLY $16.38 $13.9/page Hire Writer We will write a custom essay sample on Question Papers specifically for you FOR ONLY $16.38 $13.9/page Hire Writer Which applications are knowledge discovery systems where the algorithms help you discover trends and patterns from the usage of your data. a. Ad hoc b. MD analysis c. Data-mining d. EIS Feed 12. A __________ is a repository of data gathered from operational data and other sources that is designed to serve a particular community of knowledge workers . a. Data-Mining b. Data Mart c. Metadata d. Data warehouse 13. Which Data Model describes data from a high level. a. Logical b. Physical c. External d. Conceptual 14. Which technique is a discipline used to illuminate the microscopic relationships among data elements. . Dimensional Modeling b. Star schema c. E-R modeling d. Data warehousing 15. The main purpose of ER modeling is a. To improve analysis for decision making b. To remove redundancy c. To record historical data d. All the above 16. Dimension modeling is represented using a. Snow-flake schema b. Star schema c. Fact constellation d. Granularity schema 17. Data extraction, transf ormation, and loading encompass the areas of data acquisition and ______ a. Data loss b. Data regain c. data storage. d. Data transfer 18. ________ presupposes a selection process and select the needed data based on the user requirements. . Data extraction b. Data transformation c. Data loading d. data storage 19. _______ implies physical movement of the data from the computer storing the source database to that which will store the data warehouse database, assuming it is different. a. Extraction b. Transformation c. Loading d. Storing 20. Which of the following is not the type of data loading a. Initial Load b. Incremental Load c. Full Refresh d. decremental load 21. The state of completeness, validity, consistency, timeliness and accuracy makes data appropriate for a specific use. a. Data warehouse b. Data mining c. Data quality d. Data mart 22. ____refers to the methods of automatically identifying objects, collecting data about them and entering data into the data warehouse a. Data capture b. Data Integration c. Data Profiling d. Data Cleansing 23. Which is not a popular OLAP tool a. Business Objects b. Cognos c. SAS/OLAP Studio d. None of the above 24. Data stored by operational systems, such as point-of-sales, are in types of databases called ____ a. ERP b. Supply chain management c. Online Transaction Processing. d. Customer relationship management 25. A data model consists of a. Structural part b. Manipulative part c. Set of integrity rules d. All the above 26. ______is a process of modeling and formalizing data requirements is an intrinsic part of the database design process. a. Data modeling b. Data extraction c. Data integration d. Data distribution 27. RAID stands for a. Redundant Array of Inexpensive Disks b. Redundant Application of Integrated Data c. Reduced Application of Inexpensive Data d. Reduced Application of Integrated Disks 28. According to Ralph Kimball, Back-room metadata guides: 1. Extraction 2. Cleaning 3. Loading processes a. 1,2 only b. ,2 only c. 1,2,3 all d. 2,3 only 29. Which is not an example of Technical Metadata. a. hardware details b. software details c. Query response time details d. system configuration details 30. In ETL process all the records in the _________ that should be brought into the data warehouse actually are extracted into the data warehouse. a. Destination system b. source system c. Data system d. user system 31. _ ____ Testing ensure that the ETL Process functions well with other upstream and downstream processes. a. Unit b. Regression c. Performance d. Integration 32. UAT stands for a. Unit Acceptance Technique b. User Acceptance Testing c. Unique Acceptance Testing d. Union Acceptance Technique 33. ______ is a technique of extracting the hidden predictive information from large databases. a. Data Mining b. Data warehousing c. Data extraction d. Data transformation 34. Which of the following is not a technique of data mining: a. Artificial Neural Networks b. Decision Trees c. Genetic Algorithms d. chinese postman problem algorithm 35. CART stands for a. Chisquare Automatic and Regression Testing b. Classification and Regression Trees c. Credit-card Automatic Route Transfer d. Chisquare Algorithm Regression Testing 36. ______ provides tools for searching, sorting, filtering and drilling down enabling previously complex data models to be viewed intuitively through real-time 3-D graphical representation a. Intelligent Miner b. Enterprise Miner c. MineSet d. Clementine 37. Which of the following is not a tool of data mining a. MineSet b. Intelligent Miner c. Weka3 d. Redbrick 38. A ______ Web house is a single most important tool for identifying, prioritizing, and retaining e-commerce customers. a. click stream b. Data stream c. Design stream d. rag stream 39. When you bring your data warehouse to the web, from the point of view of the users,then which of the following is not the key requirement for the same: a. self-service data access b. interactive analysis c. low availability and performance d. zero-administration client 40. _______which provides low-cost transmission of information, and exchange information with anyone within or outside the company. a. I ntranet b. Extranet c. Internet d. user net Part B (Two mark questions) 41. State whether the following statement is true or false for Data warehouse and OLTP 1. A Data Warehouse (DW), is a database that is designed for facilitating querying and analysis. 2. OLAP system is designed to be read-optimized. a. 1-T , 2-F b. 1-F , 2-T c. 1-F , 2-F d. 1-T , 2-T 42. A Data Warehouse is a relational database that is designed for †¦Ã¢â‚¬ ¦ and †¦Ã¢â‚¬ ¦Ã¢â‚¬ ¦. a. Process and transaction b. Query and analysis c. Searching and selection d. Searching and sorting 43. State whether the following statement is true or false for the differences between OLTP and Data Warehouse projects. 1. The Data Warehouse record transactions in real time and aims to automate the clerical data entry processes of a business entity. 2. The OLTP database does not cater to real time operational requirements of the enterprise. a. 1-T , 2-F b. 1-F , 2-T c. 1-F , 2-F d. 1-T , 2-T 44. What are the vital areas in data warehouse development life cycle â€Å" 1. Warehouse management 2. Data management 3. Project management a. Only 1, 2 b. Only 1, 3 c. Only 2 ,3 d. All the above 45. What are the components of data warehouse architecture 1. Source Data Component 2. Data Staging Component 3. Data Storage Component a. Only 1, 2 b. Only 1, 3 c. Only 2 ,3 d. All the above 46. There are three staged archival methods, so arrange these methods in to the appropriate sequence. . Recent data is archived to a separate archival database that may still be online. 2. The oldest data is archived to tape cartridges or microfilm and even kept off-site. 3. The older data is archived to flat files on disk storage. a. 1,2,3 b. 2,3,1 c. 3,2,1 d. 1,3,2 47. State whether the following statements are true or false for fact table: 1. Fact Table is m ade up of two or more foreign keys. 2. Fact table always expresses a one-to-many relationship. a. 1-T,2-T b. 1-T,2-F c. 1-F,2-T d. 1-F,2-F 48. The process of turning ________ into _________ is called archiving. a. archived redo log files, redo log files b. Flat files, dump files c. redo log files, archived redo log files d. dump files, Flat files 49. Arrange the functional steps of ETL into an appropriate sequence. 1. Filtering for refreshes and incremental loads 2. Triggering for incremental changes 3. Data extraction 4. Transformation 5. Integration 6. Cleansing 7. Applying to the Data Warehouse database. a. 1,2,3,4,5,6,7 b. 1,3,2,6,5,4,7 c. 2,1,5,4,3,6,7 d. 7,6,5,4,3,2,1 50. _____and ______tools are available to translate the data from one platform to another, and populate the Data Warehouse. a. Statistical Analysis System, Informatics b. Oracle 10g Warehouse builder, MySAP c. Data Extraction, loading d. SAP BI, Oracle 10g 51. State whether the following statements are true or false for CMM levels. 1. At level 3, companies can begin to predict future IT implementation performance. 2. At level 4, IT best practices are documented and performed throughout the enterprise. a. 1-T,2-F b. 1-F,2-T c. 1-T,2-T d. 1-F,2-F 52. State whether the following statements are true or false: 1. ROLAP technology tends to have greater scalability than MOLAP technology 2. MOLAP technology tends to have greater scalability than ROLAP technology a. 1-T,2-F b. -T,2-T c. 1-F,2-T d. 1-F,2-F 53. State whether the following statements are true or false for characteristics of OLAP 1. An OLAP system typically adopts either a star or snowflake model and a subject oriented database design. 2. OLAP systems are not market-oriented. a. 1-T,2-F b. 1-T,2-T c. 1-F,2-T d. 1-F,2-F 54. State True(T) or False(F). 1. RAID 0 provides data stripping 2. RAID 1 prov ides block level stripping a. 1–F, 2–F b. 1–F, 2–T c. 1–T, 2–F d. 1–T, 2–T 55. Design metadata consists of 1. Schema definition 2. Source tables 3. ETL information a. Only 1 and 2 b. Only 1 and 3 c. Only 2 and 3 d. Only 1 6. The tools of metadata management are 1. Erwin data modeler 2. Ablnitio EME 3. Pentaho Metadata 4. Microsoft repository a. Only 2 and 4 b. Only 1 and 2 c. Only 3 and 4 d. All of the above 57. ________ and _______ensures that data loads and queries perform within expected time frames and that the technical architecture is scalable. a. Performance, Scalability Testing b. Unit, Regression Testing c. Integration, Requirements Testing d. None of the above 58. State whether the following statement is true or false: 1. Regression testing is revalidation of existing functionality with each new release of code. . UAT typically focuses on data loaded to the Data Warehouse and any views that have been created on top of the tables. a. 1-T,2-F b. 1-T,2-T c. 1-F,2-T d. 1-F,2-F 59. State whether the following statements are true or false: 1. Data Mining is user driven approach not data driven approach. 2. Prediction is the other aspect of Data Mining. a. 1-T,2-F b. 1-T,2-T c. 1-F,2-T d. 1-F,2-F 60. Which of the following are the useful informations of Web house: 1. Site statistics 2. Visitor conversions 3. Referring partner links 4. Site navigation resulting in orders 5. Site navigation not resulting in orders a. Only 1, 2, 3 b. .Only 1,2,3,4 c. All 1, 2,3,4,5 d. Only 1,2,3,5 Part C (Four mark questions) 61. Match the following for the functionality of data warehousing. Set A A. Roll-up B. Drill-down C. Pivot D. Slice and Dice E. Selection Set B 1. Data is summarized with increased generalization. 2. Cross tabulation that is, rotation is performed. 3. Increasing levels of detail are revealed. 4. Data is available by value or range. 5. Performing projection operations on the dimensions. a. A-1 , B-2 , C-3 , D-4, E-5 b. A-5 , B-4 , C-3 , D-2, E-1 c. A-1 , B-3 , C-2 , D-5, E-4 d. A-2 , B-1 , C-4 , D-3, E-5 62. State whether the following statements are true or false for Data warehouse 1. Data Warehouse contains data for information purpose. 2. Data Warehouse is a store house of historical data. 3. In Data Warehouse, the requirements are gathered area wise. a. 1-T, 2-T, 3-T b. 1-T, 2-T, 3-T c. 1-F, 2-T, 3-F d. 1-T, 2-T, 3-T 63. Fill in the blank 1. The Data Warehouse functions as a Decision Support System and an 2. The tool will host a meta data repository. 3. A DW architecture is a system that is composed of multiple architectures. . 1- Executive Information System, 2- ETL, 3 Federated b. 1- ETL, 2- Executive Information System, 3 Federated c. 1- Executive Information System, 2-Federated , 3 ETL d. 1- Federated, 2- ETL, 3 Executive Information System 64. What are the characteristics of fact table in star schema? 1. Concatenated key 2. Data grain 3. Fully additive measure 4. Factfull fact table 5. Semi additive measure 6. Table is wide a. 1, 2, 3, 6 only b. 1,2,3,4 only c. 1, 2, 4, 6 only d. 1, 2, 3, 5 only 65. Fill in the blanks. 1. ________ a type of application of data is similar to the initial load. . ________ is the application of ongoing changes from the source systems. 3. ________populating all the Data Warehouse tables for the very first time. a. 1- full refresh, 2- Incremental Load, 3-Initial Load b. 1- Incremental Load, 2-full refresh , 3-Initial Load c. 1- Initial Load, 2- Incremental Load, 3-full refresh d. 1- Incremental Load, 2- Initial Load, 3- full refresh 66. Match the following: 1. Level 0 – a. Performed Informally 2. Level 1 – b. Not Performed 3. Level 2 – c. Well-Defined 4. Level 3 – d. Planned and Tracked 5. Level 4 – e. Quantitatively Controlled 6. Level 5 – f. Continuously Improving a. 1-b,2-a,3-d,4-c,5-e,6-f b. 1-a, 2-b,3-d,4-c,5-e,6-f c. 1-c,2-b,3-a,4-d,5-f,6-e d. 1-f,2-a,3-d,4-c,5-b,6-e 67. Rearrange the following steps in OLAP creation process 1. Transform and standardize data 2. Build cubes 3. Produce reports 4. Extract data 5. Import to OLAP database a. 2, 3, 4, 1, 5 b. 1, 4, 5, 2, 3 c. 4, 1, 5, 2, 3 d. 5, 3, 2, 1, 4 68. Match the following sets Set -1 1. RAID 0 2. RAID 1 3. RAID 0+1 4. RAID 5 Set-2 a. Data Stripping b. Shadowing/Mirroring / Duplexing c. Striping and Mirroring d. block-level striping a. 1-a,2-b,3-c,4-d b. 1-b,2-a,3-c,4-d c. -a,2-b,3-d,4-c d. 1-d,2-c,3-b,4-a 69. Match the following sets Set -1 1. Design Metadata 2. Population Metadata 3. Administrative Metadata Set-2 a. ETL information, sources and interface details b. Schema definition, source tables, and views. c. Access rights, protocols, physical location. a. 1-a,,2-b,3-c b. 1-b,2-a,3-c c. 1-c,2-b,3-a d. 1-b,2-c,3-a 70. Which of the following are not the parts of Unit testing: 1. Whether ETLs are accessing and picking up right data from right source. 2. Sequence of ETLs jobs in batch. 3. Testing the rejected records that don’t fulfill transformation rules. 4. Checking the source system connectivity. 5. Dependency and sequencing. 6. Error log generation. a. 1,2,3 only b. 2,4,5 only c. 2,5,6 only d. 2,3,6 only 71. Arrange the decision support progress of data mining steps in the appropriate sequence. 1. Database systems 2. File based systems 3. OLAP systems 4. Data warehouses 5. Data mining applications a. 1, 2,3,4,5 b. 5, 4,3,2,1 c. 2, 1,4,3,5 d. 3, 2,4,5,1 72. The clickstream data enables analysis of different measures like:– 1. Customer demand 2. Demographic data collection 3. Site statistics 4. Feedback on website design 5. Customer buying patterns 6. Effectiveness of marketing promotions a. 1, 2, 3, 4 only b. 1, 2,4,5,6 only c. 1, 2,3,4,5 only d. 4, 5, 6 only 73. State whether the following statements are true or false for features of the data Web house 1. It is a fully distributed system. as Kimball would say, there is no center to the data Web house. 2. It is a Web-enabled system; it is beyond a client/server system. 3. The Web does not support to the data types including textual, numeric, graphical, photographic, audio, video, and more. 4. The Web sleeps for some time. a. 1-F,2-T,3-F,4-F b. 1-T,2-T,3-F,4-F c. 1-F,2-F,3-F,4-T d. 1-F,2-F,3-T,4-T 4. Match the following two sets correctly Set–I a. MineSet b. Clementine c. DMMiner d. Intelligent Miner Set–II 1. DBMiner technology inc. 2. SPSS Inc. integral solutions 3. IBM Corp 4. Silicon Graphics Inc–SGI a. a–4, b–3, c–2, d–1 b. a–4, b–2, c–1, d–3 c. a–2, b–3, c–4, d–1 d. aâ₠¬â€œ4, b–2, c–3, d–1 75. Match the following two sets correctly Set–I a. Disk mirroring b. Disk striping c. Parity checking d. Disk duplexing Set–II 1. Writing the same data to two disk drives connected to the same controller 2. Each disk has its own distinct controller 3. Ensures correct transmission of data 4. Data spread across multiple disks by sectors a. a–3, b–1, c–2, d–4 b. a–1, b–2, c–3, d–4 c. a–1, b–4, c–3, d–2 d. a–2, b–4, c–3, d–1 Answer Keys Part A Q. No. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Ans. Key B A B D D B C C B A C B D C B B C A C D Q. No. 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 Ans. Key C A D C D A A C C B D B A D B C D A C C Q. No. 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 Part B Ans. Key D B C A D D B C C C D A A C A D A B C C Q. No. 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 Part C Ans. Key C C A D A A C A B C C B B B C