Xem mẫu
- International Journal of Management
Volume 11, Issue 04, April 2020, pp. 169-177. Article ID: IJM_11_04_018
Available online at http://www.iaeme.com/ijm/issues.asp?JType=IJM&VType=11&IType=4
Journal Impact Factor (2020): 10.1471 (Calculated by GISI) www.jifactor.com
ISSN Print: 0976-6502 and ISSN Online: 0976-6510
© IAEME Publication Scopus Indexed
MANAGEMENT OF DISASTER AND BUSINESS
CONTINUITY IN A DIGITAL WORLD
Dr. Narcisa Roxana Moşteanu
Professor Dr. of Finance at Business Administration Department
American University of Malta, Bormla, Malta
ABSTRACT
Risk is outside everywhere, and it may impact us more or less. The evolution of
technology improves our social and economic life, and also most of the same time, it is
the technology that exposes us to the risk of disaster. Disaster may have many faces and
even we are aware and think that we are prepared to deal with it, somehow, we find
ourselves not ready. The present paper aims to present possible solutions for managing
the risk of disaster by amending the organizational structure and culture. The study was
conducted on two different types of institutions: banks and universities, using the
author’s experience as a banking expert and university professor, in a multicultural
environment. The article started with the current situation and give pertinent solutions
for to manage the risk of disaster and keep the business ongoing in the most effective
way possible
Keywords: Management of disaster, digitalization, organizational structure culture,
business effectiveness.
Cite this Article: Dr. Narcisa Roxana Moşteanu, Management of Disaster and Business
Continuity in a Digital World, International Journal of Management, 11 (4), 2020, pp.
169-177.
http://www.iaeme.com/IJM/issues.asp?JType=IJM&VType=11&IType=4
1. INTRODUCTION
Management of disaster deals with the management of an organization’s resources and
responsibilities to control the risk and it impact. Mitigating the disastrous effects by performing
in advance certain activities is one of the main purposes of relief organizations. Disaster may
appear in different ways such technical (cyberattacks, nuclear attacks), natural (floods, tsunami,
earthquake, tornados), environmental (air pollution), epidemiological (disease), and daily
hazards (accidents). In the last decades, the whole humanity faced different forms of disasters,
crisis or hazards. Even so, the people, organizations and governments remain woefully
unprepared to quickly recover their IT systems and key business processes in the event of
disaster. The main justification remains the lack of knowledge and funds [1].
http://www.iaeme.com/IJM/index.asp 169 editor@iaeme.com
- Management of Disaster and Business Continuity in a Digital World
Disasters (natural, environmental, manmade, accidental and deliberate) have dominated the
news recently, and impose organizational decision making to re-focus, redesign their
organizational culture and concentrate on their Disaster Recovery Plans and Business
Continuity Plans, or even to reconsider their business’s structure. After a disaster happened,
normally all organizations and peoples want to get things back to normal as quickly as possible
and to offer assistance to others who were and still might be affected. Regrettably, getting back
to normal may not be a straightforward process, and it may involve very different hazards than
organizations and employees deal with on a day-to-day basis [2]. The current work paper comes
to present possible solutions to mitigate disasters’ impact on business continuity, regardless
their nature, giving special attention to changes which may be amended for the organizational
structure and its culture.
2. LITERATURE REVIEW
Economists Rejda and McNamara have been defined risk in terms of uncertainty [3]. Based on
this concept, risk is defined as uncertainty concerning the occurrence of a loss. In the literature,
risk perception studies [4-8] have surveyed a wide range of hazardous events that mainly consist
of technical, environmental, epidemiological, daily, and natural hazards. The development of
risk perception studies is mainly motivated by the examination that there are significant
differences between experts’ objective assessments of risk and lay persons’ intuitive judgments
of risk. Thus, understanding people’s risk perception and its determining factors is essential for
improving risk assessment and designing effective mitigation policies. Risk perception may be
the first step of risk mitigation or adjustment of organizational structure and culture. And how
we are precepting the risk? We are precepting when our health and wealth is affected
(individually, institutionally or at the macroeconomic level).
A disaster is an event that completely disrupts the normal ways of a community. It brings
on human, economical, and environmental losses to the community. Disaster may appear as a
result of a hazard. A hazard is a situation where there is a threat to life, health, environment or
property. Generally, the hazard is very difficult to foreseen or prevent. Disasters, in a simple
approach, are assimilated with external shocks. Disaster usually are associated with an
uncertainty. Therefore, the disaster risk results from the complex interaction between
development processes that generate conditions of exposure, weakness and hazard. Disaster
risk is consequently considered as the combination of the severity and frequency of a hazard,
the numbers of people and assets exposed to the hazard, and their vulnerability to damage [9].
Disasters may cause catastrophic failures in optical networks, as multiple system failures may
occur in a disaster zone. Such failures could also be cascading. Generally, when a disaster
occurs, initially a set of network elements may fail all together, and then other failures in
different parts of the network may occur subsequently (e.g., due to a power outage after an
earthquake, due to an epidemiologic, or a cyber-attack on one important public administration)
[10 – 16].
Risk management is a process that identifies loss exposures faced by an organization and
selects the most appropriate techniques for treating such exposures [3]. Risk management
process fallow certain steps in order to prevent, manage and recover the loss in case of
unexpected event, or a disaster appear.
3. METHODOLOGY
The present work paper is an exploratory research, based on investigative procedures. This
study was conducted on two different types of institutions: banks and universities. Information
was congregated through face-to-face interaction with representative people from banks and
universities, more specifically private ones. Bank and university representatives were asked the
following questions: existence of a risk management policy; awareness of employees about
http://www.iaeme.com/IJM/index.asp 170 editor@iaeme.com
- Dr. Narcisa Roxana Moşteanu
work remoting, in case of disaster, existence of a business continuity plan and an emergency
reserve fund; and, are you prepared to keep the business ongoing in a case of disaster, the speed
of adapting the organizational structure and culture to the changes of the environment, as well
as the benefits of using the new digital technologies to ensure the continuity of the business.
Based on this, the present paper is a fundamental and qualitative research, which aims to
identify the main changes that may occur during and after disaster, and it presents the possible
ways of improving the organizational structure and culture approach in order to prevent and
recover after a potential disaster.
4. ANALYSIS AND FINDINGS
The business’s continuity is linked directly with the capability to prevent and manage any risk,
with the openness to innovation, and accepting digital changes, to improve the efficiency and
the performance within the organization [17]. The digital technologies facilitate the generation,
calculation and circulation of the data required to [18] develop new business processes to
prepare organizations for successful integration in a digitalized era, but more than this, can be
a very useful tool to help managing the risk of disaster, during all its steps, such as: identifying
and measuring, preventing and preparing for recovering.
Risk is everywhere and every time. We cannot say that our life or our business operates
100% safe without no risk. And via risk, we understand any event which may expose us to a
certain danger, harm or loss. Risk may expose one person, one company, one community or
more, situation when we face a disaster. During our research analyze, the author finds out that
there are many ways to define the meaning of disaster. The most common literature underline
that the term disaster denotes a low-probability but high-impact event that causes a large
number of individuals to become ill or injured. The experts define a disaster as an event that
causes more than 10 deaths, affects more than 100 people, or leads to an appeal for assistance
by those affected [19, 20]. Disaster generally appear when hazard meet vulnerability (see figure
1). In a normal environment (general or specific) there are risks which can affect your activity
or socio-economic status. However, these risks – market risks, credit risk, liquidity risk, new
technology risk – can be predicted, even they meet or not vulnerable parts of an organization,
individuals or community. When hazard don’t interact with the vulnerability, then there is no
exposure to disaster or crisis. When there is an interaction between human and physical system
(hazard meet the vulnerability) than economic activities and social life are exposed a disaster.
A hazard by itself is not a disaster. Only when the hazard meets a vulnerable situation does
a disaster happen. People, businesses and whole economy are vulnerable when they are unable
to adequately anticipate, withstand and recover from hazards. If they cannot recover, or they
are not helped to recover, poverty may appear. Poverty contributes to vulnerability. That is why
an earthquake may cause a disaster in a poor country, while an earthquake in a richer country
may have little impact. Or a pandemic crisis may cause a disaster in a poor country, or where
medical and health system is equipped poorly, while in a richer country, medical system is well
equipped and emergency methods are implemented immediately, limiting losses. At local level,
a hazard can cause disaster for poor households, while richer households may not be affected
to the same extent.
http://www.iaeme.com/IJM/index.asp 171 editor@iaeme.com
- Management of Disaster and Business Continuity in a Digital World
Figure 1 The relationship between hazard, risk and vulnerability, when there is an interaction of
human and physical system
Once a disaster is triggered, it is difficult to manage and stopped in a properly time, to avoid
any other related crisis or disaster. 2020 started with an epidemiological disaster – COVID-19.
The virus has spread rapidly around the world. The disease propagating speed shows that the
world was not prepared for such of disaster. This biological catastrophe will probably attract,
as a natural reaction, a significant financial and economic crisis, as this actual disaster affect
financial and social situation of everyone. Poorly planned social or economic life or business is
also related to level of knowledge and understanding. Financial resources are very important;
however, they are not the only one which can reduce the exposure or help in a disaster
recovering planification.
Figure 2 Reducing the risk of disaster by assessing and reducing hazards, vulnerability and exposure
http://www.iaeme.com/IJM/index.asp 172 editor@iaeme.com
- Dr. Narcisa Roxana Moşteanu
Figure 3 Mitigating the risk of disaster
In order to mitigate the risk, all of us, from individual and businesses to national and
international economy is better to understand the nature of the risk and prepare in order to
reduce the risk of disaster and prepare a recovery plan (figures 2, 3, 4). In order to manage the
risk, after its identifications, a business plan and a disaster recovery are required.
Figure 4 Risk assessment process
Business continuity planning is a methodology used to create and validate a plan for
maintaining continuous business operations before, during, and after disasters and disruptive
events. This plan has to do with managing the operational elements that allow a business to
function normally in order to generate revenues. It is often a concept that is used in evaluating
several technology strategies. Banks, which involve high volume online retailers, it may decide
that the cost for fully redundant systems is a worthwhile investment because the cost of
downtime for even five or ten minutes could cost millions of money. Banks require their
businesses run continuously, and their overall operational plans reflect this priority. Banks and
all institutions have to keep their business ongoing, to maintain the flow of money in the
economy. In order to do this, in the present time, many banks adopted digital solutions, they
remote their work from physical to online. It is how risk management, in case of disaster,
modify the organizational structure and culture.
Disaster recovery plan is part of business continuity and deals with the immediate impact
of an event. Disaster recovery usually has several discreet steps in the planning stages, though
those steps confuse quickly during implementation because the situation during a crisis is
almost never exactly to plan. Disaster recovery involves stopping the effects of the disaster as
quickly as possible and addressing the immediate aftermath. This might include shutting down
systems that have been breached, evaluating which systems are impacted by a flood or
earthquake, and determining the best way to proceed [21]. Or, remoting and work from home
http://www.iaeme.com/IJM/index.asp 173 editor@iaeme.com
- Management of Disaster and Business Continuity in a Digital World
in case of epidemiological disaster. The existence of reserve funds for any unexpected risk of
disaster is better to be allocated within the annual budget and corelated with the development
of a risk financing system. This system would then support the use of external and internal
resources (through the budget) to stand an effective response to environment’s challenges.
Figure 5 Organizational structure of a bank (only general lines)
After analyzing several banks organizational charts and culture, the research found that the
vast majority of them have a risk management department as part of their organizational
structure. Generally, this department takes over of risk management process for all
organization, identifying, performing risk assessment an evaluation, establishing risk level of
which organization can operate normal, and risk financial resources. In the same time, risk
management department is recommended to be in charge with management of disaster too.
Despite the fact that risk management department is functional, in the vast majority of cases (an
example being the case of COVID-19 influenza), the disaster repercussion still surprising by
the intensity and the magnitude of the impact, requiring additional measures.
From this perspective, the research proposes to integrate a new department to be in charge
with dedication for disaster or crisis management. This department will coordinate closely with
risk management, strategy, IT, administration, digital integration task force, marketing and
communication (figure 5). In case of disaster, organization has to take care about its employees
and businesses. To protect its works, as much as it is possible, the work should be remoted from
office to home. Here digitalization plays a very important role, a good IT system together with
access on clients and financial centralized database (figure 5). Banking digitalization it is not a
new concept. But fully digitalization is a challenge which can bring at the end full benefit for
banks, customers and community. And it helps in case of disaster. Through digitalization
programs, banks use digital distribution channels, typically mobile, to offer competitive retail
financial and banking services such as current accounts, savings accounts, loans, insurance,
credit cards and capital market transactions. Europe has seen the first cohort of challenger
banks, without physical branches (Atom Bank, Tandem Bank, Monzo, Starling Bank, Revolut,
and N26). These banks have grown on the backs of improved user experience, appealing to
those who want to be able to bank from their phones instead of visiting a retail location, [22].
In a time of disaster, this type of banks can be a good model to follow, for switching work from
the office with the work from home, using the new information technologies.
When comes about universities, the research has revealed that, in the current time, distance
learning or online education is commonplace. More than that, in the event of a disaster,
switching from face-to-face to online education is very easy and fast.
http://www.iaeme.com/IJM/index.asp 174 editor@iaeme.com
- Dr. Narcisa Roxana Moşteanu
Figure 6 Organizational structure of a university
At the institution level, the risk of a disaster can be taken over by the risk management
department or it can be create another, dedicated to management of disaster, which combines
experts from IT, institutional administration, risk management, marketing, communication, and
academic administration. Digitalization helps as well. It is related to the implementation of new
technologies. In case of university, digitalization requires communication (figure 6). This can
be very easy achieved by connecting each one of employee, faculty and student to a PC, from
home. However, in an academic industry, a disaster brings a chance to create a new strategy
and innovative ideas for new program specializations or new courses too.
5. CONCLUSIONS
In case of disaster, innovations are not mandatory to be entirely new or drastic in nature. They
drive growth and help address social challenges and can contribute to the mitigation of climate
change, advancement of sustainable development, and the promotion of social cohesion [23].
To tackle those issues, innovations should be cost effective and should save lives, reduce losses,
and ensure effective recovery and rehabilitation [24].
Management of disaster is a combined term encompassing all aspects of planning for and
responding to disasters, including both pre‐disaster and post‐disaster. The research paper aimed
to show the importance of disaster management plan or function to be integrated with
organizational structure and culture for those institutions which are dealing with money and
people’s education.
The research concludes that any organization, regardless the industry is better to have a risk
management department in charge with all process of mitigating the risk. However, in case of
disaster, another department or unit is better to be created: disaster management. This unit will
work closely with all operative departments, including Risk Management, IT, Digital
Integration and/or Administration. Disaster management will we in charge especially with, pre-
disaster plan, business continuity plan, disaster recovery plan. This unit can be the one which,
in case of disaster, will coordinate the business operational activity on daily basis. Digitalization
helps as well, offering and allowing access to centralized database, facilitating the business
process from employees to customers via IT communications, online. However, employees are
better to be trained about what does it mean and how to react in case of disaster, how to react
in case their activity will he shifted from office to work-from-home (online). In this regard,
organizational culture is better to adapt itself, and principles of risk prevention, and how to
http://www.iaeme.com/IJM/index.asp 175 editor@iaeme.com
- Management of Disaster and Business Continuity in a Digital World
behave in case of disaster have to be part of one internal pre-disaster employees’ policy.
Employees protection is very important. Employees are the one which will ensure the business
continuity and will help the whole organization to pass through the disaster phase and
participate to its recover and to become effective and profitable again. In case there are new
skills and qualifications are required, the organization would be better to train the employees
earlier.
Business continuity has to do with keeping the organization running, regardless of the
potential risk, threat, natural disasters or cause of power outages; cyberattacks; or
epidemiological attacks. Along with a business continuity plan, a reserve fund is better to be
created. A financial reserve to ensure the implementation of the business continuity plan,
keeping the organization activity ongoing, it will always be a proactive strategy of survival and
recovery. All of us have to be aware that cost of risk mitigation (financial, human, social, or
material) it will be always less that cost of recovering if there is not a dedicated structure or
strategy to include a dedicated prevention method.
REFERENCES
[1] Connor, D. Disaster-recovery plans still need work. Network World, 20(35), 2003, pp.8.
[2] Busick, J. Disaster Recovery. Safety Compliance Letter, 2562, 2014, pp.5.
[3] Rejda, G. E. and McNamara M.J. 2017. Principles of risk management and insurance. 13th
Edition. Edinburgh. Pearson, 2017, pp.64
[4] Slovic, P. Perception of risk. Science, 236, 1987, pp.280–285.
[5] Slovic, P. Perception of risk: Reflections on the psychometric paradigm. In: S. Krimsky and
Golding D., ed., Social Theories of Risk. Westport, CT: Praeger Publishers, 1992, pp.117–152
[6] Grothmann, T. and Reusswig, F. People at risk of flooding: Why some residents take
precautionary action while others do not. Natural Hazards, 38, 2006, pp.101–120.
[7] Lindell, M. K. Household adjustment to earthquake hazard: A review of research. Environment
and Behavior, 32, 2000, pp.461–501.
[8] Lin, S. Y., Shaw, D. G., and Ho, M. C. Why are victims less willing to take mitigation measures
than the public? Natural Hazards, 44, 2008, pp.305–314.
[9] Grigsby, J. Disaster recovery plans-Now more than ever. Receivables Report for America’s
Health Care Financial Managers, 17(4), 2002, pp.11.
https://www.nap.edu/read/11621/chapter/9
[10] UNISDR. Global Assessment Report on Disaster Risk Reduction, 2015,
https://sustainabledevelopment.un.org/index.php?page=view&type=400&nr=2046&menu=151
5
[11] Moşteanu, N. R. Challenges for organizational structure and design as a result of digitalization
and cybersecurity. Proceedings of 9th International Conference on Business and Economic
Development, New York, USA, August 2020, Forthcoming.
[12] Moşteanu, N. R. and Galea, K. Artificial Intelligence and Cyber Security – face to face with
Cyberattack – a Maltese case of Risk Management approach. Ecoforum Journal, 2020, 9(2),
Forthcoming in June 2020.
[13] Moşteanu, N. R. and Faccia, A. Digital Systems and New Challenges of Financial Management
– FinTech, XBRL, Blockchain and Cryptocurrencies. Quality-Access to Success Journal,
21(174), 2020, pp.159-166.
[14] Moşteanu, N. R. International Financial Markets face to face with Artificial Intelligence and
Digital Era. Theoretical and Applied Economics, 3, 2019, pp.620.
[15] Dikbiyik, F., Tornatore, M. and Mukherjee, B. Minimizing the risk from disaster failures in
optical backbone networks. Journal of Lightwave Technology, 32(18), 2014, pp.3175-3183.
http://www.iaeme.com/IJM/index.asp 176 editor@iaeme.com
- Dr. Narcisa Roxana Moşteanu
[16] Moşteanu, N. R. Artificial Intelligence and Cyber Security – A Shield against Cyberattack as a
Risk Business Management Tool – Case of European Countries. Quality-Access to Success
Journal, 21(175), 2020, pp.148-156.
[17] Moşteanu, N. R. Digitalization and Green Economy – changes of business perspectives.
Proceedings of 4th International Conference on Cloud and Big Data Computing, Liverpool, UK,
August 2020. Forthcoming.
[18] Williamson, B. Digital education governance: data visualization, predictive analytics, and ‘real-
time’ policy instruments. Journal of Education Policy, 31(2), 2016, pp.123-141.
[19] Bravata, D. M., McDonald, K. M., Smith, W.M., Rydzak, C., Szeto, H., Buckeridge, D. L.,
Haberland, C. and Owens, D.K. Systematic review: Surveillance systems for early detection of
bioterrorism-related diseases. Annals of Internal Medicine, 140(11), 2004, pp.910–922.
[20] Front Matter, Institute of Medicine. Hospital-Based Emergency Care: At the Breaking Point.
Washington, DC: The National Academies Press, 2007,
https://www.nap.edu/read/11621/chapter/1
[21] Snedaker, S. and Rima C. 2013. Business continuity and disaster recovery planning for IT
professionals. 2nd Edition, Massachusetts, USA. Elsevier, 2013, pp.19.
[22] CBINSIGHTS. The Challenger Bank Playbook: How 6 Digital Banking Startups Are Taking On
Retail Banking, 2018, https://www.cbinsights.com/research/challenger-bank-strategy/
[23] Gault, F. Defining and measuring innovation in all sectors of the economy. Research policy,
47(3), 2018, pp.617-622.
[24] Izumi, T., Shaw, R., Djalante, R., Ishiwatari, M. and Komino, T. Disaster risk reduction and
innovations. Progress in Disaster Science, 2, 2019, p.100033.
[25] Ranbir Singh and B. S. Dhaliwal, Role of Defence Forces in Disaster Management in India – A
Review. Journal of Management, 5(3), 2018, pp. 63–68.
[26] Bhoomi Gupta, Vulnerability Assessment and Transportation Modeling in Kendrapada Post
Cyclone Disaster Mitigation, International Journal of Computer Engineering and Technology
(IJCET), Volume 4, Issue 5, September - October (2013), pp. 267-276.
[27] Samir A. Al-Mashhadi, Ghalib M. Habeeb and Abbas Kadhim Mushchil, Control of Shrinkage
Cracking in End Restrained Reinforced Concrete Walls. International Journal of Architecture
(IJA), 4(1), 2018, pp. 05-21
[28] Boby Joseph Thadathil SJ, Psychological Impact of Massive Natural Disaster on School Students
– A Significant but Unseen Aspect of School Management in Post Disaster Scenario – A Study
from Rural Nepal, International Journal of Management, 10 (2), 2019, pp. 121-129
http://www.iaeme.com/IJM/index.asp 177 editor@iaeme.com
nguon tai.lieu . vn
