Question
Global Risks 2014, and select one of the risk areas. Imagine that you have been tasked with creating a proposal for the new CEO of your organization for establishing an ethics program and for conducting training and compliance auditing.Write a persuavise essay.
Describe an emerging global risk for 2015 and beyond
Discuss the key countries that might be associated with the risk
Evaluate the role of ethical decision-making in business organizations
Analyze the impact of business ethics on stakeholder relationships. Include in your analysis why it is necessary to create an ethics program, conduct training, and engage in compliance auditing
Design a training plan for ethical considerations and social responsibility as it relates to the key risk area and the countries you have selected
Explain how the program will be implemented
Synthesize the key considerations which must be in place
Sample paper
Business Ethics-Technological Risk paper
The future of organizational ethics policy development faces immense challenges from a variety of sources including environmental risks, technological, economic, societal, and geopolitical risks. Currently, most businesses are facing one or more of the identified risks. The technological risk is one of the greatest concerns facing managers in the modern organization. Technological risk is the result of the changing nature of information processing in organizations. Currently, more business organizations have adopted a centralized system for information storage and processing. Centralization of communication technologies is another key aspect in the modern organizations. As a result, sensitive business information is at high risk of large-scale cyberattacks, data fraud, and breakdown of the information communication network. This article examines the technological risk and provides a proposal that establishes how the organization may respond to this risk.
Emerging Global Risk for 2015 and Beyond
Business organizations are increasing relying on the internet as well as the computer networks for conducting various operations and activities. The advancement in technology and the automation of business systems has enabled businesses to increase their operational efficiency in a globalized and highly competitive world. Moreover, the technological progress has ensured that customers are able to access with ease services through various points of sale or gadgets including their mobile devices. However, the increased reliance on technology has brought about new forms of crime – cyberattacks and data theft. In the U.S., this new form of crime has detrimentally affected a number of business organizations. These include Primera Blue Cross, Sony Pictures, Home Depot, Staples, Anthem, JPMorgan Chase, and among others. Most of the cases involve computer network breach, where hackers are able to access sensitive customer information stored on the respective company’s computer network.
A review of available literature indicates that wealthier countries that depend heavily on information communication technologies for conducting various activities are at a higher risk of experiencing cyberattacks, data theft, and computer network failure. In a recent report dubbed the National Exposure Index, the U.S. takes the 14th step in terms of the degree of vulnerability to cyberattacks (MacDonald, 2016). The report identifies the top-ten high-risk countries as Belgium, Tajikistan, Samoa, Australia, China, Hong Kong, Dominican Republic, Afghanistan, South Africa, and Ethiopia, in order of severity. The United Kingdom is listed 23 on the vulnerability scale, while Russia took position 19. Countries with high severity levels were identified as those relying on “insecure internet services” (MacDonald, 2016, p. 1).
Countries Affected
Majority of the countries listed as vulnerable lack appropriate security mechanisms that can reduce the risk of cyberattacks. For instance, most of these countries lack laws requiring mandatory encryption of data. Although the U.S. may not be among the top 10 countries in terms of vulnerability to cyberattacks, it remains at significantly high risk. A survey conducted upon 600 business executives indicates that half of the respondents have been victims of cyberattacks. Moreover, half of the respondents also identified the country’s laws as weak in dealing the growing challenge of cyberattacks. Other countries identified as highly vulnerable to attacks were Russia and China. According to Markoff (2010), majority of the attacks emanate from the United States. China is also listed as a major source of the attacks.
Ethical decision-making
Ethical decision-making plays a significant role in business organizations. One of the key roles of ethical decision-making is ensuring compliance to legal requirements guiding business. Ethical decision-making entails making decisions that comply to organizational expectations as well as the regulatory requirements (Usnick & Usnick, R., 2009). Ethical decision-making helps business organizations in building a positive image or reputation among the public. Organizations that observe the ethical codes of conduct develop a positive image among the consumers as well as the public. This is because customers and the public are able to identify the business organization as serving their particular interests. Closely related to this is building customer loyalty. Ethical decision-making promotes customer loyalty through earning their trust. When the business makes decisions based on the customer’s needs and wants, the customers are bound to develop long lasting relationship to the business.
Ethical decision-making promotes a positive work environment. Organizations that promote ethical decision-making create a positive work environment through various ways. The employees, for instance, work as a team rather than individuals seeking for their own stakes such as promotions. In organizations that promote ethical decision-making, employees know what to do in case of ethical dilemmas. The best solution is one that supports the organization’s values. This avoids confusion. In such organizations, employees are expected to express honesty and integrity in their dealings. Ethical decision-making promotes the general good of the organization towards customers and the public. Ethical decision-making ensures that the organizations make decisions that have a positive impact on the greatest number of people. All decisions should reduce any possible harm to individuals or the environment.
Impact of business ethics on stakeholder relationships
Business ethics have a critical role to play in enhancing stakeholder relationships. Stakeholders to a business organization can be divided into internal and external stakeholders. Internal stakeholders include employees, owners, and the management. Proper business ethics improve the relationship between employees and management. An ethical code of conduct guides employees regarding various expectations to meet. Following the outlined code of conduct eliminates conflicts with the management in decision-making. Business ethics helps in developing a firm business foundation. The business, for instance, is able to gain a positive reputation from the public. This is beneficial to owners since individuals may tend to develop loyalty towards the organization’s products. Business ethics is important to the external stakeholders since it helps in developing trust. For instance, customers can develop trust through knowing that the business exists to serve their specific needs. Business ethics can improve the relationship with shareholders. An ethical business should aim at maximizing shareholder value.
It is necessary for business organizations to develop ethics program, conduct training and engage in compliance auditing. An ethics program is critical in guiding or regulating the behavior of employees in the organization (Usnick & Usnick, R., 2009). An ethics program outlines the limits of employee behavior and provides a practical guide to decision-making. It also serves as a platform for adhering to the organizational policies. Conducting training ensures that employees learn and practice the organizational code of conduct. Training equips the employees with skills and knowledge on how to recognize and solve ethical dilemmas they may face in their work. Training equips employees with key values of honesty, integrity, trust, and others that are critical to the business world. Compliance auditing ensures the early detection of departure from the norm in recording or processing of business transactions.
Training plan for ethical considerations
A suitable training plan should serve to sensitive the employees concerning the ethical issue in question. A training plan should be able to fulfill the five core elements that include the program structure, identification of corporate standards, ability to educate the workforce, identification of investigation procedures, and assessment of program effectiveness. The following training plan will serve in enabling employees develop ethical considerations with regard to technological applications.
Employee Training Program on Cyber Security
Purpose – this organization identifies the need to train employees on cyber security to minimize risks of cyberattacks. The training program will introduce a formal dimension to countering cyber threats. The training program also aims to equip employees with skills to identify and mitigate potential threats.
Scope – The training program aims to equip new skills and knowledge to all employees who interact in one way or another with the organization’s computer systems. Training will also cover all third party users who interact with the organization’s computer systems.
Compliance to outline standards – the training program is in compliant with the Cyber Security Best Practices as well as the regulatory requirements in the industry. The specific standards are those that guide the industry in the United States.
Roles and responsibilities – this part of the training plan will entail assessing the various positions and respective roles or duties. It is important to ensure that all employees understand their mandates with regard to the organization’s computer system. This part will entail defining the specific roles and responsibilities of users, managers, computer system analysts, and other individuals involved in maintenance of the information system at the organization.
Security training – this will involve training all employees and third party users on the basics of internet security. This section will be more detailed than other sections. The first part will involve examining the role of employees in enhancing cyber security. The second part will involve training about the various forms of cyberattacks that the organization may face such as phishing, malware attacks, pharming, spyware and other forms of attacks. This part will also entail how employees may report such incidences and ways of identifying the severity levels.
Usage policy training – it is important to train employees on policies relating to the use of electronic devices. The employees, for instance, need to change passwords constantly or to ensure that they memorize their passwords instead of writing them down.
Implementing the program and key considerations
The first step is develop a program structure. This means going beyond the ethics program earlier developed. In this step, and ethics officer is appointed to oversee the entire process especially with regard to compliance with outline ethical standards. Another important thing is to ensure that the organization’s board of directors oversees the ethics and compliance roles. The second step in the implementation process involves establishing a code of conduct. A code of conduct helps in guiding employee behavior by defining the limits of their behavior. The third step in implementing the program involves educating the employees about the role and benefits of the program. Educating employees improves their attitudes, skills, and knowledge towards the program. The fourth step is developing a reporting mechanism or channel that employees can utilize to provide feedback. The last step is to monitor the progress of the program and acting on the feedback received from the various users. Key considerations that must be in place include budget, highly experienced employees to conduct training, time lines, the audience/employee availability, content development, and means of assessing feedback.
References
Vasilescu, C. (2012). Cyber attacks: emerging threats to the 21st century critical information infrastructures/Kyberneticke utoky: nove hrozby pro kritickou informacni infrastrukturu ve 21. stoleti. Obrana a Strategie/Defence & Strategy, 2012(1).
Usnick, L., & Usnick, R. (2009). Compliance program auditing: the growing need to insure that compliance programs themselves comply. Retrieved from http://www.southernlawjournal.com/2013_2/SLJ_Fall%202013_Usnick%20&%20Usnic k.pdf
Markoff, J. (2010, Jan. 28). Survey of executives finds a growing fear of cyberattacks. The New York Times. Retrieved from http://www.nytimes.com/2010/01/29/science/29cyber.html
MacDonald, C. (2016, June 9). ‘Hacker map’ of the internet reveals countries most at risk of cyberattacks. Daily Mail. Retrieved from http://www.dailymail.co.uk/sciencetech/article- 3633799/Hacker-map-internet-reveals-countries-risk-cyberattacks.html
