Risk assessment: mcbride financial services in idaho
Presently, McBride Financial Services is expanding its services into South Dakota, Boise, Sioux Falls and Idaho. Though, the company has future tactics of expanding its services into North Dakota, Wyoming, and Montana. McBride Financial Service is a mortgage lender in low amounts with tactics of its head offices in Idaho, which is close to Washington DC. The vision of McBride Financial Services Company is to be the paramount provider of finance services at a lower cost. The company specializes in VA, conservative, and FHA home mortgages. McBride receives a budget of five thousand pounds for ongoing its operational costs and 50 thousand pounds for start-up effort (OBerry, 2010).
The market plan for McBride as OBerry (2007) observes, is an effort to assist it to achieve its expansion goals, which are: to attain fiscal break-even within 6 moths of beginning its processes; becoming a firm that is profitable within 1 year of functioning; and leveraging a technique that will utilize efficiency and reduce operations for the firm and customers in acquiring and applying for mortgages. McBride has used several methods of advertising, which encompass: radio and newspaper ads; and advertisement using local television, which has placed the company above due to its effectiveness. In addition, the company has a website that is professionally maintained and developed. However, McBride can use the worldwide web as a first point-of-reference for its customers. Also, the company ought to consider what major businesses are doing in order to secure the market piece (OBerry, 2010).
This paper will prepare a risk assessment for the management team of McBride Financial Services in Idaho. Firstly, the probable risks that could have an effect on the operation of the business will be identified through risk assessment. The paper will consider the following while preparing risk assessment: how the company uses toxic chemicals in the locality of the business by manufacturing industrial solvents procedures; the use of blue print machines; public transportation amenities that may handle the transportation of substances that are hazardous or dangerous; potential targets of criminal activity; and potential targets of terrorist activity. Finally, the paper will research the surrounding businesses and local areas for probable risks; the major issues to consider; and the recovery procedures that can be recommended for these situations.
Risk Assessment for McBrides management team
Risk assessment, according to Jeffrey (2008) is the process of identifying approaches that can be used to eliminate risks that are avoidable, and minimize unavoidable risks. Furthermore, it is the process of determining risks in two quantities: magnitude of loss and the possibility of the loss occurring. Thus, McBride Financial services ought to have strategies that will minimize and identify risks.
a) Potential risks of McBride Financial Services in Idaho that could impact the operation of the business (with examples)
Risk assessment to McBride Financial issues will be limited to issues that are related to Information Technology. Therefore, the potential risks are: disaster recovery, auditing and security (OBerry, 2010).
McBride normally provides its own service to process information as well as to acquire information from other companies. To that effect, its services and operations might be disrupted if one hacks their information processing system. The risks here are: interruption of services to McBride and its customers, disruption of operations at the time of disaster; and financial loss (International Narcotic Control Strategy Report, 2009). These disasters are likely to occur in the company because it uses service bureaus and has data centers that are in-house. Nowadays, the corporate structure of McBride has extended rapidly because of information technology, that is, it encompasses operations, like national telecommunications, central computer processing, local area networking (LAN), distributed processing, and end-user computing(OBerry, 2010). Critical services are often represented by these operations to McBride and its customers. The continued interruption of these corporate operations charades a significant risk of fiscal loss and could result to the failure of McBride Financial Services. Therefore, the company requires putting emphasis on the institution but not just focusing on computer operations that are centralized (OBerry, 2007).
Information processing services can be provided to McBride Financial services by many service bureaus. As a result, the operation of the business could be impacted if the processing capabilities of any one of these service bureaus are disrupted. Accordingly, it is important for McBride to have disaster recovery planning, so as to address the risks that are linked to the comprehensive interruption of corporate operations (International Narcotic Control Strategy Report, 2009).
Security, in this context, refers to measures that are taken by McBride Financial Services for the purpose of confidentiality and privacy of their information and critical data (OBerry, 2007). Security plays an important role with regard to the achievement of McBride. While administering their day to day business operations, the company normally comes across with different types of information that can be either external or internal in nature. These encompass: logistics data; financial data; marketing and sales data; customer data; and operation data that is related to information. If it cannot maintain these data properly, McBride Financial Services will automatically experience serious risks, which could impact the normal operations of the corporate (OBerry, 2010).
Typically, the two kinds of security risks that are likely to be faced by McBride are: access threats and identity threats. As a result, the company ought to oversee the ease of access to important data, and use falsification or fraudulent measures to minimize the chances of financial fraud being committed in the business. To safeguard their data, McBride will require assistance of consultancy firms in data protection, which offers high-tech data protection techniques and tools (International Narcotic Control Strategy Report, 2009).
Auditing of the McBride Financial Services is usually internal and external. The company has retooled its internal audit program so as to deliver a SXX-strength, fully coordinated, risk-managed and regulatory compliant approach. The business is dedicated to attain customer satisfaction by providing a consultative, timely, and cost-effective service (International Narcotic Control Strategy Report, 2009). Through auditing, the company can have external attacks as they well-know how to interfere with systems of the company, and the McBride ropes. Moreover, external auditors have experience in working inside financial-regulatory age and banks thus can easily interfere with their machines (OBerry, 2010). The corporate ought to manage its risks by using AuditOne, an internal audit, custom-designed program that has been implemented to meet the customer satisfaction, as a part of operational/risk evaluation program or securing the techniques to prevent external and internal attack and meet information security measures (OBerry, 2007).
b) The use toxic chemicals in the vicinity of the business by manufacturing processes industrial solvents
Toxic chemicals such as nickel, cadmium and chromium induce a chronic risk to the ambient environment; this is true accidental release of chemicals that are hazardous, like chlorine (Manju, 2008). The manufacturing industries ought to understand the wider context of IRA (integrated risk analysis). It has been noticed that if BRF (background risk factors) are included in IRF (individual risk factors), which are related to the manufacturing industry, and which may notably change the planning and siting policies of that firm. Thus, toxic chemicals ought to be used in the vicinity of manufacturing industries so as to control the probable risks, that is, the individual risk factors and the background risk factors (Gurjar, 2008).
In manufacturing industries, as Gurjar and Manju (2008) assert, the workers can be exposed to toxic chemicals. Some of the employees may not access work-related health professionals, and thus not familiar with toxic chemicals. For example, individuals who work in body shops and auto-repair can be exposed to solvents (such as neurotoxic and/or carcinogenic). Furthermore, exposure of toxic chemicals ought to be controlled by manufacturing industries because they may extend to customers (Gurjar and Manju, 2008). The use of toxic chemicals ought to be in the vicinity of manufacturing industries so as to develop regulations. These regulations are: Hazard identification which aims at giving employees with chemical-identity information; and private treatment for identity of the toxic chemical.
c) The use of blue print machines
A blueprint, as Mike (2009) explains, simply refers to any plan that is comprehensive. It is a kind of paper based reproduction that is typically of an engineering design, a drawing that is technical, and/or architecture documentation. The process of using a blue print machine is in essence the cyanotype process (Mike, 2009). This means that the paper is coated with a photosensitive compound, which encompasses potassium ferricyanide and ammonium citrate. If the compound is exposed to strong light, it can be converted into Prussian blue, or blue-ferric ferricyanide, which is insoluble. Those chemicals that are soluble will be washed-off with water and a light stable print will be left. Offset printing and printing proofs are usually produced by similar processes. Blue print machines are normally used in rolling stock, ship-building and manufacturing railway steam engines. The material that is coated and ready for use has a shelf-life of three days (Mike, 2009).
The practice includes using an India ink to draw on tracing cloth or tracing paper, so as to have a wooden-frame that has a spring-loaded back. The tracing and the coated paper will put on a frame (in indoors) before they are later exposed to sunlight. The blue image could be noticed by the operator through the tracing (Mike, 2009). The risk here is that when ready, the frame will be brought inside, and in order to remove the coating that was unexposed, the material will be washed in running water. This material has compounds such as potassium ferricyanide and ammonium citrate, which are harmful to human health. Therefore, modern blueprint machines should replace traditional blue print machines. For example, white prints or diazo prints that have blue-lines on a background, ought to supplant cyanotype blueprint. Moreover, a digital file can be transferred directly by use of Computer Aided Design (CAD) technology to a plotter or a printer. Also, large format scanners can be used to digitize an image that can be printed using a large format plotter (Mike, 2009).
d) Public transportation facilities to handle the carriage of dangerous or hazardous substances, which could be involved in major accidents
In the field of CCS (Carbon Capture and Storage), an important issue is safe transportation of carbon dioxide Jeffrey (2008). If a high pressure transportation facility leaks, it can be a danger to persons and may result to environmental damage. This will depend on the concentrations of CO2 achieved and the amount of CO2 that is released to the atmosphere. With regard to risk assessment, Gaussian model is used to undertake the atmospheric dispersion of gases. The preliminary point for the Gaussian model calculation is a static carbon dioxide cloud, which avoids the initial dispersal phase that involves the jet. During the transportation of CO2 using high-pressure transportation facilities, any CO2 leak that is significant would at first, be at a terrific speed, with swift entrainment of air. This will give an early dispersal of the gas, which depends on the rate of flow. Also, a CFD model can be used in situations where the modular transportation system looses. This is a risk assessment because it will enable the initial jet to be modeled explicitly (Jeffrey, 2008).
e) Potential targets of criminal activity
White collar crimes are usually carried out by organized criminals. Examples of white collar crimes that are likely to occur to McBride Financial Services Company are: tax fraud and false accounting; corruption and bribery; phishing; insurance fraud; embezzlement; credit card and cheque fraud; and corporate identity fraud. As Bolan (2008) assert, money laundering is increasing among businesses. The proceeds of white collar crimes are usually laundered by financial institutions such as McBride. According to Ross and Sherman (2009), criminals use mortgages more often as a way for money laundering. For example, a criminal can obtain the spurious documentation that is used to prop up mortgage applications on a forged or fraudulent basis.
When awarding contracts as Bolan (2008) puts it, businesses such as McBride can be susceptible to money laundering, that is, when they advertise various assignments together with jobs for tender, those contracts will automatically underbid by bogus companies. Considering last year alone, 10 percent of businesses were victims of corporate identity theft, whereby, the target criminal uses web services and counterfeit products (posing as official) to steal a business brand or name. For instance, if a company moves its offices, the buildings are usually left behind with a build-up of financial material. This information can be used by a fraudster who will portray him/herself as legal business, which he/she uses to carry out money laundering or nefarious activities. Also if a fraudster accesses the documentation of the company, he/she can forge cheques and/or bank drafts which he/she then uses to settle his own bills (Sherman, 2009).
Most organizations have been victim of phishing, that is, a fraudster attempts to acquire clients and/or customers personal detail through e-mail. For example, criminals use fishing to convince customers to disclose their clandestine information, like PIN numbers, credit card numbers, and account numbers. The gang then tries transferring money out of the account of the customer to offshore destinations (Ross, 2009).
f) Potential targets of terrorist activity (such as government offices, law enforcement agencies, politically sensitive business)
According to International Narcotic Control Strategy Report (2009), suspicions of terrorist backing as well as revenue commissioners ought to be reported by those businesses that are regulated. For example, all white collar crimes ought to be reported by company auditors. That is, a corporate ought to report if it suspects that a customer or client is either amassing funds for a terrorist act or a terrorist group, or else, the corporate could be found culpable of the offence. As McBride (2007) puts it, business individuals are being arrested in circumstances where they deem themselves within the jurisdiction of the criminal law.
McBride Financial Services ought to report those transactions that look suspicious and that are associated to terrorist activity to FinCEN (Financial Crimes Enforcement Network), which will assist to ease the instantaneous transmittal of the information to law-enforcement. A legalized recipient of SAR (Suspicious Activity Report) and law enforcement information is provided by FinCEN, with details of an activity that looks suspicious in an accelerated manner. Also McBride may contact government offices, like the local FBI field office with regard to terrorist-associated transactions, which require an instantaneous attention of law enforcement (Sherman and Ross, 2009). Terrorist activity to a business is politically sensitive. For example, if a corporate accuses the software company sells software, which encourages credit-card fraud, it can be taken to court so as to seek legal action. Terrorist activity in financing can be group-based; activity based or country based (McBride, 2007).
Potential risks of businesses in Idaho
The probable risks of businesses in Idaho may encompass the following: employee errors; hackers; application failures; power outages; terrorism; denial of attacks; hurricanes; phishing; fires; corporate identity theft; floods; and tornados (Gregory and Fernanda, 2010).
Major issues to consider
Before a business is set up in Idaho, the corporate ought to consider the most critical issues to the success of the company, that is, the issues that will directly interfere with the ability of the business to gain from commercialization of its techniques (Jeffrey, 2008). Therefore, the major issues are: the aim of the business; the right individuals for the job; the incentives that will inspire the employees of the business to perform; the assets that are needed for the business to be successful; how the business will be managed; and the companys exit strategy. Moreover, the ethics and compliance issues that one needs to put in mind when doing business in Idaho includes: corruption; freedom of speech; transparency; state monopolies; and supply-chain ethics (Fernanda and Gregory 2010).
Recovery procedures that can be recommended for these situations
Most corporate, IT executives, CFOs managers, and risk managers have comprehended that it was not enough only to recover data, computer systems and networks. It was evident that a disciplined-approach that could recover systems and data, as well as, business manpower, processes, and facilities was needed to maintain and reinstate critical functions (OBerry, 2007). The first recovery procedure is risk assessment, that is, one ought to define and identify the critical systems and processes of the business. Then, they will be evaluated for vulnerabilities, and the necessary steps that are required for recovery and reinstating will be identified. More so, one should back-up data to separate locations that are secure. Storage solutions such as managed storage, storage-area networks, network-attached storage devices, data replication systems and new virtualization systems ought to be evaluated (OBerry, 2007).
Providers of telecommunications should receive much attention to make sure that they tested and developed contingency plans, and have built redundancy and diversity into their networks. Real questions on the losses and impacts of the corporate, which may lead to interruptions, may be driven by risk assessment. Nonetheless, the company ought to identify key records, functions and processes of the business, and the critical impacts of the mission. At this moment, recovery time frames that are acceptable, together with resource requirements will be determined. For the business to attain its time, cost and reliability to recover its objectives, it should assess a variety of recovery strategies. While assessing options, the business should include personnel, physical, regulatory, technological and legal considerations (International Narcotic Control Strategy Report, 2009).
The market plan for McBride Financial Services is an effort to assist it to achieve its expansion goals. As a result, it can be vulnerable to risks which might have an effect on the operation of the corporate. Therefore, it is necessary to prepare a risk assessment for the management team of McBride in Idaho. This will assist to identify the probable risks that can affect the company, which are mainly issues related to IT, and they encompass: disaster recovery, auditing and security. While preparing the risk assessment the paper considered: the use of toxic chemicals; use of blue print machines; transportation of dangerous substances; potential targets of criminal activity; and potential targets of terrorist activity.
The potential risks of business in Idaho may encompass employee errors, hackers, application failures, power outages, terrorism, denial of attacks, etc. The major issues to consider are mainly ethical. The recovery procedure that one can recommend in this situation is planning (data recovery and contingency). Planning the continuity of a business can be time consuming and expensive. Although, losing the systems, functions, and processes of the business, as well as, financial data, the company and customer can be overwhelming. As a result, a corporate ought to put up a plan, train and test the plan more often.
OBerry D (2010): Marketing Plan for McBride Financial Services. Accessed on 5th February, 2010 from:
Bolan K (2008): Gangsters ride at 4 star auto lease, Vancouver-terrorist
Gregory U and Fernanda A (2010): Ethical and Compliance Issues to Consider for doing business, Global Integrity Report. Accessed on 5th February, 2010 from: http://business.in.com/article/thunderbird/compliance-and-ethical-issues-to-consider-for-business-in-vietnam/8672/1
Gurjar B and Manju M (2008): Integrated risk-analysis for chronic and acute exposure to toxic chemicals, Atmospheric Chemistry. Accessed on 6th February, 2010 from:
International Narcotic Control Strategy Report (2009), US Department of State, February, 28, 2009
Jeffrey H (2008): Issues to consider-Mitigating Risk with Planning. Accessed of 5th February 2010 from: http://www.eric.ed.gov/ERICWebPortal/custom/portlets/recordDetails/
McBride L (2007): White Collar Clampdown, Sunday Business Post, media.
Mike W (2009): Cyanotype- the art, history and science of photographic printing-Prussian blue
OBerry D (2007): Business Disaster Plan Idaho, Disaster planning tips and tools, Florida. Accessed on 6th February, 2010 from: http://articles.directorym.com/Business_Disaster_Plan_Idaho-r959978-Idaho.html
Ross B and Sherman W (2009): Worlds top banks laundered money, NY Daily News
Need an essay? You can buy essay help from us today!