Author Archives: erictse2
TSE and TSE Consulting
Security Model for Social Media and Mobile Devices
I would like to ignite industry leaders can ignite the public awareness of Security Model for Social Media and Mobile Devices.
Recent years there have been increase usage of social media and mobile devices. And there have been big increase in track records of cyber harassment, some are personal, systematic, organizational, commercial and COMMUNITY wise. Organizations take advantage and exploit features or loop holes of many web 2.0 features and mobile devices, for example systematically feeding emotional triggers, spreading hate, stalking (Monitoring) and integrating harassment.
While debating if we should use or ban social media, I think a better and more complete security model (architecture) should be implemented at different levels. I am aware there have been some features in social media application, but obviously this is not sufficient. I am not sure what exactly should be done. Industrial and social leaders should be responsible taking actions.
What I can think about now are.
– explicit use cases on explaining how cyber harassment and cyber bullying
– legal amendments such as anti Social Media Harassment Act
– features implemented the model (such as emotional triggers filter on feeds, granular security control) within social media and mobile applications.
-best practices, education and guidelines for user to protect themselves
– legal enforcement to address people and organizations to break the act
– health and technical support or resources to people who are vulnerable to attacks. – Integrate technical, health criminology knowledge in order to provide support.
– Monitoring, Governance and ethical enforcement on Social Media Service Provider Security
– Make people and organizations who attack visible to victims and public
Since I am a small potato, I am urging leaders who are more influential can lead this movement.
Eric Tse, Richmond Hill, Toronto
Tse and Tse Consulting -Security, Identity Access Management, Identity Access Management Toronto, Solution Architect, Consulting
Linkedin ID: hfetse@hotmail.com
company email: tsetseconsulting@gmail.com
My Company Web Site http://tsetseconsulting.webs.com/index.html
Company Blog https://tsetseconsulting.wordpress.com/
Company Blog 1 http://erictse2.blogspot.com/
Facebook Company Page http://www.facebook.com/tsetseconsulting
Access Identity Management FAQ 2012
Access Identity Management FAQ 2012
|
||
Charles Schwab Future Strategies
Charles Schwab Future Strategies
Greg Morris and Hiu Fung Tse
MET AD 741 – Team Research Paper
June 17, 2012
Abstract
This paper proposes new directions to what the Charles Schwab organization should take as it moves into the second decade of this millennium. The paper first analyzes external business environmental changes in the past decades. This includes market segmentation changes, change basis of competitions, change in fee and services. Then the paper proposes some high level strategies Charles Schwab should take to adopt the changes to push the business forward. Strategies include: 1) Enable Direct Investors – Target Market to Youth and Self Serve Nature; 2) Reduce Fees to Adopt the Elastic Market; 3) Mobile Technology for Independent investors; 4) Mergers and Acquisitions to Extend Technology Platform and Integrate Platform to New Market Segment; and 5) Scaling Customer to Fine Tune Differentiation Among Different Customer Classes. By adjusting and fine tuning its business model, according to the proposed strategies using an innovation process and marketing concepts, we are looking forward to seeing Charles Schwab face challenges and dynamic market shifts in the second decade of the millennium.
Market segment analysis introduction
Charles Schwab showed great innovation and growth in the prior few decades in the financial investor market segment. When a large market share was controlled, around 2002, Charles Schwab started to squeeze its less wealthy clients by raising fees and transaction charges on smaller-sized accounts. This caused some customers to defect to discount brokerages such as Ameritrade, E*Trade and TD Waterhouse that had grown up during the dotcom boom. Indeed, there had been tremendous growth and consolidation among the discount broker segment. In just the fourth quarter of 2005, mergers in the discount broker segment affected 3 million accounts and nearly half a trillion dollars in assets. Competitors were becoming better able to compete with fully services firms. Charles Schwab was facing more formidable competition especially at the discount transaction-oriented customer segment. (Barnett and Mauldin, 2006)
Change in market behaviour and competition basis
The most significant change to occur at Charles Schwab over the past few years was its source of revenues. In 2000, 50% of Charles Schwab’s revenue came from trading activities and 27% from asset-based fees. Things changed by 2005 and by that time, 79% of Charles Schwab’s revenue was derived from asset based products/services and interest. Only 17% came from trading revenues. The shift away from dependence upon trading revenue allowed the company to drop its trading commissions. This is a positive trend for Charles Schwab because the market is changing.
Change in Fees for Services
In 2012, the Financial Services Authority will be banning the paying of commission to giving advice. The financial advisors would have to develop a few schedules that would be directly related with the investors (Ross, 2009). This does remove expenses that Charles Schwab would have to pay for commission allowing them to further lower the prices of the of the trading activities. However, there is a downside because the financial investors will now be independent. Also, with the most stringent qualifications that will be required the Ernst & Young is expected the 35,000 advisors to shrink to 20,000 (Ross, 2009). Because the fees are being passed directly to the consumers, some customers will refuse and want to buy direct from the financial institution. Charles Schwab will need to make this process as painless as possible.
Strategy 1 Enable Direct Investors – Target Market to Youth and Self Serve Nature
Pure self-directed investing is “a very teeny market”. The key to this company’s continued growth, and to really becoming finances Wal-Mart, is to get people to think of Charles Schwab as the best place to go for investment expertise. Since fees are being changed on the advisor side, Charles Schwab wants to make sure the fee structure is simple and transparent. Also some of the customers will not want to pay advisor fees and will become direct investors. In the time of change, Charles Schwab will need to build a trust with their clients (Warwick-Ching, 2009). When the financial recession occurred clients began to pay more attention to the charged fees. A straight forward schedule that clients can understand will help build a comfort level with clients and invest directly without an advisor. Working with the self service customers a target market will need to be validated with market research. The trends of this market and competitor offerings will need to be examined. Charles Schwab will want to not only meet the basic needs but also the unstated customer needs (Leybourne, 2012, Lecture 5). With the shift in market, Charles Schwab will want to base their basis of competition on convenience to the consumer (Leybourne, 2012, Lecture 3)
Fidelity has been able to grow to one of the biggest 401k administrators. 401k investors are commonly direct investors and this market is a large potential growth sector for Charles Schwab. The reason for this growth was because customers get access from their employers. Charles Schwab will want to work on getting access to these companies and overtake the large competitor. The employees that would be given access will be direct investors. A number of these investors will be younger and would start with smaller sums of funds but it will prove profitable with a large number of individual investors (Gibbs, 2010). Charles Schwab has begun work on these products but will need to continue to innovate to obtain these low maintenance direct customers.
Strategy 2 Fees to Adopt to Elastic Market
However, some customers will not come direct. To better compete in this segment of business Charles Schwab completely revised their approach, cutting trading fees on average by over 50%. Trading commissions continued to be a shaky source of revenue in the industry; for example, in October 2006, Bank of America began offering free trading to customers who kept a minimum balance of $25,000 in combined checking, savings or CD accounts at the bank (Bank of America). With the clear fee schedule being instituted, Charles Schwab should consider a flat charge and introduce performance related fees. Performance related fees would be harder for existing companies to develop as the cost base and could lead to competition from start-ups (Warwick-Ching, 2009). Charles Schwab will need to have agile and not fear the change of acting like a start-up. By using this technique, Charles Schwab will be able to focus on not only maintaining their market share but also finding growth opportunities within the market (Adams, 2002). With starting this structure now, Charles Schwab would be ahead of the competition. The performance related fees would be difficult to institute but would clients may be more comfortable with fees when they are outperforming the expected return. Similar fees have historically been used in hedge funds (Vincent, 2009). With advisor fees and flat charges likely becoming the norm in the industry, performance fees would create a new revenue stream that would be a win/win for both parties. Charles Schwab will need to work closely with their funds to develop fair benchmarks for the expected returns.
Strategy 3 Mobile Technology for Independent investors
There are new enhancements in technology to help support the businesses of independent registered investment advisors (RIAs). Among the enhancements available for advisors to view at IMPACT, an annual financial industry conference, is a new workflow library that is to be a key part of the Schwab Intelligent Integration initiative. Schwab Intelligent Technologies™, a subsidiary of The Charles Schwab Corporation, is also announcing a new relationship with independent software vendor (ISV) Salentica, which will increase the number of RIA firms that can benefit from Schwab Intelligent Integration.
The focus on technology continues with other new online capabilities on display at the conference including Charles Schwab’s upcoming mobile application for the iPhone™ and enhancements to the Schwab Alliance web site that supports clients of advisors who custody assets with Schwab Advisor Services (BusinessWire, 2011). In 2011, the World Economic Forum concluded there were only about 10% of adult that used mobile financial services and those were primarily payments (2011). There is a large amount of growth with the segment and the alliances with the mobile partners will allow Charles Schwab to continue to be the innovators of integrating technology with the products. Finding new technological methods of integration can also extend the life cycle. As the mobile devices are used it will start with the early adopters before having mass market acceptance (Moore, 1995).
Strategy 4 Mergers and Acquisitions to Extend Technology Platform and Integrate Platform to New Market Segments
Sometimes organizations cannot do everything themselves, and there is an argument that maybe they shouldn’t. Historically, there has been a growing trend towards a focus on what you are good at, and getting others to do the other stuff.
From Charles Schwab perspectives, there are two directions for mergers and acquisitions. One is to extend their technology platform through acquiring companies with new trading technologies. The other is acquiring companies that have different business trading market and integrate their technology platform into Charles Schwab’s businesses. This allows Charles Schwab to have a collaborative network that lets the each part focus on what they do best. It allows a synergistic alliance that is more valuable as a complete product (Leybourne, 2012, Lecture 4). The following approaches are a start to help with the other strategies.
Extending Technologies Platform
In March 2000, Charles Schwab acquired CyberCorp and its subsidiary CyberTrader, a fast-growing online brokerage with specialized electronic trading technology for highly active traders. Also in 2000, Charles Schwab acquired the Chicago-based firm, Chicago Investment Analytics, which developed proprietary stock analysis based on quantitative modeling techniques for institutional clients.
Integrating Technologies Platform into new market Segment
In January 2000, Charles Schwab announced an all-equity deal valued at approximately $2.8 billion to acquire the venerable U.S. Trust. Charles Schwab’s management hoped to leverage the company’s IT assets with U.S. Trust’s high-touch, high-margin relationships. (Burgelman and Meza, 2008)
In January 2004, Charles Schwab paid approximately $340 million to purchase SoundView Technology Group, an equity research firm. Charles Schwab combined SoundView with automated trading technology and market-making functions previously developed by Charles Schwab to create a combined institutional research and trading capacity (Burgelman and Meza, 2008)
These two trends will continue in the second decade. Charles Schwab needs to determine what kind of technologies they would need to acquire that would enhance their user trading experience. These synergistic alliances allow the companies to align their strategies. On the other hand, Charles Schwab needs to determine if there is some potential existing high value trading markets that have not been computerized.
Strategy 5 Scaling Customer to Fine Tune Differentiation Among Different Customer Classes
Charles Schwab representatives were able to offer investors personal advice. Smaller investors with up to $50,000 to invest generally received mass advice, making use of investment tools that were online or otherwise easily scalable. For Charles Schwab retail, that sweet spot was customers with investible assets between $50,000 and $2 million. Accounts with more than $250,000 were assigned a relationship manager.
One key challenge Charles Schwab faced was efficiently and effectively serving clients with less than a quarter of a million dollars in their accounts. The company wanted these customers to feel they were being serviced well and serviced by the firm without the need of an individual representative. This was important because in the investment industry, sales representatives and other financial planners often took some or all of their clients with them when they switched firms or opened up their own investment management practices.
For all of Charles Schwab’s investments in technology and scalable investment platforms, its physical network of branches remained an important part of the business. Most of Charles Schwab’s new assets came in through the branches. The physical locations were important to customers; even younger customers seemed reassured by the physical branches (Burgelman and Meza, 2008).
Conclusion
Charles Schwab has been an innovator for the last couple decades. The product offering is marketed different but the complete investment product is still similar. Charles Schwab is finding new ways to bring sustaining technology instead of disruptive technology to the market (Leybourne, 2012, Lecture 2). As the financial industry, especially fees change Charles Schwab will want to stay on the forefront of the technology and other product offerings. To stay ahead in the future Charles Schwab will need to increase the number of direct investors and see the potential of the youth market. There will also need to be a change the fee structure and they should consider performance fees as the market has become more elastic. Increased use of mobile technology, continued trend of acquisitions, and scaled services for the different customers are additional strategies that will be needed to keep a future competitive edge. With the strategies, Charles Schwab will provide services that will allow them to grow and build a trust with customers.
References:
(2006). Bank of America press release – “$0 Online Equity Trades are Coming Soon”. Retrived from http://www.bankofamerica.com/investing/index.cfm
(2011, November 2). Schwab Talks Technology for Independent Investment Advisors at Annual Conference. BusinssWire. Retrieved from http://www.businesswire.com/news/home/20111102006291/en/Schwab-Talks-Technology-Independent-Investment-Advisors-Annual
(2011). The Mobile Financial Services Development Report 2011. World Economic Forum. Retrieved from http://www.scribd.com/doc/55337266/The-Mobile-Financial-Services-Development-Report-2011
Adams, R. (2002). Big Companies need to Act more like Start-Ups. A Good Hard Kick in the Ass: Basic Training for Entrepreneurs. (pp.237-263). New York: Random House/Crown Business.
Barnett, Megan and Mauldin, William. (2006, July 11). The Right Broker for You. Smart Money. Retrieved from http://www.smartmoney.com/invest/markets/the-right-broker-for-you-19754/
Burgelman, Robert and Meza, Philip. (2008, January 3). The Charles Schwab Corporation in 2007: Fixing and Redefining the Core Business. Harvard Business Review. Retrieved from http://hbr.org/product/the-charles-schwab-corporation-in-2007-fixing-and-/an/SM35C-PDF-ENG
Gibbs, Lisa. (2010, January 14). Charles Schwab is selling advice. Should you take it?.
CNN Money. Retrieved from http://money.cnn.com/2010/01/14/pf/charles_schwab.moneymag/
Leybourne, Steve. (2012). Lecture 2 – Types of Innovation, and their Organizational and Market Challenges. Boston University. Retrieved from http://vista.bu.edu/webct/urw/tp0.lc5116011/cobaltMainFrame.dowebct
Leybourne, Steve. (2012). Lecture 3 – Innovation as Value Creation: Understanding the Basis of Competition. Boston University. Retrieved from http://vista.bu.edu/webct/urw/tp0.lc5116011/cobaltMainFrame.dowebct
Leybourne, Steve. (2012). Lecture 4 – Alliances and Partnerships as a Way to Add Value to Products and Services. Boston University. Retrieved from http://vista.bu.edu/webct/urw/tp0.lc5116011/cobaltMainFrame.dowebct
Leybourne, Steve. (2012). Lecture 5 – Using Market Research Techniques to Add Value. Boston University. Retrieved from http://vista.bu.edu/webct/urw/tp0.lc5116011/cobaltMainFrame.dowebct
Moore, G.A. (1995). Crossing the Chasm – And Beyond. Inside the Tornado Harper Business Essentials. p. 13-26.
Ross, Alice (2009, October 16). Investors set to pay more for advice. Financial Times. Retrieved from http://www.ft.com/intl/cms/s/2/b3d423ce-ba81-11de-9dd7-00144feab49a.html#axzz1x9uyXwbu
Vincent, Matthew. (2009, October 16). Fees shake-up will result in extra sums. Financial Times. Retrieved from http://www.ft.com/intl/cms/s/2/949c01d8-ba78-11de-9dd7-00144feab49a.html#axzz1x9uyXwbu
Warwick-Ching, Lucy. (2009, October 16). Wealth management under fire. Financial Times. Retrieved from http://www.ft.com/intl/cms/s/2/267c8dee-ba82-11de-9dd7-00144feab49a.html
Eric Tse, Richmond Hill, Toronto
Tse and Tse Consulting -Security, Identity Access Management, Identity Access Management Toronto, Solution Architect, Consulting
Linkedin ID: hfetse@hotmail.com
company email: tsetseconsulting@gmail.com
My Company Web Site http://tsetseconsulting.webs.com/index.html
Company Blog https://tsetseconsulting.wordpress.com/
Company Blog 1 http://erictse2.blogspot.com/
Facebook Company Page http://www.facebook.com/tsetseconsulting
Hyundai Touch the Market Case – General Issues and Using Ethnography
Case Summary and Background
General Issues:
Ethnographic approach
Goal and Problem Statement
What Ethnography is
Pros, Cons Limitations of Ethnography (Katz, 2006)
Pros
Cons & Limitations
How Ethnography relates to course concepts
Concepts: “exploration space” & “what job was this product hired to do?”
Analysis
Does Ethnography do a good job at that goal?
Final Remarks: What would Kawasaki or Adams say?
Reference
Case Summary and Background
Hyundai was interested in designing new automobiles that would specifically attract the Gen Y audience, which had historically found the brand to be less-than interesting both from a styling and a functionality standpoint.
What they did: They designed and implemented a Touch The Market (TTM) Immersion, taking key stakeholders and designers (both American and Korea) through a multi-day event that include: 1) Experiential, metaphoric exercises around the concept design. 2) Automotive and non-automotive panel discussions. 3) Digital college campus scavenger hunt. 4) Competitive ride and drives. 4) Group ethnographies.
Each participating team captured these experiences in a competition culminating in a deliverable that included new concept design and features.
The Impact is this TTM approach enabled new vehicle designers to gain a range of highly stimulating perspectives on and emotionally based learning’s about Gen Y, enabling the design of two new vehicles slated for 2012 launch.
General Issues:
Issues it raises includes
– How does a company select one of the customer centric innovation approaches among others- especially at the concept stage?
– How would we know this process developed will really bring the right customer input?
– How can we develop better vehicles, vehicles that better fulfill the needs of the customer?
– What is the true coax and how to get true coax from customer?
– How can we incorporate the Voice of the customer?
– Use and misuse of the ethnographic approach to guiding product development and/or improvement.
– Community-style development, adding non-American participants.
Ethnographic approach
Goal and Problem Statement
In order to help the team gain a deeper understanding of the glamour mom, Hyundai ventured out into where these women lived: their homes, hearts, and world. Hyundai got to know what mattered to them, so that Hyundai could make the Santa Fe more meaningful to them. This type of ethnographic research takes into account that what people say does not always jive with what they think and feel. So Hyundai watched, listened, asked questions, and let people speak freely about their lives. Ethnographic research allowed Hyundai to approach consumers as whole individuals in order to create products that connect them to the Hyundai brand. (Hyundai, 2007)
What Ethnography is
Ethnography is a qualitative research method aimed to at exploring cultural phenomena which reflect the knowledge and system of meanings guiding the life of a cultural group. (Geertz, C. 1973) (Philipsen, G. 1992). It studies people, ethnic groups and other ethnic formations, their ethnogenesis, composition, resettlement, social welfare characteristics, as well as their material and spiritual culture. In the biological sciences, this type of study might be called a “field study” or a “case report”, both of which are used as common synonyms for “ethnography”.(Boaz, Wolfe, 1997)
Pros, Cons Limitations of Ethnography (Katz, 2006)
Pros
– A lot of information can be gained from observing a customer’s environment first-hand
– An oft-cited reason for using ethnography is the belief that many “unspoken” needs exist that, when discovered, can lead to enormous breakthrough innovations—real “game-changers” in industry parlance. Some say that the only way to “hear” these unspoken needs is through observation.
Cons & Limitations
– Onsite interviewing is far more expensive and time-consuming than central-location interviewing.
– To create an affinity diagram and prioritize customer needs, these needs must, at some point, be expressed verbally
– At risk of stating the obvious, there has to be something that is possible and practical to observe or ethnographic research simply does not make sense
– Observation can alter behavior—the so-called “Hawthorne effect.”
– Many environments do not lend themselves to easy recording.
– Many respondents don’t want to be questioned while they are concentrating on the task at hand
How Ethnography relates to course concepts
Concepts: “exploration space” & “what job was this product hired to do?”
It is very difficult to reach the place in our imagination where we can project to what might be or what others might think—but it is important to do this in order to successfully understand products, and what they need to deliver. Many people call this leap to more abstract lateral thinking “thinking outside the box.” It is intellectually challenging, but vitally important. (Unger, Leybourne, 2012)
Sometimes it helps to have some sort of tool to assist in framing our thinking in a different way, and taking us away from out comfortable thought processes. The tool is known as exploration matrix. It’s use is explained in some detail in the Christensen reading “Discovering what has been Discovered: What Job was your Product Hired to Do?” (Christensen C.M. 1999)
Analysis
As innovators, Hyundai can apply ethnography to understand customer needs, using the three steps process.
Step 1: By joining customer regular life activities and events using ethnographic approach, observe and perhaps ask actual customers how they use the product, and what their values and priorities for the product are.
Step 2: Observe and ascertain what else the customers could have used using ethnographic approach, and what the advantage of other products. This identifies the competition, and opens up different social and emotional dimensions of the customer experience.
Step 3: Back to the lower left-hand corner of the Exploration Space Matrix, because solutions and improvements need to be based on what is possible
Does Ethnography do a good job at that goal?
The goal as stated is to gain a deeper understanding of the glamour mom. The direct measure would be how mid age woman customers are satisfied with the design of the car and what are the sales figures of the car related to mid age women. There is a lot of good feedback about how the TTM. However there are not too many information on how much TTM is using ethnographic approach to gather requirements for ladies. Also there are sales figure related model but not specific to woman. However this seems to help based on the assumption that woman are not as good as man in terms of expressing their true feelings verbally. This ethnographic approach on woman implies sexism and may not be a politically correct measure.
Final Remarks: What would Kawasaki or Adams say?
Kawasaki: Build crappy cars that fulfill all the customer fantasies (Safety can be tested in beta testing).
Adams: Do not assume you really know your customers until you have ethnographically approached them.
Reference
Boaz. N.T. & Wolfe, L.D. (1997). Biological anthropology. Published by International Institute for Human Evolutionary Research. Page 150.
Christensen C.M. (1999) Innovation and the General Manager Boston, MA: McGraw-Hill Irwin. Section 2.3 – Discovering what has been Discovered: What Job was your Product hired to do? (pp. 169-178)
Geertz, C. (1973). Thick description: Toward an interpretive theory of culture. In The Interpretation of Cultures: Selected Essays (pp 3-30). New York: Basic Books, Inc., Publishers
Hyundai. (2007). “Hyundai uses ‘Touch the Market’ to Create Clarity in Project Concepts”. Visions Magazine, June 2007
Katz. (2006). Viewpoint, The truth about ethnography. PDMA Visions MAgAzinE
Philipsen, G. (1992). Speaking Culturally: Explorations in Social Communication. Albany, New York: State University of New York Press
Unger, Leybourne. (2012). MET AD 741 Lecture Notes, Boston University
Eric Tse, Richmond Hill, Toronto
Tse and Tse Consulting -Security, Identity Access Management, Identity Access Management Toronto, Solution Architect, Consulting
Linkedin ID: hfetse@hotmail.com
company email: tsetseconsulting@gmail.com
My Company Web Site http://tsetseconsulting.webs.com/index.html
Company Blog https://tsetseconsulting.wordpress.com/
Company Blog 1 http://erictse2.blogspot.com/
Facebook Company Page http://www.facebook.com/tsetseconsulting
NTT DoCoMo Case
Introduction and Background
DoCoMo not only demonstrates the power of marketing analysis and marketing techniques as they are applied to the introduction of technology, but they also illustrate the power of “re-framing,” or thinking about problems and opportunities differently which defines the essence of a product or service differently (Unger, 2012).
Accomplishment and Strength
DoCoMo aims at “reframing,” or creatively re-defining the “frame of reference,” or the way in which a set of criteria or dimensions of a technology, product, or service should be perceived, understood, or appreciated. This includes, most frequently, the dimension in which a specific target (i.e. customer or group) the product or service is intended for (Unger, 2012). As Christensen’s Product Exploration Matrix suggests, this proves beneficial more broadly as it is typically consistent amongst viewing product and service features (Christensen C.M, 1999).
Additionally, the NTT DoCoMo reinforces the theme of the fashion in which partnerships and alliances can extend the value of products as well as emphasises the importance, especially in a fast moving industry, of accurately understanding, at all times, the basis of competition in a product category (Unger, 2012).
NTT DoCoMo enables ideas and concepts, when carried out correctly, to be embraced by a particular market segment, leading to explosive growth over a very short period of time. DoCoMo contains the origins of many “smart phone” features in mobile communication that we often take for granted and see today regular mobile products. (Unger, 2012)
NTT DoCoMo applies the DICCE concept to market their products. Deep, Indulging, Complete, Elegant and Evocative, or DICCE, is a powerful marketing tool (Kawasaki, 2000). This tool involves the lifestyle factor of the target market, enforcing the idea that consumers will purchase a product because they want to either be different or because they want to identify with a group, or “tribe,” of similar consumers. NTT DoCoMo, appealing to this natural human desire, constantly attempts to have their products as or more popular than the latest and trendiest mobile phone. They use the I-mode system, providing unique and extraordinary user experience to target audience, in order to achieve this (HBS, 2002).
Limitations
Cultural and natural human issues involved in doing innovation at traditional bureaucratic organizations may plague DoCoMo , but they demonstrate how to overcome these hurdles. For example, in traditional Japanese companies, one is supposed to hire from within; however, the CEO of DoCoMo hires two executives from the outside that have wireless internet business experience in order to lead marketing and innovation.
Additional issues involve attempting to assimilate the concepts of one country (Japan) to different country. For example, most overseas operators are extremely reluctant to relinquish control over content to third parties, making it harder for overseas carriers to adopt the i-mode model. There were also differences in consumer behaviour. The team has been working with foreign telecommunication partners in order to bring the i-mode model to U.S. and European markets. On the other hand, they are adopting different marketing strategies for other international markets.
In 2002, DoCoMo faced some challenges regarding the use of “FOMA” (e.g. third generation or 3-G wireless technology) in their i-mode offerings within Japan. These issues greatly impacted the actual “user experience.” This also implies that a basis of competition is changing for the customers that they have targeted.
When and What was Relevant/ Irrelevant?
NTT DoCoMo market contains, though containing many trend changes, one main trend change in particular. The NTT DoCoMo case initially leaned towards marketing their products to business users exclusively. This was considered as irrelevant; however, the information that started to accrue indicates that the youth market began to engage with the product, resulting in a change of focus. To make such change, one needs information, exhibiting just how powerful the correct information can be.
DoComon’s Current Situation
NTT Docomo, accumulating more than 53 million customers as of March 2008, more than half of Japan’s cellular market, the company provides a wide variety of mobile multimedia services. These include i-mode, which provides e-mail and internet access to over 50 million subscribers, and FOMA, launched in 2001, which was the world’s first 3G mobile service based on W-CDMA (nttdocomo.com, 2012).
In addition to wholly owned subsidiaries in Europe and North America, the company is expanding it’s global outreach through strategic alliances with mobile and multimedia service providers in Asia-Pacific and Europe. NTT Docomo is now listed in the Tokyo (9437), London (NDCM), and New York (DCM) stock exchanges (nttdocomo.com, 2012).
History and It’s Impact on Japanese Innovation
Ultimately, DoCoMo’s i-mode is far more than only a successful mobile Internet service as it has proven to own a dynamic innovation system that endogenously generates over time significant co-evolving innovations in content, customer tastes and preferences, and applications, enabling technologies and formation of organisations. As such, it is appropriate to include DoCoMo’s i-mode system with other key Japanese systemic innovations that have shown wide-ranging impacts, such as the just-in-time system of production (Fransman, 2002).
Reference
Christensen C.M. Innovation and the General Manager Boston, MA: McGraw-Hill Irwin. Section 2.3 – Discovering what has been Discovered: What Job was your Product hired to do? (1999): pp. 169-178.
Fransman, Martin. “Explaining the success of NTT DOCOMO’s I-MODE wireless Internet Service
HBS 9-502-031” (July 2002).
Kawasaki, Guy. “Don’t Worry Be Crappy?” Rules for Revolutionaries. (2000): Chapter 2.
“Company History | About Us | NTT DOCOMO Global.” Company History | About Us | NTT DOCOMO Global. Web. 29 May 2012. .
Unger. Lecture 6, course MET AD 741, Boston University. (2012).
Eric Tse, Richmond Hill, Toronto
Tse and Tse Consulting -Security, Identity Access Management, Identity Access Management Toronto, Solution Architect, Consulting
Linkedin ID: hfetse@hotmail.com
company email: tsetseconsulting@gmail.com
My Company Web Site http://tsetseconsulting.webs.com/index.html
Company Blog https://tsetseconsulting.wordpress.com/
Company Blog 1 http://erictse2.blogspot.com/
Facebook Company Page http://www.facebook.com/tsetseconsulting
The Eli Lilly and Co. Case – Innovation in Diabetes Care: What Went Wrong? Why? and What Should the Next Step be?
The Eli Lilly and Co. Case – Innovation in Diabetes Care: What Went Wrong? Why? and What Should the Next Step be?
As a company, Eli Lilly may have achieved more success had they read chapters two and nine of Adams’ “ A Good Hard Kick in the Ass: Basic Training for Entrepreneurs.”
Background
Despite efforts of high investment to maintain it’s dominant position as an insulin manufacturer, the company began to see it’s worldwide position weaken. To add to the devastation, Lilly missed several waves of innovative opportunities within the diabetes care market. At the time of the case, Lilly was engaged in a determined effort to strengthen it’s position in insulin and grow beyond that single product, exploring alternative products and services (Unger, 2012).
Mistakes
Eli Lilly dropped in overall market share in diabetes care from 1980 to 1995 (Christensen C.M., 1996). What mistakes did Lilly make in its product and service initiatives, and why did this happen? Is Eli Lilly & Co. talking to the right persons or groups to determine what product features or advancements would be most appreciated by the “diabetes related market?”
Lily launched three innovative insulin products: the “Insulin pens”, “Match” and “Humulin,” all priced premium in comparison to your traditional insulin and/or insulin delivery syringes (HBS, 2004). Unfortunately, Lilly’s tendency to invest significant amounts of funding into commodities proved to be one of leading factor in Lilly’s decreasing market share. Usually, a customer will become more price sensitive if satisfied with a certain commodity; therefore, the buyer is less likely to purchase the product without some sort of substantial gain (Anthony Romano, date).
Additionally, Lilly and Novo launched several of the same products simultaneously in a race to place first in the market. This marketing assault of new products outweighed customer demand, presenting yet another downfall (Christensen C.M., 1999).
Lastly, the behavior of a majority of the patient population towards the treatment and care of their diabetes shifted, becoming substandard by patients determining their own ways of therapy. In order to utilize insulin pens, patients must effectively monitor and administer multiple insulin shots daily. Though it may be an arduous and lengthy process for all parties, putting forth efforts that will change the behavior of this majority could prove successful in repairing the damage that has been done.
Lily appears to avoid speaking or listening to the appropriate group of individuals that can significantly improve their positions by determining products and featuring advancements.
Lessons Learned & Next Steps
What should we learn from this case? Should Adams’ way be our model?
Lesson Learned 1: The Shifting Basis of Competition – Develop a Sense of Pain
While other companies are constantly developing and introducing new products and services, along with making incremental improvements to existing ones, Lily refuses to play on on a static competitive space.
Adams, discussing “customer pain,” suggests that Lily ought to put themselves in the shoes of potential customers to “develop a sense of their pain” (Adams R, 2002). This way, Lily can obtain the knowledge necessary to release products that are of high customer demand.
Lily should be looking for wicked, brutal, vicious, hideous pain amongst potentials – the type of pain that makes people want to fix their situation immediately.
Lily should ascend the market-validation pyramid by practicing the following, step-by-step: Lily must lay down the groundwork by: verifying the pain around the problem, along with a likely market, using secondary research (i.e. the internet, analyst reports, the industry press) in order to discover market data, market size, and direction of market trends.
Stages:
ñ Stage 1: Explore the pain. Use questionnaires to do quantified market research which will in turn uncover the target market. Then:
◦ Perform customer interviews to locate the greatest pain.
◦ Create a heat map to visually represent where the worst pain lies.
◦ Generate several hypotheses about target markets.
ñ Stage 2: Envision the solution. Test the target market hypothesis found in Stage 1 against a set of quality influences. Then:
◦ Develop and sharpen a presentation and product prototype.
ñ Stage 3: Establish credibility. Evoke excitement in leverage influencers (thought leaders, analysts, consultants, and editors) about your company, product, and prospects.
Lesson Learned 2: Explore new opportunities
Undoubtable are the difficulties that may arise if Lily were to change their way of thinking, transcending normal patterns of thought, as they have historically been consistant in their ideas about what can be made possible. This fact makes reaching that place in Lily’s imagination in which they hold the power to predict customer desires, but, despite this obvious hurdle, understanding of potential clientele allows for successfully understanding the products in which they need to deliver.
“Discovering what has been discovered: What Job was your Product Hired to Do?” (Christensen C.M., 1999b).
As much as Lily ought to know what the customers are demanding, they must follow out these steps in order to be successful:
ñ Step 1: Watch and ask actual customers the way in which they use the product, what their values consist of, and what they prioritize, starting with the most important aspects, in the product.
ñ Step 2: Ascertain the advantages of alternative products that customers could have opted for. This will help to identify the competition and open up different social and emotional dimensions of the customer experience.
ñ Step 3: After product requirements have been identified, back track to the lower left-hand corner of the Exploration Space Matrix because solutions and improvements need to be based on what is possible (Christensen C.M., 1999b).
Lesson Learned 3: Validate Markets
Lily only has a one-time snapshot. Losing your edge is the first step to becoming dead meet, so one must keep implementing effective ongoing strategies for assessing customers and their needs in order to validate the market again and again. Never stop focusing on the customer! (Adams R, 2002).
Reference
Adams R. (2002) A Good Hard Kick in the Ass: Basic Training for Entrepreneurs New York: Random House/Crown Business
Christensen C.M. (1996) Eli Lilly and Company: Innovation in Diabetes Care Harvard Business School Publishing, Boston, MA 02163
Christensen C.M. (1999) Innovation and the General Manager Boston, MA: McGraw-Hill Irwin. Module 2 – Finding New Markets for New and Disruptive Technologies. (pp. 95-102)
Christensen C.M. (1999b) Innovation and the General Manager Boston, MA: McGraw-Hill Irwin. Section 2.3 – Discovering what has been Discovered: What Job was your Product hired to do? (pp. 169-178) (eReserve)
HBS 9-696-077 (April 2004). Eli Lilly and Company: Innovation in Diabetes Care.
Anthony Romano, (date), Eli Lilly and Company: Innovation in Diabetes Care
Unger. (2012). Lecture 3, course MET AD 741, Boston University
Eric Tse, Richmond Hill, Toronto
Tse and Tse Consulting -Security, Identity Access Management, Identity Access Management Toronto, Solution Architect, Consulting
Linkedin ID: hfetse@hotmail.com
company email: tsetseconsulting@gmail.com
My Company Web Site http://tsetseconsulting.webs.com/index.html
Company Blog https://tsetseconsulting.wordpress.com/
Company Blog 1 http://erictse2.blogspot.com/
Facebook Company Page http://www.facebook.com/tsetseconsulting
Sands
Table of Contents
Pelican Sands. 1
Table of Content 2
Non-Critiquing Evaluation. 3
Critique Evaluation. 6
Action Plan (Fixing the Problem) 9
References. 12
Pelican Sands
Often, different executives express different opinions about the same incident. Usually, they all make good points, since they are experienced professionals. This paper will focus on differing executive responses to a critical situation: the wrong dispatch of produce. (Please refer back to the simulation for this incident)
The Wrong Dispatch of Produce
A logistical problem can lead to a wrong dispatch of produce, which then results in an operational crisis that requires immediate attention. Different executives have diverse solutions to this problem.
Observations
Table 1
Opinion from different Executives
| Executive | Choice | Resulting Newspaper Story | Cost |
| COO | Recall some produce and reroute the rest. The best option is rerouting the shipments. Although it may be time-consuming and costly, this is the best way to keep our daily delivery promise. If we accept this idea, I can implement the plan within two hours. | CVN leaves some stores off its routes. Uneven availability at CVN stores leaves customers annoyed. | 2.15M |
| CFO
|
Allow the franchises to decide. Financially, it is best to trust our franchises and let them decide to sell or withhold the produce. This way, we will minimize our losses without either ruining the delivery schedule or the breaking the promise of freshness.
|
What’s up at CVN? Why is CVN letting your vendors sell rotten fruit? | 0.91M |
| CRO
|
Recall the produce. The risk of not recalling the procedure is too large to go through; it would compromise both the promise of daily delivery and the produce’s freshness. This will be expensive, but experiencing one day’s loss is better than compromising our brand image.
|
No delivery at CVN stores. Empty shelves mock waiting customers. | 0.63M |
| N/A | Do nothing. | N/A | 0 M |
Analysis
Table 2
Analysis from different Executive Opinion
| Executive | Solution | Major Issues of Concern | Strengths of the Solution | Possible or Actual Advantageous Results |
| COO
(0.91M) |
Recall some produce and reroute the rest. | Retain delivery promise. Minimize the effort required to implement a solution. | It is easy to implement, and it costs less money than some alternatives.
From an operations perspective, our most important concerns are operation effectiveness, the supply chain, and customer happiness. |
With this solution, we can still accomplish most of the deliveries, although some will be inconvenient. This solution also tries to mitigate our losses.
Although the customers may be slightly upset, they will remain content overall if they still receive their deliveries. |
| CFO
(0.63M) |
Allow the franchises to decide. | Reduce losses and save money. | This is the most cost-effective solution. This solution allows timely delivery and could preserve the food’s freshness.
From a CFO’s perspective, costs and profits are the most important concerns. |
This solution mitigates current losses and minimizes the expenses otherwise needed to respond to the crisis. Consider how much the other approaches will cost and how much profits they will sacrifice.
The customers will still be content, because they will still receive their deliveries. |
| CRO
(2.15M) |
Recall the produce. | Protect the brand image. | This solution best protects the brand’s reputation. Organizational reputation and product brand name influences overall corporate value (Carroll 2012a).
From an integrated risk management point of view, overall brand value is relatively more important than anything else (Barton 2007). |
This solution will save the brand. It could even generate positive public relations; customers will think we are willing to sacrifice our earnings in order to protect our brand’s reputation. |
The rest of this paper will assess the COO’s suggestion—recalling some produce and rerouting the rest. This solution is easy to implement and relatively inexpensive. Further, it keeps the delivery promise, at least partly, and it avoids wasting food.
Critique Evaluation
Table 3
Critique from Different Responses
| Solution | Ignored or trivialized considerations that limited or flawed the solution | Ignored or underrepresented risk-related groups and possible impacts | Origins and validity of primary concerns | Flawed perspectives or directions | |
| COO
(0.91M) |
Recall some produce and reroute the rest
(Selected Decision)
|
– Overall company risk
– Marred brand image or reputation – The impact of criticisms from the press and mass media – Loss of food freshness after the reroute – Retention of long-term customer satisfaction |
– Market risk
– Supply chain – Brand image and reputation – Public relations – Operation silos (not integrated) – Customer satisfaction and loyalty – Overall company value |
– Market risk: Freshness and quality are marketing variables
– Press or mass media speculation: Exaggerations could ruin the company – Customer satisfaction and loyalty: Customers could feel slighted and refuse to buy the brand anymore |
The COO merely considered operational ease, financial factors, and accounting indicators, ignoring the fact that market value and customer satisfaction play important roles in the company’s overall value. The COO emphasized a short-term turnaround, forgetting about the long term. |
| CFO
(0.63M) |
Allow the franchises to decide (This decision was not selected, but some of its points are also valid for the selected decision)
|
– Overall company risk
– Operational effectiveness (it is unwise to ask local franchises to execute decisions without centralized facilitation) – Long-term customer satisfaction and retention |
– Same as above
– Financial silos (not integrated) |
– Press speculation: The media could call the food rotten, and the whole company could lose value
– Customer satisfaction: People could say the company values its profits over its customers, even compromising product quality – Public respect: People could think the company lies to the public in order to evade problems |
The CFO merely considered financial and accounting indicators, ignoring the fact that market value and customer satisfaction play important roles in the company’s overall value.
The CFO emphasized a short-term turnaround, forgetting about the long term. |
| CRO
(2.15M) |
Recall the produce | – Financial feasibility | – Have taken considerations of financial situations, but still cannot overcome overall company lost
– Risks are somewhat integrated |
– Responsibility: The company is willing to accept its responsibility, regardless of profits lost when solving the problem.
– Customer and service quality: The company cares |
The CRO targeted long-term mutual benefits between the company and its customers by accepting a short-term financial loss. |
Although Table 3 describes many important points, the following sections will focus on three of its most important concepts.
Enterprise Risks vs. Silos Risks
Each of these organizations (finance, operations) is responsible for a focused risk area, essentially working from the bottom upward. Senior management is responsible, from the top down, for all corporate risk issues.Enterpriserisk management (ERM) differs from the traditional, siloed approach to risk; it views risk holistically. ERM incorporates risks from all sources, including anything that could affect strategic objectives, operational goals, and financial targets. It then creates a common risk management strategy, which coordinates individual risk elements into a cohesive approach. ERM is impact-based, targeting a threat against pre-defined objectives (Carroll, 2012b).
Brand Value and Company Reputation
The value of an enterprise has two forms: tangible assets and intangible assets. Intangible assets include expected profits from operations, intellectual property, brand equity, and reputation. These assets are major contributors to the value of the enterprise, and they could be regarded as tangible assets when determining company value (Carroll, 2012a).
To illustrate the importance of reputation or brand equity, consider the impact of brand value on retail value. Customers can buy a two-liter bottle of generic soda for $0.99, but they must pay $1.59 or more for a brand name such as Coca-Cola or Pepsi. This price difference is largely due to the brand’s value and the company’s reputation, not the costs of production. (In fact, the opposite is probably true; Coke and Pepsi products are likely cheaper to produce, considering the companies’ large product volumes, than products of lesser-known brands, which are produced at smaller volumes.) There may be a difference in taste, but, often, this factor alone does not justify the price (Carroll, 2012a).
Brand and reputation equity are paramount for the modern corporation. This axiom has been amply illustrated by the trials and tribulations of the Lehman Brothers, MF Global, Martha Stewart, Marsh, Arthur Andersen, and numerous other companies whose reputations have been dealt severe blows during recent years. Many of these companies have never recovered (Carroll, 2012a).
Marketing Factors
Pelican Sands targets the organic food market. Consequently, marketing segment variables include quality of food, freshness, and organic status. Customers buy Pelican Sands’ products because they think that these products are higher in quality than regular fruits and that eating organic fruits can help them maintain better health. After the crisis, it would appear that Pelican Sands does not, in fact, sell high-quality foods. As a result, the customers would no longer feel that buying Pelican Sands food makes them special. If the company does not handle its public relations carefully and consequently loses its brand value, then customers will turn away from Pelican Sands.
Action Plan (Fixing the Problem)
Table 4
Convince Executives to Take Risk Management Approach
| Choice | How would you convince senior management that they are not out of the woods as yet and in fact may be in deeper? | What evidence would you use to bring this forward? | How would you explain the success(es) cited in #1?
|
| Recall some produce and reroute the rest
(Selected Decision)
|
I would enumerate all possible risks and their impacts.
What if the press said, “CVN leaves some stores off its route; uneven availability at CVN stores leaves customers annoyed”? Or, what if the press said, “What’s up at CVN? Why is CVN letting your vendor sell rotten fruit”? What if the supply chain problems continue happening on a recurring basis? Even though the company did not violate any laws, the public might accuse the company of dumping substandard produce. Customers will not be satisfied, and sales will decrease over the long term. Some people might even suspect a conspiracy. Consumers on the street may continue to be wary of CVN for some time. |
Brand and reputation equity are paramount for the modern corporation, as demonstrated by the trials and tribulations of Lehman Brothers, MF Global, Martha Stewart, Marsh, Arthur Andersen, and many other companies that have marred their reputations during recent years. Many of these companies have never recovered (Carroll, 2012a).
I would emphasize that the current tactic is focused only on the short term; it does not provide any strategy for the long term. I would gather and cite past studies, stories, lessons learned, and experiences. |
I would note the sales figures of similar case studies after a brand image has damaged. The sales may rise in short run but will decrease in the long run.
I would, again, emphasize that the current tactic is focused only on the short term; it does not provide any strategy for the long term. I would hire an external expert to convince the others that we need to do more. I would collect public opinions about the company’s image after the crisis. I would gather and cite past studies, stories, lessons learned, and experiences. |
Table 5
Action Items
| Action | Description | Target Goal |
| Create a public administration program | When a crisis strikes, it is important to maintain consistent communication from the affected organization to the public. The corporate communications department should document all communications to outside parties (e.g., the press) and should disseminate this information to every individual in the organization, thereby ensuring a consistent message. | Reverse and supplement |
| Fix the supply chain | The supply chain bears the initial costs of any shipment mistakes. We need to avoid repeating the same mistakes. At the very least, we should ensure that similar mistakes will not reoccur often. | Prevent |
| Ask the franchises to dump all the food | It is too late to ask the end retailers to return the delivered food, but you can tell them to dump the food themselves. Ask them to dispose of any foods that have known or visible problems. If they cannot determine whether certain foods have problems, they should dump them as well. | Reverse |
Public Relations Program
Crisis media training best practices. The public administration program described in Table 5 needs further elaboration. To run the program successfully, the communications personnel should follow a few public-relations best practices (see also Lerbinger, 1997; Feran-Banks, 2001; Coombs, 2007).
1. Avoid the phrase “no comment”; people think it means the organization is guilty and is trying to hide something
2. Present information clearly by avoiding jargon and technical terms. A lack of clarity makes people think an organization is purposefully confusing its customers in order to hide something.
3. Appear pleasant on camera by avoiding nervous habits, which people often interpret as signs of deception. A spokesperson needs to maintain strong eye contact, limit disfluencies such as “um” and “uh,” and avoid distracting nervous gestures, such as fidgeting or pacing. Coombs (2007) reports that speakers will be perceived as deceptive if they avoid eye contact, use many disfluencies, or display nervous gestures.
4. Brief all potential spokespersons on the latest information about the crisis, focusing on the key message points that the organization wants to convey to its stakeholders.
Public relations program composition. Most organizations, of all sizes, have public relations or corporate communications persons or teams to address public-relations issues. Absent this, someone—typically a senior manager—should be deemed a liaison to the public. After this spokesperson is selected, no one else from the organization should communicate on behalf of the organization, in any form. In fact, no one should communicate publicly at all; whatever is communicated will be interpreted as representing the viewpoint of the organization. Consequently, this is a role best handled by professionals.
This endeavor requires significant planning, which is the responsibility of the continuity professional. The company should establish a formal communications program that identifies internal and external organizations, agencies, and media groups. This program should craft a defined crisis-communications plan for all communications with authorities (local, regional, etc.) and with those affected by the organization’s success during the crisis (e.g., employees, customers, and shareholders).
Written plans are essential; they provide a guideline or structure for ensuring that the public relations program addresses all parties consistently. However, any given crisis may require distinct and specific communications activities, depending on the situation; hence, following a written plan exactly is not always optimal. Nevertheless, a plan provides a framework that can be adjusted for each situation. Without a pre-established plan, the public relations personnel are unprepared, and they must make up the process as they go along.
Like all dimensions of continuity planning, this area should be tested, either as a separate and distinct crisis test activity or as part of an overall continuity and recovery test. Commonly, organizations test their public relations plans via mock crises that actually escalate into full-blown business continuity and disaster recovery tests.
Supply Chain
A flaw in the supply chain is one of five threats that could destroy a company (Vinas & Jusko, 2004). When facing a problem in the supply chain, a company must consider what can and cannot be controlled. The company can control what products it makes, where it stores those products, and how the products are shipped, for example. To operate properly, an organization must be competent in these areas. For example, it must maintain its inventory well, keeping the right products in stock at the proper levels and at the right times. Making the wrong products, shipping products late, or sending products to the wrong markets will obviously have a negative impact.
References
Barton. (2007). Making enterprise risk management pay off.
Carroll. (2012a, spring). 01 MET AD 610, week 1 lecture notes.
Carroll. (2012b, spring). 01 MET AD 610, week 2 lecture notes.
Coombs, W. T. (2007). Ongoing crisis communication: Planning, managing, and responding (2nd ed.).Los Angeles: Sage.
Fearn-Banks, K. (2001). Crisis communications: A casebook approach (2nd ed.).Mahwah,NJ:Lawrence Erlbaum.
Lerbinger, O. (1997). The crisis manager: Facing risk and responsibility.Mahwah,NJ:Lawrence Erlbaum.
Vina and Jusko. (2004). 5 threats that could sink your company. Industry Week, 253(9), 52. ABI/INFORM Global.
Eric Tse, Richmond Hill, Toronto
Tse and Tse Consulting -Security, Identity Access Management, Solution Architect, Consulting
http://tsetseconsulting.webs.com/index.html
https://tsetseconsulting.wordpress.com/
http://erictse2.blogspot.com/
CISSP:
| CISSP:
CISSP: Choose/identify a regulation, standard or certification that has ‘potential’ business continuity ramifications. Write a structured, detailed, well-researched and well supported synopsis on how this requirement came about and where this applies (and doesn’t apply). Eric Hiu Fung Tse- AD 610- Week5 – Assignment |
|
Table of Content
CISSP: 1
Table of Content 2
CISSP (Certified Information Systems Security) 3
What was the catalyst or need identified that gave rise to this requirement? What agency or body monitors or oversees this?. 3
Is it direct or indirect (or both)? If indirect, what makes it necessary or applicable?. 4
What is the risk associated with non-compliance?. 5
What is the potential impact or limitations associated with this requirement?. 6
Potential impact 6
Limitations. 6
What are the cost factors associated with compliance or non-compliance? Where do you see this going in the long-term (other industries, countries, etc.)?. 8
Reference. 9
CISSP (Certified Information Systems Security)
I would like to talk about CISSP certification. It is one of the certificates related to my profession.
What was the catalyst or need identified that gave rise to this requirement? What agency or body monitors or oversees this?
Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by International Information Systems Security Certification Consortium (ISC)². (ISC)² is a self-declared Non-profit organization ((ISC)², 2009) but is not a Charitable Organization under the applicable Internal Revenue Service Code.
In the mid-1980s a need arose for a standardized certification program that provided structure and demonstrated competence. In November 1988, the Special Interest Group for Computer Security (SIG-CS), a member of the Data Processing Management Association (DPMA), brought together several organizations interested in this. The International Information Systems Security Certification Consortium or “(ISC)²” formed in mid-1989 as a non-profit organization with this goal. (Harris, Shon, 2010)
Talking about Cultural BCM differences, there have been a number of specialist areas incorporating business continuity into their own disciplines. The first to do this was information security, which led to confusion between business continuity and IT backup and recovery. This confusion was formalized to some extent by its inclusion in the BS 7755 Information Security Standard, which eventually became the ISO 27001 standard. As this standard has been widely adopted in such places as India, Japan, and Korea, the first references to BCM many people experienced came as part of information security. This misconception then became incorporated into many education and certification programmes such as CISSP. (Hiles, 2007)
Is it direct or indirect (or both)? If indirect, what makes it necessary or applicable?
The below describes the outline of business continuity and disaster recovery planning knowledge domain. It would give us a better idea on how this requirement came about and where this applies. (Miller & Gregory, 2010)
|
1.1 Natural disasters
1.2Man made disasters 1.3 How Disasters affect |
|
2.1 COOPeration is the key. |
|
3.1 Senior management support
3.2 Senior management involvement 3.3 project team membership 3.4 who brings the donuts |
|
|
|
5.1 Perform a Vulnerability Assessment
5.2 Carry out a Critically Assessment 5.3 Determine the Maximum Tolerable Downtime 5.4 Establish recovery targets 5.5 Determine resource requirement
|
|
6.1 Emergency response
6.2 Damage assessment 6.3 Personnel safety 6.4 Personnel notification 6.5 Backups and off-site storage 6.6 Software escrow agreements 6.7 External communications 6.8 Utilities 6.9 Logistics and supplies 6.10 Fire and water protection 6.11 Documentation 6.12 Data processing continuity planning |
|
7.1 Making your BCP project a success
7.2 simplifying large or complex critical functions 7.3 Documenting the strategy |
|
8.1 Securing senior management approval
8.2 Promoting organization awareness 8.3 Maintaining the plan |
|
9.1 Preparing for emergency response
9.2 Notifying personnel 9.3 Facilitating external communications 9.4 Maintaining physical and logical security 9.5 Personnel safety
|
|
10.1 checklist
10.2 structured walkthrough 10.3 Simulation 10.4 Parallel 10.5 Interruption (or cutover) |
What is the risk associated with non-compliance?
BCP and DEP work hand in hand to provide an organization with the means to continue and recover business operations when a disaster strikes. BCP and DRP exist for one reason: Bad things happen. Organizations that want to survive a disastrous event need to make formal and extensive plans – contingency plans to keep business running and recovery plans to return operation normal.
So the risk associated with non-compliance is, if the company does not following the rules and procedures, they may not be able to keep their operation running or return operation normal when disasters happen. They do not have all the documented procedures and processes, or those procedures and processes are not tested, practices, assessed carefully etc.
I am wondering if there is any legal risk involved. There are other regulations such as SOX that operations have to follow. I am not sure if CISSP would directly related to legal regulations, but many enterprise security policies and mandate are quite similar with this.
What is the potential impact or limitations associated with this requirement?
Potential impact
The CISSP business continuity framework provides a concise view of what IT security professional has to do with business continuity. Comparing the breadth and depth of the content against the “Definite Handbook of Business and Continuity Management“, the CISSP BCP scope is like the tip of the iceberg. Of course business continuity is only one of the many topics in information security that they cannot be as comprehensive as the ones with BCI (Business Continuity Institute).
For the positive impact, CISSP BP does recover concepts like project initiation and management, continuing visible support, risk evaluation and control etc.
Limitations
For the limitations, CISSP BCP assumes all the BP works are done by a team CISSP professionals. BCI methodology is much more comprehensive. They assume there are separate internal multi-disciplinary organizations and people. They have a two modes paradigm. They have an extensive corporate recovery team. They have HR interactions.
According to Business Continuity Methodology (BCM), the internal organization responsible for development, oversight, etc. of all business continuity planning should follow the plan (Organization chart) as above.
1) Two modes: development and operation (maintenance)
There are two effectively two areas of business continuity, one is the development or implementation teams, the other one is operation support teams. Since they belong to enterprise risk management and they have to be visible enough to get enterprise support, they are reported to CRO (Chief Risk Officer), who is reported directly to CEO or board of directors.
2) Extensive corporate recovery team
Corporate recovery teams: During recovery from a disaster or event, the business units within an organization will need to concentrate on restoring their own environment and become productive again. The technology support staff within an organization will be focused on providing a restored technical environment so that the business units can access their systems and data and become productive again. Therefore it will be necessary to create overall corporate recovery support teams that are activated during recovery procedures, These teams are comprised of company’s decision-makers who have the authority to declare a disaster status on behalf of the organization, as well as the authority to declare a disaster status on behalf of the organization, as well as the authority to release funds from the organization, deal with insurance companies, the press and process any employee personal claim or pay issues. (Hiles. 2007).
HR involvement
The human resources/personnel/training department of an organization must play key roles in installing appropriate training programmes for employees of an organization.
3) Interactions with External Organizations
For most organizations this is one of the weakest areas in the planning process (but it is getting better). In general, coordination between the private and public sectors has been a real challenge. This has improved significantly since 9/11, but there is still room for major improvement.
Procedures need to be in place for informing and communicating with public authorities during a crisis. Typically this involves the fire and police departments, but may involve other organizations, such as the Federal Emergency Management Agency (FEMA) and others. Plans should identify key contacts within these organizations and procedures for informing and communicating with these groups. Exchanging business cards or home phone numbers shouldn’t be an activity during time of crisis.
It isn’t enough, though; simply to know who the local authorities are and inform them of the situation. Depending on your situation, environment, etc. there may be specific agencies (e.g., EPA) or laws that govern your situation. The process and requirements for communicating with these agencies should be clear. Management needs to conform to these requirements. There are an untold number of cases where the proper authorities were either not informed or not informed on time during a crisis. The results for the organization can be devastating.
External agencies can and often do assist with actual exercising/testing. This is highly recommended, since it validates your actual processes and provides for a better public/private partnership. Agencies are typically very willing to become involved in organizational exercises and can often bring a level of credibility and realism to any exercise. Like any exercise, results should be logged with actions and dates for resolution agreed.
What are the cost factors associated with compliance or non-compliance? Where do you see this going in the long-term (other industries, countries, etc.)?
When you implement the Business Continuity department using projects, there are costs incurred for with compliance. You may think about being non-compliance can save you a lot of money. But if you spend this money, it would greatly increase your business to keep operating or recover to operations when disasters happen. Imagine how much money if you are going to lose if your operations are down or not running. How much money per each hour?
Although the CISSP BCP is not as comprehensive as BCI methodology (BCM) for now, I can see things will get converge together in the long term. The (isc)?2 will incorporate the knowledge body of BCP from BCI since they are the expert. Eventually, the gap would be narrowed.
Please identify all sources (minimum 3) for your work.
(Note: Feel free to select from the list provided or research your one on your own, but make sure your choice is not a topic we have already addressed in course (i.e, don’t do HIPAA, Sarbanes, etc – recommend you check with your facilitator before starting).
Reference
(ISC)². 2009. “About (ISC)²”, Retrieved November 23, 2009.
Harris, Shon (2010). All-In-One CISSP Exam Guide (5 ed.). New York: McGraw-Hill. pp. 7-8. ISBN 0071602178.
Hiles. (2007). The Definitive Handbook of Business Continuity Management 2nd edition
Miller & Gregory. (2010). CISSP for Dummies 3rd Edition.
Eric Tse, Richmond Hill, Toronto
Tse and Tse Consulting -Security, Identity Access Management, Solution Architect, Consulting
http://tsetseconsulting.webs.com/index.html
https://tsetseconsulting.wordpress.com/
http://erictse2.blogspot.com/
tsetseconsulting 