Risk Analysis of Credit Card Management System

185 views 4 pages ~ 1048 words Print

The organisation’s credit cards could easily be compromised by the scammers who may obtain credit fraudulently.

Identifying the risks

ü Loss of goods through fraudulent credit card transactions.

ü Undermining the firm’s continuity of operations due to losses (Kotek and Tabas 808).

ü Loss of stakeholder confidence in the organisation’s IT security management system

Analysis of the risks

The Hazard and Operability (HAZOP) Analysis can be used to investigate weaknesses in the business credit card management system that could cause potential security breaches and fraud (Kotek and Tabas 809). Additionally, a checklist of known hazards and threats can be utilised to determine the risk level of the possible breach of the organisation’s credit card management system. The risk level of loss of finances through credit scammers is high since the cons have already obtained credit worth $880,000 and a hotel in the neighborhood was affected.

Selection and implementation of treatments:

The risk should be eliminated by conducting an audit of the firm’s credit cards by checking IDs and signatures, credit card security features such as holograms and requesting real time verification codes from the band for all online transactions (Kotek and Tabas 812).  Once the control measures are implemented, they should occasionally be reviewed through periodical audits of the credit card systems to establish the effectiveness of the control measures or detect new threats.

Scenario 2

Establishing the risk context

ü The hotel’s cooks do not check the customers’ allergies prior to preparing the meals

Identifying the risks

ü Customers can suffer anaphylactic reactions or food poisoning after consumption of food.

ü Damage of the hotel’s reputation.

Analyzing the risks

A checklist can be used to assess the risks that can result from the actions of the cooks. The checklist has the dos and don’ts involved in the preparation of food in the hotel. The risk levels are high because the cooks do not pay attention to customers’ needs when preparing the food. Consequently, the hotel’s reputation can be damaged (Kotek and Tabas 813).  

Selection and implementation of treatments:

The hotel’s quality assurance department should come up with standard operating procedures which the cooks should strictly adhere to. The standard operating procedures should involve checking the patient’s nutritional requirements, allergies and medical conditions (Kotek and Tabas 814).

Scenario 3

Establishing the risk context

ü Majority of the employees risk missing work because of lack of a means of transport

Identifying the risks

ü Disrupting the hotel’s operations

ü Loss of customers to competitors

ü Revenue losses

Analyzing the risks

 The risk level is low to medium because in the event of a public transport strike, employees may find alternative means of transport. Using the what-if analysis technique, the hotel can find out what most people resort to when public transport is not available (Kotek and Tabas 811).  

Selection and implementation of treatments:

Ocean Shores Group may procure the services of private transport companies to ferry employees to and from work so as to cushion them from the transport strike.

Scenario 4

Establishing the risk context

The impending decrease in inbound tourists from Asia as a result of the health issue will lead to a significant decline in the hotel occupancy (Kotek and Tabas 810).

Identifying the risks

ü Decrease in revenue as a result of decline in hotel occupancy

Analysis of the risks

The risk level is high because most of the customers have already canceled their bookings, indicating the big impact of the health issue. Using a market analysis technique, the business can estimate the impact of the health issue on the tourism sector and project losses in revenue (Kotek and Tabas 810).

Selection and implementation of treatments

The organization should explore new markets as a contingency plan in the event that the Asian market is unfavorable. New marketing strategies should be adopted to enhance the hotel’s visibility in other continents to reduce reliance on the Asian market (Kotek and Tabas 815).

Scenario 5

Establishing the risk context

The hotel’s former employee who is now operating his own hotel is undermining the firm’s workforce by poaching employees and using his former position to steal the hotel’s secrets from the database (Kotek and Tabas 813).

Identifying the risks

ü Loss of the business best employees to the hotel

ü Loss of secrets and strategies to competitors (Kotek and Tabas 811).

Analysis of the risks

The level of risk is high because the former employer is conversant with the company policies and secrets can use them to his own advantage by luring employees to his own hotel. A HAZOP analysis into the organisation’s database can establish the amount of data that the former employee has access to and the extent to which the information has been used (Kotek and Tabas 809).

Selection and implementation of treatments

 The organisation should develop a counterintelligence program that will enable it to secure the information in its databases (Crcpress.com). Additionally, employees who have access to confidential information should be made to sign non-disclosure agreements to compel them not to share intelligence with competing companies (Marx and Fleming 44).

Scenario 6

Establishing the risk context

The hotel’s bar section is not adequately staffed and efforts to recruit qualified employees to take up the roles have not borne fruit since most of the applicants do not meet the threshold.

Identifying the risks

ü Work overload

ü Poor service delivery

ü Loss of customers to competitors

Analysis of the risks

 The risk level is high since the few employees are likely to be overloaded with work which will greatly lower their morale (Kotek and Tabas 810).  Consequently, the under motivated employees will not deliver efficient and quality services to customers, compelling them to opt for competitors.

Selection and implementation of treatments:

 Since the market does not have suitable candidates, the organisation should initiate an internal training and development program that will build the capacity of new employees to deliver efficient and quality services to customers (Kotek and Tabas 813).  Additionally, the company should implement strategies to counter the effects of work overload.

Works cited

“Industrial Espionage: Developing a Counterespionage Program.” CRC Press, www.crcpress.com/Industrial-Espionage-Developing-a-Counterespionage-Program/Benny/p/book/9781466568143.

Kotek, L., and M. Tabas. “HAZOP Study with Qualitative Risk Analysis for Prioritization of Corrective and Preventive Actions.” Procedia Engineering, vol. 42, 2012, pp. 808–815., doi:10.1016/j.proeng.2012.07.473.

Marx, Matt, and Lee Fleming. “Non-Compete Agreements: Barriers to Entry … and Exit?” Innovation Policy and the Economy, vol. 12, 2012, pp. 39–64., doi:10.1086/663155.

October 24, 2023


Subject area:


Number of pages


Number of words




Writer #



Expertise Company
Verified writer

I enjoyed every bit of working with Krypto for three business tasks that I needed to complete. Zero plagiarism and great sources that are always fresh. My professor loves the job! Recommended if you need to keep things unique!

Hire Writer

Use this essay example as a template for assignments, a source of information, and to borrow arguments and ideas for your paper. Remember, it is publicly available to other students and search engines, so direct copying may result in plagiarism.

Eliminate the stress of research and writing!

Hire one of our experts to create a completely original paper even in 3 hours!

Hire a Pro

Similar Categories