Module name- Financial Risk Management

Module code- BU7009

Format- Assignment
Title-
Student name and number-
Word count- 4000

1
 Table of Content

Introduction 3

Assessment of the risk management methods available to Merck 3

Business-related Risk Analysis 3

Process of managing risk 5

Critical evaluation of the main sources of financial and non-financial problems faced by
Merck and steps taken to mitigate such risks 7

Major sources of financial risk faced by Merck 7

Major non-financial risks of Merck 8

Mitigation of financial and non-financial risk by Merck 8

Integration of strategic planning and collaboration with stakeholders for strategic approaches
10

Analysis of the cyber-security threats to the company and evaluation of the measures put in
place 17

Various types of cyber security threats 17

Resolving cyber security threats 18

Antivirus software 18

Firewalls 18

Two-factor Authentication 19

Virtual Private Network 19

Conclusion 19

References 20

2
Introduction
The study provides an overview of the various risk analysis methods which are applicable to
MERCK. With the illustrated examples, the different risks which are faced by the
organisation and the methods to curb such occurrences would be looked into in the study.
Along with such, the different approaches of the firm towards the management of the
strategies and the collaboration with the stakeholders would be examined. The various threats
to the cyber security of the firm of Merck would be analysed, and the methods to mitigate
such nuisance would be assessed in the study. At the end, a conclusion would be drawn based
on the numerous scenarios and findings from the study.
Assessment of the risk management methods available to Merck
Entrepreneurship entails both challenges and vulnerabilities. Merck has put controls and
procedures to identify the hazards early on and respond to them appropriately. Expectation
management is a crucial part of our intrinsic choice procedures, such as short and longer
organizing and based on inter investment plans. Through the introduction of several risk
management methods, the firm has the ability to establish mitigating pathways to curb the
situation at the basal levels.
Business-related Risk Analysis
Keeping a check on the financial drainage
The well-known tendency forward into extremely strict expectations in order of prescription
drug prices, remuneration, as well as the augmentation of greater groups, is proceeding in the
Medical industry (Martin et al., 2018). These prerequisites, as well as market mentioning
among nations and the achievement of business rollouts, can have a negative impact on the
performance of the product lines. In the company sector's plans, foreseen impacts are factored
into the equation to the greatest degree. There needs to be the overall governing of the
different costs, in both the influx and the efflux of the finance to keep a check on the profit
margin of the firm. Through accurate data gathering, the organisation has the ability of keep
a check on its funds and avoid any significant loss or drainage of money. According to the
findings by Chung and Adriaens (2022), the risk analysis of the financial perspectives can be
done through such a method of data gathering, and the requisite steps can be taken from such
a point.
Risk of stronger guidelines for the production process, checking, and brand
management
Similarly, in Life Science and Effectiveness Components business areas, researchers should
conform to a slew of legislative compliance for the mass production, checking, and

3
advertising of so many of products (Wang and Jie, 2020). The European Union, in particular,
is subordinate to the European chemical compounds regulatory oversight REACH. It
necessitates rigorous research of various chemicals. Furthermore, the use of substances in the
heavy industry could be confined, making it hard to sustain producing definite product lines.
Hence, in case of MERCK, the organisation might face certain risks and issues due to the
establishment of stricter guidelines during the production of the goods and selling its services.
These approaches can be dealt with, by analysing the past data of the firm. Through the
accurate analysis of the statistical information, the organisation would be able to form a risk
register that would be necessary for highlight the main gist of the related risks. Hence, Merck
would be able to keep a check on the risks occurring, prioritise the risks based on their
consequences and allocate the necessary members to diminish such issues. Researchers are
constantly pursuing product development in material portrayal and the conceivable
replacement of crucial drugs in order to reduce the likelihood of this threat and, as a result,
consider it improbable.
Negative impact of internal and external environment of the firm
System of government destabilization, as well as the potential institution of protectionist
measures, punishments, and modifications in forex strategy, could indeed lead to a sales
decrease in specific nations and territories (Montoya et al., 2018). The above dangers are
accounted for as much as potential in the listed regions' and geographic locations' financial
projections, and they are ameliorated via commodity, business, and provincial diversification.
Possibly detrimental economic and financial advancements may also have an effect on our
company. The need for the presence of a SWOT analysis as a tool of risk management and its
evaluation can be approached by the firm of Merck to look into the various approaches of
strengths, weaknesses, opportunities and threats present in the organisation. With the aid of
such a technique, the firm would be able to manipulate its working procedures and look into
the shortcomings. The improvement of the issues can be thus, approached, which would be
vehemently necessary for reducing the negative impact of the internal aspects of the firm. On
the other hand, the firm would also be able to analyse the threats and the opportunities
present in the external environment. Such an aspect would be necessary for its further
expansion into the external market scenario. To mitigate these effects, sales revenue strategic
planning initiatives have been adopted in such nations.
Threats correlated with greater competitors in the market and changes in consumer
innovation

4
Both the pharmaceutical and biotechnology product lines and drug manufacturing companies
are experiencing increasing rivalry between existing goods in the Healthcare market sector.
Risks in the Bioscience and Achievement Substances major industries include recurring
business fluctuations, but also technological changes or consumer needs are met, especially
with regard to liquid crystalline (Kumar et al., 2019). As vulnerability reduction, Merck uses
nearer relationships with clients and in-house even farther advancements, and also business
closeness, such as coherent marketing assessments. Generally speaking, the risk premium is
considered moderate due to the possibility of incidence with an essential adverse influence.
The changes in the market scenario can be approached by the organisation through the
provision of a PESTLE analysis. However, the risks regarding the external agents can be
understood by using the risk assessment tool of Risk Data Quality Assessment. With the aid
of such a method, Merck would be able to analyse the extent of the risks based on the
information which have been gained by the organisation. Several assessments such as the
reliability and the accuracy of the data can be performed with the aid of such a method. The
project managers at Merck would be able to deploy the necessary results with the aid of the
information gained by such a tool.
Balance-sheet item depreciation risks
Ordinary person financial statement products either because are subject to the risk of
modifying business and industry circumstances, and also adjustments in valuation.
Deficiencies that are required can have a serious adverse non-cash effect on profits and
actually impact financial indicators. This is especially true characterized by high levels of
intangible resources, such as generosity, resulting primarily from sales price allotments
incurred in accordance with complexes (Moktadir et al., 2018). All assumptions were
assessed during the preparatory work of the Statement Of Financial position and
acknowledged accordingly. Consequences above this are rated as improbable, with a crucial
wrong.
The provision of Probability and Impact Matrix into the workings of Merck would be
necessary to help the project management team to understand and assess the priorities of each
of the risks seen in the financial arena. With the aid of such a tool, the organisation would be
able to mitigate the severe issues at the beginning, keeping majority of the resources for such
an inspection. As per the suggestions by Lemmens et al. (2022), the issues falling under the
lower impact categories would then be evaluated based on their consequences, and then
needed plans to mitigate the same would be established.

5
Process of managing risk
The goal of Merck's risk management activities is to identify, evaluate, and mitigate threats
earlier than usual and to put systems and processes in place to mitigate them. The effective
internal control standards cover the obligations, targets, and mechanisms of managing risks.
Staff members with threat responsibilities include company tops, executive officers of Merck
subsidiary companies, and leaders of Collective operations (KAPOOR, ROJHE and
MAHINDROO, 2020). The centralized company group for threat accounting purposes is
much like the unified conglomerate for the Statement Of Financial position. Risk owners
assess their risk indicators and notify thei suitable to risk analysis every month. In the setting
of such actions, researchers employ a specialized risk technology platform. Similarly,
relevant parameters are noted and evaluated. Collective Crisis Management monitors the
success of these metrics as well as the timeline for execution. The contingency reserve
following the execution of these metrics is proffered as net danger in the organization's risk
report. Collective Control system & Regulatory Compliance is the organizational framework
for financial planning, reporting directly to the organization's finance manager. Group Crisis
Management analyses the observed information to measure the Merck Group's risk
evaluation investments, which it presents in a comprehensive article to the Executive Board,
Company's Management, and Budget Committee twice per year.
A possibility of agglomeration of dangers at the Group level is also included, as is a
Simulation Model (Aigbavboa and Mbohwa, 2020). Moreover, substantial changes in the
evaluation of previously identified risks, as well as the creation of innovative dangers, can
indeed be noted at any time and are tried to communicate to the Executive Board on an as-
needed basis. In the normal method, a minimum requirement of € 5 million already when
contingency plans is set for disclosing dangers with a significant effect on our EBITDA pre,
and € 25 hundred thousand in the informal method. Consequences that fall underneath these
tolerances are highlighted in this section within business divisions. Internal risk reporting
must be completed within five years. It can be extended beyond five years, for example, in
the case of trade regulations related to the environment. The yearly basis numbers reflect the
consequences of the risks described in this document on threats and uncertainties. The hazard
identification introduced here is for December 31, 2020. There were no material adjustments
after the balance date which would have required a means of demonstrating the Group's
situation of crisis (Tripathi, Rangarajan, and Talukder, 2019). Inside the scope of the auditing
process, the Group Internal Audit function includes an assessment of the risk management

6
framework within components as well as the information exchange of possible consequences
from business organizations to Group Risk Managers and other stakeholders.

Critical evaluation of the main sources of financial and non-financial problems faced by
Merck and steps taken to mitigate such risks
Any organisation has the probability of facing both financial and non-financial risks, until the
steps taken to mitigate the same are provided from the initiation of the risks. The organisation
of Merck, too, can be run down through the presence of both financial risks and non-financial
ones. Hence, the provision of certain strategies would be needed for such a cause.
Major sources of financial risk faced by Merck
Financial risks are characterized by the possibility of suffering from money losses on
investment within any business enterprise. Within the business sector associated with
healthcare where the high trend toward the restrictive based needs on the basis of drug
costing, reimbursement as well as the high-rebate group-oriented extension has been
constantly growing (Valaskova et al., 2018). Merck has been dealing with market
fluctuations in regards to the foreign exchange as well as interest rates which acknowledged a
significant profit as well as cash flow-oriented risks. Scenario analysis has been done by
Merck in order to estimate foreign exchange-related risks and fluctuations in interest rates.
The instability seen in the market scenario thus acts as one of the major financial risks which
can be faced by the firm. Due to the fact that the majority of the companies are effected due
to the debt repayment aspects, and the competitiveness seen in the industrial levels, the
occurrence of financial instability causes to be dramatic hurdle.
Within the context of the international business sector, Merck has been exposed to the risks
of transactional-oriented foreign exchange in terms of both the activities involving business
and finances. Share price risks of Merck have reflected that public listed firms accounting for
around €244 million shares are exposed to fluctuating within the fair value (Capital structure
investments and financing activities., 2020). Around 10% of the change in financial
equipment pricing would affect the equity of the group greatly accounting for around €24
million. This value change would be greatly acknowledged in group equity. Another

7
significant risk which Merck can be effected with, is the credit risk. Both falling behind in
the repayment to creditors or even to the consumers, Merck can be faced with severe charges
in terms of credit risks.
Liquidity risks of this company state that risk which the company has failed to reach its
payment commitment that resulting from the liabilities of the finances which is limited by the
development the essential financial flexibility as well as group-based cash management.
Credit risks have signified the risk of the company’s financial loss when the customer or the
contract partner will be failed to achieve its contractual remittance obligations. Merck
company has dealt with credit risks because of the trade accounts which still existed and are
receivable as well as other debt instruments and contract resources.
At the same time, the operational risks faced by the firm can also act as major financial risks.
Due to the fact that the operations management and the project management takes up a
significant chunk of the financial aspects of any firm, once the operational gets high, there
can be the occurrence of financial risks of operations. In the thoughts and beliefs by Mišić
and Perakis (2020), the procedures and the policies which are followed in the business
scenario can be effected with the technical glitches, causes of fraudulent activities and threats
to data security. These situations would give rise to the operational risks in Merck, which
would further diminish the influx of financial resources into the organisation.
Major non-financial risks of Merck
The non-financial risk report of Merck company has shown the aspects of environmental
matters in terms of greenhouse gas emissions, the safety of plants and processes, chemical
labeling of products, standards of the supply chain including Mica supply chain, and safety of
warehouse and energy efficiencies (Manes-Rossi et al., 2018). The employee-based non-
financial risk aspects included leadership value, recruitment drive, diversity, engagement of
employees, and safety protocols whereas anti-corruption and anti-bribery factors have been
considered (Non-financial report., 2020) Human rights including bioethics and clinical
studies regarding drug manufacturing have been accounted into the non-financial risk report
of the company Merck.
The management of the employees also tend to act as a severe risk which is needed to be
diminished by any firm. Due to the fact that the employees tend to be the ones who manage
the necessary dealings and tasks of the firm, there is need to keep a check on the performance
of the same. At the same time, the proper management of the human resources is to be done
by the hierarchy of Merck, to improve the quality of the tasks being approached. Therefore,

8
there needs to be the presence of several strategies to mitigate the risks halting the production
quality of the firm.
Mitigation of financial and non-financial risk by Merck
Merck company mitigates financial as well as non-financial risk factors especially the foreign
exchange risks with the continuous analysis of various hedging strategies in order to reduce
or minimize the risks. The organisation has the requirement of establishing certain strategies
and developing on their framework for understanding the concepts of the risks occurring
within the firm. The integration of several risk assessment tool such as the construction of the
risk register, the SWOT analysis, the gathering of needed information and similar others
needs to be done by the firm. The operational risks presented in the functioning of Merck can
be reduced with the aid of several risk assessment methods, and the financial risks can be
dramatically lowered through a tight check on the budgeting method. The whole foreign
exchange risk exposure has been classified into the subsets of different defined risk profiles
as well as systematic hedging equipment performed on a regular basis for approximately 12
months (Butnariu, Luca, and Apetrei., 2018). Monitoring of credit risks is done by Merck
company by identification of default risk related to customer groups and identification of a
rapid increase in the risk of credits as well as calculation of expected losses of credit. As per
the opinions of Shulman et al. (2018), the conduction of the risk assessments needs to be
done at regular intervals for getting an idea about the places for the initiation of newer risks,
and for mitigating the ones which are being controlled. The timeframe and the resources
required for such a process, too, needs to be kept under check for the efficient
implementation of the risk mitigation processes in Merck.

9
Integration of strategic planning and collaboration with stakeholders for strategic
approaches
Merck is based on science and evaluation of the strategy scientifically. Deriving technologies
of the company and its uses in creation makes the basis of future growth. Mobilize for growth
strategy entails and pushes growth in the future development. The company is a pioneer in
science and technology.
Strategic development in the organisation
The key strategy of the company is to unlock the full potential to take the company to the
next level. The unique setup of the company driving distinct sectors leads to be great in
positioning bestowing fastest growth within science and technology markets. The planning of
the organisation needs to be based on the evolving market nature, the different kinds of risks
being generated at both the internal and the external environment of the firm. At the same
time, the financial structure and the board leadership of Merck needs to be updated in
accordance with the management of the human resources.
The company wants to refurbish technology and science to heal the leading position. Merck
wants to increase sales to approximately €25 billion by the year 2025. The strategy of the
company encourages to grow the sales by 80% from the Big 3 businesses- the procedures
related to solutions of life science, addressing new products from healthcare, and admitted
semiconductor solutions business within the electronic business sector (Carrascoso, 2018).
Implementation of the strategy
● Merck expects average sales growth in the sector of life science, by 7% to 10% in a
year. It continues to grow in the market for mid-term culmination owing to outpace
the growth of the market.
● Merck aims to achieve mid-term organic average sales growth in the middle-single-
digit percentage sales.
● The strategy implication and execution assessed the organic reach growth by 3% to
6% every year. The growth program will attract more new opportunities in the future
(Tomlinson, 2018).
Corporate strategy
Merck cupid desires sustainable growth following the corporate strategy. Enhancing ambition
towards leveraging science and technology to achieve the growth following mankind. The
company thinks about the growth hand in hand with maintaining sustainability and sustained
business operations. It wants to succeed economically and creates value for society and the
environment. But while doing the sustainable business practice, the company survived many
1
0
challenges within the world like poverty, diseases, climate change, and hunger (Polhemus et
al., 2020). With the inclusion of the corporate strategy, the organisation would be able to
establish itself into the community with a stronger position, and gather a larger consumer
base. At the same time, such a situation would aid the growth of the organisation. Through
the growth of the strategic notions, such as the reduction in the usage of plastics, provision of
recyclable packaging and the usage of electric vehicles in their supply chain, the corporate
social responsibilities would be heightened for the firm.
Shared values
Courage, respect, achievement, transparency and integrity are the utmost priority of the
company. These norms and values shape the work daily and encourage to face challenges and
interact with customers, business partners, and colleagues. For the firm of Merck, the
incorporation of values needs to be done in a strategic manner as to uphold the ethics of the
organisation and also for the benefit of the people.
Courage
Courage is the form of enhancement of self-trust. It leads to making healthy self-perception.
Courage makes challenging for yourself. It guides to compete to make decisions in changing
process. The decision making processes at Merck needs to be established in a quick and
efficient manner to handle the negative situations without faltering. With the aid of such a
mechanism, the firm would be able to cope up with the difficult situations.
Achievements
It shapes an individual’s ability. Achievements make motivated promoting people. It supports
the mental development of individuals. Ensuring entrepreneurial independence the company
makes its achievements (Aula, and Mantere, 2020). The achievements of Merck needs to be
portrayed to the public in a strategic manner as to gather a larger customer base, through
accurate presentation of such during marketing.
Integrity
Integrity creates credibility of the pioneer to everyone. Operations of the business ensure by
it. Integrity maintains obeisance to remain promises. Integrity permits those who pay and deal
with values.
Transparency
Is the value of trust. Involvements of all stakeholders within the organization through
transparency. It makes the actions sustainable. It supports goal-centric behavior throughout
the company. It denotes the reliability of the organzation. Participation of everyone within the
company is ready to accept responsibility because of the transparency of the work (Tulder,
1
1
and Lucht, 2019). The dealings of the company needs to be made transparent for gathering a
trusted and loyal customer base. With the help of such a group, the organisation would be
able to uphold its profit margin, and also benefit the consumers through better goods and
medicines. Hence, the strategic approaches taken for such a situation is of great benefit to
both the linked parties.
Stakeholders Engagement
Governing social, environmental, and governance strategies for implementation, the CEO of
the company entails stakeholder management. Stakeholders management suggests voluntary
execution of the planning and sustainable management practices and outcomes.

F
igure 1: Different stakeholders for the organisation of Merck
(Source: Merckgroup, 2022)
Merck has an outstanding record determining strategy and systematic approach for
stakeholders engagement its called corporate responsibility. Merck has glassdoor scores and
reviews, recommendations of 3.75 out of 5. Merck has been admitted for its diverse best
practices, equality, Healthcare foundations, and campaigns for Human Rights (Palgrave

1
2
Macmillan, 2021). The various stakeholder engagement for the firm can be segregated into
the internal and the external stakeholders. The former stakeholders are the employees and the
patients of the firm, the scientists and the employee representatives. However, the external
stakeholders contain the media and the customers, the suppliers and the shareholders. Hence,
each of the groups have to be strategically managed in different manners for obtaining the
target potential for the firm.
Culture, Brand values exempted from all stakeholders
Merck’s values and ethics are the keys to its success. People who are recommending their
products are the main stand for its value and transparency. The company practices its
business ethically to sustain strong values everyday and standards guide the company for
over 100 years.
Enterprise approach
The approach is denoted as the development of leadership focused on the specific striving of
the organization. It supports talents and the development of the career. Management of
mindsets is also a fruitful activity of the organization. The business practices involve in the
lead the careers potentially and a strong knowledge of business and potentiality is the main
thing for the company (Cruz Rivera et al., 2021).
Engagement of employees
Active communication and operations for development and a positive working environment
make the employees retention within the company. Employees work actively and efficiently.
They got motivated with minimal expectations towards business outcomes. Transparent
communication, mutual commitment, and trust attract employees' engagement. Employees
are the key factor of the company holding strength and weaknesses of the organization
informing the business strategy and progress of the goals. One of the vital approaches which
was taken by the organisation for the involvement of the employees was through the
conduction of a “Group-wide employee survey” in 22 different languages (Merckgroup,
2022). The inclusiveness of such a vast number of dialect aims at the involvement of a large
number of employees, and 45,000 employees had taken part to answer the survey
(Merckgroup, 2022). Attraction failure and high qualified product retention make the
company affected towards achieving the goal of the company and governments regulations
research of clinical factors determines the growth (Schaltegger et al., 2022).
Feedback assessment
The company's annual report observation denotes that, employee engagement has been
increased and they more ethical and enabled, and energized than before. The company allows
1
3
workers to provide feedback through a community platform called sync and via a brief, three-
to-five questionnaire survey. It enables employees to share their thoughts. Emphasizing
feedback can give real-time information and address the situation of employees (Grieger et
al., 2021).
Communications
The CEO of the company is responsible for making strategies for the mission and vision of
teh company. Financial performance updates majorly impact on services of customers,
product variability, and answers from feedback. Employees are able to gain news,
information, and videos, from functional news channels and internet connections. Hall
meetings, business briefings, communication through email from the senior authority, and
surveys through employees. With applicable legal standards, the company has an anonymous
helpline available for 24*7 to give advice to the employees (Warren, 2022).
Innovations
Leading major financial investments and development of research company made its
innovative technology for briefing the business operation. The company made beverage
business insights for US employees who are involved in DRIVEN (Delivering Real Insights
Via Employee Networks) to guide the objectives of teh employees. The strategy enables
employees to provide meaningful contributions and efforts to teh business and online
research community platform. It also helps to make caregivers and patients resources for
dealing with feedback on online advertisements and markets. 2000 employees are under the
DRIVEN performance systems and it harnesses the experience of the employees (Glover et
al., 2022).
Wellness and safety
The Corporate responsibility section enables employees to get detailed information about
wellness programs addressing social, emotional, and financial well-being for the interest of
the company. Merck’s wellness attributes involved in LIVE IT, PREVENT IT, BALANCE
IT, MOVE IT, and FUEL IT. Over the last five years, a company working with driving
factors of injury and health effects in the workplace. The company holds insurance of
management processes and facilities and decreases injury with the help of the contribution of
the employees (Lentz et al., 2020).
Diversity
Under ethnic groups, 36% of employees are recruited in this company. The company
supports all religions, ethics, and educational backgrounds.
GMAP
1
4
Enterprise-wide leaders have organized a program for the global management acceleration
program. The aim of the program is to create a robust global acceleration program for internal
talent and provides opportunities for learning and development of the opportunities.
Business leadership program
The program enhances both leadership and individual skill in business operations. A
company’s strategic context is the main thing for focusing on the evaluation and performance
of the employees.
Women leadership program
The program explicitly supports business growth and development in respect of the women in
the company. Gains the skill and learning development with increasing ability to manage the
order of gender discrimination (Wang, and Jie, 2020).
Leadership development program
Videos and article programs for leaders and managers are coherent for leadership
development. Behaviors of leaders and competencies are the resources of the company to
engage clients. The program provides development activities.

Community
Merck has extended its corporate responsibility strategy for development and it includes drug
donation programs, patient assistance, and programs of drug assistance. Access to healthcare,
sustainability and well-being performance, ethics, and trust of the employees are involved in
consideration. Corporate responsibility involved production in a sustainable way, the use of
innovation, and technology. This includes the community and customers in the company. The
company has also been actively involved in the provision of political donations, where the
employees can donate their wages to support their choices of political candidates through the
“political action committees (PACs)” (Merkgroup, 2022).
Supplier engagement
Suppliers are part of enterprise networks. It also culminates in the management process and
recruitment. It includes performance, labeling, packaging and shipping, and other practices.
Major contribution
Money
Cash rewards, Incentives, and annual pay is the contribution of the company to retain
employees.
Health

1
5
Employees generally involved in activities for dental, medical, and coverage, are the key
health benefits of teh company.
Incentives and retirement
It is based on performance on a long-term basis (Martin et al., 2018).
Other benefits
Educational assistance and guidance of education are effective benefits for the company.

1
6
Analysis of the cyber-security threats to the company and evaluation of the measures
put in place
Through the establishment of several novel software and programs, the expansion of the
threats to cyber security is up scaling. There needs to be the integration of certain strategic
methods to put a halt to such threats and protect the data of the organisation.
Various types of cyber security threats
Ransomware
It is the malicious software that threatens to block or publish accessed data from the computer
system in which an attacker might possess fees for victims. In several cases, the ransom
attacker demands fees from victims along with deadlines (Humayun, et al., 2021). Most of
the ransomware is delivered through malicious emails that are creating challenges and threats
for business organisations who are trying to set up online. Cyber attacks are a common threat
nowadays. According to the report, in the US cloud-based ransomware has created challenges
for technological security provider companies in the year 2020.
Hacking
In simple words, hacking is referring to the act of compromising digital devices or networks
through unauthorised access to any account or computer system (King, et al., 2018). It is not
a malicious act but it is mostly associated with illegal activities and data stolen by
cybercriminals. There are three types of hackers such as Black hat, Grey hat, and White hat
hackers. This process is completed through cracking passwords and decoding encrypted
codes that are giving access to the systems in which people are working. Cracking is the term
of hacking that indicates the process in which passwords or codes were obtained.
Data Leakage
The process of data leakage is the unauthorised transmission of data within a business
organisation to an external recipient or destination. This term might be used to describe the
obtained data that is transferred physically or electronically. An accidental data breaches will
increase by external agents or cybercriminals. The use of tablets and smartphones has become
widely used. In this situation, stealing data is much easier in the digital era. Several
organisations are affected due to cyber-attacks while performing on digital platforms. Now
the businesses are at threat of cyber attacks in which their organisational data are stolen.
Phishing
Phishing is a cyber attack that attempts to steal money or personal identity in which personal
information might be revealed such as bank information, credit or debit card numbers or
passwords on websites that pretend to be legitimate (Alabdan, 2020). It is a type of social
1
7
engineering in which cyber attackers are sending fraudulent messages to a person to reveal
information to attackers that are creating issues for people like ransomware. There are four
types of phishing such as Spear phishing, Email phishing, whaling, and Vishing. These
cyber-attacks are creating challenges for business organisations in a negative way.
Cryptojacking
It is the type of cybercrime in which criminals secretly use people's computing power for
generating cryptocurrencies. It can target individual consumers, industrial control systems,
and massive institutions. It has become more popular among cybercriminals in which they
can extract money from the targeted consumers as a cryptocurrency. The people are more
affected through this new cyberattacks in recent times. People can mitigate these challenges
through building security on their networks and the software in which they are working.
Resolving cyber security threats
Antivirus software
One of the oldest methods to combat cyber security related issues is through installing
antivirus software on computers. It is the primary method to stop cyberattacks that several
people neglect most of the time and face problems (Nazarenko, et al., 2019). This software
always provides an update process in which users have to do it for upgrading and resolving
issues of malware, spyware, and other network viruses. The organisation needs to keep their
antivirus software updated, and track the cyber threats at a regular interval.
Users have to install it for building protection against cyber attacks and cyber security threats.
Download each update to reduce the chances of being attacked by cybercriminals. It is
helping to manage the cyberattacks on the business organisations and other institutions.
Firewalls
Setting up the firewall on the mobile and computers is the most effective way to manage the
cyber attacks and theft that are providing effectiveness in the business process. It helps to
protect networks and computers from outside attackers. These devices can come in hardware
and software formats and both can be quite effective for managing the necessary traffic.
Firewalls in hardware also might be placed between computers and modems that are helping
to reduce the chances of cyberattacks. The proper evaluation of this software will help to
manage the operating systems and also effectively block cyber security problems by reducing
the risks in operating networks or computers. As per the comments by Soewito and Andhika
(2019), a certain amount of financial support needs to be provided by the management
towards the firm to employ better firewalls for the protection of the data.

1
8
Two-factor Authentication
Within the single factor authentications, usernames and passwords are used to access the
users' accounts and information online. Two-factor authentication effectively doubles the
security of the online account along with basic password and username combinations that are
helping to secure the additional information of users that are theoretically increasing access
(Wang, et al., 2019). The personal identification number is also an important factor that is
helping to manage the two authentication processes and resolve the cybersecurity-related
threats in an effective way. The proper evaluation of biometric locks and fingerprint access
will also reduce the chances of being attacked by cyberattacks. Merck has the requirement of
establishing such a mechanism to drastically deploy strategic methods to stop the chances of
getting attacked through digital means.
Virtual Private Network
VPN stands for the virtual private network and establishes a protective connection between
the user and the internet. Through VPN all data traffic will be routed to an encrypted virtual
tunnel in which data will be safely received and forwarded (Lipp, Blanchet, and Bhargavan,
2019). It disguises the IP addresses of users while working through using the internet. It also
helped to make the location invisible to the users in that cyber attackers can not find out those
easily. Basically, it helps to secure internet collection in which data will be safe and also it
travels securely in the users' computers along with the encryption process.
Conclusion
Therefore, the study contains a significant evaluation regarding the various kinds of risk
management tools and techniques which can be implemented by the company of Merck.
Through the establishment of several risk analysis tools and technologies, the organisation
would be able to mitigate several notions of risks and their related negative impacts. The
study also highlighted the different types of strategic planning approaches taken by the firm
to strengthen its position in the market approach. The consideration of the stakeholders in the
concept of strategic planning and its assessment was also looked into in the study. The
presentation of different kind of cyber security threats to the organisation and the varied
manners in which such threats can be mitigated by the company was highlighted. The
measures to effectively manage and contain the negative impacts of the risks was illustrated
in the study.

1
9
References
Aigbavboa, S. and Mbohwa, C., 2020. The murky waters of outsourcing: critical risks factors
of outsourcing pharmaceutical outbound value chains. Procedia Manufacturing, 43, pp.328-
335.
Alabdan, R., 2020. Phishing attacks survey: Types, vectors, and technical approaches. Future
Internet, 12(10), p.168.
Aula, P. and Mantere, S., 2020. Strategic reputation management: Towards a company of
good. Routledge.

Butnariu, A., Luca, F.A. and Apetrei, A., 2018. Mitigating Financial Risk by Using Hedging
Strategies,“. SEA–Practical Application of Science, 6(16).

Capital structure investments and financing activities., 2020. Notes. Capital Structure,
Investments, And Financing Activities. Merck Annual Report. Available at <
https://www.Merckgroup.com/en/annualreport/2020/notes/capital-structure-investments-and-
financing-activities/42-management-of-financial-risks.html> (Accessed. 05.05.2022)

Carrascoso, C., 2018. Teaching Catholic Stakeholder Thinking Using the Open-Ended Case
Method. Journal of Business Ethics Education, 15, pp.259-284.
Chung, K.H.Y. and Adriaens, P., 2022. Financial exposure to environmental liabilities in
Lake Huron drainage area farmlands: a GIS and hedonic pricing approach. Agricultural
Finance Review, (ahead-of-print).
Cruz Rivera, S., Torlinska, B., Marston, E., Denniston, A., Oliver, K., Hoare, S. and Calvert,
M., 2021. Advancing UK regulatory science strategy in the context of global regulation.
Glover, R.E., Petticrew, M.P., Mays, N.B. and Thompson, C., 2022. How pharmaceutical and
diagnostic stakeholders construct policy solutions to a public health ‘crisis’: an analysis of
submissions to a United Kingdom House of Commons inquiry into antimicrobial resistance.
Critical Public Health, pp.1-10.
Grieger, K.D., Merck, A.W., Cuchiara, M., Binder, A.R., Kokotovich, A., Cummings, C.L.
and Kuzma, J., 2021. Responsible innovation of nano-agrifoods: Insights and views from US
stakeholders. NanoImpact, 24, p.100365.
Humayun, M., Jhanjhi, N.Z., Alsayat, A. and Ponnusamy, V., 2021. Internet of things and
ransomware: Evolution, mitigation and prevention. Egyptian Informatics Journal, 22(1),
pp.105-117.

2
0
KAPOOR, M., ROJHE, K.C. and MAHINDROO, N., 2020. Quality by design Approach in
Indian Pharmaceutical Industry: A Brief Status Appraisal. International Journal of
Pharmaceutical Research, 12(3).
King, C.R., Zhang, A., Tessier, T.M., Gameiro, S.F. and Mymryk, J.S., 2018. Hacking the
cell: network intrusion and exploitation by adenovirus E1A. MBio, 9(3), pp.e00390-18.
Kumar, A., Zavadskas, E.K., Mangla, S.K., Agrawal, V., Sharma, K. and Gupta, D., 2019.
When risks need attention: adoption of green supply chain initiatives in the pharmaceutical
industry. International Journal of Production Research, 57(11), pp.3554-3576.
Lemmens, S.M., Lopes van Balen, V.A., Röselaers, Y., Scheepers, H.C. and Spaanderman,
M.E., 2022. The risk matrix approach: a helpful tool weighing probability and impact when
deciding on preventive and diagnostic interventions. BMC Health Services Research, 22(1),
pp.1-11.
Lentz, T.A., Curtis, L.H., Rockhold, F.W., Martin, D., Andersson, T.L., Arias, C., Berlin,
J.A., Binns, C., Cook, A., Cziraky, M. and Dent, R., 2020. Designing, conducting,
monitoring, and analyzing data from pragmatic randomized clinical trials: proceedings from a
multi-stakeholder think tank meeting. Therapeutic Innovation & Regulatory Science, 54(6),
pp.1477-1488.
Lipp, B., Blanchet, B. and Bhargavan, K., 2019, June. A mechanised cryptographic proof of
the WireGuard virtual private network protocol. In 2019 IEEE European Symposium on
Security and Privacy (EuroS&P) (pp. 231-246). IEEE.

Manes-Rossi, F., Tiron-Tudor, A., Nicolò, G. and Zanellato, G., 2018. Ensuring more
sustainable reporting in Europe using non-financial disclosure—De facto and de jure
evidence. Sustainability, 10(4), p.1162.

Martin, K.D., Josephson, B.W., Vadakkepatt, G.G. and Johnson, J.L., 2018. Political
management, research and development, and advertising capital in the pharmaceutical
industry: a good prognosis?. Journal of Marketing, 82(3), pp.87-107.
Merckgroupm. 2022. Stakeholder dialogue. Merckgroup. Available at:
https://www.Merckgroup.com/en/cr-report/2018/strategy-management/stakeholder-
dialogue.html#:~:text=Our%20key%20stakeholders%20include%20our,Merck%20family
%2C%20and%20our%20suppliers. [Accessed on 28th August 2022]
Mišić, V.V. and Perakis, G., 2020. Data analytics in operations management: A review.
Manufacturing & Service Operations Management, 22(1), pp.158-169.

2
1
Moktadir, M.A., Ali, S.M., Mangla, S.K., Sharmy, T.A., Luthra, S., Mishra, N. and Garza-
Reyes, J.A., 2018. Decision modeling of risks in pharmaceutical supply chains. Industrial
Management & Data Systems.
Montoya, G.N., Santos Junior, J.B.S., Novaes, A.G. and Lima, O.F., 2018, February. Internet
of Things and the risk management approach in the pharmaceutical supply chain. In
International Conference on Dynamics in Logistics (pp. 284-288). Springer, Cham.
Nazarenko, M.A., Gorobets, A.I., Miskov, D.V., Muravyev, V.V. and Novikov, A.S., 2019.
Antivirus software and industrial cyber security system certification in Russia. Российский
технологический журнал, 7(1), pp.48-56.

Non-financial report., 2020. Facts & Figures. Merck Sustainability Report 2020. Avalable at
<https://www.Merckgroup.com/en/sustainability-report/2020/facts-figures/non-financial-
report.html> (Accessed. 05.05.2022)

Palgrave Macmillan, Cham.its Usefulness, O., 2021. 16 A New Approach to CSR Company
Stakeholder Responsibility. The Routledge Companion to Corporate Social Responsibility,
p.185.
Polhemus, A.M., Novák, J., Ferrao, J., Simblett, S., Radaelli, M., Locatelli, P., Matcham, F.,
Kerz, M., Weyer, J., Burke, P. and Huang, V., 2020. Human-centered design strategies for
device selection in mhealth programs: development of a novel framework and case study.
JMIR mHealth and uHealth, 8(5), p.e16043.
Schaltegger, S., Christ, K.L., Wenzig, J. and Burritt, R.L., 2022. Corporate sustainability
management accounting and multi‐level links for sustainability–A systematic review.
International Journal of Management Reviews.
Shulman, H.B., D’Angelo, D.V., Harrison, L., Smith, R.A. and Warner, L., 2018. The
pregnancy risk assessment monitoring system (PRAMS): overview of design and
methodology. American journal of public health, 108(10), pp.1305-1313.
Soewito, B. and Andhika, C.E., 2019, August. Next generation firewall for improving
security in company and iot network. In 2019 International Seminar on Intelligent
Technology and Its Applications (ISITIA) (pp. 205-209). IEEE.
Tomlinson, B., 2018. Emerging Practice in Long-Term Plans: How CEOs Talk About the
Long Term. CECP: Strategic Investor Initiative White Paper Series, 2.

2
2
Tripathi, S., Rangarajan, K. and Talukder, B., 2019. Segmental differences in pharmaceutical
industry and its impact on supply chain performance. International Journal of
Pharmaceutical and Healthcare Marketing.
Tulder, R.V. and Lucht, L., 2019. Reversing materiality: from a reactive matrix to a proactive
SDG agenda. In Innovation for Sustainability (pp. 271-289).

Valaskova, K., Kliestik, T., Svabova, L. and Adamko, P., 2018. Financial risk measurement
and prediction modelling for sustainable development of business entities using regression
analysis. Sustainability, 10(7), p.2144.

Wang, M. and Jie, F., 2020. Managing supply chain uncertainty and risk in the
pharmaceutical industry. Health services management research, 33(3), pp.156-164.
Wang, P., Li, B., Shi, H., Shen, Y. and Wang, D., 2019. Revisiting anonymous two-factor
authentication schemes for IoT-enabled devices in cloud computing environments. Security
and Communication Networks, 2019.
Warren, D.E., 2022. “Woke” Corporations and the Stigmatization of Corporate Social
Initiatives. Business Ethics Quarterly, 32(1), pp.169-198.

2
3