Part A

Company Profile

Name: Total Data Centre Sdn Bhd (TDC)

Industry: IT Industry
Located on: Bukit Jelutong- Selangor.
Service Provided: IT outsourcing Services & Data recovery Centre services
Services provided: IT outsourcing, Networking and Data management. Information
Technology operation of Processing, and Storage

The Risks

In the company, the following factors contribute to the risk and the company has the
ability to manage its risk conditions as analyzed in the table.

No Factor Risk
.
01. Loss of physical assets  Physical capital, also known as tangible
assets, is often completely different from
intangible assets.
 The loss of physical assets Risk category
includes accidents and natural disasters as
well as potential risks posed by terrorist
activities and subversive activities. This
can lead to losses such as data breaches
and confidential breaches
 Continuous planning and safety can
minimize the risks in this category
02 Loss of Human Capital  Human capital is that the stock of habits,
knowledge and, temperament attributes
embodied within the ability to perform
work.
  Human capital risk arises from several
sources, the gap between the
organization's objectives and the skills of
its workforce.
 This risk can be minimized by providing
opportunities for the employees to grow
through training and skill development
programs, encouraging learning,
organizing weekly time allocations for
employees to learn, and incorporating
skills development into the regular
performance appraisal process.
03 Technology / Equipment Failures  In the face of technology and equipment
breakdowns, an organization moving with
new technology has to face many
problematic situations.
 In particular, service disruptions,
insecurities caused by technical issues,
can be mentioned.
 To avoid these vulnerabilities, actions can
be taken such as maintenance
management, taking responsibility for the
equipment under the relevant substrates.
04 Operational Loss  Operational risk is the expectation of
damage from inadequate or failed
procedures, systems, or policies.
Employee errors. System failure. Fraud or
other criminal activity. This includes any
event that interferes with the business
process.
 The risky outcome or impact could be
financial loss, reputation damage, change
 of processes ,or a combination of these.
 Operational risk is generally under the
control of the organization through risk
assessment and risk management
practices, including internal assessment.

05 Loss of Supply  The risk is the inability of an organization

to meet customer demand based on the
efficiency of internal operations or the
provision of any other service
 These risks include sudden bankruptcy of
suppliers, loss of customer loyalty, and
financial breakdown.
 This vulnerability can be avoided through
supply chain review, backup supply
management, and shared work
management.
06 Public Liability  This risk includes internal or external
damage to a third party due to some
malfunction in the Company's internal
operations.
 This can lead to legal issues for the
company, damage to the company's
image, and damage to customer trust.
 This risk can be minimized through
actions such as insurance and delegating
responsibilities to those responsible.

(a) Risk Matrix

Impact 1 3 5 7 9
 Risk Rating Low Moderate High
0.9 c

Probability
0.7 b
0.5 a d
0.3 f
0.1 e

a. Loss of Physical assets Very High Risk High Risk

High Risk
b. Loss of Human Capital Moderate Risk Medium Risk
Low Risk Low Risk
c. Technological Equipment failure Very Low Risk

d. Operational loss

e. Loss of Supply

f. Public Liability

(b), (c), (d)

Answers for the part b, part c and d has provided in the following table.

Loss exposure Risk Rating Risk Strategy

Risk

(High/Medium/Low) (Mitigate & Control/

Control/Share/Accept)
Loss of

Damage to physical In the company, there is a moderate Mitigate and Accept

assets can lead to risk of loss of physical assets.
economic collapse and Reasons for this include natural Insurance support can
Loss of

Loss
legal of human capital
also There are poor
manyequipment
job opportunities Mitigate andthis
Accept
Physical

issues. It can disasters, quality, help reduce type of

adversely affects the available today for IT qualified
company. This human resources. Because of this, Lack of permanent staff
Human
Technologi

Due to technical
situation can leadand
to Because
there is athings like computers
high probability of and Mitigate andtheControl:
can lead to loss of
equipment errors, such computers are often networked, The
as data deletion or probability of technical errors, and Existing system failures
misplacement, the equipment errors, is very high. can be mitigated by using
cal/Equip
 loss of Operation Inefficiency in service Operational risk can be more or less Accept and Control:
delivery, revenue the same in any organization. The Spending money alone is
shortfalls due to risk of this risk is moderate, as not enough to avoid
The company
demand could
breakdowns Technical
proper humanand equipment
resource failures, Share andlosses
possible Accept:
from a
Public alLoss

suddenly go bankrupt. service malfunctions, and increased

Service delivery may demand can be cited as reasons for The company can work
Supply

Internet data theft, also The

be inactive.Tthe Company
supply is lessand
disruptions, likely
theretoisbea at Accept andIT
with other Control:
companies
known as cyber- risk for its responsibilities to the
attacks, can cause public, Due to the proper risk The Company cannot
Liability

many problems by management, data and information overcome these kinds of

Part – B

(a)

The reason for such a catastrophic situation for Baring Bank was the shortcomings in the Bank's
internal operations. Accordingly, the operational risks that led to the collapse of Barings Bank are
as follows.
Operational Risk The way Impacted
Process Failure Due to all technical faults, the Bank did not
pay attention to the findings of some of the
audits that led to the crash. The Bank did not
have a good risk monitoring strategy and had
no assurances about their operations related to
opening accounts using process failure
technology
Information Technology Error There have been no reports of the Bank of
England transferring funds from Barings to
BFS and, For nearly three years, Special
Account No. 8888, used by Leeson to cover
losses, has not been subjected to Baring
'oversight transactions
Insufficient Process The Bank has received a considerable number
 of warnings in various ways, but the Bank has
not taken appropriate action. If the bank had
discovered this earlier, it would have
remained liquid without incurring large but
catastrophic losses.
Human Error In 1994, an internal audit identified potential
liability issues. But unfortunately, they
ignored it. According to Anthony Havers, then
treasurer of the BIB, Barrings officials agreed
to a $ 1 billion lease in 1995 for the first two
months and Former BIB chief Peter Harris
complained about a number of issues in a
draft of the Singapore report, but in June he
denied the allegations and submitted a 19-
page reply. Furthermore, James Backs,
regional manager of Singapore-based Barin
Investment Bank, warned against allowing
Leeson, an individual, to handle both trade
and arbitration, but he ignored them and,
these all facts can be mentioned under human
errors.
Quality Risk The bankruptcy of a bank that deals with
public money are the beginning of many
problems. Although it has been active for 233
consecutive years, the bank's recession, due to
neglect of services, shattered all hopes of the
public who had placed their trust in the bank

(b)
Nicholas Leeson pleaded guilty to two counts of "defrauding bank auditors and defrauding the
Singapore exchange". Therefore, it was widely believed that Leeson was responsible for the
collapse of Baring Bank.
Although the surface condition is as above, the bank cannot absolve itself of
responsibility by handing over the responsibility to Leeson alone. Improper risk management has
been a major factor in this breakdown. Employees' indifference to work shows that the bank was
at risk due to mismanagement of human capital risk. The bank also faced problems due to
improper management of equipment and technical risks. And basically, the initial risk of this
crash was the operational risk. This is due to the lack of proper training, incentives or risk
management for human capital. Also, despite warnings and complaints received by the Bank
through various channels, the Bank was not anxious to take appropriate action on them. It is an
error in operational risk management. Furthermore, account information No. 8888 could not be
traced as the technical defects and tools of the bank had not been properly maintained and
replaced. It proves that technology and equipment errors are not properly managed. Those
responsible for the collapse of Baring Bank should include the board of directors, in this sense,
the board of management and the staff. If errors and risks were properly managed, the bank
would not have collapsed completely.

(c)
The Board of Directors of Bering Bank has a great deal of responsibility for the collapse of the
Bank. The biggest factor leading to this complete breakdown was the lack of risk management.
Here, the board of directors was responsible for recruiting managers, overseeing them, and
maintaining and evaluating competent managers and human capital. The next point is, The Board
of Directors is committed to providing guidance to the organization. But instead of guiding,
Baring’s board of directors allowed the bank to make the wrong decisions. As a result, the bank
went into recession. Establishing a policy-based governance system is a primary responsibility of
the Board of Directors. But looking at Baring Company, it is doubtful whether employees were
aware of such policies. There, too, a black mark remains on Baring’s board of directors. In
addition, the relationship between the organization and the CEO must be governed by the Board
of Directors. But here, The Board of Directors has failed to analyze the issues through regular
discussions with the Chief Executive Officers, as the Audit Oversight has revealed that there are
some problematic situations but the Chief Executive has ignored them. Also, the board of
directors has neglected to direct its company for the trustworthy duty of protecting the
organization's assets and members' investment. In view of this, the Board of Directors of Barin
Bank will have to bear a considerable amount of responsibility for the bankruptcy of Barin Bank.

(d)
Leeson started an error account – Account no 88888, then he traded significantly between
Account no.88888 and other accounts. Leeson instructed the arbitration staff to divide the total
number of contracts into several different transactions, credit the profits to the 92000 account,
change the trading prices, and recover the losses to the 88888 account. Being an arbitrator was
actually speculation disguised with the help of account no.88888. Furthermore, Nick Leeson
tried to hide his loss by writing a fake report to London. The Securities and Exchange Board of
London has not identified the error account and has no description of the internal reporting
system. Nick Leeson had the idea of deceiving his employers. On July 3, 1992, account no.88888
reported a loss of $ 40,000. The loss was $ 320,000 within two months. Eventually, the account
under account number 8888 was able to flatten the oldest bank that had retained its name for 233
years.

(e)

 Establishing Legal and Audit unit

By replacing an internal audit unit, it helps the company to protect assets and reduce the
possibility of fraud. Furthermore, an internal audit and legal unit can enhance the efficiency of
the organization's operations. The Internal Audit and Legal Unit can provide a wide range of
assistance to enhance the firm's financial credibility and integrity. The Internal Audit and Legal
Unit can ensure that a company complies with laws and statutory regulations. Accordingly, it is
the responsibility of this unit to implement and control the amendment of laws and regulations.
Establishing monitoring procedures is another task that needs to be done by the unit at the same
time.
  Establish a business strategy unit

Strategic business units are needed to help managers focus on a variety of factors. Every service
or business unit has a number of requirements, and the personal focus of this unit on these needs
will effectively manage the issues that arise. An insightful strategy can, at the same time, make
high predictions about future needs. From this, a company's risks can be identified and action can
be taken accordingly.

 Improving human resource activities

Increasing human resource performance is essential for a company to survive. Increasing job
satisfaction improves employee commitment. The opportunity arises to serve the organization
more responsibly than ever before. good work culture is essential when it comes to human
resources. A good work culture needs to be established for anything more human resource
activism. In addition, proper human resource mobilization can increase customer satisfaction
rates and, in turn, improve human resource activism as consumer satisfaction increases. Efficient
resource management is an active approach to managing employees and, to increase productivity.

 Appoint a Risk Officer

By recruiting Risk Management Officers, They focus solely on risk management, which is a
basic need of a company. By focusing on this individually, the basics such as risk identification,
measurement, management and reporting related to risk management are completed. Through
this process, helping develop processes to better assess business-specific risk, conducting risk
and compliance assessments, Monitoring important as well as critical risk issues are completed.

Reference

 Berman, Alan. Constructing a Successful Business Continuity Plan. Business Insurance

Magazine, March 9, 2015.
 http://www.businessinsurance.com/article/20150309/ISSUE0401/303159991/constructin
g-a-successful-business-continuity-plan
 Craig Taylor; Erik Van Macke, eds. (2002). Acceptable Risk Processes: Lifelines and
Natural Hazards. Reston, VA: ASCE, TCLEE. ISBN 9780784406236. Archived from the
original on 2013-12-03.
 Rowling, Megan (2015-03-18). New global disaster plan sets targets to curb risk, losses |
Reuters. Reuters. Retrieved 2016-01-13.
 American National Standard ANSI/NASBLA 101-2017: Basic Boating Knowledge--
Human Propelled (PDF). Retrieved 2018-11-01.
 UIAA Standard 152: Ice Tools (PDF). Retrieved 2018-11-01.
 Baring Asset Management. Mass Mutual Asset Management Affiliates Announce Plans to
Combine. March 2016.
 Home. Bpeasia.com. 23 August 2015.
 India, Baring Private Equity Partners. Baring Private Equity Partners India
www.bpepindia.com.