MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219 1

BM7219: MANAGING BUSINESS

CONTINUITY IN A GLOBAL CONTEXT:
ASSESSMENT 001

WAVES AUDIO

Student Name: Vinod George

Student Number: 4226630
Tutor: Mr. Divakar GM
 2

ABSTRACT

The purpose of this assignment is to illustrate the various risk mitigation methodologies that can
be deployed within a corporation – Waves Audio in this case – using frameworks that were covered
during course work of Business Continuity.
The assignment explores the various concepts taught and how they could be deployed using
multiple frameworks that suit a specific organization. The assignment also includes a short study
on all the factors that could impede the successful deployment of said measures.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 3

TABLE OF CONTENTS

CHAPTER 1

INTRODUCTION 4
WAVES AUDIO
• ABOUT THE COMPANY 5
• PRODUCT PORTFOLIO IN BRIEF 5

CHAPTER 2

DEPARTMENTAL EXPOSURE TO INTERNAL AND EXTERNAL RISKS 6

IMPLICATIONS OF DISRUPTIVE INCIDENTS 8
EMBEDDING BUSINESS CONTINUITY INTO DEPARTMENTAL STRATEGY 11

CHAPTER 3

CHALLENGES IN EXECUTING BUSINESS CONTINUITY PLANS 14

CONCLUSION 16

BIBLOGRAPHY AND REFERENCES 18

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 4

CHAPTER 1

Introduction

In recent decades, business continuity management (BCM) has been a major governing factor that
has provided a sustained model of growth within various organizations. In today’s corporate world
which is continually evolving through internal social and or technical processes with various
unforeseeable external hazards (Fischbacher-Smith, 2017). Mitigation of these risks – both internal
and external - ensure that organizations can effectively still maintain operations. With the strive to
survive, organizations are now mandating that operations are maintained to meet rising demands,
ensuring a sustainable supply of materials, manufacturing, and regulation of risks (Randeree,
Mahal, & Narwani, 2012). If we exclude the workflows as created by the business continuity
management models, it will proceed to nullify the regulation of risks, thus leaving the organization
vulnerable to compounding risk impacts that arise from a highly dynamic business environment
and without a plan to overcome said impacts (Sawalha, & Anchor, 2012). Saleem et al. (2008)
suggests that any organizations’ upkeep depends on beating any disaster within a period of 10 days
since exposure; therefore, exclusion of the BCM model negates any risk detection and mitigation
methods that would result in a catastrophic failure. Maintaining BCM thereby increases any
organizations’ ability to survive in any crisis. BCM is conducted in three phases - pre-event
preparation, event management and post-event continuity (Tammineedi, 2010). This modus
operandi provides the organization information on exposures and impact of disruption thus,
creating a business continuity plan (CP) to resolve crises in a manageable time frame.

This report will demonstrate the creation of a business CP for Waves Audio, henceforth referred
to as Waves, and will showcase three continuity planning templates that could overcome crises of
high severity. Evaluations of departmental exposure to risks, implications of disruptive events,
embedding business continuity and challenges in execution.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 5

WAVES AUDIO

About Waves

Established in 1992, Waves is a leading provider of audio processing solutions – both software
and hardware - for professional, broadcast, live sound, and consumer audio markets. The company
is bolstered by its 400 strong workforces across the globe. Currently, their products are deployed
in over 580,000 studios operating in the field of music, movies, and gaming industries.
Online, Waves boasts a user base of over 1 million sound engineers as registered users. One of the
company highlights is the fact that they have over $150 million invested in R&D and are still to
this date privately owned.

Fig 1: Some of Waves famous creations

Product Portfolio

Waves started by creating specific software to replace analog physical DSP technology that was
used in the production industry. With the onset of the digital age, all post production for music,
movies and any related industry, now had immense power to enhance the content created for their
audience. However, there was an acute shortage of digital tools needed to harness this power. This
was provided with proprietary algorithms by Waves at the start of the early 1990s with many of
these production software tools eventually being adopted as an industry standard for any content
creators.
Today, Waves product portfolio consists of over 300 software modules (called plugins) and three
hardware lineups including a world acclaimed live mixing console. The products have now
become market leaders for live concerts and venues as well.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 6

CHAPTER 2

Departmental Exposure to Internal and External Risks

Weaknesses that arise from internal and external environments that envelop any organization can
always be identified. Pal, Andersson and Torstensson (2012) suggests that highly resilient
businesses continuously and proactively monitor their surroundings and create and aligned CP to
mitigate and overcome various forms of crisis. Internal crisis can consist of many parameters such
as a “deficient IT infrastructure”. This can result in total system failures and below average
operational modus operandi. This would lead to creating humanistic issues such as “manufacturing
flaws” (Fadun, 2013). Internal risks threaten business operations causing effects such as on-leave
employees unable to access or do work through their corporate IT networks or like having an
unusable product for the client. Hence, it is quite essential that BCM should be deployed to these
situations to provide mitigation against these vulnerabilities.
Inspite of emphasizing the need for a robust BCM, organizations continue to hinder the ability to
implement mitigations due to centralized control of decisions and restricting the flow of
information (Taylor, 2010). These restrictions tend to reduce the organization’s agility; therefore,
risks have greater resolution time, as ground- level employees need not just the requisite approvals
but also information to implement changes. Subsequently, this consumes more time which leads
to the organization becoming a lame duck. Along with policy restrictions, internal crises can arise
due to a lack of basic understanding of the vulnerabilities. Cerullo and Cerullo (2004) state that
only 15% of organizations perform IT tests, about 8% execute company-wide analysis and 8%
implement departmental walk-through exercises. This inherent lack of pre-event preparation
provides far greater vulnerability, as unacknowledged risks cause a greatly reduced adaptability to
crises with very limited strategic workarounds and or solutions. Therefore, Waves must implement
these actions to identify vulnerabilities and mitigate them.
Besides the above-mentioned internal crisis, organizations are also affected through the external
environment. External factors that could be affecting businesses may be categorized as follows
(Booth, 2015).
A. Political
B. Environmental

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 7

C. Sociological
D. Technological

Smith (2005) suggests that an increased stakeholder interaction with external environments creates
more risks. This increased interaction has been created with the onset of the growth of global
operations and digitalization in modern markets. Waves operates utilizing geographically
separated entities – complete with their own competitors and customers. The risks are quite
dynamic. These factors could directly affect company operations and are categorized as the micro-
environment (Mhlanga, 2018). Acquiring business intelligence regarding the micro-environment
through analytical frameworks like Porter’s Five Forces helps identify threats and opportunities
(Porter, 2011; Selen, & Ashayeri, 2008). This helps organizations in drawing up mitigation
strategies against the potential risks, above and beyond exploiting opportunities. This in turn
threatens their competition. However, Heath and O'Hair (2009) imply that these analytical
frameworks although do provide with adequate BCM knowledge, are then utilized in strategic
management to gain the competitive advantage by overlooking certain vulnerabilities until viewed
as “truly serious”. In support, Stulz (2008) pointed out the common failures of BCM practices,
such as lack of vulnerability identification, wrong quantification of risks and lethargic monitoring
of events. This lethargic mindset towards BCM will result in an increase of the organizations’
vulnerabilities to external events and will only provide to enhance the impact of said crisis.

Exposure to external risks can also be generated through macro-environmental events. These
events are created through similar factors as micro-environmental, however, the influence is felt
across several industries and cultures, leading to an impact on the whole economy (Joplin et al.,
2003). Kozlinskis and Guseva (2006) suggest that macro-environmental events are very dynamic
unpredictable where future expectations cannot be gauged accurately. This implies that exposure
to such events is generally not preventable and even BCM strategies cannot effectively mitigate
the risk. Nevertheless, Antal and Van den Bergh (2013) state that educating employees to conduct
BCM models concerning macro-environmental events greatly improves their decision-making and
proactive reflexes which can be applied to overcome macro-environmental crises in any reactive
position. They will possess an increased knowledge of how to methods to potentially mitigate and
return to business as usual.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 8

Implications of Disruptive Incidents

Quite an important parameter of BCM is the understanding of how crises impact operations.
Savage (2002) formulated that a fundamental action in the BCM is the classification of risks
depending on their potential degree of loss. This breakdown involves parameters such as individual
issues, departmental setbacks, facility-wide situations, and external disasters. Waves will require
to ensure that all these parameters are identified when evaluating their internal and external
vulnerabilities. This is important as each will have both departmental and wider business
implications. It is found that risks affect different verticals quite uniquely, presenting different
effects (Hiles, 2012). Identifying the capitals enables the management to very effectively
communicate with all the relevant stakeholders how to mitigate or produce a resolution during
crises. Zsidisin et al. (2004) specifies these divisions should be monitored proactively or
discovered reactively to be able to survive any crises. This can be achieved through either pre-
event preparation, identified vulnerabilities mitigation and post-event continuity. The goal is to
ensure that similar crises must not have the same extensive impact.
One pre-event preparation technique that is utilized in BCM is a risk matrix (RM). The RM defines
crises level probability and impact and proceeds to address the requirement for contingency
planning (Soufi, Torabi, & Sahebjamnia, 2019). The model highlights how devastating would be
the said crises towards damaging the organization while presenting the more expected and
catastrophic events by the outer edges of the diagram, shown into appropriate colors (Frikha et al.,
2021; Ritchie, 2004). This risk significance is calculated by the below formula.

Probability x Impacts = Significance

By the above formulation, greater the significance, more urgent must be the resolution as a non-
urgent approach will have quite a detrimental effect on the organization. Table 1 displays the BCM
template for Waves as a RM. Here all crises are segregated and presented with their due
significance into color coded sectors. Aleksandrova, Aleksandrov and Vasiliev (2018) have
discussed the importance of high competency when maintaining this matrix. This suggests
organizations should implement mitigations techniques thereby reducing crisis’ impacts.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 9

SCALE OF SEVERITY

ACCEPTABLE TOLERABLE GENERALLY UNACCEPTABLE

NOT LIKELY LOW MEDIUM MEDIUM

SCALE OF LIKELIHOOD
POSSIBLE LOW MEDIUM HIGH

PROBABLE MEDIUM HIGH HIGH

Figure 1: RM Template

Risk Assessment Table

RISK SEVERITY LIKELIHOOD RISK IMPACT

IT RISKS

NETWORK OUTAGE Tolerable Possible Medium

COMMUNICATION SERVICES UNAVAILABLE Acceptable Not likely Low

Generally
HACKING Probable High
unacceptable

HUMAN ERROR

Generally
THEFT OF MATERIAL / INTELLECTUAL PROPERTY Possible High
unacceptable
Generally
WAR Not likely High
unacceptable

OPERATIONAL ISSUES

MACHINE FAILURE Tolerable Not likely Medium

Generally
FACILITY DAMAGE Not likely High
unacceptable
Generally
TEST DEVICES FAILURE Possible High
unacceptable

UTILITIES

POWER OUTAGE Tolerable Possible Medium

NATURAL DISASTER

Generally
PANDEMIC Possible High
unacceptable

RAW MATERIALS

Generally
LIMITED NO SUPPLY OF SILICON CHIPSETS Possible High
unacceptable

Table 1: RM Template for Waves

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 10

Supplementary to RMs, a postliminary framework would be that of the business impact analysis
(BIA). Along with measuring crises significance, the BIA creates grouping of events and proceeds
to evaluates the effects on any organization’s sectors by identifying recovery point objectives
(RPO) and maximum tolerable period of disruption (MTPD) (Hiles, 2014; Tjoa, Jakoubi, &
Quirchmayr, 2008). RPO showcases the point of data restoration and when work can resume and
MTPD displays the instance when business recovery is guaranteed (Wiboonrat, & Kosavisutte,
2008). Beyond these features of BIA, Curtis and Carey (2012) argues that the descriptions of
potential strategic consideration must also be incorporated. Also, a column must represent the
strategic directive to overcome crises, leading to a quick resolution. Table 2 displays the second
BCM template for Waves as a BIA. Here, potential crises impacts are determined against
corresponding capitals with strategic considerations. Associating to the RM, the BIA tends to
highlight the events’ significance category by correlating both the RPO and MTPD, as such
significant instances are calculated as Red = 2 Weeks MTPD and 24 Hours RPO.
The correlation between risk significance RPO and MTPD is critical for predicting survival. Hence,
information inserted into the respective BCM templates must be accurate. Snedaker (2013) quotes
that when gathering this information, departmentally segregated employees should collaborate.
Waves MTPD points to their cycle of innovation. thus, if we exclude the fact that constant
operations must be maintained, the competitors will succeed with their technology, undermining
the product offerings. Therefore, to understand how crises disruptions will impact the organization,
employees who are deployed in designing, testing, and purchasing raw materials will all need to
collaborate. In addition to these departmentally segregated collaboration, Hamilton (2012) implies,
as most crises impacts global sites, geographically segregated teams must contribute towards the
BCM. This will lead to a comprehensive plan that benefits several sites. Nevertheless, to create
these successful templates, interactions between employees and emphasis on BCM must be
embedded into the working environment (Hiles, 2002).

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 11

RISK LIKELE IMPACT COST OF

GROUPING
HOOD MITIGATION
IT RISKS NETWORK OUTAGE 6 4 8
COMMUNICATION 1 9 1
SERVICES
UNAVAILABLE
HACKING 9 8 9
THEFT OF MATERIAL / 2 9 1
HUMAN ERROR INTELLECTUAL
PROPERTY
WAR 2 9 N/A
OPERATIONAL 3 8 2
MACHINE FAILURE
ISSUES
FACILITY DAMAGE 3 8 2
TEST DEVICES FAILURE 2 8 5
UTILITIES POWER OUTAGE 1 3 N/A
NATURAL 1 10 1
PANDEMIC
DISASTER
RAW LIMITED NO SUPPLY OF 1 10 1
MATERIALS SILICON CHIPSETS

Table 2: BIA Template for Waves

Embedding Business Continuity into Departmental Strategy

When trying to successfully embed BCM into working practices, Marchetti (2011) suggests that
organizations must evaluate their due processes and governance to ensure implementing effective
workflows and achieving leadership buy-ins. These frameworks are considered the depth and
breadth of parameters such as risk appetite which highlights the acceptable level of vulnerability
(Deloitte, 2014). This concept proposes that BCM must align with the overall business strategy,
where vulnerabilities are scrutinized regularly. However, action is only warranted when the

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 12

apparent risks become detrimental to the organization. This would further enable business growth
under the guide of high regularly monitoring and mitigating risks. Figure 3 (BCI, 2017) showcases
the BCM Lifecycle framework for inception of the concept of continuity within the organization.
Along with the main parameters of analysis, design, implementation, and validation; the said
guidelines have interlacing cogs, namely human resource, information security and risk
management. Each of these aspects provide accurate information and collaboration to bring about
mitigation areas through the creation of CPs. As such, these aspects can be worked on to further
reduce vulnerability and provide resolutions to overcome crises. As an example, Waves could
deploy this framework to draw up risk management strategies by correlation with a BIA to identify
vulnerabilities both in internal and external business environments.

Figure 2: BCM Lifecycle (BCI, 2017)

Along with the BCM Lifecycle, ISO 22301 are a set of standards that are adopted in BCM practices
as depicted by ten clauses with the first three defining the document and remaining seven assessing
conformity (ISO, 2019).
The conformity clauses are as below:
- Clause 4: Contextualize organization.
- Clause 5: Leadership and associated organizational policies.
- Clause 6: Resilience organizational strategy.
- Clause 7: Stakeholder integration, supporting communication and competence.
- Clause 8: Development of emergency management.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 13

- Clause 9: Performance evaluation.

- Clause 10: Implement improvements, conforming to non-compliance.
This standard highlights an action-based approach to achieve specification, creation,
implementation, and evaluation of CPs, quite similarly to the BCM Lifecycle whereas encouraging
continuous improvement of organizational resilience. Also, by implementing the use of ISO 22301,
organizations are provided with transparent management departments that collaborate across the
entirety of the organization, such as information security, hence reassuring relevant stakeholders
of continued operations (Wysokińśka-Senkus, & Górna, 2021). Subsequently, Waves can control
the mitigation of vulnerabilities in various sectors while enhancing corporate reputation. It is
important to note, these standards are limited to providing actions and explicitly exclude
deployment frameworks for BCM (Dominguez, 2016). Hence, referring to Marchetti’s (2011)
theory, leadership buy-in is essential.

The aspect of leadership buy-in to help achieve BCM deployment are used to encourage active
stakeholder participation. Hibberd (2012) states that BCM regulates that an overseeing manager
must set objectives and suitable costs by collaborating with various individuals who are specialized
in different expertise and or departments within the continuity planning. Waves must regulate that
this leading individual should have regular contact with various departments and or personnel to
help refine their CPs and reducing “risk significance”. Also, this leader must push for the cultural
acceptance of BCM practices by encouraging stakeholder participation. To attain this acceptance
the leader is required to implement policies, educate employees, and overcome barriers (Wallace,
& Webber, 2017). These actions will adjust the employee mindset towards BCM, hence, increasing
organizational resilience.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 14

CHAPTER 3

Challenges in Executing Business Continuity Plans

All the previous sections highlight procedures needed to improve BCM. However, unanticipated
challenges always arise during crisis that can hinder all mitigation execution.
One challenge during CP execution is the “emotional state of employees”. Ayoko, Ang and Parry
(2017) quotes that during any crises, managerial actions and attitude positively reflect on the
employees. Here the implication is that managers should learn to tweak their approach based on
how the employees’ emotional spectrum is as should the interactions be received negatively, this
will be evident in their response. Figure 2 (Kübler-Ross, 1973) showcases the different stages of
grief typically regarding death as individuals progress through emotional parameters such as shock,
denial, anger, bargaining, depression and finally acceptance. Regardless of this theory’s content,
this model can be applied to any situation to assist managers in identifying their colleagues’
mindset. Once the emotional parameter has been identified, managers can adjust their approach
accordingly by using emotional alignment to help overcome denial and provide the motivation
needed to mitigate depression (Malone, 2018).

Figure 3: Kübler-Ross Grief Cycle (Kübler-Ross, 1973)

Despite identifying imminent grief, the general approach during crises must be through
compassionate leadership. Doraiswamy (2012) quotes that leaders must show empathy,
compassion and flexibility during times of distress that is associated with the significance. As an

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 15

example, through the Covid-19 pandemic, Waves experienced sickness, reduced motivations, and
an acute demand for flexible working. Having a compassionate leader greatly improves team
cohesion and symbolizes a culture of value thereby increasing employee satisfaction (Hougaard,
& Carter, 2018). This helps managers to walkthrough the stages of grief quicker and assists in
returning to normal operations quicker.

The next challenge would be communication during crisis. Crisis communications can be
segregated into knowledge management, sharing information to gain situational awareness, and
stakeholder reaction management. All this helps understand perceptions to influence response
(Coombs, 2020). Stakeholders can damage reputation by miscommunicating information and
deplete financial assets by making ineffective decisions that directly can hinder resolution with
negative attitudes (Roshan, Warren, & Carr, 2016). If these aspects transpire, the chance of
organizational survival vastly decreases.
During crisis mitigation, internal communication networks must be implemented where exchange
of clear and frequent information through channels is of utmost importance (Fernandez, & Shaw,
2020). This helps the managers to maintain situational awareness while executing decisions
effectively to mitigate the crises. Andrew (2012) infers that this communication network must be
designed as an organizational chart with separating hierarchical employees into gold or strategic,
silver or tactical and bronze or operational divisions. Deploying the described command structure
results in a very efficient reporting structure during the mitigation efforts of the pandemic by
focusing on areas of human well-being, sustained operations, and knowledge sharing.
Implementing this organizational chart enables direction, alignment, and execution of actions that
help achieve set goals (Stoate, 2015). This enables managers and employees to have a crystal
understand of their responsibilities.

Finally, another challenge while executing CPs is the sheer quantity and quality of information.
Boulos et al. (2011) infers that issues that arise during information exchange are misinformation,
bias opinions, overload, and trust. Receiving incorrect information during any crisis will lead to
an ineffective decision-making process and faux reasoning with stakeholders. As an example, as
per the Boeing corporation in a study conducted in 2003, 80% of all flight accidents are due to
human error with a significant portion of the human error occurring due to misinformation (AERO

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 16

-MEDA Investigation Process. (n.d.).

https://www.boeing.com/commercial/aeromagazine/articles/qtr_2_07/article_03_2.html). In this
report, information passed between the ATCs and pilots are misinterpreted by each other due to a
variety of factors such as language, accent, over-exhaustion and so on. Comparing this to the
pandemic affecting Waves, such misleading information could result in employee confusion and
delayed deadlines and product failure resulting in the discontinuation of operations and a complete
halt to new products and technology. These would vastly increase crises significance and cause
imminent corporate death.
To prevent this doomsday scenario, Pan, Pan and Liedner (2012) imply that an information
response network must be implemented during times of crisis. Like regulating communication, an
organizational chart might be used to manage how information exchange takes place between
hierarchical levels. Executives in the gold/strategic level would receive condensed information
packets that are exchanged with the silver/tactical level management. This streamlined information
can be utilized to make effective and efficient decisions. Accompanying this theory, Eastman et
al. (2010) inferred that in these levels of exchange, the information must be accurate, precise, and
affluent in quality. Therefore, Waves should introduce workflows to deploy these aspects during
information exchange.

Conclusion

In conclusion, increased stakeholder interactions in modern markets demands highly resilient

organizations to continuously monitor all vulnerabilities within both the internal and external

environments. This helps identify internal risks that could be created through humanistic faults,

and external risks that might be formulated within the micro/macro-environments. Once the risk

is identified, imminent implications are to be gamed out by understanding the depth of the crisis,

its significance, its impact on different sectors, RPO, MTPD and strategic considerations. this

would be achieved through deployment of BCM techniques, such as RM and BIA. This will

provide the necessary foundation to mitigate in pre-event preparation, reducing risk significance,

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 17

and create actions for event management. To attain an effective CP, it is imperative that

departmental and geographical separated teams must collaborate. To carry this out, BCM must

be embedded into standard working guidelines. Adopting BCM requires aligned approaches such

as the BCM Lifecycle and depicting guidelines to help analyze, design, implement and validate

corporate resilience. Along with the mentioned approaches, the ISO 22301 standards that

regulate continuity planning through conformity to clauses can also be followed. Effective

leadership is needed to attain cultural buy-in during the said implementing BCM policies by

providing educating employees and helping to overcome barriers. Last but not the least

important, the overall employee mindset along with communication management and

information exchange are known to cause unwanted and effective challenges during CP

execution. These must be overcome by adhering to being compassionate in leadership,

implementing an effective organizational chart and applying strict policies in order to manage

information exchange.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 18

Bibliography and References

About Us | Waves. (n.d.). waves.com. Retrieved 31 October 2022, from
https://www.waves.com/about-us

Aleksandrova, S. V., Aleksandrov, M. N., & Vasiliev, V. A. (2018). Business continuity

management system. In 2018 IEEE International Conference" Quality Management, Transport
and Information Security, Information Technologies"(IT&QM&IS) (pp. 14-17). IEEE.

Andrew, R. (2012). Building community resilience. In Proceedings of the Institution of Civil

Engineers-Civil Engineering (Vol. 165, No. 6, pp. 59-64). Thomas Telford Ltd.

Antal, M., & Van den Bergh, J. C. (2013). Macroeconomics, financial crisis and the environment:
Strategies for a sustainability transition. Environmental Innovation and Societal Transitions, 6,
47-66.

Ayoko, O. B., Ang, A. A., & Parry, K. (2017). Organizational crisis: emotions and contradictions
in managing internal stakeholders. International Journal of Conflict Management.

Booth, S. A. (2015). Crisis management strategy: Competition and change in modern

enterprises. Routledge.

Boulos, M. N. K., Resch, B., Crowley, D. N., Breslin, J. G., Sohn, G., Burtner, R., & Chuang, K.
Y. S. (2011). Crowdsourcing, citizen sensing and sensor web technologies for public and
environmental health surveillance and crisis management: trends, OGC standards and
application examples. International journal of health geographics, 10(1), 1-29.

Cerullo, V., & Cerullo, M. J. (2004). Business continuity planning: a comprehensive approach.
Information systems management, 21(3), 70-78.

Coombs, W. T. (2020). Conceptualizing crisis communication. In Handbook of risk and crisis

communication (pp. 99-118). Routledge.

Curtis, P., & Carey, M. (2012). Risk assessment in practice. Committee of Sponsoring
Organizations of the Treadway Commission.

Deloitte. (2014). Risk Appetite & Assurance. Do you know your limits?
https://www2.deloitte.com/content/dam/Deloitte/uk/Documents/financial-services/deloitte-uk- fs-
risk-appetite-lkd-14.pdf

Dominguez, A. P. S. (2016). Business Continuity Management: A Holistic Framework for

Implementation.

Doraiswamy, I. R. (2012). Servant or leader? Who will stand up please. International Journal of
Business and Social Science, 3(9), 178-182.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 19

Eastman, C. M., Jeong, Y. S., Sacks, R., & Kaner, I. (2010). Exchange model and exchange
object concepts for implementation of national BIM standards. Journal of computing in civil
engineering, 24(1), 25-34.

Fadun, O. S. (2013). Risk management and risk management failure: Lessons for business
enterprises. International Journal of Academic Research in Business and Social
Sciences, 3(2), 225.

Fernandez, A. A., & Shaw, G. P. (2020). Academic leadership in a time of crisis: The
Coronavirus and COVID-19. Journal of Leadership Studies, 14(1), 39-45.

Fischbacher-Smith, D. (2017). When organisational effectiveness fails: Business continuity

management and the paradox of performance. Journal of Organizational Effectiveness: People
and Performance.

AERO - MEDA Investigation Process. (n.d.).

https://www.boeing.com/commercial/aeromagazine/articles/qtr_2_07/article_03_2.html

Frikha, G., Lamine, E., Kamissoko, D., Benaben, F., & Pingaud, H. (2021). Toward a modeling
Tool for Business Continuity Management. IFAC-PapersOnLine, 54(1), 1156-1161.

Hamilton, D. C. (2012). Multilateral continuity planning. The definitive handbook of business

continuity management, 37-49.

Heath, R. L., & O'Hair, D. (2009). Handbook of risk and crisis communication (p. 22). New York,
NY: Routledge.

Hibberd, G. (2012). Developing a BCM Strategy in Line with Business Strategy. The Definitive
Handbook of Business Continuity Management, 23-30.

Hiles, A. (2014). Business continuity management: Global best practices. Rothstein Publishing.

Hiles, A. (2012). Enterprise risk management. The definitive handbook of business continuity
management, 1-21.

Hiles, A. (2002). Enterprise Risk Assessment and Business Impact Analysis:: Best Practices.
Rothstein Associates Inc.

Hougaard, R., & Carter, J. (2018). The mind of the leader: How to lead yourself, your people,
and your organization for extraordinary results. Harvard Business Press.

International Organization for Standardization. (2019). ISO 22301:2019(en) Security and

resilience – Business continuity management systems – Requirements. ICS > 03 > 03.100 >
03.100.01. https://www.iso.org/standard/75106.html.

Joplin, J. R., Shaffer, M. A., Francesco, A. M., & Lau, T. (2003). The macro-environment and
work-family conflict: Development of a cross cultural comparative framework. International
Journal of Cross Cultural Management, 3(3), 305-328.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 20

Kozlinskis, V., & Guseva, K. (2006). Evaluation of some business macro environment
forecasting methods. Journal of Business Economics and Management, 7(3), 111-117.

Kübler-Ross, E. (1973). On death and dying. London: Tavistock Publications (Social science
paperbacks).

Malone, E. D. (2018). The kubler-ross change curve and the flipped classroom: moving students
past the pit of despair.

Marchetti, A. M. (2011). Enterprise risk management best practices: From assessment to

ongoing compliance (Vol. 561). John Wiley & Sons.

Mhlanga, O. (2018). The fast food industry in South Africa: the micro-environment and its
influence. African Journal of Hospitality, Tourism and Leisure.

Pal, R., Andersson, R., & Torstensson, H. (2012). Organisational resilience through crisis
strategic planning: a study of Swedish textile SMEs in financial crises of 2007–
2011. International Journal of Decision Sciences, Risk and Management, 4(3-4), 314-341.

Pan, S. L., Pan, G., & Liedner, D. E. (2012). Crisis response information networks. Journal of
Association of Information Systems, 13(1), 31.

19

Brandon Hibberd S1701594 BM7219 Assessment 001

Porter, M. E. (2011). Competitive advantage of nations: creating and sustaining superior

performance. simon and schuster.

Randeree, K., Mahal, A., & Narwani, A. (2012). A business continuity management maturity
model for the UAE banking sector. Business Process Management Journal.

Ritchie, B. W. (2004). Chaos, crises and disasters: a strategic approach to crisis management in
the tourism industry. Tourism management, 25(6), 669-683.

Roshan, M., Warren, M., & Carr, R. (2016). Understanding the use of social media by
organisations for crisis communication. Computers in Human Behavior, 63, 350-361.

Saleem, K., Luis, S., Deng, Y., Chen, S. C., Hristidis, V., & Li, T. (2008). Towards a business
continuity information network for rapid disaster recovery. In dg. o (pp. 107-116).

Savage, M. (2002). Business continuity planning. Work study.

Sawalha, I., & Anchor, J. (2012). Business continuity management in emerging markets: The
case of Jordan. Journal of business continuity & emergency planning, 5(4), 327-337.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 21

Selen, W., & Ashayeri, J. (2008). Global sourcing strategy alignment using business
intelligence: a conceptual framework. International Journal of Procurement Management, 1(3),
342-358.

Smith, D. (2005). Business (not) as usual: crisis management, service recovery and the
vulnerability of organisations. Journal of Services Marketing.

Snedaker, S. (2013). Business continuity and disaster recovery planning for IT professionals.
Newnes.

Soufi, H. R., Torabi, S. A., & Sahebjamnia, N. (2019). Developing a novel quantitative
framework for business continuity planning. International Journal of Production Research, 57(3),
779-800.

Stoate, J. M. (2015). Together or apart: Modelling the inter-agency workings of emergency

response multiteam systems (Doctoral dissertation, University of Leeds).

Stulz, R. M. (2008). Risk management failures: What are they and when do they happen?.
Journal of Applied Corporate Finance, 20(4), 39-48.

Tammineedi, R. L. (2010). Business continuity management: A standards-based approach.

Information Security Journal: A Global Perspective, 19(1), 36-50.

Taylor, M. (2010). Toward a holistic organizational approach to understanding crisis. The

handbook of crisis communication, 698-704.

The Business Continuity Institute. (2017). Exploring the Good Practice Guidelines 2018 edition:
Analysis (PP3). https://www.thebci.org/news/exploring-the-good-practice-guidelines- 2018-
edition-analysis-pp3.html.

Tjoa, S., Jakoubi, S., & Quirchmayr, G. (2008). Enhancing business impact analysis and risk
assessment applying a risk-aware business process modeling and simulation methodology. In
2008 Third International Conference on Availability, Reliability and Security (pp. 179-186). IEEE.

Wallace, M., & Webber, L. (2017). The disaster recovery handbook: A step-by-step plan to
ensure business continuity and protect vital operations, facilities, and assets. Amacom.

Wiboonrat, M., & Kosavisutte, K. (2008). Optimization strategy for disaster recovery. In 2008 4th
IEEE International Conference on Management of Innovation and Technology (pp. 675- 680).
IEEE.

Wysokińśka-Senkus, A., & Górna, J. (2021). Towards sustainable development: risk

management for organizational security. Entrepreneurship and Sustainability Issues, 8(3), 527.

Zsidisin, G. A., Ellram, L. M., Carter, J. R., & Cavinato, J. L. (2004). An analysis of supply risk
assessment techniques. International Journal of Physical Distribution & Logistics Management.

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219

 22

MANAGING BUSINESS CONTINUITY IN A GLOBAL CONTEXT – BM7219