Organizational Readiness: Flayton Electronics

Critical Success Factors (CSFs) Applied to the Facts of the Case Study

The critical success factors are elements of a company’s performance that are noteworthy for its success or progressive effect of a project. The case provided poses a problem of data theft, which puts a business at the risk of collapsing should wrong decision be made. The critical factors of success of Flayton Electronics include correct, as well as timely decision-making, involving of affected stakeholders and employing the necessary resources such as human resources. The other factor of success is a strategy of the brand restoration, where Flayton Electronics has to make the brand accepted again by customers even after revealing a problem. The negative factor in this particular case is data theft that leaves the company at risk. Another factor is that should the clients receive the information wrongly, they will avoid shopping at Flayton Electronics for the fear of losses, hence paving a path for the business’ downfall. The business is usually based on the trust and loyalty of the customers and thus a slight mistake in responding to the problem at hand is disastrous. It is also clear the Flayton’s data theft prevention technology is surpassed by the fraudsters. As a result, the CSFs may be crucial in this particular case since, despite the short comings, the business should be able to cope with the challenge and return to the profit zone. Comprehension of the CSFs creates a foundation within which the management would establish its way out (Lam, 2003).

Project Benefits, Organizational Readiness, and Risk Culture of the Company

The project’s paybacks are several. For instance, the successful completion of the project would restore and save the image of Flayton Electronics. The goodwill of the organization is at verge of getting destroyed. The customers will automatically feel insecure when shopping at Flayton Electronics, where they stand a chance of losses resulting from improper management of data (Virine & Michael, 2007). Any moment the customers feel in danger approximates the business towards closure. Thus, Flayton would remain standing should the project be managed well. The other benefit is that the customers will have zero losses as the culprits may be arrested or barred from continuation with the crime.

Flayton Electronics is not ready to take the risk. Laurie, the person in charge of loss prevention, is described as having a clean record regarding the reduction of store theft. She, however, makes it plain that she is not conversant with cases that involve data theft. She also claims to not comprehend the data theft involved. She states that should the Century Bank not have detected the theft, she could not have known. The fact that the firewall described in the system remains open and unknown becomes another clear indicator that the business just operates with less or zero readiness for risks. Laurie, in her conversation with Brett, admits having anticipated the occurrence of such a risk but did nothing to prevent its occurrence. Similarly, the management discussion points out that little attention is paid to risks. For instance, they are unable to make a decision at a critical moment when the business faces a difficult moment. The management should have developed alternative options or courses should such problems arise. It would indicate the company’s readiness to face any difficulties that might arise.

Risk culture can be explained by the behavior and values of an organization when facing any risk in order to shape decisions for solving a particular problem. Flayton’s risk culture is low. The management team assembled to discuss the crisis strategy rather late. They should have met to pick a strategy out of the alternatives kept aside for such moments. The response to a crisis of this company indicates that its risk culture is underdeveloped. Their discussion and review of the problem do not seem to yield any effective conclusions to solve the issue and save the company. They appear uninformed. For instance, they ask questions that would not lead them to making proper decisions. For instance, Laurie poses a question of how the firewall got down, yet she is the one to answer it.

Response Justification

The project benefits refer to the positive outcomes coming out of a well-managed process of solving the crisis faced by Flayton Electronics. Definitely, should the management see that the company is still standing even after a large number of clients exhibit losses at their premises and the media reporting on the story; then the benefits would be as outlined. The company image would not be dirty painted, customers would no longer lose money, and the crime roots would be detected.

Flayton Electronics is not ready for risks as a result of poor management. The top managers, including the loss prevention officer, have not taken time to look into each possible loophole until a problem arises. Good managers can never sit to await problems, but rather put in place strategies to detect and counter the unforeseen calamities. Employing professional managers, who would share the company’s mission and vision, means having all the possible means to solve any critical issue that may put a company at the risk of bankruptcy.

The risk culture at Flayton Electronics is poor because the response to the challenging situations, like data theft, is slow and ineffective. The problem here is the fact that the situation being under discussion appears to be a shock to the managers’ team at the top of the company. None of them is able to provide an effective solution that would keep the company afloat. Their review of the crisis is a failure. The officer responsible for the security in the company is totally negligent of data breaches and the appropriate measures that should be taken. She only had addressed physical theft in stores.

Project Risk Recommendations

The personnel with a comprehension of the nature of the crime are the ones who should be given the task to counter the data theft. Data security should be provided by the specialists in the sphere of IT technologies, but not case persons like Laurie, who is used to physical theft. Moreover, Flayton should acquire expert understanding regarding the issue as well as notify the law enforcement agency that the aim of the company’s existence is to honestly serve its customers in line with reputation maintenance. The next recommendation involves trust. Flayton Electronics should rank and uphold the trust of their customers while observing privacy policies and rules of data shielding (Hillson, & Simon, 2012). Public trust should always be applied in business to keep its operations high.

Initial Categories of Risk (RBS Level 1 and 2) in the Case Study

The first category is technical risk. In the case of Flayton Electronics, the company has not performed the appropriate scope definition as well as training of the staff members. The company should have done and followed the necessary procedures and taken appropriate measures before moving online for purposes of structure strengthening. Still, under the same category, there is another risk. The company’s technical processes have not been properly managed. For instance, the employees are not well checked regarding their backgrounds and professional capabilities to alter the system software. Specialists possessing the knowledge in the sphere of IT and data security should be employed. Another category of potential danger is risk management. According to the case study, top management of the company has poor decision-making skills. It is observed when the decision-makers are unable to come up with a message to customers and stakeholders, which represents a certain risk to the company’s reputation in the eyes of the public. For instance, project design displays faults in present security as in the case of Sergei and data security. Proper resource utilization is lacking, that is, specific employee skills are absent (data protection is not insured). Moreover, Laurie, the officer responsible for security, has limited understanding of data security.

The other category is commercial risk, which is being obvious in the numerous examples in Flayton Electronics. For instance, the internal procurement is at a low level. A data theft problem has come as a shock to all departments. The decision-makers have failed, and the clerks have not been keen to establish such a problem in their work. Customer or client stability can be violated as there exists a high risk that they would prefer another retailer promising them security. Should such happen, then the business will sink.

External risk is reflected in the way legislation may take its course. Law enforcers may desire that positive or negative alterations to the project. Legal prerequisites for PCI might pose additional requirements and obligations. The external risk is dangerous to Flayton business. Competitors may lure the insecure customers bringing Flayton to liquidation (Gray & Larson, 2012).

In conclusion, it is easy to deduce that proper communication is lacked within the company. The issues would have been barred should interdepartmental communication have been enhanced. The security department was not well informed concerning data security; instead only minor physical thefts have been checked. The staff, though admitting their mistakes, did not perform their responsibilities well.

Related Free Management Essays