km assignment services logo

Risk Analysis

Risk Analysis
Table of Contents

1. Abstract

The objective of this project is to examine the risk analysis of Etihad Airways and to develop strategic risk management policies to overcome the problems or issues that are identified in the operations of the company. Furthermore, this project will also provide recommendations in which it will be examined how to successfully develop an effective risk management plan that could reduce the risk of the operations to an acceptable level.

2. Introduction

Etihad Airways has expanded to more than 140 destinations in a short period of time, and the company’s unrivalled dedication to customer care has earned it several accolades and positioned it as the top airline in the world. Having earned the 2011 and 2012 Airline of the Year awards in the esteemed Skytrax industry audit, passengers clearly have faith in Etihad Airways. As a result, air travel is now widely accepted and even expected in every region of the world. Airlines that want to keep or increase their market share in today’s climate must deliver premium service while also reducing costs due to the increased competition and wider range of options accessible to consumers (O’Connell and Bueno, 2018). Etihad Airways has accomplished much in spite of the fierce competition it faces, thanks to its cutting-edge fleet of aircraft and its spectacular route development, which has seen annual growth of 30 percent on average. Scheduled flights originate in Doha, the capital of the State of Etihad, and connect to significant business and leisure destinations throughout Europe, the Middle East, Africa, the Asia Pacific region, North America, and South America (Petcu, 2021).

Since its relaunch in 1997, Etihad Airways has received a plethora of plaudits and distinctions, including a 5-Star rating from Skytrax, an honor shared by just a select few airlines throughout the globe. As CEO of Etihad Airways, the management is glad to announce that it has accomplished the company’s primary objective of being the finest airline in the world by providing unmatched in-flight service, superior on-board goods, and unparalleled operational efficiency. An enterprise may take advantage of this superior service by booking flights and learning more about Etihad Airways on the newly renovated An improved search capability, more airline offers, and a more user-friendly interface are just some of the major additions to the site. An enterprise can expect nothing but the best from Etihad Airways, from the moment an enterprise start booking a flight online to the moment an enterprise picks up bags when an enterprise gets home (Petcu, 2021).

3. Risk Management plan

Companies must adapt to survive in today’s global marketplace. This means that every firm faces its own unique set of risks as it goes about its daily tasks. Organizations face substantial risks. Taking a chance is oftentimes inevitable (Gagliano & Grimaldi, 2015). Numerous commercial procedures are vulnerable to hazardous events. Each factor may have a distinct effect on how a company operates as a whole. Therefore, proper precautions should be taken with each of them. Effective risk management is crucial for every business. It builds a system to make sure all potential threats are always being dealt with. A risk management strategy consists of a collection of agreed-upon guiding principles and regulations to be implemented in the event of a risk. Many rules are included in a plan so that different risks may be dealt with (O’Connell and Bueno, 2018).

A risk management strategy is made up of a number of distinct operations and procedures. Every step is essential to the overall strategy for minimizing risk. It’s because there are tangible results to be had at each stage. Because of this, procedures are crucial to every successful business. Few companies have taken the time to develop a strategy for dealing with potential threats. Frequently, companies find themselves enmeshed in a web of risks, unsure of how to proceed. According to studies, it’s important for businesses to have a well-defined risk management strategy in place. Also, a risk management strategy allows them to act swiftly and appropriately if hazards arise. Emirate Airlines’ strategy for dealing with potential risks is the subject of this study. This firm has been around for a while and has established credibility. Therefore, it is more likely to be vulnerable to a wide variety of risks. Efforts already made by the corporation to mitigate various threats will also be highlighted. The goal of this study is to highlight a few threats to safety.

4. Finding a Problem

With its size, Etihad Airways has various critical resources as well as assets (Etihad Airways, 2016). These are all that enable it to continuously be able to make its different processes effective. Etihad Airways has grown over the years. Thus, its relevant assets and critical resources are increasing as well. This company has over 150 destinations globally. In the most current financial year, Etihad Airways had total assets amounting to USD m 133,281 (Etihad Airways, 2016). It is a significant rise compared to the previous close that had USD m 129,989 (Etihad Airways, 2016). Such are huge amounts of assets that need to be safeguarded at all times in this company. Different resources contribute to the success of this organization. Its technological infrastructure has ensured that it is able to innovate in its creation of air crafts. This also includes other facilitation of business communication processes and operations. Its intellectual property generally has contributed to its growth and development. With such complexities, this company is susceptible to risks. It has also invented highly in human capital. With this resource, it is able to get and train skilled personnel. It is clear that human efforts in an organization are effective for a growth of a country (Etihad Airways, 2016).

As a result of the magnitude of the company, Etihad Airways is in possession of a considerable number of valuable assets and resources (Etihad Airways, 2016, p. xx). It is important to carry out each and every one of these steps in order to ensure that the company’s operations are carried out in a streamlined and efficient way at all times. Since it initially started carrying passengers, Etihad Airways has seen tremendous expansion. As a direct result of this, both the value of its assets and the number of resources that are available to it are continuing to rise. This company has customers in more than 150 countries worldwide, and they get their services from them. The total assets of Etihad Airways amounted to USD m 133,281 during the most recent year of the company’s historical financial data, which was last year. (Etihad Airways, 2016). When compared to the previous close, when a total of USD m 129,989 was traded on the market, this represents a significant increase (Etihad Airways, 2016). At this particular business, there are tremendous sums of money at stake, which must be protected around the clock regardless of the time of day or night. For optimal operation, this organization requires a plethora of different kinds of equipment.

It is possible that the highly developed technical infrastructure that the nation has is somewhat responsible for the country’s leadership position in aircraft design. This also involves further help for the goal of making the firm’s communication procedures and activities easier to understand and carry out. It is possible that a significant portion of the success of the corporation may be traced, at least in part, to the enormous idea library that it maintains. This firm is vulnerable to risk as a result of the precarious nature of the current circumstance. In addition to this, it has a human capital innovation rate that is far above average. They are able to educate people and then recruit people who have the necessary skills as a result of this help. (Etihad Airways, 2016) It is possible to trace the growth of a country back to the contributions that its residents make to different organizations. The assets and resources of an organization are what give it its capabilities in the first place (Gagliano & Grimaldi, 2015). When formulating a strategy to circumvent or go around potential obstacles, paying due thought to such obstacles should be at the top of the list of priorities. This is due to the fact that it is much simpler to identify the components of the system that are open to being attacked.

Establishing preventative measures that will result in full awareness of a range of risks is a lot less difficult than it used to be. Because of this, a corporation has the ability to make the decision to take preventative measures to protect its assets, which may include its resources and property. They are also responsible for identifying the extent to which a corporation is exposed to any risks that may originate from the outside world. Because the firm has access to such a wide array of resources and assets, Etihad Airways is in a position to carry out its operations successfully. These sorts of networks are susceptible to a broad range of various forms of attacks. As a consequence of this, there is a chance that in the not-too-distant future, the operations of the corporation may be put in jeopardy. In conclusion, the emphasis of this analysis has been on a selection of the organization’s assets that are among the most important. In the event that the enterprise came under attack, they would be the first to rush forward and take up positions along the front lines. Within Etihad Airways, there are a variety of departments and divisions from which to pick. Even though not every possible course of action that may be taken has been discussed in this article, it is probable that the most important ones have been covered.

5. Risk analysis

5.1. Likelihood Matrix

Risk Analysis 2

5.2. Consequence Matrix


5.3. Risk Matrix

Academics who make use of this software have a better chance of reaching their ultimate objective of enhancing the safety of computer networks. It describes the many different scenarios that may occur and then runs a simulation to ascertain the risks that these potential outcomes could cause to a business. It will be illustrated how Etihad Airways can effectively deal with a variety of risks by using this framework, and it will demonstrate how the company may do so. The purpose of Nessi is to make the process of modeling different configurations of networks more straightforward. Because of this, it was put to use in this research to simulate a wide range of various types of risk in all of its many guises. In addition to this, it threw light on the same threats in a clearer way after the right preventive actions had been implemented in order to mitigate the risk.

Within Etihad Airways, there are a number of specialized divisions to choose from. Each of them, in their own unique way, contributes significantly to the accomplishment of the overarching goal of this organization, which is to achieve success. In the next paper, there will be a presentation of an in-depth examination of the company and its activities. There will be a concentrated focus placed on the technical infrastructure of the organization, in addition to the plethora of factors that have an influence on that infrastructure. In this section, the majority of the discussion will be on the infrastructure of the network and the many methods through which it functions.

The functionality of a company’s network infrastructure is critical to the successful functioning of the business. Because of this, businesses are able to keep running their typical operations with no interruptions. There is a wide variety of risks that are associated with the many different openings that might be exploited. There is a possibility that an organization’s business process may fail if the proper precautions are not taken in a timely way. Because of this, it is essential for companies to have a method in place for identifying the risks they face and the consequences that are associated with those risks. When a company adopts this strategy, it makes the process of putting in place standards that are acceptable a lot less difficult, which is one of the many benefits of taking this tack.

In the future, there will be a greater number of vulnerabilities in information technology systems due to advancements in technology (Gagliano & Grimaldi, 2015). A full set of capabilities may be provided by a large number of different technology platforms. As a result of this, they expose themselves to the possibility of being attacked by hackers and other types of threats. As a direct result of this, a number of its constituents will deteriorate and become fragile. As was said before, it is hard to ignore the chance that there may be a risk. A business will, at some time, have no choice but to come into contact with them. As a direct consequence of this, there is a greater focus put on the need to be aware of the opportunities and probabilities that vulnerabilities may manifest themselves.

Even vulnerabilities may have a wide variety of degrees of complexity, which not only relies on the overall trend but also on the specific manifestations of the trend. The degree of complexity of a vulnerability can vary from quite simple to extremely complicated (Junior & Monteiro, 2013). If there is no risk management strategy of any kind, it is impossible to create effective remedial procedures that will fix the problem. Huge companies like Etihad Airways have no choice but to deal with the risks that they encounter. This organization has made major investments in its information technology (IT) infrastructure. As a consequence of this, it is more likely to come under attack from exploits that are specifically customized to certain vulnerabilities. The following is a risk matrix that describes every potential threat that might be brought on by gaps in the system’s security.


Areas of Impact

Risk Severity

Risk Likelihood

Risk Level

Risk Mitigation


This is a widespread problem that has the potential to have a negative impact on a company’s computer systems as well as their business networks. Malware can manifest itself in a variety of ways, the most common of which are viruses and worms.




Enterprise software may receive updates if those updates are performed on a regular schedule. However, this requirement must be strictly adhered to. Because they prevent users from accessing a network without authorization and make it possible to detect malicious activity in a timely manner, firewalls are an essential component of network security.

Negligence of administration

As a result of this, there will be disruptions to the typical operations of a corporation. It has been hypothesized that the fundamental cause of this issue is the inactivity of authorities in adequately protecting networks from potential threats. If certain vulnerabilities are discovered while they are still in the early stages, then complete prevention of those vulnerabilities may be possible.




The company’s administration must have complete authority over all of the functional systems used by the business. They are responsible for making certain that the company’s guidelines and protocols are adhered to precisely at all times and in every situation. They are accountable for responding appropriately to any potential threat that may arise.

Data integrity

Due to the flaws, it is possible for data to be easily modified or stolen. In addition to information regarding customers, various other essential metrics regarding the business




The responsibility for ensuring the security of all of the data belongs to the organization. It is a good practice to continually limit access to the system for those individuals who have no business having it. Those individuals include people who have committed illegal acts.

5.4. Risk Controls

Due to the fact that a threat has been identified, Etihad Airways is obligated to put into action the preventative measures that are detailed in the following paragraphs. They came into existence so as to lessen the possibility of suffering an injury as a consequence of the presence of certain factors.


Administrative Control

Preventative Control

Detective Control


It is necessary for the administrative authorities to come to a consensus on a standard set of guiding principles and guidelines in order for there to be any chance of successfully combating malware. It is in a company’s best interest to immediately put an end to any activities that carry even the remotest possibility of putting the company in jeopardy.

An entity do not currently possess the necessary license to make use of third-party software, and as a result, an entity is unable to do so. It is essential to perform routine scans and validation on any external storage devices to ensure that they are free of viruses.

The establishment of firewalls is required in order to ensure the security of the systems in this organization. Any intruders will be identifiable by the firewalls, which will result in the relevant alerts being triggered.

Negligence of administration

Every single operation needs to be directed and overseen by knowledgeable people who have been given the appropriate training. It is necessary to have an understanding of each operation in order to be successful in accomplishing the mission of the company.

It is absolutely necessary to keep a watchful and vigilant vigilance on everything. In addition to this, it is absolutely necessary to conduct exhaustive audits of all of the systems to ensure that they are being used for the purposes for which they were designed.

In order for the administration to successfully carry out its functions, it is imperative that it take full responsibility for monitoring compliance with all applicable regulations. Everyone in the organization is responsible for making sure that the company’s systems are utilized in the most effective way possible.

Data Integrity

Maintaining data security is absolutely necessary in order to stop sensitive information from falling into the wrong hands. It is imperative that an effort be made to encourage the widespread implementation of data policies.

Establishing access regulations is a crucial step that cannot be avoided. Only those individuals who have been given permission to view the information should be able to view it.

It is essential to implement some form of automated fraud detection system. Because of the information that has been provided, including their precise location, it is quite simple to keep track of them and determine where they are at any given time.


5.5. Risk Register


5.6. Risk Reduction Key


6. Recommendation

In order for Etihad Airways to address the concerns that have been expressed, it is necessary for the airline to implement the risk management strategy that was previously suggested. It is essential to keep in mind that having a plan that has been carefully considered is absolutely necessary in order to carry out any and all activities in the correct manner. Because of this, the preceding discussions regarding the policies that should be implemented at this organization need to be taken into consideration. Because the level of risks has been brought down to an acceptable level, it is now much simpler for the organization to continue operating at the same level of productivity. This is because the level of risks has been brought down to an acceptable level.


Junior, R., & Monteiro, M. (2013). Understanding the Impact of Project Risk Management on Project Performance: an Empirical Study. Journal of Technology Management Innovation, 8. 

O’Connell, J.F. and Bueno, O.E., 2018. A study into the hub performance Emirates, Qatar Airways and Etihad Airways and their competitive position against the major European hubbing airlines. Journal of Air Transport Management69, pp.257-268.

Petcu, C., 2021. The Role of Etihad Airways in the Economic Development of Etihad: Before and During the Gulf Crisis. In The 2017 Gulf Crisis (pp. 325-345). Springer, Singapore.

Etihad Airways. (2016). Environmental Performance.

Schmidt, S., & Bye, R. (2008). Application-level simulation for network security.