Business Plan & Feasibility Study

As an aspiring entrepreneur, you wouldn’t be blamed to approach a management consultancy firm to help you prepare a feasibility study or a business plan to make sure that your idea is viable. In fact, some would argue that it is the wise thing to do. The truth of the matter however, all of these studies and plans are based on assumptions made by management consultants who have little to no practical experience in the area at hand. Even if they were experts in the field, the variables affecting your business are never the same as other businesses rendering the consultants’ experiences as useless. After all, no two businesses are created equal. It is for that reason that we find that most of the new business startups never abide to their pre-set business plans. However, this is not to say that you shouldn’t test the feasibility of your idea before investing your hard-earned money into it – quite the contrary. All entrepreneurs should conduct some sort of feasibility study for their new ventures; however, it is their expectations out of such studies that should be calibrated.

As explained earlier, no two businesses are created equal. That is why you find some businesses flourishing while others struggle, even if they are both providing the same exact product or service. There are a great number of variables affecting any business plan. Some, such as rent, salaries, pricing, and cost, are obvious. Others, such as the speed in which management decisions are taken, quality control measures, and customer satisfaction, are harder to determine and quantify. For that reason, feasibility studies will never ensure the success of a business idea. Indeed, they shouldn’t. The true objective of a feasibility study is to ensure that the entrepreneur is well informed before venturing into unchartered territories. To achieve this objective, the entrepreneur will need to be part of the development of his study.

If you have commissioned a management consultant to conduct a feasibility study on your behalf, don’t simply take his assumptions for granted – challenge them! Management consultants may be experts with numbers and statistics; however, you will find that if you dig deep enough, there is always an underlying assumption to any figure that they will state in your feasibility study. To ensure that your feasibility study gives a higher level of assurance to the viability of your idea, it is your mission to challenge those underlying assumptions and make sure that they make sense to you.

The objective of the feasibility study or business plan for you should not simply be a yes or no verdict to go ahead with the idea. You will benefit the most by being part of the model preparation stage in which all the assumptions and calculations are set. That is where you will be able to think about and put all the intricate details of your idea onto paper and discover challenges that might have previously been hidden from you. It is your management consultant’s job to help you uncover these challenges and quantify them.

Finally, always approach your business plan with a practical mindset. For instance, if the assumption was made to sell your product or service to 10% of the population of the area in which you will operate, think of how will you reach that market segment. Is it going to be through social media ads, conventional marketing, or some other marketing method? Who will manage the marketing campaign? What would be the approach? How often will you need to conduct such campaigns? And most importantly, how will you measure the effectiveness and when would be the time to change your approach?

The same applies to any assumption made within your study and this is the approach we encourage our clients to follow when we are conducting a feasibility study on their behalf. To learn more about our feasibility study and business plan services, contact us on https://www.haconsultancies.com/book-a-meeting/

ISO Certification

Let’s face it, most companies start out their ISO journey because they have to. It might be because they want to apply for a big tender and having an ISO 9001 certificate would give them an edge over the competition or is indeed part of the qualification requirements to submit a bid. It is therefore understandable if such companies do not have the initial “buy-in” into the concept of quality management and perceive it as something that they have to do rather than something that they want to do. Eventually though, over time, once they implement the ISO standard in their organization, they start noticing the advantages and start buying into the concept.

However, there are a few companies out there that knowingly or unknowingly opt for a risky shortcut. Under the pressure of the tender submission deadline, they would reach out to more and more ISO consultancy firms until they find their savior. A consultancy firm that would guarantee an ISO certificate within a week for a ridiculously low price and with minimal to no impact on the ongoing operation. That my friends is a trap.

Sure, it is possible for a company to get ISO certified in a week but the probability of finding a company that already has all the ISO requirements in place and would only need a certification audit (Stage 2 audit) are slim at best. If you ever get such an offer, be careful. No matter how tempting it might be, you might be putting your company’s reputation at risk.

It does not take an expert to check if an ISO certificate is real or fake. First of all, any ISO certificate should have two logos printed on it, one for the certification body and the other for the accreditation body (the body that gives the certification body the authority to issue ISO certificates). It should also have two serial numbers printed on it. The first serial number is that of the certificate itself. It is used to check if indeed the certificate was issued by the certification body. All you have to do is visit the certification body’s website and type in the certificate’s serial number in the certificate search page. The other serial number is usually printed below the certification body’s logo. You use that to check if the certification body does indeed have the authority to issue such a certificate by visiting the accreditation body’s website and typing in that number in the certification body search. Finally, you need to check that the accreditation body is indeed part of the International Accreditation Forum (IAF). Again, all you need to do is visit the IAF website (https://iaf.nu/) and search for the accreditation body in the members section. So all you need to check if a certification body is real or fake is ten minutes on a computer and an internet connection.

Aside from putting your company’s reputation on the line, opting for a “dodgy” ISO certificate would deny your company the advantages of the quality management systems provided by ISO standards. Implementing a quality management system in a company may be challenging at first but is actually quite logical and becomes second nature later on. Being required to have an ISO certificate to apply for a tender should be taken as an opportunity to upgrade the level of quality within the company rather than a disturbing challenge. It should signal that your company has grown and is now expected to have a certain level of quality to abide to. In my humble opinion, that is something that should be celebrated.

If you need help in getting an ISO certificate to apply for a tender or otherwise, feel free to contact us at any time https://www.haconsultancies.com/book-a-meeting/

phishing

Phishing is one of the most used attacks by cyber criminals who want to gain personal data, banking credentials, and user accounts. Phishing is not a new threat, in fact it has been used for a long time, however, victims of this type of attack are still on the rise.

In this article we are going to explain what phishing is, types of phishing, how we can identify them and how we can protect ourselves. The dangers of the Internet are ever-present, but we can protect ourselves from them with a little caution, knowledge and awareness.

What is phishing? 

Although there is no definition of phishing itself, we can define it as the techniques or methods used by cyber criminals to obtain confidential information from their victims; This information can be personal data, user accounts and passwords or bank details. Therefore, phishing is a type of computer fraud.

The meaning of phishing comes from the English word “fishing”, and by which it refers to the fact of using a bait to get the victims of the attack to bite.

Cybercriminals who carry out phishing attacks are called “phishers”.

How does phishing work? 

One of the characteristics of phishing is that it is a social engineering technique that cybercriminals use to scam their victims and achieve their goals.

Usually, an attacker sends an email in which they pose as a company or organization (such as banks, streaming platforms, online stores, etc.). The email mentions a problem that needs to be solved (the “threat” of blocking credit cards or user accounts is common) and contains a link that the victim will have to click to solve it.

This link normally leads to a fraudulent website, but which imitates (sometimes very well) the real page of the company in question. Here the victim will be asked to enter different types of data, depending on the intention and objective of the phishing attack and the hackers behind it, or some type of malware will be directly be downloaded to the victim’s computer, allowing them to access the information stored in it.

Although it is commonly used in emails, the truth is that there are other avenues of attack, such as instant messaging services, SMS, messages on social networks or even voice messaging applications or the telephone.

The content that we can find in these messages can vary from referring to cards or bank accounts, we can also find other types of content such as false job offers, promotion of new products, alleged lottery in which we have been winners, cancellation of user accounts in online games, etc.

As we will know in the upcoming blogs, there are various types of phishing attacks, however, their objectives are usually always similar, to obtain personal and banking details of the victims.