Ensuring Safety and Security in Business Environment | Bài thảo luận tiếng anh thương mại

THUONG MAI UNIVERSITY FACULTY OF MARKETING -----***----- DISCUSSION MAJOR: BUSSINESS ENGLISH 2
TOPIC: ENSURING SAFETY AND SECURITY IN THE BUSINESS ENVIRONMENT Group: 6 Supervisor: Dang Thi Khanh Ha Class: 251_ENTI3411_13 Hanoi, September 2025 TABLE OF CONTENTS
1. Background Information.................................................................................2
1.1. Overview ..................................................................................................... 2
1.2. Importance of the Topic ............................................................................ 2
2. Current Safety and Security Risks in Business Environment......................3
2.1. Physical Risks.............................................................................................3
2.2. Reputational and Legal Risks...................................................................4
2.3. Cybersecurity Threats...............................................................................4
3. Strategies to Enhance Safety and Security.....................................................5
3.1. Policies and Compliance............................................................................5
3.2. Technology and Infrastructure.................................................................5
3.3. Training and Awareness............................................................................6
3.4. Incident Response and Business Continuity............................................6
3.5. Risk Assessment and Audits......................................................................7
4. Business Benefits of Strong Safety and Security............................................7
4.1. Trust & Reputation....................................................................................7
4.2. Operational Stability..................................................................................8
4.3. Legal Protection ......................................................................................... 8
4.4. Competitive Advantage ............................................................................. 9
5. Conclusion & Recommendations....................................................................9
5.1. Conclusion...................................................................................................9
5.2. Recommendations....................................................................................10
REFERENCES................................................................................................... 12
MEMBERS’ EVALUATION TABLE AND DISCUSSION POINTS .......... 14
MEETING MINUTES – GROUP 6..................................................................15
MEETING MINUTES (2) – GROUP 6............................................................17 1 1. Background Information 1.1. Overview
In today's rapidly evolving business landscape, organizations face a multitude
of risks that span both physical and digital domains. Safety refers to the protection of
employees, customers, and physical assets from accidents, injuries, or natural
disasters. For instance, manufacturing facilities must implement strict workplace
safety protocols to prevent machine-related incidents. A notable example is the 2013
Rana Plaza factory collapse in Bangladesh, which tragically highlighted the
consequences of neglecting safety standards.
Security, while complementary, focuses on safeguarding sensitive information,
digital infrastructure, and core business operations from cyberattacks and criminal
threats. Financial institutions and e-commerce platforms are especially vulnerable, as
demonstrated by the 2017 Equifax data breach, which exposed the personal
information of over 140 million individuals and led to significant financial and reputational damage.
With globalization and digital transformation accelerating, businesses are
increasingly exposed to complex and unpredictable threats. A single incident whether
a workplace accident or a cybersecurity breach can result in multimillion-dollar losses
and long-term reputational harm. Therefore, understanding and addressing safety and
security concerns is not just a precaution but a strategic necessity. 1.2. Importance of the Topic
The importance of safety and security in the business environment extends far
beyond regulatory compliance; they are foundational to organizational resilience and
sustainable success. Operationally, effective safety measures reduce workplace
accidents and disruptions, while robust security systems protect against cybercrime
and financial loss, ensuring business continuity. Reputationally, companies that
prioritize safety and security foster customer trust and loyalty. In contrast, those that
fail to do so often suffer credibility erosion and diminish market competitiveness.
Legally, businesses are obligated to comply with occupational safety standards and
data protection regulations such as the General Data Protection Regulation (GDPR) in
Europe or the Law on Cybersecurity in Vietnam. Non-compliance can lead to lawsuits,
heavy fines, or even bankruptcy. 2
2. Current Safety and Security Risks in Business Environment 2.1. Physical Risks
Workplace accidents are always one of the most worrying physical risks in
businesses, especially in the manufacturing and construction sectors. Workplace
accidents not only affect the production line of the business but also affect the workers
working for the business. From there, they cause loss of reputation for the business.
These incidents often arise from broken machinery, degraded technical systems or
working environments lacking necessary safety measures. For instance, in Binh Duong
in 2022, a tragic accident occurred at a wood processing factory when a worker was
caught in a wood planer due to equipment malfunction. This accident not only took the
life of the worker but also forced the business to stop the production line, leading to
huge economic losses and affecting the company's reputation. This is a warning for
businesses to regularly check and maintain machinery and train workers on occupational safety.
Theft or robbery is another risk that causes great losses for many businesses in
Vietnam, especially trading, logistics and warehousing companies. Incidents often
occur in warehouses, storage areas or even within the internal system. In 2023 in Ho
Chi Minh City, a group of people broke into an electronics warehouse and stole a large
number of devices worth billions of VND. This theft not only caused the business to
lose assets but also affected delivery progress, caused customer complaints and
reduced trust. In the context of a fiercely competitive market, just one security incident
can cause a business to suffer heavy losses in both finance and brand image.
Fires and natural disasters are destructive threats that can cause businesses to
lose all their assets in a short period of time. In Vietnam, there have been factory and
enterprise fires that caused hundreds of billions of VND in damage and had a serious
impact on the environment. A typical example is the fire at Rang Dong Company in
Hanoi in 2019 that burned thousands of square meters of factory, disrupting
production for many months and causing public concern about mercury pollution. Not
only fires, natural disasters also frequently affect businesses, especially in the Central
region. The historic flood in 2020 caused many seafood and textile processing
factories to be deeply submerged, damaging all raw materials and production
equipment, leading to paralyzing the supply chain. These incidents show that building
a natural disaster prevention plan and investing in a modern fire prevention system is
extremely necessary to minimize risks. 3
2.2. Reputational and Legal Risks
Reputational and legal risks are particularly serious issues for businesses in the
current digital economy. When customers' personal information is not secure,
consumers will lose confidence and easily leave the brand to find other competitors. In
addition, businesses can also be fined by authorities or sued by customers if they
violate legal regulations on safety, data security or product standards. This is
especially serious for banks because when personal information is leaked, it will
greatly affect customers' assets. In fact, in Vietnam, in 2018, a serious incident
occurred when the Mobile World system was suspected of leaking payment card data
and email information of millions of customers. Although the business denied it, this
incident caused a wave of controversy, significantly affecting the brand's reputation.
This is proof that an information security incident not only causes financial damage
but also leaves long-term consequences on image, making the process of regaining
customer trust extremely difficult. 2.3. Cybersecurity Threats
One of the biggest threats in today's digital age is cyber attacks in various
forms. Hacking and ransomware are common methods in which hackers penetrate the
system, encrypt important data and then demand a ransom to restore it. Many
businesses in Vietnam have been locked out of all production and business data, forced
to stop operations for many days, causing serious financial damage.
In addition, phishing attacks are also a major risk for organizations. Bad guys
often send fake emails or messages, impersonating banks, partners or even internal
companies to trick employees into providing personal information or important data.
For example, many office workers in Ho Chi Minh City have received fake emails
from the IT department asking them to log back into their accounts, leading to bad
guys taking control of the email system and stealing sensitive business data.
Furthermore, data breaches are one of the top dangers, especially for companies
operating in the fields of e-commerce, banking and telecommunications. When
customer data such as full name, address, phone number or bank account information
is leaked online, the consequences are not only financial losses for the business but
also affect customers. Currently, customer information is being leaked widely, this can
be seen when there are more and more scams happening around our lives. 4
3. Strategies to Enhance Safety and Security 3.1. Policies and Compliance
Policies and compliance are fundamental elements in ensuring safety and
security in the business environment. They provide a structured framework that guides
employees, managers, and stakeholders in maintaining consistent safety practices and
protecting sensitive information. By establishing clear standards, companies can
minimize risks and ensure that their operations meet both national and international requirements.
One important aspect of policies is adherence to international safety standards,
such as ISO 45001, which focuses on occupational health and safety management.
Following such standards not only reduces workplace accidents but also improves
employee well-being and productivity. For example, requiring factory workers to wear
protective equipment or mandating strong password protection for company data are
concrete steps that enhance both physical and digital safety. Samsung Vietnam applies
ISO 45001 and requires factory workers to wear protective gear while following strict
safety rules, thereby minimizing risks and enhancing workplace safety. At the same
time, compliance with government laws and labor regulations, including fire safety
rules and data protection laws, is essential for avoiding legal penalties. Internal
policies are equally critical, as they outline practical rules tailored to a company’s unique operations.
3.2. Technology and Infrastructure
Technology and infrastructure are vital tools that strengthen safety and security
measures in modern businesses. While policies provide rules, technology offers the
mechanisms to implement them effectively. Advances in both physical and digital
systems have enabled companies to better protect their assets, respond to threats, and ensure business continuity.
In the physical environment, technology such as CCTV cameras, fire alarms,
and access control systems helps monitor activities and prevent potential risks. For
example, VinFast equips its factories with CCTV cameras and fire detection sensors
connected to control centers, which not only deter theft but also allow for quick
responses during emergencies. Similarly, advanced fire detection systems can reduce
damage by enabling faster emergency responses. 5
On the digital side, cybersecurity infrastructure is indispensable. Tools such as
firewalls, antivirus software, and data encryption safeguard companies against
hacking, malware, and information leaks. Cloud-based solutions also play an
important role by allowing businesses to back up and recover data efficiently in case of
system failures or cyberattacks. For instance, an e-commerce company that invests in
secure servers and regular data backups can quickly recover from a cyber incident without losing customer trust. 3.3. Training and Awareness
Training and awareness programs are essential for building a safe and secure
business environment. Employees need to be well prepared for both physical
emergencies and digital threats. In terms of physical safety, companies must establish
clear emergency action plans, including fire drills and evacuation routes. These drills
should be practiced regularly so that employees know exactly how to respond under
pressure. In the area of cybersecurity, awareness sessions should help staff recognize
phishing emails, suspicious links, and other digital risks. Role-specific training for
sensitive departments such as finance or human resources can further reduce
vulnerabilities. A strong safety culture is achieved when every employee understands
their role and feels responsible for protecting both people and information.
For example, Amazon has integrated safety and security training across its
operations. Warehouse workers regularly participate in fire and evacuation drills,
while office staff complete cybersecurity training modules. This dual approach ensures
that employees are equally prepared for physical emergencies and online threats,
reinforcing a culture where safety and security are shared responsibilities.
3.4. Incident Response and Business Continuity
Incident response and business continuity planning ensure that businesses can
act quickly and recover effectively after disruptions. A clear response plan should
outline how incidents are detected, reported, and managed. Companies need dedicated
teams with defined responsibilities, supported by communication protocols that keep
stakeholders informed. Equally important are recovery strategies, such as backup
systems and redundancy measures, which allow operations to resume with minimal
interruption. Post-incident reviews should always be conducted to identify lessons and improve future responses. 6
The cyberattack on Maersk in 2017 illustrates the importance of preparedness.
The company faced massive disruptions when malware disabled its systems
worldwide. Recovery was only possible because some backups were preserved, but the
incident still caused heavy financial losses. This case highlights how crucial it is to
maintain reliable backup systems, test recovery procedures, and practice coordinated
responses to ensure business continuity.
3.5. Risk Assessment and Audits
Risk assessment and audits are continuous processes that help businesses
identify weaknesses and strengthen security. In the workplace, safety inspections and
hazard analyses allow managers to detect potential risks early and implement
corrective measures. In the digital environment, regular vulnerability scans,
penetration testing, and access reviews help ensure that systems remain secure.
External audits and third-party risk assessments further enhance accountability and
protect companies from hidden vulnerabilities.
The Target data breach in 2013 is a clear example of weak third-party risk
management. Attackers gained access to Target’s systems through a vendor, leading to
the theft of millions of customer records. The event demonstrated the need for strict
monitoring of external partners, regular audits of vendor access, and stronger internal
controls. It also shows that effective risk assessment is not just about compliance but
about actively preventing threats from all possible sources.
4. Business Benefits of Strong Safety and Security 4.1. Trust & Reputation
Trust is the foundation of long-term business success. Customers today are
increasingly concerned about data privacy, and they prefer companies that can protect
their personal information. For instance, Apple has earned strong loyalty by making
user privacy a central part of its brand promise. In addition, business partners and
investors are more willing to collaborate with organizations that demonstrate
responsibility in safety and security, as this minimizes risks and ensures sustainable cooperation.
Moreover, trust naturally translates into reputation. A company with strong
safety and security standards is often viewed as reliable and professional, which helps
attract not only customers but also talented employees. For example, multinational 7
corporations such as Google and Microsoft are recognized for their strict security
measures and employee welfare programs. This reputation not only strengthens their
relationship with customers but also allows them to recruit and retain the best workforce in the market.
Therefore, trust and reputation are deeply connected. Strong safety and security
practices create trust among stakeholders, and that trust builds a solid reputation,
which in turn drives customer loyalty, employee commitment, and long-term business growth. 4.2. Operational Stability
Operational stability is another major benefit of implementing strong safety and
security measures. Fewer workplace accidents mean fewer disruptions, less downtime,
and higher productivity. Toyota, for example, has long been known for its Kaizen and
safety-first culture, which has helped the company reduce accidents, cut costs, and
maintain smooth production flows. This illustrates how risk management and hazard
prevention directly improve efficiency and overall performance.
Cybersecurity also plays a critical role in ensuring operational stability.
Companies that invest in strong IT security systems are better protected against costly
interruptions caused by data breaches or system failures. Banks and fintech firms, for
instance, implement multi-layered cybersecurity frameworks to safeguard customer
data and guarantee continuous service. By preventing digital threats, these
organizations save significant costs on damage control while maintaining customer confidence and loyalty. 4.3. Legal Protection
Legal compliance is a cornerstone of a safe and secure business environment.
By adhering to safety laws and regulations, companies can effectively avoid costly
fines, penalties, and even lawsuits. Regulatory bodies, both national and international,
have strict standards governing workplace safety, product quality, data protection, and
environmental impact. Proactive compliance not only mitigates legal risks but also
builds a foundation of trust and accountability. This adherence to established laws and
standards is often a prerequisite for doing business in many jurisdictions.
Furthermore, meeting international standards such as ISO certifications (e.g.,
ISO 45001 for Occupational Health and Safety) makes it significantly easier for a 8
business to join global supply chains. Many multinational corporations require their
suppliers to demonstrate a commitment to safety and security standards as part of their
due diligence. This provides a clear advantage, opening doors to new markets and
partnerships that might otherwise be inaccessible. For example, By successfully
implementing ISO 45001, Samsung SDI, a subsidiary producing batteries, was able to
reduce its workplace accident rate to nearly zero by 2022. This commitment to a
"safety-first" culture not only protected its employees but also helped the company
achieve high rankings in global sustainability indexes, strengthening its brand
reputation as a reliable and responsible enterprise. 4.4. Competitive Advantage
In today's interconnected market, safety and security are powerful selling points
that can differentiate a company from its competitors. Rather than being seen as a cost
center, investing in robust security measures can be framed as a strategic asset.
Companies can actively use “security” as a selling point in their marketing and
communication efforts. A business can advertise itself as “a safe and reliable business
partner,” signaling to potential clients and investors that their assets, data, and
personnel are protected. This message resonates strongly with partners concerned
about supply chain disruptions, data breaches, or operational risks. This commitment
to security enhances a company's brand reputation, fosters customer loyalty, and can
command a premium price for its products or services. Apple is a prime example of
this strategy. They consistently market their products by highlighting strong privacy
and security features, positioning themselves as a guardian of user data. Features like
Face ID, Touch ID, and App Tracking Transparency aren't just technical
specifications, they are core parts of Apple's value proposition. This focus on security
has helped Apple build a brand known for trust and reliability, which in turn fosters
immense customer loyalty and justifies the premium price of their products.
5. Conclusion & Recommendations 5.1. Conclusion
In today’s business environment, safety and security are not just supportive
functions but strategic imperatives that determine whether a company can survive and
grow in a competitive global market. Physical safety ensures that employees,
customers, and workplace environments are protected from accidents, injuries, and 9
operational hazards. At the same time, security - particularly cybersecurity - protects
data, financial assets, and business continuity from threats such as hacking, phishing,
and identity theft. The consequences of neglecting these areas can be devastating: a
single workplace accident can lead to costly compensation claims and reduced
employee morale, while a cyberattack can cause financial loss, reputational damage,
and even long-term business failure.
Evidence strongly supports the value of investing in safety and security.
According to the U.S. Occupational Safety and Health Administration (OSHA), every
dollar invested in workplace safety brings a return of more than two dollars through
reduced losses, fewer disruptions, and higher productivity. Similarly, research on data
protection and privacy management shows that companies with robust information
security not only avoid breaches but also improve innovation, operational efficiency,
and consumer trust. This evidence makes it clear that safety and security are not mere
compliance requirements but crucial investments that create long-term value.
Therefore, it is fair to conclude that safety and security form the backbone of
sustainable development in any business. They provide stability in operations, ensure
legal compliance, protect the organization’s reputation, and foster trust with both
employees and customers. Companies that prioritize safety and security position
themselves not only to prevent risks but also to build a resilient culture that can adapt
to global challenges and technological changes. 5.2. Recommendations
Given the significance of safety and security, businesses should adopt a holistic
and integrated framework rather than treating them as separate or secondary concerns.
First, compliance with national and international regulations must be at the core.
Standards such as ISO 45001 for occupational health and GDPR for data protection
serve as global benchmarks, helping organizations build credibility while avoiding
legal risks. Compliance should be seen not as a burden but as a baseline that
demonstrates accountability to stakeholders.
Second, businesses need to leverage modern technology and infrastructure.
Physical protections like CCTV systems, fire alarms, and access control mechanisms
minimize workplace hazards, while digital tools such as firewalls, encryption, cloud
backup, and multi-factor authentication safeguard sensitive data. Technology
investments should be reviewed and updated regularly to keep pace with evolving threats. 10
Third, employee training and awareness are critical because human error
remains one of the biggest vulnerabilities in both physical and digital security.
Companies should implement continuous training programs, including fire drills,
evacuation practices, and cybersecurity workshops that teach staff how to identify
phishing emails and handle sensitive information responsibly. This not only reduces
risks but also builds a “safety-first” culture where employees feel empowered and responsible.
Fourth, organizations must develop clear incident response and business
continuity plans. Accidents, cyberattacks, and natural disasters are inevitable, but their
impact can be minimized with preparation. Designating specific teams, establishing
emergency protocols, and maintaining backup systems allow businesses to recover
quickly and continue operations with minimal disruption.
Finally, businesses should conduct regular audits and risk assessments. These
evaluations help identify weaknesses in existing systems and allow organizations to
update policies, technologies, and training methods in response to emerging threats.
By institutionalizing a cycle of monitoring, evaluation, and improvement, companies
ensure that safety and security remain proactive rather than reactive measures.
Safety and security should be seen as strategic investments - key drivers of
resilience and sustainable growth rather than optional costs. 11 REFERENCES
Bangladesh factory collapse: Who's to blame? (2013, May 13). Retrieved from BBC
News: https://www.bbc.com/news/world-asia-22476774
Business Benefits of Investing in Data Privacy Management Programs. (2023, Janurary). Retrieved from
https://www.informationpolicycentre.com/uploads/5/7/1/0/57104281/cisco-
cipl_report_on_business_benefits_of_investing_in_data_privacy_management_ programs__10_jan_2023_.pdf
Business Case for Safety and Health. (n.d.). Retrieved from Occupational Safety and
Health Administration: https://www.osha.gov/businesscase
Cho, H., & Cho, K. (2025, July 28). Impact of Security Management Activities on
Corporate Performance. Retrieved from MDPI: https://www.mdpi.com/2079- 8954/13/8/633
Commission., E. (n.d.). Data protection in the EU. Retrieved from
https://commission.europa.eu/law/law-topic/data-protection_en
Everything You Need to Know About ISO 45001:2018. (n.d.). Retrieved from Intelex:
https://www.intelex.com/everything-you-need-to-know-about-iso-450012018/
Infrastructure Security Explained: Threats and Protection Strategies. (2025, June 30). Retrieved from splunk:
https://www.splunk.com/en_us/blog/learn/infrastructure-security.html
Maersk admits cyber-attack will cost up to $300m . (2017). Retrieved from BBC
News: https://www.bbc.com/news/business-41036183
New scam tactics emerge after CIC data breach in Vietnam. (2025, September 14).
Retrieved from VietnamNet: https://vietnamnet.vn/en/new-scam-tactics-
emerge-after-cic-data-breach-in-vietnam-2442290.html
Piper, D. (2023). Data protection laws in Vietnam. Retrieved from
https://www.dlapiperdataprotection.com/?t=law&c=VN
Target Hackers Broke in Via HVAC Company. (2014, February 5). Retrieved from
KrebsOnSecurity: https://krebsonsecurity.com/2014/02/target-hackers-broke-in- via-hvac-company/
Top 10 Cybersecurity Breaches in Vietnam. (n.d.). Retrieved from
https://www.cyberlands.io/topsecuritybreachesvietnam
Williams, W. (2025, September 13). Vietnam creditors hit by cyberattack - sensitive 12
data at risk. Retrieved from techradar.pro:
https://www.techradar.com/pro/security/vietnam-creditors-hit-by-cyberattack- sensitive-data-at-risk 13
MEMBERS’ EVALUATION TABLE AND DISCUSSION POINTS Student No Full Name Appreciation Grade Code
Maintain a strong work ethic by 36 23D120129 Đoàn Nhật Minh
delivering quality work on time and A
collaborating effectively with the team
Complete assigned tasks on time,
actively contribute to the group’s 37 23D109023 Đỗ Tiến Hải Minh A
content creation, and ensure highquality work
Take initiative in contributing ideas, 38 23D109024 Hoàng Nguyệt Minh
ensuring timely completion of tasks, andA assisting others when needed Responsible and always meeting 39 23D120130 Lê Quang Minh
deadlines, which helped the team stay A on track.
Assign tasks effectively, encourage team 40 23D120083 Bùi Hà My
members to meet deadlines, and ensure A task completion with accuracy Demonstrate responsibility by
completing assigned tasks on time and 41 23D120084 Lại Thúy Nga A
fully engaging in group discussions and activities Show commitment to teamwork by
participating actively and supporting 42 23D120132 Đoàn Bảo Ngân A
group members in achieving project goals 14 MEETING MINUTES – GROUP 6
Location: Google Meet – Online
Meeting Time: 22h00 - 07/09/2025
Attendees: Đoàn Nhật Minh, Đỗ Tiến Hải Minh, Hoàng Nguyệt Minh, Lê Quang
Minh, Bùi Hà My, Lại Thúy Nga, Đoàn Bảo Ngân
--------------------------------------------------------------------------------------------------- Agenda and notes: 1. Topic Selection
Members proposed various idea related to the topic and its impact on safety and security.
After discussion, the group agreed on " Ensuring Safety And Security In The
Business Environment" due to its relevance and practical significance. 2. Outline Development 3. Task Allocation Full Name Task Deadlines Đoàn Nhật Minh
Content: Conclusion & Recommendations 23h59 14th Leader September Presenter
Đỗ Tiến Hải Minh Content: Training & Awareness 23h59 14th September
Incident Response & Business Continuity Risk Assessment & Audits Slide Presenter Lê Quang Minh Content: Legal Protection 23h59 14th September Competitive Advantage Presenter Hoàng Nguyệt
Content: Policies & Compliance 23h59 14th Minh
Technology & Infrastructure September Presenter Bùi Hà My Content: Physical Risks 23h59 14th September Reputational and Legal Risks Cybersecurity Threats Presenter Lại Thúy Nga
Content: Trust & Reputation 23h59 14th September Operational Stability Presenter Đoàn Bảo Ngân
Conetent: Background information 23h59 14th Presenter September 15 Meeting Conclusion
- The group finalized the topic, outline, and task distribution.
- All members are responsible for completing their tasks on time for review and final submission. Leader Minh Đoàn Nhật Minh 16
MEETING MINUTES (2) – GROUP 6 Place: Google Meet Time: 22h00 25/09/2025
Members: Đoàn Nhật Minh, Đỗ Tiến Hải Minh, Hoàng Nguyệt Minh, Lê Quang Minh,
Bùi Hà My, Lại Thúy Nga, Đoàn Bảo Ngân Contents for discussing:
The group practiced presenting, gave feedback, and corrected each other's mistakes. Conclusion:
Members are fully present and actively participate. Leader Minh Đoàn Nhật Minh 17