10 Things you should know about Operational Resilience
- Operational Resilience is the ability of an organisation to continue to deliver critical operations throughout a disruption.
- Operational Resilience does not replace Risk Management nor Business Continuity, it enhances them.
- Operational Resilience is an outcome of Risk Management, Information Security (including Cyber), Incident Management, Business Continuity, and IT Disaster Recovery.
- To succeed, a Resilience Plan needs appropriate Governance (i.e. a Policy, an agreed Scope, Responsibilities, Resources, and Reporting).
- Sources of disruption include failures of People, Processes, Technology, Facilities, and Information.
- You need to identify all critical functions / activities and their dependencies (aka Business Impact Analysis).
- Consider setting two ‘Impact Tolerance’ levels: one in which the consumer / customer is adversely affected; and another in which the organisation is affected in an intolerable way.
- Resilience requires four abilities:
- Anticipation – of longer-term changes,
- Monitoring – leading indicators (KRIs),
- Responding – to a disruption, and
- Learning – from events and scenario testing.
- Scenario Testing is a great technique for validating response plans and identifying gaps.
- Resilience is a journey from ordinary to excellence and the milestones are levels on a maturity model.
Recent News
How to Respond to a Data Breach – A DPO Guide
We asked Certified Data Protection Officer Fiona Kiely to tell us the key things she would recommend that ...
Read More Carbon Accounting – I’ve calculated my emissions – How do I report?
Congratulations! You've calculated your emissions — that’s a major milestone. Now it’s time to report those findings. Reporting ...
Read More Carbon Accounting – I have my data, what’s next?
So you have gathered your data, step 1 is complete. But now that you have it, how do ...
Read More Carbon Accounting – Where Do I Start ?
Are you a business looking to measure your carbon emissions? Do you find yourself lost amongst the numerous ...
Read More DORA – Can we go back to sleep now?
The Digital Operational Resilience Act (DORA) has not gone away. It’s here to stay. For some months now ...
Read More NIS2 Transposition – why are we (still) waiting?
The Network and Information Security Directive 2 (NIS2) is an EU-wide framework that represents a significant strengthening of ...
Read More Institute of Directors Ireland Adopts CalQRisk to Optimise Risk and Compliance
CalQRisk Selected by Institute of Directors Ireland to Strengthen Risk and Compliance Capabilities We are delighted to announce ...
Read More Sustainability – Objective Measurement
An objective is a way of describing a future state from the perspective of the present state. It ...
Read More Evolving Credit Union Supervision
The Central Bank of Ireland recently published its Regulatory & Supervisory Outlook Report 2025 (RSOR 2025) and the ...
Read More 9 Essential Components of a Third-Party Risk Management Programme
Managing third-party risk has become a board-level priority as organisations increasingly rely on third parties to deliver their ...
Read More