10 Things you should know about Operational Resilience
- Operational Resilience is the ability of an organisation to continue to deliver critical operations throughout a disruption.
- Operational Resilience does not replace Risk Management nor Business Continuity, it enhances them.
- Operational Resilience is an outcome of Risk Management, Information Security (including Cyber), Incident Management, Business Continuity, and IT Disaster Recovery.
- To succeed, a Resilience Plan needs appropriate Governance (i.e. a Policy, an agreed Scope, Responsibilities, Resources, and Reporting).
- Sources of disruption include failures of People, Processes, Technology, Facilities, and Information.
- You need to identify all critical functions / activities and their dependencies (aka Business Impact Analysis).
- Consider setting two ‘Impact Tolerance’ levels: one in which the consumer / customer is adversely affected; and another in which the organisation is affected in an intolerable way.
- Resilience requires four abilities:
- Anticipation – of longer-term changes,
- Monitoring – leading indicators (KRIs),
- Responding – to a disruption, and
- Learning – from events and scenario testing.
- Scenario Testing is a great technique for validating response plans and identifying gaps.
- Resilience is a journey from ordinary to excellence and the milestones are levels on a maturity model.
The Central Bank of Ireland has recently released regulations and guidance on the Individual Accountability Framework (IAF). Here ...Read More →
Paysend, a next generation integrated global payment ecosystem, has recently implemented the CalQRisk solution in order to enhance ...Read More →
The Digital Operational Resilience Act (DORA) entered into force on 16th January 2023. It outlines EU regulations for information ...Read More →