10 Things you should know about Operational Resilience
- Operational Resilience is the ability of an organisation to continue to deliver critical operations throughout a disruption.
- Operational Resilience does not replace Risk Management nor Business Continuity, it enhances them.
- Operational Resilience is an outcome of Risk Management, Information Security (including Cyber), Incident Management, Business Continuity, and IT Disaster Recovery.
- To succeed, a Resilience Plan needs appropriate Governance (i.e. a Policy, an agreed Scope, Responsibilities, Resources, and Reporting).
- Sources of disruption include failures of People, Processes, Technology, Facilities, and Information.
- You need to identify all critical functions / activities and their dependencies (aka Business Impact Analysis).
- Consider setting two ‘Impact Tolerance’ levels: one in which the consumer / customer is adversely affected; and another in which the organisation is affected in an intolerable way.
- Resilience requires four abilities:
- Anticipation – of longer-term changes,
- Monitoring – leading indicators (KRIs),
- Responding – to a disruption, and
- Learning – from events and scenario testing.
- Scenario Testing is a great technique for validating response plans and identifying gaps.
- Resilience is a journey from ordinary to excellence and the milestones are levels on a maturity model.
Many organisations choose to outsource critical functions or services to third parties/contractors. However, outsourcing the work does not ...Read More →
Risk is the effect of uncertainty on objectives. Climate change, along with its broader environmental, social and governance ...Read More →
Central Bank of Ireland releases Discussion Paper on the Review of the Consumer Protection Code (CPC)
The Central Bank of Ireland has released a Discussion Paper on the review of the Consumer Protection Code. ...Read More →