10 Key Steps to getting Operational Resilience off the ground

It can seem daunting to begin a brand-new process for your business. However, risk assessments are an easy way to remain resilient in this ever-changing economy, protecting you and your business in the long term.


10 Key Steps to getting Operational Resilience off the ground

  1.  Put resilience on the agenda of the Senior Management Team.

Identify a champion who will drive the initiative. For larger organisations, it would be good if there was a champion per function. A decision-maker is an important part of the process. If you are carrying out a risk assessment, make sure there is someone who can stand up and take action to implement these changes, so these changes can benefit your company in the long run.

  2.  Identify your business-critical services, the systems and the third parties they depend on.

Conduct a detailed risk assessment on the “Service Disruption” risk. Identify any missing controls / protections / mitigation. Address the gaps identified and come up with a strategy to take action.

  3.  Assess your Information security risk (includes cyber-risk)

  • Identify
  • Protect
  • Detect
  • Respond
  • and Recover

  4.  Develop a response plan to guide your response to a service disruption.

Keep your plan generic, but consider:

loss of building;

loss of systems;

and loss of people.

Then develop contingencies for each loss.

  5.  Develop a Business Continuity plan that focuses on how you will deliver essential services following a severe disruption.

Develop response plans to deal with specific incidents (e.g. cyber-attacks)

Communicate your plans to all relevant employees/third parties.

  6.  Test your plans.

Update your plans after each test, you will always learn something from a test/exercise. Part of risk assessment is taking your findings, learning from them and adapting to grow more resilient in future.

  7.  Consider how you might recover from a Disaster. (e.g. fire, flood)

  8.  If an incident becomes a crisis, you will need a Crisis Management plan

  9.  Manage your Third Parties, they are a risk too.

10. Review and React

Take a resilience self-assessment to see how your risk management would benefit your company’s resilience.


Once these steps are implemented, you can assess how resilient you are.

Find out more on our resilience self-assessment, as well as an in-depth and easy to follow guide on how to get started with operational resilience by downloading our latest White Paper on our website here.

Recent News

6 things you need to know about the Individual Accountability Framework (IAF)

The Central Bank of Ireland has recently released regulations and guidance on the Individual Accountability Framework (IAF). Here ...
Read More

Paysend chooses CalQRisk as their Risk Management Solution

Paysend, a next generation integrated global payment ecosystem, has recently implemented the CalQRisk solution in order to enhance ...
Read More

ESG and Sustainability Reporting

The practice of businesses promoting sustainability and social responsibility in their operations can be traced back to the ...
Read More

CalQRisk Wins Best RegTech Solution at National Fintech Awards

CalQRisk, a leading provider of Governance, Risk & Compliance solutions has won the ‘Best Regtech Solution Award’ at ...
Read More

CalQRisk shortlisted in National Fintech Awards

The CalQRisk solution is shortlisted for ‘Best Regtech Solution Award’ at the inaugural National Fintech Awards. The National ...
Read More

CalQRisk shortlisted in 2023 CIR Risk Awards

Having won ‘Risk Management Product of the Year’ at the 2022 CIR Risk Management Awards, CalQRisk is now ...
Read More

From Risk Capacity to Risk Appetite

Risk Capacity is the maximum amount of risk that an organisation is technically able to assume before breaching ...
Read More

SMT automates their approach to Risk Management with CalQRisk

SuMi TRUST Global Asset Services (“SMT”), a subsidiary of Sumitomo Mitsui Trust Bank Limited, one of the largest ...
Read More

Digital Operational Resilience for the Financial Sector Act (DORA)

The Digital Operational Resilience Act (DORA) entered into force on 16th  January 2023. It outlines EU regulations for information ...
Read More

8 Things to Consider in a Data Breach Response

A data breach can lead to reputational damage, financial losses and much more. By effectively preventing and investigating ...
Read More