10 Key Steps to getting Operational Resilience off the ground

It can seem daunting to begin a brand-new process for your business. However, risk assessments are an easy way to remain resilient in this ever-changing economy, protecting you and your business in the long term.

 

10 Key Steps to getting Operational Resilience off the ground

  1.  Put resilience on the agenda of the Senior Management Team.

Identify a champion who will drive the initiative. For larger organisations, it would be good if there was a champion per function. A decision-maker is an important part of the process. If you are carrying out a risk assessment, make sure there is someone who can stand up and take action to implement these changes, so these changes can benefit your company in the long run.

  2.  Identify your business-critical services, the systems and the third parties they depend on.

Conduct a detailed risk assessment on the “Service Disruption” risk. Identify any missing controls / protections / mitigation. Address the gaps identified and come up with a strategy to take action.

  3.  Assess your Information security risk (includes cyber-risk)

  • Identify
  • Protect
  • Detect
  • Respond
  • and Recover

  4.  Develop a response plan to guide your response to a service disruption.

Keep your plan generic, but consider:

loss of building;

loss of systems;

and loss of people.

Then develop contingencies for each loss.

  5.  Develop a Business Continuity plan that focuses on how you will deliver essential services following a severe disruption.

Develop response plans to deal with specific incidents (e.g. cyber-attacks)

Communicate your plans to all relevant employees/third parties.

  6.  Test your plans.

Update your plans after each test, you will always learn something from a test/exercise. Part of risk assessment is taking your findings, learning from them and adapting to grow more resilient in future.

  7.  Consider how you might recover from a Disaster. (e.g. fire, flood)

  8.  If an incident becomes a crisis, you will need a Crisis Management plan

  9.  Manage your Third Parties, they are a risk too.

10. Review and React

Take a resilience self-assessment to see how your risk management would benefit your company’s resilience.

 

Once these steps are implemented, you can assess how resilient you are.

Find out more on our resilience self-assessment, as well as an in-depth and easy to follow guide on how to get started with operational resilience by downloading our latest White Paper on our website here.

Recent News

Table Tennis Ireland Logo

Table Tennis Ireland Chooses CalQRisk to Optimise their Governance Strategy

Table Tennis Ireland have onboarded the CalQRisk solution to better their approach to board and committee meetings. Table ...
Read More

CalQRisk Shortlisted as Best in RiskTech at the 2024 CIR Risk Management Awards

CalQRisk has been shortlisted for the RiskTech category in the CIR Risk Management Awards in 2024. The Risk ...
Read More
business meeting

Reviewing Risk – A Framework Idea 

The Institute of Risk Management describes Enterprise Risk Management (ERM) as “the overall philosophy that consolidates the management ...
Read More

Ten Things to Learn from Managing an Incident 

Incidents, while often complex and challenging, provide valuable learning opportunities that can enhance an organisation's resilience and strategic ...
Read More

Are you Doing Control Testing in your Organisation?

Regulators, boards, auditors, and other stakeholders all have an increased focus on controls (and their effectiveness) so how ...
Read More
Blue Ocean Logo

CalQRisk Announces a Strategic Partnership with Blue Ocean Reinsurance Group

CalQRisk, a leading provider of governance, risk, and compliance (GRC) software, is thrilled to announce a strategic partnership ...
Read More
laptop and writing in notebook

Minimum Competency Code – ‘And miles to go before I sleep’

The 1st October 2024 effective date for the expansion of the scope of the Minimum Competency Code 2017 ...
Read More

Decoding the Digital Operational Resilience Act (DORA): CalQRisk’s Jargon Buster

Navigating the complexities of regulatory compliance can be daunting, especially with evolving digital landscapes. Enter the Digital Operational ...
Read More

Ten Things to Learn from Managing an Incident 

Incidents, while often complex and challenging, provide valuable learning opportunities that can enhance an organisation's resilience and strategic ...
Read More

Navigating Risk: A Strategic Approach to Risk Management 

In the vast ocean of business, navigating through turbulent waters demands more than just a sturdy ship; it ...
Read More