4 steps to intracompany operational resilience
Being crucial for successful and resilient business during a crisis, operational resilience is defined as an organization’s ability to change and/or adapt in times of stress, disruption or uncertainty. It includes a range of activities to enhance risk management and business continuity based on a holistic strategic framework.
Gartner defines operational resilience as a set of techniques to allow people, processes and information systems to adapt to varying patterns. Great emphasis is placed on the interconnection of business and operating activities, finance, security and IT systems and viewing them as a whole.
Operational resilience is an indispensable management framework in a world full of uncertainties
The global pandemic, cyberattacks, climate uncertainty, increased regulatory control and variable customer expectations are just some of the risks we encounter today.
Business interruptions caused by the pandemic have affected employees, customers, information systems, and relationships with service providers and third parties. In addition, the number of operational risks caused by human error or nonfunctional processes and systems has increased as a result of an increasing level of reliance on virtual employment arrangements.
While certain operational risks may be inevitable in modern business, it is possible to improve business resilience to crises.
Operational resilience should be reviewed through seven categories:
- business management
- operational risk management
- business continuity planning and testing
- mapping of interrelations and interdependencies of critical operations
- management of third-party dependencies
- incident management
- resilient ICT solutions, including cybersecurity
Presented below are 4 essential steps that lead to operational resilience and business operations resilient to crises
- Review the interrelations and interdependencies of risks across the business organization through each of the seven categories, not only for each department. Take into account any internal or external factors affecting the organization, including business processes, systems, assets, employees and third parties.
- Design a system to allow for a comprehensive approach to risk assessment to be taken. Perform a thorough analysis and document all potential risks across the organization. Involve employees in discussions of risks to ensure a higher level of collaboration, which is crucial for building a deeper understanding of the interdependencies of risks within the organization and for building operational resilience.
- Assess the critical points of failure in business processes, establish flexible systems and foster adjustable practices. Knowing where the critical risks lie within the entire organization and proactive implementation of potential workarounds may help organizations adapt to varying circumstances.
- Ensure that the defined risk management frameworks, business continuity plans and definitions of critical functions/services are consistently implemented within the organization.
Innovative IT solutions expedite and enhance operational resilience. It is important to consider which IT solutions are most appropriate for the organization because they vary between industries, types of business and types of services offered by organizations.
Strong systems and flexible processes, as well as fostering a culture of collaboration and resilience, are key to operational resilience.
Marina Meštrović, Business Solutions Consultant, TIS