Michael D. Moberly March 30, 2012
Some management teams consider ’organizational resilience’ to merely be a tweaked version of conventional continuity and contingency planning. Be assured, it’s not!
If anything, organizational resilience (OR) is business continuity and contingency planning on steroids. That is, OR is more inclusive and evolves from a multifaceted ‘attitude’ of:
- continuity, and
- economic – competitive advantage recovery
From an operational standpoint, OR differs markedly from conventional security and/or risk management approaches because of its focus on:
- drawing a balance between asset vulnerability, risk probability, and criticality (consequences) of certain risks, and
- shifting away from managing risk reactively, to a highly proactive, adaptive and continually improving series of activities and responses.
Ultimately, a well-designed and executed OR plan can serve as a strategic path for moving a company from a conventional defensive and reactive posture to a proactive (forward looking, forward thinking) risk posture. By doing so, companies become more anticipatory and ultimately resilient to a broader range of risks and adverse events, should they materialize
In my view, OR is particularly well suited to the ‘systems approach’ which compels management teams to identify and examine risks in independent and dependent variable contexts relative to (a.) asset vulnerability, (b.) probability of occurrence, and (c,) criticality, i.e., potential for significant adverse cascading effects throughout a company and its stakeholders should they materialize.
An OR approach to risk would entail examining business risk(s) that may, for example, have a relatively low probability for occurrence, but carry inordinately high consequences (criticality) making it more challenging to return to a state of operational-financial normalcy.
Thus, OR is much more than mere defensive posturing. It involves proactive attitudes and practices that recognize 65+% of most company’s value, sources of revenue, and building blocks for growth and sustainability evolve directly from intangible assets. Ironically, this requires management teams, c-suites, and boards to recognize that materialized risks or adverse events may, for organizationally resilient firms, present opportunities to further exploit its intangible assets, presuming other industry sector companies and/or competitors are experiencing similar risk events simultaneously.
A firm’s ability to rapidly, efficiently, and effectively adapt to change and uncertainty (risk) are being ratcheted up on company agendas as action items requiring higher priorities. In OR parlance, the vulnerability, probability, and criticality associated with potential and/or materialized risks, be they natural, intentional, or unintentional, represent a strong rationale why companies need to achieve a level of resilience that fits their respective market, industry sector, and business (transaction) environment. More specifically, a recovery and adaptive oriented OR strategy can no longer be dismissed or relegated to merely being an ’after thought’.
An initial step toward achieving an organizationally resilient firm puts the onus on management teams and c-suites to recognize the unique elements and features (intangible assets) that are routinely embedded in company operations and functions. In other words, preserve (intangible) assets that underlie a company’s profitability, competitive advantages, and sustainability, i.e., reputation, brand, intellectual – relationship capital, goodwill, image, etc.
Intangibles though, often go un-noticed and un-protected in conventional risk management and business continuity-contingency planning. I say this in the context that I have yet to engage a management team or board member that does not hold the view that every business or company, particularly theirs, possesses nuanced and unique features that contribute to its success. Referring to such features as intangible assets though, seldom occurs.
Another step toward achieving an organizationally resilient company is to identify ways to measurably improve on its ability to adapt and rapidly recover from significant (business) disruptions, materialized risks, and/or significant changes in the business (value-supply chain) environment. In other words, remain financially and competitively viable for the duration of the adverse – disruptive event!
(This was inspired by the work of Gregg Goble, Howard Fields, and Richard Cocchiara of IBM’s Resilient Business and Infrastructures Solutions unit and the work of Dr. Marc Siegel, ASIS.)