Get the latest insights delivered straight to your inbox.

Subscribe to our insights

4 steps to better business resilience

Business resilience

Business resilience is a term that seems to have many meanings for many people, but at its heart, it is about maintaining the ability to deliver on your objectives through volatility in the environment you operate within, whether that volatility is driven by the unintended consequences of planned activities or unexpected and unplanned activities.

Planned work, increased risks and associated treatment expense:

Sometimes newer industries (for example recreational domestic drones, third party food delivery services, hire a bicycle, etc.) are still discovering unexpected outcomes as a result of their product or service becoming prolific in society.

  • Recreational drones are considered, by air flight authorities, as a serious hazard when used near airports and experts are hired to bring the drones down (not usually in a controlled way)
  • Third-party food delivery services are faced with new OH&S hazards travelling further than before on a hybrid bicycle/light motorbike in heavy traffic/poor weather conditions and most of the time, late at night
  • The bicycle hire organisations have a lot of damaged bicycles and must pay for bicycle retrieval from rivers, large drain ways and private property

Unplanned work, increased risks and associated treatment expense:

Large scale events driven by external factors (usually have originated outside of the business) can prove challenging.

  • Pandemic (COVID-19) and associated lockdowns
  • Public opinion shift (e.g. eco/environment, political, modern slavery, privacy, quality, etc) with a secondary impact of ‘swift change in demand’
  • Environmental disasters (drought, floods, earthquakes, nuclear incidents, oils spills, etc.)

This all boils down to the need to:

  • Understand what is most important to you in achieving your objectives, and how you might be impacted by unintended consequences of planned activity and unplanned activity – Understand your vulnerabilities
  • Actively monitor and, if possible, prevent unplanned consequences on your activity – Actively monitor and prevent
  • Prepare for when, not if, your business is interrupted, whether it be people, process, technology and have plans to maintain your operations during these interruptions – Actively plan and test business continuity
  • Have robust plans to recover if you are interrupted – Active plan and test disaster recovery

Industry approach – The 4 steps to better business resilience

1. Understand your vulnerabilities

Risk identification and assessment (click here for our free business resilience assessment)

Acknowledge the potential effort and cost.

2. Actively monitor and prevent

Risk treatment and reduction

Ensure that what is preventable is identified as a risk and has appropriate treatment and ownership. In some instances, mitigation (proactive control of risk triggers) may be an option; in other instances transfer may be an option (third party monitoring or maintenance); and in some instances, total avoidance may be an option (removal of the risk by altering strategy significantly).

Knowing what you can control and influence, and what the costs and benefits of this may be, could help you prevent unnecessary business interruptions and maintain operations when others in your industry or area do not – although not all serious business interruptions can be avoided.

3. Active business continuity planning/testing

Risk mitigation and response to realisation

Business continuity planning is focused on knowing how to continue core business services in absence of some or all the supporting people, processes, technology and infrastructure which you may expect to ordinarily have access to.

It is important to know when, why and how to respond to an emerging threat (risk potential to become an incident). A Business Continuity Plan (BCP) provides the ability to be able to respond to early warnings/near misses and incident occurrence. Business must continue to operate to remain viable in the long term.

The aim of Business Continuity Planning is to design a plan, develop and test processes to follow, establish decision-making criteria and knowing what needs to be done, in what order, by who, to minimise the impact of an incident on all aspects of the business.

a) Detect (Identify early warning signs)

b) Respond (Determine approach based on pre-determined scenarios within the BCP)

c) Recover (Execute the BCP to recover lost services)

d) Restore (Restore to original state prior to the incident)

4. Active disaster recovery planning/testing

Risk mitigation and response to realisation

Disaster recovery planning is focused on knowing how to recover the technology/infrastructure required for the business to operate efficiently. A disaster is generally an unplanned event that may cause disruption for any period and may not be controllable (e.g. a tsunami cannot be stopped no matter what we do).

It is important to know when, why and how to respond to an emerging threat (risk potential to become an incident). A Disaster Recovery Plan (DRP) provides the ability to be able to respond to early warnings/near misses and incident occurrence. Business must continue to operate (even if this means service quality changes slightly for a period during recovery activity).

The aim of Disaster Recovery Planning is to design a plan, develop and test processes to follow, establish decision-making criteria and knowing what needs to be done, in what order, by who, to restore impacted technology and infrastructure to return the business back to peak efficiency as soon as practical.

a) Design (What, When, Who, How and Priority Order)

b) Develop (BCP driving key infrastructure recovery priority)

c) Test (Physical and Desktop based testing possible incident scenarios)

d) Improve (Seek ways to reduce the incident rate or outage time through infrastructure)

The above is by no means comprehensive, but instead gives us an insight into the thinking around business resilience.

So, you may wish to ask:

  1. Have I identified key risk scenarios that would hurt my business?
  2. Are we preventing and monitoring these potential scenario triggers?
  3. Do I have a Business Continuity Plan?
  4. Do I have a Disaster Recovery Plan?
  5. Who is assigned to proactively own and drive the business resilience activities?

If I don’t know the answers to the 5 questions above, then I would benefit from an assessment of my current status.

Assess your business resilience via our assessment tool here. 

Insync offers a high-level assessment, in-depth assessments, and assistance in developing roadmaps for business resilience programs so that you can do ‘the doing’ yourself and augment your skillset along the way.

Get in touch with our experienced team for assistance.

John Serrano

Senior Manager - Risk and Compliance

John is an accomplished risk and recovery professional with over 25 years’ experience in developing and delivering medium to large scale complex enterprise wide initiatives, risk frameworks and complex business investment justifications.

John has developed a strong reputation for ‘thinking outside of the box’ to execute effective strategies, risk/governance processes and business transformation, cultural change management, business readiness/disaster recovery planning, procurement/supply chain strategy, complex business-case development and ICT governance.

Want to learn more?

Subscribe to receive our latest Risk and Compliance Insights and Research as they become available.

Latest insights

Read all Insights
Supporting patient safety with higher employee engagement

Insync in association with Press Ganey utilised responses from 564,751 healthcare workers to analyse the strong relationship between patient safety and employee ...

Impact of COVID-19 on Patient Experience in Asia

With feedback from 3,627 patients, Press Ganey has analysed COVID-19's impact on Patient Experience in the Asian region and provided key strategies to build trust ...

Here’s proof that profitable growth starts with the employee experience

Engaged and aligned employees underpin customer experience excellence and that in turn drives organisational success. Learn how leader Defence Bank achieved success ...

Measuring and cultivating resilience and wellbeing of educators

The ongoing pandemic and supporting research has demonstrated a large impact on educators. Insync has created a solution for support addressing resilience and ...