Some things are hard to predict. And others are unlikely. In business, as in life, both can happen at the same time, catching us off guard. The consequences can cause major disruption, which makes proper planning, through business continuity management, an essential tool for businesses that want to go the distance.
In recent years, a new consensus of the concept of resilience emerged as a practical response to the decreasing lifespan of organisations and from the key stakeholders, including boards, governments, regulators, shareholders, staff, suppliers and customers to effectively address the issues of security, preparedness, risk, and survivability.
- Being resilient is a proactive and determined attitude to remain a thriving enterprise (country, region, organization or company) despite the anticipated and unanticipated challenges that will emerge;
- Resilience moves beyond a defensive security and protection posture and applies the entity’s inherent strength to withstand crisis and deflect attacks of any nature;
- Resilience is the empowerment of being aware of your situation, your risks, vulnerabilities and current capabilities to deal with them, and being able to make informed tactical and strategic decisions; and,
- Resilience is an objectively measurable competitive differentiator (i.e., more secure, increased stakeholder and shareholder value).
What is Organizational Resilience?
Organizational resilience is the ability of an organization to absorb and adapt in a changing environment to enable it to deliver its objectives and to survive and prosper. More resilient organizations can anticipate and respond to threats and opportunities, arising from sudden or gradual changes in their internal and external context. Enhancing resilience can be a strategic organizational goal, and is the outcome of good business practice and effectively managing risk.
ISO 22316:2017 - Security and resilience - Organizational resilience - Principles and attributes
ISO 22316:2017 provides guidance to enhance organizational resilience for any size or type of organization. It is not specific to any industry or sector. ISO 22316:2017 can be applied throughout the life of an organization.
There is no single approach to enhance an organization’s resilience. There are established management disciplines that contribute towards resilience but, on their own, these disciplines are insufficient to safeguard an organization’s resilience. Instead, organizational resilience is the result of the interaction of attributes and activities, and contributions made from other technical and scientific areas of expertise.
These are influenced by the way in which uncertainty is addressed, decisions are made and enacted, and how people work together.