2020 was a year of change
The world of business in 2021 is distributed, dynamic, and disrupted. It is distributed and interconnected across a web of business relationships with stakeholders, clients, and third parties. It is dynamic as business changes day-by-day: processes change, employees change, relationships change, regulations and risks change, and objectives change.
2020 was the poster child for business and third-party disruption, and it rolls into 2021. The ecosystem of business objectives, uncertainty/risk, and integrity requires contextual awareness of operations and risk to achieve resiliency – rather than a dissociated collection of processes and departments. Change in one area has cascading effects that impact the entire ecosystem.
This interconnectedness of risk in the business is driving demand for 360° contextual awareness to be resilient so the organization can reliably achieve objectives, address uncertainty, and act with integrity. Organizations need to see the intricate intersection of objectives, risks, and boundaries across the business.
A new focus on resilience
The elements of distributed, dynamic, and disrupted business are driving significant changes in operational resiliency strategies in organizations in 2021. Firms globally and across industries are focusing on resiliency. The organization has to maintain operations in the midst of uncertainty and change, and this is becoming a key regulatory requirement in some industries.¹ This necessitates a holistic view into the objectives and performance of the organization in the context of uncertainty and risk.
Organizations are striving for business and operational resiliency that requires an integration and symbiotic interaction of risk management and business continuity. The organization in 2021 has to be a resilient organization with full situational awareness of the interconnected risk environment that impacts them.
This starts from the top and works down:
- Business resilience is focused on the overall resilience of the organization, which includes strategy, liquidity, integrity, and operational resilience.
- Operational resilience is a component of business resilience focused on internal processes, services, people, systems, relationships, and external events. Operational resilience is the ability of organizations to prevent, adapt, respond to, recover and learn from operational disruptions.²
- Digital resilience is an aspect of operational resilience that delivers the ability to assure operational integrity from a technological perspective.³
Being resilient requires multiple inputs and methods of modeling and analyzing risk and disruption in context of the impact on the objectives of the organization. This requires information gathering — risk intelligence — so the organization has a full perspective and can make better business decisions. The resilient organization will have a cohesive strategy that links business, operational, and digital resilience together.
The requirements of resilience
This requires an integration of traditional enterprise and operational risk management with business continuity as well as third-party management. This is supported by the right information and technology architecture to provide 360° contextual awareness of risks, disruption, and impact on objectives.
This cannot be accomplished if these functions are approached from silos, manual processes, and a mountain of documents, spreadsheets and emails. It requires an integrated process, information, and technology architecture to enable a discipline of decision-making that has a symbiotic relationship on performance and strategy of the organization.