top of page

Business Resilience

 

Resilience is the capacity of a business or organisation, its stakeholders, supporting infrastructure and dependencies to avert or absorb adverse influences within a structure of defined, understood and managed risks in order to maintain the required outputs.  It is not a one-time process but a continual and dynamic approach to the maintenance of high grade services and product delivery. 

 

Resilience is founded on the assessment of risks to a business or organisation.  This assessment is underpinned by the business operations requirements and baselined against applicable legislation, regulation, standards and governance best practice. Any risk assessment will include the threats and vulnerabilities that apply to the deployed systems and their supporting infrastructure, and impacts on the service they deliver as well as the consequences for customer operations.  Tools that support this assessment include:

  • Stakeholder analysis

  • Formal risk assessment process

  • Business and operational dependency analysis

  • Business impact analysis

  • Security (physical, information and people) assessment

  • ICT systems technical audit

 

In conceptual terms, the constituents of Resilience are shown in the diagram on the left.  They are, on the outer ring, Preventative Measures which are aimed at reducing risk and avoiding impact and Contingency Measures which seek to reduce the impact of those events that have not been prevented.  Inner rings break down both these areas into more specialist disciplines.  

bottom of page