An Integrative Approach to Business Risk-Management & Disaster Recovery
In the globalized and hyper-mediated world we live in, it is hard to ignore the seeming increase of unexpected events. The Boston bombings, the political uprising in Egypt, the bird flu pandemic scare in Japan, the tornado in Oklahoma and the floods in Calgary all happened within the past six months.
As a recent Harvard Business Review article put it, “Surprises are the New Normal; Resilience is the New Norm”.
Business resilience is a term for a collection of processes and procedures that enable a business to endure these types of unplanned events and recover from any damages that do occur. IBM defines business resiliency as “The ability of an organization’s business operations to rapidly adapt or respond to internal or external dynamic changes—opportunities, demands, disruptions or threats—and continue operations with limited impact to the business.”
So clearly, business resiliency is about much more than just disaster recovery and there are several other factors at play. The following graphic is a visual representation of the many aspects of business resilience:
As you can see, there are two main branches of business resilience. Crisis management encompasses both unplanned manmade and natural events that can disrupt business operations. This could include the more obvious events like earthquakes, fires and floods and the less obvious such as malicious rumors, political protests or a biological attack. Crises occur when a disruptive event happens with little or no time to plan. In these cases, a crisis management response is needed to reestablish normal business operations. A large part of crisis management is protecting the wellbeing of all employees during and after the crisis.
Business Continuity also has two aspects: internal and external events that have the potential to effect a company’s normal operations without being qualified as a crisis. Internal events could include anything that disrupts employee wellbeing, offices/facilities or normal business processes. This may include IT-related issues like power outages or building problems like a flood in the basement. External events that require business continuity planning can include things like pandemics, supply chain issues or other regional events that prevent employees from going to work like avalanches, flooding or threats to national security.
Business Continuity and Crisis Management both require planning and regular testing to be successful in ensuring business resilience. The main goal with all business resilience objectives is to ensure your business will remain responsive, secure and compliant during any disruptions or changes that may occur.
If you have any questions about Business Resilience, you can download our white paper called “Business Continuity & Resilience – The Basics” or contact us.