By; Michael D. Moberly
Organizational resilience should not be conceived or characterized as simply an ‘insurance’ measure that provides a company with ’coverage’ if or when adverse events occur or risks actually materialize. Rather, management teams and boards would be prudent, in today’s risk laden global business environment, to frame – adjust their organizational resilience plan so that it serves as a strategic path for moving a company, operationally speaking, from a defensive and reactive posture to having a succession – series of highly proactive responses/actions to address risks and adverse events, one aspect of which is focused on improving (exploiting) or at least sustaining, a company’s competitive position during the duress event.
Organizational resilience today, and certainly for the foreseeable future, is much more than mere defensive steps to protect a company, rather OR must also include proactive measures for actually improving a company’s competitive position throughout the duress event. This, of course, requires company management teams and boards to recognize that materialized risks or adverse events may, for resilient companies, present valuable and exploitable competitive advantage opportunities, presuming other industry sector companies and/or competitors are experiencing similar risk events simultaneously.
So, what are the ‘building blocks’ to organizational resilience? Goble, Fields, and Cocchiara of IBM’s ‘improving business resilience through a resilient infrastructure’ unit point to:
1. Recovery -elevates awareness to the onset of particular risks and/or adverse events which in turn enables a company to return to an acceptable state of operational normalcy and performance in an acceptable time period.
2. Hardening -is the use of strategies to make a company’s key infrastructure harder, i.e., more challenging, more difficult, and ultimately, less susceptible to certain risks and adverse events. Hardening increases the efforts (resources, time, etc.) that adversaries must expend to actually execute a particular (man made) risk, threat, or adverse event by literally denying or, at minimum, limiting access to the infrastructure itself. Companies should be mindful that excessive (extreme) use of infrastructure hardening tactics, can create a ‘fortress mentality’ (imagery) whereby partners, stakeholders, and valuable contributors to the company’s value-supply chain may find offensive and withdraw.
3. Redundancy – ensuring the company infrastructure has a sufficient number of ’redundancies’ (i.e., back-ups, duplications) designed/built into it relative to meeting its mission critical priorities.
4. Accessibility – the ability of a company as a whole, i.e., its employees and value-supply chain partners and stakeholders to retain the ability to access (from anywhere) the relevant and necessary (company) infrastructure, including communication systems.
5. Diversification – the goal is straightforward; create an infrastructure that can be fully operational while being physically distributed and is still capable of being effectively managed during periods of duress. The premise of operational diversity is straightforward, don’t allow all of a company’s eggs to remain in a single basket.
6. Information Technology Autonomics – self-managing and self-regulating IT systems and infrastructure that is not vulnerable to succumbing to anticipated-projected risks and adverse events.
No comments:
Post a Comment