Business Continuity and Resilience

Enterprise-Wide Resilience Planning Imperatives for an Uncertain Business Environment

Matthew WatsonDugan Krwawicz
October 18, 2022
5 min read

When it comes to resilience planning, enterprise leaders have their hands full. Maintaining continuity of critical operations in the face of an uncertain economic environment, the lingering effects of pandemic-related supply chain disruptions, an uptick in climate-driven catastrophic events and more has created a situation in which conventional strategies are simply not as effective as they once were.

Those strategies tended to put cybersecurity, business continuity, disaster recovery and a range of other risk-management initiatives into separate, often disconnected siloes. But now, many organizations have recognized that an impactful resilience strategy will require enterprise-wide planning and sustained integration to optimize the effectiveness of how their organizations will nimbly respond to business disruptions.

Factors to consider and who’s in charge?

Technology leaders we’ve spoken with over the last year are nearly unanimous in detailing the numerous factors they now need to consider when taking a holistic look at resilience planning. Here’s a quick synopsis:

  • Automated resilience testing – are the right architectures being utilized to optimize technology resilience?
  • Cloud migration — leveraging both on-premise and cloud resources while reconciling continuity of operations in both environments; is there a path to alignment?
  • Security – requires a significant time investment and having the right skillsets onboard; what level of risk is the organization willing to take?
  • Third-party resilience – do vendors’ resilience capabilities match or exceed the organization’s needs to bounce back quickly?
  • Regulatory environment – will regulatory requirements impact the resilience planning and response process?
  • Innovation includes people and processes – it can’t be said enough: people and processes drive successful resilience innovation; does the enterprise have a high-performing team that is confident in how resilience should work?

With so much to consider in establishing a dynamic resilience strategy, it’s clear there are bound to be competing interests. Priorities are in the eye of the beholder. Who calls the balls and strikes? And how are priorities rationalized? What we’ve discovered is likely no surprise to any leader as leaders tend to be myopic depending on where they sit in the organization. But it’s imperative that all leaders involved in resilience planning are marching toward the same objective. This is a shift in thinking and requires the voice of one strong leader who can monitor and maintain collaboration across the enterprise. We’ve found it’s best for that individual to be someone who understands technology and how the business utilizes that technology. That leader should direct where the resilience plans reside and how they will satisfy organizational objectives. He or she should also have clearly defined roles, with measurable objectives and responsibilities, to keep people engaged, involved and understanding their role in the success of the program. Finally, leaders influencing resiliency should be conversant in the formal strategy and how the people, processes and technology dependencies (and other types of dependencies, i.e., third parties) work together in one cohesive and flexible solution.

Balancing competing priorities

This strong leader is ready to develop and deliver an ironclad resilience program for the enterprise but must carefully dance through competing priorities in order to accomplish that feat. Perhaps the most intimidating hurdle could be finding the right balance between innovation and legacy processes. There is likely to be resistance from the “we’ve always done it this way” crowd, who are likely to hang on to the old ways unless they can be gently convinced to change. There will be bridges to be crossed to bring both top-level executives and mid-level managers into agreement on what a resilience strategy means and why it is important. Then, the implementation gaps between strategy and execution will need to be closed, as the resilience leader synchronizes both strategic priorities and tactical issues that need to be considered. To do this, a successful resilience leader will engage with business partners across the organization and understand their needs, involving them as appropriate. A good resilience plan will continuously evolve as the organization adapts to its changing priorities.

The ”ilities” and the “ations” – chaos engineering

During a recent roundtable conversation with technology leaders from a variety of organizations, one of the attendees brought up the “ilities” and the “ations” that need to be considered when putting a resilience plan in place. The “ilities” include things like scalability – will the plan adapt with the organization’s needs? Or capabilities – can third-party vendors deliver when needed? Then there are the “ations,” including innovation, applications, synchronization, operations, orchestration and more.

We often suggest our clients address the “ilities” and “ations” by harnessing the power of chaos engineering, or breaking things on purpose — and we found that many leaders in our roundtable group already do this. Chaos engineering provides the enterprise a common understanding of how to apply resilience principles, skillsets and architectures to manage in a hybrid environment. Testing an organization’s resilience before actual chaos happens helps identify where tactical teams need to enhance response capabilities and whether communication is cohesive. It forces silos to be knocked down. Seeing what can happen from different perspectives ultimately paves the way for a resilience plan that ensures the synchronization we mentioned above.

This topic is worth spending more time on, so we are planning a follow-up blog in which we will discuss how we progress through complicated situations – and every resilience plan is complicated, no matter the size and scope of the organization.

The resilience challenges we see today are only going to grow more complex. Take the necessary steps now to get a resilience program underway that addresses both the hearts and minds of the organization. We can help.

To learn more about our business continuity and resilience planning solutions, contact us or download our Guide to Business Continuity and Resilience.

Matthew Watson

Managing Director
Technology Strategy and Operations

View all posts

Dugan Krwawicz

Director
Technology Risk and Resilience

View all posts

You may also like

Subscribe to Topics

Protiviti Technology Follow

Protiviti leverages emerging technologies to innovate, while helping organizations transform and succeed by focusing on business value.

ProtivitiTech
protivititech Protiviti Technology @protivititech ·
16h

Learn more about what GRC Managed Service is and what it can do for SAP S/4HANA and SAP cloud solutions in the latest #SAP Blog post. https://ow.ly/OMaL50RfsHw #ProtivitiTech

Reply on Twitter 1781035159438954997 Retweet on Twitter 1781035159438954997 Like on Twitter 1781035159438954997 Twitter 1781035159438954997
protivititech Protiviti Technology @protivititech ·
17 Apr

Protiviti is a proud sponsor of ServiceNow Knowledge 2024—a three-day conference all about #AI. Stop by our booth (#2503) to visit with our team and learn how the #ServiceNow platform makes business transformation possible. https://ow.ly/qa6p50Rh9wf

Reply on Twitter 1780627914964308382 Retweet on Twitter 1780627914964308382 Like on Twitter 1780627914964308382 Twitter 1780627914964308382
protivititech Protiviti Technology @protivititech ·
16 Apr

What is #DesignThinking? Could it help your organization? Find out how Protiviti uses it to help clients build net new applications and modernize legacy systems. https://ow.ly/fMK550Rfsoi #ProtivitiTech

Reply on Twitter 1780204913663873376 Retweet on Twitter 1780204913663873376 Like on Twitter 1780204913663873376 Twitter 1780204913663873376
protivititech Protiviti Technology @protivititech ·
15 Apr

Join our May 2 webinar designed for privacy and security professionals seeking to navigate the intricate nuances of data governance within the ever-evolving global regulatory landscape. Register today! https://ow.ly/hzrG50R4fTX #ProtivitiTech #DataPrivacy

Reply on Twitter 1779872392535212145 Retweet on Twitter 1779872392535212145 2 Like on Twitter 1779872392535212145 1 Twitter 1779872392535212145
protivititech Protiviti Technology @protivititech ·
12 Apr

The latest Technology Insights Blog post offers insight into the unique risks associated with Large Language Models (LLMs) and how to establish strategies to mitigate them. https://ow.ly/q3w550RfbXm #ProtivitiTech #TechnologyInsights

Reply on Twitter 1778890996282982442 Retweet on Twitter 1778890996282982442 Like on Twitter 1778890996282982442 Twitter 1778890996282982442
Load More