Evaluating Business Continuity Management Software

Download Fusion's guide "Evaluating Business Continuity Management Software: A Buyer's Guide for Practitioners"


[The GRC Red Flag Series] Operational Resiliency and the Future of Risk & Resiliency Management

Posted on: July 22, 2021
Author: Fusion Risk Management

Firms globally and across industries are focusing on risk and resiliency. The organization has to maintain operations in the midst of uncertainty and change, and this is becoming a key regulatory requirement in some industries (e.g., financial services). This requires a holistic view into the objectives and performance of the organization in the context of uncertainty and risk. Organizations are striving for business and operational resiliency that requires integration and symbiotic interaction of risk management and business continuity. The organization in 2021 has to be a resilient organization with full situational awareness of the interconnected risk environment that impacts them.

Resiliency is the capacity to recover quickly from difficulties/events; the ability of a business to spring back into shape from an event. This is very critical, and organizations are moving to bring together operational risk management and business continuity management into what is now defined as an operational risk and resiliency program. Business continuity management as a separate function in the organization is a thing of the past, and over the next two to three years we will see a mass migration to an integrated operational risk and resiliency program.

However, there is more that needs to happen: organizations also need to be agile. Agility is the ability of an organization to move quickly and easily; the ability to think and understand quickly. Good risk management is going to clearly understand the objectives of the organization, its performance goals and strategy, and continuously monitor the environment for 360° situational awareness to be agile – to see both opportunities as well as threats so the organization can think and understand quickly and be prepared to move to navigate to seize opportunities while avoiding threats/exposures to the organization and its objectives.

We need agile organizations to avoid and prevent events, but we also need agility to seize on opportunities and reliably achieve (or exceed) objectives. Agility is not just avoidance of hazards, threats, harms. Agility is also the ability to understand the environment and engage to advance the organization and its goals. Organizations need to be agile and resilient.

Presenters: Michael Rasmussen, GRC Analyst & Pundit at GRC 20/20 Research, LLC, Joe Woulfe, Head of Operational Risk and Resiliency at AQR Capital Management, Rob van den Eijnden, Global Head Business Continuity & Resilience at Philips, and Mike Campbell, CEO of Fusion Risk Management