Given the increase in crises, all organizations are looking to achieve resilience. They’ll need to formulate resilience policy to anticipate and respond to changing conditions, though.
But what comes after that? Now, we venture into the realm of resilience policy implementation. How to implement resilience policy?
We tackle it all in the following article.
What is resilience policy?
Indeed, it takes a dedicated strategy to achieve business resilience. Resilience strategy itself establishes objectives and corresponding activities in accordance with resilience policy.
But what about resilience policy? Resilience policy, on the other hand, sets the parameters for top management to embed resilience objectives into organizational strategies.
The resilience policy lifecycle
Resilience policy goes through a lifecycle, leading up to implementation.
The first element of that lifecycle is policy formulation. As the term suggests, resilience policy formulation is the documentation of the intention to enhance resilience and assign accountability for deliverance of that strategy.
Once formulated, resilience policy must be designed. That means developing a plan, supportive of various skills, leadership, knowledge, and experience, for a strategy that considers governance structure(s).
What is resilience policy implementation?
The final element of the resilience policy lifecycle is policy implementation. This stage answers the logistical question, how can an organization effectively manage risk and adapt to change?
What happens during this stage? Implementation consists of providing adequate resources to implement resilience strategy, specifically considering how the organization will anticipate, identify, absorb, and manage change, as well as coordinate and align systems.
Steps to implement resilience policy
That might sound theoretical, but it’s really not.
Building organizational resilience is a cross-functional effort. And so, the first step to implementing resilience policy is securing stakeholder commitment to the ongoing enhancement of resilience.
Who are those stakeholders? Every organization is different, but stakeholders are likely to include:
- Staff
- The Board of directors
- Senior management
- Key customers
- Partners
- Suppliers
- Key regulators
- The public
From there, a cross-functional team, likely headed up by the Chief Resilience Officer, needs to identify key products and services, customer segments/markets, channels, obligations, and financial/value-added outcomes.
If this step sounds like operational resilience mapping, that’s because it’s the very same exercise.
Once that mapping has concluded, the team needs to define the contours (or scope) of strategy implementation. In simpler terms, determine what will your resilience strategy cover.
Once you’ve determined that, you can develop associated action plans to deliver on strategy objectives.
What areas should the resilience plan cover?
But what areas should be covered? If you are building out a plan, make sure it accomplishes the following:
- Establishes key focus areas for delivery
- Establishes key performance indicators (KPIs)
- Develops action plans to deliver the strategy
- Allocates appropriate resources to deliver the plan
- Communicates and consults with interested parties so that the plan is effectively developed
- Informs top management on ongoing progress and delivery of the plan
From there, top management will have to allocate the necessary resources to ensure the resilience initiative is viable and successful. The exact resources to consider, here, are qualified personnel, information and knowledge management systems (e.g., operational resilience software), professional development and training, and intangibles like relevant processes and procedures.
Finally, who’s responsible for implementing resilience policy? According to best-practice, international standard ISO 22336, the resilience lead – we think a CRO fits the bill, here – is best placed to communicate, coordinate, and promote resilience initiatives.
To learn more about the specific responsibilities allocated to that role, read our Chief Resilience Officer’s Guide to Resilience Policy and Strategy Standard, ISO 22336.
.svg)
.svg)
.svg)