Organizational resilience is the ability of an organization to absorb and adapt in a changing environment so as to deliver on objectives, survive, and thrive. And while there’s no single approach to enhancing organizational resilience, international standard ISO 22316: 2017 does a good job of providing guidance on what’s generally needed to uplevel organizational resilience in this business environment.
In this article, we don’t rehash what ISO 22316 says in its entirety. Instead, we focus on one of its most important subsections, reporting.
Why’s that? Well, that’s because summary reporting provides senior management an assessment of resilience that senior leaders can then use to measure against the attributes most relevant to their organization.
Of course, summary reporting measures must be implemented to be effective in promoting organizational resilience. To that end, this article will lay out the digital capabilities needed to facilitate summary reporting and promote organizational resilience more broadly.
A primer on summary reporting in ISO 22316
So, what does ISO 22316 say about summary reporting?
The subsection dealing with summary reporting is purposefully brief but important, nonetheless. In it, the drafters of the standard advise senior leaders to use on-going reports to track trends in the data already being used to evaluate organizational resilience.
What’s more, they counsel senior management to use the end-to-end reporting process to develop an action plan for enhancing organizational resilience.
Standard stuff, we’d say.
The intermediary step, though, is one worth considering. And that’s procuring (or confirming that you already have) the right information management systems to provide essential data to support the inputs required to monitor organizational resilience.
Digital capabilities needed to ensure ongoing monitoring for organizational resilience
In this article, we up the ante a bit. Although the standard here only mentions information management, organizations will also need incident management capabilities should the trends pointing to resilience threats actually metastasize into critical events that affect resilience more directly.
We ask, then, what would such a comprehensive information and incident management system look like?
On the incident management front, we’ve found that the ability to seamlessly unify operational risk management, operational resilience, business continuity management, security operations, crisis and incident management, and emergency management into a single platform is needed to ensure a comprehensive and holistic approach to resilience.
Those, after all, are the key solution areas involved in organizational resilience.
Adding to that, standard incident management capabilities, such as the ability to activate teams, assign response tasks, record decisions, facts, assumptions, and share updates with key stakeholders, should also be included within an integrated resilience management platform.
Beyond managing incidents, an integrated platform should enable organizations to report on incidents throughout the entire incident lifecycle, as well.
And even before an incident happens, platforms that ensure compliance with ISO 22316 should let you analyze trends and create dashboards to visualize the metrics that are important to your organization.
Further integrated resilience management features covering information and incident management to consider include:
- Customizable dashboards that gather data using scrolling banners, live maps, and feeds to consolidate information from various sources, e.g., news, weather, social media, traffic, and natural disaster streams
- Chat, email, SMS, voice, app push messages, and other built-in crisis communication and collaboration tools that make it easy to work in real time with teams, better coordinate your response, and keep everyone informed
- Comprehensive library of best practices to generate crisis and incident response action plans
Finally, with the right digital integrated resilience management software capabilities, resilience-pursuing firms can facilitate reporting when it matters most and expedite incident prevention, response, and recovery. Need the full primer on how to implement ISO 22316 while harnessing resilience data to derive valuable insights for informed decision-making and take proactive actions to strengthen resilience? Download our Resilience Management Buyer’s Guide.