Login

Operational ResilienceDefining Operational Resilience: How Much is Enough?

On the wooden kitchen table sat three bowls of porridge, and Goldilocks felt quite hungry. She began by trying the porridge from the first bowl.

“This porridge is just too hot!” she exclaimed.

Undeterred, she moved on to the porridge in the second bowl.

“This porridge is just too cold,” she shivered.

She finally turned her attention to the last bowl of porridge.

“Yum, this porridge is just right,” she declared, wearing a mischievous grin as she winked and polished it off.

Now, you might be wondering, “What does this have to do with resilience?”

 

The Goldilocks Principle of Operational Resilience

When determining how resilient your organization should be, it’s important to strike a balance. You don’t want an approach that is too big, cumbersome, rigid and inflexible, nor do you want to be too lax and susceptible to every disruption. Instead, aim for a level of resilience that is just right for your business’s unique context, industry, and risk profile. This balance is often referred to in other industries as the “Goldilocks Principle” – not too much, not too little, but just enough to weather the storms.

Operational Resilience and the Goldilocks Principle share common themes of finding the right balance, optimizing resource allocation, and continuous improvement. Operational Resilience efforts should align with the Goldilocks concept to ensure that organizations are well-prepared for disruptions without being overly burdened by excessive costs or complexity. There are three primary mechanisms for this process:

Understand Your Important Business Services: Start by identifying the critical functions and processes within your organization. These are the activities that are essential for your business to operate successfully. By prioritizing these functions, you can allocate resources and efforts to ensure their resilience in the face of disruptions. This strategic approach ensures that you’re focusing your resilience efforts where they matter most.

Set Your Tolerances for Impact: To determine your organization’s desired level of resilience, conduct a comprehensive risk assessment. Understand the impact of disruption to critical business services through a customer and market lens. Set maximum thresholds for disruptions and manage to them. Reverse-engineer dependencies.

Consider Severe but Plausible Scenarios: Identify potential threats and vulnerabilities that could impact your business, both internally and externally. Consider the likelihood and potential impact of these threats. This information will help you prioritize your resilience efforts and allocate resources accordingly.

Once you have a thorough understanding of your organization’s critical functions and the risks it faces, set clear and measurable resilience objectives. These objectives should align with your organization’s overall strategic goals and provide a framework for resilience planning and implementation. They could include targets for recovery time, resource allocation, and capability building for employees and third parties.

 

Defining Your “Just Right” with Microsimulations

Microsimulations, or bite-sized simulations, can be a valuable tool for organizations to manage to the Goldilocks Principle by providing a realistic, controlled and safe environment to test and refine their operational resilience strategies.

Here are 5 ways microsimulations can be used effectively in this context:

1. Risk Assessment and Scenario Planning

  • Microsimulations engage your team in scenario thinking, allowing them to design lightweight stories that put their team in the path of severe but plausible disruptions in a controlled, gamified environment.
  • Microsimulations allow organizations to create highly detailed and realistic scenarios that simulate various disruptions or crises on important business services, such as cyberattacks, natural disasters, or geopolitical risks.
  • Teams can use these simulations to assess the impact of different levels of disruption on important services and identify vulnerabilities.

2. Testing Resilience Strategies and Resource Allocation

  • Organizations can use Microsimulations to test different levels of resilience strategies, ranging from minimal preparedness to extensive planning.
  • Teams can adjust parameters within the simulation to represent different degrees of resilience and evaluate how each strategy performs under various conditions.

3. Identifying Bottlenecks and Dependencies

  • Microsimulations allow organizations to identify bottlenecks and dependencies within their operations. Teams can pinpoint areas where improvements are needed to enhance resilience.
  • Understanding dependencies is crucial for achieving the right balance, as it helps organizations avoid over-investing in some areas while neglecting others.

4. Training, Capability Development, and Supporting Continuous Improvement

  • Microsimulations can be used as training tools to prepare employees for different resilience scenarios.
  • Teams can practice their response to disruptions and develop the skills necessary to adapt and recover effectively.
  • Microsimulations support a cycle of continuous improvement by enabling organizations to iterate and refine their resilience strategies based on simulation results.
  • Teams can adjust their strategies as new information becomes available or as the organization’s risk profile changes.

5. Data-Driven Decision-Making

  • Microsimulations provide data and insights that help organizations make informed decisions about their resilience objectives.
  • Teams can use simulation results to justify investments in resilience measures to leadership teams and other stakeholders.

 

How Resilient Do We Want to Be?

Operational Resilience is not a one-time effort but an ongoing process that requires regular engagement with your team, from the boardroom to the shop floor. Regularly review and reassess your resilience objectives to ensure they remain relevant in a changing environment. Be prepared to adapt and refine your resilience strategies as new threats and challenges emerge.

Defining how resilient your organization should be is a crucial step in building a robust and adaptable business. By striking the right balance and aligning resilience objectives with your organization’s strategic goals, you can navigate disruptions with confidence and ensure your long-term success. Remember that resilience is not about eliminating all risks but about building the capability to respond effectively when faced with adversity.

 

Author

Paula Fontana

VP, Global Marketing

iluminr

 

previous
Gamechangers in Resilience: The Human Firewall
next
Improv-ise Your Resilience: 5 Dynamic Games for Response Readiness
PLATFORM

Microsimulations
Threat Intelligence
Emergency Notifications
Crisis Event Rooms

SOLUTIONS

Building Preparedness and Capability
People Welfare & Safety
Hurricane Preparedness & Response
Managing Supply Chain Disruption
Cyber Preparedness & Response

See all solutions →

ABOUT US

Our Values
Meet the Team
Careers
Contact Us

RESOURCE CENTRE

Project Evergreen
Raise a Ticket
Knowledge Base
News and Blog
Events

.

Subscribe to News & Event updates
iluminr - threat intelligence, communications, critical event management

© 2024 iluminr. All rights reserved | Privacy Policy | Terms of Use

iluminr - threat intelligence, communications, critical event management
PLATFORM

Microsimulations
Threat Intelligence
Emergency Notifications
Crisis Event Rooms

SOLUTIONS

Building Preparedness and Capability
People Welfare & Safety
Hurricane Preparedness & Response
Managing Supply Chain Disruption
Cyber Preparedness & Response
See all solutions →

ABOUT US

Our Values
Meet the Team
Careers
Contact Us

RESOURCE CENTRE

Project Evergreen
Raise a Ticket
Knowledge Base
News and Blog

Subscribe to News & Event updates

© 2024 iluminr. All rights reserved | Privacy Policy | Terms of Use

Stay ahead of digital risks and enhance your response capabilities - Join Wargame to Gameday 2024!Register now
+