Operational resilience: It’s time to embrace the era of constant change

Most companies aren’t prepared for this inevitability. Data from BCG shows that only 10% of companies are ‘resilient and thriving’.

PwC’s recent 2023 Global Crisis and Resilience Survey found that an incredible 91% of organisations experienced at least one disruption over the last two years (excluding the pandemic), with 76% saying that their most serious disruption had a medium-to-high impact on operations, ‘disrupting critical business processes and services and causing downstream financial and reputational issues’. It's no surprise, then, that 89% of respondents also said that resilience is one of their top strategic organisational priorities. According to data from BCI, over 76.6% of organisations reported they have an operational resilience program in place or are building one

"Organisations are contending with external macro forces and internal business transformations, and it is against this backdrop that resilience has become one of the most vital strategic priorities in the corporate world,” said David Stainback, Co-leader of PwC’s Global Centre for Crisis and Resilience (PwC).

These statistics highlight the importance of operational resilience for businesses. Companies must learn how to swiftly respond to disruption, accelerate digital transformation, and adapt operational practices in the face of such challenges by fully integrating all aspects of resilience into their Governance, Risk and Compliance (GRC) programs.

The importance of operational resilience in today's risk landscape

Kieran Seed of LexisNexis Regulatory Compliance writes:

“Operational resilience is a critical focus for organisations across a wide range of industries. Australia, the United Kingdom, and New Zealand, among others, have introduced regulations requiring entities in critical infrastructure sectors – including energy, financial services, healthcare, transport and communications – to prioritise operational resilience. These regulations aim to ensure the uninterrupted availability and reliability of essential services, with non-compliance resulting in substantial penalties.

The healthcare industry, especially after the COVID-19 pandemic, has recognised the need for improved operational resilience. Healthcare providers are expected to have contingency plans in place to address demand surges and other operational challenges to ensure the continuous delivery of healthcare services.

Additionally, increasing reliance on third-party technologies, particularly across financial services, prompts organisations to consider the implications of such dependence on external partners. Industries such as technology and communications are proactively investing in disaster recovery and cybersecurity measures to ensure service continuity and minimise data breach risks when partnering with external technology providers.

Furthermore, boards and senior management teams are under mounting pressure to be accountable for their organisations' operational resilience. This increased accountability has elevated the importance of cultivating a resilient corporate culture. Directors and managers are now tasked with embedding operational resilience into the organisation's foundation, making it an integral part of strategic decision-making and risk management.”