![BB OR [D] 6](https://blog.bcm-institute.org/hs-fs/hubfs/BB%20OR%20%5BAi%20Gen%20Blog%20Photo%5D/OR%20Pictures%20A/BB%20OR%20Folder%20D/BB%20OR%20%5BD%5D%206.jpg?width=2000&height=1333&name=BB%20OR%20%5BD%5D%206.jpg "BB OR [D] 6")
Chapter 9
![[OR] [Pillar] [Banner] Identifying Critical Business Services](https://no-cache.hubspot.com/cta/default/3893111/f5244393-5a7d-455a-94f2-d843b5d524bc.png)
Integration with Operational Resilience Framework
Introduction
![[OR] [P2] [S1] [CBS] [C9] Integration with Or Framework](https://no-cache.hubspot.com/cta/default/3893111/29dc7521-86eb-42d3-abba-483c80477470.png)
Identifying Critical Business Services (CBS) is not an isolated activity—it is the central anchor that connects all components of an Operational Resilience (OR) framework. Once CBS are defined and approved, they become the focal point for designing, implementing, and validating resilience capabilities across the organisation.
This section explains how CBS integrates with key OR components, ensuring that resilience efforts are aligned with what truly matters: the continuous delivery of critical services to customers and stakeholders.
CBS as the Foundation of Operational Resilience
CBS serves as the foundation upon which the entire operational resilience framework is built. Rather than attempting to make every process or system resilient, organisations focus their efforts on ensuring that critical services can withstand disruption.
This service-centric approach:
- Aligns resilience efforts with customer outcomes
- Enables prioritisation of resources and investments
- Provides a clear structure for governance and accountability
All subsequent OR activities—impact tolerance, mapping, testing, and response—are anchored on the identified CBS.
Link to Impact Tolerances
Once CBS is identified, organisations establish impact tolerances for each service. Impact tolerance defines the maximum level of disruption a service can withstand before causing unacceptable harm.
For each CBS, organisations determine:
- Maximum Tolerable Downtime (MTD)
- Maximum Tolerable Data Loss (MTDL)
- Acceptable levels of customer impact
The relationship is direct:
- CBS defines what must be protected
- Impact tolerance defines how much disruption is acceptable
This ensures that resilience objectives are measurable, outcome-driven, and aligned with regulatory expectations.
Link to Mapping and Dependencies
CBS provides the scope for mapping and dependency analysis, which involves identifying all resources required to deliver each critical service.
This includes:
- People (key roles and skills)
- Processes (supporting workflows)
- Technology (applications, infrastructure, data)
- Third parties (vendors, service providers)
By mapping dependencies:
- Organisations gain visibility into vulnerabilities
- Single points of failure can be identified
- Interconnections between services and systems are understood
Without a clearly defined CBS, dependency mapping would lack focus and become overly complex.
Link to Scenario Testing
Scenario testing evaluates whether CBS can remain within its defined impact tolerances during severe but plausible disruptions.
CBS determines:
- Which services must be tested
- What scenarios are relevant
- What outcomes must be achieved
Examples of scenario testing include:
- Cyberattack affecting core banking systems
- Third-party outage impacting payment processing
- Natural disaster disrupting physical operations
Through scenario testing:
- Gaps between current capabilities and required resilience are identified
- Recovery strategies are validated
- Improvements are prioritised
This creates a feedback loop between CBS identification and resilience enhancement.
Link to Crisis Management
CBS plays a critical role in crisis management and response prioritisation. During a disruption, decision-makers must quickly determine which services to prioritise for recovery and resource allocation.
With CBS clearly defined:
- Crisis teams can focus on restoring the most critical services first
- Communication with stakeholders can be prioritised based on impact
- Escalation and response strategies can be aligned with service criticality
This ensures that crisis response is structured, efficient, and aligned with organisational priorities.
Driving Resilience Investment Priorities
CBS identification enables organisations to make informed decisions on where to invest in resilience capabilities. Rather than spreading resources thinly, investments are targeted at protecting and strengthening critical services.
Examples include:
- Enhancing system redundancy for critical applications
- Strengthening third-party risk management for key vendors
- Improving recovery capabilities for high-impact services
This targeted approach ensures:
- Efficient use of resources
- Alignment with risk appetite and regulatory expectations
- Measurable improvements in resilience outcomes
The integration of Critical Business Services into the Operational Resilience framework transforms CBS from a conceptual exercise into a practical driver of resilience strategy and execution. By linking CBS to impact tolerances, dependency mapping, scenario testing, and crisis management, organisations create a cohesive and outcome-driven resilience model.
Ultimately, CBS acts as the “golden thread” that connects all elements of operational resilience. When properly integrated, it ensures that every resilience activity is aligned with the organisation’s most critical objective: maintaining the continuity of essential services under all conditions.
![[OR] [Pillar] [Thin Banner] Operational Risk Management](https://no-cache.hubspot.com/cta/default/3893111/05f77efd-5703-4216-a89a-5d22943fa1f3.png)
![[OR] [P2] [S1] [CBS] [C1] Purpose and Importance](https://no-cache.hubspot.com/cta/default/3893111/9209b90a-6f30-44d4-8312-7e07d8e15e58.png)
![[OR] [P2] [S1] [CBS] [C2] Defining a Critical Business Service](https://no-cache.hubspot.com/cta/default/3893111/0bd2a7d8-3e51-4108-afae-863ea1091523.png)
![[OR] [P2] [S1] [CBS] [C3] Key Regulatory Expectations](https://no-cache.hubspot.com/cta/default/3893111/71523836-ca82-45c7-8cf6-9cdb8f2ddf7d.png)
![[OR] [P2] [S1] [CBS] [C4] Principles for Identifying CBS](https://no-cache.hubspot.com/cta/default/3893111/9eccbeab-f423-4f60-861d-53925fefc630.png)
![[OR] [P2] [S1] [CBS] [C5] Methodology for Identifying Critical Business Services](https://no-cache.hubspot.com/cta/default/3893111/52fce9d7-691a-4cd3-abfd-cfdb229c704c.png)
![[OR] [P2] [S1] [CBS] [C6] Tools and Techniques](https://no-cache.hubspot.com/cta/default/3893111/0d09d714-62e2-471f-9526-a7c054f9bc21.png)
![[OR] [P2] [S1] [CBS] [C7] Common Challenges and Pitfalls](https://no-cache.hubspot.com/cta/default/3893111/fa7fd783-a1f2-4964-9116-94e4e67ea8dd.png)
![[OR] [P2] [S1] [CBS] [C8] Practical Example](https://no-cache.hubspot.com/cta/default/3893111/90c32cff-7453-47c3-ba0e-30bd7f2d1b47.png)
![[OR] [P2] [S1] [CBS] [C10] Governance and Continuous Review](https://no-cache.hubspot.com/cta/default/3893111/c35c8551-7ed5-4184-81ce-358c4d8a3e49.png)
![[OR] [P2] [S1] [CBS] [C11] Key Takeaways](https://no-cache.hubspot.com/cta/default/3893111/b81baa15-cf37-474c-abfb-39be84eecf15.png)
More Information About OR-5000 [OR-5] or OR-300 [OR-3]
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
![[BL-OR] [3-4-5] View Schedule](https://no-cache.hubspot.com/cta/default/3893111/d0d733a1-16c0-4b68-a26d-adbfd4fc6069.png)
![[BL-OR] [3] FAQ OR-300](https://no-cache.hubspot.com/cta/default/3893111/f20c71b4-f5e8-4aa5-8056-c374ca33a091.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
