Operational Resilience Body of Knowledge (OR BoK) Series
BGBann_Playbook_Crisis Management

[OR] [BOK] [5] [P1] [S5] Develop and Embed Governance

Capability and maturity are models against which an organisation’s operational resilience performance can be measured and improved.

These capability and maturity models describe the essential elements of effective operational resilience processes and work to be executed in the organisation. The rigour and quality of the process used to develop them highly influence the assurance of continuing business services.

This blog [OR-P1-S5] elaborates on the content for Stage 5 of the "PLAN" phase or P1 of the OR Planning Methodology.  

Course Participants: This blog is a pre-reading for the Operational Resilience Expert Implementer course participants.

Certification Application: The "How To" section is designed to assist successful participants in completing their Certification Application Form or CAF.

Moh Heng Goh
Operational Resilience Certified Planner-Specialist-Expert
New call-to-action

 

Element

Description

Purpose
  • To establish a structured governance framework that defines accountability, ownership, oversight, and decision-making processes for Operational Resilience (OR).
  • Embedding governance ensures that OR is not treated as a one-off initiative but is sustained through leadership, policies, and organisational culture.
Objectives
  • Define the organisational structure, roles, and responsibilities for OR governance.
  • Establish oversight committees and reporting lines.
  • Ensure senior management and board accountability for resilience.
  • Integrate OR into existing governance structures (e.g., risk, compliance, audit).
  • Develop policies, charters, and mandates that formalise OR governance.
  • Promote transparency, communication, and escalation protocols.

Inputs
  • OR Strategy and Policy (from earlier stages of Phase 1).
  • Organisational Risk Appetite and Tolerance.
  • Regulatory and industry governance expectations.
  • Existing corporate governance frameworks (risk, compliance, BCM, IT, cyber, etc.).
  • Stakeholder requirements and board directives.

Activities
  • Define governance structure: committees, working groups, and reporting mechanisms.
  • Assign accountability to senior management and board-level oversight.
  • Develop OR governance documents (charters, terms of reference, policies,  mandates).
  • Establish escalation and decision-making protocols for disruptions.
  • Integrate governance requirements into the wider organisational governance ecosystem.
  • Conduct awareness and engagement sessions with stakeholders to embed governance culture.
  • Align with regulatory expectations and industry best practices.

Outputs
  • Operational Resilience Governance Framework.
  • Governance Charter and Terms of Reference.
  • Defined accountability and ownership matrix (RACI model).
  • Established committees (e.g., OR Steering Committee, Risk Committee).
  • Documented escalation and reporting procedures.
  • Integration of OR governance into enterprise risk and compliance structures.

Linkages
  • Upstream: OR Strategy (P1-S2), Establish Leadership & Accountability (P1-S3), Identify Critical Business Services (P1-S4).
  • Downstream: Implementation of governance through OR Program (Phase 2), Monitoring & Reporting (Phase 3).
  • Cross-linkages: Enterprise Risk Management (ERM), Business Continuity Management (BCM), Compliance & Regulatory Governance, Information Security Governance.
 
 
"Plan" Phase of the OR Planning Methodology

 

Assess Capability and Maturity Analyse Gap Develop Strategy and Roadmap Confirm Risk Appetite Develop and Embed Governance  
OR PM Plan Assess Capability and Maturity OR PM Plan Analyse Gap New call-to-action New call-to-action OR PM Develop and Embed Governance  

 

More Information About Blended Learning OR-5000 [BL-OR-5] or OR-300 [BL-OR-3]

Contact our course consultant colleagues to learn more about our blended learning program and the next course schedule.  They are the BL-OR-3 Blended Learning OR-300 Operational Resilience Implementer and the BL-OR-5 Blended Learning OR-5000 Operational Resilience Expert Implementer.

BL-OR-3 Register Now BL-OR-3_Tell Me More BL-OR-3_View Schedule
BL-OR-5_Register Now BL-OR-5_Tell Me More [BL-OR] [3-4-5] View Schedule
[BL-OR] [3] FAQ OR-300

If you have any questions, click to contact us.Email to Sales Team [BCM Institute]

 FAQ BL-OR-5 OR-5000
New call-to-action

New call-to-action

 New call-to-action

Comments:

 

More Posts

New Call-to-action
BCMIWhiteLogoSmall.png
All rights reserved. Copyright 2025