Operational Resilience Series
BGBann_Playbook_Crisis Management

[OR] [P3-S4] Provide Self-Assessment in Operational Resilience?

Self-Assessment in Operational Resilience ensures that the regulated organisation captures and documents the steps taken towards operational resilience and provides a comprehensive and objective evaluation of the organisation's strategy and overall ability to respond to disruptions.

This is the introductory blog [OR-P3-S4] to Stage 4 of the "SUSTAIN" phase of the OR Planning Methodology.  It is a pre-reading for participants attending the Operational Resilience Expert Implementer course.

Moh Heng Goh
Operational Resilience Certified Planner-Specialist-Expert

OR PM Sustain Provide Self-assessmentOR PM Sustaining Your Operational Resilience Program

What is Self-Assessment?

A key feature of managing operational resilience is the responsibility of the business service owner to produce an annual Self-Assessment report. 

The organisation must submit the Self-Assessment document to demonstrate its resilience and compliance with the regulations.

The content of the Self-Assessment document should be made available to the regulators when required. The self-assessment should focus on the following:

  • Ongoing evaluation of the methodology for identifying business services
  • Review the approach to prioritizing critical business services.
  • Ongoing evaluation of impact tolerances
  • Review the organisation’s approach to mapping critical business services.
  • Ongoing evaluation of testing scenarios
  • Business as usual governance of operational resilience
  • Implementation of resilience procedures and continuing review of procedures (including RACI)
  • Training delivered to impacted people and teams in line with newly embedded resilience procedures and any future changes
  • Investment and remediation are being made to close out vulnerabilities identified that threaten the organisation’s ability to deliver its critical business services.

New call-to-actionHow to Provide Self-Assessment?

This stage focuses on self-assessment as part of the "Sustain" phase in operational resilience planning. It emphasizes the importance of regularly monitoring and evaluating your organisation's resilience posture to ensure its effectiveness.

Prepare Self-Assessment

  • [1-1] Define Scope & Objectives
    • Establish what you want to assess (e.g., program effectiveness, specific risks) and tailor the scope accordingly.
    • Determine objectives (e.g., compliance, improvement).

  • [1-2] Identify Assessment Criteria
    • Choose relevant criteria aligned with your chosen framework (e.g., BCM Institute OR framework) and consider internal policies, regulations, and industry best practices.

  • [1-3] Assemble Assessment Team
    • Select appropriate individuals based on expertise and roles (e.g., risk, operations, IT).
    • Include independent assessors if needed.

  • [1-4] Gather Data & Evidence
    • Collect documentation, reports, test results, and other relevant data to support your evaluation.

Perform Assessment

  • [2-1] Review Documentation
    • Evaluate policies, procedures, plans, and training materials against established criteria.
    • Identify gaps and inconsistencies.

  • [2-2] Conduct Interviews & Surveys
    • Gather insights from staff at various levels to understand program awareness, training effectiveness, and operational experience.

  • [2-3] Analyse & Discuss Findings.
    • Discuss data and observations within the assessment team, identifying strengths, weaknesses, and areas for improvement.

  • [2-4] Rate Performance
    • Assess each criterion using a defined scoring system (e.g., maturity levels) and establish an overall program performance rating.

Conduct Reporting & Action Planning

  • [3-1] Develop a Self-Assessment Report
    • Document findings, including strengths, weaknesses, risks, and opportunities for improvement.
    • Recommend clear and actionable steps for each issue.

  • [3-2] Present Report to Management
    • Communicate key findings, recommendations, and proposed actions to senior management, seeking their approval.

  • [3-3] Develop an Action Plan
    • Create a detailed plan with specific activities, timelines, and responsible parties to address identified issues.
    • Monitor progress and update the plan as needed.
Additional Explanatory Note 

  Definition Explanation Definition  
  Self-Assessment

is to capture and document the steps taken towards operational resilience.

is to provide a comprehensive and objective evaluation of the organisation's strategy and ability to respond to disruptions.

 New call-to-action  
  Self-Assessment Document is to demonstrate the organisation’s resilience journey and how they have achieved compliance with the regulations. New call-to-action  
  Important Business Service is a service provided by an organisation, or by another person on behalf of the organisation, to one or more clients which, if disrupted, could:
  • cause intolerable harm to any one or more of the organisation’s clients, or
  • pose a risk to the soundness, stability or resilience of the financial system or the orderly operation of the financial markets.
 New call-to-action  
  Critical Business Service is a business service that, if disrupted, is likely to significantly impact the FSI’s safety and soundness, its customers or other FSI that depend on the business service. OR Critical Business Services BCMPedia  
  Critical Operations is defined as a business output that, if interrupted during the operational period, will cause financial loss, damage, or interruption to the delivery of goods or services essential to the organization’s continued operation or success. OR Critical Operations  
         
"Sustain" Phase of the OR Roadmap
Introduce Culture Change Develop Communication Strategy Implement Training and Awareness Provide Self-assessment Conduct Independent Quality Review  
OR PM Sustain Introduce Cultural Change Management OR PM Develop Communication Strategy OR PM Implement Training and Awareness OR PM Sustain Provide Self-assessment New call-to-action  

More Information About Operational Resilience OR-5000 [BL-OR-5] or OR-300 [BL-OR-3] Course

To learn more about the course and schedule, click the buttons below for the OR-3 Blended Learning OR-300 Operational Resilience Implementer course and the OR-5 Blended Learning OR-5000 Operational Resilience Expert Implementer course.

BL-OR-3 Register Now BL-OR-3_Tell Me More BL-OR-3_View Schedule
BL-OR-5_Register Now BL-OR-5_Tell Me More [BL-OR] [3-4-5] View Schedule
[BL-OR] [3] FAQ OR-300

If you have any questions, click to contact us.Email to Sales Team [BCM Institute]

 FAQ BL-OR-5 OR-5000
[BL-OR] [3] What is BL-OR-3 Course?

New call-to-action

 [BL-OR] [3-4-5] What is BL-OR-5 Course?

Comments

 

More Posts

New Call-to-action
BCMIWhiteLogoSmall.png
All rights reserved. Copyright 2024