What is Operational Resilience?
The global economy has faced challenges recently, such as the COVID-19 pandemic, supply chain disruption, cyber incidents, technology failures, natural disasters, and regulatory upheavals. Though these are specific concerns now, think of them as just iterations of challenges that have occurred over time and will continue to do so.
Operational resilience is the ability of an organization to withstand and recover from operational disruptions that affect its critical operations. This includes internal and external events that can impact an organization's ability to deliver products or services to its customers.
Organizations must identify and prioritize their critical operations (critical or important business services) and ensure they have the necessary resources and plans to respond to disruptions to achieve operational resilience.
This includes developing business continuity plans that outline how operations will continue during a disruption, and disaster recovery plans that detail how technology and infrastructure will be restored in the event of an outage. In addition, a series of other plans support the operational resilience effort.
Operational resilience also requires ongoing monitoring and (scenario) testing to ensure effective and up-to-date plans. Organizations must regularly review risk assessments and update plans to reflect changing threats (operational disruptions) and operational environments. This includes conducting regular drills and exercises to test plans' effectiveness and identify improvement areas.
Why the Focus on Financial Institutions?
Operational resilience applies to all industries, but the financial services industry (FSI) regulators have taken the first initiatives to drive its industry. Firstly, it is vital to ensure the viability of its economic institutions and the stability of the broader financial system. These have led to regulatory authorities publishing their operational resilience policy and would like the financial industry to start implementing these initiatives.
This underscores the significance of operational resilience as a supervisory focus and has motivated many regulators worldwide, including standard-setting bodies, to issue guidance aimed at improving the operational resilience of financial institutions.
These are some of the definitions of Operational Resilience that the regulators publish:
- Basel Committee on Banking Supervision (BCBS)
- Principles for Operational Resilience
- "is the ability of a bank to deliver critical operations through disruption. This ability enables a bank to identify and protect itself from threats and potential failures, respond and adapt to, as well as recover and learn from disruptive events in order to minimise their impact on the delivery of critical operations through disruption."
- https://www.bis.org/bcbs/publ/d516.htm
- Financial Conduct Authority (FCA)
- PS21/3 Building operational resilience
- "is the ability of firms, financial market infrastructures and the financial sector as a whole to prevent, adapt and respond to, recover and learn from operational disruption."
- https://www.fca.org.uk/firms/operational-resilience
- Prudential Regulation Authority (PRA)
- Operational Resilience Statement of Policy
- is the organisation being "able to prevent disruption occurring to the extent practicable; adapt systems and processes to continue to provide services and functions in the event of an incident; return to normal running promptly when disruption is over; learn and evolve from both incidents and near misses."
- https://www.bankofengland.co.uk/prudential-regulation/publication/2021/march/operational-resilience-sop
- Australian Prudential Regulation Authority
- "is an organisation's ability to withstand and recover from shocks”
- https://www.apra.gov.au/covid-19-a-real-world-test-of-operational-resilience
Finally, in BCM Institute's BCMPedia, Operational Resilience "is the capability to absorb a shock to operations to incremental change to the disruptive events and then rebound to a level of operations acceptable to management, employees and stakeholders."
Several other regulatory requirements for Operational Resilience are issued globally; click the icon to find out more.
Please note that the respective regulatory bodies are updating the content. If it does not work, go to the URL's main page and search for "Operational Resilience."
More Information About Operational Resilience OR-5000 [BL-OR-5] or OR-300 [BL-OR-3] Course
To learn more about the course and schedule, click the buttons below for the OR-3 Blended Learning OR-300 Operational Resilience Implementer course and the OR-5 Blended Learning OR-5000 Operational Resilience Expert Implementer course.
![[BL-OR] [3-4-5] View Schedule](https://blog.bcm-institute.org/hs-fs/hubfs/hub_generated/resized/e4287b59-1a43-4e10-8e43-c73b27b3ca39.png?width=172&height=50&name=e4287b59-1a43-4e10-8e43-c73b27b3ca39.png)
![[BL-OR] [3] FAQ OR-300](https://blog.bcm-institute.org/hs-fs/hubfs/hub_generated/resized/294e989f-8613-4bf3-96a5-a89408cfb9ca.png?width=150&height=150&name=294e989f-8613-4bf3-96a5-a89408cfb9ca.png)
![Email to Sales Team [BCM Institute]](https://blog.bcm-institute.org/hs-fs/hubfs/hub_generated/resized/850988ce-aa7d-4953-95cf-797635341edd.png?width=100&height=100&name=850988ce-aa7d-4953-95cf-797635341edd.png)
