Posts

What is Organisational Resilience?

A holistic view of risk management in the context of ‘better practice’ is now viewed as ‘organisational resilience’ and is built around a framework that incorporates financial, operational and strategic risk.

A fully integrated risk model is achieved by intelligently fusing the disciplines of risks management, crisis management, emergency management, security, business continuity and other key areas.

The Janellis resilience model incorporates four key focus areas of Risk, Readiness, Response and Assurance. The model forms the basis by which Janellis reviews and builds an organisations resilience capability. An effective resilience framework ensures organisations can rapidly adapt and respond to internal or external change, risks, opportunities, demands, disruptions or threats; and continue operations with limited impact to the business.

An organisation with a mature resilience capability is able to demonstrate the following:

  • Integration of strategic, operational and financial risks
  • Response capability built against known catastrophic risks through training and exercising
  • High levels of confidence to respond to emerging threats
  • Embedded critical thinking across the organisation
  • Alignment of resilience capability with key inter-dependencies
  • Regular assurance to the board and other key stakeholders

About the Janellis Enterprise Resilience Framework

Developed in collaboration with leading Australian organisations operating in high risk industries both nationally and internationally, this framework is based on the International Benchmarking on Organisational Resilience.

The framework is aligned with International and Australian standards including: ISO 31000, the Australasian Inter-service Incident Management System (AIIMS), the Prevention, Preparedness, Response and Recovery (PPPR) principles, AS/NZS 5050 and the Australian Federal Governments Critical Infrastructure Resilience Strategy for owners and operators of critical infrastructure.

Key elements of the framework have been embedded in leading organisations and government agencies.

The framework has four areas of focus which include RISK; READINESS; RESPONSE and ASSURANCE.

RISK

– ISO 31000 is the cornerstone of the framework and requires an integrated and consistent approach to managing strategic operational and financial risks across the enterprise. In addition to traditional enterprise-wide risk management, it entails a greater focus on: the identification, management and reporting of ‘catastrophic risks’; understanding the dependencies and vulnerabilities related to critical suppliers and other third parties; the identification and management of emerging threats and using scenario based modelling to build situational awareness and adaptability.

“The capability to respond to extreme events is an essential part of building and maintaining organisational resilience”.

READINESS

– The readiness components of the framework includes a more strategic approach to pre-planning for disruptions and ‘shocks’ through: the development and alignment of plans; training and awareness; implementing appropriate technology and having alternate site arrangements. Advanced readiness capabilities include: the alignment of plans with critical suppliers or external agencies; ensuring that all communications mechanisms are in place to receive and distribute information; the development and use of tools including a decision making framework and response handbook as an aide memoire.

RESPONSE

– The response components of the framework encompass the capability to respond to specific known strategic, operational or financial ‘catastrophic’ risks or emerging threats that the organisation is managing. The response aspects involve a robust exercising and testing process that builds and maintains capability. An effective exercise development process will highlight vulnerabilities and identify strengths within the organisation. The response elements of the framework build crisis management leadership as well as critical thinking capabilities.

“An organisation may have exhaustive risk management processes, detailed plans and experienced individuals but; if a team comes together in a crisis and they are unable to demonstrate critical thinking capabilities, they may not be effective. Critical thinking skills developed at all levels within an organisation – and evident during BAU – is one of the leading indicators of organisational resilience.”

ASSURANCE

– Higher levels of assurance are being sought to ensure that organisations can effectively respond to a wide range of potential threats. Traditional governance frameworks are being improved with targeted ‘readiness’ reporting, robust post-incident reviews, benchmarking and audits. Benchmarking is used to highlight areas of capability as well as areas of vulnerability and this can be done nationally and internationally.

The internal and external audit process is a recognised and effective way to provide assurance and there is a growing requirement in the areas of risk, organisational resilience, emergency and crisis management. Whilst it may not be possible to predict or mitigate the full range of unknown risks, assurance can be provided to key stakeholders if the organisation can demonstrate: an acceptable level of pre-planning; a robust exercising program and an effective and auditable decision making process.

Download the Harvard Business Review submission containing case study examples including: NSW State Emergency Service; Qantas; Lend Lease Group, Transfield Services and Westpac Banking Corporation. Or the technical version here.


 

Creating a Business Resilience Vision for Qantas

Janellis were engaged by Qantas to begin a Resilience Improvement Program in 2007. Qantas were one of the first companies to fully embrace the concept of Organisational Resilience and to make major investments into improving their resilience capability.

Qantas selected Janellis on the basis of our Enterprise Resilience Model that incorporated four key areas of Risk, Readiness, Response and Assurance. The program objectives included aligning and embedding key tools across the business.

Qantas now has a resilience capability that has been robustly tested and applied as part of their ongoing business operations.
Qantas have won the Australian ‘Risk Enterprise of the Year Award’ recognising the enterprise that has most successfully integrated risk management to business partner status within their organisation, making it an integral part of organisation-wide strategy and process. Significant disruptions to their business have resulted in Qantas as now being regarded as having a world class capability in crisis management.

The Janellis tools that Qantas have been using for the past ten years are also embedded in a number of other complex organisations in other industries.

Chief Risk Officer, Qantas:

“I would like to thank Janellis who started this journey with us. We may not have been the easiest Client to have worked with but you stuck with us and we appreciate that. We are grateful for the opportunities to continue to build our resilience by working with our critical suppliers and other leading Australian companies”

For more information, please contact Harrison Orr at Harrison.orr@janellis.com.au