This informal CPD article ‘Resiliency Testing’, was provided by Daman Dev Sood, an International Resilience Trainer & Consultant.
Businesses today are facing an ever-increasing number of challenges, from technological disruptions to economic uncertainties. In order to survive and thrive in this dynamic environment, companies need to be resilient and reliable (people, processes, technology, systems etc.) that can withstand unexpected events and adapt to changing conditions.
The components of Resiliency can be listed as:
1. Incident Management
2. Emergency Management
3. Employee Health & Safety Management
4. Crisis Management
5. IT Disaster Recovery Management
6. Risk Management
7. Business Continuity Management
8. Crisis Communication Management
9. Physical Security Management
10. Information Security Management
11. Cybersecurity Management
These are the bricks, walls, and the roof of the Resiliency and together they make ‘House of Resiliency’.
Having plans and arrangements is good, but these cannot be treated as reliable until tested. The load on organisations has been increasing, and the expectations of the interested parties are very high. Testing becomes a challenge in these circumstances.
An organisation needs to ask the following four questions to itself:
- Is Resiliency a well-defined concept in our company?
- Is Resiliency Testing a new concept or a challenge in our organisation?
- Shall we look for maturity in our Resiliency Testing Program?
- Have the auditors or regulator commented upon required improvements in Resiliency Testing Program for our company?
The importance of Resiliency Testing gets established by the above.
In simplest terms, it can be defined as: The process of evaluating an organization’s resiliency capability.
Designing, Developing, and Delivering an Effective Resiliency Test is an art.
A 3D Approach to Resiliency Testing is recommended.
D: Design the test D:
Develop the test: Comprehensive plan, scenario, cases, expected results
D: Deliver: Execute as planned, record results, issue report, take actions to closure
Its an art that can be learnt and mastered, hence the need is for the organisations to invest in it.
Need, and Benefits of Resiliency Testing
The need of Resiliency Testing is self-generated or internal, but, there are regulatory requirements also. Programs like Operational Resilience (mandate in many industries and countries like Bank of England has done for the BFSI sector in the UK) are focussing a lot more on scenario planning and testing where it is said that one should cater to ‘rare but plausible’ scenarios.
By investing in developing the 'Resiliency Testing' competencies, companies can empower their employees to take a proactive approach to Resiliency and build stronger, more resilient systems (people-process-technology). This, in turn, can lead to improved operational efficiency, better customer service, and increased competitiveness in the market.
Investment in building Resiliency Testing competencies can yield multiple benefits including tangible and non-tangible benefits like:
- reduction in downtime
- faster recoveries
- increased employee satisfaction
- increased client satisfaction
- increased regulator satisfaction
- repeat business
- positive referrals
- reduced penalties
- reduced recovery costs
- enhanced product/ service rates
- improved NPS
- increase in identifying vulnerabilities
- improved incident management
- enhanced reputation
- enhanced competitive edge
- enhanced effectiveness of Resiliency Program
In general, investing in employee training and development can lead to improved resiliency and reliability of systems and processes, increased revenue, and a positive impact on the company's revenue.