At a round table discussion last week involving senior professionals from the fields of crisis management, emergency planning, business continuity, security and counter-terrorism, a respected academic posed the question: ‘Do you see a time when we would be considered as resilience practitioners, or was resilience as a concept just another management fad?’
Rather predictably, this question realised some animated discussion on what resilience is all about. Why is this term becoming more prevalent, and what exactly is its commercial relevance?
Somewhat bluntly, resilience was described by one delegate as a concept in search of a meaning and a bandwagon for academics and consultants. This invited the question: ‘What is resilience?’
What is resilience?
A simple dictionary definition of the verb resile offers: ‘to recoil: to rebound: to recover form and position elastically…”
However, as a relatively new idea for businesses, there are few definitions available in the classic organisational text books (although dozens of interpretations of resilience are offered by companies from KPMG to Deloitte and QinetiQ to IBM).
Another description revolves around the convoluted non-word: ‘Bouncebackability’, defined as the ability of an organisation to return to its original purpose as quickly as possible following a major adverse event.
These definitions generally characterise resilience as a reactive measure. In doing so, they might ignore what can prove to be the most cost-effective aspect of protecting an organisation from harm or loss: the design and implementation of measures to help reduce or minimise the impact of an adverse event, not merely to try and recover after the fact. This was an area of general agreement at the discussion.
The Cabinet Office’s view of events
The Cabinet Office has a whole website portal dedicated to the subject, and on which the Government’s aim has recently been declared as being: ‘To reduce the risk from emergencies so that people can go about their business freely and with confidence’ (something underpinned by the Civil Contingences Secretariat, the National Risk Register – which itself adopts an ‘all hazards’ approach – and supporting legislation. This view of resilience also acknowledges that it’s not simply an activity concerned with post-event recovery.
Debate continued on why resilience as a concept has grown to prominence. Catastrophic events such as foot and mouth, 9/11, 7/7, tsunamis, Hurricane Katrina and the UK’s flood episodes have alerted people to the potential impact of such occurrences and received widespread coverage.
Less evident in the public debate is what some saw as the increasing vulnerability of commercial organisations to business disruption. In a competitive environment where organisations seek to drive down costs and promote efficiencies, operations are often streamlined and redundancy reduced.
In addition, key functions from IT through to facilities management are outsourced, smaller inventories are held and, in the current economic climate, hedging of financial and supply chain risks has become more problematic.
These factors were viewed as combining to make organisations inherently more fragile, and therefore threats such as those listed by UK Resilience have perhaps greater potential to seriously disrupt the normal operations of organisations than may have been the case in days gone by.
Addressing the multiple hazards faced by the business community
There was general agreement, however, that within many sectors comprehensive measures are in place to address the multiple hazards faced by business, both pre- and post-event. These were seen as falling under the traditional domains of IT, facilities management, security, the supply chain and procurement and finance.
There was less consensus, though, on the degree to which organisations join these dots in a co-ordinated way, or even recognise the concept of organisational resilience outside spanning multiple domains.
The final areas of discussion centred on the role of people in bringing about and sustaining a resilient organisation and how our people might react and respond in a post-incident environment. There was general agreement that this is an oft-ignored area, and that Human Resources (HR) departments have a role to play in bringing about organisational resilience.
A helpful definition of personal resilience from an HR text was tabled as: ‘An inner resolve to overcome setbacks and disappointments, persisting and persevering in the face of opposition; refusing to allow adversity to undermine commitment; a flexibility of approach that is prepared to adapt to changing circumstances to keep focused on key goals in the face of opposition’ – a series of desirable characteristics in any individual, then!
Validity of resilience as a concept
There was general acceptance of the validity of resilience as a concept and, as one might expect given the nature of the audience, broad agreement on the desirability of organisational resilience.
And as a matter of business logic the answer to the question: ‘Do you want to be a resilient business?’ would be a resounding: ‘Yes’ by any right thinking executive (how much they would want to pay for business resilience, though, is another question altogether).
Having dealt with what are the relatively easy questions, we moved onto the subject of organising for resilience.
The merits of employing a chief resilience officer within larger organisations, with a genuine remit that spans the entire operational and disaster risk management framework, were discussed. Sadly, time was our enemy and this question was left hanging, but is no doubt one we shall return to before long.
Mark Whyte is director of security consulting and explosion effects at TPS
