Business Continuity Institute issues Position Statement on Organisational Resilience

In recent years, there has been a significant amount of attention given to the concept of organisational resilience across the business continuity industry. Much of the debate has focused on the principles and practice of organisational resilience, and how this relates to the established business continuity management discipline. The aim of the Business Continuity Institute’s (BCI) Position Statement, which has been produced and ratified by the Board of the BCI, is to add clarity regarding the position of business continuity in the context of organisational resilience. It also provides the BCI’s perspective on how the development of resilience concepts may impact on the practice of business continuity.

Tim Janes Hon FBCI, a BCI Board member, stated: “The BCI believes that this Position Statement will contribute towards our stated purpose of “promoting a more resilient world”. We also hope that it helps to move forward the future development of organisational resilience concepts beyond definitional debates and more towards a collaborative understanding between participants across many recognised management disciplines.”

Key points noted by the BCI on the subject of organisational resilience are as follows:

*Business continuity isn’t the same as organisational resilience

*The effective enhancement of organisational resilience will require a collaborative effort between many management disciplines

*No single management discipline or member association can credibly claim ‘ownership’ of organisational resilience, while organisational resilience itself cannot be described as a subset of another management discipline or standard

*Business continuity principles and practices are an essential contribution for an organisation seeking to develop and enhance effective resilience capabilities

*The wide range of activities required to develop and enhance organisational resilience capabilities provides an opportunity for business continuity practitioners to broaden their skills and knowledge, building on the foundation of their business continuity experience and credentials

*Working with related partners and industry groups where appropriate, the BCI will develop relevant knowledge resources and training to support members who wish to advance their organisational resilience knowledge and skills

Organisational resilience: the debate

In recent years, the concept of organisational resilience has attracted a significant amount of attention across the business continuity industry. Debate has focused on the principles and practice of organisational resilience, and how it relates to the established business continuity discipline.

On occasion, the term ‘organisational resilience’ has been taken to mean the same as ‘business continuity’.

The BCI’s paper doesn’t intend to add further to the debate in terms of the formal definition of organisational resilience. Rather, the aim is to clarify the position of business continuity in the context of organisational resilience and how it impacts on business continuity practitioners.

While there’s still much debate on the definition of organisational resilience, for the sake of simplicity the BCI’s paper adopts the definition outlined in the draft ISO 22316. Organisational resilience is the “adaptive capacity of an organisation in a complex and changing environment” (ISO/WD 22316: Societal Security – Guidelines for Organisational Resilience).

It’s clear from this statement that organisational resilience is characterised as a broad concept. It’s also widely accepted that organisational resilience draws on the experience and efforts of a large number of interrelated management disciplines. Business continuity is just one of the many management disciplines that contribute towards an organisation’s resilience capabilities.

The list of contributory disciplines is extensive. Just a few examples would include emergency management, crisis management, ICT service continuity, occupational Health and Safety, environment protection, physical security, supply chain management, information security management and various forms of risk management (for example, credit, market and enterprise).

Ownership of concepts and principles

For this reason, no one management discipline or member association can credibly claim ‘ownership’ of organisational resilience concepts and principles. Furthermore, organisational resilience cannot be properly described as a subset of another management discipline or standard.

Clearly, business continuity and organisational resilience are not the same thing. However, it’s apparent that business continuity provides principles and practices that are an essential contributor for any organisation seeking to develop and enhance its own resilience capabilities.

For example, business continuity practices explain how organisations might identify their priority activities and the risks of disruption to those same activities. Established business continuity standards help organisations to understand what’s required to ensure priority activities can continue in the face of disruption, and to rehearse the capability to respond to disruption through practical exercises.

Therefore, business continuity practitioners possess many – but not all – of the knowledge sets and skills necessary to help organisations develop and enhance their individual resilience capabilities.

Requirement for a collaborative effort

As noted previously, a wide range of business activities and management disciplines contribute towards enhanced organisational resilience. It’s unlikely that a single person in any organisation will possess the necessary knowledge and skills to implement and deliver all resilience objectives in a silo. Rather, the development and enhancement of organisational resilience capabilities will require a collaborative effort between participants across many management disciplines.

Undoubtedly, this presents an opportunity for the BCI’s members. Business continuity practitioners who wish to become resilience professionals can build on their proven competencies, broaden their knowledge base and develop new skills in areas that contribute further towards an organisation’s resilience activities.

It’s the BCI’s stated purpose to “promote a more resilient world”. The BCI recognises that this objective is supported when business continuity practitioners have access to a broad range of resilience-focused information and training.

The BCI will support its members who seek to develop their organisational resilience knowledge and skills by providing access to relevant resources. This may be either directly through the BCI, via training partners or by dint of working in collaboration with related industry associates and professional members groups alike.

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts