ASG's Security Solutions Blog

A Business Case for Organizational Resilience

  

 Email Article  

Tweet  

  

  

  

This is the second article in a series entitled: Data Management and Organizational Resilience. ASG is offering a series of blogs as well as a white paper that aggregates these blogs into one download, with the intent to make the case for data management and its correlation to the Organizational Resilience Management function.

Back in the 1950’s W. Edwards Deming provided us a number of principles of management which hold true today.  These principles are at the core of Organizational Resilience Management and serve as the foundation for the Chief Security Officer function:

• Continuous improvement requires that good data be collected.  Without accurate data, how can anyone tell if things are getting better or worse?

• Create constancy of purpose towards improvement of product and service, with the aim to become competitive, stay in business, and to provide jobs.

• Adopt the new philosophy.  We are in a new economic age.  Western management must awaken to the challenge, must learn their responsibilities, and take on leadership for change.

• Break down barriers between departments.  People in research, design, sales, and production must work as a team, to foresee problems of production and in use that may be encountered with the product or service.
  

• Put everybody in the company to work to accomplish the transformation.  The transformation is everybody's job.

• Use of visible figures only for management, with little or no consideration of figures that are unknown or unknowable.

• Excessive costs of liability  (Management, 1998).

• These principles hold true in 2011.  The first of these is most important to this paper: “Continuous improvement requires that good data be collected.  Without accurate data, how can anyone tell if things are getting better or worse?”

We have been involved in several case studies which attribute preparedness and resilience to the successful survival of an enterprise.  All organizations and especially large enterprise organizations are subject to the same manmade (crime and terrorism), natural (earthquake and flood), or technical (chemical release) disasters.  All you have to do is watch the evening news to understand many organizations have suffered great losses as a result of terrorism, military, natural disaster or technological disaster.  The rebel actions in Libya and the recent BP Disaster come to mind as events that had wide reaching impacts on the global economy and supply chain.     

Worldwide organizations who do not prepare for these types of catastrophic events will suffer significant loss of life, property, and resources, or may cease to exist altogether.

Organizational Resilience Management (ORM) allows an organization to anticipate events which may impact its operations.  Specifically the process emphasizes resilience, which is the adaptive capacity of an organization in a complex and changing environment including the protection of its critical assets.

Applying an organizational resilience standard allows the organization to more readily prepare for, respond to, and mitigate all manner of disruptive events, which if unmanaged could escalate into an emergency, crisis, or disaster.

To learn more about the details and steps required to enable an organization, download the full whitepaper today and help to define the process and create your organization’s roadmap for process improvement in a difficult world.
Next in the series is The Path Ahead: In order to implement ORM the enterprise will have to define and institute these key steps.