Control Risks has published the results of its latest ‘The State of Enterprise Resilience’ survey, which assesses the degree to which the concept of resilience has gained traction and become embedded within organizations.
Over one third of respondents felt that their organizations lacked the relevant skills or talent to drive corporate resilience; this is an increase of 17 percent on 2015. This is in spite of the fact that 27 percent of respondents have actively recruited dedicated resources to support the resilience agenda and 46 percent have invested in training, awareness, and communications.
Other key findings include:
ISO 22316 provides guidance on resilience programmes
62 percent of respondents were either aware of or have read the draft of ISO 22316 – the guide to organizational resilience. 92 percent of respondents agree with the core principles which focus largely on shared purpose and collaboration across functions. However, 18 percent of respondents indicated that they would not be striving to adopt the core principles, preferring instead to stick to existing processes.
The importance of effective leadership
53 percent of all respondents indicated that the effectiveness of leadership was the highest-priority objective supporting the resilience agenda. This aligns to the guidance in ISO 22316 which states effective management and governance supports organizational resilience. Anticipation of and managing change rated as the next highest priority for organizations. To build sufficient adaptability, resilience should be driven from the executive and management and should be embedded across the organization.
Companies are more worried about long-term reputational damage than short-term financial loss
Over 70 percent of respondents see reputational damage as the most significant concern to their business in the event of a disruption: considerably more than reduced revenue (38 percent), the loss of new business opportunities (25 percent), or reduced shareholder value (26 percent).
Increasing concern over cyber threats
Respondents rated cyber security as the most potentially disruptive external threat to their organization, with 47 percent stating this was their primary concern.
92 percent of respondents agree that cross-functional working and sharing of information is a key principle of resilience. However, 48 percent of respondents remain reliant on centralised governance and oversight instead of multi-disciplinary risk meetings that would perhaps encourage greater cross-functional collaboration and information sharing.