Lack of corporate resilience still concern, Control Risks 2016 survey

Lack of corporate resilience still concern, Control Risks 2016 survey

Over one third of respondents of Control Risks’ Business Resilience Survey 2016-2017 felt that their organisations lacked the relevant skills or talent to drive corporate resilience.

Control Risks, the global business risk consultancy, published its survey, The State of Enterprise Resilience, assessing the degree to which the concept of resilience has gained traction and become embedded within organisations.

Over one third of respondents of Control Risks’ Business Resilience Survey 2016-2017 felt that their organisations lacked the relevant skills or talent to drive corporate resilience. This is an increase of 17% on 2015. This is in spite of the fact that 27% of respondents have actively recruited dedicated resources to support the resilience agenda, and 46% have invested in training, awareness, and communications.

Further key findings include:

#1 ISO 22316 provides guidance on resilience programmes

62% of respondents were either aware of or have read the draft of ISO 22316 – the guide to organisational resilience. 92% of respondents agree with the core principles which focus largely on shared purpose and collaboration across functions. However, 18% of respondents indicated that they would not be striving to adopt the core principles, preferring instead to stick to existing processes.

#2 The importance of effective leadership

53% of all respondents indicated that the effectiveness of leadership was the highest-priority objective supporting the resilience agenda. This aligns to the guidance in ISO 22316 which states effective management and governance supports organisational resilience. Anticipation of and managing change rated as the next highest priority for organisations. To build sufficient adaptability, resilience should be driven from the executive and management and should be embedded across the organisation.

#3 Companies worried about long-term reputational damage than short-term financial loss

Over 70% of respondents see reputational damage as the most significant concern to their business in the event of a disruption – considerably more than reduced revenue 38%, the loss of new business opportunities 25%, or reduced shareholder value 26%.

#4 Increasing concern over cyber threats

Respondents rated cyber security as the most potentially disruptive external threat to their organisation, with 47% stating this was their primary concern.

#5 Successful implementation of resilience programme takes time

92% of respondents agree that cross-functional working and sharing of information is a key principle of resilience. However, 48% of respondents remain reliant on centralised governance and oversight instead of multi-disciplinary risk meetings that would perhaps encourage greater cross-functional collaboration and information sharing.

Mark Whyte, Senior Partner at Control Risks and author of the survey, comments: “The increased threat from disruptive events has encouraged companies from all sectors to consider specific threats to their operations and identify areas of vulnerability. It is clear that many organisations are focussed on the need to become more resilient, but the implementation of the strategies and tactics that support this is currently taking too long.”

“To build a resilient organisation the emphasis should not purely be on strategy, or the culture of the organisation, or the way it handles risk management. A resilient organisation is one where these three components integrate to achieve the desired effect.”

Andy Cox, Director at Control Risks and the report’s co-author, adds: “The successful implementation of a resilience programme takes time. The development of resilience frameworks that span the enterprise, capturing and integrating existing risk management activities requires resource and patience. Having set-up many of these programmes for our clients, we have learned that the best way to approach this huge task is to consider it as a series of prioritised projects that incrementally increase the resilience of the organisation over time.”

Browse our latest issue

Intelligent CIO Africa

View Magazine Archive