|
Image may be NSFW. Clik here to view. 
|
I recently had the pleasure of presenting with a panel of RSA Archer customers on the topic of “Building Resiliency Across the Value Chain” for a Disaster Recovery Journal webinar.
Two key questions were posed to the 80 attendees. The first question was: “Where is your organization on the business resilience scale?” The responses were:
The second question was: “How closely do your business continuity/IT disaster recover/crisis management teams work with or integrate with operational risk teams?” The responses were:
90% of respondents indicated they are addressing resiliency at some level, and 92% have BC/DR/CM teams integrated with operational risk management (ORM) teams. The alignment of responses to these two questions is no coincidence. There is a direct correlation between business resiliency and effective risk management that more and more organizations are benefitting from as they continue to mature their operational risk management and business continuity or resiliency programs.
What does GRC maturity look like? The RSA Archer maturity model defines three stages for GRC maturity:
Image may be NSFW. Diagram 1 – RSA Archer Maturity Model
As organizations mature their operational risk management programs, their business resiliency capabilities grow as well, often due to three factors:
These three factors initiate proactivity, consistency, and alignment in both the risk management and resiliency practices and culture of the organization.
Risk management is, by its very nature, a proactive practice, as is business resiliency. The two go hand in hand.
For comments, contact me at Patrick.potter@rsa.com or @pnpotter1017. |
Clik here to view.
