Resiliency, or rather Business Resilience, seems to be the flavour of the month in the Business Continuity and Risk industries. Apparently, businesses are moving away from having separate silos for Security, Risk, Health & Safety, Business Continuity, etc., and are bringing all these related disciples under the heading of resiliency and are appointing a Head of Resilience.
This all sounds quite good, and is for once a piece of joined up thinking, except that the idea of Resiliency goes beyond these operational areas to the idea of ensuring that the business itself is resilient, which takes the discipline into the areas of leadership, reputation, innovation, product development, marketing, etc.. In other words, it seems to be about everything that the business does, and that a single manager should be appointed to ensure that the business should remain resilient in the changing environment in which it operates.
Now, tell me if I’m wrong, but I thought that this was actually the point of a Board of Directors. One of the prime responsibilities of a Director of a company according to UK law is to “try to make the company a success, using your skills, experience and judgement”. In other words it is the responsibility of every Director of a company to ensure that the company is resilient – it should not be delegated to a manager as Head of Resilience.
The Business Continuity and Risk industries should either start talking about Operational Resilience, or stop talking about Resiliency.