Organisational Resilience

From CIPedia
Jump to navigation Jump to search

European Definitions

IMPROVER project

The IMPROVER project [1] gives the following definition:

The ability of an organization who operates or owns a critical infrastructure exposed to hazards, to resist, absorb, accommodate to and recover from the effects of a hazard in a timely and efficient manner, for the preservation and restoration of essential societal services. (Adapted by UNISDR [2])

Note: This definition refers to CI-related organisations. The IMPROVER recognises also two other dimensions which are relevant for CI, namely Technological Resilience and Societal Resilience.

Standard Definition

ISO Guide 73:2009

Adaptive Capacity of an organization in a complex and changing environment. [3]

ISO 28002:2011

The definition included is the same as the one in ISO Guide 73. However, the standard notes:

Resilience is the ability of an organisation to prevent or resist being affected by an event or the ability to return to an acceptable level of performance in an acceptable period time being affected by an event. [4]

ISO 22316:2017

The definition included is from a draft version of the standard which is still under development.

Organizational resilience is the ability of an organization to respond and adapt to change. Resilience enables organizations to anticipate and respond to threats and opportunities, arising from sudden or gradual changes in their internal and external context. Enhancing resilience should be a strategic organizational goal. [5]

Note: Organizational resilience is a relative and dynamic concept rather than a specific activity or fixed state. The factors that enhance an organization’s resilience are unique to each organization. Organizations can only be more or less resilient and there is no absolute measure or definitive goal. Top management commitment to enhance organizational resilience will contribute to:

  • an improved capacity to anticipate and respond to threats and opportunities;
  • an ability to identify and address vulnerabilities before they have a material impact;
  • a more coordinated approach to integrate existing management disciplines that support organizational resilience; and
  • a greater understanding of interested parties and dependencies that support strategic goals and objectives.

BS 65000:2014

Organizational resilience is the ability of an organization to anticipate, prepare for, and respond and adapt to incremental change and sudden disruptions in order to survive and prosper. [6]

Other definitions


Resilience refers to maintenance of positive adjustments under some challenging conditions such that the organisation emerges from these conditions strengthened and more resourceful. [7]

Resilience is the capacity of people and systems that facilitate organisational performance to maintain functional relationships in the presence of some significant disturbance as a result of capability to draw upon their resources and competences to manage the demands, challenges and change encountered. [8]

Resilience is the capability of an organisation that is responsible for operating critical emergency functions to take action and induce decision making. [9]

Resilience is the capacity of organisations that manage critical facilities and have the responsibility for carrying out critical disaster-related functions to make decisions and take actions that contribute to achieving the properties of resilience, that is, that help to achieve greater robustness, redundancy, resourcefulness, and rapidity. [10]

Resilience is a function of an organisation's overall situation awareness, keystone vulnerability and adaptive capacity in a complex, dynamic and interconnected environment. [11]

Resilient organisation is the one which is able to design and implement effective actions to advance organisational development and ensure survival. [12]

Organisational resilience is concerned with the development of suitable business development plans (short-term plans) to resume disrupted critical operations of an organisation to their minimum asseptable operating levels as quickly and efficiently as possible and disaster recovery plans (long-term plans) to restore all disrupter operations to their normal operating levels following any disruptive event. [13]

See also


  2. 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.
  3. ISO Guide 73:2009 Risk management — Vocabulary
  4. ISO 28001:2001 Security management systems for the supply chain -- Development of Resilience in the supply chain -- Requirements with guidance for use.
  5. ISO 22316:2017 Security and resilience -- Organizational resilience -- Principles and attributes
  6. BS 65000:2014 Guidance on organizational resilience
  7. Vogus, T. J., & Sutcliffe, K. M. (2007). Organizational resilience: Towards a theory and research agenda. Conference Proceedings - IEEE International Conference on Systems, Man and Cybernetics, 3418–3422.
  8. Paton, D.,& Hill, R. (2006). Managing Company Risk and Resilience Through Business Continuity Management. In D. Paton and D. Johnston (eds.). “Disaster Resilience: An Integrated Approach. Charles C. Thomas, Springfield, IL.
  9. Jung, K., & Song, M. (2015). Linking emergency management networks to disaster resilience: bonding and bridging strategy in hierarchical or horizontal collaboration networks. Quality & Quantity, 49(4), 1465–1483.
  10. Bruneau, M., Chang, S. E., Eguchi, R. T., Lee, G. C., O’Rourke, T. D., Reinhorn, A. M., … Von Winterfeldt, D. (2003). A Framework to Quantitatively Assess and Enhance the Seismic Resilience of Communities. Earthquake Spectra, 19(4), 733–752.
  11. McManus, S. (2008). Organisational Resilience in New Zealand. University of Catenbury. Retrieved from
  12. Mallak, L. (1998). Putting Organisational Resilience to Work. Industrial Management, 40(6), 8–13.
  13. Losada, C., Scaparra, M. P., & O’Hanley, J. R. (2012). Optimizing system resilience: A facility protection model with recovery time. European Journal of Operational Research, 217(3), 519–530.