Difference between revisions of "Organisational Resilience"
(→IMPROVER project) |
(→ISO 22316:2017) |
||
(7 intermediate revisions by the same user not shown) | |||
Line 2: | Line 2: | ||
==== IMPROVER project ==== | ==== IMPROVER project ==== | ||
− | {{quote-improver|The ability of an [[organisation|organization]] who operates or owns a critical infrastructure exposed to hazards, to resist, absorb, accommodate to and recover from the effects of a hazard in a timely and efficient manner, for the preservation and restoration of essential societal services. (Adapted by UNISDR<ref name="UNISDR">[http://www.unisdr.org/we/inform/terminology 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.]</ref>)}}Note: This definition refers to CI-related organisations. The IMPROVER recognises also two other dimensions which are relevant for [[CI]], namely [[Technological Resilience]] and [[Societal Resilience]]. | + | {{quote-improver|The ability of an [[organisation|organization]] who operates or owns a critical infrastructure exposed to hazards, to resist, absorb, accommodate to and recover from the effects of a hazard in a timely and efficient manner, for the preservation and restoration of essential societal services. (Adapted by UNISDR <ref name="UNISDR">[http://www.unisdr.org/we/inform/terminology 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.]</ref>)}}Note: This definition refers to CI-related organisations. The IMPROVER recognises also two other dimensions which are relevant for [[CI]], namely [[Technological Resilience]] and [[Societal Resilience]]. |
===Standard Definition=== | ===Standard Definition=== | ||
==== [[ISO|ISO Guide 73:2009]] ==== | ==== [[ISO|ISO Guide 73:2009]] ==== | ||
− | {{definition| Adaptive Capacity of an organization in a complex and changing environment. <ref>ISO Guide 73:2009 Risk management — Vocabulary </ref>}}<br /> | + | {{definition| Adaptive Capacity of an [[organisation|organization]] in a complex and changing environment. <ref>ISO Guide 73:2009 Risk management — Vocabulary </ref>}}<br /> |
==== [[ISO|ISO 28002:2011]] ==== | ==== [[ISO|ISO 28002:2011]] ==== | ||
Line 12: | Line 12: | ||
{{definition|Resilience is the ability of an organisation to prevent or resist being affected by an event or the ability to return to an acceptable level of performance in an acceptable period time being affected by an event. <ref>ISO 28001:2001 Security management systems for the supply chain -- Development of Resilience in the supply chain -- Requirements with guidance for use. </ref>}}<br /> | {{definition|Resilience is the ability of an organisation to prevent or resist being affected by an event or the ability to return to an acceptable level of performance in an acceptable period time being affected by an event. <ref>ISO 28001:2001 Security management systems for the supply chain -- Development of Resilience in the supply chain -- Requirements with guidance for use. </ref>}}<br /> | ||
− | ==== [[ISO|ISO | + | ==== [[ISO|ISO 22316:2017]] ==== |
The definition included is from a draft version of the standard which is still under development. | The definition included is from a draft version of the standard which is still under development. | ||
− | {{definition|Organizational resilience is the ability of an organization to respond and adapt to change. Resilience enables organizations to anticipate and respond to threats and opportunities, arising from sudden or gradual changes in their internal and external context. Enhancing resilience should be a strategic organizational goal. <ref> | + | {{definition|Organizational resilience is the ability of an [[organisation|organization]] to respond and adapt to change. Resilience enables organizations to anticipate and respond to threats and opportunities, arising from sudden or gradual changes in their internal and external context. Enhancing resilience should be a strategic organizational goal. <ref>ISO 22316:2017 Security and resilience -- Organizational resilience -- Principles and attributes</ref>}} |
Note: | Note: | ||
Organizational resilience is a relative and dynamic concept rather than a specific activity or fixed state. The factors that enhance an organization’s resilience are unique to each organization. Organizations can only be more or less resilient and there is no absolute measure or definitive goal. | Organizational resilience is a relative and dynamic concept rather than a specific activity or fixed state. The factors that enhance an organization’s resilience are unique to each organization. Organizations can only be more or less resilient and there is no absolute measure or definitive goal. | ||
Line 21: | Line 21: | ||
* an ability to identify and address vulnerabilities before they have a material impact; | * an ability to identify and address vulnerabilities before they have a material impact; | ||
* a more coordinated approach to integrate existing management disciplines that support organizational resilience; and | * a more coordinated approach to integrate existing management disciplines that support organizational resilience; and | ||
− | * a greater understanding of interested parties and dependencies that support strategic goals and objectives. | + | * a greater understanding of interested parties and dependencies that support strategic goals and objectives.<br/><br/> |
− | |||
==== [[BSI|BS 65000:2014]] ==== | ==== [[BSI|BS 65000:2014]] ==== | ||
Line 56: | Line 55: | ||
[[Category:Resilience]][[Category:IMPROVER-Glossary]] | [[Category:Resilience]][[Category:IMPROVER-Glossary]] | ||
{{#set:defined by=ISO|defined by=BSI}} | {{#set:defined by=ISO|defined by=BSI}} | ||
+ | {{#set: Showmainpage=Yes}} |
Latest revision as of 10:20, 24 January 2020
Contents
European Definitions
IMPROVER project
The IMPROVER project [1] gives the following definition:
Note: This definition refers to CI-related organisations. The IMPROVER recognises also two other dimensions which are relevant for CI, namely Technological Resilience and Societal Resilience.
Standard Definition
ISO Guide 73:2009
ISO 28002:2011
The definition included is the same as the one in ISO Guide 73. However, the standard notes:
ISO 22316:2017
The definition included is from a draft version of the standard which is still under development.
Note: Organizational resilience is a relative and dynamic concept rather than a specific activity or fixed state. The factors that enhance an organization’s resilience are unique to each organization. Organizations can only be more or less resilient and there is no absolute measure or definitive goal. Top management commitment to enhance organizational resilience will contribute to:
- an improved capacity to anticipate and respond to threats and opportunities;
- an ability to identify and address vulnerabilities before they have a material impact;
- a more coordinated approach to integrate existing management disciplines that support organizational resilience; and
- a greater understanding of interested parties and dependencies that support strategic goals and objectives.
BS 65000:2014
Other definitions
Academic
See also
- CBRN Resilience
- Community Resilience
- Cyber Resilience
- Economic Resilience
- Resilience
- Societal Resilience
- System Resilience
- Technological Resilience
Notes
- ↑ http://improverproject.eu/
- ↑ 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.
- ↑ ISO Guide 73:2009 Risk management — Vocabulary
- ↑ ISO 28001:2001 Security management systems for the supply chain -- Development of Resilience in the supply chain -- Requirements with guidance for use.
- ↑ ISO 22316:2017 Security and resilience -- Organizational resilience -- Principles and attributes
- ↑ BS 65000:2014 Guidance on organizational resilience
- ↑ Vogus, T. J., & Sutcliffe, K. M. (2007). Organizational resilience: Towards a theory and research agenda. Conference Proceedings - IEEE International Conference on Systems, Man and Cybernetics, 3418–3422.
- ↑ Paton, D.,& Hill, R. (2006). Managing Company Risk and Resilience Through Business Continuity Management. In D. Paton and D. Johnston (eds.). “Disaster Resilience: An Integrated Approach. Charles C. Thomas, Springfield, IL.
- ↑ Jung, K., & Song, M. (2015). Linking emergency management networks to disaster resilience: bonding and bridging strategy in hierarchical or horizontal collaboration networks. Quality & Quantity, 49(4), 1465–1483.
- ↑ Bruneau, M., Chang, S. E., Eguchi, R. T., Lee, G. C., O’Rourke, T. D., Reinhorn, A. M., … Von Winterfeldt, D. (2003). A Framework to Quantitatively Assess and Enhance the Seismic Resilience of Communities. Earthquake Spectra, 19(4), 733–752.
- ↑ McManus, S. (2008). Organisational Resilience in New Zealand. University of Catenbury. Retrieved from http://ir.canterbury.ac.nz/bitstream/10092/1574/1/thesis_fulltext.pdf
- ↑ Mallak, L. (1998). Putting Organisational Resilience to Work. Industrial Management, 40(6), 8–13.
- ↑ Losada, C., Scaparra, M. P., & O’Hanley, J. R. (2012). Optimizing system resilience: A facility protection model with recovery time. European Journal of Operational Research, 217(3), 519–530.