Organisational Resilience

From CIPedia
Revision as of 11:44, 12 December 2016 by Mtheocharidou (talk | contribs)
Jump to navigation Jump to search

European Definitions

IMPROVER project

The IMPROVER project [1] gives the following definition:

The ability of an organization who operates or owns a critical infrastructure exposed to hazards, to resist, absorb, accommodate to and recover from the effects of a hazard in a timely and efficient manner, for the preservation and restoration of essential societal services. (Adapted by UNISDR[2])

Note: This definition refers to CI-related organisations. The IMPROVER recognises also two other dimensions which are relevant for CI, namely Technological Resilience and Societal Resilience.

Standard Definition

ISO Guide 73:2009

Adaptive Capacity of an organization in a complex and changing environment. [3]


ISO 28002:2011

The definition included is the same as the one in ISO Guide 73. However, the standard notes:

Resilience is the ability of an organisation to prevent or resist being affected by an event or the ability to return to an acceptable level of performance in an acceptable period time being affected by an event. [4]


ISO/FDIS 22316:2017

The definition included is from a draft version of the standard which is still under development.

Organizational resilience is the ability of an organization to respond and adapt to change. Resilience enables organizations to anticipate and respond to threats and opportunities, arising from sudden or gradual changes in their internal and external context. Enhancing resilience should be a strategic organizational goal. [5]

Note: Organizational resilience is a relative and dynamic concept rather than a specific activity or fixed state. The factors that enhance an organization’s resilience are unique to each organization. Organizations can only be more or less resilient and there is no absolute measure or definitive goal. Top management commitment to enhance organizational resilience will contribute to:

  • an improved capacity to anticipate and respond to threats and opportunities;
  • an ability to identify and address vulnerabilities before they have a material impact;
  • a more coordinated approach to integrate existing management disciplines that support organizational resilience; and
  • a greater understanding of interested parties and dependencies that support strategic goals and objectives.


BS 65000:2014

Organizational resilience is the ability of an organization to anticipate, prepare for, and respond and adapt to incremental change and sudden disruptions in order to survive and prosper. [6]


See also


Notes

  1. http://improverproject.eu/
  2. 2009 UNISDR Terminology on Disaster Risk Reduction, United Nations International Strategy for Disaster Reduction (UNISDR), Geneva, Switzerland, May 2009.
  3. ISO Guide 73:2009 Risk management — Vocabulary
  4. ISO 28001:2001 Security management systems for the supply chain -- Development of Resilience in the supply chain -- Requirements with guidance for use.
  5. (DRAFT) ISO/FDIS 22316:2017 Security and resilience -- Organizational resilience -- Principles and attributes
  6. BS 65000:2014 Guidance on organizational resilience