aurims conference 2011 towards resilience management david martin 12 th may 2011 chair corporations...
TRANSCRIPT
AURIMS CONFERENCE 2011
TOWARDS RESILIENCE MANAGEMENT
David Martin 12th May 2011 CHAIR CORPORATIONS RISK SYDNEYMANAGEMENT ROUNDTABLE
TOWARDS RESILIENCE MANAGEMENT 0VERVIEW
New generation of thinking and actions Concept of resilience What are the current and emerging
challenges? What are the ‘wild” risks What is effective Resilience Management Building Resilient & Sustainable Organisations Approach and methodologies for new
challenges What is the “value-add” from good Resilience
Management Where to from here – Beyond Resilience to
Sustainable Businesses Key Points
A A CRISISCRISIS ISISNOW BECOMING NOW BECOMING PREDICTABLYPREDICTABLYPREDICTABLEPREDICTABLE
Last 6 MonthsLast 6 Months• Unprecedented Unprecedented
natural disastersnatural disasters• Terrorist attacksTerrorist attacks• Volcanic eruptionsVolcanic eruptions• Brisbane FloodsBrisbane Floods• North Queensland North Queensland
CyclonesCyclones• Bush fires Bush fires • Christchurch Christchurch
EarthquakeEarthquake• Auckland TornadoAuckland Tornado• US TwistersUS Twisters• Japan Earthquake, Japan Earthquake,
Tsunami, Nuclear Tsunami, Nuclear PlantPlant
• What Next?What Next?
DEFINING RESILIENCE
• A Resilient Organisation is one that is able to achieve its business objectives and realise opportunities, even in the face of adversity.
• Resilience Management is the ability of an Organisation to survive an unscheduled disruption or major crisis from its ability to adapt using proven and integrated Risk Management, Crisis Management and Business Continuity Management processes
using a single line of sight.
TOWARDS RESILIENCE - EMERGING RISKS
AVAILABILTY OF
CREDIT/LIQUIDITY
SYSTEMATICCYCLICAL
RISK
SUSTAINABILITY
NEW STANDARDS &COMPLIANCE
GEN Y
CARBON CONSTRAINED
WORLD
GREEN IT
CULTURE& ETHICS
CHANGING WORKFORCE
RESILIENCE
THE RESILIENCE CHALLENGE
• Forward thinking Leaders are experiencing wake up calls with wider ranges of complex and compound ‘wild’ risks and vulnerabilities creating the need to develop proactive and a robust Business Resilience strategy supported by a Resilience Management Framework
• To create a culture which encourages ideas and knowledge to be brought together, coalesced, and acted upon
RESILIENCE MANAGEMENT FRAMEWORK
Pla
nn
ing
Pla
nn
ing
Emergency ManagementEmergency Management
Business Continuity ManagementBusiness Continuity Management
Risk ManagementRisk Management
Adaptive CapabilityAdaptive Capability
Testi
ng
Testi
ng
“A Resilient Organisation is one that is able to achieve its business objectives and realise opportunities – even in the face of adversity”
“A Resilient Organisation is one that is able to achieve its business objectives and realise opportunities – even in the face of adversity”
Increasing situational awareness will provide greater understanding of vulnerabilities that can critically undermine performance.
Increasing situational awareness will provide greater understanding of vulnerabilities that can critically undermine performance.
Decision makers learn about underlying values systems and key individuals - relying on the culture
Decision makers learn about underlying values systems and key individuals - relying on the culture
Testing of plans and people response is essential to ensure realism
Testing of plans and people response is essential to ensure realism
Resilience IndicatorsSituation Awareness Manage Key Threats Adaptive Capacity
Roles & Responsibilities
Understanding Hazards &Consequences
Connectivity Awareness
Insurance Awareness
Recovery Priorities
Planning Strategies
Participation in Exercises
Capability & capacity ofInternal Resources
Capability & capacity ofExternal Resources
Organisational Connectivity
Silo Mentality
Communications and Relationships
Strategic Vision and Outcome Expectancy
Information & Knowledge
Leadership, Management &Governance Structures
Aware of total operating system, including threats, opportunities, connectivity and internal and external stakeholders
Those components of an organisation that have the potential to cause the greatest negative impact
The culture of the organisation allowing it to make decisions in a timely and appropriate manner in a crisis.
REFLECTIONS OF A RESILIENT BUSINESS ASK THESE QUESTIONS
Do we have the right
infrastructure & processes to
manage risk?• Is the CRO empowered?
• Is our risk management process aligned with our strategic decision-making process and existing performance measures?
Is our risk management process coordinated and consistent across the entire enterprise? Does everyone use the same definition of risk?
Is our risk management process cost effective?
Am I taking the right risks?
• How are the risks we take related to our strategies and objectives?
Do we know the significant & emerging risks we are taking?
Do the risks we take give us a competitive advantage?
How are the risks we take related to activities that create value?
Do we recognize that business is about taking risks and do we make conscious choices concerning these risks?
Are we taking the right amount of
risk?
Are we getting a return that is consistent with our overall level of risk?
Does our organizational culture promote or discourage the right level of risk taking activities leading to resilience?
Do we have a well defined organizational risk appetite?
Is our actual risk level consistent with our risk appetite including emerging risks in a rapidly changing environment?
RESILIENT AND SUSTAINABLE ORGANISATIONS
• AVAILABILITY OF CREDIT/LIQUIDITY New paradigm• STRATEGY EXECUTION/MANAGEMENT Implementation/failure to execute good strategy Management in rapidly changing environment and
changing culture• STANDARDS & REGULATIONS Compliance obligations ASX/Principles 3, 4 & 7 ISO 31000:2009 International Risk Management
standard AS/NZ 5050:2010 Australian Business Continuity
Management standard APRA prudential standards
THE RESILIENT ORGANISATION
BEYOND RESILIENCE - SUSTAINABILITY
CORPORATE CULTURE
ENVIRONMENT
COMMUNITY
SOCIAL
GOVERNANCE
COMPLIANCE
RISK MANAGEMENT
RESILIENCE
SUSTAINABILITY
DEFINING SUSTAINABILITY
• A sustainable organisation is one that effectively manages, reports and maintains it’s corporate, social, environmental and community responsibilities, where risks and opportunities are effectively identified and managed
• Sustainable organisations are built on ideals, values and resilience
• Value to shareholders, community and employees
• Framework of the environment & social issues – the need for external benchmarking
• Corporate social responsibility ratings – reputation/brand
WHERE WILL FOCUS BE IN 2012/2013
Focus on expedient and cost effective “end to end” value-add recovery solutions which have been tested
New era Data Centres/Cloud computing Combination of the International ISO 31000:2009 Risk
Management Standard & Australian AS/NZ 5050:2010 Business Continuity Management Standard
Supply Chain risks increasing concerns and impact on Business Continuity and Resilience
Increased uncertainty driving Resilience Management focus and assurance for Boards that Management is addressing key risks , business recovery and resumption, testing of recovery plans and integration into the organisations corporate governance
Closer alignment of Risk Management, Business Continuity Management, Resilience Management and Sustainability
JAPAN – HIDDEN RISKSBENEATH THE ICEBERG
RECENT DISASTER – TOYOTA’s RESILIENCE
In the face of the recent MAJOR disaster in Japan and the “compound wild” risks of a massive earthquake, combined with a tsunami, and failure of a nuclear power plant I will present a scenario for discussion on:
• How you might adapt to such a situation• What are some of the lessons learned• Given the likelihood of further
earthquakes and tsunamis what are the key actions you would do to address Resilience and Sustainabilty?
RESILIENCE MANAGEMENT CONTINUUM
AURIMS PARTICIPANTS
WHERE ARE YOU AT WITH RESILIENCE READINESS?
10
? 9
8
7
6
5
4
? 3
2
1
Times have significantly changed and we are facing increasing risks, uncertainty and unprecedented disasters in peoples’ lives and businesses
New challenges driving new ways of thinking
An embedded top down/bottom up Resilience Management Program and culture is about
“doing business better” in managing opportunities, mitigating risks and
becoming more resilient in a rapidly changing operating environment.
SUMMARY
Statistically 1 in 5 organisations willsuffer a major incident every 5 years
Now more about survival requiring simpler, practical, faster and tested solutions towards the focus on resilience
TOWARDS RESILIENCE MANAGEMENT& SUSTAINABLE ORGANISATIONS
• Thank you for your participation
• Questions and Answers
AURIMS CONFERENCE 2011