Michael Rasmussen, the renown GRC pundit from GRC 20/20 Research, recently compiled a case study of one of our clients, a large financial institution. In this article, I've summarised the key challenges and the value that Michael found.
Their existing Business Continuity Management process and legacy systems had led to the organization not having a holistic view of their exposures to risk. Out of date data and manual processes impacted decision making. Plus, their custom-built, legacy business continuity system presented some gaps which highlighted greater problems including:
Increased liability, due to the non-standard approach to risk management and the inability to effectively report on risks.
Low productivity with increased cost, the legacy system required significant and ongoing investment in resources with a dedicated team to input and constantly clean data.
Existing system was end-of-life, the institution was dependent upon an out of date and non-supported end-of-life tool, which created a greater risk for the BCM team
Although yet to be fully quantified, the ReadiNow solution has been able to lift the overall business resilience maturity across the board. The solution has also enabled a far greater collaborative employee engagement culture through the use of workflow automation.
This organization praised ReadiNow for their ability to provide:
Easy to use solution that scales
Agile solution that is quickly configured to the bank’s specific requirements
User-friendly interface that enables a much faster and easier intuitive business adoption.
The ReadiNow solution creates faster, intuitive business adoption, enabling the organization to improve and enhance internal business processes relating to security risk management. The institution was previously under pressure from the market regulator to ensure that it had solid plans to address the increasing regulatory obligations over time. The use of ReadiNow enables risk management professionals to make more informed business decisions based on real-time and accurate systems, as well as empirical quantitative and qualitative data.
The bottom line
Organizations need to look to new paradigms of strategy that expand the focus of business continuity into an operationally resilient context. Backend management and oversight of business continuity is still needed; however, this needs to be integrated and aligned with a broader perspective of operational risk management. Business continuity is only as good as the line of business understanding, participation, and alignment with it. It is no longer enough to have the right documentation; you have to show that the organization is operationally resilient.