Creating a robust, integrated resilience framework for your organisation will help it to not only bounce back but bounce forward after a crisis, learning from the situation and improving as a result. Find below a summary of the PPRR model for organisational resilience.
The Covid-19 pandemic affected almost every single business. Many were forced to pivot to offer their products or services online, while others had to reconsider their whole business offering. This was often a quick response, designed to save the business.
However, in many cases it pushed growth or development at a much faster rate than during normal times.
A strong resilience framework will support such pivots by developing a roadmap to respond to crisis events.
However, there is no standard definition for resilience nor international standards to benchmark against. Often the case, companies develop strength in specific areas, such as business continuity planning or health and safety procedures, but are less developed in others.
Such inconsistencies leave a business vulnerable to future crises which are all the more devastating if they can be avoided.
An integrated resilience framework can be an excellent form of defence, enabling an organisation to learn from and improve after any crisis situation.
At a recent Risk Leadership Network meeting, members discussed their efforts to build a framework to integrate resilience into the core of their organisations. Anthony Reardon, director of ERM International and a Risk Leadership Network Advisory Board Member, led the discussion and shared his resilience framework model – the PPRR approach – which focuses on four key elements.
To read Anthony's full downloadable case study on building organisational resilience, simply click here.
Below is a summary of the model. Members can read the full meeting notes that outline the model in detail, as well as use our Risk Radar tool – to help them get a 180-degree and 360-degree view of all risks, including blind spots – on our Intelligence platform.
Does your organisation understand its current, known risk environment? This element requires you to assess the completeness of your risk identification programme and the quality of your risk analysis and response-readiness activities (our Risk Radar tool supports risk managers with this task).
How proportionate and appropriate is your organisation's internal control environment in relation to its known risks? This component covers intervention – being able to respond to unforeseen events in real time; and assurance – the checks and balances in place within your organisation.
Proportionality is key here! Too many checks and balances will affect information flow and organisational agility, but not enough will leave your organisation exposed.
An organisation’s response to a crisis should comprise three elements:
- Strategic: the initial crisis management or corporate response, including reputation management, messaging and communications
- Tactical: your emergency response - the firefighting element
- Operational: your business continuity plan
Agile working methods make a company better prepared to handle the unknown.
Disruption can lead to opportunity. Embracing this concept and implementing a connected resilience framework can help an organisation to bounce forward after a crisis or challenging event.
It is important to look back and take stock of how your organisation responded in the aftermath of a crisis. If you incorporate that information into your resilience framework, you can strengthen your organisation’s ability to face future challenges and even unforeseen events.
Are you an in-house risk manager who could benefit from collaborating with a global network of risk leaders? Find out more about how membership could benefit you here.