Well it’s that time of the year again when we all make promises to ourselves that we will do something different in the new year:
- join the gym,
- stop smoking,
- stop drinking
- reconnect with friends that we haven’t seen for some time etc.
Here at the Risk Evolves HQ we’ve been discussing the New Years resolutions you should consider for your business.
One things is for sure – 2017 is going to be filled with change…
- What will the terms of Brexit be when Theresa May invokes Article 50 and how will they impact the UK ?
- Will inflation in the UK rise as predicted by Mark Carney ?
- What will the new policies of President-Elect Trump mean for the World ?
- How will the General Elections to be held in Holland, France and Germany impact Europe ?
- Will the current peace plan negotiated by Russia for Syria hold?
- How will the continuing cyber threat impact the UK and the overall global economy ?
Unfortunately, no one has a crystal ball to predict the future…
At Risk Evolves we much prefer to focus on the items that we can influence, and to keep a watch on the things that we can’t.
It therefore wasn’t a surprise that our debate concluded that an appropriate New Year’s resolution for businesses, regardless of size and sector, should be the implementation of actions to improve organisational resiliency.
This would enable organisations to be better positioned to embrace the positive opportunities and to manage the negative impacts that 2017 may herald.
What is business resilience?
Earlier this year we tweeted a great whitepaper produced by BSI on organisational resilience which provided some great advice and guidance for organisations.
But where can you start?
We’ve listed 6 tips help you improve your business resilience:
6 tips to improve your business resilience
1. Improve your business resilience: Governance
- Do you have a clear strategy for your organisation?
- Is it well communicated?
- How do you know whether you are meeting targets and complying effectively with legislation?
- As business leaders, what tone are you setting within your organisation that encourages open and effective communication?
- How are you managing internal and external risks?
Simple changes in each of these areas can make a huge difference within a business and don’t need to cost anything. Introduce regular team meetings, a simple monthly management report on successes and areas for improvement and setting clear actions which are followed up on a timely basis are small changes any organisation can make
2. Improve your business resilience: Risk Management
You MUST review the risks – both good and bad…
Ask yourself ‘what if: …
- key people aren’t available?
- a major supplier goes bust?
- the access road to the office / factory is closed?
- your IT system goes down?
- a key customer is acquired by the competition?
- the value of the £ goes up / down?
What can you do to minimise the impact of the risk, or take advantage of any opportunities it may present? Encourage staff to identify where risks may occur in the organisation or how improvements can be made and, linking to management system item above, track progress
3. Improve your business resilience: Standards
Whilst standards may be perceived as only being applicable to big corporates, the reality is that more and more SME’s are being asked to certify.
It could be ISO9001 (quality), ISO27001 (information security), ISO14001 (environmental) and OHSAS18001(health and safety).
Is there a possibility that your key customers will ask for you to certify in 2017 or could certification help you win new business against the competition? Check to see if they are certified – usually a quick look at their websites will give you an indication.
After all, it’s better to set your own timescales for implementation than to have them dictated to by others, not to mention the benefits that your organisation will reap from their implementation. BSI have provided a ‘Return on Investment’ calculator.
4. Improve your business resilience: Cyber
Cyber will continue to be a threat in 2017.
Reduce the risk to your business by adopting Cyber Essentials and complete our cyber risk self-assessment to give yourself a list of actions to undertake. Adopting the principles of the new cyber resilience standard, BS31111 when it is released in q2 2017 will be another great step forward.
Talk to staff about the risk of phishing emails, of CEO impersonation, of ransomware and prepare strategies for the ‘what if we are hacked’ scenario. Remember, the majority of incidents occur because of user error as someone clicks on a link in what they perceive to be a harmless email / webpage so having an open culture where employees feel that they can ‘call out’ if they believe that there may be a problem is also key.
And finally, don’t forget about the internal threat – would one of your employees want to steal your data ? Check who has access to your systems and ask whether they really need it.
5. Improve your business resilience: Supply Chain
We all rely on suppliers to support our business – whether it’s hosting our IT or providing key components to our products.
- What happens if one day they can’t ?
- Or they are acquired by another company?
- Or they potentially do something that could impact your reputation?
Management and assessment of the supply chain is key to ensuring on-going resilience and integrity.
We wrote a blog on this last month, you can read more here
6. Improve your business resilience: Education and Training
And finally, your teams and their skills are crucial to the resilience of the organisation.
Keeping them engaged and motivated will reap dividends for any organisation.
Ensure that they are engaged with any programme of change and ask for their opinion and insight on how the business can become more productive.
Of course the key to organisational resilience, like any change, is that it needs to be repeated in order to become a good habit and not done once and then forgotten about.
If you would like to discuss how Risk Evolves can help your organisation develop some good habits, then please contact us.