The business of resilience

The shocks of COVID-19 tested the resilience of every organisation. 

Global supply chains were disrupted, new ways of working were adopted, and business plans were adapted. Understanding and applying business resilience principles has been vital for continuity, but it will be even more important on the road to recovery and beyond.

That’s the view of Adam Berryman, Specialist, Enterprise Risk Management and Business Resilience for IAG’s Risk Partners.. 

APPLYING BUSINESS RESILIENCE

In an upcoming ANZIIF webinar, Berryman will discuss the application of business resilience principles and how they contribute to strategic and commercial benefits for every organisation.

‘Resilient businesses are positioned for longer-term survival, they support human and employee wellbeing and are, accordingly, better positioned with competitive advantage,’ he says.

The concept of business resilience is broad and evolving. Berryman says it encompasses much more than asset or liability protection.

‘It includes agility, employee engagement and mental health. Specifically, it’s defined as the adaptive capacity of an organisation to respond to a changing and complex environment.’

AFINITY FOR RISK MANAGEMENT

Berryman began his insurance career in a graduate role at Commercial Union after completing a Bachelor of Economics. 

He later moved into the world of the major insurance brokers, working at JLT, Aon and Willis. It was during this time that he was exposed to the risk consulting side of the insurance business, overseeing risk advisory services to predominantly corporate clients.

Berryman has worked in the sector for more than 25 years and says he was immediately attracted to the discipline of risk management.

‘I like the analytical aspects of risk management as well as the social science and human behavioural elements,’ he says.

Berryman is particularly interested in the dynamic relationships between how clients manage their own business risks and the subsequent impacts on other business drivers, such as safety, finance, insurance, brand and reputation.

'The world of risk management is challenging due to a number of varying elements,’ he says. 

‘One of the biggest challenges is that risk, despite all the data analysis and assessment, can often be nebulous, hard to define and difficult to predict. This makes it constantly challenging, client centric and dynamic.’

MOVING GOAL POSTS

When it comes to risk, the goal posts are always changing, but one thing is certain —  disruptions are becoming more frequent and severe.

Data from McKinsey & Company, for instance, shows geopolitical risk has not been higher since 2003 and cyber incidents have grown by 24 per cent since 2013. 

Climate change is increasing the frequency and severity of extreme weather and climate systems that influence natural disasters, and the COVID-19 pandemic has shown how vulnerable we all are to unexpected crises.

This vulnerability can be managed with renewed focus on resilience, but how is business resilience determined?

Berryman explains that IAG Risk Partners looks at an organisation’s business resilience from two perspectives. 

The first is its capacity to cope. This relates to its ability to use its resources to prepare for, absorb and recover from a significant event. 

The second is its capacity to adapt — is it equipped to predict, respond and change its operations to mitigate the impacts of short and long-term disruptive circumstances?

KEY INDICATORS OF COPING

‘Key indicators of coping capacity include people character and capital, planning and preparedness and resource competency,’ says Berryman.

‘Awareness and an understanding of risks is another key indicator, as well as training and role clarity that enables rapid implementation of strategies that not only help prevent disruptive events but also mitigate the impacts and improve the recovery process.

Berryman says indicators of adaptive capacity include the way in which knowledge and experience is stored and the flexibility of problem solving.

Take the example of resilience in cyberattacks. Coping capacity may be measured by factors such as an organisation’s cyber hygiene — how often does it install anti-virus software and secure its networks? 

To what extend is cyber security embedded in its business practices? How well does it train employees in cyber security? What mechanisms are in place to rapidly respond to cyber risk? 

Adaptive capacity may be measured by the efficiency of its business continuity plan — how quickly can it spring into action? How effective is its process for informing stakeholders of a cyber breach?

BEYOND ASSET PROTECTION

Berryman says COVID-19 has sharpened the focus on business resilience. It enables businesses to cope, adapt and recover from disruption and enhances the capacity to respond to various forms of risk.

‘From an insurance perspective, more resilient businesses are better underwriting risks, but resilience is far more than asset protection and liability protection.’

In the upcoming ANZIIF webinar on business resilience, Berryman aims to raise organisational awareness and promote further thinking on the subject, which he says is still relatively new. 

‘COVID-19 has raised many elements relating to resilience, particularly focusing on human characteristics.

‘I hope people take from this webinar a better understanding of how we can broaden our learnings from COVIDto apply them in an organisation context, as we continue to explore the concepts in greater detail with broader empirical evidence.’

Hear Adam Berryman speak at the webinar