Business continuity was once the next major development in IT. It focused on keeping an organization operational...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
following a disruptive event. Disaster recovery, by contrast, focused on recovering IT elements, such as computers, networks and storage, following an incident. Approximately 10 years ago, the terms business resilience and resiliency began appearing. Some organizations in the profession began to espouse resilience as an alternative to business continuity, and probably to differentiate themselves from firms using the older term.
In recent years, business resilience has begun to stand on its own as the next step after business continuity. Specifically, to achieve resilience, you must first have the ability to perform business continuity.
Merriam-Webster's Collegiate Dictionary defines resilience as follows:
1) The ability to become strong, healthy or successful again after something bad happens; and
2) The ability of something to return to its original shape after it has been pulled, stretched, pressed, bent, etc.
If we substitute business-related terms into the second definition, it would read: Resilience is the ability of a business or organization to return to its original operational status after it has been impacted by a disruptive or disastrous event.
The 2013 edition of the Business Continuity Institute's Good Practice Guidelines defines business continuity as "the capability of the organization to continue delivery of products or services at acceptable, predefined levels following a disruptive incident."
The two terms, in the above context, read almost the same.
The prevailing thinking today appears to be the following: To achieve a state of business resilience, an organization must first achieve business continuity. This suggests that continuity precedes resilience.
The diagram above states that we must first complete a BC plan. If we then exercise the plan and it seems to work properly, the question becomes: "Is the business now resilient?" The best way to achieve business resilience is to prove it with a real-life incident that activates the BC plan and forces employees to respond to the event. If employees are able to use the plan to resume business operations to more or less normal levels, resilience has been achieved.
Survey: Better corporate resilience needed
Organizations should develop cyber-resilience
DR plans vs. enterprise resilience plans
Dig Deeper on Disaster Recovery Planning-Management
Paul Kirvan asks:
How does your company build resilience?
0 ResponsesJoin the Discussion
Related Q&A from Paul Kirvan
If time constraints and other factors force you to eliminate risk assessment from your business continuity plan, discover how to focus your ...continue reading
You should be able to justify the need for a BC/DR plan. But here's what you can do if you fail to get management buy-in and you still want disaster ...continue reading
While it's always safer for businesses to have properly funded DR plan testing, there are ways to assess your plan even when the data storage budget ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.