Research Points to Quick Response as One Factor of Resilient Companies
CGMA magazine recently highlighted a report titled Roads to Resilience, by Cranfield School of Management that highlights insights the report authors gleaned from their case study analysis of companies that faced a major crisis. The report authors created a guide on resilience inspired by their studies of companies that faced near disaster. The report found timely response to be one of the main distinguishing factors employed by resilient companies.
A CGMA summary of this research study (see link to full article below) outlines several points of consideration for executives who want to enhance their organization’s ability to rapidly respond to an unexpected event. This abstract highlights the following:
- What Makes Up Rapid Response?
- Enhancing the Ability to Operate in Uncertainty
- Practical Rapid-Response Tips
- Common Factors in Resilient Companies
What Makes Up Rapid Response?
There are 4 main parts to ensuring your organization is prepared to rapidly respond to a crisis in an effective manner:
- Decisive and appropriate actions – The ability to take quick action is important to prevent manageable issues from becoming full-fledged problems.
- Identified teams and processes – Processes must be in place to serve as a guide to the organization. However, processes alone are not enough, skilled employees need the initiative to adapt the process to current issues or problems at hand.
- Empowered responses – Organizations should allow their employees a certain level of autonomy so they can respond and solve issues as they arise.
- Rehearsed reaction plans – Practiced reaction plans increase the chances that a company will have the ability to operate the plan effectively and quickly. Due to employee familiarity with the plan the company has an opportunity to prevent incidents or issues from becoming larger problems.
Enhancing the Ability to Operate in Uncertainty
An organization relies on many elements of its business to achieve successful rapid response.
People and culture: In normal day-to-day functions of a business, most risk is managed appropriately through normal procedures and by trained individuals assigned to deal with the identified risk. However, when a business enters the realm of unexpected, new issues, resilient companies provide competent individuals the autonomy to make key decisions quickly and they give them the freedom to operate in the space where processes do not fully address the issues at hand.
In those situations, leadership allows decentralized project teams with personnel closest to the problem to solve the problem in a timely and efficient manner. Businesses also make sure that these teams have individuals who are trained and skilled in speaking to the media so the individuals actually solving the issue are not overloaded with also having to speak to the media.
Business Structure: Risk affects all parts of the business and is interconnected. In order to properly respond to risk, managers should consider the effects of a given risks across multiple dimensions of the enterprise, including the impact on the organization’s reputation. So, when assembling rapid response teams, it is important to include personnel from different functions and with unique perspectives. The CGMA article highlights the following when structuring the response:
- Managers need to communicate and work with all functions of the business in response to risk instead of just their silo.
- Flexibility is key to adapting to unexpected situations. Maintaining enough resources and management capacity for the organization to respond is critical.
- Operational risk is just one aspect of risk. A problem in operations can affect the strategy of an organization especially if it affects the brand and reputation. Often businesses fail to see external and future risk. These risks must be considered in order for the business to operate successfully in the long term.
Leadership and Governance: To ensure teams and the organization handles risk appropriately, some organizations employ governance forums to review effectiveness of risk-related communication. When in the act of responding to an event, teams usually operate independent of executives but still maintain direct lines of communication. The main idea is to take incident response away from higher level executives and put it in the hands of the managers who are most directly impacted by the incident or issue.
Practical Rapid-Response Tips
The Report to Resilience and the CGMA article highlight the following tips for ensuring your organization is prepared to respond with resilience:
Decisive and Appropriate Actions: The organization must identify risks to resilience and form plans to combat both known and unknown risk.
Identified Teams and Processes: Teams should be created long before the actual risks occur and practice the processes necessary to combat potential risks.
Empowered Responses: Allow employees to make a decision first instead of consulting with management first.
Rehearsed Reaction Plans: Put plans in place to respond to risk and require employees on identified risk teams to practice the established plans.
Common Factors in Resilient Companies
The authors also highlight observations based on their case study analysis about factors commonly observed by them in resilient companies:
- Risk Radar – Resilient companies seem to have a unique “risk radar” capability which gives the organization an early warning about issues before they become problems.
- Resources and Assets – Resilient companies have resources and assets that they use in diversified ways to minimize excessive exposures to risks from a single source.
- Strong Relationships and Networks – Resilient organizations maintain strong relationships with customers, suppliers, contractors, and other stakeholders and they seek to understand how their risk could become your risk and vice versa.
- Review and Adapt – Resilient organizations are able to keep up with changes and find ways to amend their processes to new situations and they constantly evaluate and improve risk-management procedures.