Our European business climate is rife with potential risks these days. Countries where the political landscape has remained relatively stable now face polarization, borders are being hardened, corporate domiciles are in flux, and the regulatory environment is becoming more complex. As the General Data Protection Regulation (GDPR), addressing individuals’ personal data, recently became enforceable, many businesses are scrambling to determine whether they are compliant or, if not, what they need to do to get there.
And with the looming economic fallout of Brexit yet to be determined, talks continue on how to undo decades of treaties and agreements with the European Union. All these serve to magnify and exacerbate what’s become the standard list of growing risks and threats affecting organizations across the globe – terror threats, data breaches, supply chain risk, and extreme weather events to name just a few. The types of disruptions that can readily impact any organization include:
- IT services disruption – any disruption affecting access to IT services (often referred to as “IT disaster recovery”) or the protection of critical data (often referred to as “cyber security”).
- Workplace disruption – any disruption of a business entity (offices, call centers, retail locations, trading rooms, manufacturing plants, labs, warehouses, etc.) as well as its critical assets such as machinery or other specialized equipment.
- Workforce disruption – any disruption involving personnel such that sufficient, trained and skilled employees are not available. Possible causes may include labour actions; regional disasters during which the community or public infrastructure is severely impacted; or pandemics, any of which can cause severe absenteeism.
- Supplier disruption – any disruption to critical suppliers, service providers, utilities and related infrastructure, or logistics that stops or slows the movement of critical products and/or services into or out of your business.
The potential for any of these to critically impact an organization based on its complex dependencies are what drives the need to operationalize risk management.
While the concepts of risk, compliance, crisis response, and disaster recovery are becoming more familiar throughout European businesses, the evolving threat landscape and growing uncertainty call into question legacy approaches to business resilience. Today, more than ever, an organization failing to prepare both strategically and tactically for any type of disruption can experience a much greater impact than it can readily absorb.