‘Operational resilience’ refers to the ability of organisations to prevent, adapt, respond to, recover, and learn from operational disruptions.
Many organisations may not sufficiently plan for disruptions and therefore may not be ready to manage effectively when they occur. ERG can support the delivery of improvements to operational resilience in three main areas:
1. Advising boards and senior management teams on what business services and activities to prioritise in order to preserve the safety and soundness of a business, or the appropriate degree of policyholder protection (in the case of insurers)
2. Supporting boards and senior management teams to set clear standards for operational resilience, through calculating and effectively communicating specific maximum levels of disruption, including time limits within which the delivery of important business services can resume
3. Designing contingency arrangements designed to enable the delivery of important business services to resume
Organisations need to adopt a proactive and risk-based attitude towards operational procedures, security, business programmes, and culture. Having identified the threats to your organisation, ERG can design and implement physical and information security systems, to protect your assets; your premises, your property, your people and crucially your reputation. Keeping you secure to provide your services.
Security by Design
Integrated security systems should achieve a balanced and justifiable level of protection. This can be achieved by following ERG’s Security by Effect © system, which rationalises security prescriptions according to business requirements, thereby minimising gaps and vulnerabilities, and crucially prevents overspend on unnecessary controls.
Following a detailed analysis of the context your organisation operates in, your threats and your existing vulnerabilities, our security solutions architecture and design team will construct a security system in partnership with you, to defend against threats and to mitigate risks. This system will be tested and reviewed at determined points, after incidents and crises, and after developments in the threat landscape. ERG will remain vigilant, to ensure that you remain secure.
Red Teaming can help organisations to identify vulnerabilities, to challenge existing assumptions, and to consider an adversary’s perspective view. ERG can plan and conduct Red Teaming exercises, designed to challenge an organisation to review and improve its security processes and procedures.
Contact us to discuss how our consultants could lead your organisation through a Red Teaming exercise; identify new ideas and options, and use ERG’s Security by Effect © system to increase your resilience.
Business Continuity Management
Disruptions to your business can happen at any moment. Business Continuity Planning and Management is about preparing to respond to situations, in a way that minimises the disruption to your organisation and enables you to get back to business as usual, as quickly as possible.
Similar to risk management processes, an ERG Business Continuity Plan will identify threats to an organisation and the effects that they would have. In addition to providing justification for mitigation responses, Business Continuity Planning will consider the steps necessary to allow an organisation to remain active, even if the worst should happen.
Following the best practice guidelines of BSI ISO 22301, ERG works with you to determine procedures to minimize the impacts of incidents and to help you recover from disruptions when they occur. This increased resilience provides reassurance to your employees and customers.