Operational Resilience is a familiar term, particularly within the realm of financial services. At its core, it signifies the capacity of financial institutions to effectively manage, adapt, respond, recover, and learn from operational disruptions. However, the application of Operational Resilience extends far beyond the boundaries of the financial sector. In the contemporary landscape, it intertwines with various IT service management (ITSM) practices, including but not limited to service configuration management, incident management, problem management, service continuity management, and supplier management. These practices, when embraced, fortify financial service firms and are also typically used to enhance the overall operational resilience of any Service Integration and Management (SIAM) ecosystem.
Our guest in this SIAM+ DORA session, hosted by Claire Agutter, will be Neville Hughes, a Senior Consultant at Brillio and he will introduce operational resilience, the key pillars of DORA and the implications for a SIAM ecosystem.
The European Union has taken a proactive step in acknowledging the paramount importance of Operational Resilience by introducing the Digital Operational Resilience Act (DORA). This legislative framework is set to be fully enforceable by January 2025, adding a sense of urgency for organizations to prepare and align with its guidelines.
Operational Resilience in a Nutshell:
Operational Resilience goes beyond the conventional understanding of risk management. It encompasses a holistic approach that involves not just withstanding disruptions but actively learning and evolving from them. In the financial sector, this could mean efficiently managing unforeseen events such as cyberattacks, system failures, or natural disasters. However, the principles of Operational Resilience are adaptable and scalable, making them relevant and beneficial for a broader range of industries.
RSVP here.
Expanding Beyond Financial Services:
The integration of Operational Resilience practices with ITSM processes can deliver excellent results. By incorporating service configuration management, organizations can maintain a clear understanding of their IT assets and their interdependencies. Incident management ensures swift response and resolution in the face of disruptions, while problem management focuses on addressing root causes to prevent recurrence. Service continuity management ensures that critical services are maintained during and after disruptions, and supplier management safeguards against vulnerabilities in the supply chain.
Implications for a SIAM Ecosystem:
For financial institutions in the EU, compliance is paramount to avoid legal repercussions and reputational damage. Adopting an operating model based on SIAM principles will support DORA compliance, specifically around “measures for sound management of ICT third-party risk”, “requirements in relation to the contractual arrangements concluded between ICT third-party service providers and financial entities” and “rules for the establishment and conduct of the Oversight Framework for critical ICT third-party service providers when providing services to financial entities”.
Operational Resilience is a multifaceted concept that transcends the boundaries of financial services, finding relevance in various industries and ITSM practices. With the looming enforcement of DORA by the European Union, organizations must prioritize the integration of Operational Resilience principles and assess how SIAM principles can support compliance. This not only ensures compliance but also fosters a culture of adaptability, responsiveness, and continual improvement, laying the foundation for a resilient and future-proof organization in the digital age.
