Today the majority of organisations have either been deliberately designed for, or have evolved to operate efficiently and effectively in routine environments characterised by stability and predictability. However, in many organisations, this has increased their vulnerability to the highly volatile and uncertain conditions that appear to becoming the norm (Stern, 2001; Kates and Parris, 2003; Sornette, 2003; U.S.-Canada Power System Outage Task Force, 2004; United States General Accounting Office, 2004, McDonald and Robinson, 2009). Over the last decade, volatility in our natural, economic and social systems appears to be increasing at rates faster than many organisations can cope. Whilst such fast moving events overwhelm many organisations a proportion demonstrate an ability to either manage or bounce back from the adverse effects of system volatility.
In recent years the term resilience has been applied at individual, community, organisational, and societal scales to describe an ability to cope with often sudden and dramatic change (World Economic Forum, 2008; The Reform Institute, 2008). Accordingly, there have been a wide variety of resilience definitions, many reflecting the origins of the term from social, ecological, computing and engineering sciences (Holling, 2001; Paton and Johnson, 2001; Rose, 2004; Gaillard, 2007; Sapountzaki, 2007; Bosher et al, 2009, DeBardeleben, et al, 2009).
The term resilience has become widely used by many including consultants, managers, bureaucrats and politicians. With this increasing use of the term we have seen a catch-all terminology develop and some subsequent mismatches to our specific interest. Some of this has arisen from attempts to encapsulate a complex multidimensional, multifactorial concept under a single banner. Some blame must also lay with people jumping onto the bandwagon and trying re-badge old ideas. This has seen claims of processes, management systems, computer software and measurement tools that will all create resilience.
This paper aims to provide insight into the complexity and multidimensional nature of organisational resilience by examining several different conceptual models that demonstrate different and interrelated aspects of resilience. It is useful to remember the old saying “all models are wrong but some illustrate useful points.” The authors have selected those models that we believe illustrate useful aspects of thinking about resilience. It is our hope that by considering resilience in its complexity, that we start to discard much of the simplistic and mechanistic approaches that are being promoted in recent years.
The authors propose a ‘principles model of resilience’ that can provide a simple guiding foundation for investigating resilience. The principles model is derived from common themes that emerge from comparisons of resilience in different disciplines and is based upon six key principles:
Figure 1. The progression of resilience maturity.
These principles establish a foundation upon which other conceptual resilience frameworks or models can be developed and evaluated. An immediate outcome of applying these principles demonstrates where many current resilience frameworks are flawed; in particular those static frameworks that also claim the ability to provide a measure of resilience.
Many existing approaches to measuring organisational resilience assume that measuring a range of organisational attributes in a routine environment, will translate directly to giving a measure of resilience (Figure 2a). However, in reality each attribute will potentially function differently and will have a different level of contribution to resilience, depending upon the conditions facing the organisation. Since resilience arises from an entity interacting with its environment, at best these models are measuring the organisation’s resilience capabilities. It is the manner in which this range of resilience capabilities interact with a changing context that will determine an organisation’s resilience (Figure 2b). An organisation’s context may have both enhancing and degrading affects on these resilience capabilities resulting in a possible spectrum of outcomes – generating possibilities from high to low resilience. How the organisation deals with such variability in its context over time will depend upon how it monitors, understands and addresses the risks it faces.
Figure 2. Comparison of (a) the more traditional static model of resilience with (b) the principles model of resilience.
Therefore, in the absence of a robust approach for modelling a dynamic range of different contexts, the best indication of resilience that we can hope for from models at this time will be an appreciation of the organisation’s resilience capabilities.
Early concepts of organisational resilience, particularly from the UK and USA were based around re-badging various approaches to business continuity management (BCM) and relabelling them as resilience. This often presented us with what was labelled as a ‘resilience process’, or ‘resilience system’. More recently there has been emergence of resilience management system cycles, apparently claiming to do for resilience what IS09001 has done to quality assurance. Accordingly, we believe there is a danger that such highly prescriptive approaches not only fall short of what resilience is about, but that the prescriptive nature may even reduce resilience, particularly when faced with ‘black swan’ events (completely unanticipated, extreme consequence events). Over the last few years this has been demonstrated time and time again, when strongly prescriptive processes failed to adapt when the environment changed suddenly (Taleb, 2007) for example as occurred in the Enron Collapse (Committee on Energy and Natural Resources, United States Senate, 2002; Millon, 2003), Katrina (Walker, 2006) and the global financial crisis. This does not mean that all such approaches should be avoided.
Figure 3. Integrated functions model.
An evolution of this process/management system thinking has seen a number of integrated models proposed, with some implemented successfully into a range of different organisations (including in the organisation of one of the authors). We believe that those integrated models that are based around a robust risk management program can be major contributors to organisational resilience. In such models, risk management provides the foundation that links different organisational capabilities such as emergency, business continuity, security and crisis management (Figure 3). Risk management provides a common understanding of how uncertainty arising from highly volatile environments can affect the organisation’s objectives and provides the means by which these specialised capabilities can then address that uncertainty. However while this may be a significant contributor to resilience it is not a complete picture.
The current work undertaken by the joint Australia and New Zealand Standards working group has taken this concept to a whole new level into the development of the draft standard on business continuity – managing disruption-related risk (Standards Australia, 2009a), using the new risk management standard (Standards Australia, 2009b) as the driving concept.
Recent approaches have sought to explain resilience from the perspective of the features of highly resilient organisations. Such models demonstrate what organisational attributes can help an organisation deal with uncertainty and adversity. Accordingly, these models can provide an insight into the types of change that an organisation needs to consider making as it strives towards improving its resilience.
The ‘attributional model’ of resilience (Figure 4) was developed in a series of workshops by the Resilience Community of Interest (Resilience COI, 2009) is a good example of this approach. . In this ‘attributional model’ the key drivers for creating resilience are:
Figure 4. Attributional resilience model.
The ‘values’ and ‘leadership’ attributes in turn create an organisational culture and capability that is aware of, understands and is sensitive to internal and external change. This high level of change sensitivity or acuity (understanding the past, monitoring the present and foreshadowing the future) allows indicators to be identified in the lead-up to dramatic change. This in turn facilitates closer integration of the disparate parts of the organisation and through-chain interdependencies, enabling them to better work cooperatively together to a common set of goals a disruptive event unfolds.
The operation of these various elements is enabled through open, adequate and honest communications that both provides an understanding and creates an awareness of how risks to the organisation are emerging or changing. This awareness and communication enhances the organisation’s ability to learn from previous disruptions and better understand and adapt to new emerging disruptions (Peche and Oakley, 2005). It is the manner in which these various elements interoperate that creates the agility that the organisation requires to respond and adapt to a volatile environment. Attributional models of this nature can be incredibly useful in focusing attention on these often poorly understood ‘soft’ elements of resilience.
A drawback of the attributional models is the lack of attention paid to the ‘harder’ elements that contribute to resilience. The composite resilience model provides a different viewpoint that considers both soft and hard elements’ operation: processes, infrastructure, technology, resources, information and knowledge. Key to the model is the central importance of strategy and policy in establishing an operational duality, the capability to operate in both routine and non-routine environments. However, one of the key differentiators of the composite model is the role of emergent leadership (Norhouse: 2000) (Mintzburg: 1985) in driving the adaptation of each of the other organisational elements to meet the changing non-routine environment.
Figure 5. Composite resilience model.
We envisage that emergent leadership is able to create an improved understanding of the volatile environment and any resulting changed organisational properties. Emergent leadership is therefore more rapid in translating this information into decisions and actions. It thus provides direction, in times of high uncertainty and ambiguity for applying capabilities and unifying the operation of the processes, resources, infrastructure, technology, information and knowledge. It also needs to be recognised that emergent leadership does not necessarily arise from top management, but often comes from talented middle managers that rise to the occasion. This again emphasises the importance of strategy and policy in establishing the conditions that allow such leadership to emerge.
So with three different resilience models and three different viewpoints on resilience, which is the most appropriate? That really depends on how each model relates to an individual organisation’s level of maturity and the context it operates within. To try and provide more of a one-stop shop model, the herringbone model was developed (Figure 6) to encapsulate the concepts of the other three models and fill in some of the gaps.
The ‘herringbone’ recognises that an organisation possesses a substantial range of capabilities and undertakes a range of activities (collectively what the organisation ‘does’) that will contribute towards improved resilience. Furthermore, the organisation also exhibits a number of characteristics (‘how’ the organisation operates), that will affect the effectiveness of the capabilities and activities and help to enhance the organisation’s resilience.
Whilst most of the capabilities, activities and characteristics are critical to functioning in the routine environment, it is the manner in which they can adapt to the non-routine environment that will create resilience. A few capabilities and activities are specific for operations in the non-routine environment, such as business continuity, crisis and emergency management. However, there some characteristics that really come into their own in helping to create a resilient state by helping all aspects of the organisation to better operate in a non-routine environment. Some of these critically important factors include:
The relative contribution and importance to resilience of each of the capabilities, activities and characteristics will depend upon the nature of the changing circumstances being faced by the organisation.
Figure 6. Herringbone resilience model.
Collectively, the previous models demonstrate that resilience arises out of a complex interplay of organisational elements or capabilities that contribute to resilience when they adapt to a significant change. The challenge now is to encapsulate this complexity in a simple model construct.
The inspiration for us is the old fire triangle model (heat + fuel + oxygen = fire), take away any side of the triangle and the fire goes out. Hence the resilience triangle (Figure 7), take away any one side of the triangle and resilience ‘goes out’. More accurately, what the model attempts to show is that all three types of capabilities: process capabilities; resources and infrastructure capabilities; and leadership, people and knowledge capabilities, are essential for organisational resilience.
The triangle model also emphasis the fluid nature of each of the three areas of capability. This fluidity arises from organisational processes that continually review, assess and adapt capabilities on each side of the triangle to ensure that they:
Figure 7. The resilience triangle model.
Thus any loss of effectiveness of these capabilities (collectively or singly) will potentially degrade resilience. The actual extent of any degradation, or enhancement depends upon the nature of the interaction of the capabilities with each specific context (changing internal and external environment) being faced.
The range models in this paper illustrates a range of ideas about the nature of resilience. It has to be remembered that none of these models actually describe resilience itself. Rather they each describe some of those aspects of an organisation that can contribute to resilience. The question remains, however, of how these models can be implemented within an organisation. For any of the models there are four broad strategic approaches that can be taken to start building improved resilience: resistance, reliability, redundancy and flexibility.
It should be recognised that potentially any one of these four strategic approaches may provide for organisational resilience under specific set of circumstances. However, with a modern context that presents such high levels of uncertainty, it would be foolhardy to try to predict what is likely to happen and then be able to select a single strategic approach to manage those specific circumstances. It therefore seems more eminently sensible for an organisation to select a suite from all four types of strategies that will provide for a wide range of possible disruptions.
Each of the four types of strategies would be expected to influence the performance of organisational capability (and affect resilience) in a different manner (Figure 8). In the absence of any ‘resilience strategies’, organisational capability and performance (red dotted line, Figure 8) would be expected to show a sudden and catastrophic collapse soon after a disruptive event commenced (red arrow, Figure 8). However, the presence of one or more resilience strategies would be expected to moderate this deterioration in capability and performance (blue line, Figure 8) depending upon the nature of the strategies in relation to the nature of the event. For example, generally we would expect to see the following:
Resistance strategies are aimed at improving robustness and hardening the organisation to withstand the immediate affects that volatility may impose. There is usually no agility or adaptation with such approaches, resistance tries to match the organisation’s strength against the event’s power. Following such an event, an effective resistance strategy would be expected to maintain capability and performance at close to routine operating levels. However, resistance strategies can present significant drawbacks as they are generally developed to meet predicted events, defined within expected parameters. Should the actual event exceed those parameters, then capability and performance would be expected to catastrophically collapse in the absence of other types of strategy. Examples of resistance strategies include: land use planning and construction standards in bushfire or flood prone areas; use of firewalls against cyber-attacks, etc. Also many organisational emergency response strategies can be regarded as resistance strategies.
Figure 8. Resilience strategies model.
Reliability strategies aim to ensure that key functions, resources, information and infrastructure continue to be available, accessible and fit for purpose following an event. Whilst capability and performance may show some deterioration, it is expected to remain at an acceptable level, until recovery is completed. Again, reliability strategies are usually designed to only operate within expected parameters, and should those parameters be exceeded then resilience can collapse suddenly and catastrophically. Outputs of reliability strategies would include arrangements such as business continuity plans, multiple supplier contracts, multimode systems, etc.
Redundancy strategies provide for one or more alternatives to day to day operational approaches. With redundancy strategies in place the organisation may have some initial degradation of capability and performance before alternative arrangements begin to operate and re-establish performance back to acceptable levels. Redundancy strategies cater for arrangements such as disaster recovery plans, process work-arounds, back-up systems, etc. Such strategies are usually designed to manage foreseeable volatility and can be fragile in circumstances where their design parameters are exceeded.
Resistance, reliability and redundancy strategies generally provide for the process and ‘hard factors’ described by the various models.
Flexibility strategies enable the organisation to adapt to extreme circumstances and sudden shocks that often exceed the design parameters for the other strategies. Flexibility strategies usually provide for some of the ‘soft’ factors, particularly those in the ‘composite’, ‘attributional’, ‘herringbone’ and ‘triangle’ models. Such strategies, either directly or through their influence on resistance, reliability and redundancy provide the organisation with the adaptive capacity to respond to a wide range of unforseen circumstances up to and including black swan events. Examples of such strategies include: training and exercising for extreme events, practising ‘decision making in a vacuum1’, creating an environment for emergent leadership to flourish in, enhancing cultural aspects such as trust, loyalty and unified purpose.
The models described in this paper describe both different and interrelated viewpoints of resilience. One other concept ties all resilience models together, the way in which the organisation approaches the management of disruption-related risk. Organisations that are striving for resilience have demonstrated their ability to better understand these risks as well as their own vulnerabilities. They have also shown their willingness to invest in risk treatments that have created adaptive capabilities to prevent, reduce, respond to and recover from the extremes of today’s uncertainty. The application of tools such as the new risk management standard AS/NZS ISO31000 (Standards Australia 2009b) and the soon to be published AS/NZ 5050 will provide the foundation upon which better resilience can be built.
Bosher, L., Dainty A., Carrillo, P., Glass J., and Price A.D.F., 2009. Attaining improved resilience to floods: a proactive multi-stakeholder approach. Disaster Prevention and Management. Vol. 18 No. 1, 2009 pp. 9-22.
Committee on Energy and Natural Resources, United States Senate, 2002. Enron Corporation’s Collapse. Hearing before the Committee on Energy and Natural Resources United States Senate One Hundred Seventh Congress.
DeBardeleben, N., Laros, J., Daly, J., Scott, S., Engelmann, C., Harrod, B., 2009. High-End Computing Resilience: Analysis of Issues Facing the HEC Community and Path-Forward for Research and Development. Whitepaper Sandia Laboratories. http://www.csm.ornl.gov/~engelman/publications/debardeleben09high-end.pdf
Fiksel, J., 2003. Designing Resilient, Sustainable Systems. Environmental Science and Technology Vol. 37, No. 23, 2003 pp. 5330-5339.
Gaillard, J-C., 2007. Resilience of traditional societies in facing natural hazards. Disaster Prevention and Management Vol. 16 No. 4, 2007 pp. 522-544.
Holling, C. S. Understanding the Complexity of Economic, Ecological, and Social Systems. Ecosystems 2001, Vol. 4, 390-405.
Kates R.W and Thomas M. Parris T.M. 2003. Long-term trends and a sustainability transition—Proceedings of the National Academy of Sciences vol. 100 no. 14 pp 8062–8067
McDonald, L. and Robinson P., 2009. A colossal failure of common sense. Ebury Press, London.
Millon D., 2003. Who caused the Enron debacle? Washington and Lee Law Review; Vol. 60 No.1 Accounting and Tax Periodicals pp. 309-330.
Mintzberg, H. & Waters, J. 1985 Of Strategies, Deliberate and Emergent. Strategic Management Journal Jul-Sep 1985; 6, 3;
Northouse, P. 2000 Leadership: Theory and Practice 2nd ed. Sage Publications
Paton D. and Johnson D. 2001. Disaster and communities: vulnerability, preparedness and resilience. Disaster Prevention and Management Vol 10 No 4 pp270-277.
Peche R.J. and Oakley K.E. 2005. Hormesis: an evolutionary “predict and prepare” survival mechanism. Leadership & Organisation Development Journal Vol. 26 No. 8, 2005 pp. 673-687.
Resilience COI, Report on the 2nd National Organisational Resilience Workshop 1-4 December 2008. Published Sydney, February 2009.
Rose A., 2004. Defining and measuring economic resilience to disasters. Disaster Prevention and Management Vol 13 · No 4 · 2004 · pp. 307-314.
Sapountzaki K., 2007. Social resilience to environmental risks: A mechanism of vulnerability transfer? Management of Environmental Quality: An International Journal Vol. 18 No. 3, 2007 pp. 274-297.
Sornette D., 2003. Why Stock Markets Crash: Critical Events in Complex Financial Systems. Princeton. Princeton University Press.
Standards Australia 2009a, AS/NZS 5050 Business continuity: managing disruption related risk, published as the draft for public comments.
Standards Australia 2009b, AS/NZS ISO31000: 2009 Risk Management—Principles and Guidelines.
Stern N., 2001. Finance for Growth: Policy Choices in a Volatile World. World Bank, February 2001, Washington.
Taleb N.N., 2007. The Black Swan. Allen Lane Publishing, London.
The Reform Institute, 2008, Building a Resilient Nation: Enhancing Security, Ensuring a Strong Economy. Published Washington, October 2008.
United States General Accounting Office, 2004. Emerging Infectious Diseases: Asian SARS Outbreak Challenged International and National Responses. Report to the Chairman, Subcommittee on Asia and the Pacific, Committee on International Relations, House of Representatives, April 2004, Washington.
U.S.-Canada Power System Outage Task Force, 2004. Final Report on the August 14, 2003 Blackout in the United States and Canada: Causes and Recommendations. Washington and Ottawa.
Walker D.M., 2006. Hurricane Katrina. GAO’s Preliminary Observations Regarding Preparedness, Response, and Recovery. United States Government Accountability Office Testimony before the Senate Homeland Security and Governmental Affairs Committee. March 2006.
Woods D., 2003. Creating Foresight: How Resilience Engineering Can Transform NASA’s Approach to Risky Decision Making. Testimony on The Future of NASA for Committee on Commerce, Science and Transportation, John McCain, Chair, October 29, 2003, Washington.
World Economic Forum 2008, Building Resilience to Natural Disasters: A Framework for Private Sector Engagement, January 2008, Geneva, Switzerland.
Dr Carl A. Gibson is the Director of the Risk Management Unit at La Trobe University at Bundoora, Victoria, Australia. He serves on a number of standards related committees for Standards Australia, ISO (TC23 –Societal Security), National Centre for Security Standards and the US National Fire Protection Association TC1600 (emergencies and business continuity). He has also served in a number of emergency management roles in army, police, government and corporate sectors and is currently a volunteer with the CFA.
Michael Tarrant is the Assistant Director, Research Management at the Australian Emergency Management Institute. He also holds adjunct appointments in the Department of Tropical Medicine at James Cook University and in the Public Health Faculty at Queensland University of Technology. He is a member of the Community of Interest for Organisational Resilience.
He has worked at a national level as a member of Standards Australia Risk Management Committee (OB-007) since 1998 and contributed to a wide range of associated handbooks.
1 Decision-making in a vacuum, a key leadership skill in extreme events – being able to make rapid decisions and provide direction under conditions of high volatility and high ambiguity.