The pandemic introduced new challenges and brought continuity and resilience to the forefront of everyday decision-making.

Some organizations were more successful in response than others, with those that adapted their business models and go-to-market strategies surviving and even thriving. The successful organizations focused on building teams that were adept at proactively responding to near and longer-term challenges. The less successful were reactionary, starting by executing procedures in plans that focused on short-term outcomes.

Taken one step further, those organizations that really knew what it took to deliver products and services, how they reached their customers and suppliers, and the relationship between processes, resources, and third parties were able to better respond and prevent disruption or other forms of unacceptable impact.

The outcomes got many thinking – is the creation of documented, rigid plans to address anticipated impacts of disruption over? Is it better to have well-trained teams that understand their operations and can forecast vulnerabilities that can be treated in real time?

To find the answer, Riskonnect conducted a short survey asking 70 practitioners from 11 countries what they thought about documented plans as well as the concept of a “digital model” of the organization.

What is a Digital Model?

A digital model of the organization is an inventory of upstream and downstream dependencies and everything in between, such as business processes, locations, applications, information, suppliers, and channels. The digital model can be queried before or during a disruption to search for vulnerabilities that may need to be addressed in real time․

The hypothesis of the survey was that the impacts of the pandemic, alongside the rise of operational resilience thinking, forced the need for organizations to fully understand their go-to-market strategy, customer pains, and the context in which they operate. It also reinforced the importance of having this information available to be queried and modeled with potential scenarios in real time so teams can define and implement strategies to minimize impact. That has given rise to the digital model of the organization as best practice.

This approach diverges somewhat from traditional business continuity planning, which focuses on identifying strategies and documenting implementation in the form of plans and exercises. Such plans take a high-level organizational view but are often siloed at a department or asset level.

The Survey Results

Some 75% of survey respondents indicated they had or were planning to expand their focus from simply creating plans to include creating a digital model of the organization.

In addition, 63% indicated they believe a digital model of the organization introduces value to the organization.

When asked which statement on business continuity resonated the most, a resounding 86% voted for “The focus of business continuity and resilience is preventing disruption, when possible, but equally preparing to respond and recover from a disruption.” This statement furthers the hypothesis that the business continuity and resilience discipline has both a proactive and reactive element for preventing and responding to disruption and needs data to help identify key vulnerabilities to disruption.

It’s clear from the response that many are embracing this shift in focus. The results showed 50% started making the shift less than a year ago, and an additional 27% indicated making the shift over the past 1-3 years. This supports the idea that the trend was likely spurred on by the pandemic and possibly operational resilience-related regulations.

What Are the Benefits of Developing a Digital Model?

When you lack a full picture view of your business operations and go-to-market strategy, dependencies and interdependencies are often overlooked. Developing and maintaining a digital model of your organization, its products/services, and business processes offers a valuable resource to query.

This digital model gives you an end-to-end perspective on your operations, which is invaluable for assessing vulnerabilities like identifying and treating critical single points of failure or those parts of the business without a recovery strategy, addressing change management, and making better business decisions.

At the time of disruption, this model can be used to understand downstream impacts. For example, location X is unavailable, so who’s affected, which products/services are unavailable to customers, and what should we do?

A digital model will empower your organization to:

  • Define end-to-end business processes that align to your organization’s most important products and services.                                                                
  • Build processes to mine information when needed.                                                       
  • Use the information to respond and plan ahead.

But plans are still valuable. They summarize objectives, document information difficult to memorize, designate response and recovery teams, and outline how to implement strategies when faced with different forms of disruption. But they can’t predict all forms of disruption, are often static, and people often ignore them and take a best-efforts approach. So why not give them a tool to compliment plans that align to their nature?

The message is that business continuity plans are still relevant – but they’re even more powerful when paired with a digital model of your organization. The combination provides the big picture perspective needed to be more proactive in prevention, response, and recovery. You can dynamically react to the unforeseen and even create “what if” scenarios as bad situations seem to escalate.

Download Riskonnect’s Getting Started with Business Resilience ebook for more information on a holistic and integrated approach to managing risk.


Brian Zawada

Brian Zawada brings more than 25 years of experience managing and building world-class, global business continuity programs to his role as VP of Strategy for Riskonnect. Outside of his work with Riskonnect and its clients, Brian previously served as the Head of the United States Delegation to ISO Technical Committee 223, the authors of ISO 22301. Brian contributed to the development of ISO 22317 and ISO 22331. In 2020, he published his first book The Business Continuity Operating System. Brian is also a two-time Lifetime Achievement award winner from CIR and the BCI.

Improving Your Business Continuity Without Breaking the Bank
The latest in disaster recovery and ransomware protection is of the utmost importance to include in today’s IT strategies for...
Assessing the Risks of AI Dependence in Organizational Resilience
Organizational resilience professionals are entrusted with safeguarding an organization's ability to endure adversity and disruptions. Artificial intelligence (AI) has shown...
Mobile Microgrids are Redefining Disaster Response: The Future of Rebuilding Infrastructures Sustainably
For years, disaster first responders have relied on equipment and technology suppliers to provide them with the tools and power...
How Disaster Recovery as a Service Supports Business Resilience
Disaster recovery as a service (DRaaS) solutions can help organizations stay online and operate during any kind of service disruption. As...