Operational Resilience Assessment

Operational Resilience

Evaluate your organization's ability to absorb and adapt to disruptions.

Our Operational Resilience assessment evaluates your organization's capacity to anticipate, prepare for, respond to, and adapt to incremental change and sudden disruptions. Aligned with ISO 22316 and regulatory expectations, this assessment helps identify vulnerabilities in critical business services and ensures your organization can continue to operate within impact tolerances during adverse conditions.

Standards Alignment

Aligned to 4 standards: ISO 22316:2017, BS 65000:2014...

ISO 22316:2017

Organizational Resilience

BS 65000:2014

Organizational Resilience Guidance

FCA/PRA

UK Operational Resilience Regulations

DORA

Digital Operational Resilience Act

Domains Covered

Governance & Strategy

Evaluates the governance framework, board oversight, and strategic alignment of operational resilience. Assesses accountability structures, policy frameworks, risk appetite integration, and regulatory compliance across UK PRA/FCA, EU DORA, and regional requirements.

Identify Business Services

Assesses the identification and documentation of important business services that, if disrupted, could cause harm to consumers, market integrity, or the organization's safety and soundness. Evaluates service definition, ownership, and prioritization processes.

Impact Tolerance Setting

Evaluates the establishment of impact tolerances representing the maximum tolerable level of disruption to important business services. Assesses tolerance definition, quantification, and board approval processes.

Mapping Resources & Dependencies

Assesses the identification and mapping of people, processes, technology, facilities, and information required to deliver important business services. Evaluates end-to-end mapping completeness and vulnerability identification.

Scenario Testing & Exercising

Evaluates the design and execution of scenario testing to validate the ability to remain within impact tolerances during severe but plausible disruptions. Assesses test design, execution, and outcome utilization.

Self-Assessment & Remediation

Assesses the organization's approach to self-assessment of operational resilience capabilities, identification of vulnerabilities, and implementation of remediation plans. Evaluates assessment rigor and improvement tracking.

Third-Party Operational Resilience

Evaluates the integration of third-party risk management with operational resilience requirements. Assesses provider resilience assessment, contractual requirements, and ongoing monitoring of third parties supporting important business services.

IM Communication

Assesses the integration of incident management capabilities with operational resilience requirements. Evaluates incident detection, escalation, communication, and learning processes in the context of important business service disruptions.

Technology & Change Resilience

Evaluates the integration of technology risk management with operational resilience requirements. Assesses technology architecture resilience, change management controls, and continuous technology capability to support important business services.

Assessment Details

Questions

Minutes (estimated)

Domains

Start Assessment View All Assessments

ISO-aligned methodology

Instant results & recommendations

Free to complete