Tying the Knot: Integrating ERM and BCM to Improve Resiliency

End-To-End Business Resiliency

The following diagram shows the flow of events and the required activities when an incident occurs. Generally, the conditions are dividedinto 4 phases, which are before the incident happens, when it happens, when it turns into crisis, and when it returns to new normal. Thepart before the incident is a preparatory phase in which organizations have a big responsibility in equipping all resources to be ready todeal with and handle the incident, while the event after the incident is divided into several phases of responses & recovery.

Enterprise Risk Management (ERM) Framework

Dynamics of ecosystems and relationships between risks often create threats in which traditional risk management is not equipped to address. Therefore, organizations need to design their risk management and integrate it into their business and strategic processes to enable them to take risks to create value as well as respond to and mitigate risks, set risk management roles and responsibilities, resource allocation, communication and escalation line appropriately. 

Deloitte Risk Intelligent EnterpriseTM helps organizations in managing risk effectively and efficiently in order to support its business development and journey to future growth.

Business Continuity Management (BCM) Framework

Business sustainability relies on organizations’ resources and the continuity of its operations. Organizations’ need to design and implement BCM mechanism coming from certain events that can negatively affect the organization and lead to a crisis situation. It is imperative for organizations to have the capability to plan and respond to incidents that may affect its operations to keep the business running and reduce the impact of disruptions.

Deloitte’s BCM Program Development Framework understands the need to strengthen BCM capabilities to enhance the organization’s resiliency.

Integration Opportunities for ERM and BCM

ERM and BCM integrate to achieve Business Resiliency. Both share the common goals to enhance organization’s value creation and protection. ERM allows organization to create and protect their values through the process of assessing, monitoring, reporting and responding to risks that may negatively affect the objectives achievement. BCM improves organization’s strategic and tactical capabilities through identification and development of response, recovery, and restoration plan to face incidents that may affect its operation. It ensures that the business can still run at its acceptable level. ERM and BCM integration point opportunities are explained below.

Download our report to read more.