Operational Resilience Toolkit

Downloadable Resources, Instant Access

Operational Resilience Forecast

Where exactly do you expect your organization to put most efforts in order to comply with future enhanced ICT risk management measures and with increased safeguards in the digital environment?

In your organization, forecasting the future is a complex and absolutely critical job. What comes next for Operational Resilience in Business / Risk / Management / Resilience / Operational / Technology / Security / Continuity / Ability / Data / Regulatory / Support / Recovery / Development / Cyber / Incident?

Within the next quarter, driven by internal and external requirements, use the Operational Resilience Toolkit to grow maturity and adoption of the top forecasted Operational Resilience breakthrough technologies and applications.

Relevant to solving real problems and exploiting new opportunities:


  • Supervise setting strategy, planning, managing, and delivering on system resilience projects and improvements that ensure the company is capable of system recovery at the level necessary to support its business, customers and regulatory requirements, and work closely with all facets of the Technology Division, including architecture, infrastructure and operations, and development.
  • Model IT Resilience and Continuity and manage responsibility of managing the day-to-day execution and coordination of 2LoD oversight of IT Infrastructure Management and IT Service Management Risks and solidify ongoing enhancements and integration of Business and IT Continuity Risks.
  • Ensure your organization has the ability to prevent disruptions to its vital business and IT services from occurring, and continue to maintain critical services if a disruption or incident does occur and return to normalcy, when disruption or crisis is eliminated.


  • Utilize machine learning, natural language, and statistical analysis methods, such as classification, collaborative filtering, association rules, sentiment analysis, topic modeling, time-series analysis, regression, statistical inference, and validation methods to review risks.
  • Lock in 2LoD oversight through appropriate risk anticipation, assessments and check and challenge of IT Resilience focusing on IT Infrastructure and IT Service Management risks (including in evolving domains such as Enterprise Cloud).
  • Manage responsibilities of oversight of operational risk, risk exposure arising from inadequate or failed internal processes, people, technology and external events.


  • Manage technology operations services including physical data center and cloud operations, security engineering, configuration, monitoring, and operations, EDI and data transfer, daily operations processing and run book, technical resiliency and back up / recovery, systems monitoring, and availability, and capacity and availability management.
  • Coordinate and lead (both direct and matrixed) a team of risk professionals and work extensively with the CRO and Business Unit management to develop and deliver an industry leading Operational Risk and BCP programs.
  • Oversee the Companys Business Continuity Program, lead the businesss design, development, maintenance, and execution of business continuity plans, incident management, recovery from business interruptions, and operational resilience.


  • Develop, coordinate and manage all required documents, activities and events with stakeholders throughout programs or projects lifecycles to evaluate the abilities and limitations of the program or project in meeting the users operational effectiveness, operational suitability and operational resilience requirements specified and implied in program documentation.
  • Manage the companys overall System Resilience / Disaster Recovery program and strategy, including assessment, planning, testing, and recovery and work across business and technology departments to ensure alignment and execution of program objectives, driving to support innovation in your recovery strategies.
  • Bring forward the development of OT and E processes, metrics, or procedures (Measures of Effectiveness (MOE), Measures of Suitability (MOS), Measures of Resilience (MORs), Measures of Performance (MOP), and Critical Operational Issues (COI)) and lead development of OT and E measures (MOE, MOP, COI).


  • Lead the development of new regulatory standards, translate complex regulatory requirements and expectations on the use of technology services into operational solutions, and execute effective senior-level engagement to assist internal customers in moving their sensitive, regulated workloads to the cloud.
  • Lead the design, development, execution and maintenance of business impact assessments, business continuity plans, and disaster recovery plans for operational resilience across the enterprise to ensure your organizations ability to deliver.
  • Manage responsibility of the development and implementation of policies for IT, cybersecurity, operational resilience, and operational risk areas.


  • Strategize, develop and engineer strategies and collaborate with business and other technology teams to develop and implement architectures, standards, and controls for business processes and the technology portfolio both internally and for third-party relationships.
  • Attain oversight within a defined process ensuring that the organizations's technology infrastructure, applications and critical business services meet regulatory and internally established control frameworks with specific focus on IT Resilience and Continuity risks.
  • Oversee, manage, and coordinate all functions related to enterprise Infrastructure, Technology Service Delivery, Security Operations, Technology Operations, and Software Tools and Licensing.


  • Engage on known or emerging security and IT risks for Cloud services by initiating or influencing the development of new platform / security architectures and compliance with architectural principles and objectives.
  • Verify when/if innovative ideas need to be brought into existence in areas as artificial intelligence, intuitive data science, quantum information science, health informatics, space security, policy and economic expertise, trustworthy autonomy, cyber threat sharing, and cyber resilience.
  • Develop long-term projects and define processes and methods to ensure execution and productivity across multiple internal and external stakeholders, including customers and regulatory agencies.


  • Strategize, establish and maintain strategic relationships with key stakeholders and cross-functional partners to drive operational risk, business and technology continuity/resiliency strategies and adjust plans as necessary.
  • Check and challenge the overall resilience readiness for your organization and focus on the alignment and integration of IT Continuity risks within the overall Business Continuity Risks for the organization.
  • Govern to ensure that all technical components of your organizations Business Recovery Plans are tested as defined in Business Continuity Management policies and procedures, or whenever significant changes are made to those components.


  • Provide your organizations users and decision makers with information about the programs ability to effectively support user missions, be sustained by users in the intended operational environment, and be survivable against environmental and adversary events.
  • Work closely with your organizations PM and senior developers to realize Cloud migration benefits of costs savings, productivity, scalability, and operational resilience.
  • Shelter in-house analytical skills with the ability to identify and assess risks and issues through critical thinking while developing possible solutions.


  • Leverage data analytics, artificial Intelligence, machine learning and security skills to ensure continuous improvement in operation security across multiple internal and external systems.
  • Control explanatory data analyses, generate and test working hypotheses, prepare and analyze historical data and identify patterns to develop innovative solutions to operational risk and regulatory compliance programs.
  • Manage infrastructure services which include voice and data networks, on-premises and cloud computing stack, mobile devices, database administration, remote access, SaaS tools, and software including O365 and MS Teams.


  • Set up strategy, planning, managing and delivering on system resilience projects and improvements that ensure the company is capable of system recovery at the level necessary to support its business, customers and regulatory requirements.
  • Take the lead in providing active advisory, partnership, challenge or approval to applicable risk owners to ensure appropriate prioritization and resolution of regulatory or audit findings and related actions.
  • Interpret regulatory guidance on operational resilience and manage responsibility of advising Business Units on standards and implementation.


  • Plan internal control teams with Identification, evaluation, monitoring and mitigation of the operational risks identified in IT services, through best practices such as COSO, ITIL, ISO27000, NIST and COBIT.
  • Enable your employees, customers, and shareholders, by ensuring that your technology foundation is reliable, controlled, secure, scalable, and ready to support your organizations aggressive innovation agenda.
  • Support the organization and crisis response team during critical incidents that may impact your organizations employees, offices, brand/reputation, operations, products and services, and customer support.



  • Implement risk mitigation procedures for disaster recovery, ensuring that all technical components of Recovery Plans are tested as defined in policies and procedures, or whenever significant changes are made to those components.
  • Manage the overall System Resilience/Disaster Recovery program, including assessment, planning, testing, and recovery while working across business and technology departments to ensure alignment and execution of program objectives.
  • Oversee development and maintenance of recovery procedures for systems and applications, supporting high-demand business functions / strategy and ensuring process and practices are current through continuous improvement.


  • Establish planning and development of 2LoD independent crisis management exercises, research on IT and Cyber threats and suitable storylines, scenarios and design injects, managing other contributors in the process.
  • Fortify the technical design of systems to improve predictability and resilience, and manage other engineers to improve development processes, operational understanding and monitoring and alerting systems.
  • Foster special studies and projects related to your organizations supervision and regulation, and identify problems or potential problems in your organization.


  • Continuously evaluate internal and external risks to your organizations business processes and technology strategies, including cyber threats with CISO, to continually align BCP resiliency and recovery strategies to mitigate these risks.
  • Empower the Firewall engineering team in building, running and improving the operational resilience of the system which protects your organization from daily cyber threats.
  • Assure teams cover cyber monitoring, threat hunting, incident response, cyber threat intelligence and technical improvement activities.


  • Secure integration of system resilience with all other Business Continuity Management Department functions, including Business Resilience, Incident Response, Vendor Risk Management, and Operational Resilience.
  • Manage service delivery functions including customer service desk, incident, problem, change, release, configuration, asset, expense, and knowledge management, and end-user compute and productivity.
  • Guarantee delivery of new initiatives designed to strengthen your Operating Model covering BCM, Safety and Security and Incident Management, and offer advice, assistance, and training as needed.

Save time, empower your teams and effectively upgrade your processes with access to this practical Operational Resilience Toolkit and guide. Address common challenges with best-practice templates, step-by-step work plans and maturity diagnostics for any Operational Resilience related project.

Download the Toolkit and in Three Steps you will be guided from idea to implementation results.

The Toolkit contains the following practical and powerful enablers with new and updated Operational Resilience specific requirements:

STEP 1: Get your bearings

Start with...

  • The latest quick edition of the Operational Resilience Self Assessment book in PDF containing 49 requirements to perform a quickscan, get an overview and share with stakeholders.

Organized in a data driven improvement cycle RDMAICS (Recognize, Define, Measure, Analyze, Improve, Control and Sustain), check the…

  • Example pre-filled Self-Assessment Excel Dashboard to get familiar with results generation

Then find your goals...

STEP 2: Set concrete goals, tasks, dates and numbers you can track

Featuring 989 new and updated case-based questions, organized into seven core areas of process design, this Self-Assessment will help you identify areas in which Operational Resilience improvements can be made.

Examples; 10 of the 989 standard requirements:

  1. What factors should your organizations consider in a measure of interconnectedness resulting in a system being determined as critical to the financial sector, and how should factors be weighted?

  2. Do you have policies, procedures and technical measures in place to ensure appropriate data/assets access management in adherence to legal, statutory or regulatory compliance requirements?

  3. Do covered entities currently have access to sufficient information to determine whether any of systems would be considered sector-critical systems for the purpose of the standards?

  4. What data is available to support an ESG rating and how do you ensure that the methodologies allow for required transparency, reliability, comparability and independence?

  5. How should companies manage the transition of organizations and workforces to an environment where managers and employees may be working remotely on a long-term basis?

  6. Has the exposure of your organizations earnings or economic value of capital been adversely affected, and is it materially different from model-implied scenarios?

  7. Do you have documented policies and procedures demonstrating adherence to data retention periods as per legal, statutory or regulatory compliance requirements?

  8. Can the informal information networks utilized be better defined so the information flow during a crisis can tracked and utilized better by your organization?

  9. Do you see any particular challenges associated with the sharing of information on cyber threats and incidents with your peer financial organizations?

  10. Are you openly communicating with the business to understand changing priorities and re-allocating IT resources to focus on what is most important?

Complete the self assessment, on your own or with a team in a workshop setting. Use the workbook together with the self assessment requirements spreadsheet:

  • The workbook is the latest in-depth complete edition of the Operational Resilience book in PDF containing 989 requirements, which criteria correspond to the criteria in...

Your Operational Resilience self-assessment dashboard which gives you your dynamically prioritized projects-ready tool and shows your organization exactly what to do next:

  • The Self-Assessment Excel Dashboard; with the Operational Resilience Self-Assessment and Scorecard you will develop a clear picture of which Operational Resilience areas need attention, which requirements you should focus on and who will be responsible for them:

    • Shows your organization instant insight in areas for improvement: Auto generates reports, radar chart for maturity assessment, insights per process and participant and bespoke, ready to use, RACI Matrix
    • Gives you a professional Dashboard to guide and perform a thorough Operational Resilience Self-Assessment
    • Is secure: Ensures offline data protection of your Self-Assessment results
    • Dynamically prioritized projects-ready RACI Matrix shows your organization exactly what to do next:


STEP 3: Implement, Track, follow up and revise strategy

The outcomes of STEP 2, the self assessment, are the inputs for STEP 3; Start and manage Operational Resilience projects with the 62 implementation resources:

  • 62 step-by-step Operational Resilience Project Management Form Templates covering over 1500 Operational Resilience project requirements and success criteria:

Examples; 10 of the check box criteria:

  1. Activity Duration Estimates: Is a formal written notice that the contract is complete provided to the seller?

  2. Team Member Performance Assessment: To what degree do team members frequently explore the teams purpose and its implications?

  3. Risk Register: How often will the Risk Management Plan and Risk Register be formally reviewed, and by whom?

  4. Activity Duration Estimates: Is a work breakdown structure created to organize and to confirm the scope of each Operational Resilience project?

  5. Cost Baseline: Has the Operational Resilience project documentation been archived or otherwise disposed as described in the Operational Resilience project communication plan?

  6. Team Performance Assessment: To what degree can team members vigorously define the teams purpose in considerations with others who are not part of the functioning team?

  7. Cost Management Plan: Environmental management Ð what changes in statutory environmental compliance requirements are anticipated during the Operational Resilience project?

  8. Quality Audit: Is there a written procedure for receiving materials?

  9. Team Performance Assessment: Social categorization and intergroup behaviour: Does minimal intergroup discrimination make social identity more positive?

  10. Stakeholder Analysis Matrix: What are the key services, contractual arrangements, or other relationships between stakeholder groups?

Step-by-step and complete Operational Resilience Project Management Forms and Templates including check box criteria and templates.

1.0 Initiating Process Group:

  • 1.1 Operational Resilience project Charter
  • 1.2 Stakeholder Register
  • 1.3 Stakeholder Analysis Matrix

2.0 Planning Process Group:

  • 2.1 Operational Resilience project Management Plan
  • 2.2 Scope Management Plan
  • 2.3 Requirements Management Plan
  • 2.4 Requirements Documentation
  • 2.5 Requirements Traceability Matrix
  • 2.6 Operational Resilience project Scope Statement
  • 2.7 Assumption and Constraint Log
  • 2.8 Work Breakdown Structure
  • 2.9 WBS Dictionary
  • 2.10 Schedule Management Plan
  • 2.11 Activity List
  • 2.12 Activity Attributes
  • 2.13 Milestone List
  • 2.14 Network Diagram
  • 2.15 Activity Resource Requirements
  • 2.16 Resource Breakdown Structure
  • 2.17 Activity Duration Estimates
  • 2.18 Duration Estimating Worksheet
  • 2.19 Operational Resilience project Schedule
  • 2.20 Cost Management Plan
  • 2.21 Activity Cost Estimates
  • 2.22 Cost Estimating Worksheet
  • 2.23 Cost Baseline
  • 2.24 Quality Management Plan
  • 2.25 Quality Metrics
  • 2.26 Process Improvement Plan
  • 2.27 Responsibility Assignment Matrix
  • 2.28 Roles and Responsibilities
  • 2.29 Human Resource Management Plan
  • 2.30 Communications Management Plan
  • 2.31 Risk Management Plan
  • 2.32 Risk Register
  • 2.33 Probability and Impact Assessment
  • 2.34 Probability and Impact Matrix
  • 2.35 Risk Data Sheet
  • 2.36 Procurement Management Plan
  • 2.37 Source Selection Criteria
  • 2.38 Stakeholder Management Plan
  • 2.39 Change Management Plan

3.0 Executing Process Group:

  • 3.1 Team Member Status Report
  • 3.2 Change Request
  • 3.3 Change Log
  • 3.4 Decision Log
  • 3.5 Quality Audit
  • 3.6 Team Directory
  • 3.7 Team Operating Agreement
  • 3.8 Team Performance Assessment
  • 3.9 Team Member Performance Assessment
  • 3.10 Issue Log

4.0 Monitoring and Controlling Process Group:

  • 4.1 Operational Resilience project Performance Report
  • 4.2 Variance Analysis
  • 4.3 Earned Value Status
  • 4.4 Risk Audit
  • 4.5 Contractor Status Report
  • 4.6 Formal Acceptance

5.0 Closing Process Group:

  • 5.1 Procurement Audit
  • 5.2 Contract Close-Out
  • 5.3 Operational Resilience project or Phase Close-Out
  • 5.4 Lessons Learned



With this Three Step process you will have all the tools you need for any Operational Resilience project with this in-depth Operational Resilience Toolkit.

In using the Toolkit you will be better able to:

  • Diagnose Operational Resilience projects, initiatives, organizations, businesses and processes using accepted diagnostic standards and practices
  • Implement evidence-based best practice strategies aligned with overall goals
  • Integrate recent advances in Operational Resilience and put process design strategies into practice according to best practice guidelines

Defining, designing, creating, and implementing a process to solve a business challenge or meet a business objective is the most valuable role; In EVERY company, organization and department.

Unless you are talking a one-time, single-use project within a business, there should be a process. Whether that process is managed and implemented by humans, AI, or a combination of the two, it needs to be designed by someone with a complex enough perspective to ask the right questions. Someone capable of asking the right questions and step back and say, 'What are we really trying to accomplish here? And is there a different way to look at it?'

This Toolkit empowers people to do just that - whether their title is entrepreneur, manager, consultant, (Vice-)President, CxO etc... - they are the people who rule the future. They are the person who asks the right questions to make Operational Resilience investments work better.

This Operational Resilience All-Inclusive Toolkit enables You to be that person.


Includes lifetime updates

Every self assessment comes with Lifetime Updates and Lifetime Free Updated Books. Lifetime Updates is an industry-first feature which allows you to receive verified self assessment updates, ensuring you always have the most accurate information at your fingertips.