Building a Resilient and Successful Enterprise: Key Attributes and How to Measure Them

A manufacturing enterprise recently experienced disruption and near collapse after a fire destroyed its main production facility.¹ Because of insufficient redundancy, a lack of disaster recovery plans, and supply chain inflexibility, it struggled to maintain operations. It was a sobering lesson about the need for enterprise resilience and the ability to rapidly adapt to changing conditions.

Today’s business environment is full of uncertainty. Global competition, technological disruptions, economic fluctuations, geopolitical threats, and public health crises have created an imperative for enterprises to become more resilient and adaptive if they hope to survive and thrive. But what specific attributes contribute to enterprise resilience and success? And how can enterprises effectively measure these factors to guide strategy and transformation efforts?

Defining Enterprise Resilience and Success

Resilience is the ability to rapidly adapt in the face of adversity without significant loss of function.² A resilient enterprise exhibits agility when responding to sudden shocks (e.g., natural disasters) and adjusting to market shifts or technological changes. “Resilience enables organizations to take disruptions in stride as opposed to being derailed by them,” notes Rajesh Srivastava, professor of operations management at Indiana University (Indiana, USA).³ True resilience extends across an enterprise’s leadership, culture, employees, processes, and technology infrastructure. It is rooted in attributes such as diversity, redundancy, collaboration, scenario planning, and decentralized authority. Enterprises must make “broad transformations to embed resilience into their DNA,” says Donna Hamlin, chief executive officer (CEO) of Leadership Solutions Consulting.⁴ A resilient enterprise is one that can rapidly adapt and respond to sudden disruptions and gradual changes in its environment without losing performance capability or capacity. Resilience enables an enterprise to minimize downtime and continue to serve customers despite shocks or strains.⁵

A successful enterprise is one that achieves its strategic objectives and business goals over the long term. Measures of success include profitability, market share, brand strength, and customer satisfaction. Ongoing success requires agility and continual improvement based on changing conditions.⁶

Resilience and success are interconnected. Resilience builds an enterprise’s capacity to rapidly bounce back from challenges. This adaptability enables an enterprise to sustain high performance over time, even as circumstances change. In a volatile business environment, resilience is a necessary enabler of sustained success.⁷

Key Attributes of Resilient and Successful Enterprises

Research shows that resilient and successful enterprises exhibit common attributes across five dimensions: leadership, employees, processes, technology, and culture.⁸ These attributes include:

Leadership

• Visionary and adaptive leadership style—Leaders adopt a flexible, forward-looking mindset and guide the enterprise with a focus on long-term success. They view change as an opportunity and rapidly adjust strategies as conditions evolve.⁹
• Distributed decision authority—Rather than top-down, centralized authority, managers throughout the enterprise are empowered to make decisions quickly in response to local conditions. This enables agile reactions.¹⁰
• Proactive risk management—Leaders implement ongoing processes to identify, assess, and mitigate risk across the enterprise before a crisis occurs. This builds preparedness.¹¹
• Strong external orientation—Leaders stay tuned in to emerging trends, innovations, and developments in the external environment. This helps them anticipate market changes and identify threats and opportunities early.¹²

Employees

• Diversity and inclusion—A variety of perspectives, backgrounds, and areas of expertise gives the enterprise more robust insights and greater creativity in adapting to changing situations.¹³
• Open communication and collaboration—Breaking down functional silos and encouraging teamwork, information sharing, and new idea generation across the enterprise improve resilience.¹⁴
• Empowerment—Extending authority to front-line employees and teams builds their abilities to respond to customer needs and marketplace demands.¹⁵
• Investment in capability building—The hiring of new employees and the training and development of existing employees can expand an enterprise’s available talent and skills to handle new challenges. This includes building leadership pipelines.¹⁶

Processes

• Networked processes—Workflows that connect employees, data, and systems across boundaries break down silos. This enables faster reactions and coordinated responses to disruptions.¹⁷
• Analytics and automation—Using data, algorithms, and artificial intelligence (AI) to optimize processes reduces risk, improves decision making, and speeds response times.¹⁸
• Supply chain integration—Collaborating and sharing data with suppliers and distributors provide end-to-end supply chain visibility. This increases an enterprise’s resilience to supply disruptions.
• Scenario planning—Performing what-if analyses of potential scenarios, threats, and opportunities builds readiness to address a range of future possibilities.

Technology

• Flexibility and modularity—Component-based architecture, open standards, and loose couplings allow systems to be reconfigured and new capabilities to be added quickly.
• Redundancy and decentralization—Duplication, backups, and distributed networks prevent single points of failure. Without these safeguards, if one node is compromised, service can quickly fail across locations.¹⁹
• Cybersecurity—Robust cyberdefenses, access controls, encryption, anomaly detection systems, and cyberincident response plans protect operations against malicious attacks.
• Data and application integration—Shared data repositories, application programming interfaces (APIs), and microservices enable real-time data sharing and cross-functional processes, providing enterprise agility.

Culture

• External focus—Environmental scanning and a strong customer orientation can help an enterprise proactively identify and respond to external changes and customer needs.
• Innovation—Cultural norms that encourage experimentation, “failing fast,” and continuous improvement enable the development of innovative solutions to emerging challenges.
• Accountability—Individuals and teams are empowered to make decisions, but they are also held accountable for outcomes. This balances agility with responsibility.
• Collaboration—Cross-functional teams, knowledge sharing, and collective problem solving break down silos and improve resilience across the enterprise.

Collecting and Communicating Resilience Metrics

While identifying the right metrics is crucial, effective measurement also requires clearly defining organizational roles and processes for data collection, analysis, and communication.

Data Collection Responsibilities
The chief information officer (CIO) and IT department should take the lead in collecting technical metrics such as system redundancy, integration, and cybersecurity. Operations and supply chain leaders are best positioned to gather process data such as cycle times and supply chain visibility. Human resources (HR) can assist with workforce demographics and capability development metrics. Finance tracks financial performance indicators. The chief risk officer and internal audit team oversee resilience audits. External surveys should be managed by customer experience teams.

Tools and Processes
Automated data collection through system performance monitoring, supply chain analytics, HR information systems, and network security tools reduces manual efforts. Audits and assessments can leverage baseline maturity models. Surveys should utilize standardized instruments to enable benchmarking. Centralized data lakes and business intelligence platforms enable integrated analysis across varied datasets. Dashboards make metrics visible enterprisewide.

Communication of Metrics
A resilience measurement report distributed quarterly to leadership and employees communicates trends, progress, and areas needing attention. The CEO and executive team set the tone by emphasizing resilience in internal messaging. Town halls and employee training review resilience factors, metrics, and incident response processes. Sharing resilience goals and measurement results helps maintain organizational alignment and culture change. Public reporting of key metrics to external stakeholders demonstrates the seriousness of resilience efforts.

Measuring Enterprise Resilience and Success
To assess the current state of resilience and success and guide improvement efforts, enterprises need concrete metrics for each of these five key attributes plus other key performance indicators:

Leadership 

• Leadership style assessments
• Responsiveness to external change
• Speed of strategy pivots
• Risk management program maturity

Employees

• Workforce demographics
• Employee engagement surveys
• Cross-functional team participation
• Employee capability development hours

Processes

• Process cycle time
• Automation rates
• Supply chain visibility
• Scenario planning breadth

Technology

• System redundancy auditor findings
• Technology flexibility assessments
• Cybersecurity audit findings
• Data integration rates across systems

Culture

• External orientation surveys
• Innovation pilot projects (annual)
• Accountability audits
• Cross-functional collaboration rates

Key Performance Indicators
In addition to attribute-specific metrics (figure 1), enterprise resilience and success can be measured holistically through key performance indicators:²⁰

• Financial performance—Profitability, revenue growth, market share gains
• Operational performance—Production capacity, response times, customer retention and satisfaction
• Response to disruptions—Time required to recover capacity or service levels after an incident
• Competitiveness—Brand value, analyst firm rankings

The Role of Cybersecurity Audits
Cybersecurity audits are crucial for identifying vulnerabilities and risk in an organization’s IT infrastructure and systems. The audit findings provide a detailed report of the assessment, outlining the organization’s overall security posture, compliance with policies and regulations, and any gaps or weaknesses discovered. Some key cybersecurity audit findings may include inadequate access controls such as weak password policies, lack of multifactor authentication (MFA), and excessive user permissions. The auditors may also find unpatched systems and software which increase exposure to cyberthreats. Other technical issues such as misconfigured firewalls, lack of data encryption, and poor network segmentation may also be uncovered. The auditors also check for compliance problems such as failure to meet regulatory standards or organizational cybersecurity policies. Procedural findings such as inadequate security awareness among employees, lack of incident response plans, and poor vendor risk management are also common. The findings can provide metrics such as percentage of unpatched systems, users with excessive access, and other quantifiable risk. Clear, actionable recommendations to remediate the gaps should be presented. If executed properly, cybersecurity audits provide an objective evaluation of organizational security and a roadmap for improvement.

Enterprise resilience requires cross-functional collaboration and the breaking down of organizational silos that can impede information sharing and rapid responses to changing conditions.²¹ Metrics that track participation in cross-boundary teams and knowledge flows provide insight into the health of collaborative behaviors across the enterprise. Cultivating a culture of innovation, external focus, and accountability depends on leadership modeling the desired mindsets and behaviors. Regular surveys measuring employee perceptions reveal the extent to which culture change initiatives are taking root. Audits and participation rates in activities such as scenario planning provide additional cultural indicators.

At the highest level, enterprise resilience is demonstrated by sustained performance on key operational and financial metrics even in times of disruption. Tracking fundamental metrics related to financial factors, operations, customers, and competitiveness after a major incident tests the enterprise’s resilience in action.²² Developing indicators aligned with the attributes that underpin resilience provides crucial insight into vulnerabilities and maturity levels across different organizational dimensions. Enterprise leaders can focus improvement efforts on areas of weakness revealed through resilience measurement programs.²³

Figure 2 shows how metrics can be selected to provide a comprehensive picture of enterprise resilience capabilities during business-as-usual periods and in times of disruption or crisis.

The journey to becoming a resilient enterprise is long term and nonlinear. There is no single end state. Metrics and indicators must continually be reviewed and refreshed to align with the enterprise’s evolution and changes in the competitive landscape. Turning resilience into a measurable capability anchored in data provides the foundation for an adaptive, thriving enterprise in the face of uncertainty.

Conclusion

Volatility is the new normal, and enterprise resilience is the new competitive advantage. Making the development of resilience a top priority requires a transformation across multiple dimensions. Assessing the enterprise’s current state of maturity and regularly tracking progress across the key attributes outlined here provide crucial data to guide the transformation journey. Focusing measurement and improvement efforts on leadership, employees, processes, technology, and culture will yield an enterprise that is adaptable, innovative, and capable of rapidly responding to whatever challenges come next. With resilience and agility baked into its DNA, an enterprise is positioned to achieve ongoing success in the face of disruption.

Endnotes

¹ Ledesma, J.; “Conceptual Frameworks and Research Models on Resilience in Leadership,” SAGE Open, 12 August 2014, https://doi.org/10.1177/2158244014545464
² Srivastava, R.; “Principles of Resilience in Operations Management,” Journal of Business Logistics, 2021
³ Srivastava, R.; “Principles of Resilience in Operations Management,” Journal of Business Logistics, 2021
⁴ Hamlin, D.; Interview on Enterprise Resilience, Leadership Solutions Consulting, 2022
⁵ Vogus, T.J.; Sutcliffe, K.M.; “Organizational Resilience: Towards a Theory and Research Agenda,” IEEE Systems, Man, and Cybernetics Conference, 2007
⁶ Somers, S.; “Measuring Resilience Potential: An Adaptive Strategy for Organizational Crisis Planning,” Journal of Contingencies and Crisis Management, vol. 17, 2009
⁷ Harrauer, V.; Schnedlitz, P.; “Enterprise Resilience: A Conceptual Framework of Success Factors and Measurements,” Journal of Business Research, 2021
⁸ Op cit Hamlin
⁹ Teece, D.; Peteraf, M.; et al.; “Dynamic Capabilities and Organizational Agility: Risk, Uncertainty and Entrepreneurial Management in the Innovation Economy,” California Management Review, 2016
¹⁰ Foss, N.J.; “The Impact of Discretionary Decision Authority on Organizational Adaptability,” Harvard Business Review, 2021
¹¹ Lorenzo, R.; Voigt, N.; et al.; “How Diverse Leadership Teams Boost Innovation,” BCG Henderson Institute, 23 January 2018, https://www.bcg.com/publications/2018/how-diverse-leadership-teams-boost-innovation
¹² Appelbaum, S.H.; Calla, R.; et al.; “The Challenges of Organizational Agility,” Industrial and Commercial Training, 2017
¹³ Ransbotham, S.; Kiron, D.; et al.; “Reshaping Business With Artificial Intelligence,” MIT Sloan Management Review, 2017, https://sloanreview.mit.edu/projects/reshaping-business-with-artificial-intelligence/
¹⁴ Pettit, T.J.; Croxton, K.L.; et al.; “Ensuring Supply Chain Resilience: Development and Implementation of an Assessment Tool,” Journal of Business Logistics, vol. 34, 2013
¹⁵ Tiwana, A.; Konsynski, B.; et al.; “Research Commentary—Platform Evolution: Coevolution of Platform Architecture, Governance, and Environmental Dynamics,” Information Systems Research, vol. 21, 2010
¹⁶ Sheffi, Y.; “Building a Resilient Supply Chain,” Harvard Business Review, 2005, https://hbr.org/2007/08/building-a-resilient-supply-ch
¹⁷ Shackelford, S.J.; Smith, R.; et al.; “Toward a Global Cybersecurity Standard of Care: Exploring the Implications of the 2014 NIST Cybersecurity Framework on Shaping Reasonable National and International Cybersecurity Practices,” Texas International Law Journal, 2021
¹⁸ Duchek, S.; “Organizational Resilience: A Capability-Based Conceptualization,” Business Research, vol. 13, 2020
¹⁹ Makridakis, S.; “The Forthcoming Artificial Intelligence (AI) Revolution: Its Impact on Society and Firms,” Futures, vol. 90, 2017
²⁰ Committee of Sponsoring Organizations of the Treadway Commission (COSO), “Enterprise Risk Management—Integrating With Strategy and Performance,” June 2017, https://www.coso.org/enterprise-risk-management
²¹ Guillaume, Y.R.; Dawson, J.F.; et al.; “Getting Diversity at Work to Work: What We Know and What We Still Don’t Know,” Journal of Occupational and Organizational Psychology, vol. 86, iss. 2, 2013
²² Sung, S.Y.; Choi, J.N.; “Effects of Team Knowledge Management on the Creativity and Financial Performance of Organizational Teams,” Organizational Behavior and Human Decision Processes, vol. 118, 2012
²³ Summers, D.C.; Quality Management: Creating and Sustaining Organizational Effectiveness, Pearson, USA, 2021

Mahmoud Mohamed, PH.D, CISM

Is a certified cybersecurity professional with years of experience securing networks and mitigating risk for top enterprises. His areas of expertise include network architecture, system hardening, access controls, and threat detection.