Internal Audit and Crisis Resilience
Crisis resilience is the ability to resist, react to, and recover from a devastating disruption — terrorism attack, earthquake, product contamination, system failure — and modify an environment to increase security and sustainability. Events of this magnitude provide a profound threat to an organization’s future. This article explores how internal audit can help their organization move from crisis aware to crisis resilient.
The possibility of a crisis severely disrupting an organization’s ability to operate looms today like never before, given the pace with which global threats evolve. Incidents of sophisticated cyber sabotage, volatile weather patterns, terrorism attacks, and labor disruptions are escalating, and can strike, obviously, without warning. With these crisis events and the inability to continue operations and meet objectives comes damage to an organization’s reputation and its ability to meet stakeholder expectations.
Yet a recent study reveals a broad gap between board members’ awareness of potential crises and their organizations’ actual crisis readiness. Being able to recognize potential crises, effectively handle such interruptions, and return to normal operations is extremely difficult. Gaining the capacity to do this quickly and efficiently with the minimum amount of impact — to be crisis resilient — is that much harder, and the ultimate goal.
Crisis experts agree the key to being crisis resilient is preparation and that internal audit is positioned to play a key role in the process. Auditors’ breadth of skills, position in the organization, and deep knowledge of operations can help their businesses prepare for the inevitable crisis and move the organization from crisis aware to crisis resilient — ready to resist, react to, and recover from major disruptive events.
Download Global Perspectives and Insights: Crisis Resilience