Operational readiness & Audit

How ready is ready? Will your plans, processes, technology, procedures and personnel be collectively effective? Collective organisational biases and individual unconscious motivations can often cloud your capability to objectively review, assess, challenge and evaluate your project, capability or specific plan.

Involving operational readiness and project management support at the outset of your project will ensure that risks are identified early on, that testing and operational learning strands are effective and that your integration with internal and external stakeholders is confirmed embedded.

From seminar sessions, readiness and project activity and exercises through to ISO 22301 Lead Auditor review, we match activities to your Board’s risk appetite, the maturity of your arrangements, delivery plan and personnel as well as your budget.

Audit Methodology

Our trained and experienced Auditors have worked with a variety of public and private organisations, ranging in size and scale from medium sized international corporations through to UK based SMEs to provide internal audit functions including:

conducting objective reviews and producing reports and recommendations for a Client’s enterprise level corporate functions (for example: risk management, business continuity, quality management and other ISO standard audits)
providing an enduring independent internal audit capability to support Board level assurance that a Client’s risk management, governance and internal control processes are operating effectively

Readiness Methodology

We take a phased approach to readiness including:

Testing single components of readiness e.g. functions and processes; complexity and challenge should be woven in as the programme maturity develops
Incorporating lessons identified from readiness programme into revised documentation, activities, tasks, interdependencies and milestones
Using our empathetic experience to create challenging but not combative readiness experiences for your Executives
Imparting our extensive experience gathered over ten years of readiness activity to inform bespoke materials for your session(s)
Utilising technology (where appropriate) to capture single site multi table/room decisions and feedback or multi-site activity using our tried and tested information management platform.

Seminar Exercises

Objective: To educate, inform and introduce concepts and requirements to internal and/or external interested parties.
Outputs:

Establishing strategic risk assessment, appetite and priorities
Clarifying the scope and boundaries of roles and responsibilities (individual roles and organisational)
Establishing the base line for a project and the ultimate outcome with a ‘day in the life’ narrative for the programme/project or crisis response
Identifying internal and external roles and responsibilities within the Programme/capability
Informing the future testing and validation priorities and scenarios for the Programme

IT Readiness and Disaster Recovery testing

We don’t pretend to be IT Service Continuity Management (ITSCM) or Cyber gurus. That said, our Associates include Managers who have operated in these environments. By challenging the status quo using challenging and credible scenarios to provide an auditable, objective test but with experiential learning for participants that builds their capacity to respond and recover services.
Objective: to test processes, protocols and relocation arrangements.
Outputs:

Analysis on critical paths, decision points and process flows
Hard data relating to recovery time objectives (RTOs), workspace requirements, hardware and software requirements and timescales relating to call cascades and escalation matrices.

Table-top Exercises

Objective: To validate integration points between functions, locations and interested parties, to validate plan(s) and to confirm understanding following training; simulation of complex internal and external challenges: Plan A (foreseeable) and Plan B (unforeseeable/non routine events).

Outputs

Participants possessing a common understanding of the multi department/site operational view
Managers and responders having undertaken experiential learning to understand the strengths and weaknesses in their personal and collective response
Analysis report and debriefing relating to confirmation of end-to-end processes ahead of Command Post and/or Live Exercises.

Command Post Exercises

Objective: To validate integrated arrangements between internal and external nodes relating to the project or arrangements by bringing partners together to stress test links, individual nodes (e.g. control centres, levels of the crisis management response, operational sites)

Outputs:

Debrief analysis to identify an action plan for improvements to individual nodes at observed locations
Critical path analysis to confirm the effectiveness of the battle rhythm of reporting and information sharing

Live Exercises

Objective:
To establish a safe and credible learning environment
We recommend preceding these Exercises with a Table-top Exercise or what our colleagues in green call a ‘Tactical walk through without troops’ to ensure that no major component of the arrangements will cause you to fall at the first hurdle and to bound the scope of the Exercise.
Outputs:

The ultimate experiential learning session for your trainees to confirm effectiveness of processes, procedures and the skills and judgement honed during previous training
Hard data relating to response and recovery timescales, decisions/rationale & timescales from decision makers as well as evidence of the behaviours exhibited by responders and stakeholders