Operational Resilience Minimise operational disruptions to your organisation. Advancements in technology create both opportunities and vulnerabilities. The sophistication of cyber threats will continue to increase. Systems will fail. Outsourcing to vendors and third-party contractors will provide efficiencies and reduce costs, but also create concentration and supply chain risks.In this challenging landscape, having a firm understanding of how to minimise the impact of a disruption to your external stakeholders and the broader economy, and knowing where your organisation’s vulnerabilities lie will help you recover more quickly and minimise customer harm.We help organisations identify vulnerabilities, understand the root cause and create solutions to address them. We review resilience programme governance, enhance existing technologies, and oversee operational processes and controls to improve your operational resilience. Survey December 22, 2023 2024 Top Risks in the Financial Services Industry Protiviti and NC State University’s ERM Initiative have been conducting our Top Risks Survey for the past 12 years. This journey began just as financial markets around the world were starting their long, slow recovery from the global financial crisis, and has since covered the worst global pandemic in 100 years as well as near record-low interest rates followed... Learn more Our Operational Resilience services Protiviti’s Operational Resilience consulting includes: Pro Document Consent Programme Development Designed for the size and complexity of your business. We leverage industry leading frameworks, with a focus on governance and alignment with foundational elements. Pro Building office Programme Assurance Assess the firm’s current practices with regard to operational resilience, including an assessment of the foundational elements. Pro Legal Briefcase Resilience Scenario Testing Challenge existing resilience practises through enterprise wide scenario testing to simulate “extreme but plausible” scenarios impacting important business services of the firm. Pro Rightmark Square Maturing “Foundation “Elements Address known deficiencies in foundational elements of operational resilience: Business Resilience, Cyber Resilience, Third-Party Resilience, Technology Resilience. Operational Resilience experts at Protiviti help organisations demonstrate, enhance and improve their resilience The Protiviti advantage Operational Resilience experts at Protiviti help organisations demonstrate, enhance and improve their resilience.We help organisations demonstrate and improve resilience, building on existing business continuity management activities, IT disaster recovery and cybersecurity incident response. Our experts bring a breadth of knowledge across the four domain areas of operational resilience: business, technology, cyber and third-party.Business Resilience: We help build and enhance existing business continuity programmes to more closely align to evolving best practice under resilience.Technology Resilience: We help our clients most difficult technology risk challenges, such as data architecture, cloud strategy, data centers and identity and access management.Cyber Resilience: We offer a leading cyber resilience practice and help with challenges such as NIST framework and ISO 27001 implementation, penetration testing and PCI compliance.Third-Party Resilience: We help our clients manage supplier oversight challenges such as strategy and framework design, assessment operations, implementation solutions and remediation efforts.We work with and report to executive leaders and the board to address and assist organisations with:Current State Assessment & SetupImportant Business Service and Process FormalisationImpact Tolerance DevelopmentFront-to-back MappingScenario Testing and Simulation Exercise DevelopmentProgramme ImplementationMature Foundational ElementsIndependent Assurance of Programme DeliverySecond or Third Line SupportDevelopment and Strengthen Existing Internal Audit PlanCybersecurity ProgrammeBCP Support & ReviewTechnology Strategy Review and EnhancementOur operational resilience expertise is complimented by strong, active relationships with our clients and regulators. Our team continues to work closely with trade associations, including Global Financial Markets Associations (AFME, ASIFMA and SIFMA), of which we have co-authored publications with both SIFMA – Quantum Dawn V and Quantum Dawn VI – and AFME – Cloud Risk and Resiliency. Operational Resilience experts at Protiviti help organisations demonstrate, enhance and improve their resilience Notre équipe Arnaud Floquet Arnaud est Managing Director de la practice Risk and Compliance du bureau de Paris. Il possède plus de 20 ans d'expérience professionnelle en matière de gestion globale des risques (ERM), de contrôle interne (SOX / LSF) et de conformité règlementaire (LCB-FT, Sanctions ... En savoir plus Alexandre Roset Associate Director chez Protiviti, Alexandre Roset possède plus de 12 ans d’expérience professionnelle en gestion des risques, conformité, audit interne, contrôle interne et dans la gestion de projet de transformation et des processus associés. Alexandre est notamment ... En savoir plus Jacques Pama Associate Director chez Protiviti, Jacques Pama dispose de plus de 20 ans d’expérience professionnelle dans le pilotage de projets/programmes de transformation autour de la gestion des risques, le contrôle permanent et la conformité dans les services financiers. Au ... En savoir plus Premium associate memberships Protiviti is a Premium Associate Member of SIFMA, AFME and ASIFMA, collectively part of the Global Financial Markets Association (GFMA). Protiviti actively engages with the associations, committees and working groups, sharing insights and expertise on crucial industry developments, speaking at conferences an events, and contributing to advocacy efforts for effective and resilience capital markets. Our membership allows us to contribute our deep understanding of the continued evolving and competitive financial services industry landscape. Featured insights IN FOCUS Will CrowdStrike serve as a reboot on tech resiliency? Global IT systems are still in reboot and recovery after a software update by cybersecurity vendor CrowdStrike caused a massive worldwide outage of Windows computers. Global businesses, governments and organisations were impacted across several... INFOGRAPHIC Infographic | SIFMA’s Quantum Dawn VII Quantum Dawn VII is the latest iteration of SIFMA's biannual cybersecurity exercise focused on the outage of a critical third-party service provider (CTP). The simulation and concluding survey found many financial institutions are already experienced... WHITEPAPER DORA Compliance: Untangling Key Hurdles to Implementation The Digital Operational Resilience Act (DORA), or more formally known as Regulation (EU) 2022/2554, took effect on 16 January 2023, with final industry compliance required by 17 January 2025. The regulation underscores the importance of digital... WHITEPAPER SIFMA’s Quantum Dawn VII After-Action Report The latest iteration of SIFMA’s biannual cybersecurity exercise focused on the outage of a critical third-party service provider. The simulation and concluding survey found many financial institutions are already experienced with the loss of a... PODCAST Podcast | Emerging Regulations in Tech: Understanding the Digital Services Act – with Kaitlin Kirkham-Cooper and Roxanne Miller As of August 25, 2023, large technology companies providing hosting services, online platforms and search engines, are required to put processes in place to be notified of illegal content and to act on notifications under the European Union’s Digital... WHITEPAPER Guide to business continuity & resilience Plan for the Unexpected. Build Resiliency. Instill your organisation with the advantage to endure company disruptions and consistently meet business goals with reduced financial, operational, cybersecurity, and efficiency losses. Assess your areas... BLOGS How Tech Firms Can Prepare for New EU Operational Resilience Rules on ICT Risks This blog post was authored by Karter Klumpyan and Laura Moore, Director Risk and Compliance on The Protiviti View.The big picture: A two-step indicator-based approach proposed by EU supervisory authorities will be used to assess ICT services... Button Button Client Story September 24, 2024 Enhancing Cyber Resilience Strategies in Global Manufacturing with the FAIR Methodology Protiviti helps a global manufacturer enhance cyber resilience strategies with a Factor Analysis of Information Risk (FAIR) quantification programme. Read more