How many ways are there for defining vulnerability and criticality, really? Traditionally, risk matrixes have a likelihood/impact approach, but not always. Yesterday, I was examining a criticality/vulnerability matrix. Today, I will take a closer look at a criticality/preparedness matrix with a third susceptibility dimension added to it, as presented in the New Zealand research project Resilent Organisations, a project that has given me plenty of food for thought for my own research in assessing and analyzing resilience.
Resilient Organisastions
In 2004 the New Zealand research project Resilient Organisations had barely started and I had the pleasure of meeting one of the driving people behind it, Erica Seville (nee Dalziell), during a 2-month stay at the University of Canterbury in Christchurch. In fact, I should probably mention that it was an article by Erica Dalziell and Alan Nicholson that I read in 2001 that sparked my interest in transportation vulnerability in the first place: Dalziell, E., & Nicholson, A. J. (2001). Risk and impact of natural hazards on a road network. Journal of Transportation Engineering, 127(2), 159-166. But anyway, back to the topic.
Vulnerability Matrix
The vulnerability matrix has three dimensions: While criticality and preparedness are the matrix axes, susceptibility becomes a third dimension, related to certain events and their criticality for the organization and preparedness of the organization:
- Criticality
- How severe is the impact on the organisation if this organisational component is compromised?
- Preparedness
- How well prepared is the organisation to continue functioning if this component is compromised?
- Susceptibility
- Contextual: how badly impacted will this component be in the event of this particular scenario?
Event hierarchy
What I also found interesting is how they relate events and their impact:
Resilience
Resilience is here viewed a 3-fold construct, working in a complex, dynamic and interconnected fashion depending on 1) keystone vulnerabilities, criticality and preparedness, 2) situation awareness, stemming from an assessment of the keystone vulnerabilities, and 3) adaptive capacity. Resilience, in essence, is the ability to survive disruptive changes despite severe impact.
In my post: De-confusing SCRM: robustness, resilience, flexibility and agility I present a thorough review of resilience and related concepts.
Conclusion
I like this view on resilience, and the importance of ‘preparedness’ is very similar to the ‘organizational’ requisites seen in Craighead et al. (2007) The Severity of Supply Chain Disruptions: Design Characteristics and Mitigation Capabilities. Here, recovery and warning capability were key organizational factors in mitigating supply chain disruptions. In the end, it is always the human factor that matters, not technology. And perhaps, resilience is what New Orleans needs next time a hurricane like Katrina threatens the city and its built environment.
Reference
Erica Seville, David Brunsdon, Andre Dantas, Jason Le Masurier, Suzanne Wilkinson, & John Vargo (2008). Organisational resilience: Researching the reality of New Zealand organisations Journal of Business Continuity & Emergency Planning , 2 (3), 258-266
Author links
- resorgs.org.nz: Erica Seville, nee Dalziell
- kestrel.co.nz: David Brunsdon
- linkedin.com: Andre Dantas
- linkedin.com: Jason Le Masurier
- resorgs.org.nz: Suzanne Wilkinson
- resorgs.org.nz: John Vargo
Links
- resorgs.org.nz: Resilient Organisations
