When the System Breaks
In March 2020, as borders closed and economies paused, what many organizations initially perceived as a temporary disruption quickly revealed itself as something far more structural. Supply chains stalled, demand patterns shifted overnight, and entire business models were tested under conditions few had anticipated. For some organizations, the disruption was existential. For others, it became a catalyst for transformation. A Canadian manufacturer, reliant on components sourced from Asia, found itself unable to fulfill orders within weeks of the pandemic’s onset. At the same time, a regional logistics firm experienced a surge in demand that its systems were not equipped to handle. In both cases, the challenge was not simply external shock; it was internal preparedness.
This pattern has continued across successive global shocks. More recently, the return of Donald Trump to office ushered in a renewed wave of tariff-driven trade tensions, particularly affecting long-standing economic relationships with its big neighbors: Canada and Mexico. These measures disrupted established supply chains, altered cost structures, and forced businesses across North America to reassess sourcing strategies that had been optimized over decades of trade integration. This followed the war involving Ukraine, which had already destabilized energy markets, constrained agricultural exports, and intensified geopolitical uncertainty on a global scale. While these events differ in origin, they share a defining characteristic: they expose the fragility of systems optimized for efficiency rather than resilience.
The Illusion of Stability
For decades, organizations have pursued efficiency as a primary objective. Lean supply chains, just-in-time inventory systems, and cost minimization strategies have delivered measurable gains in profitability. Yet, as Nassim Nicholas Taleb argued in Antifragile, systems that are optimized for efficiency often become fragile under stress. They perform exceptionally well under normal conditions but fail disproportionately when those conditions change. The pandemic, trade disruptions, and geopolitical conflicts have collectively challenged a fundamental assumption: that the future will resemble the past. In reality, volatility has become a defining feature of the operating environment. As Mark Carney observed, we are entering an era characterized by more frequent and severe shocks (Carney, 2020).
In such a context, resilience is no longer a defensive capability; it is a strategic imperative.
What Resilience Really Means
Resilience is often misunderstood as the ability to recover from disruption. While recovery is important, it is only one dimension. True resilience encompasses the ability to anticipate, absorb, adapt, and continue operating under adverse conditions. This perspective is embedded in globally recognized frameworks such as ISO 22301 (Business Continuity Management) and ISO 31000 (Risk Management). These frameworks emphasize not only the existence of plans but the integration of risk awareness into decision-making, governance, and organizational culture. At its core, resilience is about visibility and preparedness. It requires organizations to understand where they are vulnerable, how disruptions may propagate through their systems, and what actions are required to maintain critical operations.
Lessons from Real-World Disruptions
The early months of COVID-19 provided a stark illustration of how resilience differentiates organizations. Companies such as Amazon rapidly adapted by scaling logistics networks, hiring aggressively, and prioritizing essential goods. Their ability to respond was not improvised; it was built on years of investment in infrastructure, data systems, and operational flexibility. In contrast, many smaller retailers, lacking both digital capabilities and contingency planning, struggled to maintain operations. The difference was not simply size, but preparedness.
Similarly, during the U.S.-China trade tensions, several multinational manufacturers began diversifying their supply chains away from single-country dependencies. Those that acted early absorbed the impact more effectively than those that reacted late. The lesson was clear: resilience is built before disruption occurs, not during it. The Russia–Ukraine conflict further underscored the interconnected nature of modern risk. European companies dependent on Russian energy faced immediate cost pressures, while global food supply chains were disrupted due to reduced grain exports. Organizations with diversified sourcing and scenario planning capabilities were better positioned to adapt.
Why Organizations Remain Vulnerable
Despite these lessons, many organizations continue to operate without formal resilience frameworks. Business continuity plans, where they exist, are often outdated, untested, or disconnected from actual operations. Risk management is treated as a compliance exercise rather than a strategic capability. A recurring issue is the lack of integration between financial management and resilience planning. Disruptions ultimately manifest in financial terms: Lost revenue, increased costs, liquidity pressure, yet financial analysis is rarely embedded within continuity planning.
As highlighted in Avanguard’s Structured Financial Management Services, effective resilience requires a comprehensive understanding of financial performance, cash flow dynamics, and operational dependencies. Without this integration, organizations may identify risks but cannot quantify and manage their impact.
From Theory to Practice
The challenge, then, is not to understand resilience conceptually, but to operationalize it. While frameworks such as ISO 22301 provide structured guidance, their effectiveness depends on execution. Organizations that succeed in this area tend to share several characteristics. They maintain clear visibility of critical processes and dependencies. They regularly test their continuity plans through simulations and scenario analysis. They ensure that decision-makers have access to timely and relevant information. And they align their governance structures with the realities of an uncertain environment.
Importantly, they recognize that resilience is not static. It evolves as the organization grows, as markets change, and as new risks emerge.
What You Should Do Now
While building full organizational resilience is a journey, there are a few actions that can be initiated immediately, regardless of size or sector.
First, organizations should conduct a focused business impact and financial exposure review. This involves identifying critical operations, understanding how disruptions would affect revenue and costs, and assessing liquidity resilience under different scenarios. Even a simple analysis can reveal vulnerabilities that would otherwise remain hidden.
Second, there is a need to establish or refresh a practical business continuity plan. This does not require complex documentation at the outset. What matters is clarity: who does what, under which conditions, and how critical operations are maintained. The plan must be realistic, accessible, and aligned with actual business processes.
Third, organizations should introduce scenario-based thinking into decision-making. Rather than relying on a single forecast, leaders should consider multiple plausible scenarios, including adverse ones, and evaluate their implications. This approach, widely advocated in risk management frameworks, enhances preparedness and reduces the likelihood of reactive decision-making.
A Final Reflection
Resilience is often perceived as a cost; an investment in systems and processes that may or may not be needed. Yet recent history suggests that the absence of resilience carries a far greater cost. The organizations that navigated the disruptions of the past decade most effectively were not those that avoided shocks, but those that were prepared to absorb and adapt to them. They treated resilience not as an insurance policy, but as a core capability.
In an uncertain world, stability is no longer the default condition. It is an outcome; one that must be designed, built, and continuously reinforced. And perhaps the most important insight is this: resilience is not about predicting the future. It is about being ready for it, whatever form it takes.
References
Carney, M. (2020) Value(s): Building a Better World for All. London: William Collins.
Taleb, N.N. (2012) Antifragile: Things That Gain from Disorder. New York: Random House.
ISO (2019) ISO 22301: Security and Resilience — Business Continuity Management Systems. Geneva: International Organization for Standardization.
ISO (2018) ISO 31000: Risk Management Guidelines. Geneva: International Organization for Standardization.


