Operational Resilience: Bridging Governance, Risk and Compliance (GRC) Across Industries

Session Outline
 

• The Reality of Today’s Operating Environment

• Why Operational Resilience Matters Now

• Understanding Operational Resilience

• The GRC Disconnect: The Core Problem

• Bridging GRC Through Operational Resilience

• Key Challenges & Pitfall

 
 
Session Description
 
Operational Resilience: Bridging Governance, Risk and Compliance (GRC) Across Industries
 
In today’s increasingly complex and interconnected operating environment, organisations across all sectors face continuous disruption—from cyber threats and technology failures to third-party risks and geopolitical uncertainties.
 
While Governance, Risk, and Compliance (GRC) frameworks are well-established, many organisations continue to struggle during disruptions, exposing a critical gap between documented controls and real-world operational capability.
 
This session explores how operational resilience serves as the missing link, bridging GRC functions and transforming them into a unified, service-centric capability.
 
Moving beyond traditional approaches, participants will gain insights into how resilience shifts the focus from recovery to the continuous delivery of critical business services, even under severe but plausible scenarios.
 
The session begins by examining the reality of today’s operating environment and why operational resilience has become a strategic imperative across both financial and non-financial sectors.
 
It then introduces the evolution of operational resilience, highlighting how it integrates business continuity, risk management, cyber resilience, and third-party risk management into a cohesive framework.
 
A key focus will be the GRC disconnect—the common organisational challenge where governance, risk, and compliance functions operate in silos, resulting in fragmented decision-making and ineffective crisis response. Participants will learn how operational resilience bridges this gap through a service-centric, end-to-end approach aligned to Critical Business Services (CBS).
 
The session will also provide practical guidance on implementing operational resilience, including:
 

• Aligning governance with resilience objectives

• Linking risk management to service disruption scenarios

• Translating compliance into demonstrable capability

•  Embedding resilience into day-to-day operations

 
Finally, the session will highlight key challenges and pitfalls organisations face during implementation, along with practical insights to avoid common mistakes and strengthen execution.
 
Abstract
 
In today’s environment of constant disruption, organisations across all industries are challenged to maintain critical operations despite cyber threats, technology failures, and third-party risks.
While Governance, Risk, and Compliance (GRC) frameworks are well-established, many organisations struggle to translate them into effective operational capabilities during crises.
 
This session explores how operational resilience bridges the gap between GRC functions by focusing on the continuous delivery of critical business services.
 
Participants will gain practical insights into the evolving resilience landscape, the root causes of the GRC disconnect, and how to integrate governance, risk, and compliance into a unified, service-centric approach.
 
The session also highlights key implementation challenges and provides actionable guidance to help organisations move beyond compliance and build a tested, sustainable resilience capability across both financial and non-financial sectors.

​