The 2025 white paper outlines how global regulators are shaping operational resilience to address cyberattacks, supply-chain shocks, climate events, and geopolitical risks. Core principles apply across industries: identify critical services, set impact tolerances, map dependencies, test plausible scenarios, manage third-party risks, and strengthen ICT and cyber resilience. Regulatory frameworks vary—UK PRA/FCA, EU DORA, U.S. OCC/Fed/FDIC, Canada’s OSFI, and others—but converge on these themes. A case study of pharma firm Felder shows resilience in practice: defining key services, setting 72-hour impact tolerances, mapping processes, and testing cyberattack scenarios. The paper stresses embedding governance, continuous improvement, and aligning resilience with business continuity, risk mana

Join for free to read