Next Article in Journal
Collaborating with Local Communities to Identify Improvement Priorities for Historic Urban Landscape Based on Residents’ Satisfaction: An Application of Asymmetric Impact-Performance Analysis in Dandong, China
Next Article in Special Issue
Empirical Evaluation of the Impact of Resilience and Sustainability on Firms’ Performance
Previous Article in Journal
Representation and Preservation of Heritage Crafts
Previous Article in Special Issue
A Framework to Evaluate the Effects of Organizational Resilience on Service Quality
Open AccessArticle

A Conceptual Reference Framework for Enterprise Resilience Enhancement

Research Centre on Production Management and Engineering (CIGIP), Universitat Politècnica de València, Escuela Politécnica Superior de Alcoy, Calle Alarcón, nº1, 03801 Alcoy (Alicante), Spain
Institute of Systems and Technologies for Sustainable Production (ISTePS), University of Applied Sciences of Southern Switzerland (SUPSI), Galleria 2, CH 6928 Manno, Switzerland
Author to whom correspondence should be addressed.
Sustainability 2020, 12(4), 1464;
Received: 13 January 2020 / Revised: 5 February 2020 / Accepted: 13 February 2020 / Published: 16 February 2020


Enterprise resilience is a key capacity to guarantee enterprises’ long-term continuity. This paper proposes the enterprise resilience Conceptual Reference Framework to characterize enterprise resilience capacity. The framework is composed of 71 disruptive events that enterprises consider as endangerments to their continuity. The framework also comprises constituent capabilities of enterprise resilience in terms of preparedness and recovery capabilities and elements that support the transition from the AS IS situation to the TO BE one, which are preventive actions (for preparedness capability) and knowledge registration actions (for recovery capability). From the preparedness perspective, 403 preventive actions are currently defined. Each preventive action is specific for every disruptive event. However, it is worth noting that a preventive action can also be applied to different disruptive events. From the recovery perspective, the proposed framework indicates knowledge registration related to (i) the occurrence of disruptive events; (ii) the recovery actions performed to re-establish the normal enterprise operation level. Further research lines are addressed to develop quantitative methods and tools to assess the extent of enterprises’ resilience following the foundations of the proposed conceptual framework.
Keywords: enterprise resilience; enhancement; preparedness; recovery; preventive actions; knowledge registration actions; conceptual reference framework enterprise resilience; enhancement; preparedness; recovery; preventive actions; knowledge registration actions; conceptual reference framework

1. Introduction

Currently, industries have to face challenges and continuous changes given their own dynamism as well as the changing conditions of the environment in which they operate. Moreover, the current businesses complexity, due to the vast amount of physical and information transactions performed to guarantee that goods are manufactured according to consumer specifications and in the appropriate quantity to be delivered on time and in the right place cost-efficiently, has made industries more sensitive to disruptive events [1,2]. For this reason, companies are increasingly demanding responsibility to deal with such adversity. They usually entrust safety and insurance professionals who have risk management and business continuity backgrounds to deal with disruptive events. However, global and aggregate perspectives of resilience are not usually considered. Thus, building resilient enterprises seems necessary by designing an iterative process for long-term organization development and not only as a crisis management tool to face specific disruptions [3]. There are numerous case studies in the literature that provide details of the survival or the failure of enterprises in situations of crisis [2,4,5,6], but, at first glance, no universal standards that ensure resilient capacity to face disruptive events are apparently available.
In line with all this, two well-known case studies were analyzed in the literature that highlight the importance of enterprise resilience (ER). One is that described by [6]: on Friday night, 17 March 2000, lightning struck a Philips industrial building, starting a fire. Philips announced an expected one week delay to Nokia and Ericsson, its main customers. The responses of both companies were very different. Nokia informed a troubleshooter who was working on this issue. The chips supplied by Philips were identified. Nokia found alternative suppliers for three of the five chips and used the overproduction capacity of other Philips plants. Ericsson assumed that chips would be delivered with some delay. However, Philips announced that it would take weeks to restart production and perhaps months to catch up on its production schedule. The different degrees of resilience in the response of both companies resulted in Nokia’s share of handset market increasing from 27 to 30%, while Ericsson’s dropped from 12 to 9%. The other case study was described by [5]: after the 11 September 2001 terrorist attacks, the U.S. government closed the country’s borders and shut down all incoming and outgoing flights. The impact on many supply lines was disastrous. For instance, Ford Motor Co. had to idle several assembly lines occasionally as the trucks loaded with components were late coming in from Canada and Mexico. This resulted in a 13% decrease in Ford’s fourth-quarter output in 2001 compared to its production plan. Nevertheless, there are more examples and evidence from the business world that reveal the relevance of ER, e.g.,: in 1996, 3000 workers, United Auto Workers Union members, went on strike at two General Motors production plants in Dayton (Ohio), which interrupted production with very negative effects [7]; in 1997, Boeing experienced supplier delivery failure of two critical parts with an estimated loss for the company of $2.6 billion [8]; in 2002, the 10 day closure of 29 ports in the U.S. meant a cost to the economy of $1 billion a day [9], among others. Currently, coronavirus is disrupting business across sectors.
The resilience concept was first proposed in the field of ecology by Holling [10], who defined it as:
(A) a system (ecosystem, society, or organization) that persists in a state of equilibrium (stability) and as;
(B) how dynamic systems behave when they are stressed and moved from this equilibrium.
In this definition, the need for perseverance is emphasized as a measure of systems’ persistence and their ability to absorb disruptions and maintain the same relationships among systems’ entities. From the stability standpoint, emphasis is placed on maintaining equilibrium in a predictable context and the accumulation of excess resources in the system to maintain that balance. The view of stability is, therefore, defined as a system’s ability to return to a state of equilibrium after disruption [10].
The resilience concept has been widely discussed in the literature in many fields [11], including psychology, materials science, communication and computational networks, sociology, infrastructures, cyber systems, and tourism, among others. Table 1 shows the different definitions of resilience according to the above disciplines.
The paper is structured as follows. Section 2 offers the literature review foundations on which the conceptual reference framework is based. Section 3 describes the research methodology used to define the conceptual reference framework. Section 4 describes, on the one hand, the assumptions taken to build the conceptual reference framework and, on the other hand, the main elements of this framework. Moreover, this section also shows, by way of illustration, a small sample of the conceptual reference framework that serves as a basis to develop mechanisms to assess the ER capacity. Finally, Section 5 offers the main conclusions of this paper and proposes some future research steps.

2. Literature Review Foundations

Several works have studied the ER concept at both the individual (people working in an enterprise) and the global levels of a company by considering it as a whole. This concept has also been studied at the supply chains level in which several different entities are involved. Home and Orr [20] define resilience as the quality of individuals, groups, organizations, and systems, as a whole, to respond productively to a meaningful change that alters the expected pattern of events without waiting for a prolonged period of time, e.g., regressive behavior.
As resilience is viewed as a systemic property, Riolli and Savicki [21] argue that ER should encompass individual and enterprise levels because both levels have a reciprocal influence on one another. These authors also consider that ER is built upon the resilience of an enterprise’s members. However, it should be noted that resilience at the individual level does not guarantee ER [20].
From the enterprise point of view, the capacity of resilience has different meanings and connotations. Table 2 compiles different visions of the concept according to the literature review.
From this research viewpoint, ER is the capacity to anticipate and be prepared to face disruptive events and, if unavoidable occurrence takes place, the capacity to recover as quickly and efficiently as possible.
In their review, Kamalahmadi and Parast [32] addressed enterprises and supply chains and define the directions for future research as regards resilience aspects. They conclude that it is critical to develop measures that can evaluate supply chain (SC) resilience. Limnios et al. [33] state that organizational resilience has been inadequately theorized, and related work appears scattered in the literature. In light of this, the need to define a conceptual reference framework as a first step to continue investigating ER and to fulfil some further research lines suggested by [32] is recognized. One of the gaps identified in the literature is lack of tools to quantify ER capacity and to make its measurement easier for enterprises. Some attempts have been made to assess the capacity of resilience in the literature [34,35,36,37,38,39,40,41]. Table 3 summarizes these attempts classified by nature: (i) conceptual reference framework; (ii) indicators proposal; (iii) methodology; (iv) tools. Moreover, whether they focus mainly on the enterprise level or the SC level is indicated.
To the best of our knowledge, only a few conceptual approaches for assessing and enhancing the resilience capacity have been identified [6,38,42,43,44,45]. The study of previous contributions evidences that they have been specially defined by taking into account certain specificities. Apart from the previous analysis, the only contribution that has completed the cycle by defining a conceptual approach and, based on it, proposed a set of metrics and a tool, is [38]. By measuring vulnerabilities factors such as turbulence, deliberate threats, external pressures, and resource limits, among others, and capabilities factors such as flexibility, efficiency, visibility, and adaptability, among others, the tool entitled Supply Chain Resilience Assessment and Management (SCRAMTM) can provide an evaluation of an SC’s current level of resilience. However, as the authors point out, industry-specific or even firm- or product-level particularities may require the definition of more specialized metrics. Although the previous tool sheds light on measuring resilience, this area is not fully developed and warrants further research. On the one hand, a generic conceptual reference framework is required to guarantee that it can be generally applied but, on the other hand, a detailed approach is also necessary to cover all the characteristics of industry and/or firms.
For this reason, the goal of the conceptual reference framework herein proposed is twofold. Firstly, the proposed framework should guarantee the coverage of any disruptive event (that must be generic enough to be applied to any specific industry domain) and should, at the same time, consider the particularities and the casuistry of particular cases to improve resilience capacity. Moreover, lack of assessment tools to quantify the degree of ER acts as a trigger to define this conceptual reference framework, which may be used to develop tools that facilitate enterprises to practically assess ER capacity. To do so, it is necessary to establish the skeleton that structures all the elements that influence ER capacity. In this way, the ER conceptual reference framework involves three main elements: disruptions, the elements that negatively affect this capacity; the constituent capabilities of ER, in terms of preparedness and recovery capabilities; the elements supporting the transition from the AS IS situation to the TO BE one, which are preventive actions (for preparedness capability) and knowledge registration actions (for recovery capability).

3. Research Methodology

The research methodology consists of three steps that mainly encompass a literature review to analyze current knowledge contributions related to ER and a Delphi study to validate the findings and the proposal. Figure 1 represents the research process and the main results obtained in each step.
Step 1. Definition of Research Questions.
Some research questions to address this research were defined. The research questions mainly move in three research directions: (i) the events that have a negative effect on ER; (ii) the enterprise capabilities needed to build resilient companies; (iii) the actions to enhance previous enterprise capabilities. The research formulated questions are as follows:
  • What is ER and why is it so important?
  • What events negatively affect ER?
  • What enterprise capabilities are necessary for a company to be resilient?
  • What actions help companies to improve their ER capacity?
Step 2. Literature Review
The literature review consisted of the following steps: (i) search terms formulation; (ii) electronic searches; and (iii) selection and analysis. To perform the first step, the employed keywords differed according to all the above-formulated questions. For Question 1, the English search was based on the following words: resilience, ER, and supply chain resilience as so: TITLE-ABS-KEY (“resilien *” AND (“enterprise” OR “supply chain”)). Question 2 was about loss of ER, and the search for keywords encompassed the following terms: disruption, disruptive event, interruption, disturbance, crisis, perturbation, risk, and disruption source, as so: TITLE-ABS-KEY (“resilien *” AND (“disruption” OR “disruptive event” OR “interruption” OR “disturbance” OR “crisis” OR “perturbation” OR “risk” OR “disruption source”)). The keywords employed in the search to answer Research Question 3 were similar to those used for Research Question 1 because the main enterprise capacities to make companies more resilient were identified in the results of Research Question 1.
Finally, in order to answer Research Question 4, the used keywords were: enhancement, improvement, assessment, and actions, following this search: TITLE-ABS-KEY (“resilien *” AND (“enhancement” OR “improvement” OR “assessment” OR “actions”)). The search for all these terms was carried out in conjunction with the keyword par excellence of this work: ER.
Regarding the second step, electronic searches were performed using two relevant databases: Web of Science and Scopus. The literature review firstly included a review of publications according to theirs Journal Citation Reports (JCR) impact index. Subsequently, the review was extended to other information sources, such as conference proceedings, books, book chapters, theses, technical reports, deliverables of research projects, etc., by following the references of the journals’ publications. With all this information, the literature review analyzed 180 publications from 1967 to 2019. Any publications prior to the year 2000 primarily included publications of two types: on the one hand, publications of the first definitions of the resilience concept; on the other hand, publications of the case studies and disruptive events from the past, such as the cyanide contamination of Johnson & Johnson’s Tylenol drug capsules in 1982 [50] or the benzene contamination of Perrier water bottles in 1990 [51].
Moreover, it is worth mentioning that, in order to respond to Research Question 2, alternative information sources were used because the previous scientific databases did not provide the necessary insights to identify the most frequent events that negatively affected ER. To do so, the reports issued by consulting firms that perform annual surveys to study the disruptive events that keep most business up at night were used (from 2009–2019) [52,53,54,55,56,57,58,59,60].
Step 3. Delphi Study
The outputs obtained in the previous step focused on: (i) identification of the most critical disruptive events that negatively affect ER; (ii) recognition of the enterprise capabilities that can support the enhancement of ER; (iii) definition of the actions to make enterprises more resilient were validated in a Delphi study until no further updates were possible. The Delphi study was based on the following activities: (i) formulation of the problem; (ii) choice of experts; (iii) preparing and launching questionnaires; and (iv) practical development and exploitation of the results [61]. Problem formulation consisted of assessing the most critical previously identified disruptive events and proposing actions to improve ER. Different criteria were used for the choice of experts by considering, for instance, level of education, profession, position, years of experience, and knowledge domain, among others. Some studies have suggested calculating the expert competence coefficient that it is obtained from the self-assessment of experts’ opinions about their level of knowledge about the research problem as well as the sources that allow experts to reason the established criteria [62]. In this research, choice of experts was performed by qualitatively following the expert competence coefficient principle.
The questionnaire included the disruptive events identified in Step 2 and the proposal of preventive actions for each disruptive event. The questionnaire included a three-point Likert scale, where experts had to indicate the interest of each proposed preventive action (much, average, or little interest). Experts were also invited to add new interesting preventive actions to each disruptive event. The questionnaire was answered by 12 experts experienced in different areas and with diverse expertise, as shown in Table 4 based on the recommendation performed by [61], who state that the optimal number of experts should lie between seven and 30.
With regards to the results, it is worth mentioning that the proposed framework initially included 56 disruptive events, 310 actions to enhance ER from a proactive point of view and the outline of actions to enhance ER from a reactive viewpoint. The experts suggested 18 more disruptive events, of which only 15 were included in the conceptual reference framework during a second round. Of the 310 preventive actions, 3% were eliminated after the first round, and 125 preventive actions were included upon the experts’ request. During the second analysis round, the experts assessed the new situation after eliminating the preventive actions and adding the new ones. Twenty-two preventive actions were eliminated, as they were classified as not interesting. This left a conceptual reference framework with 403 preventive actions. However, it should be noted that the same preventive action can apply to several disruptive events and, therefore, this left 312 different preventive actions. In order to validate the actions to enhance ER from a reactive viewpoint, the analysis was performed from a qualitative perspective and the experts made suggestions with open questions.

4. The ER Conceptual Reference Framework

4.1. Developing the Conceptual Reference Framework

Based on the research foundations analyzed with the literature review in Section 2, three assumptions were defined as truths to provide the required basis for building the ER theory in the present research work.
Assumption A:
Disruptions have a negative impact on enterprises’ performance.
This assumption is coherent with the literature review because many authors [5,29,47,63] state that any significant disruption has negative consequences on enterprises’ performance, whether they are measured as sales, production levels, profits, customer services, or other relevant metrics.
In this research, disruptions were considered to be either foreseeable or unforeseeable situations that negatively affect an enterprise’s normal operation and stability. The theoretical framework must include the widest possible range of disruptive events that negatively influence enterprises’ operation.
Assumption B:
Prevention against disruptions guarantees the enterprise’s long-term overall operation.
In the literature, we found prevention, anticipation, and avoidance synonymously. Reference [32] highlights that enterprises should anticipate the occurrence of disruptions and prepare their SCs for any expected and unexpected changes in the environment.
Melnyk et al. [64] state that the preparedness capacity is composed of four phases, the first of which is avoidance, if at all possible, of the disruption occurring. Moreover, there are definitions of ER that explicitly encourage prevention to guarantee business continuity, such as “the capacity to anticipate unsafe and unexpected events for organizational survival in the face of threats, including the prevention or mitigation of failures in the systems” [65].
Assumption C:
Recovery competences enhance the response to disruptions for enterprises to get back to their normal operation.
Dalziell et al. [44] state that a key concept in system resilience is the system’s ability to respond and recover from an event. Melnyk et al. [64] point out that the capacity of resilience is a key element in its recovery competences to find a return path (recovery) to a steady state of functionality (stabilization) once disruption has occurred. Ponomarov and Holcomb [66] place much emphasis on the efficient and effective response of enterprises to be able to recover to their original state or to improve their state after disruption. Moreover, the proposed conceptual reference framework is also based on the notion that enterprises with high preparedness and recovery capabilities will be more resilient.
Enterprises that encourage proactive strategies will be more prepared to face expected—but also unexpected—events, which will confer enhanced ER. Moreover, if enterprises have well-defined recovery strategies and actions plans, when a disruption is inevitable, they will recover from that negative situation more resiliently.
This is based on the definition of ER (see Table 2), which mainly highlights the importance of avoiding [27] and anticipating [28] disruptive events and, when their occurrence is certain, the importance of recovering normal enterprise operation [13,27,28,30,31].
Another conception on which the framework is based is that the preparedness capability is enhanced as preventive actions are activated and implemented.
A proactive policy emphasizes preventive plans that define what can be done to avoid specific disruptive events or to avoid them from occurring as much as possible. Building resilience is not a one-time experience but spans over time from pre-event strategies [67]. Many studies support the notion that resilience-related processes include functions and tasks to prevent disruptions [13].
For those unavoidable disruptive events, this research believes that efforts should focus on mitigating their negative consequences. For this reason, the proposed framework was built based on the notion that recovery capability enhances as knowledge registration actions are performed.
To improve ER, an enterprise’s better ability to recover as quickly and efficiently as possible is performed through its knowledge. For this reason, enterprises should be constantly learning and innovating to face the recovery process with the necessary available knowledge to facilitate returning to their normal operation.
This is supported by the literature with the studies of Sutcliffe and Vogus [23], who assert that ER is obtained through processes that create cognitive, emotional, relational, or structural resources in a sufficiently flexible, storable, convertible, and malleable form to allow companies to successfully cope and to earn from what is unexpected. In this way, the most resilient companies will be those with a structure that facilitates learning and reusing knowledge. Dalziell et al. [44] also explain that one of the ways by which a system can recover from adverse situations is by applying available responses to deal with disruptive events. To do so, in-depth knowledge of the available responses to face the disruptive events that have already occurred is required to reuse the knowledge generated from past recovery actions.

4.2. Conceptual Reference Framework Elements

Through the different ER definitions shown in Table 2, disruptions were identified as the common element to trigger lack of ER. For this reason, disruptions deserve special attention because they are the reason why companies must react to face them and guarantee their survival. In addition, from the definitions of the term resilience, different authors point out some main capacities, such as building a resilient organization and preparedness and recovery capacities [13,27,28,30,31]. The literature also reveals that one of the suitable mechanisms to anticipate disruptive events occurring is by implementing preventive actions. Moreover, once the disruptive event has occurred, it is also adequate to register all the information related to this disruption. Therefore, knowledge registration actions will provide valuable information to recover more quickly and efficiently. In light of this, the proposed conceptual reference framework comprised three main elements: (i) disruptions; (ii) constituent ER capacities (preparedness and recovery); (ii) transition elements (preventive and knowledge registration actions). They will allow the transition from a company’s current status (AS IS) to a future one (TO BE). Figure 2 represents the ER conceptual reference framework.

4.2.1. Characterization of Disruption

In the literature, no unanimity has been reached about the most appropriate term to designate disruption as concepts such as crisis, perturbation, uncertainty, risk, etc., which are used synonymously [47,68,69,70,71,72,73,74]. Likewise, the literature review revealed that no consensus has been reached on the terms to designate disruption, their causes or sources, along with their consequences, impact, or effects. All terms are sometimes used with the same meaning, which can lead to much confusion. For example, a fire in a supplier (where the supplier’s production system is actually damaged) that has to deliver components to a customer may be considered the reason (source) why the customer does not receive components in time, as it delayed the delivery of components (the disruptive event for the customer), whose long-term consequences may involve interrupting the customer’s production system. However, from the supplier’s point of view, the fire is both the source and the disruptive event at the same time because it is the cause of and the origin by which the supplier also interrupts its production with delays for delivering components (Table 5). For this reason, it is important to characterize disruptions and to classify clearly and concisely: what actually causes disruptions (source), what exactly the disruptive events are, and what their consequences are.
Sanchis and Poler [75] consider that a disruption is constituted by the following three components:
  • Source: the origin that causes the disruption. Moreover, these authors divide the source component into two subcomponents:
    Level: the level of a disruption is related to the different segments in which a disruptive event occurs. Based on the works of [1,50,53,76], three different levels are considered:
    The intra-enterprise level from which the disruption stems within the enterprise;
    The inter-enterprise level that encompasses all the supply network entities (in this case, the level of the disruption source can be any entity of the supply network);
    The extra-enterprise level from which the disruption originated in other entities beyond the supply network. Aspects such as natural phenomena, political factors, etc., are also categorized at the extra-enterprise level [77,78].
    Origin: based on the work by Sanchis and Poler [79], the conceptual reference framework involves the following origins—customers, distribution, energy, environmental, financial, inventory, legislation, production, social, supply, and technology.
  • Disruptive event: disruptive events are considered situations and realities that cause a disturbance to and/or alteration in companies’ daily operations. Some authors [47,73,80] argue that a disruptive event always interrupts business activity. For these authors, a disruptive event is considered to be any alteration in the flow of materials, monetary, information, etc., that interrupts the enterprise’s normal operational conditions and thus makes it vulnerable by reducing its performance and competitiveness. However, in the present research work, a disruptive event is a foreseeable or unforeseeable event that affects an enterprise’s usual operation and stability but does not necessarily interrupt its activities. Currently, the conceptual reference framework is composed of a collection of 71 disruptive events classified according to the previous 11 origins of disruption sources.
  • Consequence: any disruptive event with negative effects on the enterprise. Sheffi and Rice [5] explain that the effects of any significant disruptive event cause loss of business performance. The disruptive events effects could be of diverse natures. The Business Continuity Institute, in its annual resilience survey [56], points out that the most important consequences in order of their importance are: loss of productivity, customer complaints, increased production costs, loss of revenue, poor services prevision, stakeholder concern, reputational, image and brand damage, delays in delivering products, delays in cash flows, withdrawal of products, expected increase in regulations, scrutiny, loss of regular customers, payment of service credits, fines due to repeated breaches, and loss in share prices.
The understanding of disruption consequences has progressed following the works of scholars such as Sanchis and Poler [75], who developed a categorization framework of disruptions in which the consequences of disruptive events are classified as: (i) business interruption; (ii) damage to reputation/brand; (iii) delays to and failed due dates; (iv) failure to attract or retain top talent; (v) failure to meet customer needs; (vi) high inventories; (vii) impossibility to pay personnel, suppliers, taxes; (viii) increase in final product prices; (ix) increased production costs; (x) injury to end customers; (xi) injury to workers; (xii) loss of intellectual property/data; (xiii) loss of networked communication; (xiv) physical damage; (xv) reduced sales; (xvi) understaffing; (xvii) unfulfilled orders. The conceptual reference framework is built on the bases defined by these authors as their classification involves the most usual and easy ones to understand and quantify (by companies) consequences.
Finally, it is noteworthy that there is also much confusion in the literature about differentiating disruption sources, disruptive events, and their consequences. Some authors point out that, for example, a company’s bad reputation is a disruptive event. However, in the present research work, a company’s bad image is not a disruptive event per se, but the consequence of some adverse situations that have occurred and have damaged the company’s image.

4.2.2. Constituent Capacities of ER

Another component of the ER conceptual reference framework is the constituent capacities of ER. The different definitions of ER frequently include features that address this concept. Aspects such as anticipation and preparation, adaptation, and recovery are used in the different ER definitions in Table 2. These aspects are related to the resilience capabilities identified by Ponomarov et al. [66]: (i) disposition and preparation; (ii) response and adaptation; (iii) recovery or adjustment.
Mitroff et al. [81] affirm that resilient companies are proactive and, thanks to their preparation and anticipation, they recover better from difficulties. Bhamra et al. [82] state that the resilience concept is both multidisciplinary and multifaceted; multidisciplinary because different areas manage the resilience applied to their knowledge domains, as defined in the convergent approach by Caralli et al. (2010); multifaceted because resilience comprises different capacities, such as the capacities of preparedness, adaptation, and recovery. Ponomarov et al. [66] also consider the resilience concept to be multidimensional and multidisciplinary. Mitroff et al. [81] assert that resilient enterprises are proactive and, thanks to their preparation and anticipation, they rebound better from difficulties. Ivanov et al. [83] highlight two main basic approaches to hedging SCs against negative impacts of different disruptions: (i) proactive approaches to create certain protections and to take possible perturbations into account without recovery considerations; (ii) reactive approaches that aim to adjust SC processes and structures in the presence of unexpected events. However, resilience is not only supported by preparedness and recovery capabilities but also implies adaptation to flexibly change and adjusting to new circumstances.
• Preparedness Capacity
With today’s fierce competition and enormous competitive pressures, companies tend to take more “calculated risks” [69], which are risks that must be accepted to improve competitiveness, reduce costs, and enhance profitability. However, those enterprises that take more calculated risks may have adverse consequences that jeopardize their ability to serve ordered products to end customers, which will affect the enterprise fulfilling its long-term objectives [69].
Paton and Johnston [84] argue that human beings tend to think that we are better prepared for any adverse circumstances than we really are. This way of thinking also affects companies. These authors state that, when individuals receive information about how prepared he/she is to deal with a specific disruptive event, they overestimate their potential to cope with it. In most cases, input information does not cause, as would be desirable, the activation of appropriate measures to improve the preparedness capacity. Haimes et al. [67] argue that a balance must be sought between protection actions and resilience as means to improve the overall efficiency of preparedness.
An enterprise’s ability to be prepared to face disruptive events is related to its vulnerability to such events. The more vulnerable a company is, the less prepared it is. For this reason, it is important for enterprises to get ahead of themselves to minimize the negative effects of disruptions.
• Recovery Capacity
The ability to respond and recover from a disruptive situation is key for bolstering ER. In today’s highly dynamic environments, a company is never a static entity. Some sectors are more stable than others, but a company that remains static in the same position over time will lose its potential to achieve its goals. Businesses must also change in response to changing environments in order to preserve their competitive advantage [85]. These authors also argue that after a disruptive event occurs, a company should not aim to recover and overcome that disorder by returning to its initial state but must recover and reach the level (maybe the same as the initial one, or a lower or higher one) at which its competitive advantages are maintained. The dynamism of the environment may mean that, during the recovery period, the changes that occurred in the environment mean that the state the enterprise must reach after its recovery differs from the initial state at which the company operated before being impacted by such a disruptive event. Therefore, the steady state that it reaches must be aligned with the conditions of its current external environment [44].
• Adaptive Capacity
Adaptive capacity is defined as the degree of the system to modify its circumstances and move towards a condition of stability [86]. Dovers and Handmer [87] also highlight the importance of the adaptive capacity by describing that proactive resilience accepts the inevitability of change and attempts to create a system that is capable of adapting to new conditions and imperatives. Thus, the company must be prepared for disruptive events, and the more adaptable it is, the easier for it to anticipate such events.
The term adaptative capacity is also a key concept in today’s business continuity strategies. Adaptive capacity is defined by Starr et al. [88] as a company’s ability to modify its strategy, operations, systems management, structure, and decision capabilities to endure disruptive events. McManus et al. [3] considers adaptive capacity to be a measure of business culture and dynamics to appropriately make decisions in the time required in both daily activities and in the face of crises and disruptive events. Ricciardi et al. [89] also support this and highlight that a firm’s performance in turbulent business environments strongly depends on the adaptive (re)generation of their business models.
Christopher [90] states that resilient processes are flexible, agile, and capable of rapidly changing. The dynamic nature of adaptive capacity allows companies to recover after having been impacted by a disruptive event so they return to their original state or reach a more desirable one. Following the works of [90], the dynamicity of the adaptive capacity also allows companies to be prepared before disruptive events occur by them implementing anticipation actions flexibly and agilely. This is why the adaptive capacity in the present ER conceptual reference framework is considered an intrinsic characteristic of the capacities of preparedness and recovery and not a constituent capacity, per se, of ER.
In a nutshell, when a disruptive event occurs, a company is pushed from a state of relative equilibrium to another state characterized by instability. The ease with which the company moves to this new unstable state is a measure of its vulnerability [44], understood as a lack of the preparedness capacity to deal with the disruptive event, while the degree with which the company responds to this change is a measure of its recovery capacity.

4.2.3. Transition Elements to Enhance ER

To improve ER, the actions to be implemented are defined according to the time when they are adopted to mitigate the effects of disruptive events. Tomlin [91] describes two general approaches to deal with disruptive events: mitigation and contingency policies. Sanchis and Poler [92] also argue that actions must encompass two perspectives: on the one hand, proactive actions to be prepared to face adverse situations; on the other hand, reactive actions that are applied to facilitate the recovery process. Both must be planned before the disruptive event occurs, although mitigation policies are implemented prior to the event occurring, while contingency policies are generally implemented after an event has taken place. In this research work, mitigation policies are preventive actions to enhance the preparedness capacity, while contingency ones are the knowledge registration actions that improve the recovery capacity.
• Actions to Enhance the Preparedness Capacity: Preventive Actions
The company implements preventive actions before disruptive event occurs and, therefore, they are essentially proactive in nature [4]. A proactive policy emphasizes preventive plans for defining what may be done to avoid specific disruptive events or for preventing them from occurring as much as possible. For those inevitable disruptive events, effort should focus on mitigating their negative consequences.
Preventive actions are policies and/or actions that attempt to reduce the probability of the occurrence and/or severity of a disruptive event. Barroso et al. [47] state that preventive actions should be address: (i) reducing the probability of disturbance occurring; (ii) reducing the negative impact of disturbance; (iii) both.
Chopra et al. [70] point out the following preventive actions as being effective for improving ER: increased capacity, safety stock, redundancy in the supplier base, increased flexibility, aggregate demand, increased and improved business skills, and diversification regarding customers, so that dependence on a single key customer is not strong. All these preventive actions are perfect for facing a specific disruptive event and can be of much help to companies globally. However, not all preventive actions are adequate for all disruptive events, and they must be adapted according to the specificity and the characteristics of potential disruptive events.
The conceptual reference framework to assess ER offers a collection of preventive actions that have been customized to each type of disruptive event. The proposal of preventive actions, which was developed based on an exhaustive literature review, was verified by a panel of experienced experts in each origin of disruption sources during two consecutive rounds in a Delphi study, as described in Section 3 (more information in [93]). Initially, the proposal included 310 preventive actions, of which 3% were eliminated after the first round, and 103 preventive actions were included upon the experts’ request. During the second analysis round, the experts evaluated the new situation after eliminating the preventive actions and including the new ones by drawing up the list of the definitive preventive actions making up the predefined list of preventive actions for each disruptive event. Currently, the conceptual reference framework contains 403 preventive actions, but it is noteworthy that the same preventive action can apply to different disruptive events, which left 312 different preventive actions.
• Actions to Improve the Recovery Capacity: Knowledge Registration Actions
ER is in accordance with the ability to anticipate and be prepared for disruptive events (by implementing preventive actions) but also with the ability to recover once a disruptive event has occurred. To improve ER, the company’s ability to recover as quickly and efficiently as possible is performed by managing its knowledge. Ponomarov et al. [66] argue that one of the most difficult aspects of the recovery phase is the restoration of social routines and economic activities. These authors explain that part of the recovery process consists of restoring people’s psychological stability after the disruptive event, and it also involves learning positive lessons from the experience to be applied in the future if the same event or another one with similar effects happens.
Wildavsky [94] argues that resilient organizations are vitally prepared for adversity, which requires improving the company’s recovery capacity to research, learn, and act without knowing in advance what will happen. Vogus and Sutcliffe [95] point out that recovery is based on both past and future learning. Following the same line of thought, the recovery capacity is based on the human capacity to learn and act in a timely manner with valid information [96].
Sutcliffe and Vogus [23] argue that ER is obtained through processes that create cognitive, emotional, relational, or structural resources in a sufficiently flexible, storable, convertible, and malleable form that enables companies to successfully cope and learn from the unexpected. In this way, the most resilient companies are those with a structure that facilitates learning and reusing knowledge from an organized knowledge storage basis.
Dalziell et al. [44] also explain that one of the ways in which a system can recover from adverse situations is applying available responses to deal with disruptive events. To do so, profound knowledge of the available responses to disruptive events that have already occurred is required to reuse the knowledge generated in past recovery actions.
In light of this, information availability is basic and, for this purpose, registering information about (i) the disruptive events that took place and (ii) the measures taken to recover in the shortest possible time and with at the lowest cost is vitally important to improve the recovery capacity, one of the two vital cornerstones of ER. In 1996, Del Olmo and Sáiz [97] already pointed out the need for companies to increase the resources addressed to knowledge acquisition. However, it is not only important to record historic information, but a company’s commitment to record knowledge about future events as and when they occur is also vital. Long-term continuity in knowledge registration of all the disruptive events that have affected the company at some point in its life cycle is required to ensure that knowledge is available whenever required.
The conceptual reference framework is based on the fact that knowledge management will improve companies’ resilience because it will: (i) be reused whenever necessary (e.g., when the same disruptive event occurs or a similar one with related effects); (ii) be shared with all stakeholders so that they all are aware of the consequences of disruptive events and which steps are to be taken to recover efficiently; (iii) be systematically and continuously improved with new experiences; (iv) be used for continuous learning. Therefore, one of the most important factors for improving the recovery capacity after disruption is having an appropriate knowledge management system. The conceptual reference framework emphasizes this aspect with the design of a knowledge resilience structure.

4.3. Global Overview of the ER Conceptual Reference Framework

The ER Conceptual Reference Framework is represented in Table 6. This table shows a small section of the conceptual reference framework. The characterization of disruptions is composed of: the level at which the disruptive event originated, the origin and the suborigin of the disruptive event’s origin, and the disruptive events’ collection and consequences (based on the categorization framework of disruption defined by Sanchis et al. [81]).
From the preparedness perspective, the complete framework can be found in the Supplementary Materials Table S1 and in reference [98]. More than 400 preventive actions are currently defined in the conceptual reference framework. Each preventive action is specific for each disruptive event. However, it is worth noting that preventive action could also be applied to different disruptive events.
From the recovery perspective, the ER conceptual reference framework addresses the registration of knowledge about: (i) the occurrence of disruptive events; (ii) the recovery actions performed to re-establish the enterprise’s normal operation. The conceptual reference framework offers guidelines about the information required per disruptive event to set up a knowledge basis in order to improve the recovery capability. This small section (Table 6) of the ER Conceptual Reference Framework involves 11 disruptive events and one per disruption origins. However, it is worth mentioning that the framework involves seven events from the supply origin, nine disruptive events related to customers, six from distribution issues and six related to technological problems, two related to energy aspects, 11 regarding environmental issues, four financial disruptive events, seven related to inventory features and seven social aspects, three events about legislation problems, and nine of production aspects. This totals 71 disruptive events.
By way of example, one of the disruptive events shown in Table 6 is “Poor quality of the raw materials or components supplied”. This event takes place at the inter-enterprise level because it involves the enterprise’s suppliers. For this reason, the origin of the disruptive event is “supply “, and the suborigin is “quality”, as the disruptive event is also related to problems about the quality conditions of the supplied materials. If this disruptive event occurs, the potential impact on the enterprise involves the following consequences: (i) business interruption; (iii) delays to and failed due dates; (v) failure to meet customer needs; (x) injury to end customers; (xvii) unfulfilled orders. Once the enterprise has characterized the disruptive event based on the information provided in the conceptual reference framework, the company will be able to analyze which preventive actions it could implement to be prepared to face such disruptive events. Following the previous example, in this case, the conceptual reference framework offers seven alternatives to improve the preparedness capacity. For instance, if the enterprise has a safety stock, it will be able to continue operating at its normal operation level, while the supplier manages the situation to supply raw materials in perfect state. In this case, implementing such a preventive action will avoid the enterprise having to interrupt its production line while it awaits raw materials of the required quality. Finally, if this event occurs and the enterprise has not implemented any preventive action or those implemented fail, recovery will be easier and more efficient if the enterprise has recorded past information about the same disruptive event and how the situation was solved on that occasion. For this reason, the conceptual reference framework offers recommendations about the information to be registered for future events.

5. Conclusions

This paper proposes the Enterprise resilience Conceptual Reference Framework to characterize ER capacity. To do so, this paper reviews different ER definitions in Section 2 to identify its main characteristics and the importance of being resilient. In this way, Research Question 1 is answered. Moreover, this review evidences that only a few ER assessment attempts have been developed. The main objective of the proposed conceptual framework is for it to be a reference basis to develop mechanisms that assess the ER capacity of companies and, thus, to take support companies’ decision makers about which actions have to be implemented to enhance the ER capacity.
The first conceptual framework element is to identify the most frequent events with a negative impact on the ER capacity. To do so, a literature review validated by a panel of experts was performed so that Research Question 2 was answered. The current framework version contains 71 disruptive events that have been classified as the most worrisome in recent years by companies.
Moreover, by analyzing ER definitions, the main enterprise capabilities for companies to be resilient were identified. This identification responded to Research Question 3 by pointing out that, among others, preparedness and recovery capabilities are the two most quoted one in the analysis of ER definitions. From the small sample of ER definitions (11 definitions) in Table 2, 54% of them highlight disposition and preparation as the ways to be more resilient [13,22,25,27,28,30,31], and 72% of the ER definition points out either recovery or adjustment [13,25,26,27,28,29,30,31]. With a sample of 56 ER definitions, the results follow the same tendency. In light of this, the ER Conceptual Reference Framework is based on the proactive and the reactive perspective by considering the preparedness capacity and the recovery capacity, respectively, to be constituent capacities of ER.
In addition, the conceptual reference framework also proposes actions to support companies to enhance the ER process that has been designated as transition elements. It is assumed that the preparedness capability can be enhanced as preventive actions are activated and implemented. This is supported by [70], who second that preventive actions are effective mechanisms for improving ER, and by [47], who state that the preventive actions are directed to: (i) reduce the probability of the disruptive event occurring; (ii) reduce the negative impact of the disturbance; (iii) both, which will enhance the preparedness capacity. Moreover, it is theorized that the recovery capability can be enhanced by implementing knowledge registration actions. This is supported by [44,66,94,95], who state that the recovery capability can be improved by implementing past actions, which means that it is very important to register the knowledge of such past actions to learn positive lessons from those experiences, which facilitates the restoring process.
Moreover, the Delphi study performed by a panel of experts from different knowledge domains (academics, industry professionals, consultants, researchers, etc.) was used to validate all the transition elements included in the ER Conceptual Reference Framework. The current framework version contains 403 preventive actions and the design for knowledge registration actions, which supports the response to Research Question 4.
The ER Conceptual Reference Framework has much potential to provide management insight into disruptive events that need prior attention given their critical nature and periodicity. This framework will support managers to identify highly rated critical disruptive events that can severely degrade ER. This approach must be based on assessing the frequency and the severity of an enterprise’s disruptive events.
Besides, the framework also contributes by facilitating the decision-making process by proposing sets of anticipatory actions to acquire further information about what they can do to be prepared for the unexpected.
Finally, the framework provides managerial guidance for designing the knowledge resilience structure to create a learning and knowledge strategy to improve ER.
The ER Conceptual Reference Framework needs to be followed by empirical validation. To date, the feedback received by the Delphi study’s experts was very positive and conferred the proposed framework much potential.
Further research will focus on developing quantitative methods and tools to assess to what extent enterprises are resilient based on this framework. The literature review evidenced a lack of measurement and assessment tools to support the ER capacity analysis. For this reason, the present research work will continue by addressing measurement and implementation issues. Indeed, the conceptual reference framework will be the basis for developing a mechanism to measure and enhance the ER capacity. To do so, further research lines will focus on measuring the ER capacity from both proactive and reactive perspectives. The current preparedness and the recovery capacity status (AS IS ER model) of companies should be quantitatively assessed and, based on this characterization, the TO BE ER model will be defined. From the preparedness viewpoint, this definition should involve selecting the optimal preventive actions based on some criteria, such as costs, operating usefulness of the implemented actions, and implementation time, to mention just a few. This will require using optimization and simulation algorithms. Well-adapted ones can be the algorithms addressed to solve mixed-integer linear programming. Other potential approaches may involve mathematical programming in deterministic and fuzzy contexts, genetic algorithms, fuzzy cognitive maps, system dynamics, discrete events simulation, and agent-based simulation. From the recovery point of view, the TO BE ER model definition can benefit from the knowledge management system structure design of the proposed framework.
At this point, it is worth mentioning that resilience is not a static goal but future research lines proposed to measure resilience as an evaluation of current and future states in terms of preparedness and recovery capabilities. For this reason, it is important to highlight that the conceptual reference framework is an openly dynamic approach that can be updated whenever necessary by including more disruptive events that we presently do not even think could happen.
Future further research areas will also involve analyzing the resilient capacity of organizations whose main activity does not purely focus on manufacturing products but those entities that offer services, such as healthcare and tourism sectors.
Finally, other researchers are also expected to benefit from this proposal to help them to support their current ER-related research.

Supplementary Materials

The following are available online at, Table S1: Preparedness perspective of the conceptual reference framework for enterprise resilience enhancement.

Author Contributions

This work forms part of the research of R.S., supervised by R.P and L.C. R.S., which defined the enterprise resilience conceptual reference framework based on a set of disruptive events with potential preventive actions to improve the preparedness capability and the knowledge registration actions design to improve the recovery capability. R.P. and L.C. supported the definition of the research assumptions and assessed all the ER Conceptual Reference Framework elements. Likewise they both revised and oversaw all the issues related to this research. All authors have read and agreed to the published version of the manuscript.


This work was supported in part by the European Commission under the Grant Agreement No. 691249 and the Spanish State Research Agency (Agencia Estatal de Investigación) under the Reference No. RTI2018-101344-B-I00-AR.


The authors would like to acknowledge the support of the researchers participating in the collaborative project “Enhancing and implementing Knowledge based ICT solutions within high Risk and Uncertain Conditions for Agriculture Production Systems” (RUC-APS) ( and “Optimización de Tecnologías de Producción Cero-Defectos Habilitadoras para Cadenas de Suministro 4.0 (CADS4.0).

Conflicts of Interest

The authors declare no conflict of interest.


  1. Christopher, M.; Peck, H. Building the resilient supply chain. Int. J. Logist. Manag. 2004, 15, 1–14. [Google Scholar] [CrossRef]
  2. McGillivray, G. Commercial risk under JIT. Can. Underwrit. 2000, 67, 26–30. [Google Scholar]
  3. Mcmanus, S.; Seville, E.; Brunsdon, D.; Vargo, J. Resilience management: a framework for assessing and improving the resilience of organizations. Resilient. Organ. Res. Rep. 2007, 1, 79. [Google Scholar]
  4. Craighead, C.; Blackhurst, W.J.; Rungtusanatham, M.J.; Handfield, R.B. The severity of supply chain disruptions: Design characteristics and mitigation capabilities. Decis. Sci. 2007, 38, 131–156. [Google Scholar] [CrossRef]
  5. Sheffi, Y.; Rice, J.B., Jr. A supply chain view of the resilient enterprise. MIT Sloan Manag. Rev. 2005, 47, 41–48. [Google Scholar]
  6. Stolker, R.; Karydas, D.; Rouvroye, J. A comprehensive approach to assess operational resilience. In Proceedings of the Third Resilience Engineering Symposium 2008, Antibes-Juan-les-Pins, France, 28–30 October 2008; pp. 247–253. [Google Scholar]
  7. Ohio History Central, Dayton, Ohio, General Motors Strike. 1996. Available online:,_Ohio,_General_Motors_Strike_(1996) (accessed on 31 January 2020).
  8. Blackhurst, J.; Craighead, C.W.; Elkins, D.; Handfield, R.B. An empirically derived agenda of critical research issues for managing supply-chain disruptions. Int. J. Prod. Res. 2005, 43, 4067–4081. [Google Scholar] [CrossRef]
  9. Simpson, L. Docks Battle Makes Worldwide Waves; Chartered Institute of Procurement & Supply: Easton on the Hill, UK, 2002. [Google Scholar]
  10. Holling, C.S. resilience and stability of ecological systems. Annu. Rev. Ecol. Syst. 1973, 4, 1–23. [Google Scholar] [CrossRef]
  11. Lomba-Fernández, C.; Hernantes, J.; Labaka, L. Guide for climate-resilient cities: An urban critical infrastructures approach. Sustainability 2019, 11, 4727. [Google Scholar] [CrossRef]
  12. Gorman, C. The Importance of Resilience. Why Do Some Children Bounce Back from Adversity Better Than Others—and Can That Quality Be Taught? Available online:,9171,1015897,00.html (accessed on 26 December 2019).
  13. Erol, D.; Henry, B.S. Perspectives on measuring enterprise resilience. In Proceedings of the 2010 IEEE International Systems Conference, San Diego, CA, USA, 5–8 April 2010; pp. 587–592. [Google Scholar]
  14. Schwartz, M. Encyclopedia and Handbook of Materials, Parts and Finishes; CRC Press: Boca Raton, FL, USA, 2016. [Google Scholar]
  15. Smith, P.; Hutchison, D.; Sterbenz, J.P.; Schöller, M.; Fessi, A.; Karaliopoulos, M.; Lac, C.; Plattner, B. Network resilience: A systematic approach. IEEE Commun. Mag. 2011, 49, 88–97. [Google Scholar] [CrossRef]
  16. Stoltz, P.G. Building resilience for uncertain times. Lead. Lead. 2004, 31, 16–20. [Google Scholar] [CrossRef]
  17. Labaka, L.; Hernantes, J.; Sarriegi, J.M. Resilience framework for critical infrastructures: An empirical study in a nuclear plant. Reliab. Eng. Syst. Saf. 2015, 141, 92–105. [Google Scholar] [CrossRef]
  18. Björck, F.; Henkel, M.; Stirna, J.; Zdravkovic, J. Cyber resilience—Fundamentals for a definition. In New Contributions in Information Systems and Technologies; Springer: Warsaw, Poland, 2015; pp. 311–316. [Google Scholar]
  19. Butler, R.W. Tourism and Resilience; CABI: Strathclyde University, Glasgow, UK, 2017. [Google Scholar]
  20. Home, J.F.; Orr, J.E. Assessing behaviors that create resilient organizations. Employ. Relat. Today 1997, 24, 29–39. [Google Scholar] [CrossRef]
  21. Riolli, L.; Savicki, V. Information system organizational resilience. Omega 2003, 31, 227–233. [Google Scholar] [CrossRef]
  22. Mallak, L.A. Toward a theory of organizational resilience. In Toward a Theory of Organizational Resilience, Proceedings of the PICMET’99: Portland International Conference on Management of Engineering and Technology, Vol-1: Book of Summaries (IEEE Cat. No. 99CH36310); Mallak, L.A., Ed.; IEEE: Portland, OR, USA, 1999; p. 223. [Google Scholar]
  23. Sutcliffe, K.M.; Vogus, T.J. Organizing for resilience. Posit. Organ. Scholarsh. Found. New Discip. 2003, 94, 110. [Google Scholar]
  24. Reinmoeller, P.; van Baardwijk, N. The link between diversity and resilience. MIT Sloan Manag. Rev. 2005, 46, 61. [Google Scholar]
  25. McDonald, N. Organizational resilience and industrial risk. In Resilience Engineering: Concepts and Precepts; Hollnagel, E., Woods, D.D., Leveson, N., Eds.; Ashgate: Hampshire, UK, 2006; pp. 155–179. [Google Scholar]
  26. Minolli, C.B. Empresas resilientes algunas ideas para construirlas. Temas Manag. 2005, 3, 20–25. [Google Scholar]
  27. Madni, M.; Jackson, S. Towards a conceptual framework for resilience engineering. IEEE Syst. J. 2009, 3, 181–191. [Google Scholar] [CrossRef]
  28. Ballesta. Resiliencia Organizacional. Transformando la Adversidad en Fuente de Innovación. 2011. Available online: (accessed on 26 December 2019).
  29. Alberts, D.S. The Agility Advantage: A Survival Guide for Complex Enterprises and Endeavors. 2011. Available online: (accessed on 12 November 2019).
  30. Winston, A. Resilience in a hotter world. Harv. Bus. Rev. 2014, 92, 56–64. [Google Scholar]
  31. Gilly, J.; Kechidi, M.; Talbot, D. Resilience of organizations and territories: The role of pivot firms. Eur. Manag. J. 2014, 32, 596–602. [Google Scholar] [CrossRef]
  32. Kamalahmadi, M.; Parast, M.M. A review of the literature on the principles of enterprise and supply chain resilience: Major findings and directions for future research. Int. J. Prod. Econ. 2016, 171, 116–133. [Google Scholar] [CrossRef]
  33. Limnios, E.A.M.; Mazzarol, T.; Ghadouani, A.; Schilizzi, S.G.M. The resilience architecture framework: Four organizational archetypes. Eur. Manag. J. 2014, 32, 104–116. [Google Scholar] [CrossRef]
  34. Carvalho, H.; Machado, V.C. Designing principles to create resilient supply chains. In IIE Annual Conference; Institute of Industrial and Systems Engineers (IISE): Norcross, GA, USA, 2007; p. 186. [Google Scholar]
  35. Falasca, M.; Zobel, C.W.; Cook, D. A Decision support framework to assess supply chain resilience. In Proceedings of the 5th International ISCRAM Conference, Washington, DC, USA, 4–7 May 2008; pp. 596–605. [Google Scholar]
  36. Carvalho, H. Resilience index: Proposal and application in the automotive supply chain. In Proceedings of the 18th EUROMA Conference, Cambridge, UK, 3–6 July 2011; pp. 3–6. [Google Scholar]
  37. Cabral, I.; Grilo, A.; Cruz-Machado, V. A decision-making model for lean, agile, resilient and green supply chain management. Int. J. Prod. Res. 2012, 50, 4830–4845. [Google Scholar] [CrossRef]
  38. Pettit, T.J.; Croxton, K.L.; Fiksel, J. Ensuring supply chain resilience: Development and implementation of an assessment tool. J. Bus. Logist. 2013, 34, 46–76. [Google Scholar] [CrossRef]
  39. Soni, U.; Jain, V.; Kumar, S. Measuring supply chain resilience using a deterministic modeling approach. Comput. Ind. Eng. 2014, 74, 11–25. [Google Scholar] [CrossRef]
  40. Munoz, A.; Dunbar, M. On the quantification of operational supply chain resilience. Int. J. Prod. Res. 2015, 53, 6736–6751. [Google Scholar] [CrossRef]
  41. Kim, Y.; Chen, Y.S.; Linderman, K. Supply network disruption and resilience: A network structural perspective. J. Oper. Manag. 2015, 33–34, 43–59. [Google Scholar] [CrossRef]
  42. Erol, O.; Sauser, B.J.; Mansouri, M. A framework for investigation into extended enterprise resilience. Enterp. Inf. Syst. 2010, 4, 111–136. [Google Scholar] [CrossRef]
  43. Woods, D.; Wreathall, J. Managing Risk Proactively: The Emergence of Resilience Engineering; Ohio University: Columbus, OH, USA, 2003. [Google Scholar]
  44. Dalziell, E.; Mcmanus, S.T. Resilience, vulnerability, and adaptive capacity: Implications for system performance. In Proceedings of the International Forum on Engineering Decision Making, Stoos, Switzerland, 5–9 December 2004; p. 17. [Google Scholar]
  45. Pettit, T.J.; Fiksel, J.; Croxton, K.L. Ensuring supply chain resilience: Development of a conceptual framework. J. Bus. Logist. 2010, 31, 1–21. [Google Scholar] [CrossRef]
  46. Carvalho, H.; Cruz-Machado, V. Resilient supply chains. In Proceedings of the Actas das Conferencias “Engenharias’07”—Inovaçao e Desenvolvimento, Covilhã, Portugal, 21–23 November 2007; pp. 304–309. [Google Scholar]
  47. Barroso, P.; Machado, V.H.C. Supply Chain Resilience Using the Mapping Approach; Supply Chain Management; InTech: Shanghai, China, 2011; pp. 161–184. [Google Scholar]
  48. Lee, V.; Vargo, J.; Seville, E. Developing a tool to measure and compare organizations’ resilience. Nat. Hazards Rev. 2013, 14, 29–41. [Google Scholar] [CrossRef]
  49. Sanchis, R.; Poler, R. Enterprise resilience assessment-A quantitative approach. Sustainability 2019, 11, 4327. [Google Scholar] [CrossRef]
  50. Time. How Poisoned Tylenol Became a Crisis-Management Teaching Model. 1982. Available online: (accessed on 14 February 2020).
  51. Chronicle, S. Benzene Incident Haunts Perrier. 1991. Available online:,2504946&hl=es (accessed on 30 January 2020).
  52. Binder Dijker Otte. BDO Technology Risk Factor Report. 2017. Available online: (accessed on 30 January 2020).
  53. Economist Group. 2008 Survey. Economist Intelligence Unit. Managing Risk Through Financial Processes: Embedding Governance, Risk, and Compliance; EIU: London, UK, 2008. [Google Scholar]
  54. Deloitte. The Ripple Effect. How Manufacturing and Retail Executives View the Growing Challenge of Supply Chain Risk; Deloitte Development LLC: New York, NY, USA, 2013. [Google Scholar]
  55. World Economic Forum. Insight Report. Global Risks 2014; World Economic Forum: Geneva, Switzerland, 2014. [Google Scholar]
  56. Business Continuity Institute. Supply Chain Resilience Report 2015. Available online: (accessed on 20 October 2016).
  57. Ernst & Young. Business Pulse. Exploring dual Perspectives on the Top10 Risks and Opportunities in 2013–2015; EYGM: London, UK, 2015. [Google Scholar]
  58. AON Risk Solutions. Global Risk Management Survey—Executive Summary; Aon plc (NYSE:AON): London, UK, 2017. [Google Scholar]
  59. Business Continuity Institute. BCI Supply Chain Resilience Report 2018; Caversham: Berkshire, UK, 2018. [Google Scholar]
  60. World Economic Forum. The Global Risks Report 2019; World Economic Forum: Geneva, Switzerland, 2019. [Google Scholar]
  61. Astigarraga, E. El Método Delphi; Universidad de Deusto: San Sebastián, Spain, 2003. [Google Scholar]
  62. Osuna, J.M.B.; Almenara, J.C. La utilización del juicio de experto para la evaluación de TIC: El coeficiente de competencia experta. Bordón. Revista de Pedagogía 2013, 65, 25–38. [Google Scholar]
  63. Comfort, L.K.; Sungu, Y.; Johnson, D.; Dunn, M. Complex systems in crisis: Anticipation and resilience in dynamic environments. J. Contingencies Cris. Manag. 2001, 9, 144–158. [Google Scholar] [CrossRef]
  64. Melnyk, S.A.; Closs, D.J.; Griffis, S.E.; Zobel, C.W.; Macdonald, J.R. Understanding supply chain resilience. Supply Chain Manag. Rev. 2014, 18, 34–41. [Google Scholar]
  65. Woods, D.D. Essential characteristics of resilience. In Resilience Engineering: Concepts and Precepts; Hollnagel, E., Woods, D.D., Leveson, N., Eds.; Ashgate: Hampshire, UK, 2006; pp. 21–34. [Google Scholar]
  66. Ponomarov, S.Y.; Holcomb, M.C. Understanding the concept of supply chain resilience. Int. J. Logist. Manag. 2009, 20, 124–143. [Google Scholar] [CrossRef]
  67. Haimes, Y.Y.; Crowther, K.; Horowitz, B.M. Preparedness: Balancing protection with resilience in emergent systems. Syst. Eng. 2008, 11, 287–308. [Google Scholar] [CrossRef]
  68. Mason-Jones, R.; Towill, D.R. Shirking the SC uncertainty circle. Control 1998, 24, 17–22. [Google Scholar]
  69. Svensson, G. A conceptual framework of vulnerability in firms’ inbound and outbound logistics flows Go. Int. J. Phys. Distrib. Logist. Manag. 2002, 32, 110–134. [Google Scholar] [CrossRef]
  70. Chopra, S.; Sodhi, M.S. Managing risk to avoid supply-chain breakdown. MIT Sloan Manag. Rev. 2004, 46, 53–61. [Google Scholar]
  71. Kleindorfer, P.R.; Saad, G.H. Managing disruption risks in supply chains. Prod. Oper. Manag. 2005, 14, 53–68. [Google Scholar] [CrossRef]
  72. Hendricks, K.B.; Singhal, V.R.; Zhang, R. The effect of operational slack, diversification, and vertical relatedness on the stock market reaction to supply chain disruptions. J. Oper. Manag. 2009, 27, 233–246. [Google Scholar] [CrossRef]
  73. Natarajarathinam, M.; Capar, I.; Narayanan, A. Managing supply chains in times of crisis: A review of literature and insights. Int. J. Phys. Distrib. Logist. Manag. 2009, 39, 535–573. [Google Scholar] [CrossRef]
  74. Heinecke, G.; Migge, B.; Kunz, A.; Lamparter, S.; Lepratti, R. Measuring the performance-related effect of supply chain events on manufacturing operations. In Proceedings of the P&OM World Conference, Amsterdam, The Netherlands, 2–4 July 2012; pp. 1–12. [Google Scholar]
  75. Sanchis, R.; Poler, R. Enterprise resilience assessment: A categorisation framework of disruptions. Dir. Organ. 2014, 54, 45–53. [Google Scholar]
  76. Cucchiella, F.; Gastaldi, M. Risk management in supply chain: A real option approach. J. Manuf. Technol. Manag. 2006, 17, 700–720. [Google Scholar] [CrossRef]
  77. Sanchis, R.; Poler, R. Analysis of knowledge barriers at the extra-collaborative knowledge level in enterprise networks. In Proceedings of the European Conference on Knowledge Management (ECKM), Southampton, UK, 4–5 September 2008. [Google Scholar]
  78. Sanchis, R.; Sanchis-Gisbert, M.R.; Poler, R. Conceptualisation of the three-dimensional matrix of collaborative knowledge barriers. Sustainability 2020, 12, 1279. [Google Scholar] [CrossRef]
  79. Sanchis, R.; Poler, R. Origins of disruptions sources framework to support the enterprise resilience analysis. IFAC-PapersOnline 2019, 52, 2062–2067. [Google Scholar] [CrossRef]
  80. Hu, Y.; Li, J.; Holloway, L.E. Towards modeling of resilience dynamics in manufacturing enterprises: literature review and problem formulation. In Proceedings of the 4th IEEE Conference on Automation Science and Engineering, Washington, DC, USA, 23–26 August 2008; pp. 279–284. [Google Scholar]
  81. Mitroff, I.I.; Alpaslan, M.C. Preparing for Evil; Harvard Business School: Brighton, MA, USA, 2003. [Google Scholar]
  82. Bhamra, R.; Dani, S.; Burnard, K. Resilience: The concept, a literature review and future directions. Int. J. Prod. Res. 2011, 49, 5375–5393. [Google Scholar] [CrossRef]
  83. Ivanov, D.; Dolgui, A.; Sokolov, B.; Ivanova, M. Literature review on disruption recovery in the supply chain. Int. J. Prod. Res. 2017, 55, 6158–6174. [Google Scholar] [CrossRef]
  84. Paton, D.; Johnston, D. Disasters and communities: Vulnerability, resilience and preparedness. Disaster Prev. Manag. Int. J. 2001, 10, 270–277. [Google Scholar] [CrossRef]
  85. Dalziell, E. Understanding the vulnerability of organizations. In Proceedings of the 1855 Wairarapa Earthquake Symposium, Wellington, New Zealand, 8–10 September 2005; pp. 130–135. [Google Scholar]
  86. Luers, L.; Lobell, D.B.; Sklar, L.S.; Addams, C.L.; Matson, P.A. A method for quantifying vulnerability, applied to the agricultural system of the Yaqui Valley, Mexico. Glob. Environ. Chang. 2003, 13, 255–267. [Google Scholar] [CrossRef]
  87. Dovers, S.R.; Handmer, J.W. Uncertainty, sustainability and change. Glob. Environ. Chang. 1992, 2, 262–276. [Google Scholar] [CrossRef]
  88. Starr, R.; Newfrock, J.; Delurey, M. Enterprise resilience: Managing risk in the networked economy. Strateg. Bus. 2003, 30, 70–79. [Google Scholar]
  89. Ricciardi, F.; Zardini, A.; Rossignoli, C. Organizational dynamism and adaptive business model innovation: The triple paradox configuration. J. Bus. Res. 2016, 69, 5487–5493. [Google Scholar] [CrossRef]
  90. Christopher, M. Managing risk in the supply chain. Supply Chain Pract. 2005, 7, 4. [Google Scholar]
  91. Tomlin, B. On the value of mitigation and contingency strategies for managing supply chain disruption risks. Manag. Sci. 2006, 52, 639–657. [Google Scholar] [CrossRef]
  92. Sanchis, R.; Poler, R. Measuring Enterprise Resilience; Enterprise interoperability: I-ESA’12 proceedings; ISTE Wiley: Valencia, Spain, 2012; pp. 139–144. [Google Scholar]
  93. Sanchis, R.; Poler, R. Mitigation proposal for the enhancement of enterprise resilience against supply disruptions. IFAC-PapersOnline 2019, 52, 2833–2838. [Google Scholar] [CrossRef]
  94. Wildavsky, A.B. Searching for Safety; Transaction Books: New Brunswick, NJ, USA, 1992. [Google Scholar]
  95. Vogus, T.J.; Sutcliffe, K.M. Organizational resilience: Towards a theory and research agenda. In Proceedings of the IEEE International Conference on Systems, Man and Cybernetics, Montreal, QC, Canada, 7–10 October 2007; pp. 3418–3422. [Google Scholar]
  96. Comfort, L.K.; Siciliano, M.D.; Okada, A. Resilience, entropy, and efficiency in crisis management: The January 12, 2010, Haiti earthquake. Risk Hazards Cris. Public Policy 2011, 2, 1–25. [Google Scholar] [CrossRef]
  97. del Olmo, F.J.V.; Bárcena, L.S. Redes estratégicas como respuesta a la globalización. In Proceedings of the 5 Congreso de Economía Regional de Castilla y León: Comunicaciones, Ávila, Spain, 28–30 November 1996; pp. 1238–1246. [Google Scholar]
  98. Sanchis, R.; Poler, R. Self-Assessment Tool to Improve Enterprise Resilience—SATIER. 2020. Available online: (accessed on 4 February 2020).
Figure 1. Research methodology.
Figure 1. Research methodology.
Sustainability 12 01464 g001
Figure 2. ER conceptual reference framework.
Figure 2. ER conceptual reference framework.
Sustainability 12 01464 g002
Table 1. Definitions of resilience applied to diverse disciplines.
Table 1. Definitions of resilience applied to diverse disciplines.
PsychologyThe ability of individuals to recover from adversity.[12]
Positive ability of individuals to cope with stress and catastrophic events, as well as their level of resistance to future events.[13]
Material ScienceA material’s tendency to return to its original form after applying a force or stress that has produced elastic deformation.[14]
Communication/Computational NetworksThe ability of a network to defend against and maintain an acceptable level of service in the presence of such challenges.[15]
SociologyAbility to recover from adversity and become stronger than before. [16]
InfrastructuresAbility of an infrastructure to reduce the probability of failure, the consequences of such failure, and the response and recovery time.[17]
Cyber Ability to continuously deliver the intended outcome despite adverse cyber events.[18]
TourismAbility of organisms, communities, ecosystems, and populations to withstand the impacts of external forces while retaining their integrity and ability to continue functioning.[19]
Table 2. Enterprise resilience (ER) definitions.
Table 2. Enterprise resilience (ER) definitions.
[22]Ability of an organization to strengthen the creation of robust and flexible processes in a proactive way.
[23]The maintenance of positive adjustment under challenging conditions such that the organization emerges from those conditions strengthened and more resourceful.
[24]The capability to self-renew over time through innovation.
[25]Resilience conveys the properties of being able to adapt to the requirements of the environment and being able to manage the environments variability.
[26]Enterprise capacity to absorb changes and ruptures, both internal and external, without affecting its profitability and even though developing a flexibility that, through processes of rapid adaptation, the enterprise may obtain extra benefits, whether these are pecuniary or intangible, arising from adverse and/or unforeseen circumstance.
[27] Resilience encompasses the actions to avoid, adsorb, adapt, and recover from disruptions.
[28]Ability to anticipate key events related to emerging trends, to adapt constantly to change, and to recover quickly after disasters and crises.
[13]Enterprise ability to reduce vulnerability, ability to change and adapt as well as the ability to recover quickly against unforeseen events.
[29]Ability to repair, replace, patch, or otherwise reconstitute lost capability or performance (and hence effectiveness), at least in part and over time, from misfortune, damage, or a destabilizing perturbation in the environment.
[30]Ability not only to recover from disruptions but to avoid them completely.
[31]Reactive ability of the company to withstand an external event and active ability to anticipate events and therefore open new paths of development.
Table 3. Enterprise (E) and supply chain (SC) resilience assessment attempts.
Table 3. Enterprise (E) and supply chain (SC) resilience assessment attempts.
ReferenceDescriptionConceptual ApproachIndicatorsMethodologyToolE Or SC
[42]Conceptual framework based on the key attributes of ER (agility, flexibility, adaptability, interoperability, and connectivity) in the extended enterprises context. It is based on two enablers: (i) the capability of an enterprise to become more connected and responsive to the environment; (ii) the alignment of information technology with business goals.
[43]Conceptual approach for the trade-off between operational and ER objectives based on sacrifice decisions, measurement of organizational resilience, visualizing the side effects of organizational decisions on disruptions, and organizational feedback control. E
[44]Conceptual approach to assess ER based on key performance indicators (KPIs) related to the objectives defined in the enterprise’s mission. E
[46]Proposal of the SC Resilience Index (in diversity, adaptability, and cohesion terms) and the SC Resilience Indicator (in terms of the amount of change that a system can undergo and the degree of self-organization). SC
[3]Methodology and definition of indicators for the evaluation and improvement of organizations’ resilience in terms of situation awareness, management of keystone vulnerabilities and adaptive capacity E
[35]Quantitative approach for assessing supply chain resilience to face disasters in terms of density complexity and nodes critically. SC
[6]A conceptual approach to assess operational resilience by applying a multiattribute utility theory through value trees that is constructed and contains the attributes contributing to resilience management. E
[38,45]Conceptual approach, tool, and implementation methodology to assess and enhance resilience in SCs through a portfolio of capabilities by balancing enterprises’ inherent pattern of vulnerabilities.E
[47]Methodology to improve resilience in SCs through value stream mapping and defining the company and the SC resilience index. E and SC
[37]A lean, agile, resilient, and green analytic network process model to support decision making in choosing the most appropriate practices and KPIs to be implemented by companies in an SC. E and SC
[48]Extending the definition of indicators to evaluate and improve organizations’ resilience as defined by McManus et al. E
[39]Proposal of a resilience index in terms of agility, collaboration, information sharing, sustainability, risk and revenue sharing, trust, visibility, risk management culture, adaptive capability, and structure by graph theory. SC
[40]Proposal of a metrics for operational supply chain resilience in terms of recovery, impact, performance loss, profile length, and weighted-sum. SC
[41]Proposal of a metrics for supply network resilience in terms of the total number of node/arc disruptions. SC
[49]A quantitative approach to enhance ER in terms of preparedness capability using dynamic programming (the knapsack approach). E
Table 4. Description of the profiles of the experts participating in the Delphi study.
Table 4. Description of the profiles of the experts participating in the Delphi study.
#Level of EducationEntityPositionKnowledge DomainExperienceAge Range
1EngineerLarge CompanySC ManagerOperations Management>5 years25–35
2EngineerLarge CompanyTechnology ManagerInformation and Communications Technology (ICT)>20 years50–55
3EngineerSmall and Medium Sized Enterprise (SME)General ManagerHuman Resources>30 years>60
4PhDUniversityProfessorBusiness Economics, Health, and Social Care>15 years45–50
5MSc.Research CenterResearcherKnowledge Management>15 years40–45
6PhDUniversityProfessorOperations Research>25 years50–55
7PhDUniversityProfessorSC Management>20 years45–50
8PhDConsulting CompanyConsultantOperations Management>20 years50–55
9MSc.SMEGeneral ManagerFinancial Management>20 years45–50
10MSc.Large CompanyPurchase ManagerPurchase and Stocks Management>20 years45–50
11EngineerSMEQuality ManagerQuality and Maintenance>15 years40–45
12MSc.Consulting CompanyConsultantManufacturing Systems>30 years55–60
Table 5. Example of confusion with the terms designating sources, disruptive events, and consequences.
Table 5. Example of confusion with the terms designating sources, disruptive events, and consequences.
Source (origin)Disruptive EventConsequences
SupplierInternal—Supplier’s fireDelays in supplying components
CustomerExternal—Supplier’s fireDelays in delivering components Interrupting the production system
Table 6. ER Conceptual Reference Framework.
Table 6. ER Conceptual Reference Framework.
Characterisation of Disruption Transition Elements/Constituent Capacities
LevelOriginSuboriginDisruptive EventConsequences *Preventive Actions/Preparedness CapacityKnowledge Registration Actions/Recovery Capacity
Inter-CustomersDemandUnpredictable changes in demand(ii), (iii), (v), (vi), (xv), (xvii)Study of changes in the demand patternDisruptive Event: ID, Name, Date, Time, Description, Functional areas or departments involved, Staff Involved, Causes identified (if any), Legislative/regulatory aspects, Short-term consequences, Long-term consequences
Registration: Date, User
Historical Registration: Protocol number (if available), Number of times the disruptive event has already happened, Preventive actions that have already been implemented (if any), Previous experiences in the recovery of this disruptive event
Recovery actions: Description, Steps, People involved, Responsible, Time, Duration, Remarks, Actions Suitability
Study of demand historical outliers
Study of the prospective forecast
Implementation of demand forecasting systems
Search for additional production capacity
Search for alternative providers
Implementation of adequate commercial management
Implementation of marketing and sales practices that minimize changes in demand
Implementation of flexible production systems
Intra-ProductionEquipment/MachineryBreakdown /failure of machines and/or key equipment(i), (iii), (v), (ix), (xvii) Definition of alternative routes and flexible equipment purchases
Establishment of product-service systems contracts with equipment suppliers
Backward vertical integration of the technical service
Total preventive maintenance
Modernization of the technical service through technology
Negotiation with competitors (orders to competitors)
Nearest technical service
Utilization of the maximum capacity of other similar machines
Extra-DistributionPricesIncrease in fuel prices(v), (viii), (ix), (xv)Agreements with Third Party Logistics (3PL) and 4PL operatorsDisruptive Event: ID, Name, Date, Time, Description, Functional areas or departments involved, Staff Involved, Causes identified (if any), Legislative/regulatory aspects, Short-term consequences, Long-term consequences
Registration: Date, User
Historical Registration: Protocol number (if available), Number of times the disruptive event has already happened, Preventive actions that have already been implemented (if any), Previous experiences in the recovery of this disruptive event
Recovery actions: Description, Steps, People involved, Responsible, Time, Duration, Remarks, Actions Suitability
Monitor oil prices evolution constantly
Definition and implementation of the costs range that the enterprise would like to bear
Definition and implementation of a protocol to negotiate prices of finished products
Extra-EnergeticSupplyInterruption in the supply of water, gas, electricity, etc.(i), (ii), (iii), (v), (x), (xvii) Definition and implementation of formal protocols to proceed when supply interruptions occur
Viability study and implementation of redundant systems (electric generators, etc.) to keep the enterprise running
Implementation of real-time communication systems with energy supply providers
Vertical backward integration (especially for electrical energy, e.g., solar panels)
Negotiation with energy suppliers about penalty clauses if the energy supply is interrupted
Extra-Environ- mentalNatureEnterprise facilities are exposed to natural disasters(i), (ii), (iii), (v), (x), (xvii) (xi), (xiii), (xiv), (xv), (xvii)Definition of business continuity plans
Definition of emergency evacuation protocols
Train human capital in security measures for fire protection
Periodic drills
Simulation of different disaster scenarios and establishment of specific measures based on simulation results
Extra-FinancialCreditRestricted access to credit(ii), (viii), (xv) Create a reserve fund and define policies that maintain a percentage of the monetary reserveDisruptive Event: ID, Name, Date, Time, Description, Functional areas or departments involved, Staff Involved, Causes identified (if any), Legislative/regulatory aspects, Short-term consequences, Long-term consequences
Registration: Date, User
Historical Registration: Protocol number (if available), Number of times the disruptive event has already happened, Preventive actions that have already been implemented (if any), Previous experiences in the recovery of this disruptive event
Recovery actions: Description, Steps, People involved, Responsible, Time, Duration, Remarks, Actions Suitability
Study on the viability of turning to supply chain financing instruments
Study and analyze policies supported by public institutions to fund companies: e.g., ICO – Instituto Crédito Oficial de and Enisa in Spain
Outsourcing and change of strategy to focus on those activities that provide added value
Request for credit through reciprocal guarantee companies that act as guarantors of financing, assuming credit risks
Intra-InventoryInefficiencyReiteration of movements in the picking process(iii), (vi), (viii), (xvii)Human capital training related to picking and movement aspects
Study the time spent on the routes to perform picking
Study and evaluate the storage pattern of products for picking
Systematic study and evaluation of the method used for picking to minimize the operator’s movements, among others
Implementation of the Internet of Things technology (e.g., Radio Frequency Identification—RFID, Global Positioning System—GPS, etc.) to support storage and picking activities
Implementation of intelligent systems to optimize the picking process (guided to operators, movement of stacker cranes, etc.)
Maintenance of handling equipment to effectively manipulate products
Extra-LegislationRegulation /ProductChanges in legislation involving enterprise’s products(i), (ii), (iii), (v), (xv), (xvii) Train company’s employees in legal issuesDisruptive Event: ID, Name, Date, Time, Description, Functional areas or departments involved, Staff Involved, Causes identified (if any), Legislative/regulatory aspects, Short-term consequences, Long-term consequences
Registration: Date, User
Historical Registration: Protocol number (if available), Number of times the disruptive event has already happened, Preventive actions that have already been implemented (if any), Previous experiences in the recovery of this disruptive event
Recovery actions: Description, Steps, People involved, Responsible, Time, Duration, Remarks, Actions Suitability
Definition and implementation of publicizing activities among customers about potential changes in the focal company’s products from a positive viewpoint: better security, etc.
Definition and implementation of formal protocols to deal with new legislation that concerns the company’s products
Design and development of easily adaptable products that meet the most stringent requirements of new regulations (weight, composition, presentation, identification, labeling, etc.)
Implementation of efficient communication systems among different functional units, such as quality, research, innovation, legislation, new products development, etc.
Implementation of continuous monitoring systems to control new or existent regulations/laws that could have effects on products
Intra-SocialPersonnelKey personnel leaving the enterprise(iv), (xii), (xvi) Definition of policies for employment promotion
Definition of performance indicators to monitor their fulfilment
Definition of tasks, roles, responsibilities and performance and monitoring indicators to achieve such a definition
Implementation of emphasis policies for recruiting and retaining outstanding employees
Implementation of policies to promote social events
Registration of human capital know-how
Intra-SupplyQualityPoor quality of the raw materials or components supplied(i), (iii), (v), (x), (xvii)Search for alternative raw materials or componentsDisruptive Event: ID, Name, Date, Time, Description, Functional areas or departments involved, Staff Involved, Causes identified (if any), Legislative/regulatory aspects, Short-term consequences, Long-term consequences
Registration: Date, User
Historical Registration: Protocol number (if available), Number of times the disruptive event has already happened, Preventive actions that have already been implemented (if any), Previous experiences in the recovery of this disruptive event
Recovery actions: Description, Steps, People involved, Responsible, Time, Duration, Remarks, Actions Suitability
Search for alternative suppliers
Certification (audits) of quality in suppliers
Implementation of quality systems agreed with our suppliers
Implementation of systems to constantly monitor suppliers/materials
Pre-production inspection
Safety stock of raw materials and/or components
Extra-Inter-Intra-TechnologyCrimeCybercrime (hacking, viruses, malicious code(iii), (xii), (xiii), (xvii) User training in computer security issues to prevent attacks in which the user would unwittingly give authorization
Definition of standards, protocols, methods, and rules to minimize potential risks of computers or the information infrastructure
Definition of users’ access rights to avoid oversized rights
Definition of actions to be taken when computer vulnerability is detected and selection of human resources to be contacted
Definition of maintenance policies of the enterprise’s IT infrastructure
Implementation of anti-virus software and firewalls systems
Make regular backups
Constantly monitor different and current types of computer threats: viruses, computer worms, trojans, logic bombs or spyware
Total11 71 403
* (i) business interruption; (ii) damage to reputation/brand; (iii) delays in and failed due dates; (iv) failure to attract or retain top talent; (v) failure to meet customer needs; (vi) high inventories; (vii) impossibility to pay personnel, suppliers, taxes; (viii) increase in final products price; (ix) increased production costs; (x) injury to end customers; (xi) injury to workers; (xii) loss of intellectual property/data; (xiii) loss of networked communication; (xiv) physical damage; (xv) reduced sales; (xvi) understaffing; (xvii) unfulfilled orders [80].
Back to TopTop