Why risk management must be at the heart of IBP

09 January 2025 Consultancy.uk

Gone are the days when business risks followed predictable cycles. As traditional risk management professionals struggle to adapt to constant change, Birgit Breitschuh, a partner at Oliver Wight, explains how Integrated Business Planning can accelerate an organisation’s recovery from major disruptions.

Today's business landscape is marked by a relentless barrage of disruptions that have transformed what was once cyclical into a constant state of upheaval. The question is no longer if a crisis will hit but when – and how prepared you are to respond.

I've guided numerous organisations through their Integrated Business Planning (IBP) journeys and I've witnessed firsthand how companies that integrate risk management into their IBP process survive and also thrive in the face of adversity.

The evidence is compelling: in recent years, I've worked with multiple organisations that have faced severe cyber-attacks, for instance. Their experiences offer valuable lessons about the critical role of IBP in crisis recovery.

Many organisations fail to recognise a crucial distinction between vulnerabilities and risks. Vulnerabilities are potential downsides to your aligned cross-functional plan that you can control or mitigate through specific actions. Risks, however, are the larger, often external events that can derail even the best-laid plans – from election outcomes to natural disasters.

The frequency and intensity of these risks have escalated dramatically. What used to be occasional disruptions have become a steady stream of challenges that maintain a persistently elevated state of risk. This new reality demands a more sophisticated risk management approach fully integrated into your IBP process.

Smarter crisis recovery

Consider this real-world example: a company I recently worked with suffered a devastating cyber-attack that brought their operations to a standstill. While their IBP process couldn't prevent the attack, it proved invaluable in their recovery. They reached out to another company who had experienced a similar attack the previous year, learning that full operational recovery was possible quickly with proper IBP structures in place.

Another organisation I'm currently supporting is still dealing with the aftermath of a cyber-attack, resorting to paper orders and completely new email systems. These aren't isolated incidents. They represent a growing trend that no business can afford to ignore.

While IBP may not prevent every crisis, it provides the essential framework for recovery. The structured approach of IBP creates clear decision-making pathways that remain valuable during disruptions. It establishes robust communication channels across functions and ensures a deep understanding of critical dependencies and priorities. Perhaps most crucially, it enables rapid scenario planning for recovery options.

Clear decision-making pathways

Integrating risk management within IBP requires a fundamental shift in how organisations approach their planning processes. Risk assessment must become integral to regular IBP reviews, with clear ownership and accountability for different types of risks.

Organisations need robust prioritisation criteria for risk mitigation, supported by comprehensive risk registers that feed directly into scenario planning. Regular testing of crisis response protocols ensures readiness when disruption strikes.

In today's environment, having the right technology infrastructure is crucial. Modern IBP solutions deliver real-time visibility across operations, enabling rapid scenario modelling and early warning systems for potential disruptions. These platforms integrate automated risk assessment tools with communication systems, creating a unified approach to risk management and business planning.

Why does this matter? If you think about the alternative, the stakes couldn't be higher. Organisations that fail to integrate risk management into their IBP process face devastating consequences.?

Recovery times from disruptions lengthen, financial impacts deepen, and customer relationships suffer. Market share can quickly erode as better-prepared competitors step in to fill the void. Perhaps most concerning is the increased vulnerability to future disruptions that come from inadequate preparation.

Ultimately, in today's volatile business environment, integrating risk management into your IBP process isn't optional – it's essential for survival. Act now, before the next crisis inevitably hits.

Key questions for business leaders

How quickly could your organisation recover from a significant disruption like a cyber-attack?

Does your current risk management process integrate seamlessly with IBP?

Are you differentiating between vulnerabilities you can control and external risks you need to prepare for?

How confident are you in your organisation's ability to make critical decisions during a crisis?

What would be the cost to your business of an extended operational disruption?

More on: Oliver Wight
United Kingdom
Company profile
Oliver Wight is a United Kingdom partner of Consultancy.org
Partnership information »
Partnership information

Consultancy.org works with three partnership levels: Local, Regional and Global.

Oliver Wight is a Local partner of Consultancy.org in Europe and United Kingdom.

Upgrade or more information? Get in touch with our team for details.