Since business executives increasingly consider risk from cyber-attack, natural hazards and supply chain failure to be key business vulnerabilities, those criteria have been added to an on-line index that analyzes 130 countries’ overall enterprise resilience to disruptive events. The 2017 Resilience Index from insurance provider FM Global may be used to help business executives site facilities, select suppliers, evaluate established supply chains and identify customers which may be vulnerable, according to the firm.

 

As in past years, users of the index may investigate quantified resilience drivers related to each country’s economic strength, risk quality and supply chain condition. Those drivers are: productivity, political risk, oil intensity, exposure to natural hazard, natural hazard risk quality, fire risk quality, control of corruption, quality of infrastructure and quality of local suppliers. However, this year, the index also includes inherent cyber risk, which reflects a country’s vulnerability to a cyber-attack and its ability to recover; urbanization rate, which serves as a proxy for stress on water supplies, power grids and other infrastructure which would be exacerbated by natural disasters such as windstorms, flood and earthquakes; and supply chain visibility, which reflects the ability to track and trace consignments across a country.

 

“Our clients have found the index valuable when making important decisions about their properties, business strategies and supply chains,” says Bret Ahnell, executive vice president at FM Global. “We upgraded the index this year to reflect escalating threats that may make a lasting impact on business performance. We will continue to improve the index and make the data publicly available to any business….”

 

I was interested to read, for example, that regarding natural disasters, Sweden has above-average resilience due, in large part, to its lower-than-average exposure to hazards such as windstorms, flood and earthquakes. At the other end of the spectrum, for example, flood-prone Bangladesh, a major manufacturing hub for apparel and textiles, ranks toward the bottom of the index for resilience to natural disasters.

 

The index is primarily known for its ranking of countries in overall enterprise resilience. Switzerland, coming as no surprise, is ranked first this year in overall enterprise resilience—as it has annually for five years—primarily reflecting high scores for its infrastructure, local supplier quality, political stability, control of corruption and economic productivity. Like many countries, Switzerland is exposed to inherent cyber risk. However, that driver has gradually improved over the past five years, bringing Switzerland in line with most European countries.

 

The U.S. is divided into three regions, and those, along with Mexico and Canada, are collectively classed as North America. The U.S. regions and Canada are all in the index’ top 20, Mexico is not. Comparatively ranked economic and supply chain drivers cause Canada and the U.S. territories to rank similarly, with the data pointing to poorer results in almost all drivers for Mexico. This aggregate impact pulls the overall Mexico results down (as distinct from one or two drivers with unusually low scores).

 

With all three factors (economic, supply chain, risk quality) repeatedly ranking poorly, Haiti has been ranked last in the index of countries. Specific drivers—including natural hazard exposures, local standards and corruption—all serve to increase the country’s risk. Although Haiti’s inherent cyber risk is somewhat low, that really is just a reflection of low Internet penetration within the country.

 

What are your thoughts on resilience to disruptive events? Does a country’s resilience—or lack of resilience—factor into risk mitigation initiatives?