Business Resilience Management (BRM) ensures that companies identify and design critical business processes so that they can overcome emergency situations as soon as possible or even prevent them in advance.

As a management process, BRM tries to achieve identifying major risks that expose a threat to the organization’s survival and set counteractions at any early stage. To ensure their ability to function and survive, companies need to take preventive measures to create more robust, fail-safe business processes and enable fast, targeted reactions in the case of emergency or crisis. BRM provides a planned, organized approach to sustainably increase the robustness of essential or time-critical business processes, respond to damaging events accordingly, and return to business as usual as quickly as possible.

The goal of BRM is to minimize temporary disruptions to important business processes or eliminate them entirely and secure the company’s economic existence in the case of major damaging events. This requires a holistic view of all factors to continue critical business processes, and not simply the resource of information technology, in case of a damaging event. IT service continuity management (ITSCM) is one component of BRM.

GLDNHRN ONEGRC supports all relevant steps along the entire BRM lifecycle:

  • Business impact analysis .Identifying business-critical processes
  • Running damage analyses (categories and scenarios for damage and protection requirements)
  • Collecting restore parameters (e.g. max. tolerated downtime, max. tolerated data loss, recovery time and level)
  • Setting priorities and criticality .Collecting resources for normal and emergency operations
  • Defining criticality and the order for restarting resources
  • Creating BIA reports .Risk analysis (identification, evaluation, strategies, reporting)
  • Control analysis (determining current status)
  • Resilience strategies (including analysis of costs to benefits)
  • Emergency prevention (actions, controls, guidelines, escalation)
  • Validation and Verification Test (execution, documentation)
  • Compliance (maturity level)


  • Flexible modification of customer-specific requirements
  • Fewer management tasks in the central BRM team
  • Optimal reporting (efficient, structured views)
  • Automated, transparent action tracking
  • Investment security through module extensibility (ISM)
  • Integration of ITRM in the BRM solution
  • Optional mapping of SCM requirements
  • Completely accessible risk management
  • Transparency on the maturity level of BRM
  • Simpler information exchange among different stakeholders
  • Integration of business departments and process owners based on a business impact analysis or tactics
  • Documentation and tracking of defined and assumed emergencies
  • Fast implementation (Web application)
  • Workflow support for complex approval processes
  • Less reporting work through automation


  • Compatible with many standards
  • Mapping of BRM assessment lifecycles and period comparisons (business impact analysis, risk analysis, BCP/DRP and validation verification tests)
  • Custom rule configurations to enable objective evaluations based on quantitative and qualitative criteria
  • GLDNHRN BPM process support for editing and tracking actions, test results, emergency cases, etc.
  • Mapping complex cause-and-effect relationships among organizational units, infrastructures, IT systems, IS services, processes and resources
  • Individual reports for various stakeholders
  • Comprehensive evaluation and aggregation capabilities
  • Support for custom client-side modifications
  • Simple administration


Thanks to the modular configurations of GOLDENHORN eGRC BRM with different submodules and features:

  • Business Resilience Knowledge Management System
  • Business Resilience Case Management – Business Resilience Request Fulfillments
  • Business Resilience Incident Management
  • Business Resilience Management – Plan Activations
  • Business Resilience Assessment Planning Management
  • Business Resilience Assessment Management
  • Business Impact Analysis – Process
  • Business Impact Analysis – Product/Service
  • Business Impact Analysis – Investment Projects
  • Business Impact Analysis – Vendors&Suppliers
  • Business Impact Analysis – External Service Provider
  • Business Resilience Scoring Engine
  • Business Resilience Assessment – Risk Assessment for Process
  • Business Resilience Plans Testing & Rehearsals Management
  • Business Resilience Finding Management
  • Business Resilience Performance Management
  • Business Resilience Analytics and Reporting