The only reliable way to know whether your resilience investments work is to test them before you need them.
Why Untested Resilience Is Not Resilience
An institution can maintain extensive documentation of its resilience arrangements — its backup systems, its emergency protocols, its recovery procedures — without any of those arrangements actually working when called upon. Resilience investments that have not been tested are theoretical resilience: their operation in real crisis conditions depends on assumptions about how people will behave, how systems will perform, and how the coordination between them will function that may or may not be accurate in conditions that are, by definition, different from the normal conditions in which the documentation was written.
The gap between theoretical and actual resilience is almost universally discovered in crisis conditions, when the backup system that was assumed to be operational turns out not to have been maintained, the emergency protocol that was assumed to be understood turns out not to have been practised, and the coordination that was assumed to function turns out to depend on relationships that no longer exist because the people who built them have moved on. Each of these gaps was identifiable and addressable before the crisis; none was identified because the testing that would have identified it was not conducted.
What Testing Requires
Testing resilience requires simulating the conditions under which the resilience investments would be called upon — not in ways that cause the harm that the resilience is designed to address, but in ways that are sufficiently realistic to reveal the gaps between theoretical and actual capability. The disaster recovery drill that proceeds through the documented procedure without actually activating the backup systems, deploying the emergency teams, or simulating the coordination challenges of the crisis scenario is not a test — it is a rehearsal of the theory. The drill that actually switches to backup systems, actually deploys emergency response teams, and actually forces the coordination challenges that crisis conditions produce is a test — and it will almost invariably reveal gaps that the theoretical resilience documents did not capture.
Untested resilience is a belief system. Tested resilience is infrastructure. The difference is not in the documentation — it is in whether anyone has actually discovered what happens when the documents meet reality, before reality makes the discovery impossible to manage.
Discussion