Resiliency Diagnosis®️

A decade of Resiliency Diagnosis® evaluations. Dozens of organizations worldwide. The same pattern, again and again: most programs aren’t broken.

They’re scattered, and they improve fast once someone shows them where to focus.

Overview

Most programs we assess aren’t broken.  They’re scattered.

Two crisis plans that overlap. Confusing severity levels. A business impact analysis that’s out of date, or never existed. Documentation no one maintains. You know something needs to change, but you can’t prove what or where to spend first.

The Resiliency Diagnosis® is a fast, focused read on your business continuity, crisis management, and recovery posture. In a few weeks, you get clarity, alignment across your leadership, and a roadmap sequenced by what matters most.

We tell you what to consolidate, what to cut, and what to build.

No jargon. No 200-page binder. Just what to do next, and in what order.

Who it's for

We built the Resiliency Diagnosis for leaders carrying the program, often alone:

• You just stepped into the role and need a fast, credible read on what you’ve inherited before you put your name on it.
• You’re new to owning resilience and need to know where to start.
• You inherited the program from a champion who left and need to know what’s real before the risk is yours.
• You just ran an exercise that exposed gaps and need a plan, not another finding.
• You’re facing an audit, a board presentation, or a compliance deadline and need to walk in ready.
• You’re trying to fund or relaunch a stalled program and need the case to move.
• You’re confident, but untested against a real disruption.

What you walk away with

• A prioritized roadmap — short-term fixes and long-term moves, sequenced so you know what to do first.
• An executive briefing deck — ready to put in front of your leadership team or board, built to win the resources you need.
• A maturity model & score — exactly where you stand against the standard, and against peer organizations.
• A plain-English evaluation — clear observations and specific recommendations. No 200-page report.
• Stakeholder interviews — surfacing the cultural and operational risk your documents hide.
• Assessment against the standards that apply to you — ISO 22301, ISO 22361, FFIEC, NIST SP 800-53, ISO 27031, and Bryghtpath benchmarks.

See what you get

Before you commit, see the output.

Below is a sanitized example of what a finished Resiliency Diagnosis® delivers: your maturity score by domain on a 1-to-5 scale, the gap between where you are and where you need to be, and the roadmap that closes it.

For context, most programs start at 1.5–2.5 and reach 3.5–4.5 over time.

We show you exactly where you sit and what moves you up.

Sample


Executive snapshot

Sample


ISO 22301:2019 comparison

Sample


Strengths and opportunities

Sample


Recommendations

Sample


Prioritized roadmap

׋›

׋›

׋›

׋›

׋›

If a recent exercise left you with more questions than answers

You ran the tabletop. The findings stung.

No one was sure who was actually in charge. The plan didn’t match how your team works. Severity levels were confusing, decisions stalled, and the question hung in the room: could we really manage a serious crisis?

That’s what the Resiliency Diagnosis answers.

We assess your continuity and crisis management program against where it needs to be, tell you which gaps actually matter, and hand you a prioritized roadmap with an owner and an order.

Not another list of findings. A plan you can act on.

Talk with us about a post-exercise Resiliency Diagnosis

How it works

Our process is quick, light-touch, and built for teams that don’t have spare hours.

• Week 1: Kickoff and data gathering
• Weeks 2–6: Interviews and discovery
• Weeks 7–9: Diagnosis and roadmap development
• Weeks 10–11: Review and iteration
• Week 12: Executive briefing

A full Resiliency Diagnosis® typically runs about 12 weeks.

It can often move faster when your firm can produce discovery documents quickly for review and schedule the necessary stakeholder interviews throughout the engagement.

Tell us your timeline, and we’ll work with you to build the plan around it.

Why Bryghtpath?

We’ve stood in the room. We don’t just cite standards. We’ve led responses to cyberattacks, pandemics, protests, and natural disasters at the Fortune 50 level.

You get judgment, not a junior consultant running a tool.

We work for your business, not a checklist. Your roadmap is built around your strategy and your risk, not a generic maturity template.

We simplify. Most programs need less, not more. Fewer plans, clearer ownership, documentation people actually use. We help you move from reporting the risk to leading the program.

Fixed-fee, no surprises. You know the cost before we start. No open-ended hours.

Download the Product Sheet

Get the full Resiliency Diagnosis® methodology, scope, and what’s included in a shareable format.

Frequently Asked Questions

How long does it take?
A full Resiliency Diagnosis® typically runs about 12 weeks. It can move faster when your firm can produce discovery documents quickly for review and schedule the necessary stakeholder interviews without delay. If you’re working against a hard deadline, tell us, and we’ll build the timeline around it.

What does it cost?
Fixed-fee, based on scope. You know the number before we start. No surprise charges. Contact us for a quote.

Facing an audit or compliance deadline?
We routinely scope the Resiliency Diagnosis® to land ahead of HITRUST, SOC, FFIEC, and regulatory review dates. Tell us the date and we’ll work backward from it.

Does this align with industry standards?
Yes. We assess against ISO 22301, ISO 22361, FFIEC, NIST SP 800-53, ISO 27031, and other leading frameworks. You get a defined standard to measure against, not our opinion.

Do you work globally?
Yes. We run assessments across North America, Europe, Asia, and the Middle East.