Distribution Statement A: Approved for Public Release; Distribution is Unlimited 36
Step 3. Report and review the program with stakeholders.
EDM is an enterprise activity requiring engagement and input from across the organization. The right
stakeholders must play a central role in refining and maturing the program. To facilitate stakeholders’ active
engagement reporting on dependency risks and processes must be useful and actionable. Stakeholder feedback
and input must be actively gathered, vetted, and, where appropriate, actioned.
Different types of stakeholders may require different types of reporting and engagement. Some stakeholders
(board, C-suite, enterprise and operational risk committees, external regulators, and shared and public supplier
executives) may require less frequent, more summarized reporting that is oriented toward executives. Often
this reporting and dialogue consists of overviews of program status against objectives and strategic direction as
well as the gathering of feedback on the program’s design and direction.
The reporting to midlevel managers is generally more frequent and detailed to help ensure that day-to-day
activities remain on track. Ownership, status, and timeline information are key aspects of midlevel reporting.
As the EDM objectives, strategies, or plan change it is crucial to inform midlevel managers and give them an
opportunity to provide input. Typically the mid-level managers will be the most effective at translating bigger
picture strategies and plans into more detailed procedures and operational implementation activities. This
group can also provide valuable feedback to identify challenges and issues that may result from refinements or
changes to EDM strategies and plans.
Step 4. Improve the EDM program, plans, and procedures.
To mature the organization’s EDM capability the responsible manager should propose any necessary changes
and improvements during periodic reviews. The manager should communicate with and engage all
stakeholders to help ensure their support, input, and buy-in for changes. As with the initial creation of the
EDM plan, senior management support is essential for any major proposed changes.
Organizations may choose to improve their EDM capability to different levels of maturity. Typically these
improvements are achieved by increasing the consistency and repeatability of the program processes across the
enterprise. Of course, making improvements requires increased investment, usually cost or expense, in the
short term. Sometimes the pressure to minimize initial costs can be a barrier to positive, long-term outcomes
such as lower risk, increased efficiency, lower long-term cost, compliance, and market differentiation.
Each organization must determine how much focus and investment to make in its EDM program. A key tenant
of resilience management is establishing the right balance between risk and cost to the organization. Each
situation is unique and often depends on the larger business context. Resilience and risk management
investment decisions often have long-term consequences and require coordinated interaction with key
stakeholders and the organization’s executives. Maturity and resilience management generally involve
• maintaining consistent results from key processes
• standardizing key processes across the organization
• building key processes into the organizational culture so they are retained during times of stress
A large organization may wish to standardize all of its essential EDM practices and activities across disparate
business units. This can help ensure that relationships are managed in accordance with the enterprise’s needs
and in a manner that reflects the EDM objectives, strategies, and plan. For example, to ensure a consistent
approach across the enterprise, an organization could standardize the following aspects of EDM across all
business or geographical units: