News and insights backed up by downloadable

Practical strategies to turn pressure into progress—drawn from twelve leaders helping to create safer, sustainable homes. Why we created this report The last 18 months have moved UK housing associations from policy statements to proof. Consumer standards, programmed inspections, Tenant Satisfaction Measures and SRS v2.0 have hardened expectations, while costs, ageing stock and climate pressures stretch capacity. The Housing Association Outlook Report 2026 was built to help h

In our Operational Resilience Outlook Report 2024, we outlined the shifts we expected to see across regulation, risk, and organisational maturity. A year later, some of those predictions have become reality while others were underplayed. Here’s what we got right, what we missed, and what it means for the road ahead.

The Sustainability & Business Strategy Report was built for SME owners, managers, and executives across industries. If you’re responsible for setting strategy, managing risks, or planning for growth, it gives you a practical way to bring sustainability into the core of your decision-making through risk & opportunity analysis, industry benchmarks, priority insights, and actionable OKRs turned into clear next steps.

Most organisations, including many Drova customers, already log their risks. It’s the entry point: identify what might go wrong,...

When operational resilience fails, the world notices. The past year has shown that business continuity plans are not enough. Ransomware attacks, global outages, power grid failures and data breaches have exposed a pattern of unpreparedness. It is no longer about having a backup plan. It is about proving your organisation can withstand disruption, recover fast and protect what matters most. Resilience is no longer optional. It is the standard.

There is a difference between having a plan and being ready to prove it. Under the FCA’s PS21/3 standard, many firms look compliant on paper but fall short under scrutiny. The planning phase is over. The focus now is on outcomes and evidence. The FCA expects firms to show how they will keep services running during disruption, with proof that is current, complete, and connected. Anything less reveals a credibility gap that regulators are ready to test.

Third-party resilience is now a board-level accountability. Under the FCA’s PS21/3 standard, outsourcing doesn’t remove responsibility. Firms must prove they can withstand supplier disruption and stay within impact tolerances. That means mapping dependencies, testing scenarios, and holding evidence that stands up to scrutiny. When failure hits, the regulator won’t ask who caused it; they’ll ask why you weren’t ready.

CPS 230 has dragged operational resilience out of the server room and into the boardroom. No longer a back-office task, it’s now a live legal responsibility for directors. APRA expects boards to approve frameworks, set tolerances, test scenarios — and be able to explain, in plain language, how the organisation stays standing when disruption hits. You can outsource the work. But not the accountability.

APRA expects live proof, not outdated docs or assumptions. That means updated critical operation maps, tested tolerances, and board oversight. Gaps in vendor registers or forgotten dependencies are compliance risks, not prep issues. It’s time to go from “we’ve got it covered” to “here’s the proof.”