Ideally you should be able to measure resilience and it should result in the benefits such as:
Improvement in the value of risk assessments
Reduction in expected regulatory and compliance costs
Reduction in the cost of managing vulnerabilities and associated impacts
Reduction in the effort required to manage a refined level of threat and vulnerability management
Realise savings in tracking and linking policies to regulations
Improvement in the time and costs required to complete third-party risk assessments, and to identify associated risks