Three Considerations for Third Party Business Continuity Management

What are the 3 key considerations to address when bringing Business Continuity and third-party Risk Management?

Within the business continuity environment, the most complex risks are increasingly arising from third-party contractors and their business continuity preparedness. If there are no contractual obligations or pre-existing arrangements with third parties, any minor incident may turn into a full-blown crisis.

 

It is therefore extremely important to ensure that all supplier contracts that strongly impact critical business activities have a Business Continuity Management (BCM) arrangement.

When new suppliers are being introduced, most larger companies have a risk management process to ensure that all risks related to that supplier are considered. As part of this process, the company also needs to consider all the BCM risks the contract may involve, and identify mitigation measures if necessary. Third party risk management and business continuity need to work closely together to ensure that all new contracts have a business continuity consideration where necessary.

 

These are three key considerations to address when bringing together third party risk management and BCM:

 

1. Build a process to evaluate all contracts that come into the company in a systematic way, to ensure that no critical contracts are missed.

2. Have a set of questions ready for the internal and external parties to ensure that all BCM risks are considered both from an internal and external point of view. Make use of both qualitative and quantitative questions to ensure that all contracts are thoroughly and consistently evaluated.

3. Develop a set of mitigation requirements as standard for critical contracts. These may include: contractual obligations to ensure suppliers have a BCM program in place, a dedicated resource plan covering the failure of that specific third party, pre-arranged action plans with the supplier to establish a collective response in the event of a disruption.

 

These considerations help protect company operations and third party contracts. While third-party risk management and business continuity often do not work closely, bringing these functions together ensures a company is more resilient and better able to respond to critical incidents and disruptions.

 

by Mathias Jenses

Finding Third-Party BCM solutions

Read more?

We can help you today

If you want to see what the Human Risks platform can do, for your company.  Contact us today

Contact