Highlights from this report include:

  1. 44% of the respondents have a mixed Third-Party Hot Site/ Alternate Site along with an internal recovery solution.
  2. 60% of the respondents utilize software planning tools for their BC/DR program and as a profession the biggest struggle with these tools is ease-of-use, training and administrative support.
  3. 73% of the respondents utilize notification tools and these professionals noted ease-of-use, multi-use capabilities, reporting and training as the biggest struggle with the present notification tools available.
  4. 15% of the respondents utilize mobile recovery services and it seems the biggest challenges with the current providers is in the administrative support, response time and testing capabilities.

As a profession we are making strides in the following:

  1. Including service level agreements within the contracts (40% for all suppliers, 39% for some suppliers)
  2. Defining recovery time objectives for critical suppliers (19% for all suppliers, 43% for some suppliers)
  3. Contracts requiring a document business continuity plan (29% for all suppliers, 34% for some suppliers)

There is room for improvement in the following areas with critical suppliers, though:

  1. Internal and/or external audit of critical suppliers' resiliency/ business continuity programs (55% are not sure or never conduct an internal audit for critical suppliers and 71% indicated the same for an external audit)
  2. Awareness of how often your critical suppliers conduct a BIA (64% indicated not sure or never) and/or risk assessment (59% indicated not sure or never) as well as how often documents are updated (60% indicated not sure or never)
  3. Awareness of where critical suppliers store backups (72% indicated not sure) and if primary and alternate sites are on separate utility grids or multiple distribution points (60% indicated not sure or no)
  4. Awareness of if critical suppliers follow a chain of custody controls to prevent loss of physical media while in transit to backup facility (78% indicated not sure or no) and do critical suppliers encrypt data prior to transmitting to backup facility (63% indicated not sure or no)
  5. Awareness of do critical suppliers inspect mail prior to delivery to primary facility (82% indicated not sure or no)

BC Management would like to thank everyone who participated in our 2nd Edition of the BCM Service Provider/ Third-Party Critical Supplier Assessment.

Download 2nd Edition BCM Service Provider/ Third-Party Critical Supplier

BC Management, a global leader in recruiting and placing continuity, resiliency, crisis management and risk management professionals, is assisting multiple clients with their personnel needs.

Leave a Reply