Business Continuity is a crucial ingredient of supply chain management. At the same time, implementing business continuity principles in supply chains is really simple. So says Steve Cartland in his book chapter on Business Continuity Challenges in Global Supply Chains in the book titled Global Integrated Supply Chain Systems, published in 2006. Cartland’s chapter is the last of the 19 chapters in the book, and the only chapter touching upon business continuity. Unfortunately. I think this chapter should have been first.
Business continuity
Cartland starts out by defining and describing key elements of business continuity:
- An organization must be able to identify and agree on what its critical business processes are.
- These critical business processes do not need to be available at all times.
- The length of downtime scenarios an organization needs to safeguard against must be agreed upon.
Note #2 here. This indicates the need for an evaluation of how long the organization can cope without these processes, also termed the “maximum tolerable outage”, an important parameter in business continuity management.
Seven steps to business continuity
According to Cartland, there are seven steps to business continuity:
- Current situation – what are the current capabilities vis-a-vis a business outage?
- Business Impact Analysis – what are the critical business processes, how are they connected and how long can we do without them?
- Risk Assessment – what is the likelihood and severity of possible scenarios and how can this be mitigated or responded to?
- Define Strategy – what level of protection do we need or want and what resources (how much) are we willing to spend?
- Define solution – how can the strategy be converted to practical and reachable targets?
- Select or Build Solution – do we outsource or build our own?
- Document, Plan and Test – how can we rest assured that our business continuity plan is actually working?
Unsurprisingly, given the author’s background, this part of the chapter is very much focused on IT as the subject of business continuity; other aspects appear to be given lesser space or importance. Nonetheless, IT is the binding glue in many global supply chains.
Symbiosis
A supply chain is a symbiotic relationship. Suppliers provide customers with benefits, and customers provide suppliers with guaranteed business. No organization is just a supplier or customer, it is both. Thus, an organization needs a business continuity plan to demonstrate its commitment to downstream customers and upstream suppliers. In 2001 Nokia realized this, while Ericsson did not.
Business Continuity in Supply Chains
This is the best part of this chapter, and to some degree it is reminiscent of the ideas and throughts put forward in the Swedish book “Säkra företagets flöden” or “How to secure your supply chain” as I translated it a and posted brief summaries of some the chapters on this blog a year ago.
Here, Cartland takes the seven steps outlined above and applies them to a supply chain as follows:
- Map your supply chain
- Review each suppliers capability
- Compare each suppliers capability with your maximum tolerable outage
- Review each suppliers risk analysis for assumptions, impacts and likelihoods
- Compare each suppliers ability to satisfy your continuity strategy
- Develop improvement program
- Implement improvement program
- Document and test
This part of the chapter is very detailed and the review of suppliers’ current capabilities can be made using a template similar to below.
First, define the overall picture
- Key business processes
- Processes that rely on this supplier
- Maximum tolearble outage
- Scenarios where protection is needed
- Outline of plan to ensure continuity for this critical process
Then, review the supplier:
- Do they have a continuity plan? If yes,
- when was it last tested?
- what were the results and are they willing to share them?
- have they conducted a business impact analysis are they willing to share it?
- have they conducted a risk analysis are they willing to share it?
- what are their critical business processes and tolerable outages?
- what are their disaster scenarios and how are they planning to respond?
- what is their maximum tolerable outage for the process that you rely on?
- who has management responsibility for the continuity plan?
- If they do not have a continuity plan,
- what plans do they have or plan to implement?
- what are their key processes for their whole business and how do they (re)view them?
- what do they see as the major risk to their ability to supply?
- who are their key suppliers, and do those have a continuity plan?
- what “workarounds” in case of discontinuity to they rely on?
This is very similar to a supplier risk survey described in one of the chapters of the above mentioned Säkra företagets flöden.
Conclusion
Essentially, there is no difference between a business continuity plan for one organization, compared to a business continuity plan for a whole supply chain. What differs is the complexity, because in a supply chain, each organization must make sure that upstream suppliers and downstream customers have a suitable business continuity in place, in order to support each other’s critical processes.
Critique
This chapter starts out well, but soon loses momentum and seems to reiterate itself several times, before picking up focus towards the end, where a grand final awaits the reader. What strikes me, though, is the absolute lack of references, besides merely stating that “this chapter is based on the author’s work at Hewlett-Packard in Sydney, Australia”. Surely, Cartland must have read some academic journals, let alone trade magazines or books on business continuity in his career? Maybe it’s just me, as I’m always wary of authors with short reference lists, although I have no such doubts when it comes to Cartland. What stands out particularly well, and which is why I decided to feature this chapter on my blog, is the final section on implementing business continuity in supply chains. Here, Cartland clearly demonstrates the practitioner’s experience, knowledge and to-the-point recommendations. While it may not be worth buying the whole book for this chapter alone, the chapter makes this book worth a lot more. As I mentioned in the beginning, it is unfortunate that business continuity is relegated to the last pages of the book, it should have had a more prominent place. John Mentzer’s book on Global Supply Chain Management is an excellent example of the opposite.
Reference
Cartland, S. (2006) Business Continuity Challenges in Global Supply Chains. In: Y. Lan and B. Unhelkar (Eds.) Global Integrated Supply Chain Systems. Hershey, PA: IGI.
Author link
- continuity.net.au: Steve Cartland
Buy this book
- amazon.com: Global Integrated Supply Chain Systems
Related
- husdal.com: Managing Risk and resilience in supply chains
- husdal.com: The Handbook of Business Continuity Management