Business Continuity in Global Supply Chains

Business Continuity is a crucial ingredient of supply chain management. At the same time, implementing business continuity principles in supply chains is really simple. So says Steve Cartland in his book chapter on Business Continuity Challenges in Global Supply Chains in the book titled Global Integrated Supply Chain Systems, published in 2006. Cartland’s chapter is the last of the 19 chapters in the book, and the only chapter touching upon business continuity. Unfortunately. I think this chapter should have been first.

Business continuity

Cartland starts out by defining and describing key elements of business continuity:

  1. An organization must be able to identify and agree on what its critical business processes are.
  2. These critical business processes do not need to be available at all times.
  3. The length of downtime scenarios an organization needs to safeguard against must be agreed upon.

Note #2 here. This indicates the need for an evaluation of how long the organization can cope without these processes, also termed the “maximum tolerable outage”, an important parameter in business continuity management.



Seven steps to business continuity

According to Cartland, there are seven steps to business continuity:

  1. Current situation – what are the current capabilities vis-a-vis a business outage?
  2. Business Impact Analysis – what are the critical  business processes, how are they connected and how long can we do without them?
  3. Risk Assessment – what is the likelihood and severity of possible scenarios and how can this be mitigated or responded to?
  4. Define Strategy – what level of protection do we need or want and what resources (how much) are we willing to spend?
  5. Define solution – how can the strategy be converted to practical and reachable targets?
  6. Select or Build Solution – do we outsource or build our own?
  7. Document, Plan and Test – how can we rest assured that our business continuity plan is actually working?

Unsurprisingly, given the author’s background, this part of the chapter is very much focused on IT as the subject of business continuity; other aspects appear to be given lesser space or importance. Nonetheless, IT is the binding glue in many global supply chains.

Symbiosis

A supply chain is a symbiotic relationship. Suppliers provide customers with benefits, and customers provide suppliers with guaranteed business. No organization is just a supplier or customer, it is both. Thus, an organization needs a business continuity plan to demonstrate its commitment to downstream customers and upstream suppliers. In 2001 Nokia realized this, while  Ericsson did not.

Business Continuity in Supply Chains

This is the best part of this chapter, and to some degree it is reminiscent of the ideas and throughts put forward in the Swedish book “Säkra företagets flöden” or “How to secure your supply chain” as I translated it a and posted brief summaries of some the chapters on this blog a year ago.

Here, Cartland takes the seven steps outlined above and applies them to a supply chain as follows:

  1. Map your supply chain
  2. Review each suppliers capability
  3. Compare each suppliers capability with your maximum tolerable outage
  4. Review each suppliers risk analysis for assumptions, impacts and likelihoods
  5. Compare each suppliers ability to satisfy your continuity strategy
  6. Develop improvement program
  7. Implement improvement program
  8. Document and test

This part of the chapter is very detailed and the review of suppliers’ current capabilities can be made using a template similar to below.

First, define the overall picture

  • Key business processes
  • Processes that rely on this supplier
  • Maximum tolearble outage
  • Scenarios where protection is needed
  • Outline of plan to ensure continuity for this critical process

Then, review the supplier:

  • Do they have a continuity plan? If yes,
    • when was it last tested?
    • what were the results and are they willing to share them?
    • have they conducted a business impact analysis are they willing to share it?
    • have they conducted a risk analysis are they willing to share it?
    • what are their critical business processes and tolerable outages?
    • what are their disaster scenarios and how are they planning to respond?
    • what is their maximum tolerable outage for the process that you rely on?
    • who has management responsibility for the continuity plan?
  • If they do not have a continuity plan,
    • what plans do they have or plan to implement?
    • what are their key processes for their whole business and how do they (re)view them?
    • what do they see as the major risk to their ability to supply?
    • who are their key suppliers, and do those have a continuity plan?
    • what “workarounds” in case of discontinuity to they rely on?

This is very similar to a supplier risk survey described in one of the chapters of the above mentioned Säkra företagets flöden.

Conclusion

Essentially, there is no difference between a business continuity plan for one organization, compared to a business continuity plan for a whole supply chain. What differs is the complexity, because in a supply chain, each organization must make sure that upstream suppliers and downstream customers have a suitable business continuity in place, in order to support each other’s critical processes.

Critique

This chapter starts out well, but soon loses momentum and seems to reiterate itself several times, before picking up focus towards the end, where a grand final awaits the reader. What strikes me, though, is the absolute lack of references, besides merely stating that “this chapter is based on the author’s work at Hewlett-Packard in Sydney, Australia”. Surely, Cartland must have read some academic journals, let alone trade magazines or books on business continuity in his career? Maybe it’s just me, as I’m always wary of authors with short reference lists, although I have no such doubts when it comes to Cartland. What stands out particularly well, and which is why I decided to feature this chapter on my blog, is the final section on implementing business continuity in supply chains. Here, Cartland clearly demonstrates the practitioner’s experience, knowledge and to-the-point recommendations. While it may not be worth buying the whole book for this chapter alone, the chapter makes this book worth a lot more. As I mentioned in the beginning, it is unfortunate that business continuity is relegated to the last pages of the book, it should have had a more prominent place. John Mentzer’s book on Global Supply Chain Management is an excellent example of the opposite.

Reference

Cartland, S. (2006) Business Continuity Challenges in Global Supply Chains. In: Y. Lan and B. Unhelkar (Eds.) Global Integrated Supply Chain Systems. Hershey, PA: IGI.

Author link

Buy this book

Related

Posted in BOOKS and BOOK CHAPTERS
Tags: , , ,

ARTICLES and PAPERS
Call for papers: Global Supply Chain Risk Management
Are you currently planning to write or actually writing a paper on supply chain risk and wondering w[...]
Mitigating Supply Chain Vulnerability
I'm a quantitative researcher, so I usually shy away from journal articles with too many equations a[...]
BOOKS and BOOK CHAPTERS
Book Review: HBR on Crisis Management
Close calls and near misses are not unusual in the business world, but how do companies deal with th[...]
Book Review - Fraud Risk
Last year I was approached by Gower Publishing and invited to review their Short Guides to Business [...]
REPORTS and WHITEPAPERS
Vulnerable or valuable supply chain?
More than a year old now, but still holding not so few words of wisdom is the Pricewaterhouse Cooper[...]
Calculating the Value-at-Risk
Some of you may remember that I posted about the SCOR Framework for Supply Chain Risk Management ear[...]