Supply Chain Resilience


No matter how much work is conducted internally on managing risk and ensuring business resiliency, if the supply chain is weak the organisation is exposed to events outside of its control which could cause severe financial or reputation damage. Unsurprisingly, the goal of most procurement teams is to create the most efficient and cost-effective supply system, in many cases, the resilience capabilities of a particular supplier will often be a secondary consideration if considered at all. The ability of an organisation to embed resiliency into its supply chain requires a relationship to exists between procurement and business continuity. BCM must play an active role in the procurement process when one considers the risks posed by disruption to key suppliers. Managing and assisting suppliers to understand and deliver on their contractual obligations fully is key to success.

Analysis of own facilities

  • Offices, Factories, Warehouses
  • Has a full BIA, Risk and Control Management been completed for our facilities?
  • Are BCPs in place to deal with events?
  • Can staff easily manage BCM and risks from one source of information?
  • What are the outstanding observations and audit remarks for each node?
  • Are any certificates overdue?
  • How up to date is our information?

Supply Chain analysis

  • Any current issues with our supply chains?
  • The risk to specific suppliers?
  • Risk of raw materials (single supplier, lack of substitutes)?
  • The risk to transportation suppliers?
  • Risk to Packaging Material, Packaging suppliers?
  • Maintaining Approved Suppliers for Packaging Materials.
  • Maintaining observations, certificate info and risk assessment of suppliers

Today's struggle

It is impractical to expect enterprise organisations to monitor and manage their contingency arrangements for all their businesses with a simple word processor. While these documents have their place, they are in many ways just like paper and require a person to digest and read them. For an enterprise-sized organisation, this just isn’t practical and does not provide the all-important supply chain perspective at the heart of the business.

Business Continuity software is available in many flavours and has been for some years. Due to the early recognition by the finance sector of the importance of this subject, much of the available software has been written with banks and investment institutions in mind. These applications cannot easily map supply chains that support the vertically integrated businesses that constitute the supply chain.

Who is involved?

Commercial companies producing goods and services

Mission/business owner

Individuals with oversight responsibilities in risk management Individuals with information system, security oversight responsibilities
EXCO, risk executives Individuals with development responsibilities
Individuals responsible for conducting business-critical functions System designers, developers, integrator
Business owners, information owners, authorising officials Individuals with monitoring responsibilities
Individuals with operational responsibilities Auditors, inspectors, assessors, analysts

ISO 28000

 Security Management System for the Supply Chain

The global transportation of goods has never been so complex and poses many threats to organizations including theft, terrorism, smuggling, preservation of the brand integrity and product safety. However, organizations can demonstrate that they have identified critical aspects of the security of their supply chain and have policies, procedures and controls in place to manage security risks with ISO 28000 from BSI.


BCMfort is an application that has been built with businesses like Enterprise organisations in mind. It provides a simple means to capture business impact information to inform a series of informed plans that connect and recognize key dependencies and criticalities within and between business units. It is simple to use and available on desktop and mobile phone for business users to work with. 

BCMfort utilises a unique Node design, organisations can collect information on each node in the network, so that it can analyze data at different levels and from different perspectives. A node can be an Office, Factory, Distribution Center, Warehouse, Supplier, Supplier of a supplier…

See how BCMfort as a BCMS can help