supply chain

Cyber Security for Purchasing Professionals

Cyber Risk Management for Purchasing and supply
 
A new initiative to help build cyber security has been launched that focuses on the important role played by procurement and purchasing teams.
 
While schemes such as Cyber Essentials provides help with technical issues, the new government backed scheme provides free of charge training for procurement professionals.  The on-line course helps build understanding of the most common risks faced and how they can be addressed.
 

3PQ - Business Continuity Third Party Questionnaire - Project Page

Business Continuity 3PQ supply chain questionnaire
  • Q. What is 3PQ?
  •  
  • Simply a consistent Third Party Questionnaire that can be used freely by Business Continuity Professionals to help manage Supply Chain BCM Capability.
 
The 3PQ project group was formed through the efforts of a number of experienced BCM professionals from the Business Continuity Group BANG! and supported by the Continuity  Forum.    
 
The 3PQ Supply Chain Questionnaire Master Document will be hosted by the Continuity Forum and will be freely available for download from this page. 
 

Supply Chain Continuity using new ISO 22318 Guidelines

New guidance from ISO and the BSI to help companies build resilience and continuity in their supply chains PD ISO/TS 22318:2015 - Overview of new ISO Supply Chain Continuity Guidance

An Introduction by Lead author Duncan Ford MBCI

BSi has just published the UK edition of the recently released ISO Technical Specification 22318 Guidelines for Supply Chain Continuity. The title describes where this document fits in with the established BCM standards 22301 and 22313.  A technical specification is not a full standard; its purpose is to amplify not undermine the established standards.

Every organisation has a supply chain which may range from the purchase of basic resources to complex outsourcing arrangements for the delivery of a core service including both external suppliers and internal support such as the provision of IT services.  Each of these arrangements presents a risk to the organisation if it is unavailable, which needs to be properly understood and appropriate contingency measures put in place to protect against disruption of that product supply or service. 22318 provides guidelines on how to manage Supply Chain Continuity challenges.

The scope of this Technical Specification was deliberately constrained. It considers specifically the issues faced by an organisation which needs continuity of supply of products or services to protect its business activities and the continuity strategies for current suppliers which can be used to mitigate the impact of disruption.

The approach is broken into five stages which align with the requirements of BS/ISO 22301 which ensures that Supply Chain Continuity Management (SCCM) can be managed within an established BCM programme:

Ø  Policy and strategy which considers the requirement for supply chain continuity and the parameters each organisation should define to frame its approach to SCCM.

Ø  Analysis of the supply chain which draws upon the organisation’s BIA to identify critical activities or processes and focusses on identifying the particular risks and impacts to these processes arising from disruption in the associated supply chain.

Ø  Consideration of appropriate and achievable Supply Chain Continuity strategies which can help to mitigate the emerging risks and identify an approach to manage disruption.

Ø  Planning to manage a supply chain disruption event and the requirement to integrate this with BC plans.

Ø  Ongoing performance management to maintain an appropriate level of continuity management within the supply chain and deliver continuous improvement.

Effective SCCM generates its own challenges for an organisation, it may impact procurement strategies as continuity requirements may be contrary to strategies of minimising supply chain cost.  The process of analysis should bring a focus onto the pressure points, for example where a critical process is dependent on a single supplier, and allow the associated risk to the organisation to be recognised and managed.

A key approach is to encourage openness between an organisation and its critical suppliers delivering better understanding of each other’s priorities and risks and integrated continuity planning. This leads to continuous improvement and reducing risk.

SCCM is relevant to organisations of every size and type, TS 22318 focusses on a key aspect of managing the risks in the supply chain.

As an ISO document it is available as reference to support global supply arrangements helping the purchaser to define its continuity requirements to be included in contracts, monitor suppliers’ continuity provisions and be prepared to manage the impacts of disruption. The hope of the project team who worked on this document supported by the contributions from many global standards organisations is that PD ISO/TS 22318 takes another step towards improved global continuity and resilience.

To get a copy of the new Supply Chain Continuity Guidance please click here

Visit the BSI shop to get your copy of BS/ISO 22318

About the Author

 

Duncan Ford led the development for ISO TS 22318. He is a partner in Corpress LLP a consultancy working in the areas of risk, response and resilience including supply chain analysis.

For more information visit: www.corpress.uk

 

Mass Notification for Manufacturing and Supply Chain

Intelligent Notification | MIR3

Manufacturing and supply chains must focus on the customer, but also have information easily available to business partners. How can this part of the businesses world use Intelligent Notification to streamline operations and maintain a competitive edge?

Here are just a few examples uses for notification in transportation and logistics:

  • •  The credit card server of an online clothing store crashes during heavy sales; IT staff must be notified to fix it quickly
  •  
  • •  A top toy manufacturer discovers that children are choking on a new toy; stores must be alerted and product must be recalled immediately
  •  
  • •  A major electronics retailer is informed that a shipment has been delayed; stores must be alerted
  •  
  • •  A chemical spill occurs in your plant; you need to notify and gather a crew of maintenance workers to clean it up fast
  •  
  • •  Customers are waiting for news of a product release; they must be notified when the launch date slips
  •  
  • •  Your marketing team develops a rare, limited-time offer; you want to let prestige customers know at once

How Intelligent Notification works in manufacturing and supply chains

Effective notification involves more than just sending a one-way alert. You must be able to quickly determine who needs to know what all along the chain, and your message must be adapted as your contacts respond. Intelligent Notification technology handles this complex task, rapidly launching or cascading messages to groups of any size, whether in one location or spread all over the world. MIR3 data management includes sophisticated tools to pull information from various databases to make sure you’re always using the latest contact information.

Intelligent Notification is used in manufacturing and supply chain for business continuity and disaster recovery (BC/DR), for emergency alerting, and to keep IT systems up and running.

Intelligent Notification | MIR3


PAS 7000 EVENT Briefing | Managing and mitigating supply chain risk

Link to BSIPAS 7000 Launch: Breakfast Briefing

New Supply Chain Standard to Uncover and Mitigate Supply Chain Risks

Tuesday 4 November 2014 (Free)

VENUECentral London

TIME: 8.30am to 10.30am (registration starts at 8.00am)

ASIS to develop Supply Chain Risk Management Standard

 
ASIS International ASIS, the International group for Security Professionals, founded in 1955 and based in Virginia in the US, has started work on a new Guidance Standard for Supply Chain Risk Management with the first Technical Committee meeting held this week with Russell Price is representing the Continuity Forum.   
 
This new project addressing Supply Chain Risk comes at an opportune time hot on the heels of ISO 22301 and when completed, hopes to provides a framework for collecting, developing, and implementing best practices for supply chain risk management (SCRM).
 
The SRCM Standard is intended to be primarily a practitioner's guide and will help connect many of the diverse processes that span Business Continuity and Risk Management. The final guidance when released will provide specific good practice guidelines that can be included or adapted to fit organizations needs as well as outlining possible approaches across a range of scenarios for an organization to consider, including examples of tools other organizations have used.
 
Whilst there is a current Standard (ISO 28000:2007) many feel more support is needed to support the development of more effective Supply Chain Risk, Resilience and Continuity Management and we hope this SCRM project will add substantial to the thinking and practices used across the relevant sectors and markets.  
 
 
 
 
If you would like to know more about our work in this area or if you have suggestions for key areas that need to be included in the Guidance please do get in touch HERE
 

 

 

Food Security and Supply Chain Risks - SPECIAL PROJECT

 

Business Continuity Forum - Securing the Food Supply Chain The Continuity Forum is part of a government working group researching short to medium term emergency issues relating to risk and the UK's food supply and its security. We are inviting interested parties to contact us to assist in the development of our formal report to the committees involved. We are particularly keen to gather information from Business Continuity, Resilience and Risk Professionals active in sectors relevant to the topic on the wider scope of issues being addressed.

 

The broad principles of the project are to identify how risks and disruptions may develop and how well the country is currently prepared to cope if they occurred.

 

FREE WEBINAR _ Managing Supply Chain Business Continuity with 3PQ

Continuity Forum Webinars and Events
3PQ for Supply Chain Continuity and Resilience
 
Free Friday Webinars  
22nd June 2012 11:00 am 
29th June 2012 11:00 am 
6th July 2012 11:00 am & 16:00pm 
 
 
How to use and manage your supply chain with 3PQ
 
CLOSED
 
Forum Partners can request access to sessions or provide something tailored to your exact needs  
 
3PQ is the name of a free industry resource developed by a project team of industry professionals to help organizations better manage the risks concealed in their supply chains.
 
Join the BANG network on Linkedin3PQ was originally conceived and developed following lively discussions at a BANG London Meeting on the difficulties Business Continuity Professionals faced in responding to and managing the Supply requirements and capabilities of different organisations.
 
It was a  common problem crying out for a simple, yet effective solution... the 3PQ project was born.
 

3PQ review starting building on success

 
Click to jump to the 3PQ page Time for an update on 3PQ - The review...
 
The project which launched just over 6 months ago is now due an review and update ... PDCA in practice ;)
 
This piece of work was so rewarding; working with a committee of like minded, and indeed "other-minded" folks to establish the core questions we need responses to from the supply chain, was fascinating. 
 

3PQ making it easier for Business Continuity Managers

 
Get your supply chain under control with 3PQIn August 2011, Gayle Hedgecock was the guest speaker at BANG!
 
During an entertaining evening, she posed the question: "Just how many Continuity questionnaires must I fill in each year?"
 
In her case, it was scores of the things; others were lucky and had fewer to do, but it became clear that ALL the questionnaires were different, even though in reality they were asking the same questions.   It was just that the questions were phrased slightly differently, or were in a different order.  In some cases, they were asking questions that had little relevance to Continuity...
 
So, on the 16th August, a group of thirteen respected Continuity professionals got together to try to make life just a tiny bit easier and the 3PQ project was born!
 

3PQ wins Business Continuity award

 
Business Continuity initiative wins industry recognition The 3PQ project team has won the Best Contribution to the Business Continuity Profession prize at the annual BANG Business Continuity Awards recently held in London.
 
 
3PQ is a free resource designed to deliver practical help to those in involved in managing Business Continuity in the Supply Chain. It provides a structured framework of questions that help establish the BCM capability and priorities that is both consistent and adaptable to a wide range of organisations. 3PQ stands for Third Party Questionnaire.   
 
Gayle Hedgecock, Chair of the 3PQ committee commented at the awards “We are pleased to see that the 3PQ has been focused upon once again and that the team’s work has now been recognised with this prestigious award. Now is the right time for organisations to fully embrace this questionnaire and to review the Business Continuity Management (BCM) capability of their supply chain, as part of their preparedness for the London 2012 Olympics, any unusual events and for day-to-day operations.”
 
Vice-Chair of the committee Sara McKenna added "People need a wide range of tools to deliver effective BCM. With the 3PQ they have an easy, yet capable resource that can immediately help identify problems and build Continuity and Resilience in a difficult area. By making it free to use there really is no excuse for not addressing the supply chain risk with a bit more rigour."
 
The 3PQ project team deserves mention and big thank you should go to: Natalie Cooper, Robin Dunford-Green, Matt Innerd, Colin Ive, Roger Jarvis, Sharad Karia, Simon Maddox, John Robinson, Bob Simpson, Andy Tomkinson,, Bill May, Nestor Alfonzo Santamaria and Steve Yates. 
 
After six months in the wild and over 13,000 downloads the first review of the Questionnaire is currently being planned.
 
You can download and provide your feedback on this industry award winning initiative by visiting the 3PQ Project Page.
 
The awards night brought another prize for the Continuity Forum with Russell Price winning the Rocket Science award (we don't what it means either!) and Sara missed out by the finest of margins in the tighest vote of the night for the most helpful person in the industry award ... probably as she was just too busy to vote! 
 

 

 
  

Supply Chain questionnaire for Business Continuity

 
In August 2011, Gayle Hedgecock was the guest speaker at BANG!  During an entertaining evening, she posed the question: "Just how many Continuity questionnaires must I fill in each year?"
 
In her case, it was scores of the things; others were lucky and had fewer to do, but it became clear that ALL the questionnaires were different, even though in reality they were asking the same questions.   It was just that the questions were phrased slightly differently, or were in a different order.  In some cases, they were asking questions that had little relevance to Continuity...
 

Thoughts on Business Resilience in the Supply Chain

Business Resilience in the Supply Chain
 
During my time initially as the Chief Risk & Continuity manager for a global telecomm’s corporation, and more recently as an independent Business Resilience consultant, I have experienced a developing focus on the increasing risks in the supply chain. This has in turn led to an understanding of the serious weakening these risks pose to an organisations resilience.
 

Business Continuity for Print proves its worth

Business Continuity Forum, Support, Advice, events and guidance 

Argos and Homebase could have been crippled following the collapse of Bemrosebooth, a key supplier of Print Services to the Home Retail Group (HRG), when they fell into administration.

HRG though had the foresight to have a plan and invoked their contract with specialist Print Support company Business Continuity.  While HRG seek alternate providers of this specialised service Business Continuity will be maintaining the service to Argos and Homebase customers with all their paperwork covering statements, letters and mailings amounting to hundreds of thousands of documents each week continuing to sent uninterrupted. 

Big boys pressure suppliers to get house in order

Compliance pressures have forced large companies to put disaster recovery and business continuity plans in place, and now these companies are looking at their supply chains and have identified small and mid-sized suppliers as a source of risk, according to Simon Mingay, research vice president at analyst group Gartner.

Tighter integration of the supply chains means that companies have an increased dependency on the availability of their partners' IT systems, and so big companies are insisting that smaller suppliers get their houses in order if they want to do business.

Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...