SSP

A robust business continuity solution swiftly addressed COVID-19 disruptions.

Organisations are increasingly relying on complex supply chains to deliver services efficiently and cost-effectively. Some industry sectors such as retail, automotive, healthcare to name just a few, are built on their supply chains and many organisations across all sectors, are choosing to outsource functions and services to streamline operations and focus on their core capabilities.

In both scenarios, the added exposure to third-party risks needs to be identified and managed. When critical functions are managed externally, it becomes more challenging to ensure they are delivered efficiently, and in a resilient manner that protects your business. The key question is: how confident are you, that your supply chain relationships can support your business without disruption?

Why supply chain resilience is gaining regulatory attention

Regulatory bodies are increasingly scrutinising supply chain risk. Factors driving this focus include evermore complex interconnected networks, an increase in customer expectations in terms of increased flexibility and shorter timescales, and an upsurge in wider and global on and off-line disruptions. Businesses are still ultimately accountable for the performance and security of the services delivered by third parties. While outsourcing can help reduce internal workloads and operational costs, responsibility for risk mitigation stays firmly in-house.

As supply chains become more layered, it’s vital to have a clear process for evaluating and managing third-party dependencies, especially as these suppliers face their own set of vulnerabilities.

1. What supply chain resilience means

Definition

Supply chain resilience is your organisation’s ability to absorb shocks, respond quickly, and maintain continuity when disruption hits.

What it involves

It’s about predicting potential issues, adapting in real time, and bouncing back fast when the unexpected happens.

Why it matters

Resilient supply chains reduce lost revenue, limit operational costs, support customer retention, and protect brand trust.

2. Why supply chain resilience has become business-critical

Constant disruption

Events like COVID-19, extreme weather, and political tensions have exposed the fragility of global supply chains. Resilience is not a “nice to have”, it’s an organisational necessity.

Operational advantage

Firms that maintain flow during disruption can gain market share and outperform slower-moving rivals.

Long-term cost savings

Minimising downtime and avoiding last-minute fixes reduces long-term costs, even if it means higher up-front investment.

Customer expectations

Customers expect consistency. Reliable delivery strengthens loyalty and increases repeat business, and your ability to continue to deliver even in tough conditions, can set you apart from your competitors, win over new business and increase your market share.

3. What you can do to deliver supply chain resilience in practice:

We recommend that you follow this comprehensive 8-point checklist as a journey – it’s not intended to be a one-off tick-box exercise:

Supplier diversification: Work with multiple suppliers across different geographies to reduce exposure to any single failure point. This includes developing relationships with one or more backup suppliers of critical services, so that you have pre-vetted alternative providers ready to step in at short notice to reduce exposure if your primary provider encounters problems.
End-to-end visibility: Track activity across your full supply chain, including second- and third-tier suppliers, to spot risks early.
Pinpoint weak spots: Audit your supply chain to flag risks, like sole-source suppliers, congested ports, or fragile IT systems. Then take action to address these! It’s also wise to evaluate each of your key suppliers’ own resilience, not just in relation to your needs. You need to know that they have a resilience approach and do not have inherent risks that are harder to relate directly to services they deliver to you. Do they have contingency plans in place internally? Can they continue their business operations during a crisis? By aligning your own business continuity planning with those of your key suppliers, you build a stronger, more adaptive supply chain.
Operational agility: Make sure you can move quickly to switch suppliers, reroute shipments, or shift production when conditions change. Prioritising agility over cost-savings in your supply chain to maintain continuity of your operations, is key.
Strong partnerships: Build trust and alignment with suppliers and logistics partners. Open lines of communication make response faster and more effective. Specifically, share data, discuss risk mitigation, and build shared contingency plans.
Smart tech upgrades: Adopt tools that give you real-time data, automate processes, and improve communication across your network., for example AI, automation, machine learning, blockchain, and digital twins to improve your forecasting, speed up decisions, and gain insight into supply chain dynamics.
Scenario planning: Develop detailed response plans for likely disruptions. Develop fallback strategies with alternative suppliers, routes, production lines. Then test and update them regularly.
Measure and refine: Track the performance of your resilience efforts. Adapt your strategy based on what works, what doesn’t as well as what changes. Get expert support from resilience and business continuity providers.

Staying ahead in a complex supply chain landscape

As global supply chains grow more complex, the risks associated with third-party dependencies increase in parallel. With regulators demanding greater transparency and control, businesses must take proactive steps to shore up resilience.

By identifying high-risk suppliers, embedding resilience into supplier management processes, and maintaining open lines of communication, organisations can reduce the impact of potential disruptions. Effective supplier risk management isn’t just good governance; it’s a strategic priority for long-term business continuity.

Support to strengthen your supply chain

Creating and maintaining a resilient supply chain can be a challenge, but you don’t have to face it alone.

Our team can help you conduct a comprehensive business impact analysis, mapping your key suppliers and assessing the criticality of their services. Using our powerful Shadow-Planner platform, we can automate this process or guide you through it manually, whichever suits your environment.

Take a proactive next step towards better supply chain resilience

As part of our managed services offering, we carry out third-party supplier Business Continuity Management (BCM) assessments. This gives you assurance that your external partners are prepared for disruptions - so their disruptions won’t become yours!

SSP is a prominent worldwide provider of technology systems and services for the insurance sector. Backed by more than 35 years of industry expertise and a dedicated workforce of more than 700 skilled professionals, they play a pivotal role in shaping the industry. Their efforts empower insurers, brokers, and financial advisors to efficiently serve their customers.

The Challenge

In recent times, SSP’s operational model has grown substantially more intricate, leading to a significant shift in risk and impact profiles. The necessity for an extensive revision of their business continuity management system became apparent to align with their risk tolerance and the expectations of their stakeholders. They made the strategic decision to enhance their business continuity management system, catering to the evolving needs of their investors, strategic goals, risk landscape, and customer base.

Drawing on their existing partnership with Wavenet and their business continuity and maintenance services, they engaged with their Wavenet account manager to explore how our business continuity offerings could assist in establishing a robust and intelligent management system. This system aimed to elevate their continuity proficiency and resilience across a rapidly expanding organisation.

Our goal was to enhance their responsiveness to disruptive incidents, ensuring a clear understanding of their operating model within the threat landscape for themselves and stakeholders. We sought to confirm the adequacy of controls in maintaining their operations, safeguarding customer’s interests, and minimising disruption likelihood and impact. Furthermore, for competitive advantage, they also required demonstrable certification of management to international standards (ISO 22301).

In discussions held at their Solihull offices, Wavenet demonstrated a keen understanding of their business resiliency challenges. Despite previous efforts over time to implement a business continuity system, the lack of dedicated resources often led to key staff diverting their attention to more immediate concerns. Inconsistent resource
availability and limited experience in business continuity planning resulted in inconsistent outcomes across the organisation, accompanied by difficulties in keeping the system up-to-date. Wavenet’s consultants harnessed their Business Continuity as a Service (BCaaS) model to craft an initial scope of work. This delineated the required activities, enabling the development of a comprehensive work program in collaboration with SSP. The plan was subsequently fine-tuned to strike a balance between requisites and budget, culminating in a defined scope of service with a fixed price.

AT A GLANCE

Company: SSP
Industry: Finance
Employees: 501-1,000
Objectives:

Upgrade existing business continuity management system (BCMS) to support the evolving requirements and risk landscape
Acquire demonstrable certification of
management to international standards (ISO 22301)

Solution:

Business continuity

Results:

Implemented staff relocation and work transfer strategies within 72 hours of the point of invocation.
Boosted command, control and
communications capabilities to show where mitigation for risk scenarios of concern were needed.

The Solution

SSP opted for our BCaaS solution, which encompassed creating and deploying an economical business continuity management system finely tailored to their strategic goals and risk tolerance. Under their ownership and guidance, this management system is overseen and enhanced by Wavenet’s leading consultancy team. Additionally, this service capitalises on Wavenet’s business continuity software “Shadow-Planner” in two primary ways. Firstly, the mobile app provides essential responder guidance accessible on SSP’s mobile devices, readily available during times of need. Secondly, the Shadow Planner management tool serves to collect and analyse risk and continuity data. It further facilitates tracking and monitoring of the business continuity management system (BCMS) and its outcomes against their strategic risks and objectives.

The Result

In early 2020, the BCMS demonstrated its effectiveness in response to the COVID-19 pandemic. The organisation successfully executed strategies for staff relocation and work transfer by utilising SSP’s thoroughly rehearsed command, control, and communications framework alongside their BC intelligence. This response was instrumental in sustaining business operations despite challenges such as building access denial and staff absences due to widespread lockdowns across their operational territories. Notably, the entire endeavour was accomplished within an impressive 72 hours from the point of invocation. The earlier continuity risk analysis facilitated by the Wavenet administered BCMS had already paved the way for enhancing command, control, and communications capabilities. This analysis also pinpointed the need for an array of mitigations in response to critical risk scenarios. Subsequently, leveraging their BCMS and risk management system, the organisation put these mitigations into effect, ensuring preparedness for COVID-19’s impact.

The collaborative structures, strategies, and plans cultivated over recent years by SSP and Wavenet, with specific focus on their BCMS, have facilitated swift responses to various disruptions. Rigorous training and rehearsals have equipped their teams to confidently lead incident responses, resulting in quicker and better informed decision-making. Wavenet’s Shadow-Planner mobile app has supported responders with instant access to essential guidance and contact information during crises. The organisation is now considering expanding the app’s utility by incorporating technical recovery guidance and contacts.

Central to their proactive approach is the recurring lifecycle of BCMS activities, which maintains a continual focus on threats and vulnerabilities within the management’s purview. This cycle is instrumental in ingraining key management principles into SSP’s organisational fabric. The immediate value of this approach became evident during the first lifecycle, where Wavenet worked collaboratively to standardise the continuity risk management approach across the evolving organisation. This standardisation allowed for a more uniform analysis of continuity risks and impacts, and facilitated the sharing and utilisation of responder and continuity expertise throughout the organisation. Leveraging Wavenet’s Shadow-Planner administration software, most administrative tasks such as program scheduling, document control, and data analysis have been streamlined, freeing up the BC budget and personnel to concentrate on preparedness.

Consequently, SSP has enhanced control over continuity risks and enriched their dialogues on the subject. These discussions have matured over time, now encompassing broader topics such as emergency preparedness, command and control, crisis management, disaster recovery, and risk management. Wavenet’s emphasis on fostering a comprehensive understanding of these broader disciplines has heightened the integration of key principles of organisational resilience into daily practices. SSP firmly believes that Wavenet’s management systems approach has not only manifested demonstrable improvements to their system, competence, and capability but has also positioned them to align with international standards (ISO 22301)