Bookmark and Share Email this page Email Print this page Print Pin It
Feed Feed

Dec 27, 201201:03 PMOpen Mic

Send us your blog for consideration!

Business continuity planning: Conduct a critical vendor review

Business continuity planning: Conduct a critical vendor review

(page 1 of 2)

Emerging state and federal laws require that companies in nearly every industry implement a disaster recovery or business continuity plan. This holds especially true for companies engaged in health care, insurance, financial service, and other highly regulated sectors. In addition to regulatory mandates, sound business judgment encourages that companies prepare a “Plan B” for their operations to respond to unforeseen events.

Critical vendors

When considering continuity planning, many companies mistakenly limit their plan to cover continuation of business during natural disasters – such as floods, hurricanes, and other weather-related events. This approach is too narrow and misses one of the most likely causes of business disruption: namely, the demise of a company’s critical vendor. The loss of a critical vendor may result in significant loss or downtime to a business.

Consider, for example, the impact on a company if its key source for materials or component parts goes out of business or terminates its agreement with the company. Similarly, consider the impact if a critical software vendor terminates a company’s license to use the software through which it runs financial and accounting operations. During uncertain economic times, companies are well advised to conduct a legal review of their most critical vendors annually.

The process

  1. Review existing vendor relationships and determine which are mission critical. These should be vendors whose products or services are not readily attainable in the marketplace. These might also be vendors for whom it would take significant time and resources to transition to an alternate source. Focus on an initial number of vendors that is manageable. Five to 10 vendors is a good start.
  2. After compiling the list, perform financial due diligence on each vendor and obtain financial statements from each. Pay particular attention to vendors that are privately owned. If they are unable or unwilling to provide financial statements (preferably audited), consider whether there are other assurances such as bonds, letters of credit, or guarantees that should be requested. Require annual financial statements from each or quarterly statements from vendors that exhibit less financial stability.
  3. Prepare a checklist of key contractual terms that should be in each contract with key vendors. For example, the checklist should include an action item to confirm that a vendor does not have the right to terminate its agreement for convenience or without notice. It would not be unusual for the checklist to contain up to 50 key points to review in a vendor contract.
  4. Using the prepared checklist, review each of the existing agreements between the company and mission-critical vendors. Highlight those areas in which the company has not adequately protected itself by contract. Consider whether to initiate negotiations with the vendor to amend the existing contract, or to postpone negotiations until the next contract renewal.
  5. Review existing standard form agreements to ensure that they contain the protections identified in the checklist. These standard form agreements may take the form of purchase orders, quotations, terms and conditions of sale, master service agreements, and the like. This will help to ensure that new vendor engagements include the company’s standard protections going forward.
  6. Conduct a review of the company’s existing insurance program to determine whether adequate coverage is in place in the event of a business disruption. The insurance agency can provide further guidance on insurance requirements to place in vendor agreements.

Add your comment:
Bookmark and Share Email this page Email Print this page Print Pin It
Feed Feed