To a procurement function, the unexpected is the only constant. Natural disasters, political unrest, pandemics, and economic fluctuations are just a few examples of crises that can disrupt the operations of a company. This is where Business Contingency Planning (BCP) becomes indispensable. BCP is a strategic blueprint that organizations implement to ensure they can continue operating during and after a significant crisis or disaster.

Background and Definition

Business Contingency Planning is the process of developing a system of preventive and recovery measures to deal with potential threats to a company. Originating from risk management practices, BCP involves identifying the critical operations of the business, understanding the risks that could impact those operations, and devising plans to ensure the continuity of business processes.

Importance of BCP

The primary goal of BCP is to protect personnel and assets while maintaining the function of the organization. It’s not just about survival in the face of disaster but also about the ability to thrive post-crisis. The importance of BCP cannot be overstated:

• Minimizes Disruption: Business Contingency Planning ensures that critical functions can continue during and after a disaster, minimizing the disruption to operations.
• Protects Reputation: Companies with effective BCP can recover faster, helping to protect their reputation with stakeholders, including customers, employees, and partners.
• Ensures Financial Stability: By minimizing downtime, BCP helps to safeguard the company’s financial health against the potential losses that can occur during a crisis.
• Compliance and Competitive Advantage: In many industries, having a BCP is a regulatory requirement. Moreover, it can serve as a competitive advantage, demonstrating to customers and partners that the business is resilient and reliable.

Examples of BCP in Action

• Pandemic Response: The COVID-19 pandemic highlighted the need for comprehensive BCPs that include health and safety measures, remote work capabilities, and supply chain diversification.
• Natural Disasters: Companies located in areas prone to natural disasters, like hurricanes or earthquakes, rely on BCP to quickly restore operations, often by pre-arranging alternative production sites or logistics routes.
• Cyber-Attacks: With the rise in cyber threats, BCPs focusing on IT security and data integrity ensure that businesses can rapidly recover from data breaches or system outages.

Procurement Perspective: Internal and External Views

From a procurement standpoint, BCP carries a dual perspective—internal and external—highlighting the function’s unique position within the organization.

• Internal Perspective: Procurement must ensure that its own operations can withstand disruptions. This involves having access to alternative suppliers, understanding critical procurement processes, and ensuring that procurement staff are trained in emergency procurement procedures.
• External Perspective: Procurement plays a crucial role in ensuring that key suppliers, especially those identified as critical or strategic in the Kraljic Matrix, have their own effective BCPs. This is vital because a disruption in the supply chain can halt production lines, delay deliveries, and ultimately affect the bottom line.

Implementing BCP with Suppliers

• Risk Assessment: Work with suppliers to identify potential risks and the impact on supply chain continuity.
• Certification and Audits: Require suppliers to have certified BCPs in place and conduct regular audits to verify their effectiveness.
• Collaborative Planning: Develop joint contingency plans with strategic suppliers to ensure coordinated response efforts.
• Diversification: Diversify the supplier base to reduce dependency on any single source, especially for critical components.

BCP and RFQ – a tool for the tactical buyer role

Including Business Contingency Planning (BCP) as a requirement in a Request for Quotation (RFQ) process is a strategic move for any organization aiming to ensure resilience and continuity in its supply chain. Here’s how it can be effectively incorporated and verified:

Incorporating BCP in the RFQ Process

• Specify BCP Requirements: Clearly state in the RFQ document that suppliers must have a comprehensive BCP in place. Define the specific expectations for the BCP, such as coverage of critical operations, employee safety measures, IT disaster recovery, and supply chain risk management strategies.
  • Detailed Questionnaire: Include a detailed questionnaire or checklist in the RFQ that asks suppliers to provide information on their BCP. Questions should cover areas like risk assessment methodologies, business continuity strategies, backup facilities and resources, and communication plans during a disruption.
  • Documentation Request: Require suppliers to submit a copy of their BCP documentation along with their quotation. This should include any certifications, audit reports, or third-party assessments that demonstrate the robustness of their BCP.
• BCP as a Scoring Criterion: Make the presence and quality of a supplier’s BCP a key criterion in the supplier selection scoring matrix. Assign a weight to this criterion to reflect its importance in the overall evaluation of the supplier.

Verifying BCP During Supplier Selection

• Review Submitted Documents: Thoroughly review the BCP documentation submitted by suppliers. Look for comprehensive risk assessments, clearly defined recovery strategies, and evidence of regular BCP testing and updates.
• Reference Checks: Conduct reference checks with current or past clients of the supplier to understand how effectively the supplier’s BCP was executed during actual disruptions.
• Site Visits: If feasible, conduct site visits to critical supplier facilities to assess the physical aspects of the BCP, such as emergency equipment, backup power supplies, and alternative logistics routes.
• Third-party Audits: Consider requiring or conducting third-party audits of the supplier’s BCP. A third-party assessment can provide an unbiased review of the supplier’s preparedness and the effectiveness of its BCP.
• Compliance and Certifications: Verify that the supplier’s BCP complies with industry standards and regulations. Look for certifications such as ISO 22301 (Business Continuity Management) that indicate a high level of commitment to business continuity.

Ongoing Monitoring and Collaboration

After selecting a supplier, it’s crucial to continue monitoring their BCP compliance and effectiveness. This can be achieved through regular reviews, updates to the BCP based on changing risk landscapes, and collaborative drills or simulations. Establishing a framework for continuous improvement and communication regarding BCP will ensure that both the buying organization and its suppliers are prepared to respond to disruptions effectively and minimize their impact on operations.

Summary Business Contingency Planning in Procurement

Business Contingency Planning is not just a good-to-have strategy; it’s a must-have for modern businesses. For procurement professionals, ensuring both internal resilience and external supply chain stability through effective BCP is not just about mitigating risks—it’s about securing a competitive edge and ensuring long-term sustainability. As we navigate an increasingly volatile global landscape, the role of BCP in procurement has never been more critical.

Incorporating BCP requirements into the RFQ process and verifying these plans during supplier selection demonstrate an organization’s commitment to resilience and risk management, while also encouraging suppliers to prioritize these critical aspects of their operations.

Are you considering learning more about professional sourcing, Learn How to Source recommend the bundle of courses called The Sourcing Engine. 

Note: Illustration to the blogpost “Business Contingency Planning (BCP) in Procurement” is created ny Chat-GPT on March 29, 2024.

Utbildning Inköp provides information in Swedish about LHTS’ online courses.