Fourth party risk
More and more these days, organisations are thinking about supply chain continuity and their dependence on third party suppliers. Which is an eminently sensible thing to do. After all, if we have critical suppliers, whose failure or non-performance would cause us significant problems, it makes sense to ask them some pertinent questions about their business continuity capability.
But how many of us consider the ‘fourth party’ suppliers – in other words, our key suppliers’ key suppliers – or even understand who they are?
There are numerous examples of organisations being at significant risk because they are reliant on a third party supplier, who in turn relies on a third party supplier of their own – particularly when this ‘fourth party’ supplier turns out to be the proverbial ‘Fred in his shed’, with no continuity capability at all.
Whilst it’s clearly a good idea to ask our key suppliers about their business continuity arrangements, we might want to consider, if we haven’t done so already, asking them what consideration they’ve given to their own key suppliers’ continuity capability. And, depending on just how critical they are to us, maybe even that of their suppliers’ suppliers too.
The further we can drill down and understand the key dependencies in our supply chains, the better we can understand and mitigate our supply chain risks. After all, a chain is only as strong as its weakest link.