My good friend Kevin Christ (at Concentre Group) is the co-author of the CIO article that started out “Offshore service providers are grappling with COVID-19’s impacts, limiting their ability to meet obligations.” The May 6, 2020 article entitled “A 7-point blueprint for assessing your offshore IT risk exposure” the included these comments of about #2 Assessing Business Continuation Plans (BCP) and status:
CIOs must demand detailed information on each vendor’s BCP, their preparedness for a remote-work-only scenario, testing and outcomes.
An Indian multinational service provider told us that, “No one ever envisioned this scenario to occur. Our business continuity plans did not provide direction on work from home restrictions. Our team works from a center using desktops. India’s swift lockdown left many resources in remote locations without the tools to perform their work.”
Review the BCP in detail with an eye for impact on your services and fit for the current remote-work scenario (equipment, connectivity, security).
Review the recency and results of the BCP testing and any audit concerns.
Confirm that the BCP meets contractual obligations, including notification requirements.
Here are all 7 points:
1. Evaluate IT contracts and partners for obligations, opportunities and risks
2. Assess Business Continuation Plans (BCP) and status
3. Understand your place in the pecking order
4. Confirm assigned team member are effective in their new working conditions
5. Determine current security and confidentiality risks
6. Determine if remote work is effectively producing the desired outcomes
7. Immediate and long-term IT talent strategy changes
Please investigate your offshore IT risk!