Nick Simms Director, Cornwood Risk Management What Contingency Planning should you demand as part of Outsourcing Contracts? Nick Simms Director, Cornwood Risk Management

3 TYPES OF DISRUPTION Supply Supplier Our own 3

4 TYPES OF CONTINGENCY Prevention Detection Escalation Correction

SUPPLY DISRUPTION - CAUSES Disaster System failure Security breach Data corruption Transmission failure People 3rd party failure 3

CONTINGENCY Remove Force majeure clauses Agree Service Levels and responsibilities Require supplier to assess and manage risk Audit its own suppliers Succession planning Tested back-ups Tested recovery plans Agree Triage plan Understand where you fit in their priorities Document and test internal workarounds Data reformatting Agree escalation plan 3

SUPPLIER DISRUPTION - CAUSES Bankruptcy Closed by courts Withdrawal from market 3

CONTINGENCY Conduct credit checking Take up references Review supplier news regularly Ensure constant dialogue Develop plans for bringing service in-house Identify alternative supplier (s) 3

OUR DISRUPTION - CAUSES Disaster System failure Security breach Receipt failure 3

CONTINGENCY Ensure supplier can redirect service Test supplier’s ability to provide additional services Include on-site supplier staff in evacuation plan Agree Communication plan Outsourcer’s management Outsourcing staff working on-site 3

SUMMARY Outsourcers are an integral part of your business Ensure you are managing your risk and ensure that your suppliers are managing it too.

CORNWOOD CONSULTING Provides Business Continuity and Operational Risk consultancy and training services primarily to Investment Banks and their support community

CONTACT DETAILS Nick Simms Cornwood Risk Management Ltd 14 Greenhalgh Walk London N2 0DJ Tel: 020 8731 6510 Fax: 020 8731 6511 E-mail: nicksimms@cornwood.co.uk Internet: www.cornwood.co.uk