Six Interconnected Risks In Pandemic

Handbook on Extended Enterprise is now part of the IRM’s Level 1 ERM Foundation Exam. Register as a student for our Student Exam or nominate risk champions to learn more about extended enterprise through our Professional Exam. Know more: www.theirmindia.org/level1

Before last year, risk managers knew they were living in an interconnected world. The pandemic showed them what disruption to that web of connections meant. It is time to learn the lessons. Martin Luther King Jr stated: “Whatever affects one directly, affects all indirectly. I can never be what I ought to be until you are what you ought to be. This is the interrelated structure of reality.” This statement is true in our relationships, and it is true in an organization’s relationships in the extended enterprise. That is because the structure and reality of business today have changed. It is not the same as it was a few decades back. Bricks and mortar walls do not define today’s business, nor is it defined by traditional employees. The modern organization is supported by an interrelated structure of business relationships. It is an interconnected and interdependent web of suppliers, vendors, outsourcers, service providers, contractors, consultants, temporary workers, brokers, agents, dealers, intermediaries, partners, and others. Business today relies and thrives on third-party relationships; this is the extended enterprise.

1. Risk To Objectives: As the pandemic unfolded, it had a specific impact on business objectives that impacted third-party relationships’ objectives. Adapting to the crisis, businesses had to modify corporate objectives and, as a result, objectives in each relationship.
2. Risk Of Operational Resilience And Continuity: Organizations have increased exposure to their operations and delivery of business processes across third parties. There were significant issues where service providers and outsourcers entirely shut down because of lockdowns and were unable to support organizations and deliver services, including constrained supply chains and the inability to deliver goods. Outsourced data centres went dark with a skeleton crew of staff to maintain them, often remotely.
3. Risk Of Information Security: With the focus on supporting a broad work-from-home strategy for both employees and third parties, the organization faced increased exposure to IT security issues. With the Internet of Things (IoT), the light switch, blender, or TV in the third-party employee’s home could be a source of exposure to company data and connections.
4. Risk Of Integrity, Culture, And Control: With rapidly changing processes to address the pandemic risk management plan, the organization lacked controls to monitor third-party relationship changes. With reduced staff, employees in third parties were wearing multiple hats and may not have been properly trained to service the organization. Working from home offices and not in a corporate building contributed to a culture of insecurity for many.
5. Risk Of Bribery And Corruption: Constrained supply chains and pressure to meet objectives increased the risk of fraud, bribery, and corruption. With customs, imports and exports coming to a crawl in some countries, and borders shut down, there was a greater corruption risk. Heightened exposure to such corruption means that someone may use a third party to influence a foreign government official and bribe them to expedite their goods over others or to get specific contracts or permits at a time when not much is being done.
6. Risk Of Modern Slavery And Abuse Of Human Rights: There was great unrest regarding human rights worldwide; what was an issue before the pandemic has only been exacerbated further because of the pandemic. But it goes beyond civil rights and treatment of ethnic groups; it also extends into our facilities and supply chains. The pandemic risk hit certain areas of the world hard. Factories have lost employees to illness and death. As a result, there has been increased staffing with a child or forced labour alongside poor and unwanted working conditions.

Source: Enterprise Risk Magazine, Summer 2021, article by Michael Rasmussen, honorary life member of the IRM. Get the latest print edition today (India only).