The views and opinions expressed in this article are those of the thought leader as an individual, and are not attributed to CeFPro or any particular organization.
<em>By David Baylis, Regional Sales Executive, Riskonnect</em>
<blockquote><strong>How have you seen the uses of outsourcing evolve since the onset of the pandemic?</strong></blockquote>
Organisations in the last ten years have been steadily increasing the number of third parties they work with. With business strategies often being to focus on core strengths, they have outsourced specialist knowledge. This has led to Third Parties not only supporting business, but also integrating with business. Third Parties accessing networks or working within the company premises is not uncommon. However in recent years prior to the pandemic, according to Forbes, organisations have been moving away from third party suppliers, for cost, cultural and control reasons. In fact the beginning of the Pandemic saw a reduction in IT Outsourcing reducing value by 5% (according to research by ISG).
Once organisations recognised the need to deliver a sustainable response to the crisis, the tables have turned and demand for IT services has intensified. Third-party support was key to being agile and nimble, however whilst passing on responsibility for many key functions, business has recognised this does not pass on accountability, either regulatory or reputationally. If I order my food from a supermarket chain and it does not arrive, I do not blame the outsourced delivery firm, I blame the supermarket. Therefore with a greater distance and greater reliance on outsourcers to enable organisations to be nimble and agile, organisations have realised the need to understand the interconnected risk of the services provided. We have seen the need for end to end management of third parties, the requirement for ongoing monitoring, and also an understanding for monitoring of fourth parties and fifth parties. Importantly the need to connect this to strategic and operational risk to understand the impacts and have appropriate mitigation in place.