External services

iFACTS External services - Web based management and control of External services

To control the value chain, or supply chain, it is important to include external parties and services.

Controlling the External services has become an important part in Risk Management (Supply chain) and Business Continuity. It is interesting for insurance companies as well since there is an important connection to the insurance line Business Interruption.

Another aspect is Corporate Social Responsibility, CSR, which often is a part of Corporate governance. We do not want to do business with companies that not share our values in terms of child work, tax law or gender etc.

iFACTS External services provides management with a consequent reporting and monitoring of all the External services, presented as a performance score 0-100%. This can for example be used as a "Supplier Index".

Web technology helps the External service responsible with documentation and analysis. Common work steps are to document the External service in terms of description, content, rating, delivery record, dependencies, responsibilities or classification.

A web questionnaire can be used to measure to what degree the External service is following guidelines and other requirements.

External service risk assessment can be performed and followed up on.

The list below shows all the available External services management variables. These can be turned on or off depending on purpose and ambition.

Data and output

• Inventory and classification - of the External services. Information gathering such as technical description, responsibilities, roles, classification, applicable law. Finalizing all steps in the inventory step gives a score of 100%.
• GAP analysis - web questionnaire to check current status. Result presented in the range 0-100%.
• Risk assessment - scenario based risk assessment. Results in a Consequence-Probability matrix with risk acceptance level. Score depending on if there is preventive actions planned for all scenarios over risk acceptance.
• Requirement fulfillment - a requirement list is generated from the settings in classification, law and risk assessment. These requirements needs to be fulfilled in order to be "green". "Yellow" means active and "red" means passed due date.
• Objectives - in the measurement portal different measure sessions are created and then continuously measured. For example: Deliveries or Rejection index. Fulfillment of objectives displays in the range 0-100%.
• Plans fulfillment - a plan requirement list is generated from the settings in classification, law and risk assessment. The plan needs to be done in time to be "green". "Yellow" means active and "red" means passed due date.
• Dependency mapping - in the dependency component the External service is mapped for dependencies with other organizational assets and activities. A red dependency means that the requirements do not match and will result in a lower score.
• Events - from the management work in the steps above, deviations and nonconformities will emerge. These are integrated into the Event module and monitored for follow up and action such as management approval. The Event score is calculated from number of green, yellow and red events.

Implementation and roll out can be done instantly with high efficiency using web technology.

iFACTS External services functionality

Dynamic setup of organizational structure and roles in the main administration, creation of company tree and roles. Connection to active directory.

Dynamic setup of inventory content  All the steps in the External services inventory wizard are created by the administrator.

Requirement trigger   Classification, applicable law and risk assessment can trigger requirements from the requirement list.

Plan trigger   Classification, applicable law and risk assessment can trigger plans from the PPP plan list.

Calculation   supports entering a calculation for each asset for example Business Impact Analysis, BIA.

Dependency component  to establish dependency connection between organizational assets and activities. Presented in a graph with critical line and dependency information.

Integration   with Risk management, GAP, Event, Audit, Riskportfolio, INSMAN and the ONTRACK dashboard.

Event monitoring  with connection to management approval and other roles and responsibilities.

Audit  connected to the Audit module for automated audits and inspection programs.

Report generator  a wide variety of reports/settings can be created and saved as templates.  All of these reports can be exported to Excel, Word, PDF, Text

Search can be conducted according to selection on all registered data, for example, organization, type, status, category, role etc.