Rating the mission criticality of the services: Clients should determine whether the vendor is hosting a critical application, controlling certain process/technology components, or is reporting information.

Scoring the impact of a short-term problem: If the service is disrupted for one or two days, what is the impact on the organization? Although some companies would be out of business, others would have minimal impact.

Scoring the impact of a long-term problem: The impact of a service disruption that extends beyond several days should be rated. For most companies, this should be scored relatively high unless the services are completely ancillary to ongoing operations.

Ranking the level of discussions with alternative vendors: Most ITOs are in a continual state of talking with various vendors. Clients should rate the quality of discussions (a.k.a. readiness) to engage with one of these vendors as an alternative supplier.

Rating the level of contracts/relationships with alternative vendors: This question attempts to ascertain the dependency on this single supplier. If the risk exposure is extreme for mission-critical projects, the ITO should negotiate alternative supplier agreements.

[an error occurred while processing this directive]

Business impact: Formal risk assessment increases the probability that vendor instability/uncertainty will be uncovered and action taken before problems affect business operations or results.

Bottom line: We recommend IT organizations begin formally assessing vendors that provide critical services. The assessment program will provide early warning of vendor demise or service crises.

Mitigating xSP risk
By Dean Davison
First published by META Group on Dec. 5, 2001

Previous page |   1 2 3

Newsletters
	Tech Update Today eBusiness Update	Tech Update Weekly		All newsletters FAQ Manage my newsletters

[an error occurred while processing this directive]

[an error occurred while processing this directive]