The COVID-19 pandemic has shown that some companies have been prepared for the pandemic in terms of crisis management, but other companies have not been prepared at all. The dependency of a company on third-party provider is even bigger in a pandemic situation. Operational resilience must be assured for third-party providers, who are supporting the company in delivering critical business processes. In a pandemic, the risk is much bigger that a third-party provider is having economical or employee-related issues, for example financial problems or loss of staff so that the provider will not be able to support the company on the same level as before the pandemic or cannot support the company at all. To assure operational resilience within a company, it is needed to first identify the critical IT assets and critical processes within the company. Only then it is possible to protect these IT assets and assure the business continuity of the critical business processes. Results described in this paper are based on practical experiences gained during the COVID-19 crisis.

Top