Situational Awareness (AM)
Purpose: To establish processes to manage an appropriate level of controls to ensure the sustainment and protection of services and assets that are dependent on the actions of external entities.
The outsourcing of services, development, and production has become a normal and routine part of operations for many organizations because outsourcing can engage specialized skills and equipment at a cost savings over internal options. The External Dependencies Management domain presents a method for an organization to identify and prioritize those external dependencies and then focuses on managing and maintaining those dependencies.External Dependencies Management (EDM) focuses on establishing an appropriate level of controls to manage the risks that originate from or are related to the organization’s dependence on these external entities. The purpose of EDM is to ensure the protection and sustainment of services and assets that are dependent on the actions of external entities.
External Dependencies Management focuses on the lifecycle of EDM, including planning the activity, forming new relationships with external entities, managing existing relationships, and monitoring and improving the activity to refine the organization’s approach to planning, implementing, and improving external dependencies.
Operational resilience is an organization’s ability to adapt to risk that affects its core operational capabilities. Like any organization, the external entities that the organization depends on may be susceptible to a diverse and dynamic array of threats, which can negatively affect the dependent organization’s people, information, technology, and facility assets and consequently the organization’s ability to meet its objectives. The key challenge for many organizations is their limited ability to ensure the resilience of the external entities they rely on.
Identifying, prioritizing, and managing relationships with external entities over their entire lifecycle are foundational activities for the development of effective risk mitigation and disposition strategies.To effectively manage external dependencies, organizations should establish:
a strategy and basic plan for EDM
key processes for identifying, prioritizing, monitoring, and tracking external dependencies
guidance and procedures on the formation of relationships with external entities
an approach for managing and governing existing external entity relationships
ongoing oversight, reporting, and correction of external entity performance
an approach for improving the organization’s EDM processes and program
Like many key resilience practices, EDM should be thought of as a planned, continuous processEffective EDM requires standard, planned guidance across the entire lifecycle of external entity relationships and continuous monitoring and improvement of the approach.
View Goal Questions