Search

“A chicken restaurant without chicken. It’s not ideal” were the words printed on an ad that was released by the chain restaurant, KFC, in response to its closure of over 600 restaurants across the UK. The well-known chicken shop ran out of chicken much to the dismay of many of its customers. The reason for its lack of produce and the resulting temporary closures was attributed to KFC’s decision to switch its delivery suppliers from Bidvest to DHL.  

 

Mick Rix, the GMB union’s national officer, claimed that changes to KFC’s supply system from six warehouses run by Bidvest to one distribution centre ran by DHL was the reason for the delivery delays and that DHL “clearly could not cope” with what it had agreed to deliver. For many businesses that rely on business critical suppliers, this is a nightmare. So perhaps your supplier contract could help you sleep a little bit better at night.

 

It’s unknown what contractual arrangements are in place between KFC and DHL but here are some best practice tips to consider when negotiating a Disaster Recovery Plan (DRP) in a contract with a supplier:

 

Assess your risk

It is sometimes tempting, in the hurry to agree a contract in order to get on with what you do best, to not include a robust, detailed DRP with your suppliers. However, the initial questions to ask yourself are: “is the service I am receiving from this supplier business critical? What would be the impact on my business if the supplier failed to supply the goods and/or services?”. If the answer is that it is business critical and it would have a high impact on your business, you should consider including a DRP at the outset.

 

Get down to the nitty gritty

A DRP should set out clear processes and action plans in the event of any failures, interruptions or disasters to protect your business continuity. You, as the customer, will be looking for it to be detailed and bespoke to your business.  For example, where your supplier is processing personal data on your behalf, it may be appropriate that the DPR (or elsewhere in the contract) contains provisions relating to back-up of data and other security measures.

In carrying out this exercise, you will also be able to gauge how prepared your supplier is by looking at the adequacy of their DRP. It’s important to know up front what capabilities the supplier has and what they understand to be their obligations in the event of a disaster.  Naturally the supplier will want to keep its obligations manageable and within budget so it’s helpful to make sure that your expectations match with what your supplier intends to deliver.

 

Keep under review

You should keep the DRP under review and, in some cases, routinely test its adequacy during the term of your supplier’s engagement. Depending on the duration of your contract, your DRP could become out of date or irrelevant pretty quickly so making sure that the contract contains systematic reviews and updates where necessary will ensure that the DRP remains a useful tool.

 

There are other protections and measures that you can negotiate in your contract with a supplier - for example, transitional services clauses to enable a smooth transition from an incumbent supplier to minimise initial interruptions as well as adequate termination clauses if you are unable to continue to work together - but hopefully you won’t fall foul of the same difficulties as KFC…(sorry but we couldn’t resist!).