Gert Kogenhop argues that dependencies need more attention in business continuity management. He presents the case that organizations must identify, analyze, and take action to treat all dependencies, as relying solely on external partners or resources poses risks. Kogenhop then outlines a proposed dependency assessment process in accordance with ISO 22301 standards. This involves identifying, systematically analyzing, evaluating, and identifying treatments for dependencies. He stresses that such an assessment requires collaboration across departments and must be ongoing to account for changes to dependencies over time. Kogenhop questions whether simply updating impact assessments during reviews is sufficient, arguing a separate dependency assessment is needed to properly manage risks from dependencies.