Understanding Internal and External Dependencies in Business Change
When you lead a business change project, one of the best skills to develop is the ability to spot dependencies. They are forces that shape pace, risk, scope, and success. Yet many teams treat all dependencies as if they are the same. They are not.
Internal and external dependencies behave differently, influence decisions differently, and introduce different kinds of risk.
Understanding how they differ helps you plan with more confidence and communicate with far more influence.
What Are Internal Dependencies?
Internal dependencies are activities, processes or decisions that sit within your own organisation.
They are shaped by your internal structures, your ways of working, your goals, and the availability of your own people.
Common examples include:
Decisions from a governance board that only meets monthly
Input from subject matter experts who already carry a heavy workload
Work that another internal project must complete before yours can progress
The lead time for internal procurement, architecture reviews, security approvals or marketing campaigns
These dependencies sit within your sphere of influence. You can negotiate, escalate, sequence, and sometimes redesign work to reduce the impact. Internal stakeholders are easier to engage, understand, and influence because they share your organisational context.
The main challenge with internal dependencies is capacity.
Most organisations run too many change initiatives at once, so internal teams often become bottlenecks. Spotting this early allows you to design realistic plans and flag risks before they evolve into crises.
What Are External Dependencies?
External dependencies are tied to organisations, services, conditions, or decisions outside your direct control.
They involve partners, suppliers, regulators, external data sources, or factors in the wider environment.
Examples include:
Delivery lead times from a technology vendor
Regulatory approvals or reporting windows
Third party integrations that rely on someone else’s release schedule
Dependencies on local authorities, industry bodies, or outsourced service providers
These dependencies sit largely outside your influence. You cannot reshape someone else’s process or workload. Instead, you must plan around their timetable and their approach. External dependencies create greater uncertainty, and they introduce risk that is often more difficult to mitigate.
The challenge with external dependencies is knowledge, understanding and influence.
You may not have full visibility of their internal priorities or pressures. Without that visibility, assumptions creep in, and assumptions are dangerous in change delivery. Clear questions, proactive relationship management, formal agreements and regular checks on these dependencies become essential.
Why Distinguishing Them Matters
Do not lump these two types of dependencies together. When you highlight the differences, your leadership becomes clearer and your planning becomes sharper. When your team understand the nature of the dependency, they make better decisions. Treating them differently avoids overconfidence and underestimation.
A high-performing change leader makes these distinctions visible to everyone involved. These practical techniques help:
Map Dependencies Early and Communicate them to Team and Sponsors
Create a simple view that separates internal from external. Explain that internal dependencies can be influenced up to a point, but external dependencies require collaboration, clarity, and realistic expectations.
It helps your sponsors understand why certain dependencies cannot be “managed away”. It also highlights where you need closer engagement, reprioritisation or an acceptance of timeline slowing to accommodate.
Planning and Phasing
Internal dependencies can sometimes be reorganised to accelerate delivery. The best practice is to map your initial plan with all internal dependencies in place first, so you see the true lay of the land before attempting to optimise.
External dependencies usually cannot be adjusted, so they shape your critical path from the start. My suggestion is to include the most pessimistic estimate rather than the most optimistic. Optimism is usually the instinct, and it rarely works in your favour.
Use the right kind of control and mitigation
Internal dependencies allow for some negotiation and adjustment of timeline or priorities. They may also require a Stop-Doing list. Do not be tempted to resolve every internal dependency by stripping out quality checks or asking subject matter experts to stretch themselves ever thinner. There is always a cost to this, and it usually shows up later as rework or poor adoption.
Be transparent with capacity assessments
Most internal risks arise because someone is overloaded. You can address this by:
Timeboxing subject matter expert involvement
Agreeing upfront availability
Reducing parallel work across projects
Creating a Stop‑Doing list, not just a To‑Do list
External dependencies require contingency, formal and contractual agreements (which usually means money), service expectations, and early or close engagement.
The number one mistake is leaving external engagement too late.
You will need:
Early discovery conversations
Written commitments
Alignment with their release cycles or operational rhythms
You cannot always force an external party to bend to your preferred timeline. Trying to do so may demand more time, money, or energy than the benefit delivers. Sometimes the most expedient course of action is simply to accept the constraint and plan around it.
Build in the right kind of contingency
For internal dependencies, contingency often sits in bringing in additional support, reprioritisation, or workload balancing.
For external dependencies, contingency sits in alternative suppliers, backup processes, knowing what you do in a holding pattern, or timeline flexibility.
Ongoing risk management
Internal dependencies risks are predictable, usually linked to workload, decision cadence. Because you can access internal colleagues directly, your risk checks can be frequent and informal. Quick check‑ins prevent slippage, and make sure the team you are dealing with feels heard
External dependencies bring in risks that are more volatile and often triggered by changes in another organisation’s priorities or approach. External risk monitoring must be deliberate: regular check‑ins, documented sign-off points, clear triggers for escalation