Supply Chain

Making Supplier Risk Management Plans an Everyday Way of Doing Business

Integration of supplier risk management in category management and strategic sourcing makes sense in today's dynamic, risk–loaded business environment.
— By Cecil Perang

Like many risk management plans, the supplier risk management plan is good at collecting proverbial dust. Risk management plans tend to be viewed as emergency plans to be referenced only when something goes wrong. In the supply chain, something going wrong could be something like a key supplier unexpectedly going out of business or a natural disaster that disrupts the supply of critical materials. The dust-collecting supplier risk management plan is more like a recovery plan than a strategic plan, meaning it is really never fully integrated in category management and sourcing.

Every business today is dealing with a dynamic volatile operating environment in which imagined risks become real on a regular basis. The supplier risk management needs integration into strategic planning and routine sourcing. Without the integration, category management is always at risk of failing to realize its goals. Category management, sourcing and supplier risk management should be closely integrated for optimal results.

Risk of Underperformance
From the procurement perspective, category management is a process in which goods and services are put into categories for the purpose of achieving sourcing efficiency and cost minimization. It is cross-functional and groups products based on the ability of the market to supply them and business needs. It requires stakeholder engagement, high–level planning, and the use of analytical tools.

Strategic sourcing considers category planning, sourcing of the goods and services, and supplier performance. Clearly, supplier risk management has a role in strategic sourcing and category management.

Should a key supplier underperform in any way (delivery, price, quality, etc.) or go out of business, it usually means multiple internal stakeholders are impacted because of the grouping of products and services from across functions. It could mean the inability to produce products; deliver products and services to customers in a timely manner remain price competitive and/or maintain quality. To meet the goals of category management and strategic sourcing, the process must take into account supplier risks

Becoming a Team Familiar With Risks
A category plan addresses all opportunities in a category for managing costs, ensuring reliable supply chain performance, and identifying the means for leveraging opportunities and reaching goals.

Some categories are low risk, usually items like cleaning supplies or paper. There are plenty of suppliers available in the low-risk categories, making it fairly easy to change suppliers and re-negotiate terms.

There are other critical categories that are of higher value, more complex to source, and present higher risks. That is when procurement becomes a strategic sourcing process requiring market analysis, identification of technical and functional specifications, strategy development, and procurement strategizing.

The market analysis is the first touchpoint for the supplier risk management plan. The market analysis includes supply chain analysis and risk or vulnerability analysis. The risk analysis is done early in the sourcing process, but the identified risks come into play as elements of contract management. The analysis of suppliers determines the contracts eventually awarded. In this model, companies can develop procurement teams that reflect categories, making procurement a member of the category team.

Obvious and Not-so-Obvious Risks
Supplier risk management has taken on new dimensions in the digital age, like cybersecurity and interface of supplier systems with customer systems.

It is also important to develop meaningful metrics, including for areas where risks are not as obvious. Most supply chains have tiers of suppliers, and lower tiers present risks, too, but have less or no visibility. The supplier risk management model should take into account the possibility of risks in these areas by developing metrics that could send alert signals from deeper in the supply chain.

Data and data analytics play a big role in managing supply chain risks. The data is used to identify risks and opportunities for improvement. Data is collected for the purpose of analyzing categories in terms of spend and forecasted demand.

Supplier risk management, category management, and strategic sourcing are interdependent processes, and it is important to have a system in place that manages the interdependency.
The market analysis includes trend analysis, cost structure analysis and category positioning. Key Performance Indicators (KPIs) for selected suppliers are developed, enabling procurement to identify developing risks, like order fulfillment or timely delivery problems. The supplier risk management model should include a means of constant monitoring of key suppliers, and access to the analytics shared with category managers.

The system for strategy planning and execution to minimize risks needs centralization in procurement. An effective supplier risk management process makes category managers active participants in tracking and responding to analytics around risk because procurement needs input from the personnel from the various functions who are most familiar with and have the most contact with the selected suppliers. However, a single integrated sourcing system enables consistent data aggregation and analysis across functions and provides clear oversight of activity.

Here Today and Gone Today
There are two primary goals of supplier risk identification and management systems. One is to optimize sourcing, and the other is to deliver supplier financial and operation visibility to procurement. Making good use of technology is crucial today when managing complex supply chains.

In 2016, Han Jin Shipping announced bankruptcy without any advance notice. The company ceased operations the same day. As one of the seven largest maritime global shipping companies and the processor of approximately 10 percent of Asian-American container shipments, the sudden operational shutdown caused major havoc for months.

This is a good example of the importance of managing risks in the entire supply chain. Predictive financial modelling and relying on data from multiple sources (supplier financial information, credit rating agencies, etc.) would have likely triggered an alert. Automating scorecards simplifies risk management and ensures category managers get relevant, current and continuous information via dashboards.

Dynamic Risk Management
Supplier risk management, category management, and strategic sourcing are interdependent processes, and it is important to have a system in place that manages the interdependency. Technology can simplify the monitoring and reporting process, whether developed in-house or outsourced.

Consider the whole supply chain, ensure category managers are included in the risk identification and monitoring system, and make risk management a continuous process.

A supplier risk management system should never collect dust. It should be a dynamic process, frequently updated, and ready to identify real-world events and possibilities that could interfere with the ability of a business to operate.