By Paras Sood
For the final part of this series, I want to focus on how technology can facilitate both the people and process elements of procurement and supply risk management.
- Big data / multiple sources: The common challenge when building a system for supply risk management is that the inputs come from multiple sources (and often in non-electronic formats). In the age of ‘big data’, the data ‘discovery’ phase is possibly the primary hurdle to enabling technologies. I recommend an amnesty of sorts; market analyses, spend data, bespoke spreadsheets, risk registers, stakeholder workshops, purchase orders, contracts – some initial effort in trying to bring all these elements centrally will help consolidate and link information before standardising its ongoing capture.
- Procurement Life-Cycle: In part 2 of the blog, I discussed a process for risk management. To build upon this, the risk management process should be iterative in procurement and supply management as risks are identified along the entire procurement process. Looking at this in practice: through spend analysis, organisations can identify off-contract spend; in your initial supplier appraisal, financial risk can be determined through liquidity ratios and insolvency; in the sourcing process, CSR non-compliance can be evident through questioning; when setting up contracts, further risks can be identified through appropriate clause management; in downstream procurement, price variance against agreed contracted price lists can be identified; and through supplier relationship management, ongoing collaboration with the supplier can help identify qualitative risks that may not be evident in the initial sourcing stages. Therefore, having a structured strategic sourcing process using the right tools and workflows will certainly help in iterative risk management.
- Collaboration: As we’ve discussed, the supply chain has a plethora of stakeholders. Providing channels for access and input into risk identification and management across commercial and internal boundaries can be tricky. However, sophisticated procurement technologies are built to manage these needs allowing internal collaboration through buyers, evaluators and interested parties, alongside external collaboration with suppliers and third parties. Emerging technologies should not restrict collaborative communication.
- Reporting / performance management: All of the above provides traction in building a data-driven risk management programme, but to go that extra step, organisation’s drive better value with periodic measurement of risk performance. With the right data, tools and processes, measuring an organisation’s supply chain risk footprint can be strategically assessed and actioned, wrapping together risk metrics. Worthy technologies can provide a snapshot overview of risk at executive level through reporting dashboards.
- Choice of technologies: The market for technologies can sometimes be a melee of what may seem to be similar competitive forces; but – in reality – this is not the case. Core to identifying the right tools and systems has to be needs analysis. If your organisation has low risk spend, low transaction volumes, against one supplier under contract, and all purchased by one person in a store-room, you may not recognise the benefits of sophisticated procurement risk management technologies. On the other hand, the further you move up the scale in terms of spend, transaction volumes, number of contracts and number individuals, across multiple geographies, the more consideration you’ll need to give to your organisation’s needs. A utopian view of high sophistication may be: common platform, web-based accessibility, user-functional, high security, consolidated data sources, flexible configuration, external collaboration, reporting capabilities etc. The more you understand your strategic / process needs, the quicker you’ll get a solution that fits...
The above provides some simple considerations when bringing technological needs into the supply management risk process. The key to success is recognising that ‘one size does not fit all’. As discussed throughout this blog and at Guy Allen’s seminar (which you can download the slides from here), each organisation will have its own approaches and objectives for supply risk management, and identifying technologies that are flexible enough around those needs will help with organisational adoption and future scalability. Unfortunately, sometimes system flexibility is deprioritised in favour of data integrity and security; I believe that both are as important as each other when driving the right behaviours for your supply chain organisation.
So to conclude, strategic supply chain risk management should really be regarded as a multi-faceted set of activities, with each of the parts above making up an ‘inter-dependent sum’. I’d encourage finding creative ways to build your organisation’s risk management programme so that you can develop an holistic approach to supply chain risk management without compromising the fundamental requirement of ‘just getting things done’!