Do you Have a Procurement Risk Management Plan?


With more companies paying attention to risk management across their global supply chains, it makes sense that procurement departments would play a larger role in identifying, tackling and mitigating risk in their companies’ operations. But according to a recent KPMG global survey of procurement functions, that’s not exactly what’s happening at the corporate level.

In fact, in The Power of Procurement, KPMG identifies risk management as a fairly nascent responsibility for buyers.

“Despite the often-harsh lessons meted out by the global financial crisis, our survey finds that procurement’s role in supply chain risk management is immature in terms of the organization’s wider risk management process and strategy,” KPMG reports, noting that more than a quarter of survey participants reported only “foundation” maturity in terms of risk management. The vast majority (60%) ranked themselves as “established.”

And though this means that a significant number now deploy a reasonable approach to categorizing and risk-assessing their suppliers on their criticality to the business, KPMG says this level of maturity falls “far short of best practice in risk management.” The research firm’s findings also indicate that most procurement functions are not utilizing tools and processes to enhance their risk management efforts.

Stepping up to the plate

The good news is that electronics buyers are well positioned to play a key role in effective supply chain risk management—which is the chance that an event will have an impact on corporate objectives, and is measured in terms of consequences and/or the likelihood of happening. Steve Vecchiarelli, vice president, supply chain solutions at Hotenda Corporation, advises electronics buyers to start the process by assessing risk from two different angles. They are:

  • Supply chain continuation. With major natural disasters taking their toll on business operations at least once a year (if not more), Vecchiarelli sees supply chain continuation as a key point for buyers to assess when creating risk management policies and/or plans. In some cases, that means simply taking the time to assess what would happen if a tornado, hurricane, fire or other catastrophic event prevented normal supply chain operations from taking place.

    “If there’s a natural disaster,” says Vecchiarelli, “what is the probability of having a continuous pipeline of electronics products until the disaster is mitigated? This is a very important question to ask—and answer.”

  • Job interruptions, delays or cancellations. Manufacturers can be extremely susceptible to these issues—not only due to natural disasters or other interruptions, but also in this still-shaky economy where bids and plans don’t always turn into completed, paid-for projects. To avoid getting “stuck” with the goods in the event that the project is postponed or cancelled, Vecchiarelli says buyers should look carefully at the risk for inventory for items that are in the pipeline (or, that are on order and ready to fill the pipeline).

    “Most of the time we use non-cancelable, non-returnable purchase agreements,” remarks Vecchiarelli, who suggests procurement agents use a similar approach, “knowing that customers may not live up to their end of the bargain in the event of a supply chain and/or job interruption.”

For buyers looking to better identify and ward off the risk associated with their purchases, the Council of Supply Chain Management Professionals (CSCMP) says three key steps include: establishing appropriate levels of control, developing policies and procedures that follow a specific sequence and structure, and then reviewing those policies frequently to ensure that they are up to date.

“Keeping them realistic and easy to understand and follow will help to ensure compliance,” the CSCMP advises in 10 best practices you should be doing now.

Four steps to success

According to the CSCMP, risk mitigation goes hand-in-hand with policies and controls, and best-in-class supply chain organizations integrate risk-mitigation methodologies into their sourcing decision process. In short, these organizations are adopting sound methodologies that include:

  1. Identifying all of the risk elements
  2. Determining the probability of the risk event occurring
  3. Assessing the dollar impact on the sourcing decision if the risk event actually takes place
  4. Prioritizing risks for monitoring and prevention

If the CSCMP’s predictions are on target, procurement agents could play an even larger role in risk management in the future, the organization says: “Traditionally residing within finance departments, risk management is being considered as one function of the enterprise that might be absorbed into the procurement department—an area gaining greater prominence throughout the business world.”

Supplier