SCDigest Editorial Staff

SCDigest Says:

The research showed two-thirds of respondents reported that their companies failed to provide even one full day of risk management training What Do You Say?   Send Feedback Click Here to See Reader Feedback

The global recession proved perhaps the most challenging period ever, or at least since the Great Depression, in terms of managing supplier risk, as companies had to find new ways to both assess that risk and enact mitigation strategies as suppliers struggled to stay solvent.

While the worst may be over, in these dynamic times supplier risk management will stay high on the procurement priority list, and companies need a formal process for managing that process. Research shows that on average large companies encounter a major supply chain disruption every 4-5 years.

Just this year, for example, network equipment and other high tech companies have battled shortages on very basic electronic components, leading such as Ericsson, Nokia, Alcatel-Lucent and other firms to report pretty significant hits to revenue in Q2 and falling stock prices because they simply couldn’t deliver the goods to customers.

The Boston Consulting Group (BGC) recently did a survey of procurement executives around practices and processes for supplier risk management (SRM), an acronym which unfortunately is also used for supplier relationship management. Regardless, Boston Consulting defines supplier risk management as “the use of processes and procedures to offset any risk factors that could interrupt a supplier's ability to provide an organization with needed raw materials, components, or other inputs or services.

It says typical risk factors include: financial risks that could affect a supplier's solvency; operational risks that could affect quality, logistics or pricing; market risks related to regulatory and geopolitical events, or changes in commodity prices; major catastrophes and natural disasters; and anything that would compromise a company's brand, intellectual property or proprietary processes.

Writing in The Institute for Supply Management’s Inside Supply Management magazine, Boston Consulting’s Robert Tevelson, Petros Paranikas, and Byron Paul say, however, that their research showed “the majority of companies that do have SRM practices tend to focus only on direct, supplier-driven risks, ignoring those related to market changes, geopolitical issues and other potentially disruptive, external events.”

Of course, each company and its supply base are subject to different levels and types of risk, depending on the number of available suppliers in a category, where the suppliers are located, how generic versus customized the supplied product is, use of single versus dual or multi-party sourcing strategies, and the way the company itself creates value and goes to market, among other factors.

Five Levers for Supplier Risk Management Success

BCG has identified five key factors necessary for SRM success. These five are:

Engage Top-level Management: This means both that senior procurement leaders must actively show their support for SRM within their organizations, and then also communicate that need to the CEO and executive peers. Yet, BGC’s research showed only 45% of respondents discuss SRM with the organization's executive team on a quarterly basis; 20% never discuss SRM with senior management.

(Sourcing and Procurement Article - Continued Below)

Best-in-class companies, BGC says, set up regular SRM reviews that follow a standard format and offer clear escalation procedures when potential problems are flagged. The authors make the strong point that SRM cannot be only the province of the procurement group – the trade-offs and level of risk tolerance must be approached cross-functionally.

Segment Suppliers Based on Relative Risk: No company can manage detailed risk assessment and mitigation strategies across thousands or even hundreds of suppliers. So, procurement organizations must pick the most important suppliers to focus on, but too often this is done by “gut feel” rather than a formal categorization process.

“Best-in-class companies take a more formal approach, dividing suppliers into different risk categories based on predetermined criteria such as financial health, supply of critical components, supplier value-add, supplier power, time to switch and industry outlook,” BGC says. “These risk assessments are refreshed at least annually, and, in some instances, every quarter. High-risk suppliers are reviewed more often, so that issues are identified early and quick action can be taken.”

Not surprisingly, the authors say, more frequent risk assessment is linked to more successful risk identification.

Rigorously Measure and Manage Risk: Even though it has become well understood that companies need to assess both the probability of a supply disruption and the level of financial impact the disruption might cause, BGC’s research found only 40% of respondents were satisfied that their companies could effectively quantify the likelihood and impact of key risks.

BGC says companies need to add more “rigor” to the risk assessment process, and do a better job collecting cross-functional data that might help identify an emerging supplier problem earlier (for example, are key personnel leaving the supplier?).

Collaborate with Key Suppliers: Complex, global supply chains require higher levels of collaboration. So do very “lean” supply chains (and who doesn’t have one of those these days?), where disruptions can quickly lead to operational and financial problems.

The key point: “Companies such as these must understand the risks of the entire supply chain, not just of individual suppliers. Yet few can single-handedly take on the substantial cost of managing risk across the board. Collaboration is critical,” the BGC consultants say.

The research found few companies say that their companies actively collaborate with suppliers to manage risk.

Give Category Managers Tools and Training: As with many things, most companies agree that supplier risk management is essential, yet the survey showed few companies effectively educate their senior leaders and category managers on how to do it well.

The research showed two-thirds of respondents reported that their companies failed to provide even one full day of risk management training, and most expressed dissatisfaction with current programs company training programs on the subject.

Technology support tools are equally lacking, though BGC says a few companies have complex tools that can track the potential impact of a single event in one location — such as a tornado in Kansas — on all aspects of the supply chain.

“SRM is challenging and requires a proactive, customized approach to get it right,” the BGC authors conclude. “Understanding your company's model, based on your source of competitive advantage and degree of supply chain complexity, reveals critical best practices. These, combined with the five levers for success, can help your company stay ahead of potential supplier problems.”

How well do you think companies manage supplier risk today? Do we need to give procurement managers more training? What would you add or change to the list of key success factors? Let us know your thoughts at the Feedback button below.