How to be an Expert Risk Gatekeeper.

Procurement teams have a lot on their plates. It can take time to know where to place the biggest priority. Risk is an area you simply can’t let slide, or it could cost your company big time. One of the most significant ways to bring value to your company is to turn your procurement team into a team of expert risk gatekeeper. 

Any suppliers your team takes on bring risks to your company. However, as a procurement team, your company trusts you to mitigate those risks.

If your team does not have an established strategy for mitigating risk, you open your doors to the potential for costly mistakes. The first step your team can take in creating an expert risk strategy is to categorize which supplier types have the greatest potential to expose your company to risk. Then, create a process of evaluating that risk. 

Assess where the most significant areas of risk are for your team specifically. Taking on a software company as a supplier, for example, likely has a higher risk than window washers. Each company will be different, and it is your job to understand the risks associated with your suppliers and protect your business from danger. Consider each of the following categories as you assess your action plan. 

Financial risk

Financial risk can take many forms. Still, in this category, you should be looking out for the risk that a company will not be able to keep their end of the contract (for example, an off-shore supplier for rubber who is not reputable may not deliver the rubber you pay them for). 

You should also be aware of any risk to your company’s financial information (are your supplier’s systems adequately protected if they receive any customer data from your company?). Assess any possible risk that could result in a financial loss to you or your customers.

Be careful in assessing that a company has not provided you with fraudulent financial information. Always vet their source-to-pay tool and ensure that it is reputable and accurate. Otherwise, you’ll find your company at risk of losing money.

Cybersecurity risk

Cybersecurity risk is an essential factor to consider. Most attacks happen online in today’s business climate. If a supplier has access to your databases or any information about your business or customers, their cybersecurity risk should be thoroughly vetted. 

Always pay attention to the seriousness of internet risks. 

Cybersecurity is one of the most significant risks to you and your company in the internet age. As you onboard new suppliers, procurement must act as a gatekeeper to protect your company from these risks.

Compliance

Compliance laws are another risk factor for procurement to protect against. Working closely with legal, you should be able to assess the risks present with how your company does business that requires specific compliance with your country’s laws.

Whether that is financial, like a bank that must comply with specific financial laws, or physical, like a construction company that must comply with stormwater drainage laws, compliance is a significant risk factor to take into account when onboarding suppliers. Do those suppliers have adequate systems in place to comply with the laws? If not, they may not be a good partner for your company.

Supply chain risk

As mentioned above, there are always risks of a partner company failing to deliver. When vetting a business, it’s essential to understand its supply chain. Are there systems in place that will ensure their contract is upheld? Do they properly vet their suppliers?

It’s important to remember that the risks to your business can extend beyond what you may think to assess. Be sure to analyze as much of the supply chain as feasible. Doing so will help ensure that your company will be protected every step of the way.

Social risks

A big, up-and-coming factor in risk management is social risk. Of course, there are many different factors to social risk, but they can include political, environmental, ethical, and diversity issues. As a result, many businesses are seeking to improve their awareness of and impact on these risk factors.

Procurement must do its part in following the organization’s goals concerning these risk factors. Procurement is on the front lines when it comes to suppliers, and as such, they must understand how suppliers fit into these social risk categories and how the company can best meet its social goals.

In general, it’s crucial to build a foundation where your team is trained to have a keen eye and specific process for evaluating supplier risk and that each team member understands how to mitigate and manage that risk. When you have strategies that consider each risk factor, this will become much easier and more efficient.

What’s next?

On the hunt for a system that will allow you to centralize your processes and keep supplier information, including risk information, up to date? Graphite may be the solution for you. The Graphite platform allows you to customize your supplier intake process and centralize where your supplier data is stored and updated– simplifying operations and protecting your company like never before.