supplier_risk.jpgIn today’s complex world, supplier risk management is just as critical to an organisation's financial health and competitive performance as its efforts to product cost savings.

The negative impact of a single event on an organisation’s financial position or reputation is potentially huge, even devastating. Risk simply cannot be ignored, even while the organisation works to reduce costs.

Most organisations have critical/strategic supplier relationships that can significantly impact their revenue and profit. However, these suppliers are not always defined nor have tailored risk programs been developed. The problem intensifies across the supplier base and tail-end of spend. In some categories, there may be cases that even spending low amounts still requires a high amount of due diligence due to the overall risk with that supplier (e.g. contractors, hazardous waste, business continuity etc.).

The right level of visibility of the information that acts as key indicators of each supplier’s ability to perform, and the likelihood of a problem is often found wanting. Supplier databases are inaccurate and incomplete. Organisations may complete some high level of initial due diligence for their strategic suppliers but may not go to the appropriate level of detail. In addition, organisations don’t always conduct ongoing supplier due diligence. What’s more, individual business units may have different ways of managing their suppliers, making it difficult to compare and collate information across the entire operation.

The good news is with the proper support tools, effective supplier visibility and risk management is, in fact, very practical. The key elements of an effective supplier risk management support system are some of the same key elements of what we call Supplier Relationship Management (SRM):

A centralised supplier directory, contract management system, and information repository

  • Automated supplier qualification tools
  • Automated sourcing and supplier selection tools
  • Automated supplier and contract monitoring
  • Supplier self-service information maintenance with control and alerts


Supplier risk management should not be seen as just a one-time or periodic event. It must be built into your organisation’s ongoing processes and supplier interaction to be effective.

For example, technology like PROACTIS SRM can be used to gather from key stakeholders across the business their consideration of risks. This utilises a combination of information, tools and workflow such as “SRM batches” and inbuilt “questionnaires”. The resulting scores are consolidated and aggregated to give an overall risk score, for each category of spend.

The output of these exercises provides the data and intelligence (supplier segmentation) to more optimally configure the Supplier Relationship Management application by defining “SRM templates” to match each segment/quadrant, e.g. an IT Systems Template and Data Security Template might be defined for ‘strategic’ (high spend, high risk) suppliers/ categories.

Each “SRM template” would include definitions for review/appraisal questionnaires, additional reference field information, standard correspondences, and regularity of reviews, tasks, events and milestones etc. Thereafter, the SRM templates are available for issue to internal stakeholders (e.g. Contract Manager, Supplier Administrative resources), direct to suppliers, or to a 3rd party, the outcome of which will contribute towards supplier performance KPIs etc.

(By the way, a well-orchestrated process using clear documents also makes everything easier for the supplier, making it more likely they will offer the best possible value.)

The tools needed for an effective Supplier Risk Management support system are the same tools that help your procurement professionals find and realise cost savings opportunities, and that help you reduce operational costs in Procurement and Accounts Payable – SRM, electronic sourcing, portal-based supplier communications, and centralised contract management.

This blog post was originally published on the PROACTIS blog.

To find out further information call us on +44 (0)203 866 8800 or download our related whitepapers

Download Whitepapers

  • Email