Risk management within procurement and supply chain involves understanding, analysing and addressing risk to make sure organisations achieve their objectives.
It is often underplayed by many larger organisations, which, in this day and age, is very surprising and somewhat disturbing. Organisations need to make sure they manage the procurement and supply chain risk so that it minimises the threats and maximises the potential.
Cyber-attacks, data protection, Brexit and the increasing trend for outsourcing now means that risk management, in a structured and visible manner, is vital for organisations as part of their Procurement and Supply Chain strategy and capability.
It can be argued that cost reduction is still seen as the number one role of the procurement organisation from stakeholders within their own company, BUT having the process, capability, and technology to manage ongoing risk has also to be of significant value in the longer term.
It is essential to engage with the market in terms of identifying the preferred outcomes, risks and issues. It is also best practice to confirm that suppliers are contractually required to provide full transparency of data as part of the contract deliverables and governance.
Any risks identified should be documented in the organisations risk register and should have clear mitigating actions, appropriate owners and a review date. By documenting the risks, it will help to identify any overlaps.
Risk management is a planned and organised process consisting of various stages:
Sources of risk can be divided into four broad areas:
- Strategic/Corporate i.e. commercial, financial, economic, political
- Programme i.e. procurement, acquisition, funding, projects
- Project i.e. personal, technical, cost, schedule, resource
- Operations i.e. quality, environmental infrastructure, operational support
Several risks can be generic across all procurement projects however there will also be project specific risks that you must consider. Once risks are identified they should be documented in the risk register as detailed above.
To get advice and help with risk management within your organisation contact us.
We are pleased to let you know that we are back with Zycus’ annual flagship event, Horizon 2021 which is scheduled to be held on February 17-18, 2021 and it would be an absolute honour for us to have you as one of our esteemed guests. As an industry pioneer in AI...