Protecting procurement with vendor risk management

Managing risks with your vendors in procurement is essential to ensure there is no negative impact on your business

Third-party relationships can introduce a whole range of risks that might impact business operations, data security, compliance, and reputation to the outside world.

In a recent white paper, third-party risk software provider ProcessUnity identifies four key points to creating a vendor risk management programme.

Identify potential vendor risks

The paper argues that companies can waste time and money completing deep analysis of all partners and vendors, when some may well be of very little consequence or risk.  

Their suggested strategy is to categorise and prioritise vendors in order of the potential risk they pose, for example if one looks after customer financial transactions.

Develop strategies for addressing higher risk vendors

If your VRM process has picked out a vendor that may pose some kind of risk, but you still require them as a business partner, it is important to make sure a strategy is in place to stop their potential issues causing you any harm.

The paper suggests working closely with the vendor to try and solve the problem, monitor their performance to make sure matters are improving, and to also have a plan to follow if the vendor crosses a threshold of risk.

Align vendor control environments with your internal framework

Your organisation will already have controls in place to minimise any internal risk, so it is important to work with the potentially risky vendor to find out how effective the controls they have in place to mitigate the issues you have identified. 

A gap analysis can be carried out to establish how far apart the two organisations are, and to work together to try and close the gap in standards. 

Implement ongoing oversight utilising metrics and external alerts

Finally, the whitepaper suggests setting up a series of metrics to measure performance, and the risks that are associated with those issues.  

External alert services can also be a useful tool, to surface if the vendor is having business issues that may impact the performance of their supplied service and allow you to address it quickly.   

Supply Chain Risk Management requires revision

Writing recently for Supply Chain Digital, Alex Saric, CMO at Ivalua argued that a new, smarter approach to supplier management is required.

“A new, smarter approach to supplier management is required. To do this, businesses must first adapt their approach to assessing supply chain risk.  Too often, the process is little more than a tick the box exercise on individual suppliers.

It needs to expand to include sub-tier suppliers. Companies are exposed not just to their immediate suppliers, but also to suppliers that their suppliers depend on.”

This is backed up by a 2021 McKinsey survey of global supply chain leaders found that only 48% have visibility into Tier 1 suppliers, 21% into Tier 2 and only 2% into Tier 3.


For more insights into the world of supply chain read the latest edition of Supply Chain Digital and be sure to follow us on LinkedIn & Twitter.
Other magazines that may be of interest: Procurement, Manufacturing & Sustainability. Also check out our upcoming event in September: Procurement & Supply Chain LIVE London.
BizClik is a global provider of B2B digital media platforms, for leaders across: Sustainability; Procurement & Supply Chain; Technology & AI; Cyber; FinTech & InsurTech; Manufacturing; Mining; Energy; EV, Construction; Healthcare; and Food. Based in London, Dubai, and New York, BizClik offers services including content creation, advertising & sponsorship solutions, webinars & events.



Featured Articles

Unilever grows sustainable Indonesian palm oil partnership

Unilever are signing a expanding their agreements in Indonesia to grow the transparency of their palm oil supply chain

New EU Carbon Emissions Tariff and procurement

Importers in Europe face rising prices and administrative bottlenecks as the EU's new carbon emissions tariff comes into effect

Three top trends: Procurement and Supply Chain Live 2023

Procurement Magazine Editor and host at Procurement and Supply Chain LIVE London 2023 Neil Perry picks his key themes from the event.

Coupa: Future proofing business and reducing risk

Risk Management

Generative AI’s untapped potential in procurement contracts

Technology & AI

Procurement & Supply Chain LIVE 2023: 1 Day to go!

Digital Procurement