A New Era of Supplier Risk Management Using Data & Technology (Part II)

A New Era of Supplier Risk Management Using Data & Technology (Part II)

January 02, 2020 | Supplier Management


Part II – Please Follow This Link for Part I

Decoding and Identifying the Best Practices in Supply Chain Risk Management

In the preceding half of this discussion, we discussed the influences that define contemporary supply chain risk management and the primary lines of defense against procurement risks. In this second part, we will identify a systematic method for third-party risk management (TPRM), including the strategic use of data and technology, as well as the role of the various subject matter experts and stakeholders responsible for mitigating risks in procurement operations.

Supply chain risk management approach as suggested by the World Economic Forum

Leveraging People, Data & Technology for Supply Chain Risk Management Solutions

As we understand risk management today, it is heavily dependent on smart technology and data management. However, it’s also important to understand the crucial role of stakeholders and SMEs responsible for procurement operations. While the latest digital risk management solutions are capable of cognitive analysis to a great degree, they still have limitations. Artificial Intelligence (AI) can identify and flag factors of risk across different categories of procurement. However, the evaluation and mitigation of risks must still be monitored by people who can understand the issues and act upon solving them in real time.

Safe and Strategic Use of Data in TPRM

The role of data in procurement risk management is omniscient. However, the sheer volume of master data being generated itself creates a huge risk. Hence, security and integrity of a company’s master data are primary factors in contemporary risk management.

Most external data influencing procurement operations is typically public knowledge, and the best digital procurement platforms are constantly updated. This would include information from various sources, such as government or regional authorities, SMEs, industry lobbyists, as well as from the suppliers themselves.

The strategic use of this data is when the company’s internal data is carefully compared with the inflow of regulatory, regional, and supplier-generated information. This is how internal procurement stakeholders and external procurement partners collaborate to create effective supplier risk management strategies.

Such strategic use of master data must also be aligned with a company’s supplier relationship management, since continual interaction with vendors is necessary for any far-sighted plan to mitigate risks. There are also regular inputs from sources like consultants who specialize in licenses, insurance, or compliance regulations that create the reference list used to develop a comprehensive risk management plan for any company.

How Subject Matter Experts and Technology Collaborate for TPRM

The documentation and validation processes considered due diligence following a vendor verification request or before a contract are considered the most tedious and time-consuming activities necessary for risk management operations. The latest supply chain risk management solutions can implement many cognitive operations within this entire cycle including automated reminders, intelligently processing entries on e-forms, and organizing and analyzing the constant flow of data from multiple sources. However, the final validation must be under human supervision to avoid false positives or the chance of computing errors.

“The latest digital supply chain risk management solutions with AI attributes may be able to easily flag risks that need attention but cannot act decisively upon the problem.”

The technology currently employed in the field of procurement is considered among the best examples of ‘disruptive technology’. The physical paperwork and manual document curating that once made global-scale TPRM operations so complicated has almost entirely been transitioned into a digital system over the last few decades. Today, e-contracting and online third-party verification procedures can be conducted across geographies and be validated at multiple touchpoints.

However, this is only a limited view of how digital services and data sciences have transformed risk management holistically. In the larger context, technology has made global risk management possible in real time, thus giving companies of all sizes the leverage to expand operations globally on comparatively small margins. Automation and cognitive technologies are also doing their part in reducing human effort to a great degree. Although this current role of technology in procurement will evolve over time, it would not be inaccurate to say that we have reached a milestone era of digital supply chain and procurement solutions.


Third Party Risk Management Planning Chart – Risk Magnitude & Planning Horizon


Defining a Mature and Strategic Approach to Third Party Risk Management

The image above is an overview of various risks in procurement and the strategic way to plan effective risk management. However, we also need to define risk assessment and management as a core business function. So far, we have determined the role of people and the use of technology in risk management operations. Now, in conclusion, we can define an effective and dynamic approach to risk management as a combination of –


Assessment Capabilities, RACI Charts, and Supplier Relationships

RACI charts are the first step to risk management following assessment because they identify the ‘Responsible, Accountable, Consulted, and Informed’ individuals or departments in context to the different risks in procurement. These RACI charts must be developed through the joint effort of a company’s internal stakeholders and the expertise of their procurement partners. Procurement partners also help manage relationships with suppliers and vendors, making long-term risk management easier, and improving risk mitigation capabilities.

Defining the Role of Data and Technology in Supply Chain Risk Management Solutions

Once the risks have been evaluated and defined, the active mitigation operations must commence with prompt diligence. Companies must use available data and apply technology resources to enhance their risk management efforts. The latest procurement platforms with AI attributes can automate many of the statutory risk mitigation processes and identify immediate and probable risks. However, human analysis and market intelligence based on the continuous incoming data from various SMEs and reliable sources help the responsible stakeholders expand the scope of risk management and improve their mitigation efforts over time.

Identifying the Role of Internal Stakeholders & Procurement Partners

Procurement partners provide vital expertise and technology that save much of a client company’s internal resources. The technology they provide helps process and secure the massive volumes of master data, while their expertise helps determine the best risk mitigation solutions possible. However, even with the best supply chain risk management partners, the final decision rests with a company’s internal decision-makers. Procurement partners can help extensively with strategic operations like supplier relationships, risk identification, spend analysis, and strategy-building – but risk ownership is always a company’s internal obligation.

While it is difficult to define specific ROIs for TPRM efforts and retrieve numerical values in profits, no company would be able to survive in a global economy without efficient risk management protocols. It is up to the decision-makers and owners to understand the critical importance of risk management and implement it strategically across their procurement and supply chain operations.


Supplier risk management is among the most critical procurement operations for a company to invest internal resources on, as well as seek help from external partners and SMEs. To learn more about the complicated nuances of third party risk management, visit the Knowledge Bank on the GEP® website. GEP SMART® is considered among the best end-to-end procurement platforms offering the latest and most effective supply chain risk management solutions used by leading global companies across industries and service sectors.
Add Comment +

Leave a Comment

Your email address will not be published. Required fields are marked *