The future is always uncertain — but what really counts is figuring out just how uncertain it is. Put another way, what matters most is accurately assessing all possible risks coming at you from all angles.
Why? Well, how we frame a problem or work out a solution differs widely. Consider all possible things that can go wrong—and all possible combinations of outcomes. Even the concept of a risk management strategy may seem overwhelming, but the better you set yourself up for all possible outcomes, the better you’ll be prepared to deliver consistent service, with fewer surprises there to throw a wrench in your plans.
In this article, we’ll go over each stage of the process, from identification and assessment to control and monitoring. We’ll also highlight some areas that could leave you exposed (think contract management and fraud).
fdd[content_upgrade cu_id=”4650″]Free Download: Assessing Internal Risk: What Procurement Pros Need to Know[content_upgrade_button]Click Here[/content_upgrade_button][/content_upgrade]
What is Risk Management Planning?
Risk management is the process of finding, analyzing, and controlling threats that could undermine an organization’s bottom line. Threats can come from anywhere, be it legal issues, inventory mismanagement, volatile markets, or data breaches—although in a procurement context, most risk factors are linked to the supply chain.
As a result, companies need to take risk management planning seriously. Procurement must assess the sourcing landscape and get strategic about managing vendor relations. They’ll also need to look at global events like natural disasters or wars that might undermine the supply chain, as well as material shortages and competitive threats. In other words, there’s a lot to think about here.
Risk management planning can be broken into four distinct phases, which we’ve laid out here:
Risk Management Planning as Scenario Planning
Many risk management planning strategies are set up on the basis that future conditions will resemble current conditions, trending either up or down. As such, management teams often base decisions on that logic, making slight adjustments to account for things like internal headcounts, inflation, and budget fluctuations.
Unfortunately, this type of approach is a bit too simplistic. Instead, Deloitte recommends working with a scenario planning strategy. The idea is similar to what we’ve outlined in an earlier piece on the AT Kearney Purchasing Chessboard; using this approach, you’ll need to account for endless combinations of levers, methods, and strategies.
The Deloitte piece describes scenario planning as a process where decision-makers pose a series of questions, creating a discussion around a broad range of uncertainties to be considered.
Your goal is to come up with a different vision of the future: for example, how might a supply shortage combined with increased customer demand play out? Or, how might the rising costs of raw materials impact your supply chain?
Scenario planning also helps you identify areas where you’ll need to develop another strategy to mitigate risks. According to the piece, simply making predictions isn’t really the point of this exercise. It’s less about being right or wrong, and more about being able to visualize a wide range of futures—futures that plan for both opportunities and threats.
By considering all potential outcomes and designing a strategy for each one, management will be better prepared for whatever is on the horizon.
If you want scenario planning to work, it needs to become part of the internal culture. Decision-makers, procurement teams, and project managers need to openly discuss risks and opportunities and tie them directly to the supply chain.
Identify & Assess
Here’s the thing: all procurements come with a set of risks that can impact the order in progress. As such, you’ll want to identify and assess risks that impact current activities, and then use that information as your starting point. Over time, you’ll be able to forecast further into the future, but that refinement hinges on your ability to collect data and learn from those insights.
The graphic below offers one way you might think about this process, breaking risk management planning into three different areas. You’ve got sourcing & procurement, working capital management, and inventory management.
The idea here is that risk management factors are categorized based on how they impact the business. For example, sourcing and procurement might fall into the realm of the procurement department, as they’ll handle vendor negotiations, relationship management, and so on. Working capital management might fall under the responsibility of the CFO, who would work with the accounting and finance departments to optimize capital. Inventory management might be a joint effort between sales and operations. You get the idea.
So, you might approach the risk management process by going over each of these categories and making a list of any existing and potential threats. From there, all involved parties should get together to discuss how threats in any of these areas could impact the company, and how you might respond to minimize the fallout.
Once you’ve identified and assessed the risks facing your business, you’ll need to build in some measures to control the outcome. While this table doesn’t have the best graphics, it does a nice job outlining the areas where you’ll need to add some controls into the mix.
From there, you can assess these areas and assign them a score based on how likely any given scenario is to happen.
At this stage, you’ll begin to implement some proactive measures, much like you might when establishing your procure-to-pay strategy. Here are a few control measures that you might add after assessing risks:
- Approval Workflows
- Pre-set Budgets
- Authorized Suppliers
- Company Expense Policy
- Accounts Payable Process
- Digitized Purchasing Records
- Elimination of Manual POs and Documentation Methods
The list goes on, but the essential idea is that you’ll want to set up the tools and data managing systems needed to give all relevant stakeholders maximum visibility into purchasing, budgets, forecasts, and archived POs. These measures will allow you to catch any errors before they cause problems, and they’ll also provide an accessible record you can use to inform key decisions down the road.
There’s no shortage of textbooks, websites, and thought leaders out there to tell us how we can spot risks and make adjustments. Unfortunately, it’s rather hard for the human brain to pick up on every possible risk or opportunity we might face on the job.
To account for all of the uncertainties that might come your way, you’ll need the right tools on your side.
If it looks like you’re staring down some serious risks, then of course you’ll need to take action.
In some cases, you’ll want to pull the plug on your current strategy and start over. In others, you might need to make a few minor adjustments—think bundling orders together if you’re paying too much in freight.
Here’s the key thing to remember when it comes to risk management planning: you want to make sure that you’re prepared for anything, from getting in early on the next big opportunity to making sure that the next wildfire or hurricane won’t mean disaster for your supply chain.
ProcurementExpress.com is designed to help companies of all sizes, across all industries, gain control over their purchasing process from budgeting and vendor management to approval flows and cloud-based record-keeping. While risk management is one of the more challenging parts of procurement, our software makes it easier to collect and analyze purchasing data so you can make smarter decisions. Book a demo here to see what’s inside.
[content_upgrade cu_id=”4650″]Free Download: Assessing Internal Risk: What Procurement Pros Need to Know[content_upgrade_button]Click Here[/content_upgrade_button][/content_upgrade]