Navigating the Unpredictable: Managing Procurement Risk

In the fast-paced world of procurement, risk assessment and risk mitigation are not just a corporate policy designed to stop you from getting on with your job; they’re necessary survival skills. When making decisions, the ability to predict, understand and tackle potential hurdles can be the difference between success and disaster.

Why Should You Care About Risk Management?

Put in the simplest terms, risk management in procurement is all about anticipating and addressing potential hiccups (or major disasters) that could impact your process, contracts, relationships and organisation. Some of the common risks in procurement are unexpected price fluctuations, material or supply shortages, poor sourcing processes, bad supplier selection and supply chain disruption. 

All these risks can derail you from your desired outcome, and can show up at any point in the procurement lifecycle. And the nature of risk is that it’s not going to give you any warning in advance either!

The good news is that proactive risk management can drastically reduce the impact or likelihood of risks occurring. It’s not about eliminating risks (that’s a Utopian dream!). Instead, it’s about predicting possible threats, understanding their potential impact on your organisation, and taking pre-emptive measures to reduce any negative repercussions. 

It’s like knowing it’s going to rain and having an umbrella handy to ensure you don’t get soaking wet. You can’t change the weather but you can be prepared and reduce the likelihood and impact of getting wet.

What Skills are Needed to Effectively Manage Procurement Risks?

Risk management can be an overwhelming landscape to traverse. To keep things simple, here are the four essential skills that every procurement pro needs to have in their armoury:

1. Risk identification: This involves the ability to scan the external environment meticulously and recognise potential disruptions. Excellent analytical skills are essential in breaking down complex procurement processes and pinpointing possible risks. You need to look at all aspects of your procurement process – reviewing previous contracts and taking the time to understand what worked well and not-so-well is a good place to start.

2. Risk assessment: Now that you’ve identified some of the risk areas, it’s time to get into specifics. Detail the risks and work out their risk rating (Low, Medium or High). This rating is calculated using two key factors – impact and likelihood. If this sounds complicated don’t worry, there are lots of easy risk matrices out there you can use. 
   Once you have a rating, you need to think about mitigations. What are some actions that could be undertaken to minimise or eliminate the likelihood and impact of each risk? Capture this in a risk strategy. 

3. Strategic thinking: Risk skills are not all about tools and techniques – procurement professionals must be able to consider the bigger picture, weighing risks against opportunities and making strategic decisions. These decisions can be, and are frequently, impacted by an organisation’s risk tolerance. Simply put, you can’t mitigate all risks, so what are some of the risks that your organisation is willing to take? 
   For example, one business may be willing to increase funding to a supplier by $1 million, as the consequence and impact of the contract failing could be viewed as a worse outcome, and any reputational damage may have a greater value than this. 

4. Communication: Finally, it’s no good undertaking an exercise from the comfort of your own computer. Procurement professionals can prove their worth by effectively communicating the risk assessments to the relevant areas of the organisation.  
   Risks will impact a broad range of stakeholders, from C-Suite and other departments, to suppliers. You will need to craft a communication plan to give each stakeholder group the relevant information and a focus on the particular risks and mitigations that impact them most.

What Are Some Common Supply Chain Risks?

It can be helpful to think of risks in two broad ways; internal and external risks.

Internal risks are those that originate from within the organisation. These can stem from aspects such as poorly formed requirements, operational inefficiencies, lack of buy-in from stakeholders, or poorly understood timeframes. 

External risks are those occurring outside the organisation, or where the impact of the risk occurs outside the organisation. These can include things like a lack of suppliers to involve in the process, no continuity of supply (either through supply chain disruption or materials shortages), adverse media attention, or poor external communication. These can also include the wider landscape such as global or political events.

Be aware – internal and external risks do not occur in isolation. Risks that originate inside an organisation can have a direct impact on external suppliers, and vice versa.

Don’t Set and Forget

One of the biggest mistakes with risk management occurs when it is only thought of during the planning or sourcing phase. Risk needs to be managed through the whole procurement life cycle. A couple of prime examples from the post-tender phase include:

• Poor Contract Kick-off – Make sure the contract initiation is set up for success by inducting suppliers and clearly outlining the expectations.
• Lack of Supplier Relationship Management – Once the contract is live, ensure that there is an effective supplier relationship and contract management in place to ensure there is a constant flow of communication. This can also help to mitigate your supplier’s business impacting you!

Navigating the complex terrain of procurement risk doesn’t have to be a chore. It’s about keeping an open dialogue with your suppliers, monitoring performance, and predicting changes in the market. Your suppliers are your partners in this journey, and together, you can face any risk that pops up. 

For a deeper dive into Risk Management be sure to check out Procurious TV ‘Managing Risk’