7 Supply Chain Risks You Need to Anticipate and Manage
Thoroughly vetting vendors isn't just a necessary precaution - it's a way to minimize your chances of being affected by supply chain disruptions.
Your vendors and suppliers aren't simply companies you partner with and rely on - they're an extension of your operation. They give you flexibility, capacity, and a diversity of function that you would otherwise be incapable of attaining.
This kind of cooperation is what makes business as we know it possible. Fact is, no company is an island.
While it offers a laundry list of benefits, each partnership also creates exposures and risks that must be managed. Proper supply chain management is a way of evaluating and monitoring those vendor relationships to establish trust in a structured and comprehensive way.
Maintaining a pre-qualification and vendor management program requires an understanding of where the probable exposures lie and how to pry them open. While this is not enough to obviate the risks entirely, it at least puts you in a position to take proactive steps to dealing with them.
Supply chain issues have been a major business risk since the start of this decade. Many companies have realized just how dependent they are on a more or less predictable and reliable flow of materials.
This year, the flow of goods and the organizations that keep them moving are still at risk. To minimize the likelihood of a disruption, these are the factors you should consider when evaluating vendors and suppliers.
Health and Safety Issues
You've heard the maxim that "the best predictor of future behavior is past behavior." It applies to suppliers as well.
Working with a vendor that has a poor safety record introduces a large degree of risk to people, materials, equipment, time, and the environment. If you take a look at a would-be vendor’s safety numbers for the past three years and see more incidents than you would expect, it may be that they aren’t very committed to safety or that they settle for inadequate safety practices.
This is particularly relevant if your planned work relationship involves bringing their people on your company-operated sites. In those cases, you should proceed with a great deal of caution. A vendor that doesn't take safety seriously is a risk to everyone on the site - or the operation as a whole. You need to have confidence that they will perform their work safely and follow any guidance provided by the site operator.
A thorough evaluation may involve:
- Reviewing their safety program
- Validating relevant certification (for the company or their individual employees)
- Evaluating several years' worth of reports to get a sense of how the company tends to perform
No matter the size of your vendor relationship, assessing their reliability will often come down to questions about money:
- Is the company financially solvent?
- Can they perform the required work within the constraints of the budget?
- Do they have the cashflow to support the required activities?
It's always wise to take a look at the books, especially when there's a lot at stake. Take the time to ask some key questions about:
- The company's ownership
- Their credit and debt situation
- How long they've been in business
- If they've worked on similar projects (and can provide references for them)
Knowing some of those things can help you craft a purposeful contract that covers all the bases.
Sustainability and Environmental, Social and Corporate Governance (ESG)
With an increasingly watchful public eye scrutinizing the environmental and social impacts of business activities, it behooves any company to be proactive about their social and environmental responsibilities. Companies who invest in developing programs related to sustainability and ESG demonstrate that they are forward-thinking, conscientious organizations with eyes to the future.
It's important to evaluate contractors and suppliers on these terms because they are part of your larger organization. At least, that's how the public will perceive them. They will be seen as an intergrated part of any project they're involved in.
Factors such as management structure, compensation structure, and internal employee perceptions will all factor into how a company is perceived and functions in the modern climate, so it is best to know all about it from the get-go.
If this sounds vague, it might be simpler to understand that sustainability and ESG measures are used by investors to speculate on future enterprise value. That means the companies that value development in these areas are the ones that stick around and grow, making them better long-term partners.
To find the best talent, companies need to cast a wide net. A focus on diversity and inclusion has been shown to help companies identify, secure, and retain the right people. It also increases their overall agility and responsiveness, which are critical qualities when facing issues that could slow the movement of goods and materials.
You'll want to take a look at a company's policies and practices around hiring and employee accommodation. They should be inclusive of all genders, generations, nationalities, ethniticies, sexual identities, and disabilities.
That commitment to inclusion should be supported from the top management down, and cover the entire organization as its scope.
Data is a big part of business and companies are constantly under siege from malicious software and other attacks on their information.
Cybersecurity is part education, part software infrastructure. Both aspects of it have to be robust to protect an organization and all of its associates.
Ransomware is a particularly insidious threat, with its ability to slam the brakes on an operation while extorting a gigantic fee. Worldwide, some estimates have damages from ransomware attacks at six trillion dollars. It might not be above board, but it's big business.
Hackers know that brute force isn't the easiest way to breach an organization's system. Sometimes, all they need is a valid password - and all they need to get one is an employee who can be persuaded to spill theirs.
That's why it's important to not only assess a vendor's digital infrastructure but also the training they provide their employees. They should have the groundwork needed to immediately clock phishing attempts and stop them in their tracks.
This past year has been a crash course in what happens when laborers and specialists are suddenly in short supply. And we've seen that the results can be devastating.
Even if they use sophisticated equipment or do a bulk of their business online, most organizations are still people-driven. When key roles can't be filled, these organizations flounder and the services they provide all but disappear.
A supplier may have well-drawn plans, robust documentation, ample finances, and an excess of supplies. None of that will really amount to much if they don't always have the people that keep everything running.
What is your level of confidence that their important positions can remain staffed? If they lose personnel - temporarily or permanently - how easy would it be for them to be replaced by people with the right qualifications?
Risk management can be boiled down to three elements:
- Knowing the risks involved in an activity
- Deciding on mitigation strategies
- Understanding the amount of uncontrolled risk being tolerated
Buying insurance is a way of outsourcing some of that risk tolerance. It allows you to continue operating, even if you get hit with one of your worst case scenarios.
Vendors and suppliers are usually required to provide evidence that they have adequate insurance coverage. It's up to your organization to define the level of coverage you consider sufficient and to ensure that it is maintained for the duration of the project.
It takes a great, ongoing effort to properly manage vendors and suppliers but it is well worth it. Leaving risks up to fate is a perilous proposition for any organization. Put in the leg work to vet your vendor relationships - it's the only way to ensure long-term, sustained success with minimal loss.
For additional information and resources for supply chain management, please visit https://www.avetta.com