With supplier bankruptcies a daily occurrence, to say that the topic of supplier risk has become hot is an understatement. The challenge is what to do about it. Someone recently asked me whether there are any KPIs you can use to measure supplier risk. There are, but developing those KPIs is a business process that goes beyond just thinking them up and slapping them onto a scorecard. Because of high concerns about supplier risk, some have begun to use the term KRIs (key risk indicators) instead of KPIs (key performance indicators).
The first thing you need to do is to define what supplier risk means to you and your company. What risks are you concerned about? Which categories of your suppliers have the potential to create risk? An article in Supply Management, “Beyond Low Prices,” advises doing some thinking around what some of your key supply risks are and get risk management plans and contingency plans in place. This can be as simple as brainstorming the likely risks with others in your firm (including those outside of procurement or finance), the probability of the risks occurring and then focusing on those that you have identified as having a higher probability of occurrence.
A small number of risk-related KPIs can be identified to supplement most firms’ cost-related KPIs, according to a recent report published by Oliver Wyman, Capturing the Upside of Purchasing – Related Risks. According to the report, many companies start out with more qualitative risks and progress to more quantitative risks as the management of risk becomes more cross-functional and shared throughout the firm and identification of, collaboration and communication with key suppliers increases.
So what KPIs might a firm use to get at supplier risk? Here are a few examples:
- Operational risks: the percentage of single-source suppliers for whom contingency plans are in place; quality metrics to uncover the risks of poor quality; supplier cycle time and on-time delivery
- Control effectiveness: controls that have been bypassed, such as dollars spent on non-approved suppliers or spend under/not under management.
- Cost related – supplier and commodity price increases; cash flow at risk from supplier problems
- IT/data risk: percent of suppliers using encrypted data transfer
As can be seen by some of these examples, these supplier risks are not under the purview of just one function in the customer firms. And at the end of the day, when all heads turn to procurement about the subject of supplier risk, procurement must work to elevate the conversation of risk to the executive level to include other functions and avoid the mission-impossible position of taking on the entire burden.