Tag Archives: risk

4 Reasons You Can’t Miss The Big Ideas Summit This Year

At the end of a year when all our plans fell through, the Big Ideas Summit sets the tone, agenda and cements the possibilities for 2021. Here’s how.


Back in 2010, when you were making your ten year plan, what did you say your end game was? Multiple promotions? An overseas secondment? Perhaps a holiday home? Whatever you put on your plan, we’re pretty sure it didn’t include a pandemic, and we’re almost 100% sure that if asked if the last decade prepared you for this, you’d say a loud and clear no. 

But that’s exactly why our Big Ideas Summit is more important than ever. Back in February, we knew that COVID-19 would represent a watershed moment for procurement professionals everywhere when 94% of the world’s supply chains were interrupted. And what we predicted (if you could even call it that!) has come true: procurement and supply chain management has irrevocably changed, and so has our world. This year’s Big Ideas Summit is dedicated to that very transformation, so here’s four reasons you simply can’t miss it: 

  1. We’ll learn to think the unthinkable 

The global pandemic has been described as ‘unthinkable’ by many, but the truth is that world leaders had, in fact, planned for a pandemic, even if their response in reality was  a little different. So this begs the question, was COVID really as unthinkable as we all initially thought? 

While the jury is out on the answer to that, it’s clear that we’re living in increasingly uncertain and volatile times which require a vastly different set of skills than before. One person that knows this better than anyone is Nik Gowing, TV presenter and journalist. He recently completed an in-depth study into global leadership, and he has some truly fascinating insights into what attributes are now required to lead businesses into the future. 

  1. We’ll decipher today’s risk landscape 

This year, new risks have emerged so fast that many of us have barely been able to update our management plan before we’ve had to throw it out the window and start again. In 2020 (and likely, in the years to come), risk management is going to look vastly different to what it does today. 

Increasingly, change is happening more quickly than ever and there are more larger-scale risks that we all need to consider. These, perhaps unbelievably, may pose even larger challenges than the pandemic, in fact, The Economist implores us all to consider ‘What is the worst that could happen?’ and plan accordingly. Scary, right?

At this year’s Big Ideas, we’ll hear from prominent CEO Dawn Tiura on how we should approach risk, especially from a third-party relationship perspective. 

  1. We’ll ask the important questions about business continuity

When it comes to global business, we always thought where there was a will, there was a way. And thankfully, in the face of harsh lockdowns and enormous supply chain disruptions, many of the world’s industries have found a way to continue in some form, even if everything is done virtually. 

Yet not all industries have fared equally as well, with the aviation industry losing more than $84 billion dollars this year, and the tourism industry losing an equally eye-watering $24 billion.

For businesses like this, how does business continuity work? And does it even apply? One thing that the inspirational Kelly Barner, MD of Buyer’s Meeting Point, knows is that you need to be prepared for surprises. We’ll delve into exactly how we can all do that from a business continuity perspective plus much more. 

  1. We’ll discuss how we can all protect our careers 

While many of our colleagues may have been furloughed or laid off altogether, procurement and supply chain professionals have fared increasingly well career-wise throughout the pandemic. But while we may still have our jobs, how are our careers going in this increasingly uncertain landscape? It’s fair to say that while there may have been many opportunities, there may also have been various reasons why we couldn’t or didn’t take them. 

But in good news, 2020 isn’t finished yet. There is ample time to analyse the year that has been, and decide how to best protect – and grow – your career. We’ll discuss this at length in a panel at Big Ideas with four of the globe’s best procurement and supply chain recruiters. 
The catch phrase of the year is staying apart keeps us together. Now, it’s time to get together for real (virtually!), learn from those who have managed best, and plan for whatever 2021 may hold. Join us at The Big Ideas Summit here.

Improve Resilience By Treating Suppliers As Individuals, Says Top Risk Expert

We can’t just get our own house in order. We need to help our suppliers’ suppliers if we want a truly resilient supply chain. Procurious gets expert advice from riskmethods’ Bill DeMartino


How can companies of any size manage the huge number of risks in any supply chain?

Procurious Founder Tania Seary recently sat down with Bill DeMartino, Managing Director of North America at riskmethods, to find out about risk and the future of procurement.

Become resilient or lose credibility

The word of the moment is definitely resilience. But where do you start?

Bill says it’s a process. Not long ago, most organisations were hunting for better information to react faster as threats emerged.

“So this is what I would really categorise as being reactive,” Bill explains. “We want to get better at reacting to events (which is a fantastic place to start by the way) and what I would think of as the journey to resilience.”

The pandemic obviously changed many companies’ perceptions of their own resilience.

Yet he points to data that we’ve seen a 300% increase in disruptions of all kinds over the past three years.

“That means that for organisations who weren’t before acting the mandate is clear; this is the responsibility of supply chain leaders,” says Bill.

“If they are unable to deliver on this responsibility, they’re going to be losing credibility within the organisation.”

The good news is senior management is recognising the importance of proactive supply chain risk management, which will likely lead to more funding.

Treat suppliers better

So we’re all after resilience. But what does that actually look like?

It starts with a shift in the way companies treat and manage suppliers, Bill explains.

“I think we’re on the precipice of moving into what I would call the era of collaboration,” Bill says. 

“Traditionally, we’ve seen working with most of our suppliers in kind of a generic manner and we treat a few of them very specially. 

“But I think that collaboration needs to extend to a broader set of enterprises and so that continuum will continue to be a major transformation element.”

From reactive to transformative

Changing the way we see supplier relationships is a good step, but it’s only the start. 

Once an organisation can react quickly and be more resilient, it’s time to transform. That’s why the most mature and forward-looking organisations are overhauling their processes right now.

“Transformation is not just enough for me to figure out how to be reactive, but I really need to think more proactively on how I can change the elements and the way that I think about the category,” says Bill. 

These advanced organisations are asking how well they understand category risk exposure. And how they can incentivise people to act on the risks they uncover.  

“So it’s really more of a holistic approach to risk resilience,” says Bill.

Automation frees up resources

The other hot topic is automation. Bill says it’s incredible how much of our supply chain can be automated. 

“Supply chain folks are just automating everything that they can and it’s crazy,” says Bill.

“We’re trying to automate all the AP functions, we’re trying to automate all the contract functions, and now we’re actually moving up into the next level and trying to automate the analysis in the diagnosis of the data and the information and insights in those systems.”

“[W]ith this automation we’re able to free up the scarce resources and get our folks to focus on some of the proactive resilience and collaboration efforts they really need for the organisation to thrive,” says Bill.

Risk management in today’s environment

What does great risk management look like today? 

Bill narrows it down to three priorities:

1) Change jobs descriptions and incentives. You need to think about culture change. 

2) Put in place technology that can standardise processes, then measure them.

3) Manage your people well. Ensure that staff are actually following those processes in the way you expect.

“That’s the shift in the maturation that we’re seeing from our customers.  Before, they would just get the information.  Now they are working out how to best utilise that information and become proactive in their risk approach,” says Bill.

Minimise risk, no matter company size

You might be thinking, “That’s all well and good, but I work for an SME. How does that work for a smaller company like mine?”

And it’s true. You may not have the resources or capability at the moment with everything going on, says Bill.

“A lot of smaller organisations are so busy just keeping the business going, no one is taking the time to take a look back and actually think about what it’s going to be in three to five years out,” says Bill.

“They’re  just worrying about survival today.” 

Even if your organisation is small, you’ll likely notice a rising interest in risk management – whether it’s from your customers and executive team. 

“Customers are asking them, potentially assessing them and looking to measure them in terms of their risk preparedness so that’s definitely helping [put risk management on the agenda],” Bill says.

“We are also starting to see a really strong sense of awakening from [senior leaders] and with the idea of a supply network.

“[They’re] thinking it’s not just enough for me to take care of my house, but I need my suppliers to also do the same for theirs.”

What can you do?

So whether risk management is at the top of your agenda already, or it’s just starting to gain importance, Bill suggests three key areas to get your house in order.

1) Using technology to manage risk: “There is an enormous amount of information that’s out there and the largest challenge that organisations have is how to filter through that information and uncover specific and relevant insights.” 

2) Make risk information visible: Can people in your organisation easily find information about risk? 

“We’ve seen a lot of folks who create risk scorecards or risk audits, and that information gets locked away somewhere,” says Bill. 

Instead, he suggests putting that information on your employees’ phones and laptops so they can easily access it when they’re talking to suppliers.

3) Integrate: The final step is to embed all of that risk information and data into other company systems.

As a supply chain professional, Bill says you should ask, “How can I integrate the technology and make it something that really impacts the way that we work?”

Going forward

Now that risk management is firmly on the agenda, you can use it to get ahead in your career. 

Bill predicts the most valuable procurement professionals in the future will be able to manage risk in two ways.

The first is artificial intelligence. Companies will need people who can use AI to spot patterns in suppliers to predict future events. 

“For example, if a supplier shutters a plant and fires the CFO, I could predict a bankruptcy is coming and reorganise my supplier geography to avoid disruption,” says Bill. 

“We can utilise artificial intelligence techniques to start doing pattern recognition and help folks better predict – never with 100% accuracy – but better predict what may be coming down the pipe for them.”

The second is to make suggestions on the best way to react if a threat actually comes to fruition. 

“There’s a number of different approaches that we’ve seen utilised to respond to an event, so we can bring all that information together and present to the individual in a way that allows them to very quickly assess their options, make decisions, and run.”

Bill DeMartino, Managing Director of North America for riskmethods, can be heard in the webcast series The Future Of Supply Chain Now.

How can you limit supply chain disruption and proactively plan for market shifts? Check out this IBM report to find out.

Tough Talk: How To Deliver Bad News In A Good News Way

If you haven’t already delivered bad news to a supplier, you’ll likely have to soon. Here’s how you should do it.


Economically, this year is officially the worst year since the Great Depression. And while we, as procurement professionals, have largely been shielded from the worst of it owing to our critical importance to organisations, many others have not been so lucky. Many businesses, too. And unfortunately, some of those businesses include our suppliers. Even worse, sometimes it may be us that has to deliver some bad news to them. 

Psychologically, humans find it very difficult to deliver bad news. Procurement professionals would agree with this finding: telling a supplier, especially one that you’ve cultivated a valuable strategic relationship with, that something drastic is going to change can be nerve-racking at least, terrifying at most. But can you deliver bad news in a good way? You can, and here’s how. 

What kind of news might you have to deliver at the moment? 

So much is changing in the economy and our supply chain relationships at the moment, that there’s literally hundreds of different types of bad news that you might have to dish out to your supplier. But for most companies, bad news will fall in a number of categories. 

Firstly, you may need to tell your supplier that you have to reduce your volume. On the surface, they may see this as unfair, especially if they know that your overall output hasn’t changed much. But what they may not understand is that in the current risk environment, you can no longer be reliant on them and need to diversify. Similarly, you may not be able to use your supplier at all due to a whole host of risk-based reasons. 

Secondly, for just about all of us, COVID has meant that we’ll have to amp up our compliance. What this will mean for your supplier, and they certainly may not like it, is that you now need more documentation from them and more authentication of their sources. 

Thirdly, you may need to adjust payment terms. In an ideal world, especially if you work with small businesses, this adjustment may mean that you’re paying earlier. But for many reasons, this may not always be an option due to cash constraints. A conversation about longer payment terms is always challenging. 

Finally, COVID has forced many of us to change our requirements. Whether this be a changing product or input spec, whatever these changes are, it will most likely affect your supplier’s business, so may be a difficult conversation. 

How should you deliver this bad news? 

Businesses all over the world are struggling right now, especially many small businesses. So what may have been a difficult conversation last year, may now mean the difference between hanging on and financial ruin for your supplier. For this reason, you need to approach all conversations with suppliers delicately. When you do, make sure you employ all of the following: 

  1. Listen – before you speak 

Usually in organisation-supplier relationships, procurement professionals are used to having the ‘upper hand’ – so to speak. Essentially, we are effectively the ‘client’ of our suppliers, and we expect a level of professionalism and respect as a result. Interestingly, in relationships where the power lies more with one party (even if we may not act like it), the individual that holds the power usually does more of the talking.

Yet given the precarious economic situation, now might be the time to do less of the talking, and more of the listening. Even if you do have to give bad news to your supplier, it pays to first listen to how they have been going, and what, if anything, you might be able to do to cushion the blow of the bad news you’re about to deliver. 

  1. Have empathy – not sympathy 

In situations like these, it’s tempting to want to show sympathy to suppliers, especially if they’re struggling. But research shows that sympathy is often misguided, and empathy is better. But what’s the difference? 

Sympathy is when you feel bad for someone, and pity them on account. For example, showing sympathy to your supplier when they tell you that they may be going into administration would be to say ‘That’s awful – I understand how you feel.’ This statement could be a little frustrating to them, as in your position, you don’t actually understand how they feel. 

Empathy in these situations is always a better response. Empathy is when you take the time to listen to someone and understand what emotions they are feeling, but you acknowledge that you don’t necessarily feel their emotions. For example, an empathetic response might be: ‘I’m so sorry to hear that. I couldn’t possibly understand what you’re going through.’ 

  1. Be upfront – but also see if you can give, a little 

When it comes to delivering bad news, it’s best to simply be honest and upfront about what it is that you need. Prolonging delivering the bad news drags it out and will most likely make your supplier frustrated and nervous for the future. 

But after you’ve delivered your news, don’t just leave it there. See if there is anything you can do for your supplier, and then genuinely try and do it. This may include negotiating a slightly longer contract, flexing payment terms, or referring them elsewhere. Little things help and in this economy, those little things could be everything. 

Have you had to deliver any bad news to your supplier? How have you done it? Let us know in the comments below. 

Procurement Needs Less Processes – As They Are Slow, Boring And Self-Centered

Perhaps the best way to get things done is, ironically, to abandon the myriad processes we established to get things done!

I’ve discussed with a number of CPOs during the last months on how they have managed procurement during COVID-19. One recurring answer is along the lines of “we broke all of our processes and went to wild-west-mode.” Now, many say this with an interesting combination of sadness and pride. Sadness that they had to give away the great processes perceived to be the basis for any professional procurement organization. Pride and excitement of how procurement teams were able to improvise, work hard, and survive.

There shouldn’t be sadness for the breakdown of processes. This period has shown that processes are slow, boring and self-centered – and that we can live and thrive with much less of them. Many processes are manifestations of control-freak, risk-averse mediocre management but I admit there are cases where they can be beneficial.

Occasionally processes are great – when they allow for (almost) complete automation. For example, it’s great when routine tasks are mapped out as a process and automated to save people’s time and attention. Even in this case I see process more as a tool to enable (software based) automation rather than as the end-game.

Sometimes, processes can be helpful guidelines for a less experienced employee, and/or to facilitate coordination in teams. If you’re doing a supplier risk evaluation for the first time (and if it needs to be manually done), it may be good to have a process description to guide through the first steps. In these cases, processes should be seen as a learning method. Having consistent vocabulary and descriptions of a process helps communication and coordination across individuals.

Those are the exceptions. In most cases processes bring many hidden costs to our businesses.

Why procurement needs less processes

Processes are, almost by definition, designed to cover all sets of actions taken. This tends to lead to complex multi-step processes that often include a number of bottlenecks in the form of approvals and reviews. Whenever something bad happens in a company, management often asks “how we can prevent this from happening again.” The answer commonly is “let’s create a process.” Over time, there are more and more complex processes in place, gradually suffocating the organization and its creativity.

All this put together brings on a number of problems with processes:

  • Things get slow – there are so many steps to cover and so many approvals that getting even a simple task done takes a lot of calendar time. I believe this is the reason that lot of processes were broken during COVID-19: they were just way too slow to create a meaningful result.
  • Things get boring both for managers and the people driving the processes forward. CPOs often talk of a talent shortage in procurement. How to fix this? Definitely not by trying to reduce our exciting work to a process-led obstacle course. Nobody ever said “I just completed a 15-step sourcing process and that was the greatest moment of my life.” People don’t get excited about running processes but, unfortunately, they may get overly excited designing them. People get motivated about purpose, outcome, creativity and freedom, but not about executing processes. If we provide processes as tight guidelines on how to do things, we don’t get talent. Once we get real talent, we definitely can’t keep them with strict processes. It’s equally bad for managers – their job becomes one of reviewing and approving. Approving POs, business cases, vacation requests, what not. The brightest people who have worked hard, learned a lot, and would have a lot to give become rubber stampers.
  • Processes are also very self-centered. They assume that we can dictate the timeline – it may make our own lives more plannable, but it also takes out any options to leverage the opportunities that are coming up. Say, for example, you follow a strict quarterly business review cycle with suppliers. If supplier collaboration happens only through process-driven reviews, you are not leveraging opportunities coming up in between.

The world is getting faster and more volatile. In this new world, as the COVID-19 era has proven, processes are just too slow. I truly hope that COVID-19 did not only teach us that remote work is possible, but also that a more action-oriented, exciting procurement world is possible … But more on that on my next blog article.

This article was originally published here – it has been republished on Procurious with kind permission.

How Dawn Tiura Built The Largest Sourcing Network In The US

If you’re an ambitious procurement or supply chain professional, there’s plenty to learn from Dawn Tiura about the power of networking, and upskilling yourself in the important areas of third party risk.


“You’ve got to meet Dawn,” said Gabe Perez from Coupa.

“You’ve got to meet Dawn,” said Chris Sawchuk from Hackett Group.

“You’ve got to meet Dawn,” said Alpar Kambar from Denali.

So, I said to myself – “I’ve really got to meet Dawn!”

There’s literally only a handful of women in the world who own and operate their own businesses serving the profession.

So… it was great to finalIy meet the much-admired Dawn a few years ago at the LevaData conference in San Francisco. Finally – I had found someone out there just like me – someone who also believed in the power of bringing our profession together.

Dawn and I are still really getting to know each other. We next met up at the SAP Ariba conference in Austin. Then she did a fantastic job keynoting at our Big Ideas Summit in Chicago last year (on third party risk…which is her specialty and very timely for what we were about to experience this year!).

SIG is a powerhouse. They dominate the U.S. Their member companies are a who’s who of Fortune 500 and Global 1000 companies who get together frequently. Their upcoming Global Executive Summit will feature insights from senior executives and disruptive thought leaders; they host weekly webinars, one-day events and CPO Roundtables; drive thought leadership in Future of Sourcing; and they have a training and certification program for sourcing, procurement and risk professionals.     

So, I wanted to make sure the Procurious community knows all about Dawn and her amazing company….so I asked for this interview..

When you started SIG, what was your vision? Were you trying to build the largest sourcing network in the U.S.? 

I actually am not the founder of Sourcing Industry Group (SIG). I took over the leadership in 2007 and my original intent was to remake it from a “good ole boys” network into the leading organization for sourcing, procurement and outsourcing professionals. My vision was to be a disrupter to the industry, pushing the latest ideas to members and to help elevate the role of the CPO.

Has your vision become a reality? Has SIG become what you thought it would be?

Yes and we’re making progress everyday as we continue pushing the envelope to adopt emerging technologies and find new ways to streamline the process of procurement. Over the last 10 years, SIG has become the largest network for sourcing professionals in the world. But more important than the size of our membership is the collegial nature and information sharing that we have fostered. SIG brings people together to share best practices and next practices in a non-commercial manner that creates success.

What have been your secrets to success?  And what advice would you give to others thinking about starting their own entrepreneurial venture?  

The secret to my success is surrounding myself with people who are smarter than me. They are my inspiration and they never say “no” to my new ideas. I also pride myself with only hiring people who volunteer in some capacity in their personal lives. For me, I think that people who give back to their local community or for a nonprofit says a lot to me about their character. We also allow people to take time off work, with pay, to support their own causes. The people I have recruited to the team often come from my volunteer work where I’ve seen their work ethic up close and personal. 

Why do you think people join networks? And, in particular, your network, SIG?  

The reason people join is most likely not the reason they ultimately stay.  People join SIG to network, share best practices and to become better educated. They stay largely due to the network itself and the fact we are non-commercial. People enjoy the camaraderie, the fun we have and most importantly how we lift one another up and help each other.  Our members are all great people, they participate fully and care for one another.  

Why did you decide to have both buyers and suppliers in your network? 

This was easy for me, I came from the supplier side, having consulted in sourcing for more than a decade. I know first hand that consultants/suppliers/advisors/tech companies each work with hundreds of clients and therefore bring a wealth of knowledge to the table. I encourage this interaction and these relationships. 

I really admire how you have very clear guidelines on how your suppliers, vendors and sponsors can interact with your members. What are some of those guidelines and why did you put them in place?  

I am proud of our Provider Code of Conduct and it is critical that providers acknowledge the fact that our practitioners are very sophisticated and won’t buy from you if you are a “slick salesperson.” They engage you because you have the right thought leadership that strikes a chord, or the right technology at the time they are ready to investigate it. They don’t buy from brochures or from being “sold to.”  If you are found to be actively selling, you are given one warning and the second time your membership is revoked and you have to sit out of SIG for two years. At that time we will allow you to come back into the SIG Tribe.  

When we caught up last year at the Big Ideas Summit in Chicago (by the way, you did an amazing job talking about Third Party Risk!  Very timely!), I really learnt how busy your life is – running your business, organising your major events, hosting webinars, mentoring young people….you fit a lot into your day, week, month, year!  What’s your advice to others who are trying to manage and prioritise their time better? 

I feel best when I have a lot of projects to take on, from building curriculum, to mentoring and parenting. The more I have to do, the more deadlines I have, it motivates me. Without deadlines, I would achieve very little. For example, you didn’t ask me for a deadline for this article, so it didn’t get done for over a month. I set my priorities by keeping them balanced. I must do something to help someone else every day, that is one thing that I believe in. Whether it is donating time or money to a good cause, shopping for an elderly neighbor or mentoring youth, we have an opportunity to be kind and to give back every single day and we should take advantage of that opportunity. 

What’s your advice to ambitious professionals out there? What should they be doing right now to make sure they succeed into the future? 

Learn to open your mouth wider so you can drink more easily from the fire hose, because technology is going to change at an increasing rate of acceleration. Accept it, embrace it and never fight it. Also, bring your authentic self to your role, whatever it is. You can’t be successful without living your own truth. Don’t try and be what someone else wants you to be, be who you are and who you want to become. Err on the side of kindness always. 

Most importantly, how are you personally right now? Florida is being hit hard by COVID. Are you and your family OK? What’s happening in Florida right now? 

Thank you for asking, we are doing well. I have a high school senior in virtual school and kids in college all working from their apartments. 

Summary

Wow!  Whichever way you look at this, Dawn is an inspiration.

If you’re a budding entrepreneur out there, you have hopefully been inspired by Dawn’s vision and determination.

If you’re an ambitious procurement or supply chain professional, there’s lessons to be learned in the power of networking and upskilling yourself in the important areas of third party risk.

If you’re a supplier, looking to truly partner with our profession, SIG provides a trusted and valuable conduit into the important buying community.

What did you learn from today’s story? Let us know.

Are you Effectively Mitigating your Automation Risk?

Procurement’s new direction comes complete with a number of new risks to consider. And automation accounts for a few of them.

Photo by Alex Knight on Unsplash

For several years now we’ve heard the same message – procurement is going to become more strategically focused in organisations. One of the key enablers cited in this change is technology and the increasing automation of transactional tasks to help free up time and resources.

But technology and automation bring their own challenges, not least the impact of dealing with the ever-increasing issue of cybercrime and third-party risk. And, as I’ve said before, despite knowing about it, few CPOs if any have a full grasp of the risk present throughout their supply chain.

It’s not just technological advancements that represent a key risk, but also the role of technology in the changing nature of work. Being educated and aware of these risk factors will help put mitigation strategies in place. But it will come down to how well risks are managed when it comes to understanding the impact of any future major risk events.

I’ve selected three areas linked to technology and automation that procurement must be mindful of as they take their new strategic direction.

Third Party Risk Management & Personnel

Technology has helped to drive and support the rise of the gig economy. A 2018 report estimated that over one-third of US workers (36 per cent; 57 million people) were part of it. It may have started smaller, but the gig economy has grown beyond the names traditionally associated with it, the like of Uber, Lyft, Deliveroo and Freelancer.com.

The attractiveness of the gig economy lies in greater flexibility on where, when and how people work. For organisations it means they don’t have pay all the costs associated with a full-time worker – potentially saving 50 per cent on rates by using a gig worker. This would even hold true in spite of recent legislation passed in the EU and in California regarding workers’ basic rights.

However, organisations may not realise that they are exponentially increasing their third-party, technology-associated risk. An estimated 90 per cent of hacks targeting organisations take place through an individual employee’s computer.

How can they be sure that the laptop or internet-capable device the worker is using is compliant with network security? Or free from viruses or malware? It’s not only the gig workers, but the employees too, with 87 per cent admitting that they use their own devices for work purposes.

How will organisations support the gig economy workers to carry out their tasks while managing their risk levels? It’s a question no-one has really answered yet.

Changing Skill Sets for Sourcing Professionals

An increasing level of automation in procurement will naturally change the skill set that sourcing professionals require to do their job. This will be seen in a move away from data and analytical skills, and an increasing focus on Emotional Intelligence (EQ) and soft skills like change management, negotiation, selling, presenting.

The question is what are organisations going to do with displaced employees? Do they have an ethical responsibility to retrain them, retain them or up-skill them to allow them to move on? Yes, EQ and soft skills can be trained and will come more naturally to some people. However, there will still be a number who have difficulty in moving into this new way of working.

In my opinion the key skill, even accounting for EQ, will be adaptability. With the speed of technological advancement we are now seeing, people have to be far more adaptable than they ever used to be.

It’s impossible to fight change – some people embrace change, others fight it, others are paralysed by it. People will struggle if they don’t have that adaptability as a natural barometer. It’s a much tougher skill set to train, but as technology continues to advance, it’s a risk that organisations need to be aware of.

Responsible Automation

Linked to this is the final risk factor I’ve chosen to highlight here – responsible automation.

Most automation is pretty obvious, for example, installing an ordering kiosk instead of a human for ordering fast food, or having self-service checkouts at the grocery store. What people don’t see is the impact on the low to mid-level managers, who lose much of their transactional and managerial work as a result.

They are at risk as much as the frontline employees, but this isn’t always considered. Organisations have the social responsibility to have intelligent automation, to consider this through the risk management lens and assess how their technology fits with the social agenda.

Being more socially responsible with automation will represent a dramatic change from the current situation. Organisations need to stop automating for the sake of it, only eliminating the transactional elements because there is good reason to do so.

By being too keen to automate, organisations lose site of the need to have humans in the process, which may in turn increase risk. Until such times as bots and AI have the EQ we discussed before, they will miss out on the human aspect of detecting fraud or seeing the human thought process behind decision-making.

This is a more responsible approach, but also, from a risk point of view, protecting organisations against the loss of the crucial human element in some tasks.

About the Author

Dawn Tiura is the CEO and President of SIG, SIG University and Future of Sourcing and has over 26 years’ leadership experience, with the past 22 years focused on the sourcing and outsourcing industry.

In 2007, Dawn joined SIG as CEO, but has been active in SIG as a speaker and trusted advisor since 1999, bringing the latest developments in sourcing and outsourcing to SIG members. Prior to joining SIG, Dawn held leadership positions as CEO of Denali Group and before that as a partner in a CPA firm. Dawn is actively involved on a number of boards promoting civic, health and children’s issues in the Jacksonville, Florida area. 

She is a licensed CPA and has a BA from the University of Michigan and an MS in taxation from Golden Gate University. Dawn brings to SIG a culture of brainstorming and internal innovation.

Dawn provided some great insight and thought-provoking ideas at the Big Ideas Summit Chicago 2019 this week. If you weren’t able to be there on the day and couldn’t get there as a Digital Delegate, don’t worry. You can still sign up to access all the great content by clicking here.

Lessons In Risk Management: Unity Is Strength

In a digital future, relationships will continue to matter when it comes to risk management…

By View Apart/ Shutterstock

I recently attended a procurement event, and, over lunch, I had an interesting discussion with other procurement practitioners about supply chain risk management (SCRM). One of the people at the table stated that his organisation was not looking into increasing its SCRM capabilities because technology cannot help in preventing issues to happen. To reinforce his theory, he told us what had recently happened to his company. The factory of one of his key suppliers was reduced to ashes by a fire. That incident led to disruptions that, according to him, technology could not have helped preventing or mitigating the impact.

Even if it is true that SCRM technology cannot have a direct impact on the cause of incidents, it is not a reason to ignore potential threats and behave like an ostrich, sticking its head in the sand. The story above is one of the many examples demonstrating that organisations don’t learn and reproduce the same mistakes, again and again.

“Insanity Is Doing the Same Thing Over and Over Again and Expecting Different Results.”

Albert Einstein

SCRM technology together with SRM and Category Management can have an impact on reducing exposure by, for example, highlighting sensitive areas (single sourcing of critical components, suppliers in dangerous zones…). They also can help in reacting faster than the competition when problems occur. And there are many examples of that. However, there is more to it…

Being the customer of choice helps

During that same conversation, I mentioned another story I had read about as it was to some extent similar but with a very different outcome.

A buying organisation using a SCRM solution had received a notification that an incident had happened at one of their supplier’s factory. Therefore, the buyer in charge was able to

  • immediately contact the supplier to discuss with him
  • build a business continuity plan.

The immediate action was to have the supplier produce the component in one of his other factory that had some free capacity.

In addition to the speed advantage that technology provided, the buying organisation benefited from the good relationship he had built with the supplier. Because they were considered as a customer of choice, the supplier gave them access to possibilities that less preferential customers probably would never have had.

Get help from bigger than you

The story above reminded me of another one, with a different twist. I heard it a few months ago at a procurement conference in Czech Republic. A buyer (I will call him John) had in his portfolio a certain raw material. He was buying modest quantities of it but the material was nevertheless critical. Also, only a handful of suppliers were selling it. John knew that, in case of peak in demand, he would never be the one served first. In order to prevent shortages, he developed a clever alliance strategy.

John attended a fair where he knew that the major sellers and buyers of that raw material would be. Using the research he had done before the event and his observation skills, he connected with the big players on the buy-side of the market because he knew they would have better contracts and conditions that his. Conditions that would most probably integrate capacity agreements.

Months later, when demand peaked John did not contact his supplier to try to convince him to deliver to him; he knew it would be a vain effort. Instead, John reached out to a buyer (Bill) who he had met at the fair and with whom he had built a good relationship. He explained his situation to Bill. After listening, Bill explained that he could help because he had a contract that stipulates that the supplier must cover his needs as long as they vary within a certain range. As John’s needs were small in comparison to his, adding them to his would remain in the contract’s terms. After agreeing on the condition of this deal, Bill called his supplier to inform him that he would need larger deliveries. The supplier agreed and delivered the requested quantities to Bill who then forwarded what John needed.

In a digital future, relationships will continue to matter

John’s story has a particular resonance for me as I had lived a relatively similar situation when I was a buyer. But, I hadn’t done my homework like John, so I could not seek the help of a larger customer to help me. It took months and lots of efforts to recover.

These stories illustrate that Procurement professionals have to prepare for the worst and hope for the best. The fact that black swans exist is no excuse for not being ready! It also means that having the people, process, technology, and data to:

–                 identify weaknesses and risks

–                 build contingency and mitigation plans

–                 constantly monitor risk sources

These are the conditions for being proactive and not passive with regards to risks. Also, they should not forget the importance of nurturing relationships as business is human-to-human, H2H, (and no more B2B or B2C). At the end of the day, organisations having a competitive advantage are the ones that get the best out of their relationships with technology AND people; augmenting/enhancing each other.

Cybersecurity – What Does It Mean For Procurement In 2019?

How should procurement professionals be addressing cybersecurity within their organisations and addressing the weak links?

By Rawpixel.com/ Shutterstock

Google and McAfee estimate there are 2,000 cyber- attacks every day around the world, costing the global economy about £300bn a year.  The widespread adoption of digital solutions for the management of big data is a threat that is making organizations vulnerable to security breaches.   The proliferation of new SaaS products on the market and the use of cloud-based solutions are focusing our minds on how to protect our data and intellectual property.  The growing use of bring-your-own-device (BYOD) is adding to the complexity of defending organizations from attacks. 

Protection from data hackers has traditionally been the responsibility of the I.T. department where it should be taken seriously, although some companies have been inclined to put the issue on the back-burner.  Procurement’s interest in cyber-security is two-fold: 

a) it has to manage the myriad of potential security issues within the supplier community

and

b) it has to concern itself with data security issues within its own operations

Cybersecurity at suppliers  

Cyber-attacks do not always come in through the front door.  Many breaches come through weaknesses in the lower layers of the supply chain:   e.g. importers, agents and other service providers. Hackers, whose main objective seems to be to hold organisations to ransom, can infiltrate any of these layers. 

The weak links

  • Your suppliers’ suppliers are often targeted because they are more vulnerable.   They may have access to important information of yours and only have a very immature approach to data security.  It is estimated that over a third of corporate IT breaches are via third-party suppliers.
  • A lack of awareness among employees about how hackers gain access to systems.  The act of “phishing” which attempts to acquire usernames, passwords and credit card details via email for fraudulent purposes is a widespread activity that preys on peoples trust.   
  • The lax use of BYOD at suppliers can cause major security issues as malware protection and detection on these devices is often inadequate. 

 “Cybersecurity is never just a technology problem; it’s a people, processes and knowledge problem.”

US National Institute of Standards and Technology (NIST)

How to tackle the weak links

  • Due diligence.  Conducting risk assessments on each supplier before contracting will allow you to identify any areas of concern.  Firstly, potential suppliers should be vetted to ensure that they are not on any denied party or watch lists. On-boarding of new suppliers should include asking leading questions about their approach to data security and which protective systems they are using.  Many large organizations are adopting ISO 27001 which accredits them through an auditable security management system.               
  • Access control.   The level of access of each approved user to information needs to be monitored especially when there is any change in the relationship with a supplier.  This could be an organisational restructure or a takeover at the supplier which affects access to a shared system.  The aim is to prevent unauthorised access to data and procedures.
  • Education and training of staff Awareness programs and training staff about their responsibility for data security should be standard practice, both in-house and at suppliers.  Advice such as don’t click on unknown attachments, always use strong and unique passwords, and keep an up-to-date backup is a start. 
  • Notification about breaches   A contract clause that requires a supplier to inform the organisation regarding any security breach that may impact either business should be included in any supply agreement.

Cybersecurity within procurement

Large warehouses  of data are used by procurement professionals to identify cost-saving opportunities through spend analysis within their organisations.  Other files include supplier contracts, financial information and many P2P transactions.  We need to protect the confidentiality, availability and integrity of our information.   Cyber-attacks can be delivered through counterfeit hardware or software that is embedded with malware.  Outsourcing procurement functions with no due diligence or using unreliable and untested software packages can open the door to hackers.  Security gaps can arise due to the incompatibility of legacy systems with the outsourced solutions.  

Remember the data breach at TalkTalk in 2017?  The then CEO, Baroness Dido Harding said,

“There was the IT equivalent of an old shed in a field that was covered in brambles, all we saw was the brambles and not the open window.”

 She was referring to the weakness in their legacy systems.  The firm was fined £400 000 by the Information Commissioner’s Office.

What can we do today?

  • Collaborate with our IT department to regularly monitor systems, frequently update internal policies to create a security fence for the organization
  • Assist suppliers to build a robust cybersecurity plan to strengthen their IT infrastructure and cyber resilience
  • Stay updated on the latest innovations in data protection  
  • Work with suppliers to ensure that their IT systems and infrastructure are regularly updated. Ongoing reviews at regular intervals will help to identify emerging concerns
  • Develop a contingency disaster recovery and continuity plan to accommodate any potential supplier failure, including alternative suppliers. Always have a plan B.

Traditionally, procurement-specific risks just meant price fluctuations, delivery disruptions, supplier failure, fraud and non-compliance but no longer.   

Besides the reputational risks such as environmental crises, unfair treatment of staff and safety issues, the loss or corruption of corporate information can severely disadvantage a business.  The extent of the financial and reputational damage depends on the size of the breach, number and type of stakeholders affected and how quickly and effectively the company acted. 

Risky Business in Procurement and Supply Management

What sort of fallout can you expect to see from a supply chain scandal? What should you do when a risky event takes place? Tune in to today’s podcast on risk in procurement and supply chain, featuring ISM CEO Tom Derry and Procurious Founder Tania Seary.

Today we’re faced with complex supply chain challenges. In fact, it’s hard to think of an area of the business that modern procurement doesn’t touch, ranging from employment law, to climate change, to human rights.

As the complexity of supply chains continues to increase, so too does the number of issues we need to deal with, which is why supply chain disruption is often quoted as the number one concern of CEOs. They know that supply chain failures can have a dramatic impact on their public reputation – and their company share price.

ISM CEO Tom Derry joined Procurious to discuss how a supply chain disruption can damage an organisation, and what can be done to mitigate the risk.

What kind of fallout is a company likely to see as a result of a supply chain scandal?

Tom: From a Board and CEO point of view, there was an academic study written by a professor out of Georgia Tech a few years back that revealed that if there’s a publicly announced supply chain disruption, that company will experience a lower stock price for at least five years after the event. We’re talking about a catastrophic destruction of market cap and value for companies that experience disruption.

The other fallout is a permanent loss of sales. My 21-year-old daughter makes decisions about the products she buys based on what she knows about the company’s social and sustainability practices. If she hears something about a company that she doesn’t agree with, that company has lost her business for the rest of her life – that could be as much as 80 years of lost sales!

On the other hand, companies that have built up good social equity because of their CSR and sustainability practices don’t tend to suffer the same kind of heavy damage.

What are the common-sense steps to take to ensure your risk management is in order?

Tom: The first thing to understand is this doesn’t require an expensive consultant to run 10,000 Monte-Carlo simulations, give you a probability assessment or sell you a 2×2 matrix.

For procurement and supply management professionals, it’s important to look beyond the first tier of suppliers to where your organisation is really vulnerable – three or four levels down.

You should know every single-source supplier in your supply base, and you should have plans in place for immediately dealing with an issue with one of those sources.

You need to beware of geopolitical risk. If something changes – if an industry gets nationalised or if someone unexpectedly wins an election or referendum – what will your answer be if a scenario like that develops?

Look at the other side of the company. What are the products and services you’re selling, and what in your supply base could put that at risk? We should understand how the activities we are performing help support the business in making its money, and look there for risks that could really disrupt the business. 

How do you minimise fallout from a risk event taking place?

Tom: Wait. In the heat of the moment, it’s a natural human feeling to get defensive when you’re being criticised. An immediate instinct might be to get out there and say that the fault lies with someone else, but that would be a mistake. Don’t give into that instinct to blame, deny and defend. Instead, take a measured view of what’s going on, then accept ownership and responsibility. People will give you a lot of credit for being open, straightforward and transparent about a mistake. If you try to dodge it, it’s going to get worse before it gets better.

Part Five of Tuesdays with Tom is available now. Click here to sign up and hear ISM CEO Tom Derry discuss what sort of fallout you can expect to see from a supply chain scandal and what should you do when a risky event takes place? 

The Private Company Paradox

Procurement is going to have to do some extra work when it comes to evaluating private companies.  Kelly Barner outlines the common pitfalls to be ready for…

Benoit Daoust / Shutterstock

Many procurement teams have been tasked with diversifying the supply base. This often means partnering with small, diverse, or locally-sourced suppliers.

One challenge that arises is that many of the companies that qualify for such programs are privately owned. The lack of information that usually accompanies private ownership is at odds with procurement’s transparent supplier evaluation frameworks. Add to this the fact that participating in an RFP process just to be ‘diversity fodder’ is onerous and potentially even harmful to small businesses, and we’re left with a paradox:

How can procurement stay true to our mandate while also finding mutually beneficial opportunities for small and diverse businesses?

Procurement will have to do some extra work when evaluating private companies. Here are some common pitfalls to be ready for:

1. Limited or no access to current financials

This begins in the opening section of an RFx: ‘Please attach your company’s most recent corporate financials here.’ To which the supplier responds, ‘N/A: we are a privately held company and as such do not publish our financial statements’. That may be true, but it does not eliminate the need for the supplier to demonstrate that they are financially sound enough to justify an award.

2. Inability to determine risk levels

Procurement has to determine if there are concerns about the supplier’s ability to stay in business. What does their revenue pipeline look like? What are their customer retention rates? Keep in mind that this is a challenge with all companies, not just privately held ones. Procurement has to ensure that private companies are not hiding behind their ‘privateness’.

3. Few customers able to serve as relevant references

While private companies are not always new or small, it is a common combination of characteristics. The customers of small, privately held companies may be as tight lipped as the company they buy from. In fact, some may view their relationship with the private supplier as a competitive advantage or not want to accept the risk associated with speaking for or against such a company in the customer reference checking process.

4. Missing rigor from the expectations of shareholders

Being privately held means drawing capital from angel investors, venture capitalists, and sometimes employees or ‘friends and family’ investors. Who can procurement look to when trying to ensure that the leadership team faces appropriate challenges to their decisions?

Part of this dynamic needs to come from the relationships between leadership team members. Hopefully they (if not their private investors) are willing to fight to ensure the company stays on track.

5. Looming prospect of acquisition

Most private companies are on a journey towards either IPO or acquisition. While both can be disruptive for customers, having a privately held supplier acquired by a larger company is perhaps the greater concern. What changes will be made to contracts or terms of service?

Will the relationship be valued in the same way? Not having the answers to these questions (in large part because the private company’s leadership team doesn’t have them either) can make it hard to commit to a long enough term contract that both parties realise the desired level of value from the arrangement.

Being a private company shouldn’t be the only reason not to consider an otherwise qualified supplier for a contract. The problem is a circular one: if procurement doesn’t have access to the same level of information we do with publicly traded suppliers, how can we determine if they are qualified or not? The answer is likely to be a combination of pushing for additional information and accepting that some of what we are looking for isn’t available. As with all strategic decisions, we can never be 100 per cent certain that our choice is the right one. All procurement can do is maximise the availability of facts to ensure that the decision to contract a private supplier – like all other procurement informed decisions – is based on analysis, not assumptions.