Tag Archives: SIG

How Dawn Tiura Built The Largest Sourcing Network In The US

If you’re an ambitious procurement or supply chain professional, there’s plenty to learn from Dawn Tiura about the power of networking, and upskilling yourself in the important areas of third party risk.


“You’ve got to meet Dawn,” said Gabe Perez from Coupa.

“You’ve got to meet Dawn,” said Chris Sawchuk from Hackett Group.

“You’ve got to meet Dawn,” said Alpar Kambar from Denali.

So, I said to myself – “I’ve really got to meet Dawn!”

There’s literally only a handful of women in the world who own and operate their own businesses serving the profession.

So… it was great to finalIy meet the much-admired Dawn a few years ago at the LevaData conference in San Francisco. Finally – I had found someone out there just like me – someone who also believed in the power of bringing our profession together.

Dawn and I are still really getting to know each other. We next met up at the SAP Ariba conference in Austin. Then she did a fantastic job keynoting at our Big Ideas Summit in Chicago last year (on third party risk…which is her specialty and very timely for what we were about to experience this year!).

SIG is a powerhouse. They dominate the U.S. Their member companies are a who’s who of Fortune 500 and Global 1000 companies who get together frequently. Their upcoming Global Executive Summit will feature insights from senior executives and disruptive thought leaders; they host weekly webinars, one-day events and CPO Roundtables; drive thought leadership in Future of Sourcing; and they have a training and certification program for sourcing, procurement and risk professionals.     

So, I wanted to make sure the Procurious community knows all about Dawn and her amazing company….so I asked for this interview..

When you started SIG, what was your vision? Were you trying to build the largest sourcing network in the U.S.? 

I actually am not the founder of Sourcing Industry Group (SIG). I took over the leadership in 2007 and my original intent was to remake it from a “good ole boys” network into the leading organization for sourcing, procurement and outsourcing professionals. My vision was to be a disrupter to the industry, pushing the latest ideas to members and to help elevate the role of the CPO.

Has your vision become a reality? Has SIG become what you thought it would be?

Yes and we’re making progress everyday as we continue pushing the envelope to adopt emerging technologies and find new ways to streamline the process of procurement. Over the last 10 years, SIG has become the largest network for sourcing professionals in the world. But more important than the size of our membership is the collegial nature and information sharing that we have fostered. SIG brings people together to share best practices and next practices in a non-commercial manner that creates success.

What have been your secrets to success?  And what advice would you give to others thinking about starting their own entrepreneurial venture?  

The secret to my success is surrounding myself with people who are smarter than me. They are my inspiration and they never say “no” to my new ideas. I also pride myself with only hiring people who volunteer in some capacity in their personal lives. For me, I think that people who give back to their local community or for a nonprofit says a lot to me about their character. We also allow people to take time off work, with pay, to support their own causes. The people I have recruited to the team often come from my volunteer work where I’ve seen their work ethic up close and personal. 

Why do you think people join networks? And, in particular, your network, SIG?  

The reason people join is most likely not the reason they ultimately stay.  People join SIG to network, share best practices and to become better educated. They stay largely due to the network itself and the fact we are non-commercial. People enjoy the camaraderie, the fun we have and most importantly how we lift one another up and help each other.  Our members are all great people, they participate fully and care for one another.  

Why did you decide to have both buyers and suppliers in your network? 

This was easy for me, I came from the supplier side, having consulted in sourcing for more than a decade. I know first hand that consultants/suppliers/advisors/tech companies each work with hundreds of clients and therefore bring a wealth of knowledge to the table. I encourage this interaction and these relationships. 

I really admire how you have very clear guidelines on how your suppliers, vendors and sponsors can interact with your members. What are some of those guidelines and why did you put them in place?  

I am proud of our Provider Code of Conduct and it is critical that providers acknowledge the fact that our practitioners are very sophisticated and won’t buy from you if you are a “slick salesperson.” They engage you because you have the right thought leadership that strikes a chord, or the right technology at the time they are ready to investigate it. They don’t buy from brochures or from being “sold to.”  If you are found to be actively selling, you are given one warning and the second time your membership is revoked and you have to sit out of SIG for two years. At that time we will allow you to come back into the SIG Tribe.  

When we caught up last year at the Big Ideas Summit in Chicago (by the way, you did an amazing job talking about Third Party Risk!  Very timely!), I really learnt how busy your life is – running your business, organising your major events, hosting webinars, mentoring young people….you fit a lot into your day, week, month, year!  What’s your advice to others who are trying to manage and prioritise their time better? 

I feel best when I have a lot of projects to take on, from building curriculum, to mentoring and parenting. The more I have to do, the more deadlines I have, it motivates me. Without deadlines, I would achieve very little. For example, you didn’t ask me for a deadline for this article, so it didn’t get done for over a month. I set my priorities by keeping them balanced. I must do something to help someone else every day, that is one thing that I believe in. Whether it is donating time or money to a good cause, shopping for an elderly neighbor or mentoring youth, we have an opportunity to be kind and to give back every single day and we should take advantage of that opportunity. 

What’s your advice to ambitious professionals out there? What should they be doing right now to make sure they succeed into the future? 

Learn to open your mouth wider so you can drink more easily from the fire hose, because technology is going to change at an increasing rate of acceleration. Accept it, embrace it and never fight it. Also, bring your authentic self to your role, whatever it is. You can’t be successful without living your own truth. Don’t try and be what someone else wants you to be, be who you are and who you want to become. Err on the side of kindness always. 

Most importantly, how are you personally right now? Florida is being hit hard by COVID. Are you and your family OK? What’s happening in Florida right now? 

Thank you for asking, we are doing well. I have a high school senior in virtual school and kids in college all working from their apartments. 

Summary

Wow!  Whichever way you look at this, Dawn is an inspiration.

If you’re a budding entrepreneur out there, you have hopefully been inspired by Dawn’s vision and determination.

If you’re an ambitious procurement or supply chain professional, there’s lessons to be learned in the power of networking and upskilling yourself in the important areas of third party risk.

If you’re a supplier, looking to truly partner with our profession, SIG provides a trusted and valuable conduit into the important buying community.

What did you learn from today’s story? Let us know.

C’mon Procurement Pros – Pucker Up And Get Your Tech Dollars Now

NOW is the time to start a robust process to select, fund and implement a new technology system. 


Your CFO needs some love right now – supply chain isn’t something they’ve had to worry about much before…because you had it all covered!!  For the first time in their careers they’ve had to get into the details of how you keep it all going.  Your poor pandemic-battle-scarred CFO is now looking for some new ways to mitigate future business continuity risks.

Procurement and supply chain leaders around the world have the answers to future potential business disruption woes – what’s needed is some serious investment in technology!

COVID-19 has placed the risk of future global supply chain disruptions at the top of the C-suite’s agenda. Not wanting to be caught out again, company leaders are desperate for a better, faster way to recover the next time a crisis strikes.

Their eyes are firmly fixed on supply chain.

So, it’s time to wipe the dust of all those technology business cases – and get on Zoom, pucker up to the c-level and ask for the cash.

It’s the right time

The pandemic caught us out. It stripped away the luxury of time, revealing the real supply chain risks that we knew had been lurking just below the water line for years.

The tide went out and our weaknesses were exposed – a lack of visibility into our multi-layered supply chains, an overdependence on single geographies and single supply source and a lack of agility to pivot and close the supply gaps.

As we move forward, supplier risk, supplier collaboration, value analysis, cost reduction, quality, and compliance will be more important than ever. 

NOW is the time to start a robust process to select, fund and implement a new technology system. 

How to pucker up

But how can you make sure you select the right system and construct a convincing business case, especially when budgets are being slashed across the board?

Here’s your guide to technology selection and adoption, pulled together from years of experience.

Step One – make sure you meet the business needs

It starts with understanding needs. As procurement and supply chain pros, we all know how to run a solid needs analysis….so I don’t need to labour this point.

To decide what works for your company and suppliers, remember the 80/20 rule.  For example, if 80% of your spend is on contingent labour, you are better off looking at a system that specialises in that functionality. 

What system is best?

Once you know your company needs, it’s time to narrow down the provider playing field.

This can get confusing, because you might pick your top three and accidentally end up comparing apples to oranges. One system could be a full end-to-end suite, and you’re comparing it to a contract management point solution and a sourcing tool!

It’s easy to get overwhelmed; there are literally hundreds of e-procurement technology suppliers in the marketplace right now.

About 10 years ago we saw a big push towards ‘best of breed’ solutions. There were very few fully-integrated suites that were intuitive and easy to use. Plus, a lot of companies had budget limitations, so they looked to point solutions for contracts, P2P, sourcing, supplier management, analytics, etc. 

That worked for a while, but then it became a nightmare to maintain all those integrations and the systems lacked true interoperability.  

Then came the race for fully integrated suites, which led to the likes of SAP Ariba, Coupa, Ivalua and Jaggaer who emerged to lead the pack today.

Will the strong preference for the fully integrated suites continue? That remains to be seen. One thing is for sure, we will see a thinning out of the market as some of the best of breed start-ups struggle for cash.

But only you will know what’s right for your company.

Finding the love…and the cash

Once you’ve chosen your tech system, it’s time to get senior-level buy-in. How can you make your case convincing?

It comes down to giving a clear, compelling ‘why’. Why now? Why this system? What will it mean for the company?

Some great messaging that would resonate with the c-suite right now would be:

  • Systems give transparency
  • Systems give control
  • Systems give confidence

As well as these overarching messages, you should tailor specific business case messaging and justification for investment in your system for different members of the c-suite.  For example:

Chief Executive Officer – mitigate business continuity risk and future profitability

Chief Financial Officer – cost control and visibility

Chief Marketing Officer – reputation risk, protecting brands and fostering innovation

Head of Operations – efficiency and continuity

Financial Controller – well, it’s obviously about control!

Another tip for developing your business case messaging is to reach out to your online peer community and look through social media, to find stories that support your reasons for investing in tech.

There’s nothing the c-level likes more than to do better (or avoid the same mistakes) than the competition. Your stories and examples on how peers are handling problems will be a powerful tool for motivating your senior leadership team to invest in your recommended technology. 

Keep a c-suite huddle

It’s critical to ensure you have a wide base of support across the senior leadership team so that your project has strong foundations.

Stay close to the c-suite throughout the project.  Don’t ever assume the support you secure today will endure. Keep them regularly updated to ensure your technology project stays top of mind (and the corporate strategic priority list!).

Also, beware the trophy-seeking sponsor who could be using your supply chain technology project as a pawn in their political power play. It is always difficult to pick these people, but the wrong choice could threaten your project’s success. You don’t want everything to go down the drain when your board sponsor’s career bets don’t pay off. 

Ensure change management isn’t funded out of small change

Business cases for tech have always focussed on headcount reductions (hard numbers based on FTEs taken out of Accounts Payable, administration etc) and efficiencies (more of a soft number) on the value side, and licensing and implementation on the cost side for investment in technology. Don’t forget to also factor in the total cost of ownership. Customisation costs, implementation, and productivity losses and gains are all important financial considerations.

All of these cost and other benefits are important, but you must ensure you include a significant budget for change management, training, user implementation.

As a profession, we have not had enough focus on how to implement technology; that’s our weak point. It’s difficult to ensure the organisation is gaining the full benefit of the system they have invested in – and for the most part, we do a pretty lousy job of it.

That’s because these are change management projects, not technology projects. It’s so little about systems and so much about the people who use them.

Too often, the implementation budget is the first thing to go when CFOs want a quick financial win. Don’t fall prey to their argument that people will work it out, or that it’s all straightforward. That logic is precisely how and why many technology projects fail.

Fiercely guard your change management budget, and make sure you have a dedicated project team to make it a success.

You can do this

This is your chance to step up and lead, showing your potential for a more senior role.

Given the high failure rate of these systems right now, it may be a high-risk strategy to take on the leadership of a procurement or supply chain technology implementation. But with risk comes reward; your successful project will be a great asset to your career progression and increase your visibility.

More importantly, it will prove that you understand the business and know how to solve complex issues.

As we work our way through this latest supply chain disruption, we are (sadly) capturing the real costs of this pandemic and will have much stronger financial proof points for investment in technology.

If this kind of disruption happens again, we know the magnitude of what it is going to cost. So we must put systems in place that will respond much faster to mitigate these potential losses.

Now is the time to step up and put forward your argument for investment. We may never have such a fertile and receptive audience as we do right now.

Act now, while the spotlight is on supply chain.  Don’t waste a crisis.

This blog is an excerpt from a talk given by Procurious founder Tania Seary, as part of the SIG Procurement Technology Summit. Want even more expert advice on choosing and implementing a new procurement technology system? Register for Matt Stewart’s podcast series

We are Living in Exponential Times

We are living in exponential times. While that fact makes it exceedingly exciting to be alive right now, it also comes with a lot of procurement related issues. Let’s examine a few facts, and see if you can realise where I am going with this:

  1. In 1984, there were 1,000 internet capable devices.
  2. By 1992, there were 1,000,000.
  3. In 2008, there were 1,000,000,000.
  4. Today it is estimated at 30,000,000,000.
  5. Last year, 4 exabytes (4.0 x 10^18) of unique information was generated, which is more than the previous 5,000 years in total!
  6. It is estimated that there will be 70 billion connected devices by 2025.
  7. NTT Japan has successfully tested a fiber optic cable that pushes 14 trillion bits per second down a single strand of fiber
  8. Technical obsolescence is accelerated with technologies becoming obsolesced in as little as 3 years!

The Exponential Risk in Your Tail Spend

Let’s talk about third-party risk management. In procurement we need to focus on getting the correct supplier/provider/adviser at the best total cost, delivering the right level of quality and service levels.

To most people, this means that we are living in exponential times. But to a procurement person it means “oh no, I need to look at all of my supplier relationships because of the possible threat of risk.” The issue with this logic is we don’t know what we don’t know. And that means we have probably done little to no research/cyber security/risk assessment on our tail spend, let alone on every supplier in our critical spend.

Most companies have entered into multi-year agreements with their critical spend suppliers. This is in an effort to secure the best total cost of ownership and allow ample time for their suppliers to retool, ramp up and to get to know them in order to meet their service and quality requirements.

Therefore, despite quarterly business reviews (QBRs), it can possibly be as long as one to 10 years since that contract and relationship has been assessed (if ever) for real third-party risks.

Getting to Grips with your Supply Chain

I speak with CPOs on a daily basis and every one of them admits that they do not have a perfect grasp of their third parties, let alone their fourth-, fifth- or sixth-level parties. When was the last time you asked a supplier (especially in the tail) if they ever subcontract? Or whether their third parties, or fourth, have been reviewed for cyber risk? Or any risk at all for that matter?

Do you know whether your fourth parties are using human slavery? If every device is updated for the latest virus check? Whether employees are charging their phones through their devices, or if they are permitted to insert USBs into their computers from an unknown source?

How do we know if our fourth-level parties have a proof of mining to avoid conflict minerals? When was the last time we even checked our own staff for complying with strong cybersecurity norms?

The Cyber Risks Within Your Organisation

Just recently at a convention for hackers, cables that looked like Lightning cables were modified with extra hardware that gave hackers remote access to devices. Here’s how they work:

“O.MG cables are indistinguishable from the real thing, and they even come with the iconic adhesive binding rings you’ll find wrapped around new Apple cables. The [modified] cables act normally, too, letting you charge your devices via USB or transfer files from your iOS devices.

Neither your PC nor your connected devices will ever notice that anything is amiss. Short of dissecting the cable to look for the extra hardware, the only way to detect that you’re using an O.MG cable is when you realize, after the fact, that your device was exploited.

And even if you happen to catch an attacker running a terminal window on your PC remotely, O.MG cables include a kill switch that disables the implanted hardware, thus destroying any possibility to track down the attack’s origins.”

‘These Dummy iOS Lightning Cables Let Hackers Remotely Access Your Devices’, Lifehacker, August 2019

Secure Apps?

Apple would have you believe that your iPhone is very secure, until you add your first app. For example, when traveling recently I downloaded an app to play Dominoes (the game, not the pizza). This is seemingly innocent, but since I was on a long flight, I actually read the privacy information.

Check out some of the following extracts from the Terms & Conditions and Privacy Information:

  • FM GAMES App is a gaming application that may utilise your personal data. You also consent to FM GAMES’s cookie policies, as described herein.
  • Types Of Data We Collect: We collect personal data and non-personal data about you.
  • Location and Distance Information: When you use the FM GAMES App, we will collect your location to determine your distance from other users (“Distance Information”) through the GPS, Wi-Fi, and/or cellular technology in your Device. Your last known location may be stored for the purpose of calculating Distance Information between you and other users.
  • Messages: When you send a message we may retain the message for archival purposes or as otherwise allowed by law.
  • Purchases: We collect information necessary to complete purchases. This may include, among other things, your name, credit card information, billing information, address, telephone number, and email address.
  • Third Party Tracking Companies: We may share your hashed Device ID, Profile Information, Distance Information, and demographic information with our advertising and analytics partners. These third parties may also collect information directly from you as described in this Privacy Policy.
  • Third Party Service Providers: We may share your Personal Data with third party service providers

When I tried to turn off location services, this was not allowed, so I discarded the app. If this is the case with a gaming app for my phone, can you imagine the angst my home screen caused our IT folks?

Would you know if you had been hacked?

If I charge my phone through my computer, imagine what I am opening up for hackers to get to? How many of you reading this are using public Wi-Fi? What about Starbucks, or at the airport? Many of us will pass through at least one on the way to the Procurious Big Ideas event.

Did you connect to the seemingly innocent Wi-Fi? Would you know if you were hacked? If you haven’t heard about the reporter whose email was hacked on an airplane while using the airline app while working on a story about the FBI and Apple, take the time to do so.

The hacker read nearly everyone’s email on the plane. They then pulled the reporter aside when they landed to discuss the security, or lack thereof, of his phone while using public Wi-Fi, even if was at 35,000 feet.

The Fallability of Passwords

If this isn’t enough, consider what anyone can do with your passwords. Take for example my login for Amazon. If you were able to see my screen while I was logging in, this is what you could do.

Then, if in Chrome, right click and click on Inspect.

By merely highlighting the password and writing the word “text,” you will see my password. It is that easy if someone is “looking at your email” as you are logged in.

So, there you go. This is my Amazon password and I have now changed it since I wrote this post (but don’t tell my kids). This is the most basic level of cyber protection you can get, but even at a personal level with my own “research,” we are so out of our league, especially when dealing with technology obsolescence.

In the era of BYOD (bring your own device) who knows what your staff is exposing your company to. If we take this one level further to our third parties, who out there is doing the exact same thing and exposing their company to the same risks I just showed you?

So, while we are going to discuss third-party risk management in my session at The Big Ideas Summit, this is just the icing on the cake. If I am just one of the hundreds of contractors, imagine what damage I could be doing to your risk profile.

The Art of Third-Party Risk Management

So, the long and short of it, we are living in exponential times and it is time we paid clear attention to all of our third-party relationships (and their third parties, etc.) along our supply chains or we are destined to be in for a large risk event. It isn’t a matter of if, but when it will happen. If technology obsolescence is happening faster all the time, then we need to stay educated and alert, not paranoid.

To overcome these obstacles, we need to have an effective third-party relationship management and framework. Successful third-party management programs should focus on the four cornerstones approach: contract and performance management, risk management, financial management and communication management. The risk aspect of the relationship framework needs to be addressed for both critical and non-vendor relationships, along with non-critical vendors.

I recently took SIG University’s Third Party Risk Management Certification Program and was amazed to learn how much risk we are exposed to within our contracts and the need for a strong third-party relationship framework with a focus on risk. For a framework to be successful, it must have strong governance and approved by senior management.

As a result of the 2008 financial crisis, there has been a renewed focus on the role of board of directors, the composition of the board, capabilities, accountabilities, and responsibilities for prudent acceptance and management of risk. This renewed focus has made it much easier to focus on third-party risk and to get strong governance in place to mitigate risks.

The most important lesson to leave you with is that third-party risk management is an art, not a perfect science. Having a framework in place to address and mitigate risk, escalate issues and seek resolution is the key to making strategic procurement decisions.

Learn more about procurement’s role in managing third-party risk by attending Dawn’s session at the Procurious Big Ideas Summit Chicago 2019 on Wednesday, September 18. If you can’t be in the room, there’s still time to register as a Digital Delegate. Find out more and sign up today!

About the Author

Dawn Tiura is the CEO and President of SIG, SIG University and Future of Sourcing and has over 26 years’ leadership experience, with the past 22 years focused on the sourcing and outsourcing industry.

In 2007, Dawn joined SIG as CEO, but has been active in SIG as a speaker and trusted advisor since 1999, bringing the latest developments in sourcing and outsourcing to SIG members. Prior to joining SIG, Dawn held leadership positions as CEO of Denali Group and before that as a partner in a CPA firm. Dawn is actively involved on a number of boards promoting civic, health and children’s issues in the Jacksonville, Florida area. 

She is a licensed CPA and has a BA from the University of Michigan and an MS in taxation from Golden Gate University. Dawn brings to SIG a culture of brainstorming and internal innovation.