Five Easy Steps To Risk

Management in Procurement
There is no such thing as a risk-free
business. Every department within an
organization has to manage some form of
risk every day.
Cindy Rittel September 26, 2019

By ·

There is no such thing as a risk-free business. Every

department within an organization has to manage some
form of risk every day.

Risk management looks simple on the surface, but is a

highly complex part of the organizational and procurement
strategy. Controlling and mitigating the myriad of risks
associated with business operations is one of the key pillars
for success.

We’ll look at what this means from a procurement point of

view shortly, but to provide some context, first we need to
look at the process involved. Risk Management is the
process of identifying, understanding and grading risks so
they can be better managed and mitigated.
Though the actual process may differ from organization to
organization, a true risk management process has a number
of common steps. You may even recognize this as a process
you are already doing, without even knowing what it really
is.

Five Easy Steps to Risk Management

1. Risk Identification

Risks can range from the major (a key supplier files for
bankruptcy) to the less critical (a member of the
project team moves to a new role). Every risk needs to
be identified, no matter the size. Create a risk register
to keep track of them.

2. Risk Analysis

Once identified, each risk is analyzed against two

criteria – impact and likelihood (terms are
interchangeable). This is usually graded on a numerical
scale. Pro tip: Avoid using a scale where there is a
middle option, as it’s human nature to go for the middle
ground if you are not one hundred percent sure.

3. Risk Ranking

Using a risk matrix, give the risk an overall score by

 multiplying impact by likelihood. This will provide a way
to rank all the risks and identify which are the most
critical for your organization or project. Where scores
are equal, you may choose to favour impact over
likelihood (or vice versa) to rank one above the other.

4. Risk Mitigation

Once you know the risks and have a ranking, you need
to plan mitigation strategies or contingency plans for
each. Make sure that you involve all key stakeholders in
this and note roles and responsibilities in the event of
these risks occurring.

5. Risk Monitoring

No risk register is set in stone. Impacts and likelihood

will change over time; new risks will appear and some
may even drop off. A robust monitoring plan is key to
making sure your register is up to date and everyone
continues to know what to do.

Price Stability: Don’t Get a Nasty

Surprise
Procurement risks are much the same as other parts of the
organization. Procurement strategies should include risk
management, while strategic sourcing and strategic buying
should help to mitigate the majority of high-profile risks.

However, when faced with longer-term contracts in both

direct and indirect sourcing, there is a major risk in
unexpected price rises from suppliers. Even with
agreements in place within a contract to fix prices for a
certain length of time, this risk will still exist and can never
be fully planned for or mitigated.

Running through a simple PESTLE analysis of the external

environment for a particular industry or market can help to
highlight key risks and external factors. The vast majority of
these factors could in turn impact pricing, or lead to
situations where your suppliers need to increase prices
during the life of a contract.

Mitigating the Risk

What options are available to you? Regardless of your
relationship with your supplier, or how big a customer you
are to them, you can still challenge price increases and ask
suppliers for justification for the increases.

You may also choose to limit any price increases to a certain

percentage, for example in line with the Consumer Price
Index (CPI). However, evidence should still be provided,
including where percentage increases sit within the cost
breakdown (labor, raw materials, etc.), so the percentage
isn’t just applied across the whole price.

Or you may choose to mitigate your risk and leverage the

expertise of a procurement consulting organization or
Group Purchasing Organization (GPO). GPOs can help take
the time and resource-intensive risk management process
out of your hands and can provide better solutions than you
may achieve yourself.

GPOs will provide not only bundled, pre-negotiated

contracts, which supply a lower price at the outset, but also
support organizations in ensuring full transparency on
pricing, even as far as guaranteeing that rates don’t
increase at all. This leaves more time and resources for
procurement to carry out strategic activities, while being
assured that they can still deliver those much-desired
savings.

Contact UNA today to discuss how GPOs can help your

procurement function mitigate risks.

Subscribe to Supply Chain Management

Review Magazine!

Subscribe today. Don't Miss Out!

Get in-depth coverage from industry experts with proven
techniques for cutting supply chain
costs and case studies in supply chain
best practices.
Start Your Subscription Today!
From the January-February 2020
Subscribe to Our Email Newsletter
Sign up today to receive our FREE,
weekly email newsletter!