---

For organizations working with a large number of external suppliers, certain types of risks are unavoidable.

These can range from late deliveries and quality issues to supplier financial instability or even unplanned supply chain disruptions due to geopolitical issues.

But, while we can’t stop these risks, understanding how to manage them is key to protecting your business and keeping things running smoothly.

This article is for procurement professionals looking to improve their supplier risk management practices.

You will learn something new whether you’re just starting out or looking to refine your existing strategy.

Let’s start with our first best practice.

Pre-Qualify New Suppliers

When it comes to supplier risk management, prevention is the best way to avoid unexpected problems in the future.

One practice that can help you achieve this is supplier pre-qualification, a screening process conducted before sourcing suppliers.

The pre-qualification process starts with a large pool of potential suppliers. These are then filtered using predefined evaluation criteria, eliminating those not meeting your standards.

Source: Veridion

This leaves you with a shortlist of qualified suppliers who are more likely to be reliable partners and directly impacts how you manage supplier risk.

In fact, by sourcing suppliers who have already demonstrated a certain level of competence and stability, you significantly reduce the chances of running into issues.

The criteria you use for pre-qualification can be customized to your specific needs, but some common ones include financial stability, experience and track record, compliance with regulations, quality certifications, and ethical practices.

Finally, it’s important to distinguish between pre-qualification and multi-stage sourcing.

The table below explains the differences between those two processes:

	Supplier Pre-qualification	Multi-Stage Procurement
Purpose	Ongoing evaluation and approval of a pool of qualified suppliers. Focus on general suitability.	Select the best supplier for a specific project through detailed evaluation stages.
Scope	A broad assessment of general capabilities and compliance.	Focused on specific project requirements.
Evaluation Criteria	General criteria: capability, financial health, compliance, risk.	Specific criteria: technical specs, pricing, delivery terms.
Process	Questionnaires, document reviews, site visits, references.	RFIs, RFPs, presentations, negotiations.
Outcome	List of pre-qualified suppliers for future events.	Selected supplier for the specific project.
Drawbacks	Requires ongoing updates.	Time-consuming and resource-intensive for complex projects.

Overall, supplier pre-qualification is a proactive approach to risk management. 

Using it to vet potential suppliers directly helps ensure a smoother and more successful sourcing process down the line.

Segment Your Suppliers by Risk Level

Segmenting suppliers by risk level, whether during pre-qualification or afterward, is a valuable practice for supplier risk management.

You can start this process by using the Kraljic Matrix.

The Kraljic Matrix allows you to categorize suppliers based on their value and spend, resulting in four distinct categories.

Source: Veridion

This helps you determine which suppliers are most strategic to your business and, therefore, which ones could seriously impact your operations if their supply is disrupted.

Now, with these groups in mind, procurement teams should prioritize reducing risk with high-value suppliers—specifically those classified as “Leveraged” and “Strategic.”

Understanding their risk levels is essential, as this preparedness helps minimize potential disruptions and their negative impact.

How do you assess these risks?

It’s helpful to examine the aspects that generally pose the greatest risks in supply chains.

One WTW survey analyzed what those risks are.

They surveyed over 800 senior decision-makers across various industries and highlighted these key risk factors.

Illustration: Veridion / Data: WTW

So take into consideration your supplier’s financial health, technological capabilities, and capacity to meet your demands.

Furthermore, examining their labor practices and ensuring alignment with your ethical standards can help prevent potential disruptions or legal issues.

To organize and track all of this information effectively, a risk assessment checklist, like the one shown below, can be invaluable.

Source: Smartsheet

These checklists facilitate a more systematic approach to supplier evaluation.

They allow you to assess each supplier across various risk factors, assign risk scores, and ultimately prioritize your risk mitigation efforts.

Ultimately, by segmenting suppliers, you can focus your risk mitigation efforts where they matter most.

Monitor Suppliers Continuously

The work doesn’t end with sorting suppliers based on their risk profiles and assessing their associated risks.

That’s because the situation can change.

A once low-risk supplier can suddenly become high-risk due to various factors, such as financial instability, changes in management, and even natural disasters.

Therefore, continuously monitor your suppliers, especially those strategically valuable ones.

Fortunately, several types of tools available today can significantly help with this ongoing monitoring process.

For example, systems like UpGuard offer continuous security monitoring and threat detection, alerting you to potential vulnerabilities or breaches in your suppliers’ systems.

Source: UpGuard

Whether you use a specialized platform like UpGuard or develop your own method for tracking supplier risk factors, doing so provides real-time visibility into potential issues, enabling proactive intervention and minimizing disruptions.

However, be sure not to make one common mistake. And that is overlooking higher-tier suppliers.

Source: Veridion

Both Tier 2 suppliers or even Tier 3 suppliers deserve your attention.

As Dicky Saputra, experienced supply chain manager and owner of SCM Guide, explains, monitoring these higher-tier suppliers can significantly enhance your risk management success.

Illustration: Veridion / Quote: SCM Guide

This is because risks originating further up the supply chain can easily cascade down and impact your business.

For instance, if a Tier 2 or 3 supplier engages in unethical labor practices or experiences a significant disruption, it can ultimately affect your Tier 1 supplier and, consequently, your business.

Leverage Technology in the Process

The right technology is a tremendous asset for applying all of these best practices.

A clear option is dedicated supplier risk management systems. These tools help assess, monitor, and mitigate risks, often integrating with procurement and enterprise systems.

Another key technology to consider is a business data service like our Veridion, which can significantly enhance your risk management practices.

Source: Veridion

Our AI-managed database of over 120 million businesses provides you with all the necessary information to efficiently pre-qualify new vendors and continuously monitor existing ones.

The database is constantly updated and kept fresh, allowing you to catch emerging risks within your supplier base.

Plus, with real-time alerts, you can proactively respond to critical changes and mitigate potential disruptions before they impact your business.

When it comes to the types of risk data you get access to, we cover the categories illustrated below, and more.

Source: Veridion

So whether the risk type you’re facing is geopolitical, financial, or concerning important ESG metrics, you’ll be on top of the latest developments, empowering you to make informed decisions and minimize the impact of disruptions.

All in all, leveraging the right technology can be a game-changer in your supplier risk management efforts.

Develop Contingency Plans

While powerful technology and vigilant risk management can do wonders, sometimes the unexpected happens even despite all the monitoring.

Sudden changes or critical events can disrupt your supply chain, regardless of how prepared you are.

That’s why it’s advisable to have contingency plans in place.

Recent McKinsey data highlights that organizations have been continuously implementing measures for resilience to disruptions, especially so from 2021 to 2023.

Source: McKinsey

As shown above, the most implemented contingency methods are dual sourcing and inventory buffers.

Another great contingency plan to consider as an alternative to dual sourcing is securing backup suppliers.

And many experts agree with that.

For example, Terry Smagh, vice president of Infor’s Asia-Pacific & Japan branch, explains that diversification of the supplier base is essential for supply chain resilience.

Illustration: Veridion / Data: Ecommerce News

After all, relying on a single supplier creates a single point of failure, making your business vulnerable to any disruption that affects that supplier.

Having backups spreads the risk, making your supply chain more robust.

Therefore, identifying suppliers with similar product quality and capacity but vastly different risk profiles is crucial.

These suppliers might be in different geographical locations, operating under different regulatory environments, or utilizing different logistics networks.

Also, considering suppliers with diverse ownership structures or financial backgrounds can further enhance resilience.

However, be mindful that finding backup suppliers, or even suitable options for dual sourcing, can be challenging.

In fact, WTW data reveals that finding viable alternatives is the primary obstacle for most organizations.

Illustration: Veridion / Data: WTW

That’s why it’s best to be proactive and use technology to your advantage.

Have your procurement teams continuously pre-qualify suppliers, leveraging large databases with granular data, like Veridion, to proactively identify and vet potential backup suppliers.

By planning ahead, you can ensure business continuity even in the face of unexpected challenges.

Foster a Culture of Risk Awareness

Finally, even the best practices we’ve outlined won’t be effective if they aren’t actively implemented throughout the organization.

Effective supplier risk management truly hinges on cultivating a culture of risk awareness across all departments.

Consider, for example, the various roles different departments might play in mitigating supplier risk.

Source: Veridion

When risk awareness is ingrained within the company culture, everyone contributes to identifying and mitigating potential issues, leading to more robust and resilient supply chain management.

This approach ensures that everyone knows potential vulnerabilities and works together on solutions.

This is particularly crucial for procurement and supply chain management teams, as they are on the front lines of supplier interactions and are best positioned to identify and address potential risks early on.

While this might seem obvious, putting it into practice is often more complex than it appears.

Promoting strong cross-departmental communication is an excellent starting point.

Open communication channels facilitate critical information sharing, enabling faster responses and more effective risk mitigation.

Furthermore, investing in upskilling your teams through targeted training programs and workshops can significantly enhance risk awareness.

Numerous risk management programs are available, such as the one offered by the Chartered Institute of Procurement & Supply (CIPS) shown below, which provides in-depth training on various aspects of risk management.

Source: CIPS

These programs equip employees with the knowledge and skills necessary to identify, assess, and mitigate supplier risks effectively.

In the end, well-trained teams and great cross-departmental communication create a culture of shared responsibility and proactive risk management, leading to a more resilient and adaptable supply chain.

Conclusion

As you can see, effective supplier risk management involves thorough preparation and a multi-faceted approach.

By applying these best practices, you can build a more resilient and reliable supply chain, minimize disruptions, and protect your business from potential harm.

So, start slow and pinpoint any potential areas in your supplier risk management strategy that might need improvement—addressing these will set you up for greater stability throughout your supply chain.