Print Page   |   Contact Us   |   Sign In   |   Apply online
Community Search

2017-10-30 » 2017-10-31
Operational Risk Management Training - 30 & 31 October 2017 Cape Town

2017-11-02 » 2017-11-03
Operational Risk Management Training - 2 & 3 November 2017 - Durban

2017 IRMSA Gala Dinner & Awards Ceremony (3 November)

2017-11-06 » 2017-11-07
Risk Framework - 6&7 November 2017

2017-11-09 » 2017-11-10
Business Continuity Management 09&10 November 2017 (Namibia)

IRMSA Risk Chat
Blog Home All Blogs
Search all posts for:   


View all (61) posts »

Managing Vendor Risks - Risk Chat - 29 August 2016

Posted By Administration, 29 August 2016

29 AUGUST 2016



A supplier’s factory collapses killing hundreds of workers, some of them children. Thousands of customers’ credit card information and other personal financial records are hacked after a supplier is granted third-party access to the organisation’s network. A major product recall needs to be launched when the organisation discovers that a supplier used contaminated materials.

Concerns around vendor risk were once almost exclusively related to the quality of products or materials being provided by a supplier, or the risk that a vendor might be unable to meet delivery of supply quotas, thereby disrupting production. Today, organisations can increasingly be found liable for their suppliers’ behavior. Customers view the organisation as being the provider of a solution, and they don’t differentiate the organisation from its suppliers. If a problem occurs, they hold the organisation responsible and it is the organisation’s reputation that may suffer. Given this, organisations today need to broaden their risk focus to also include oversight of their suppliers’ health, safety and environmental practices, compliance with labour laws, use of intellectual property, practices around the sourcing of raw materials, corruption, and more. 

One of the biggest challenges facing organisations is gaining an understanding of the full extent of their supply chain relationships and the associated risks. Unlike risks within the organisation, which are comparatively easy to identify and mitigate, external risks—including economic and regulatory risks and other uncertainties—are much harder to quantify.

Organisations need to determine how and where suppliers and their activities could potentially expose the organization by developing a comprehensive view of the entire vendor risk universe, including where and how those risks are concentrated in terms of suppliers, products, commodities, geographies, and other factors. In areas of extreme concentration, organisations need to consider steps to diversify their supplier relationships.

Despite focusing on a wider range of vendor risks than they once did, many organisations’ methods of managing supplier risk still have yet to evolve. Some organisations, for example, continue to take a contract management approach to supplier risk, believing that the due diligence undertaken before a contract is signed with a supplier sufficiently mitigates the ongoing risks associated with that supplier. Often, no further risk assessments are undertaken, adopting a reactive approach to vendor risk management with problems often being identified and addressed only after they have occurred and the damage is done.

Taking this into consideration, risk managers need to carefully consider the risks associated with vendors:

  • Do you have a clear view of the key risks embedded in your supply chain?
  • Do you have a common standard of assessing the maturity and capability of vendors and suppliers in managing risk on your behalf?
  • Do you monitor and track vendor risk exposures and responses as part of vendor management and performance?
  • How prepared is your organisation to deal with risks that materialise, including the potential reputational; risk and stakeholder management to resolve?

You are currently signed up to IRMSA's mailing list.
To unsubscribe click here.

144 Katherine Street, Grayston Ridge Office Park, Block A, First Floor, Sandton


Copyright © 2016 IRMSA - All rights reserved.

This post has not been tagged.

Share |
Permalink | Comments (0)
Sign In
Sign In securely