Get the highlights from our recent joint webinar with CASME, where we asked industry leaders to reveal their key advice for managing risk in an unpredictable world.
Whatever the next globally disruptive crisis is, there’s no doubt procurement will be brought front and centre to help organisations navigate it.
In recent years, geopolitical tensions, rising prices, and supply chain issues have shown us the valuable role that procurement can play in mitigating risk – helping it become a crucial part of many organisations’ risk management strategies. However, those conditions have also highlighted the differences in how organisations identify, monitor, manage, and address risk depending on their size, the sector they operate in, and their risk management maturity.
That’s why we brought together four experts – who all have varied and valuable experiences in managing risk – to share their perspectives on how organisations should be operating in an unpredictable world.
You can view the full conversation with an on-demand recording of our webinar here. But in the meantime, we’ve captured the highlights below.
- Alex Tassini-Negri, Head of Global Sourcing – Dun and Bradstreet
- Stacie Lee Paterson, Third Party Risk Management Strategy and Process Lead – Eli Lilly and Company
- Graham Crawshaw, Procurement Content Director and Board Member at CASME
- Omer Abdullah, Co-Founder – The Smart Cube
The human element in risk management is crucial
To kick off the session, we polled the audience to find out how they’re managing third-party risk today. And our panel wasn’t surprised to see that the most popular strategy was a manual risk monitoring program.
Alex Tassini-Negri, Head of Global Sourcing at Dun and Bradstreet, explained the idea behind this manual approach to risk management: “There’s a human element associated with every aspect of third-party risk management. It doesn’t just sit with procurement, legal, or sourcing – it’s a team sport. And that’s exactly what this result shows.
“Every single person plays a part in managing and mitigating risks throughout the supply chain. There’s a certain number of tools you can use, but at the end of the day, these are insights that need to be looked at and interpreted by humans.”
For Stacie Lee Patterson, Third Party Risk Management Strategy and Process Lead at Eli Lilly and Company, it’s a similar scenario. Operating in the pharmaceuticals market where suppliers can have a major impact on the final product, there’s a lot of manual work involved in mitigating those risks.
As Stacie explained: “We rely on our suppliers to perform some of our key business activities, and we want to make sure we’re effectively selecting, overseeing, and managing third parties. And, as Alex said, that involves a people component – an ongoing live conversation.”
And although the majority of the respondents reported just using a manual approach to third-party risk management, our own Co-Founder Omer Abdullah saw this as a positive sign.
“What’s heartening is that the majority of companies are clearly thinking about the issue,” explained Omer. “Even if it’s a manual approach that’s there today, they’re actually taking steps. And if we had asked this question ten years ago, I think we’d have received a very different response.”
A closer look at holistic risk management
To unpack the idea of holistic risk management, we asked our panellists what the concept looks like in their own organisations.
For Stacie, it’s a two-pronged approach: “When we talk about risk at Eli Lilly and Company, we talk about two components. The first is the potential risk of working with a supplier. Then, we consider the residual risk – the risk that’s left after the controls we’ve put in place to mitigate that potential risk.
“You really need a foundation to identify those initial potential risks and put them into a third-party risk management lifecycle. It needs to be one you can adjust and move through when issues arise. And, from a screening perspective, it’s so easy to get those potential triggers and warnings from suppliers today.”
Stacie’s idea of residual risk rang true for Omer, who added: “I really like that idea of residual risk because it’s an understanding and acceptance that complete, 100% risk mitigation is just not a reality. I think a lot of the time, we embark on these initiatives thinking we’re going to solve the problem once and for all. So, the idea of residual risk helps manage expectations between yourselves and suppliers, and throughout your wider organisation.”
Alex also shared a similar approach to Stacie, and explained: “When Dun and Bradstreet is looking at risk, we’re looking at it from the initial stages and thinking, ‘what’s the business impact if we make the wrong decision?’.
“We’re considering how it’ll affect our speed to business and revenue – those aspects are just as important as considering supply risks. Then, there’s the additional layer of whether you’re doing business with ethical companies […] it’s about looking at all those facets beyond just supply chain risk.”
Stacie and Alex’s approaches were shared by many procurement leaders in the CASME community, too. As Graham Crawshaw, Procurement Content Director and Board Member at CASME explained: “I’m seeing that procurement globally is wanting more information to prioritise risk across all levels from pre-contract stages to contract pricing and benchmarking.
“And clearly, the financial stability of suppliers is still the number one biggest concern – we still have an elevated level of company failures, so it’s no surprise. But then you’ve got other pressing issues such as bribery, corruption, and cybersecurity. Ultimately, it’s become a much more complex challenge today.”
Risk management has evolved – and it needs to be a collaborative process
One key point Omer highlighted in our session was that the past few years certainly haven’t been a normal state for risk. Instead, it’s been a period of risk overdrive that has forced our panel – and organisations worldwide – to rethink how they approach risk management.
As Alex explained: “COVID really brought disruption to every part of people’s lives, and we had to look at every single part of our supply chain to see where we might have gaps in our services. Then, we had to consider how we can mitigate the risk of using a particular service for our supply chain that we wouldn’t normally have used.
“It meant diversifying our supplier portfolio, focusing on cost containment, and looking for other opportunities to negotiate. It was a case of looking at what our suppliers were doing and figuring out how we can get more efficient and productive to reduce costs. And that’s why this entire risk ecosystem we’ve been talking about is really an important piece that brings the whole picture together.”
The pandemic prompted Eli Lilly and Company to follow a similar approach, as Stacie explained: “There were so many learnings out of our supply chain during the pandemic – we always had to be ready for a supplier to have issues. We had to work really hard with our manufacturing and procurement teams to make sure we had alternate sources of supply.
“Due to our pipeline, we engage with a lot of smaller suppliers, too. So, it was a case of considering how we work with these smaller companies to achieve our mutual goals. Smaller companies don’t have the same infrastructure in place, so it involves thinking about how we can actively support them.”
Alex shared similar thoughts, emphasising: “There’s an opportunity to think about co-creation – take each other’s hands and go on a journey together, instead of expecting a smaller startup to take on all the costs associated with the relationship. Make it a joint risk […] then you have a chance to disrupt the processes that exist today.”
Get the full conversation on demand
We’ve only just scratched the surface of what the panel spoke about during the session.
Watch the session on demand to hear all the experts’ insights – including the tools they’re using to mitigate risks in their own organisations, and where they recommend other leaders should be focusing their attention over the next few years.