Are you hungry for more risk in your supply chain? Given the fact that 89% of participants in a Gartner survey experienced a supplier risk event in the past five years, your answer is probably “No.” But think about this: All innovation comes with risks attached. No risk-taking equals no innovation equals loss of market share as your competitors continue to improve through innovation and taking risks.
The answer to the question is rarely a strict “No” nor an enthusiastic “Yes.” A more effective response is “Let’s take a look at our risk appetite statement and evaluate.”
Chief procurement officers (CPOs) are the first line of defense when a disruption occurs. It is their responsibility to minimize time to recover
“Risk appetite is not a new concept, but it’s still widely underutilized,” says Koray Köse, Senior Director Analyst at Gartner. “It details to what extent risks should be taken to achieve strategic and operational goals, sustain competitiveness and increase agility. In times of uncertainty where tariffs and other geopolitical developments can have huge negative impacts on supply chains, a risk appetite statement that is accepted and valued by all stakeholders is more important than ever.”
Chief procurement officers (CPOs) are the first line of defense when a disruption occurs. It is their responsibility to minimize time to recover and the business value at risk and maximize the time the company can survive with the disruption in place. Therefore, CPOs should be responsible for creating a risk appetite statement for the supply chain.
Engage and assess
The first step is to identify and engage with relevant stakeholders in the business units. It’s important to know their goals and core capabilities as well as their dependencies, interdependencies and possible complexities in market regulations.
With this information in mind, the CPO can align procurement and business initiatives and emphasize those that drive the most positive impact to business goals. This is the time to watch for and eliminate discrepancies in risk preferences. For example, there might be an advanced sourcing initiative to drive new product development in high-velocity markets, but it’s slowed down by overly rigid processes in new vendor integration.
Read more: Build a Resilient Supply Chain Amid U.S.-China Trade War
Once everyone is on board, build the risk appetite statement while constantly communicating with the stakeholders. Communication with the business units and other senior leaders and functions, such as finance, legal and strategy, needs to be open and frequent. It’s a checkpoint for buy-in and alignment on any economic or political changes as well as compliance to existing governance or regulatory requirements. This process will also ensure the necessary endorsement and ratification.
New risks emerge with increased complexity, impact and velocity
CPOs might also be able to take advantage of a risk monitoring committee, which exists in most organizations. Traditionally, the committee has a reactive role — it monitors and guides responses to risk events after they occur. However, CPOs can use the risk appetite statement to help the committee evolve into an effective and efficient oversight tool that assesses current and emerging risks based on the risk appetite defined in the statement and become a true catalyst for a risk-reward decision-based culture.
No matter if your risk appetite is high or low, technology will usually help to improve risk management. “New risks emerge with increased complexity, impact and velocity,” Köse says. “Most leading organizations tackle this challenge with automated risk assessment and monitoring. Speed, accuracy and awareness are crucial.”
Decision makers increasingly rely on the support of such tools to spot relevant correlations for scenario planning, predictions and provide transparency. However, there is no one-size-fits-all solution. Work closely with your finance and IT departments to facilitate the budget and ensure proper implementation.
Be aware that some vendors claim to develop machine learning and artificial intelligence capabilities, but to date, very few can offer a working solution that truly uses those technologies.