Many companies dipping their toes (or diving head first) into the shark-infested waters of supply risk management often ask where the best places to get started are (not to mention how to get started in them). Companies then ask about the best technology and content means of helping achieve an organization's desired end state. Yet both answers depend entirely on where an organization is from a capability/maturity perspective. There is never a one-size-fits-all solution or series of initiatives a company should follow. In a recent Spend Matters Compass series whitepaper, Supply Risk Management -- Segmenting the Technology and Content Landscape and Choosing the Right Category of Solutions (available for free download), we offer up a basic maturity model consisting of three different levels that let procurement, finance and supply chain functions self-identify/self-nominate where they are on a maturity curve.
This basic assessment takes into account overall spend under management and centralized influence, the overall technology environment within procurement and supply chain, purchase-to-pay (P2P) systems, invoicing and accounts payable (A/P), services procurement and risk management awareness. In our experience, organizations at Level 1 display a reactive approach to risk management. Their efforts are almost always ad hoc or coordinated in response to specific events such as a supplier disruption. Companies at this phase of maturity rarely have formal supply risk processes or contingency plans in place. They respond after the fact rather than taking a proactive stance.
Companies at Level 2 begin to take proactive approaches to risk management. They anticipate risks and deploy appropriate processes and contingency planning models to minimize the impact. At this level, a specific individual or group, often purchasing or finance, is assigned ownership of supply risk and allocated appropriate resources for the task. Companies at this level often view supply risk in a broader context of supplier management and procurement challenges and opportunities.
Organizations that reach Level 3 of the Spend Matters risk/maturity model have deep cross-functional efforts and well-developed, formal approaches to managing supply risk. They segment and maintain specific resources, tools and intellectual property to apply to different circumstances and often include both top company executives and key suppliers in their risk management steering and operational efforts. Companies at this high level of sophistication/maturity treat the process of selecting supply risk management solutions as an outgrowth of significant organizational collaboration and joint functional requirements definitions.
Where are you on the supplier management and supply risk management maturity scale? What solutions are best suited to your needs as result? You can download our research on the subject as a good first step in finding out. I'd also recommend checking out the ISM risk track at the annual ISM conference this spring and even attending the event, which promises to bring the best minds in supply risk management under the same conference roof at one time.