Back to Hub

Unconditional Procurement with Cybersecurity

05/07/2019 By

In the global supply chain landscape, threats to cybersecurity are increasing exponentially.

Fortune 500 companies have seen sensitive information exposed because hackers have targeted their vendors and business partners, which are organizations that might not be as secure as their corporate buyers. Every supplier and business partner becomes an added risk.

Working with global companies large and small, one of the biggest opportunities that I’ve observed is managing multi-tier suppliers and mitigating risk. We can support all of our suppliers through secured technology and the principle of “unconditional procurement.”

What does that mean? By “unconditional,” I mean an unrestricted approach to procurement. Buyers often work with a variety of suppliers and treat them differently. These suppliers can range in scale and scope, from businesses with regional to international capabilities, from ones recognized as diverse to non-diverse. During the sourcing process, many organizations have requirements that vary depending on the type of supplier they’re looking for. Buyers should have a high-level overview and understanding of every supplier, no matter the size. They should always evaluate suppliers in the same manner to understand their company, no matter what they deliver to the door. Suppliers should not be subject to different conditions.

To promote a universal approach to procurement, it should be merged with any supplier diversity and sustainability initiatives. Key stakeholders from different departments should come together under the larger umbrella of strategic sourcing and be incentivized under the same performance metrics.

Because suppliers can be one of the biggest unmitigated risks that threaten your supply chain, the first step to making unconditional procurement work for your team is to make sure your suppliers are working on a secure platform. Business has gone digital, and cybersecurity should be a vital component of your daily operations.

For example, at ConnXus, we commit to delivering secure software and protecting our client data. We comply with EU and U.S. Privacy Shield standards and GDPR, and we have recently implemented SOC 2 (System and Organizational Controls) Type 2 protocols. Our information is encrypted and protected by a 24/7 security network.

By implementing this new security, we’ve ironed out our financial reporting, standardized our operation for organizational and regulatory oversight, and also created an exhaustive plan for vendor risk management. We’ve seen immediate positive effects within our organization, our RFP/RFI response rate, and our existing client feedback. We’ve baked in disaster recovery response processes to protect our business continuity in case anything were to happen (such as one of our suppliers getting hacked). For a lot of businesses, hacking is not a matter of if, it’s a matter of when.

What does your organization’s cybersecurity look like? Do your suppliers have the same security standards and values? Are you confident your vendors (big and small) are secure and compliant? How deliberate and intentional is your organization’s sourcing process?

Bring your category managers, CPOs and IT department together to improve your overall procurement process. Let them communicate with suppliers and bridge gaps within their supply chains. Reviewing suppliers, getting their feedback and asking for theirs in return improves your on-boarding process, payment, engagement, RFP/RFQ and requisitioning processes. The impact of including a broad base of suppliers and promoting engagement also determines the long-term sustainability and risk to your supply chain. Within your procurement teams, are you deliberately and intentionally holding your stakeholders accountable to maintaining feedback on your suppliers?

Think about incorporating a feedback loop within supplier relationship management (SRM) and make sure everyone is held to the same standards. This will drive supplier engagement and bring in new ideas that provide more value creation within your supply chain. I believe if buyers were more intentional about unconditional procurement, suppliers and employees can work together to promote new ideas that drive down cost, increase innovation/speed to market and create more impact as a whole.