Effective governance and controls can give suppliers a competitive edge

| 0 Comments

MorokePhajane.pngThird-party risk management is currently an important topic for most corporate entities. In order to minimise their risk exposure, corporate entities are carefully scrutinising their third-party suppliers. Moroke Phajane, an admitted attorney and expert in third-party risk management, unpacks how third-party risk management can create a competitive edge, in this month's SmartProcurement.

As a result of the current economic climate, corporate entities are also exploring innovative ways of saving costs, without compromising the quality of services required from third party suppliers. This simply means that service providers and suppliers with effective governance, controls, suitably qualified personnel, and a flexible fee structure, will be most attractive to corporate entities.

This definitely creates an opportunity for suppliers using an operating model that makes it possible for them to negotiate alternative fee arrangements with their clients. This fee model - coupled with effective governance, controls and suitably qualified personnel - enhances the supplier's stature, brand and reputation.

Most corporate entities have a 'Procurement of Goods and Services Policy', which requires that a formal, transparent process is followed when selecting suppliers. The supplier selection involves a process in which suppliers are invited to bid to provide the required services.

In most cases, an independent cross-functional sourcing team is selected to assess the bids submitted by the various suppliers. The team uses specific criteria to select the most suitable supplier. The following criteria are generally used to assess-, and select suppliers:

• Preferential procurement (the supplier's Black Economic Empowerment (BEE) status)
• Operational and technical capability
• Assessment of suppliers' liquidity and solvency
• Commercial assessment (charge out rates, pricing structures and cost benefit analysis)
• Risk and compliance management controls (information security, business continuity and compliance with laws)

Preferential procurement
Most corporate entities are rigorously examining how supplier engagements impact their BEE scorecard. One of the key elements that is measured on the BEE scorecard for preferential procurement, is ownership.

Operational and technical capability
Suppliers have to provide evidence of their technical and operational capability. This can be achieved by demonstrating expertise in a specific area of specialisation, as well as the qualifications-, experience- and capacity of the resources employed to provide the services. This may include personnel and technology used to provide the resources.

The supplier's track record - or success rate - is also an important factor in determining the supplier's competency and capability. The supplier is also required to demonstrate its case management capabilities - which include providing clients with the necessary reports, updates and alerts for deliverables.

Assessing supplier's liquidity and solvency
The assessment of supplier's liquidity and solvency includes the evaluation of the supplier's audited financial statements to verify that the supplier is financially stable, and that its financial position will not hamper its ability to continue providing its services.

Information security
It is advisable that a supplier should - at a minimum - demonstrate that it has the following policies, processes and controls in place for the safe, and fair management of information processed on behalf of a corporate entity:

• Information protection and privacy policy: Internal mandatory statements that define the minimum requirements for fair and secure information handling practices
• Information security policy: Internal mandatory statements that define the minimum requirements for information security - including, strong password standards, data classification, data retention storage, data destruction and data loss prevention security standards (such as patch management, application firewalls, anti-virus tools and anti-malware tools)
• Access management policy: Sets out the procedures and requirements for applying for-, granting-, managing- and revoking user access to systems, data and physical premises. This includes controls to ensure that only authorised individuals enter the company premises - including a visitor sign in process, secure remote access procedures and encryption technology
• Acceptable use policy: Contains explicit rules for individuals (employees and contractors) about the appropriate use of the firm's information assets - including networks, devices and good practice to secure such assets
• Risk management framework and policy: The defined risk management framework as it pertains to people, data, financial risk and the mitigation thereof
• Compliance policy: The defined compliance management approach - or framework - to deal with regulatory compliance as it pertains to the organisation. This includes operational-, security- and human resources compliance requirements
• Business continuity framework or plan: A process which manages and tests the organisation's business continuity, and disaster recovery capability. This includes the availability of business continuity plans, disaster recovery plans and robust backup procedures
• Security management alignment to ISO2700X, Cobit and King III
• Incident management processes
• Compliance with relevant laws: It is important for the firm to understand the corporate entity's legislative universe, which comprises legislation applicable to the entity, and the industry in which the entity operates. This will enable the supplier to include measures and controls in their operations that will ensure that - while providing the services to a corporate entity - the supplier does not cause the corporate entity to contravene applicable legislation or regulations.

Business continuity
The supplier needs to demonstrate that it has measures and controls in place, which enables it to provide services to the corporate entity, without any disruption caused by factors such as key man dependencies, technology downtime and lack of back up procedures.

The current economic climate has contributed to businesses and individuals minimising, or at least prioritising, their procurement initiatives, as corporate entities are embarking on various initiatives to save costs. Managed- and outsourced services will definitely be on the list of services earmarked for minimal procurement, as companies are beginning to scrutinise the necessity of outsourcing services to external suppliers.

Innovative firms, which address business needs at a reasonable and lower cost - compared to existing suppliers - stand to benefit from this. This practice will certainly provide suppliers offering sound business solutions, adequate risk- and compliance controls, in addition to an established track record, the competitive edge.

Leave a comment


SmartProcurement Newsletter
X

Please enter your details below to receive the SmartProcurement Newsletter for FREE on a regular basis.

As part of the SmartProcurement Newsletter you will be receiving World Class Procurement News, Tools, Tips, Tactics, Procurement Training updates, Upcoming Events, and the latest Procurement Career Openings.

* Email Address:
* Title:
* First Name:
* Surname:
* Company:
  Position:
* Country:
* Public / Private:

 

 

Career opportunites

Warehouse Manager

  • <500 000 Gauteng Logistics & Warehousing Operations, Planning & Inventory Permanent
R400 000 - R480 000 CTC per annum.Location: ...More

Supply Chain Analyst

  • <500 000 Analyst Permanent Supply Chain Western Cape
R400 000 - R500 000 per annum.Location: Cape ...More

Commodity Manager

  • <500 000 Commodities Gauteng Permanent Procurement Consultant
R650 000 - R750 000 per annumLocation: Cape ...More

Logistics Manager

  • <500 000 Gauteng Logistics & Warehousing Operations, Planning & Inventory Permanent
Salary: R 800 000 - R 900 000 ...More

Demand Planner

  • <500 000 Gauteng Operations, Planning & Inventory Permanent Projects / Category Management
Salary: R 600 000 - R 650 000 ...More

Supply Chain Analyst

  • <500 000 Analyst Gauteng Permanent Supply Chain
R600 000 - R700 000 per annum Location: ...More

Commodity Manager

  • <500 000 Commodities Gauteng Permanent Procurement Management
R850 000 - R1 000 000 per annumLocation: ...More

Commodity Manager

  • <500 000 Commodities Permanent Procurement Management Western Cape
R700 000 - R850 000 per annum,Location: Western ...More

National Supply Chain Manager

  • <500 000 Across borders Permanent Procurement Management Supply Chain
R750 000 - R1 000 000 per annum,Location: ...More

Industrial Engineer

  • <500 000 >500 000 Industrial Engineer Operations, Planning & Inventory Permanent Western Cape
R450 000- R500 000 CTC per annum,Location: Western ...More

Commodity Manager

  • <500 000 Commodities Gauteng Permanent Procurement Management
Category: Procurement,Salary: R700 000 - R800 000 per ...More

Supply Chain Manager

  • <500 000 Gauteng Permanent Procurement Management Supply Chain
Category: Consulting,Salary: R750 000 - R800 000 CTC ...More

Logistics Manager

  • <500 000 Across borders Logistics & Warehousing Permanent Procurement Management
Category: Logistics,Salary: R900 000 - R1 000 000 ...More

Demand Planner

  • <500 000 Gauteng Operations, Planning & Inventory Permanent Projects / Category Management
Area of Specialisation: Planning,Salary: R500 000 - R650 ...More

Industrial Engineer

  • <500 000 Analyst Gauteng Industrial Engineer Permanent
R800 000 - R850 000 CTC per annum.Location: ...More

Security Manager

  • <500 000 Analyst Gauteng Permanent Procurement Officer / Specialist
(Total Cost to Company R350K - R550K).This is ...More

Operations Manager

  • <500 000 Gauteng Operations, Planning & Inventory Permanent Projects / Category Management
(Total Cost to Company R650k - R750k) excluding

Commodity Manager Raw Materials

  • <500 000 Commodities Gauteng Permanent Strategic Sourcing
(Total Cost to Company R980k - R800k) excluding ...More

Commodity Manager Logistics

  • <500 000 Commodities Gauteng Logistics & Warehousing Permanent
(Total Cost to Company R1mil - R900k).Industry: Engineering

Procurement Consultant

  • <500 000 Gauteng Permanent Procurement Consultant Procurement Management
(Total Cost To Company 550K - 450K) includes ...More