Effective governance and controls can give suppliers a competitive edge


MorokePhajane.pngThird-party risk management is currently an important topic for most corporate entities. In order to minimise their risk exposure, corporate entities are carefully scrutinising their third-party suppliers. Moroke Phajane, an admitted attorney and expert in third-party risk management, unpacks how third-party risk management can create a competitive edge, in this month's SmartProcurement.

As a result of the current economic climate, corporate entities are also exploring innovative ways of saving costs, without compromising the quality of services required from third party suppliers. This simply means that service providers and suppliers with effective governance, controls, suitably qualified personnel, and a flexible fee structure, will be most attractive to corporate entities.

This definitely creates an opportunity for suppliers using an operating model that makes it possible for them to negotiate alternative fee arrangements with their clients. This fee model - coupled with effective governance, controls and suitably qualified personnel - enhances the supplier's stature, brand and reputation.

Most corporate entities have a 'Procurement of Goods and Services Policy', which requires that a formal, transparent process is followed when selecting suppliers. The supplier selection involves a process in which suppliers are invited to bid to provide the required services.

In most cases, an independent cross-functional sourcing team is selected to assess the bids submitted by the various suppliers. The team uses specific criteria to select the most suitable supplier. The following criteria are generally used to assess-, and select suppliers:

• Preferential procurement (the supplier's Black Economic Empowerment (BEE) status)
• Operational and technical capability
• Assessment of suppliers' liquidity and solvency
• Commercial assessment (charge out rates, pricing structures and cost benefit analysis)
• Risk and compliance management controls (information security, business continuity and compliance with laws)

Preferential procurement
Most corporate entities are rigorously examining how supplier engagements impact their BEE scorecard. One of the key elements that is measured on the BEE scorecard for preferential procurement, is ownership.

Operational and technical capability
Suppliers have to provide evidence of their technical and operational capability. This can be achieved by demonstrating expertise in a specific area of specialisation, as well as the qualifications-, experience- and capacity of the resources employed to provide the services. This may include personnel and technology used to provide the resources.

The supplier's track record - or success rate - is also an important factor in determining the supplier's competency and capability. The supplier is also required to demonstrate its case management capabilities - which include providing clients with the necessary reports, updates and alerts for deliverables.

Assessing supplier's liquidity and solvency
The assessment of supplier's liquidity and solvency includes the evaluation of the supplier's audited financial statements to verify that the supplier is financially stable, and that its financial position will not hamper its ability to continue providing its services.

Information security
It is advisable that a supplier should - at a minimum - demonstrate that it has the following policies, processes and controls in place for the safe, and fair management of information processed on behalf of a corporate entity:

• Information protection and privacy policy: Internal mandatory statements that define the minimum requirements for fair and secure information handling practices
• Information security policy: Internal mandatory statements that define the minimum requirements for information security - including, strong password standards, data classification, data retention storage, data destruction and data loss prevention security standards (such as patch management, application firewalls, anti-virus tools and anti-malware tools)
• Access management policy: Sets out the procedures and requirements for applying for-, granting-, managing- and revoking user access to systems, data and physical premises. This includes controls to ensure that only authorised individuals enter the company premises - including a visitor sign in process, secure remote access procedures and encryption technology
• Acceptable use policy: Contains explicit rules for individuals (employees and contractors) about the appropriate use of the firm's information assets - including networks, devices and good practice to secure such assets
• Risk management framework and policy: The defined risk management framework as it pertains to people, data, financial risk and the mitigation thereof
• Compliance policy: The defined compliance management approach - or framework - to deal with regulatory compliance as it pertains to the organisation. This includes operational-, security- and human resources compliance requirements
• Business continuity framework or plan: A process which manages and tests the organisation's business continuity, and disaster recovery capability. This includes the availability of business continuity plans, disaster recovery plans and robust backup procedures
• Security management alignment to ISO2700X, Cobit and King III
• Incident management processes
• Compliance with relevant laws: It is important for the firm to understand the corporate entity's legislative universe, which comprises legislation applicable to the entity, and the industry in which the entity operates. This will enable the supplier to include measures and controls in their operations that will ensure that - while providing the services to a corporate entity - the supplier does not cause the corporate entity to contravene applicable legislation or regulations.

Business continuity
The supplier needs to demonstrate that it has measures and controls in place, which enables it to provide services to the corporate entity, without any disruption caused by factors such as key man dependencies, technology downtime and lack of back up procedures.

The current economic climate has contributed to businesses and individuals minimising, or at least prioritising, their procurement initiatives, as corporate entities are embarking on various initiatives to save costs. Managed- and outsourced services will definitely be on the list of services earmarked for minimal procurement, as companies are beginning to scrutinise the necessity of outsourcing services to external suppliers.

Innovative firms, which address business needs at a reasonable and lower cost - compared to existing suppliers - stand to benefit from this. This practice will certainly provide suppliers offering sound business solutions, adequate risk- and compliance controls, in addition to an established track record, the competitive edge.

Leave a comment

SmartProcurement Newsletter

Please enter your details below to receive the SmartProcurement Newsletter for FREE on a regular basis.

As part of the SmartProcurement Newsletter you will be receiving World Class Procurement News, Tools, Tips, Tactics, Procurement Training updates, Upcoming Events, and the latest Procurement Career Openings.

* Email Address:
* Title:
* First Name:
* Surname:
* Company:
* Country:
* Public / Private:


Career opportunites

Demand Planning Manager

  • <500 000 Gauteng Operations, Planning & Inventory Projects / Category Management
(Total Cost to Company R750k - R900K) excluding ...More

Global Category Manager: CONTRACTS

  • <500 000 Buyer Commodities Contract Gauteng
Total Cost to Company R1mil - R1.2mil excluding

Project Manager :12-18 MONTH CONTRACT

  • <500 000 Contract Procurement Officer / Specialist Projects / Category Management
Description:A well-known retail organization is looking for an ...More

Procurement Analyst

  • <500 000 Analyst Gauteng Permanent Procurement Management
Description:A leading infrastructure development group with strong presence ...More

Commodity Manager: Fuels and Lubes

  • <500 000 Commodities Gauteng Permanent Strategic Sourcing
Description:Ensuring continuity of supply in line with business ...More

Senior Facilities Manager

  • <500 000 Gauteng Operations, Planning & Inventory Permanent Projects / Category Management
(Total Cost to Company R800K - R900K) Description: ...More

Supply Chain Analyst

  • <500 000 Analyst Permanent Supply Chain Western Cape
(Total Cost to Company R350K - R550K) SOUTHERN ...More

Demand Planner

  • <500 000 Gauteng Operations, Planning & Inventory Permanent Supply Chain
(Total Cost to Company R450k - R550k, dependent ...More

Procurement Specialis

  • <500 000 Gauteng Permanent Procurement Management Procurement Officer / Specialist
(Total Cost to Company R700k - R800k including ...More

Solutions Architect

  • <500 000 Analyst Gauteng Operations, Planning & Inventory Permanent
(Total Cost to Company R1.3Mil - R1.1Mil including ...More

Engineering Manager

  • Gauteng Industrial Engineer Permanent Procurement Management
Total Cost to Company R850k - R950K including ...More

Country Head of Procurement

  • Permanent Procurement Management Procurement Officer / Specialist
https://careers.peopleclick.com/careerscp/client_gsk/external1931/gateway.dofunctionName=viewFromLink&jobPostId=359235&localeCode=en-us CBS Procurement,Hub Head of Procurement To lead, ...More

Demand Planner

  • <500 000 Gauteng Operations, Planning & Inventory Permanent Projects / Category Management
https://www.tech-pro.co.za/pages/jobdetail.aspx#!Gauteng/Planning/Demand%20Planner/TP2005490/MSe Category: PlanningPosition Title: Demand PlannerSalary: R600 000 ...More

Head of Procurement

  • <500 000 Gauteng Permanent Procurement Management Procurement Officer / Specialist
https://www.tech-pro.co.za/pages/jobdetail.aspx#!Gauteng/Procurement/Head%20of%20Procurement/TP2005488/ZBuCategory: ProcurementPosition Title: Head of ProcurementSalary: R1.3 million ...More

Warehouse and Distribution Manager

  • <500 000 Gauteng Logistics & Warehousing Permanent Supply Chain
https://www.tech-pro.co.za/pages/jobdetail.aspx#!Gauteng/Logistics/Warehouse%20Distribution%20Manager/TP2005455/TMa Category: Supply ChainPosition Title: Warehouse and Distribution ...More

Supply Chain Manager

  • <500 000 Mpumalanga Permanent Procurement Officer / Specialist Supply Chain
https://www.tech-pro.co.za/pages/jobdetail.aspx#!Mpumalanga/Supply%20Chain/Supply%20Chain%20Manager/TP2005448/LMa Category: Supply ChainPosition Title: Supply Chain Manager ...More

Industrial Engineer

  • <500 000 Gauteng Industrial Engineer Operations, Planning & Inventory Permanent
https://www.tech-pro.co.za/pages/jobdetail.aspx#!Gauteng/Consulting/Continuous%20Improvement%20Manager/TP2005489/SNh Category: ConsultingPosition Title: Industrial EngineerSalary: R900 000 ...More

Operations Manager

  • >500 000 Gauteng Operations, Planning & Inventory Permanent Supply Chain
Our client within the FMCG industry with a ...More

Warehouse and Distribution Manager

  • >500 000 Gauteng Logistics & Warehousing Operations, Planning & Inventory Permanent
An exciting opportunity awaits for a Warehouse and ...More

Demand Planner

  • <500 000 Permanent
Get an opportunity to be part of one ...More