Wednesday 31 August 2016

Overcoming Barriers to Effective Supplier Risk Management

Overcoming Barriers to Effective Supplier Risk Management

Businesses both large and small have the same challenge.  How to keep up with auditing suppliers new and old for security risk.  Too many are constrained by manual processes and the impacts that has on reporting.  We look at some of the common factors:


Existing approaches can be daunting, requiring the capacity to dedicate a team of people to control and manage thousands of suppliers. Existing tools and manual processes are resource-heavy and often result in only a small percentage of suppliers being audited, meanting the organisation has no comprehensive oversight of its risk.


Assessing supplier risk often requires large-scale, cross-departmental collaboration across Legal, IT, Information Security, Risk & Audit, Procurement and more.  An integrated approach and reporting can be a challenge.


The decision on which standards to use can prove protracted and external consultancies can prove to be expensive and rigid and take time to implement new procedures and policies.


Traditional tools can prove cost-prohibitive when managing internal resource overhead, using expensive consultants, or implementing and managing unwieldy, high-cost, in-house software.

Management Reporting

Compiling, analysing, validating and verifying data from individual spreadsheets across multiple departments makes the production of meaningful reports for senior management a labour-intensive task, meaning it takes longer for critical risks to be identified.

So how to analyse your full supply chain?  ZeroDayLab's Supplier Evaluation Risk Management (SERM) service can help.  Find out more here.