Across a three-part series of short articles, we are going to take a look at some aspects of increasing the resiliency of your business. Done right, these areas will help to build a solid foundation from which you can grow your business. Conversely, if done poorly, these areas can have disastrous consequences for your firm.
We previously considered the importance of organisational and risk culture and cyber security.
Here, we look at the key considerations around supplier management. Whether you outsource processes or just have trade suppliers, both need managed as they provide a key service to your firm.
At MacRoberts, we suggest adopting a risk-based approach to supplier management. This means that you identify your business critical suppliers first and tailor your approach to managing them accordingly. Perhaps you could operate a tiering system where more work/resource is directed at the ‘top tier’, business critical suppliers through their lifecycle of selection, take-on and oversight?
Depending on how business critical they are, that should shape your approach to their management.
Supplier selection
- Do you have a formal supplier selection process in place?
- What criteria do you use?
- What due diligence do you undertake on them?
- Do you consider capabilities in relation to information security, business continuity, fraud, modern slavery and ESG?
Supplier take-on
- Is a project required? Who should be involved?
- Is there an assigned relationship owner?
- Have you put in place a service level agreement from the outset?
Supplier oversight
- How often is the service level agreement reviewed/discussed?
- What other information do you receive from them e.g. information security incidents?
- Do you carry out annual supplier evaluations?
- Do you ask them to complete a supplier questionnaire every year or two years? This could cover topics that were asked about at initial due diligence stage to ensure no material changes.
How can we help?
MacRoberts can help you with your end-to-end supplier management processes to help increase the resiliency of your firm. If you would like further information on this, please contact our Head of Risk, Phil McCrossan.