Book Review: Procurement Risk

“Do yo like living dangerously? Then you should read this book. It exposes you to over seventy types of risk you  you can take in your business life.” Those are the opening words of the most recent book on my night stand.  Written by Richard Russill, the title Procurement Risk is perhaps misleading, as this book risk is just as much about supply chain risk or enterprise risks in general. In fact,  the book makes a strong argument for procurement risk management being just a short step away from business continuity management. Not only will this book help procurement professionals to lift their head from their desks and gain a wider perspective on possible ramifications of their purchasing decisions, it will also help top managers to seeing procurement as a crucial contributor to a company’s well-being and competitive advantage.

Business Risks

This book  is of part of the Gower Short Guides to Business Risk series, so far covering topics such as reputation risk, political risk, fraud risk, ethical risk and customs risk, and with more topics on the bedding: operational risk, compliance risk, kidnap and ransom risk, corruption risk, equality risk and how to facilitate risk management. I guess this list could go on forever, and A Short Guide to Procurement Risk is my first review of the books in this series, and it will probably not be the last, as most of them, if not all, tie in nicely with supply chain risk.

The “Risk Catcher”

The book’s structure and individual chapters are built around a “risk catcher” figure, a pentagon where each corner represents the five different risk landscapes where business risk are lurking:



  • External dependencies
  • Market Conditions and Behavior
  • Procurement Process
  • Management Control
  • Handling the Unexpected

Using the risk catcher figure, it is possible to identify which risk landscape that needs particular attention, and each chapter provides examples of potential risks and what the remedies look like. This figure is at the heart of the procurement risk management process.

 

None of the five risk landscapes is more important than the other. They must be viewed together, not separately, especially so because they are likely to the  separate responsibility of different persons in your organization, but it is only by crossing each other’s territory that comprehensive risk management is possible.

External Dependencies concerns the reliance on supply companies; their values and viability; performance, and the durability of supply chains. Market Conditions and Behaviours concerns the competitiveness or otherwise of supply markets; supply availability; price trends and the regulatory context. Procurement Process covers the way different people work together in all decision-making and behaviours which affect the customer’s dealings with suppliers. Management Controls refers to the proper use of authority in the company; the framework whereby it is delegated and the principles expected to be employed. In effect this is the DNA of the procurement process. And the Ability to Handle the Unexpected means just what it says.

Each risk landscape is covered in detail in the five chapters following the introduction, before chapter seven provides a step-by-step guide showing the procurement risk management process in action.

Self-Assessment

At the end of the first chapter, before diving into the risk landscapes, is a self assessment questionnaire, listing five statements for each of the five elements, meaning that you will receive a full score between 5 and 25, depending on the degree of procurement risk management that your company subscribes to. The score for each landscape can be transferred to the risk catcher, clearly displaying areas that need further attention. For the fun of it, here are the five statements with the lowest score:

  • Procurement is non-existing as an identifiable defined process in the company.
  • Orders and contracts are casual or ad hoc and are usually on suppliers’ terms and conditions.
  • Nothing is codified…all decisions and actions are intuitive and/or require top level approval.
  • The customer generally feels helpless and is glad to get what they can.
  • We know that the unexpected can happen, but we hope that it won’t.

If you answered yes to all these statements, then yes, you really do need help.

The Risk List

When going over the chapters and counting the risks listed, I ended up with only 68 risks, not over seventy, but I may have missed some hidden in the text and not listed as bullet points. Some bullet points did actually list multiple risks, so the previous statement holds. Well, I guess I will not be revealing too much from the book if I list these 68 risks. After all, my book reviews are always a mixture of review and summary anyway. Besides, to remedy these risks you will still have to buy the book and read the how-to.

External dependencies

  • poor supplier performance
  • supplier pre-occupation with major projects (not you’rs)
  • weak links in the physical supply chain, losses and misdirections
  • damage to, and losses of, items still in the supply chain
  • false sense of security created by long-term agreements
  • contract claims and penalties; under-compensation for losses
  • hostile supplier action and exploitative behavior
  • over-assessment of importance of one’s business to the supplier
  • over-dependence on too few sources
  • pushing suppliers to far
  • failure of outsourcing strategy
  • supplier bankruptcy

Market conditions and behaviors

  • price and supply volatility
  • upward price pressures
  • lack of early warning of price and capacity changes
  • supply shortages due to competitor demands, global events or natural disasters
  • loss of competitive source because of mergers and acquisitions
  • over-eagerness to source in low-cost countries
  • unexpected changes to regulations
  • unfavorable currency movements
  • being held hostage to monopolies
  • being targeted by supplier cartels
  • invoicing scams
  • information brokering
  • disrupted  e-auctions

Procurement process

  • release of information which reduces negotiating power
  • commercially unaware behavior (buying signals, sales tactics)
  • poor specifications
  • insufficient standardization
  • no early procurement involvement (specifications, alternatives, funding)
  • make versus buy not considered
  • wrong assessment of potential suppliers suitability
  • flawed contract strategy with potential contract loopholes
  • inappropriate market approach tactics
  • corrupted bid responses and tender evaluation
  • insufficient use of negotiating power
  • over-focus on price and inadequate assessment of total cost of ownership
  • ‘soft money’ ignored
  • inappropriate or poor supplier relationship management
  • asset disposal mishandled
  • insufficient market analysis of competitive dynamics, capacities, cost drivers
  • under-trained personnel

Management control

  • unworkable or inappropriate procedures
  • biased selection of ‘three-bid invites’ and over-reliance on favored suppliers
  • unofficial or unauthorized commitments to contract
  • breach of confidentiality
  • internal fraud and ‘backhanders’
  • corrupted tender evaluation
  • abuse of commitment authority and call-off agreements
  • invoices paid twice or not at all; payment for goods not received
  • unchecked price increases
  • failure to benefit from volume price-breaks
  • failure to control the letting of leases
  • over-control
  • speculative buying
  • flawed authorization of contract changes and claims

Handling the unexpected

  • failure to anticipate potential events
  • over-reliance on predictive tools
  • no strategy or master plan to provide frame of reference for dealing with unexpected events when they occur
  • ad hoc reactions to events which diminish public confidence in the company’s ability to manage a crisis
  • delayed or deficient responses which allow better-prepared companies to secure their competitive advantage
  • rigid autocratic management styles which paralyze company personnel and prevent people from using personal initiative and expertise at ground level
  • a helpless mindset

Each of the risks above is covered in detail, alongside possible consequences of not taking action against it, and possible options for mitigating it. I’m not sure I could come up with more risks, and I’m genuinely amazed at the breath of risks that this little book covers, as it is pocketbook size and has mere 132 pages. Perhaps not as organized as the risk classification in Harland (2003), but more hands-on. And although not explicitly mentioned as such, the pitfalls of single, sole, dual or multiple sourcing are well covered in the above list.

Procurement Risk Management

The last chapter is  a short step-by-step guide on how to manage procurement risk, based on the author’s own definition of what ‘being at risk entails:

Being ‘At Risk’ = Impact × Probability × No Mitigation
where Impact = Exposure ×Event

Effective Procurement Risk Management does include accepting some risks, with these situations being monitored to avoid being caught out if things change. Other situations can be left ‘at risk’ but contingency plans are ready should risks materialise. And where real trouble lurks, urgent action is required followed by regular audit.

The steps are as follows:

  1. Gather data
  2. Decide which supply categories to examine first (using Kraljic’s famous four boxes)
  3. Identify potential disruptive events
  4. Assess impact and probability
  5. Focus on events requiring action to remove ‘at risk’ situations
  6. Put risk-reduction strategies in place
  7. Regularly monitor internal and external events to signal risk alerts

Using these steps, along with the risk catcher diagram, so the author says, a company’s procurement risk management transforms from initial Ignorance via Awareness and Evaluation to Management. After reading the book I am quite sure that he is right. All it takes is dedication and effort.

Conclusion

This book calls itself  ‘a short guide’. It is not. It may be small on the outside but it is big on the inside. It is packed with useful information, for the procurement professional, for the supply chain manager, for the CEO, for any business owner.  Even for the supply chain risk researcher, who is likely to find he exhaustive list of risks particularly useful. Truly, this book is about so much more than procurement, it is about so much more than the supply-side risks in the supply chain, it is about any kind of business and how to do your business well.

Reference

Russill, R. (2010) A Short Guide to Procurement Risk. Farnham: Gower Publishing

Author link

Publisher link

Buy this book

Related posts

Posted in BOOKS and BOOK CHAPTERS
Tags: , , , , , ,

ARTICLES and PAPERS
How to Design Mitigation Capabilities
There hasn't been a literature review on this blog for a while, so it's time to pick up where I left[...]
Global supply chain risk management strategies
A case of mistaken identity, or so I thought, but it's not. There are in fact two separate articles,[...]
BOOKS and BOOK CHAPTERS
SME Risk Management
Small and medium-sized enterprises (SMEs) make up the majority of enterprises in most countries, and[...]
Risk and resilience in maritime logistics
This week's focus are risks in the maritime supply chain and today's paper sets out a framework for [...]
REPORTS and WHITEPAPERS
Assess the vulnerability of your production system
So far I have reviewed "international" literature and web sites, and it is only fitting that now it [...]
When disaster strikes...
...how does the transportation network recover? And why are transportation networks so essential to [...]