CPOs: Why They’re Struggling With New Risk Duties

New research shows the duties of procurement staffs evolving, with ever-more responsibilities over supply risk management in coordination with various other departments within their company. Most firms, however, haven’t caught up with the times, leaving CPOs and their staffs with basic risk-management tools. PYMNTS.com takes a look at some recommendations for helping companies mitigate the risks associated with their procurement processes.

Over the past few years, chief procurement officers and their staffs have taken on increased supply risk-management responsibilities. Typical procurement departments, however, still use relatively unsophisticated practices to support the role change, and many still are focused only on taking fundamental risk-management steps, new research suggests.

In its latestannual report, “CPO Rising 2014: Convergence,” Ardent Partners surveyed 273 chief procurement officers and other procurement executives to gather views on their perspectives and intentions to address emerging procurement trends.

Over the past few years, the report found, the enhanced influence CPOs and their procurement teams have and the value they provide has caused their roles to converge with those of others across the enterprise, including those in such traditionally siloed departments as accounts payable/finance, human resources, IT, legal and operations. The CPO subsequently has become a “Jack of All Trades,” as their responsibilities are growing each year.

Among the newest responsibilities involves supply risk management, which 59 percent of sourcing and procurement leaders surveyed said has evolved into a new duty for them over the past five years. Ardent attributes this shift to increasing recognition that supply risk management is a traditional procurement process, and when a supply risk management program is initiated, procurement is best positioned to manage it given its influence and reach across all stakeholders, both internal and external.

“As a result, more and more CPOs and their procurement teams are the ones to work with AP/finance, HR, IT, legal, regulatory affairs, and the supplier base to identify, prioritize, and mitigate a whole host of risks for the organization,” the report noted. “These risks can include business continuity, financial, operational, reputational, regulatory, or political risks.”

Most companies, however, are focusing their attention on primarily basic risk-management issues, such as defining basic metrics and parameters and centralizing their information sources and records. As a result, many procurement teams remain challenged in handling risk-management duties, the report noted.

“For instance, best-in-class procurement departments are more than twice as effective as all others at implementing a standard governance, risk management, and compliance program, but the best-in-class are still, by their own accounts, somewhere between ‘good’ and ‘satisfactory,'” when it comes to governance and risk management, the  report noted. “Clearly, even though they’re leading the procurement pack, the best-in-class could pick up the pace of their supply risk management efforts.”

As Ardent noted in the report, supply risk management is a moving target that’s only getting more difficult to hit in today’s “global, hyper-kinetic” business world. The bigger an enterprise is in terms of customers, locations, infrastructure, suppliers and supply chain, the greater the chance something somewhere could go wrong.

Moreover, identifying, prioritizing and mitigating (or accepting) risk without the right staff, processes and technologies to collect and analyze supply risk information efficiently is all but impossible, the report contended. But the typical procurement department still uses relatively unsophisticated supply risk-management practices, it noted.

Despite the associated challenges, however, procurement’s convergence across the enterprise means it increasingly must manage supply risk. To help procurement teams improve how they handle their enhanced responsibilities, Ardent’s report suggested they focus on a few chief tasks:

Assess needs

One size does not fit all for procurement teams, especially as it applies to  supply risk management. As such, larger enterprises with a more robust global footprint likely will manage greater risk than will small or midsize companies, according to the report.

Conversely, smaller organizations may not be able to accept a certain type or level of risk that a larger organization could. Indeed, risk is relative, specific, and subjective, so before investing in a more robust risk-management program, organization should understand t their needs and size their investments accordingly, the report notes.

Train/retrain staff

Because the responsibility is so new to them, procurement staffs tend to be slightly below average when it comes to managing supply risk. So before deciding whether to invest in new technology or to leverage existing products or services, the report recommends ensuring that one’s procurement team is capable of handling the duties.

Examine/reengineer business processes

With procurement’s convergence with other business units, it touches many other parts of the enterprise and has access to more people and information. As a result, companies should reconsider how procurement departments gather information regarding risk and how they go about prioritizing and mitigating it. “With procurement converging with AP/Finance, HR, IT, Legal, and Operations, all of these stakeholders, as well as external stakeholders like customers and suppliers, now play a part in the supply risk management process; this process should loop everyone one,” the report notes.

Staying informed

Change and risk occur so frequently and so fast that today’s news is yesterday’s risk, the report notes. Subsequently, procurement departments must stay on top of quickly evolving natural and man-made events by using modern information management and supplier information management tools. These can range from basic social media outlets such as Twitter that put “eyes on” local events to more robust, purpose-built tools that track events worldwide that may put supply lines or sources at risk. Such knowledge will come in handy as company look to invest in the appropriate risk-management technology.