In the Times’ latest report, Hugh Wilson takes a look into the complex world of procurement with the juggling act of cutting costs and maintaining quality, particularly during a global lockdown. Wilson gives us hope by exploring five key benefits technology could bring to help mitigate the challenges this crisis brings for procurement professionals.
Our CEO, Richard Hibbert, was asked for his thoughts for the Times article, ‘Procurement Tech to Help Weather the Storm’.
Focusing on the issues facing CPOs/supply chain managers and how cloud solutions more generally can help them, especially during a disruptive time like now. Given SureCloud has been a cloud-based native organisation since it was founded back in 2006, Co-Founder and CEO Richard gives us his insight…
What are the risks businesses could now face due to COVID-19?
“Supply chain risk and resilience has been thrown into incredibly sharp relief by the unfolding pandemic. Risk that had barely occurred to businesses a few months ago – like the fact that workers in certain countries are less likely to be equipped with laptops, making it harder for them to switch rapidly to home working – are now at the forefront of many managers’ minds. What if they are working with a consulting firm with an offshore centre based in India? There could be drastic repercussions for your business continuity.”
How would you define supply chain risk?
“Most organisations understand the importance of third-party risk management by now, but fourth-party risk and beyond remains too often shrouded in mystery. But if your third party is working with third parties – and most are, from individual consultants up to major technology providers – then those individuals or organisations are also part of your risk posture. This is why it is so important to think of your organisation’s security and risk posture as part of a chain, in which you are only ever as robust as the weakest link.”
How do organisations begin to tackle the issue of their supply-chain?
“Part of the problem is that supply chains these days are incredibly complex and dynamic, and it can be difficult to accurately map individual suppliers onto specific products, services, or business functions. Organisations need a contextualised understanding of their supply chain – they need an overarching view, which shows if supplier X has its operations in France reduced by 50%, the impact on our business will be Y.
This is where technology can help by mapping the supply chain to a service-driven or product-driven view. In turn, this helps with understanding how different suppliers intersect with and are dependent on each other, and enable an organisation to conduct a gap analysis. Cloud-based solutions can also push surveys and questionnaires directly out to suppliers rapidly and automatically build out a supply chain map.”
What should CPO’s and other professionals look for in a Supply-Chain tool?
“Supply chain audits need to take in a broad spectrum of information. It’s not just about the obvious – what cybersecurity tools do they have in place, who is responsible for which process, what the contingency plans are – but also ‘softer’ information like where their offices are based and who their customers are. Supply chain audit solutions need to be able to collect all this data as efficiently as possible, which means that cloud-based solutions are often most appropriate. Third and fourth parties and beyond can respond to digital questionnaires with the information collated and aggregated automatically. The result is a snapshot view of the health – or risk – of the supply chain at any time.”
If you would like to find out more about SureCloud’s Third-Party Risk Management Solution, then click here.
Richard is responsible for the SureCloud vision, strategy, and execution. Richard also oversees the continuous innovation of the SureCloud Platform and advises enterprises on GRC practices. Previously, Richard held executive positions at British, European and North American tech companies, where he led sales, marketing, and market development functions.
SureCloud is a provider of Gartner recognised GRC software and CREST accredited Cyber Security & Risk Advisory services. Whether buying products or services your organisation would benefit from automated workflows and insight from the award-winning SureCloud platform. All of SureCloud’s service offerings are fully compatible with the GRC suite of products enabling seamless integration of information, taking your risk programmes to the next level.