Streamlining the supplier risk assessment workflow

  • Release version: Washingtondc
  • Updated March 14, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Streamlining the supplier risk assessment workflow

    This guide outlines the enhancements in the supplier risk assessment workflow within the Source-to-Pay operations, specifically focusing on the Third-Party Risk Management (TPRM) capabilities. Procurement specialists can efficiently manage sourcing and purchase requests based on final risk ratings without the need for excessive manual updates or external communications.

    Show full answer Show less

    Key Features

    • Automated Triggering: The system automatically initiates a due diligence case whenever a sourcing request requires supplier qualification, streamlining the workflow.
    • Due Diligence Playbook: This playbook allows procurement teams to track risk assessments and complete necessary tasks directly within the system.
    • Elimination of External Coordination: Reduces the need for emails, phone calls, and meetings with the risk team by centralizing the process within the platform.
    • Supplier Collaboration Portal: Suppliers can complete risk assessments directly through this portal, enhancing communication and efficiency.

    Key Outcomes

    As a result of these improvements, procurement specialists and managers can expect:

    • Increased efficiency in managing supplier risk assessments with less manual intervention.
    • Improved tracking and documentation of risk assessment activities.
    • Minimized risk through structured assessments during both onboarding and ongoing supplier management.

    As procurement specialists, track activity on the Third-Party Risk Management (TPRM) records, and update and make changes to the sourcing requests and purchase requests based on the final risk rating.

    With the due diligence playbook for due diligence case types, procurement specialists no longer need multiple clicks to manually update any tasks that they need to complete during the different stages of the supplier risk assessment workflow. They no longer need to open the supplier tiering assessment and risk assessment cases that get auto-triggered whenever there’s a need for supplier qualification. With the TRPM capabilities, when a sourcing request is added to a negotiation event, in the Qualification needed state, a supplier case of type due diligence is triggered to address risk assessments. The risk team is responsible for the workflow after the due diligence is triggered.

    With this due diligence playbook, procurement specialists, sourcing managers, and procurement managers no longer need to handle these activities outside the system through emails, phone calls, or weekly zoom meetings with the risk team. There’s no need to check for any updates from the tiering assessor and update them back to their own working records. They’re also relieved from remembering or finding the appropriate records to update when the risk assessment is complete.

    The tiering assessor must complete the tiering questionnaire after the supply manager submits the tiering questionnaire. The state of the tiering assessment questionnaire changes to Awaiting response.

    The supplier contact completes the risk assessment from the supplier collaboration portal. For more information on this, see Complete a risk assessment from the Supplier Collaboration Portal.

    Note the following scenarios:
    • When Supplier Lifecycle Operations is installed, and the supplier is new, the Due Diligence Request (DDR) is created in Supplier Lifecycle Operations as a supplier case, and the due diligence case is taken care of through the onboard a supplier case.
    • When Supplier Lifecycle Operations is installed, but the supplier is old and already onboarded, the DDR is created as a procurement case.
    • When Supplier Lifecycle Operations is not installed, irrespective of whether the supplier is old or new, the DDR is created in Sourcing and Procurement Operations as a procurement case.
    For information on how Supplier Lifecycle Operations similarly assesses suppliers during the onboarding process, see Minimize risk by assessing suppliers during the onboarding process. For detailed information on the supplier onboarding playbook, see Using the supplier onboarding playbook to onboard suppliers.

    For information on how to configure TPRM, see Configuring Third-party Risk Management. For detailed information on the due diligence workflow, see Due diligence workflow.