When you’re in charge of ensuring the efficiency of your company’s operations, you have high expectations for your supply chain. You insist on offering your customers only the highest quality products and services. You also maintain a high level of security and confidentiality whenever you handle or store your customers' personal information. You know this is essential to success. But, you also use third party service providers for some of your business processes, and you need to know that these outside service providers are also meeting your company's high standards.
That's where vendor management best practices come in, and risk management assessments play a critical role as a matrix for gauging the potential success or failure of your 3PLs.When you engage a 3PL, you may be handing over core business functions. You may be giving your third party logistics partner access to your customers and their personal data. You need to know that data is safe.
Assessments can be used, not only when you are considering bringing in a third party service provider, but also periodically throughout the relationship. You need to know that your vendors are maintaining the high-quality standards that they promised to deliver.
A high-quality risk review will accomplish these goals:
- Identify the possible risks that individual vendors pose
- Evaluate whether these risks can be eliminated
- Monitor whether changes that have been promised in an existing business relationship are being successfully carried out
- Help determine what level of risk you find acceptable for your company
Putting a risk management plan into practice can be tricky. What areas need to be monitored? How can they be measured? What may seem critical to one expert in the field may be considered irrelevant by another. This can leave you wondering just what is the best way to monitor and measure the risks posed by third party vendors.
One way to answer that question is to take a page from the playbook of the world of finance.
Taking Cues from the Best in Class
Though it may seem strange for a consumer packaged goods company to take cues from a service industry, but, as noted in the 2014 Vendor Risk Management Benchmark Study, financial institutions have the most "mature vendor risk management programs" when compared to other companies. The highly regulated nature of the business demands rigor—a rigor that CPG companies would do well to emulate.
Here's a look at how the vendor management best practices used for risk assessment in the financial services industry can be applied to businesses involved with consumer packaged goods, as well.
- Have a full-time team in place. Risk assessment is too important to be relegated to a subset of another department. If at all possible, you should have a full-time risk assessment department staffed with highly trained personnel.
- Make it a continuous process. Don't think of risk assessment as simply vetting third party vendors as they join your team. It should never be a one-time process. The best financial institutions monitor their third party vendors continuously. They also have a system in place for ranking the risk posed by these vendors and responding if a vendor's risk level falls.
- Set clear goals. No business transaction in today's world of electronic payments and computer hackers is without risk. Have clear goals in mind as you set the level of risk you find acceptable for your company and its customers.
- Don't forget that your vendors may have vendors. It is possible that your vendors are outsourcing some of their own business processes. In this case, you must demand transparency. You need to know what risk management matrix your vendor is using to measure its own business partners.
Risk management cannot be ignored. It is vital to success in the modern business world. You owe it to your company and your customers to clearly understand today's vendor management best practices.