NETWORKING EVENTS. The SIG Webinar will begin shortly. Once the webinar begins, the sound will come from your computer speakers.

Transcription

1 The SIG Webinar will begin shortly. Once the webinar begins, the sound will come from your computer speakers. In the meantime, please take a look at the upcoming SIG networking events listed on the right side of your screen and plan to join us if you are in one of these cities this fall. NETWORKING EVENTS GLOBAL SUMMITS Oct Huntington Beach SYMPOSIUMS Nov 10 San Francisco Bay Area REGIONAL ROUNDTABLES Nov 5 Raleigh, NC For more information and to register for all SIG events:

2 RECENT POSTINGS The SIG Career Network is bursting with opportunities. New jobs are posted daily by some of the best known global companies in the world for those seeking careers in sourcing, outsourcing, procurement and related functions. NEW to the Career Network! Guardian Life Insurance posted Oct 14: Manager, Vendor Management Travelers posted October 14: Procurement Program Manager University of Notre Dame posted Oct 13: Associate Director, Strategic Sourcing N. Carolina State Univ. posted Oct 13: Director Travelers posted October 8: Sourcing Manager Sourcing Manager - IT Orlando Utilities Commission posted Oct 8 Director, Procure-to-Pay American Financial Group posted Oct 7: Strategic Sourcing Representative Sr. Strategic Sourcing Representative Best Buy Co., Inc. - posted September 29: Sr. Manager IT Sourcing, Software For more information go to:

3 SOCIAL MEDIA Stay connected with other SIG members through various social media channels bit.ly/siglinkedin bit.ly/sigyoutube bit.ly/sigfacebook Join the discussion in SIG s Peer2Peer Resource program too!

4 Upcoming Free SIG Webinars: November 5, 2015 Solution Deep Dive: How to Take Your Vendor Governance and Risk Management Capability to the Next Level Presented by Enlighta November 10, 2015 European Court Halts Flow of Personal Data from EU to US Through Safe Harbor Exception Presented by Mayer Brown November 12, 2015 Building a Procurement Analytics Platform to Mitigate Risks and Empower Category Strategies Presented by IBM New Topic Each Week 2:00 pm Eastern (11:00 am Pacific) Register at For more information and to register for all SIG events:

5 SIG Town Hall Teleconferences bring a small group of buy-side ONLY attendees together for a facilitated discussion on top-of-mind issues in an open-mic, private conversation. Town Hall Teleconferences are NOT recorded. Calendar of Town Hall Teleconferences Taking place at 1:00 pm Eastern on the following dates: February 11 August 12 April 8 September 9 May 13 October 14 June 10 November 11 July 8 December 9 Upcoming Town Hall Teleconference: November 11 th High Performance 3 rd Party Management: Designed, Built and Implemented Presented by: Mark Anthony Vita Strategy Engagement Manager Accenture For more information and to register for all SIG events:

6 SIG Symposiums and Regional Roundtables provide education and local networking for members and invited non-member corporate users Symposiums 2015: Minneapolis, MN Mar 25 Toronto, Canada June 1 Columbus, OH Sep 17 New York, NY Oct 15 San Francisco Bay Area Nov 10 Regional Roundtables 2015: Chicago, IL April 29 Atlanta, GA May 6 Houston, TX May 13 London Sept 16 Raleigh, NC Nov 5 For more information and to register for all SIG events:

7 Recent speakers include: SIG Global Summits are semiannual events with decision-makers in attendance Non-commercialized Hundreds of industry thought leaders 70% buy-side 4-5 keynote sessions Global brands 3 days of networking CPO Roundtables Nearly 50 breakout sessions 69% of delegates are director level or above, of which 43% are VP/C-level

8 Online learning environment Sourcing and Governance certifications with Professional and Executive level courses Modules with lessons, formative assessments, summative testing and final proctored exam Certification good for 5 years Interested in providing input? Let us know! For more information go to:

9 Finding tomorrow's supply chain professionals today Partnering with Universities Introducing students to seasoned supply chain executives Sharing thought leadership with students in class, SIG University courses and at SIG events Giving access to internship and job postings on the SIG Career Network Allowing students to get real world insight into supply chain careers For more information go to: sig.org/student-outreach.php

10 Supplier Risk is Your Risk: Are You Prepared? October, 2015

11 Speakers Padmini Ranganathan Vice President, Product Management Ariba, an SAP company Ryan Flynn Principal Deloitte Consulting, LLP Kelly Watson Principal Solutions Consultant Ariba, an SAP Company 11

12 Agenda Need for Supplier Risk Management and Why is it Challenging Addressing Supplier Risk with Ariba Solutions Best Practices in Supplier Risk Management Deloitte Solution Demo Q&A 12

13 In an Integrated Global Economy, Supplier Risk Is Your Risk Mergers & Acquisitions Corporate Restructuring Financial Instability Natural Disasters Geo-Political Movements Supplier disruptions create multiple pitfalls for executives Loss of revenue Diminish shareholder value Tarnish brand repute Regulatory & Compliance Changes Operational disruptions 13

14 Ariba Solution: Extending Supplier Information & Performance Management with Risk Insights Ariba Supplier Information & Performance Management (SIPM) and Supplier Infonet help enterprises monitor, measure, and mitigate supplier risks by enabling them to manage the full supplier lifecycle spectrum and as well as delivering continual real-time insights on all risk events that affect the supplier ecosystem. Qualify On-board Engage Analyze Supported by external risk insights, compliance checks and early warnings Monitor Aggregate supplier information and risk profiles from external insights and a configurable webbased supplier questionnaire and document portal Synchronize supplier information with existing systems, manage supplier approval workflows and certifications Engage suppliers and establish performance measures and risk thresholds Analyze supplier performance and supplier risk using out-of-the-box and custom reporting tools Monitor multi-tier supplier risks on real time basis and trigger mitigation workflows 14

15 Helping You Manage Risk Across the Full Spectrum of Your Supplier Base 1 Business Critical Suppliers/ Partners Actions Initiate supplier performance and risk management tasks to evaluate suppliers on a recurring basis Define user tasks, workflows and analyze supplier performance Map supplier tiers and track risk across all risk parameters Enrich existing supplier information with third party scores for additional validity +Tier 2 and Tier 3 actions 2 Preferred Suppliers/ Operations Critical Suppliers 3 Tactical Engagement Suppliers Actions Assign supplier groups to category managers Selectively roll-out of supplier performance and risk assessment initiatives Define supplier risk events/ exposures of relevance and initiate workflows for risk alerts Track operational, financial, regulatory and location risks realtime + Tier 3 actions Actions Qualify and onboard suppliers Allow supplier to maintain information using self-service Track reputational and brand risk 15

16 Key Elements in the Ariba Offering Network-Driven Visibility, Real-time Insights, Robust Performance Management Supplier Qualification and Onboarding Customer website integrated supplier questionnaire that facilitates self-service registration Synchronization between Ariba Sourcing and supplier profile to ensure information is current Supplier ease of use through a unified seller console that allows single supplier login across all Ariba solutions Supplier Management Dashboard Supplier Performance Measurement Built-in supplier performance measurement project workspaces with recurring tasks User defined workflow triggers for out-of-threshold scores, Best-Practice expertise on building Key Performance Indicators/ Key Risk Indicators, scorecards and surveys Real Time Supplier Risk Visibility Multi-tier Supplier Risk Visibility Sematic analysis of web data to identify risk events that the supply base is exposed to Predictive intelligence to assess risk potential and impact Supply base risk profile that extends to supplier parentchild and n-tier supplier levels 16

17 In-Depth Supplier Risk Visibility Receive early alerts on risk events affecting your supplier ecosystem using semantic analytics of data from over 200,000+ sources Track suppliers based on user defined thresholds on risk event types and frequency Calculate risk exposure and impact, based on performance and risk indicators Ability to assess risk in a multi-tier supplier hierarchy Interactive geo-map visual based on user-defined parameters to compare suppliers and regions at risk Intuitive risk views on supplier parentchild, suppliers operating locations for risk traceability 17

18 Example : Identifying Slavery in the Supply Chain There are an estimated million forced laborers in global supply chains today 18

19 Example: Identifying Slavery in the Supply Chain 19

20 Poll Question Which functions in your organization does your supplier risk management processes serve currently ( Select all that apply ) - Legal - Sourcing and Supply Chain - Finance - Compliance and CSR - IT 20

21 Agenda Need for Supplier Risk Management and Why is it Challenging Addressing Supplier Risk with Ariba Solutions Best Practices in Supplier Risk Management Deloitte Solution Demo Q&A 21

22 Supplier Risk Management Deloitte Consulting LLP October 2015

23 Supply chains are continuously exposed to a multitude of risks, emanating from within and outside of their value chains Supply Chain Risk Framework Macro environment risks Have potential effects across the entire supply chain Extended value chain risks Originate in upstream and downstream supply chain partners Operational risks Relate to internal process risks Develop Plan Source Make Deliver/Return Supply Demand Tier N Tier 1 3 rd Party Services Distributors End Users Economic Environmental/Socia l Responsibility $ Geopolitical Hazards! Infrastructure / Resources Regulatory Security Functional risks Exist among enabling functions that support supply chain processes Finance Human Resources Information Technology Legal $$$ Client Logo Note: Though not depicted above in order to maintain simplicity, risks are often highly inter-related with impacts spanning across functions internal to the company and externally within the extended value chain. Client Logo

24 A Supplier Risk Management program should effectively monitor and manage all key third party relationships across an organization Corporate Functions Sales Finance Logistics Operations HR IT Supplier Risk Management Program Provide central visibility to business relationships Measure, monitor and manage relationships risk, performance, and compliance Manage relationships proactively vs. reactively Deepen and improve key relationships Improve top ad bottom line performance Buy Side Partners Direct Materials Suppliers Indirect Suppliers Contract Manufacturers Outsourced Service Providers Other Third Parties Tier N Suppliers Marketing Agents Procurement Alliance Partners Client Logo Client Logo

25 A key first step in building a capability to manage supplier relationships is to define the type of risks you want to measure, monitor and manage 10 Business Continuity Risk Vendor is unable to continue providing products / services 1 Compliance Risk Vendor actions are inconsistent with legal, regulatory, or policy requirements 2 Reputation Risk Vendor s issues effect company brand 9 Info Security Risk 3 Strategic Risk Vendor is able to access information outside of defined business requirements Supplier Risk Domains Vendor is not aligned to organization s strategic objectives 8 Geo-political Risk 4 Financial Risk Country-specific factors (e.g., government, climate) affect vendor performance Vendor cannot meet contractual obligations due to financial difficulties 7 Contractual Risk Service / product provided by the vendor is incompletely defined in the contract 6 Credit Risk Vendor is unable to make payments it is obligated to 5 Transaction / Operational Risk Vendor is unable to deliver products / services appropriately Client Logo Client Logo

26 Objectives and Outputs A repeatable, scalable process is required to efficiently and effectively identify, monitor and manage supplier risk Supplier Risk Management Processes Due Diligence and Strategic Sourcing Supplier Negotiations and Contracting Supplier Onboarding and Management Assess Inherent Risk Identify Risk Mitigants Assign Residual Risk Rating Ongoing Testing and Monitoring Evaluate engagement based on agreed-upon risk criteria, including identification of risk areas present, materiality, and IR rating Determine risk mitigants (contract or operational controls) to apply based on inherent risk and engagement type Review effectiveness of risk mitigants and determine residual risk rating, which drives ongoing monitoring Evaluate and monitor the effectiveness of risk mitigants and update residual risk rating if needed Client Logo Client Logo

27 Since risk may not be tied to criticality or spend, risk profiling and tiering is used to identify high risk suppliers up front and focus risk mitigation efforts on them Supplier Risk Profiling and Tiering What Identify highest risk suppliers among the broader population Define specific risks and level of risk to understand risk exposure and mitigation strategies How Assess each supplier against a pre-defined set of questions to understand the inherent risk Determine residual risk through additional due diligence Why Focus on highest risk suppliers by bucketing suppliers into risk tiers Determine level of ongoing monitoring and management to reduce risk Ongoing Risk Management Vendor Segment Definition Appropriate Number of Vendors Pre-Selection Risk Management Activities Post-Vendor and Ongoing Management Activities High Risk Vendor (10-15%) Approved vendor that may cause: Significant financial loss (e.g., >$1M) Long-term / irreparable reputational damage. Top 50 vendors by spend 10% of highest-risk vendors Vendor Risk Assessment Business Continuity Review Financial Stability Review SSAE 16 Review Completion of all required risk assessments Specific contractual language. Medium Risk Vendor (20-25%) Low Risk Vendor (55-65%) Approved vendor that may cause: Moderate financial loss (e.g., $100K - $1M) Temporary reputational damage. Approved vendor that may cause: Insignificant financial loss (e.g., <$100K) Little to no reputational damage. Next 20% of highest- risk vendors Vendor Risk Assessment Completion of necessary risk assessments Vendor self Assessments or SSAE % of lowest-risk vendors Annual rating review Trigger event monitoring Client Logo Client Logo

28 A robust SRM program is based on adoption of key governance building blocks supported by enabling technology and data Govern Manage Procedures Strategy Organization Policies Guidelines Communications, Training and Awareness A formal strategy defining the SRM role within the enterprise risk management function exists for a single view of supplier risk across the organization Well defined roles and responsibilities exist to develop an optimized organizational structure to manage the supplier assessment lifecycle, including termination activities Policies, procedures and guidelines defining risk assessment methodology and activities, risk tolerance levels and integration points with other supplier and risk management functions exist to ensure consistency and quality in program activities Coordinated communication channel exists to inform stakeholders of SRM and the business value of the program Programs to educate stakeholders of responsibilities at all stages of the supplier management lifecycle Audit & Compliance Program Assessment Supplier Assessment Formal processes exist to assess the effectiveness of the EBRM program against program requirements and organizational requirements Operate Technology and Tools Tools and technology drive groups to use common risk management processes, which enhances the effectiveness and efficiency of the program. Metrics and Reporting Metrics and reporting requirements exist for risk assessment activities and program operational components to ensure data quality and accuracy and audience specific reporting Client Logo Client Logo

29 A SRM solution must fit within the broader source-to-pay technology landscape, with integrations to contract lifecycle management, procure-to-pay and other systems Source to Contract Modules Procure to Pay Modules esourcing Contract Management eprocurement Invoicing Opportunity identification and assessment Virtual project workroom erfx: RFI, RFQ, RFP On-line negotiations Reverse and forward auctions Online collaborative scoring Centralized contract repository Automated monitoring for contract expiration Automated contract authoring with approval workflow Contract controls enabled in standard templates Electronic catalogs and transactional contracts Requisition and Purchase Order approval routing Real time transaction status Electronic receipt Electronic invoices / payments Manual invoice scanning capabilities Approval and query resolution workflow Online supplier queries Electronic archiving Line Item Pricing and Terms Contractual pricing, terms and conditions Approved PO s, electronic invoices Supplier Management (Onboarding and Risk, Performance and Data Management) Supplier qualification and on boarding Contract controls applied based on risk presence SLA tracking and performance management Automated alerts and notifications Relationships segmented by inherent and residual risk Supplier account creation and info/document management Flexible role-based approval workflow Supplier management dashboard and reporting Spend Analysis & Reporting Sourcing opportunity identification Sourcing process reporting Real-time contract usage Contract compliance reporting Spend tracking and management reporting Purchasing behavior insight Tax compliance, spend information Client Logo Client Logo

30 Poll Question What types of supplier risks are you most interested in tracking ( Select all that apply ) - Regulatory and Compliance Risk - Operational Risk - Location and Geo-Political Risk - Reputational Risks - Financial and Credit Risk 30

31 Agenda Need for Supplier Risk Management and Why is it Challenging Addressing Supplier Risk with Ariba Solutions Best Practices in Supplier Risk Management Deloitte Solution Demo Q&A Client Logo Client Logo

32 User Request 32

33 User Request 33

34 User Request 34

35 User Request 35

36 Processing User Requests 36

37 Processing User Requests 37

38 Processing User Requests 38

39 Processing User Requests 39

40 Processing User Requests 40

41 Vendor Risk Review 41

42 Vendor Risk Review 42

43 Vendor Risk Review 43

44 Supplier Qualifications 44

45 Supplier Qualifications 45

46 Supplier Qualifications 46

47 Supplier Infonet 47

48 Supplier Infonet 48

49 Supplier Infonet 49

50 Supplier Infonet 50

51 Supplier Infonet 51

52 Search and Reporting 52

53 Search and Reporting 53

54 Search and Reporting 54

55 Q&A 55

56 Thank You Contact Information: Padmini Ranganathan Ryan P Flynn rpflynn@deloitte.com Kelly Watson Kelly.watson@sap.com Keertan Rai Keertan.rai@sap.com 56