Where does vendor risk management fit into your program? The answer: everywhere.
This is not an overstatement. As a professional, the scope of your role is continuously evolving. In addition to satisfying compliance and audit requirements and addressing general risk, your program incorporates dynamic plans to address your facilities and workplaces, safety and security, your supply chain, the workforce, and all the technology that keeps your business running. It is likely that many (if not all) of these areas rely upon external vendors in whole or in part. Vendor risk management is therefore not a standalone activity that can be addressed in isolation, but a holistic concern that affects your entire organization.
The degree to which organizations can be impacted by a vendor failure has been more than demonstrated in recent news headlines. For example, in February 2018, over 600 Kentucky Fried Chicken (KFC) stores in the United Kingdom closed for most of the week because of issues with the logistics firm DHL. With no chicken to serve customers, KFC lost sales in excess of £1M per day. And in May 2018, the auto parts supplier Meridian Magnesium had a fire. As they were a sole source supplier for Ford Motor Company, production of F-150 trucks came to a halt, thousands of workers were laid off, and $60M per day in revenue was lost until production could be restarted.
To avoid seeing your company’s name in the headlines because of a vendor failure, it is important to have a firm grasp on the breadth and depth of vendor risk management. You can then be confident that you are delivering maximum value for your enterprise and your customers.