SUPPLY CHAIN GOVERNANCE
"The supply chain stuff is really tricky."
- Elon Musk
2020 may refer in the future as one of the most turbulent years of Supply Chain, resulting in an immediate assessment of the impact of globalisation on productisation and service offerings by decision makers. According to Forbes, as cited in the World Trade Organisation, the COVID-19 can substantially slow the Global growth by a few percentage points and up to one-third of global trade can fall in 2020. The pandemic is disrupting the Global and Domestic Supply Chain. Several manufacturing industries with their critical components sourced from overseas may struggle to fulfil their demands unless finding an immediate alternate source for supply.
To maintain sustainable growth, contemporary leadership must have an exceptional level of understanding of their suppliers’ value proposition in the successful delivery of goods and services. Based on insights from the industry experts, Cyber, Quality and Serviceability, Data Privacy, and Compliance risks must be considered at the top of Supply Chain risks.
The leadership team, as the accountable body, should actively monitor and improve the risks posed by their suppliers and have a proper level of understanding of Data's journey within the Supply Chain. This can be achieved by governing and performance managing suppliers against the above key risk areas and ensure the following core elements of a proper Supply Chain Governance have been considered:
Supplier Profile – who are your suppliers? What are their business context, and what goods/services do they provide to you? What Data is accessible or held by each supplier? What is the supplier’s sensitivity (either role they play or their positioning in the Supply Chain)?
Supplier Contract – based on the value of Data accessible by suppliers, what level of confidentiality requirements should they follow? Is there a list of pre-defined controls that, as part of an excellent due diligence practice, the supplier should implement over your Data? What is your expectation when it comes to supplier’s responsiveness and serviceability?
Regular Assessment – how often do you assess the supplier’s performance, security controls, Data Privacy capabilities (if applicable), etc.? How effective and efficient is your assessment capabilities?
Supplier of Suppliers – who are the indirect suppliers with access to your Data? What is their impact on the Supply Chain sustainability?
Relationship – what are the business practices for having a continuous, mutually beneficial, and healthy relationship with your suppliers?