Press esc to head back

Procurement risks are best understood as opportunities for something to go wrong or not happen as planned. Risks are essentially events that are uncertain in terms of their occurrence or impact on an organization's ability to achieve its goals and objectives. They also include events that have already happened but haven't had enough time to play out yet (known as "delayed consequences").

Risks are anything that can happen in an organization that will negatively affect its ability to achieve its goals or objectives—and there are many ways these risks can manifest themselves: late deliveries, quality issues, company reputation, litigation costs, and loss of revenue or even a client.

RL-021 Ver 1.0 (Jan 24)

Confidential & Proprietary | 2024 CBRE Inc.

Back to Top

What is Procurement Risk ?

Useful Links

Resource Library

Managing Procurement Risk

Resource Library

Page 1 of 2

CBRE Procurement Policy

The need to manage Risk

Present-day procurement has evolved and has changed from being just a cost-cutting process to a strategically significant one that directly impacts operational profit and processes.

Managing risks across the procurement process can help provide the following key benefits:

  • Proper and responsible use of resources
  • Enhanced service
  • Improved supplier and client relationships
  • Increased appetite for innovation
  • Better customer service
  • A data-driven culture that puts business-altering insights at your reach

Steps in the Management of Procurement Risk

PEP
Supplier Code of Conduct
  • Conduct a comprehensive risk assessment to identify potential risks associated with the procurement contract. This can include risks related to supplier selection, contract terms, financial stability, market conditions, or regulatory compliance
  •  Assess the likelihood and potential impact of each identified risk. This can be done through techniques such as risk probability and impact analysis or qualitative and quantitative risk analysis

What are common procurement Risks ?

Improve

Data Analytics

Accelerate Digital Transformation

Reduce

Spend Cost

Manage & Mitigate Inflation

Reduce Procurement Risk

5

4

3

2

1

Poor Supplier relationship management

5

Poor Contract management

4

Supply Chain

disruptions

3

Poor or wrong Supplier selection

2

Inadequate Needs Analysis

1

  • Having a clear understanding of the needs, when and why, and how we will source them

Document the reasons:

  • who needs the goods or services ?
  • how the goods or services will benefit the client ?
  • when are the goods or services needed ?
  • What are the geographical locations ?
  • Follow a transparent and easily accessible evaluation method with a carefully audited process for review
  • Ensure ESG considerations are included in the process
  • Understand how ESG affects our business processe
  • Embed ESG into all aspects of the contract
  • Respond quickly to disruptions
  • Gain a better understanding of our supply chain
  • Get granular visibility across not just our Suppliers but all those upstream
  • Map Supplier capabilities to determine the best way to fulfil supply needs
  • Avoid poorly constructed contracts
  • Regularly audit the contract and its management process for inefficiencies and subsequent failures
  • Ensure Suppliers are met regularly
  • Avoid escalating unless necessary, and learn to talk the relationship through its rough spots
  • Some common Supplier relationship management flaws to look upon:
    • Not understanding the Supplier's track record
    • Communication problems or gaps 
    • Lack of transparency
    • Failing to maintain relationship harmony 
    • Unfavorable contract terms 

Inadequate Needs Analysis

Reduce Procurement Risk

Identify and Assess Risks

1

Inadequate Needs Analysis

Reduce Procurement Risk

Allocate Responsibilities

3

Inadequate Needs Analysis

Reduce Procurement Risk

Develop Risk Management Strategies

2

  • Once risks are identified and assessed, develop strategies to mitigate or minimize these risks. This can involve various approaches such as risk avoidance, risk transfer, risk reduction, or risk acceptance
  • Develop specific risk management plans for each identified risk, outlining the actions to be taken, responsibilities, and timelines. This could include drafting clear contract terms and conditions, setting performance metrics, or including penalty clauses
  •  Clearly define the responsibilities and obligations of each party involved in the contract. This includes the buyer, Supplier, and any third-party stakeholders
  •  Ensure roles and responsibilities for risk management are communicated and understood by all parties. This promotes accountability and ensures that each party knows their obligations in managing the identified risks
  • Continuously monitor the progress of the contract and regularly review the effectiveness of risk management strategies. This involves tracking key performance indicators, conducting periodic audits, and reviewing supplier performance against agreed-upon metrics
  • Implement a robust reporting mechanism to identify and escalate any emerging risks or issues promptly. This allows for timely action to be taken to mitigate or address the risks

Inadequate Needs Analysis

Reduce Procurement Risk

Monitor and Review

4

Inadequate Needs Analysis

Reduce Procurement Risk

Learn from Experience

6

Inadequate Needs Analysis

Reduce Procurement Risk

Take Corrective Actions

5

  • In case of any identified risks or issues, take appropriate corrective actions. This may involve revising contract terms, renegotiating pricing or delivery schedules, or engaging in dispute resolution processes
  • Escalate significant risks or issues to higher management or relevant stakeholders, if necessary, to ensure timely and effective resolution
  • After the completion of the procurement contract, evaluate the overall risk management process. Identify lessons learned, best practices, and areas for improvement
  • Document these lessons learned to enhance future risk management practices and inform decision-making for future procurement contracts
  •  Use feedback and insights gained from the evaluation to update risk management strategies and improve the effectiveness of risk management in future contracts
Page 2 -Risk Matrix/Guides
Page 1 -Managing Procurement Risk

RL-021 Ver 1.0 (Jan 24)

Confidential & Proprietary | 2024 CBRE Inc.

Back to Top

Risk Probability Framework

Useful Links

Resource Library

Risk Matrix/Guides

Resource Library

Page 2 of 2

Page 2 -Risk Matrix/Guides
Page 1 -Managing Procurement Risk
CBRE Procurement Policy
PEP
Supplier Code of Conduct

Probability

Impact

Very Low

Low

Medium

High

Very High

Very Low

Low

Medium

High

Very High

Probability versus Impact Matrix

Scoring Probability Matrix

Likelihood of

Occurrence

Description

of Score

Score Indicators

Very High

75% + chance of occurrence

Encountered very regularly (ie: daily/Weekly)

High

50-75% + chance of occurrence

Regular occurrence, circumstances appear every 3-6 months

Medium

25-50% + chance of occurrence

Occasional occurrence (ie;- every 1-2 years)

Low

10-25% + chance of occurrence

Likely to only occur every 3 or more years

Very Low

< 10% + chance of occurrence

Rarely happend or has never happeed before

Very Low

-

Very High

Very Low

-

High

Very Low

-

Medium

Very Low

-

Low

Very Low

Low

-

Very High

Low

-

High

Low

-

Medium

Low

Low

-

Very Low

Medium

-

Very High

Medium

-

High

Medium

Medium

-

Low

Medium

-

Very Low

High

-

Very High

High

High

-

Medium

High

-

Low

High

-

Very Low

High

Very High

-

High

Very High

-

Medium

Very High

-

Low

Very High

-

Very Low

Very Low

-

Very High

Very Low

-

High

Probability

Very Low

-

Medium

Impact

Very Low

-

Low

TOLERATE

Low

-

Very High

Low

-

High

Low

-

Medium

Low

Very Low

Low

-

Very Low

Low

Medium

-

Very High

Medium

Medium

-

High

High

Medium

Very High

Medium

-

Low

Very Low

Medium

-

Very Low

Low

High

-

Very High

Medium

High

High

High

-

Medium

Very High

High

-

Low

High

-

Very Low

High

Probability versus Impact Matrix

Very High

-

High

Very High

-

Medium

Very High

-

Low

Very High

-

Very Low

CHANGE MANAGEMENT

CHANGE MANAGEMENT

MEDIUM THREAT

CHANGE MANAGEMENT

LOW THREAT

CHANGE MANAGEMENT

MEDIUM THREAT

LOW THREAT

LOW THREAT

CHANGE MANAGEMENT

CHANGE MANAGEMENT

MEDIUM THREAT

MEDIUM THREAT

MEDIUM THREAT

REVIEW

(NEW STRATEGY)

CHANGE MANAGEMENT

CHANGE MANAGEMENT

CHANGE MANAGEMENT

CHANGE MANAGEMENT

REVIEW

(NEW STRATEGY)

REVIEW

(NEW STRATEGY)

CHANGE MANAGEMENT

CHANGE MANAGEMENT

CHANGE MANAGEMENT

TOLERATE

Low RISK to the business - Manage as part of normal operations and SLA's

Low Threat

Low RISK to the business - Manage as part of normal operations and SLA's/adjust KPi's as necessary 

Medium Threat

Warning sign of poor performance or poorly crafted SLA/KPI's, Benchmark and amend SLA/KPI's

Change Management

Consider RFP- change out suppliers for improved operations. Benchmark costs and services

NEW STRATEGY

Review Business Strategy to align with Client outcomes, Conduct Benchmarking and full RFP process