Introducing a 360° Supplier Risk Management Approach
Approach 5 May. 2022

Introducing a 360° Supplier Risk Management Approach

Warding Off Risks Effectively from Identification to Resolution in a Routine Mode.

5 Reasons to Develop an Effective Risk Management Plan


A Necessary Adaptation

The risks affect all businesses and are of various kinds. They are not covered by any global device. 


The Threat of the Amplifying Effect

The risks are numerous and their origins are multiple, the amplifying effects are always more powerful and the most penalizing impacts. 


The Anticipation Need

A holistic management approach allows to tangent the exhaustiveness of the risk identification and provides the guarantee of good anticipation.


The Synchronization Need

A comprehensive approach promotes the identification and implementation of relevant prevention measures as they are developed by aligned teams.


Adopting the Right Reflexes

The approach adopted is structuring, it allows to anchor the reflexes of risk management and the associated procedures in the routines of the company. 

Addressing the Risks Commonly Encountered in Companies

KEPLER has setup a non-hierarchical list of common risks encountered in a company. This list will be adapted according to the ambitions and the context of the organization in its market.


  • Social and environmental responsibility
  • Corruption, fraud and influence peddling
  • Image
  • Regulatory conformity


  • Delivery delay
  • Supply disruption
  • Erroneous forecasts
  • Degraded supplier / subcontractor performance


  • Cost slippage
  • Deterioration of supplier relations
  • No control of row 2, .., rank n


  • Stop and Break in production
  • Breakdown / destruction of the production tool
  • Quality failure
  • Tool failure following cyber attack
  • Degraded supplier / subcontractor performance


  • Natural disaster, Epidemic
  • Geopolitics
  • Strike and social movement
  • Terrorist attack


  • MO costs increase
  • Protectionism and tax trends
  • Price volatility
  • Variation of economic indices


  • Confidentiality
  • Public liability
  • Intellectual property theft
  • Counterfeiting


  • Cybersecurity
  • Supplier dependency
  • Financial health
  • Overstocks 

The globalization of trade, commercial pressure, health risks or the massive use of social networks are all factors that amplify the impact of risks. 

For some, they can even constitute a source of risk. Their proper identification and treatment are often sufficient and in any case necessary to minimize the impact.

Faced with the proliferation of risks, their types, their extent and their origins, companies are called upon to equip themselves with effective means of management. The right approach must be holistic, methodologically rigorous, equipped and endowed with clear governance. One trick would be to take a close look at the origins of these risks!
Mathieu Louis-Sylvestre, Associate Director at KEPLER

The Difficulties Encountered in the Process

Root Cause

Designing and deploying a risk management program is a time-consuming and definitive task, which, once activated, must be carried out without interruption.

The Company wishing to acquire such a tool must, if it wants it to be effective and exhaustive, dedicate sufficient resources to it over time.

The primary cause of the failures in this area lies in a lack of calibration of these resources.

Other possible causes of failure

  1. The spirit of an effective risk management lies in the distinction between risks and their origins and work on the basis of this distinction. However, such gymnastics can be counter-intuitive if not instructed with expertise.It is necessary that the teams devote sufficient time to it and impose great methodological rigor on themselves.
  2. Understanding the methods of calculating the risk assessment, the prioritization index and the components of the index is a critical step in the project because it calls for cross-cutting concepts and subject to interpretation.
  3. Determining the appropriate level of investment for risk treatment is a critical and often overlooked step. Understanding and comparing the cost of risk and the cost of treatment is complex and complicated to be precise.

The Approach Proposed by KEPLER

To promote the completeness of management and the long-term adoption of the method by the teams, KEPLER has designed an approach inspired by the industrial world and the Analysis of Failure Modes, Effects and Criticality (FMECA).


Identify the Risks and the Origins

Conducting collaborative interbusiness workshops, explanation
of the approach and method, free speech.


Analyze and Assess Risk Exposure

Characterization of the criteria by risk / origin pair, creation of a reference for calculating the differences allowing the continuation of the couples assessment.


Map & Prioritize Actions

Prioritization and segmentation of risks via a statistical approach based on the calculation of Prioritization indices, averages and standard deviations.


Solve & Mitigate

Exploration of resolution or mitigation levers and possible alternatives before implementing the action plan.


Manage: Act and Monitor the Impact of Actions

Structuring approach supported by KEPLER’s expertise in Change Management & Transformation allowing a lasting anchoring of reflexes in the company routines.

Advantages of the solution

The implementation of a risk management process, from the identification to the treatment of the most important ones is a project that can be carried out over a period comprised between six and ten months depending on the size and complexity of the organization. 

By relying on experienced teams, able to quickly assess the context and issues, the organization will be able, using the methodology described here, to identify the broad categories of risks to which it is subject.

As part of monitoring supplier performance, and in particular compliance with regulations and CSR constraints, a company will also be able to ensure that it has put the right suppliers under control (including beyond rank 1).

he missions carried out by the firm made it possible in six months to establish a mitigation plan for several major risks and to create a management process supported by the associated procedures:

  • Supplier onboarding
  • Projects
  • New technologies
  • Identification and assessment
  • Prioritization
  • Treatment
The approach we take to identify the origins of each risk is aimed at implementing treatment solutions. This is what allows our customers to be in a preventive position across the entire value chain.It is not uncommon for the anticipatory work carried out during the identification phase to eradicate several risks resulting from the same origin, through a single action plan. It is for us the demonstration that this methodology is valid and relevant.
Youssef Mamouni-Alaoui, Senior Consultant at KEPLER

With its broad positioning in Operations, KEPLER deploys an approach inspired by the methods used within the industrial sector and dedicated to risk management.

You want to deepen the discussion about Risk Management?

KEPLER teams are at your disposal
Contact Risk Management