Dun & Bradstreet

Blog

Supply Chain Perspective

How Data Analytics Prevents Disruptions 

Key steps towards a risk and data-based risk management approach to enhancing supply chain resilience

In today’s globalised world, supply chains are the backbone of the modern economy. At the same time, they are highly vulnerable to disruption. To address these challenges effectively, an increasing number of organisations are turning to the power of data analytics. Building processes and systems that can manage a broad range of supply chain risks requires focus and commitment. The following three steps help procurement teams move in the right direction.

Procurement must act as a knowledge carrier and work with data and information in an efficient way. This is the only way to master the complexity in supply chains worldwide.

Michael Seifert | Lead Automotive & Manufacturing Expert

1. Audit and clean up supplier master data

Accurate, up‑to‑date data is essential for making sound, evidence‑based decisions. Maintaining this data requires continuous oversight and a clear understanding of who your suppliers are, where they operate, who their suppliers are, and how these relationships may change over time—along with an awareness of viable alternatives.

When implementing a risk‑ and data‑driven approach, the goal should be to create an environment in which master data is clean, integrated and traceable. This may involve building a relevant data pool from scratch or, as is more often the case, cleansing, structuring and categorising existing data. With this foundation in place, organisations can make well‑informed, risk‑based assessments supported by reliable data.

2. Combine your risk-based approach with a data-driven approach to increase efficiency.

The second step is to systematically assess different types of risk and identify those most relevant to your business. Chief Procurement Officers (CPOs) should define both the likelihood of these risks occurring and their potential impact for each supplier. A good starting point is a matrix that is as simple and transparent as possible, allowing key questions to be answered at a glance: 

  • Which business relationships are most critical to the company’s success, and which suppliers are involved? 
  • Which risk factors apply? 
  • How likely are these risks to materialise?

 

Based on this matrix, a data‑driven approach can then be developed. The following considerations are particularly important: 

  • What information is required to assess the relevant risks, and what data is already available (including internal and external sources)? 
  • How good is the quality of this information—for example, in terms of timeliness, completeness, consistency, portfolio coverage and reliability? 
  • How accessible is the information? 
  • How frequently is data collected and updated, including the availability of real‑time data? 
  • How scalable is the use of data? 

Scalability is a key factor in building a long‑term, future‑proof approach to data‑based risk management. It allows organisations to start with simple, quickly deployable solutions and gradually expand both scope and complexity. At the same time, scalability makes it possible to apply different data sets to different supplier risks—aligned with the risk‑based approach—effectively establishing a data economy. 

Key aspects of scalability include: 

  • Modularity: the ability to select and combine data to assess risks relevant to specific supplier groups. 
  • Variation in data depth: using simple indicators and KPIs to automatically assess suppliers with low risk potential, while applying more extensive due diligence for complex or strategic decisions. 
  • Different levels of integration: while fully integrated system or application solutions are the most effective way to analyse and manage risks automatically, they are rarely the starting point. Browser‑based solutions that support ad‑hoc insights and portfolio analysis can be highly effective, particularly when combined with selected internal supplier data. 

Any later, more deeply integrated solution should build on and extend existing data models. Data consistency is critical: modern risk management evolves over time. Initial solutions typically focus on the most urgent risks and most critical suppliers, often with limited integration. As maturity increases, requirements become more complex and extend across additional procurement processes and integrated systems. Ensuring data consistency throughout this journey helps prevent gaps in risk assessment. 

A subsequent integrated solution should then build upon and extend the existing data models. Data consistency is crucial – implementing modern risk management is a process. Initially, solutions focus on the most pressing risks and key suppliers with a low level of integration. As the process progresses, the requirements become increasingly complex, extending to more procurement processes and integrated solutions. Therefore, it is essential that the data used is as consistent as possible to avoid gaps in risk assessment.

Early warning system and benchmark

The data-driven approach is complemented by the implementation of an early warning system, which increases the application's level of automation, reduces the effort required for manual checks, and focuses attention on relevant risks and events. Individual data elements (triggers) with defined significant thresholds can be used for the early warning system. Furthermore, it is beneficial to monitor changes and analyze trends from time-series data to generate early warnings.

The introduction of benchmarks within a comparison group or between different comparison groups ultimately also enables the control and optimization of risk management in a continuous improvement process, which closes the control loop and is reflected in the further development of risk- and data-based approaches.

3. Define your risk tolerance

The next phase of the process involves defining your risk tolerance – the level of risk your organization or company is willing to accept or tolerate in its relationships with third parties. 

 Risk tolerance is typically shaped by a combination of factors, including: 

  • The organisation’s goals and objectives 
  • Its willingness to take risks in pursuit of those goals 
  • Its ability to absorb potential losses 
  • Applicable regulatory requirements 
  • Stakeholder expectations, including those of shareholders, customers and employees 

Risk tolerance cannot be generalised. It must be tailored to the specific needs, priorities and circumstances of each organisation. Proportionality depends largely on the nature of the business, the stakeholders involved, and the extent to which risks may affect them. 

Different industries face different risk profiles and regulatory pressures. Pharmaceutical manufacturers, for example, are typically exposed to a broader range of regulatory risks and more severe potential consequences than consumer goods manufacturers. As a result, they may operate with a lower risk tolerance in their day‑to‑day activities. 

Download the Supplier Risk Guide

Download Now