Using the NIGP Code to facilitate risk-based procurement

We manage risk every day without thinking about it. We watch the morning weather and pick out clothing. We decide which route to take to work. We decide to refinance our home. We choose a babysitter on Saturday night. In each case, we are managing risk by balancing price with both expected and unexpected results. We make some purchases without thinking, but for others we agonize and are cautious at each step.

The Random House Unabridged Dictionary defines risk as, “The exposure to the chance of injury or loss; a hazard or dangerous chance.” In public procurement, the focus is often not on risk but keenly focused on price; the general public expects, and conventional wisdom dictates, that we find the lowest price. But we should remember the old joke in which the astronaut said: “Just think, we are sitting on a rocket with a million moving parts all provided by the lowest bidder.” What other factors beyond price come into play? More to the point: How does risk play into public procurement, and how do we begin formally incorporating risk management into the process?

Incorporating risk into procurement is not new; however, recent research points to opportunities to enable an organization to focus on risks that are important to success through assessment, identification, procurement and management.

According to the Aberdeen Group in The CPO’s Agenda 2009: Smart Strategies for Tough Times, 71 percent of CPOs view supply risk as having increased in the past 18 months, yet only 38 percent of best-in-class organizations are developing supply risk mitigation strategies. There is an area of opportunity for risk-based procurement. The following approach was developed and presented by Dave Porter of the PMMS Consulting Group in Procurement Strategy Guidance.

Assessing your procurement

A Pareto analysis of suppliers generally supports the well-known “80-20 rule,” i.e., we buy 80 percent of our goods from 20 percent of our suppliers. Understanding which suppliers provide the bulk of products and services provides us a better perception of the playing field where we operate. The next component is to understand the risks associated with the procurement, including factors such as:

• Market difficulty: What is the extent of real competition in the market?

• Complexity in switching: How difficult is it to replace the supplier?

• Business impact: What is the impact if something goes wrong (safety, environmental, legal)?

Using the risk factors, you can rate procurements in relative terms to each other based on risk. Some simply use a scale of 1 to 5 for each segment, with total risk being the sum of the factors.

The procurement quadrants

Using the dollar volume of spend and the relative risk, procurement can be broken into four quadrants, as depicted in the first diagram.

The quadrants can be described as:

• Strategic Security: Low value but have quality, safety, reliability, environmental issues coupled with availability of suppliers, e.g., mission-critical water pumps, shuttle-bus service for schools.

• Strategic Critical: High cost, high risk (quality, safety, supplier pool), e.g., bridge or office building construction or an ERP implementation.

• Tactical Acquisition: Low value, low business exposure, e.g., office supplies.

• Tactical Savings (or cost-reduction): High cost without the quality, safety issues and a large number of suppliers, e.g., desktop computers, copier services, cell phone service. While government is not a “bottom line”-oriented entity, it can focus on areas where prices can be reduced.

While the diagram depicts an equal horizontal distribution, in reality, 5 to 10 percent of spend, or 70 percent of vendors, should be in the left two quadrants.

Using the NIGP Code for analysis

When determining how to correlate spend with risk, the NIGP Code plays a natural role. By using the NIGP Code to track spend data, we have a mechanism to group procurement spend in order to build discrete market baskets for analysis. Your organization may roll up spend by 5-digit code or at the 3-digit level. Either way, it provides an excellent grouping mechanism. Once bundled, the risk factors can be applied to determine the relative risk associated with the market basket, as depicted in the second diagram:

Procurement strategies

With each quadrant, the goals and objectives are different, with the strategies for execution and metric for success also being different.

• Strategic Security: Ensure supply through long-term contracts, potential inventory holdings, identification of alternative products and use of price indexes.

• Strategic Critical: Manage supplier through detailed market and supplier knowledge, use of purchase price and cost analysis (are you paying a fair price?), and contingency planning for supplier or product/service replacement.

• Tactical Acquisition: Minimize attention through the use of P-cards, blanket agreements, delegated authority and supplier website ordering.

• Tactical Savings (or cost reduction): Drive lower costs through short-term contracts, framework agreements (where terms and conditions are negotiated with contracts being issued for work/products as needed), in-depth market knowledge and flexibility in the products and services requested.

Each organization is unique, and what constitutes high-risk procurement for one may not be so for others. In addition, risk profiles and procurement volumes can/will change over time, thus requiring periodic review. It does require more effort than watching the morning weather, but the benefits of missing an avoidable procurement storm will certainly help brighten your day.

Sources:
Bartolini, A., Aberdeen Group, “Open the CPO’s Agenda 2009; Smart Strategies for Tough Times,” April 2009.
Porter, D., PMMS Consulting Group, “Procurement Strategy Guidance,” November 2003.

John Walters is the president of NIGP Code Services at Periscope Holdings, the custodian of the NIGP Code on behalf of NIGP. Walters has been involved in public procurement since 1997 and has served as a consultant, trainer and speaker. Contact him at [email protected].