
Risk is fast becoming procurement’s greatest opportunity for impact.
Leaders who embrace this shift move from being cost cutters to business enablers; from tactical buyers to strategic risk guardians.
This doesn’t mean we need to throw the old metrics out the window. Spend under management is just as important as ever, but risk under management is the new badge of procurement leadership. It’s no longer just about what you save; it’s about what you prevent, protect, and future-proof in a volatile landscape.
Why the Shift to Risk Management?
Businesses today are up against an array of risks that could disrupt operations and hurt their bottom line:
- Tariff Volatility: Fluctuating tariffs create uncertainty, affecting sourcing strategies and dramatically increasing overall costs for organizations with global supply chains.
- Geopolitical Risk: Instability from events such as Russia’s invasion of Ukraine, threats to shipping in the Middle East, and tensions with China is significantly affecting supply chains and freight rates.
- Economic Instability: Rising costs of living and inflation lead to supply-demand imbalances, putting pressure on procurement teams to secure essential resources at higher prices.
- Extreme Weather Events: The increasing frequency and severity of weather-related disruptions can severely impact shipping and supply chain operations.
- Environmental, Social, and Governance (ESG) Risks: Growing scrutiny on environmental impacts and compliance with sustainability standards has become paramount for procurement.
- Cyber Attacks: The rising threat of cyber attacks on supply chains poses significant risks, with many organizations lacking adequate cybersecurity measures.
- Data Integrity and Quality: Poor data quality can lead to misinformed decisions and operational inefficiencies.
- Talent Shortages: A skills gap in the procurement and supply chain workforce, exacerbated by recent economic challenges, impacts operational effectiveness.
A Priority for CPOs and CEOs
According to The Conference Board's C-Suite Outlook 2025, nearly half of surveyed CEOs view intensified trade wars as the leading geopolitical risk for businesses in 2025, followed by concerns about foreign cyberattacks and heightened conflict risks in the Asia-Pacific region.
Furthermore, 90% of CPOs surveyed by Ardent Partners expect 2025 to be more challenging than the previous year, with top drivers of risk including tariff changes, supplier instability, and geopolitical tension.
Key initiatives for CPOs include diversifying suppliers and nearshoring (with 38% planning to increase nearshoring), enhancing supplier collaboration and lifecycle visibility, and implementing real-time risk monitoring through AI.
Understanding the Many Forms of Risk
Procurement operates at the intersection of various risk domains, allowing it to tackle a wide range of challenges effectively. Some examples include:
- Supply Chain Risk: An over-reliance on a single supplier or lack of local alternatives
- Financial Risk: Supplier insolvency and currency volatility
- Regulatory & ESG Risk: Forced labor violations, carbon emissions, and non-compliance
- Operational Risk: Long lead times, unreliable logistics, and capacity constraints
- Reputational Risk: Association with unethical vendors or unsustainable practices
Why Risk is the New ROI
We’ve written in the past about how redefining value is essential for procurement if the profession intends to stay relevant. Here’s why managing risk equates to ROI:
- Disruption Prevention is Measurable: Stopping a multi-million-dollar plant shutdown due to a single-source failure represents real ROI, even if it doesn’t reflect immediately in financial statements.
- Speed and Agility Save Money: A well-prepared procurement team can respond quickly to supplier failures, shipping disruptions, or tariff announcements, avoiding costly panic buys.
- Sustainable Suppliers Protect Brand Value: The fallout from an ESG scandal can far exceed any savings achieved, damaging long-term trust and brand value.
Leading the Charge in Risk Strategy
Ask any risk expert for the secret to success in risk mitigation, and their answer will always be the same: proactivity. Below are five key strategies for enhancing risk management.
- Build a Supplier Risk Profile: Map supplier criticality and use software tools to monitor vulnerabilities in real time.
- Integrate Risk into Sourcing Decisions: Shift evaluation criteria to include ESG scores, financial health, and geopolitical exposure.
- Collaborate Across Departments: Collaborate to increase visibility. Work with legal, finance, and operations to comprehensively assess and mitigate third-party risks.
- Embed ESG into Supplier Onboarding: Make ESG standards an integral part of the procurement process.
- Create Scenario Plans and Dual-Sourcing Strategies: Prepare for disruptions by developing contingency plans and identifying alternative suppliers.
Focus on the Factors Procurement Can Control
While there are several risk factors beyond procurement's control, such as external market conditions, supplier performance issues, regulatory changes, industry trends, and global events, it's crucial for procurement to focus on what it can control.
This means evaluating and choosing suppliers based on criteria like reliability, financial health, and ESG compliance. Additionally, contract management plays a vital role; negotiating terms that include risk mitigation strategies, such as flexibility in delivery schedules or penalties for non-compliance, is essential.
Building strong supplier relationships enhances collaboration and communication, which can help foresee and address potential issues before they escalate. Continuous risk assessment and monitoring of supplier profiles ensure that any changes impacting operations are promptly identified. Implementing robust internal processes, like dual sourcing or contingency planning, can significantly reduce vulnerability.
Lastly, educating team members and stakeholders about risk management practices and the importance of supplier reliability will help you foster a proactive approach.
Reporting on Risk Under Management
If it isn’t reportable, there’s no point in doing it. Focus on measurable metrics and clear communication to effectively report on risk under management and demonstrate to the C-Suite that procurement is playing its part in reducing the organization’s overall exposure to risk. Start by:
- Developing a Risk Matrix: Categorize risks by likelihood and impact to identify areas needing attention.
- Supplier Risk Profiles: Create scores for suppliers based on criticality and ongoing performance monitoring.
- Financial Impact Analysis: Estimate potential losses from risks and highlight the ROI of risk mitigation efforts.
Partnering with a Group Purchasing Organization
Teaming up with a group purchasing organization (GPO) like Una can boost your risk management game. GPOs tap into collective buying power to score better deals and terms, which helps reduce financial risk. They also connect you with a wider network of trusted suppliers, cutting down on supply chain vulnerabilities and making sure you’re seen as a preferred customer when demand outpaces supply.
In conclusion, embracing the new procurement mandate of risk under management is essential for organizations aiming to thrive in a volatile world. By focusing on risk and collaborating effectively, procurement can safeguard not only its own operations but also contribute to the overall resilience of the business.
Want to learn more about how to manage risk using a group purchasing organization? Download our free playbook: