10 questions for supply chain risk management solutions providers

David Shillingford I June 2, 2022

There is certain core functionality that would be expected in a supply chain risk solution, but the biggest and most important differences often lie behind the screen. Below are 10 questions to ask when selecting a solution provider that will help you get the functionality and protection you need. Ten questions cannot possibly comprise an exhaustive list, so the questions below reflect areas most often called out by analysts, experts and companies that have been building and buying supply chain risk solutions over the last decade.

1. Is your solution ‘end-to-end?’

Why it matters. Supply chain digitalization strategies should cover and connect all supply chain functions and so must supply chain risk solutions; but even more so because risks in sourcing, manufacturing and logistics directly impact each other. A connected, standardized view of risk across all functions is necessary as is visibility into sub-tier supply risk without relying on surveying Tier 1 suppliers.


2. What is your integration strategy and capabilities?

Why it matters. For supply chain risk analytics to be applicable to operations, the insights must be dynamic and embedded at the point where planning and execution decisions are being made. It is therefore necessary for solution providers to have a ‘partnership mindset,’ investing in pre-built integrations with ERP, SRM, S&OP, TMS and other platforms. Ask for evidence of such partnerships and about a provider’s API strategy and capabilities.

3. Where does your data come from?

Why it matters. This is a common question but needs to have the right emphasis and drill-down. The focus here is to find a solution that has strong capabilities in data that is specific to supply chain risks and can integrate risk data that is used across all industries and functions such as corporate financial health ratings. The difference between a company that can integrate other companies’ data and one that relies only on its own proprietary supply chain risk data sources is an important one.

4. How good is your supply chain risk data?

Why it matters. Following on from the question above, it is not good enough to say “yes” or “no” to the question “do you monitor global events?” Success here relies upon the right mix of data science to achieve real time global coverage of massive amounts of data and human expertise to train AI models and verify the results and ensure relevance to each user. These experts should be in the same time zones as your and your suppliers’ operations and fluent in the local language(s). On-the-ground intelligence direct from in-country supply chain experts across all countries is also critical in identifying events that do not make the news, knowing about them quickly and understanding the actual impact of such events.

5. What are your data science capabilities and how are they deployed?

Why it matters. The scale and complexity of supply chain risk analytics demands the application of Artificial Intelligence (AI), but this will only yield meaningful results if a company has the necessary scale and quality of training data, supply chain expertise to address the right use cases in the right way, and Big Data expertise to ensure scalability. Success in supply chain risk management is increasingly dependent on a significant investment in data science and applying it in the right way to challenges such as: obtaining and categorizing large volumes of event data; creating predictive risk scores across all risks; discovering unknown sub-tier suppliers and developing prescriptive insights. Related to this, another simple question to ask is, “do you employ graph technology and how?” Discovering and dynamically monitoring sub-tier supplier risk is close to impossible without graph technology.

6. How secure will my data be?

Why it matters. There is data privacy strategy (collect only what you need, anonymize where you can, store in the right country, share only when necessary…) and data privacy execution. The right list of questions will reveal insights into strategy, while diligence on execution risk is enabled by global standards such as SOC2 and should be considered table stakes.

7. How do you support your customers?

Why it matters. This is an open-ended question by design and somewhat subjective yet critical because this purchase is much more complex than buying a software solution; it is a journey and every company’s supply chain is different. Expertise in supply chain and supply chain risk management informs decisions on how best to implement and extract value from risk insights. Solution providers must invest in skilled, multi-lingual, global [all time zones] customer support and risk intelligence teams. Much of this comes down to a solution provider’s understanding of the importance of expert support and the ability and willingness to make the investment. This is definitely a question for conversations with reference clients.

8. How long have you been in business?

Why it matters. This tends to be a more important question for data-centric companies than those selling software without data and analytics. The universal importance of experience, lessons learned, global operations, customer references, etc. are critical, but add the importance of historical data. For example, years of detailed data on disruptive events and their impact on supply chain operations which, when organized and categorized correctly, is a critical part of training AI-powered predictive risk models.

9. What is your culture?

Why it matters. This is another open-ended question but good to ask it this way as the first check point is whether or not every employee can answer this question – i.e. is the culture intentional and broad-based? Only by being written down and shared internally and externally can a culture be lived and shared. Does this culture reflect a company that will be a strong long-term partner? Are they willing to be held accountable to these values? One measure of culture is where investments are being made and the type of talent being attracted and retained. Another good question for reference clients.

10. What is your vision?

Why it matters. All companies should know where they are going but this is a particularly important question in supply chain risk management given the variety and variance of global risks, the opportunities afforded by new technologies and the importance of being able to map this vision to your own vision for digital transformation in your supply chain.

And, like so many of the questions above, it comes down to knowing that you are about to get a new partner, not just software.


Share this post