As February started, an important conversation got underway: SIG was back in the City of London with a highly engaged group of procurement professionals to explore the latest trends and topics that are shaping their world.
The role of the CPO has come a long way over the last 20 years and change is exponential; happening across the what, how and who of procurement
- What: organizations are buying new products and services (everything "As A Service," digital and digital-enablers, RPA and other automation tools and services)
- How: new tools and techniques are being deployed in procurement both because these new products and services need to be acquired in new ways and to drive productivity and effectiveness through analytics and better insight
- Who: a growing millennial workforce and digital workforce presents new opportunities and challenges for operational management of services
A recent study from IBM shows that the highest priorities for the CPO are to contribute to revenue growth, to drive innovation across the supply chain and to protect the enterprise brand. Cost is mentioned nowhere, but more because it goes without saying and not because it is no longer a priority.
So, the CPO and their teams are making a strategic contribution to the organization but still find themselves a step removed from the centers of power as they report in through another function and are rarely represented on the board. In a period of exponential change is this procurement’s opportunity to rise to the challenge and enable safe, profitable, innovative growth to earn their place on the top floor?
We discussed this question with the group at our London event and there were two clear messages coming out of our deliberations. Firstly, to get the basics right - know your business units and customers, govern your relationships and change the language that you are using away from buying and towards sourcing – the language of value and not the language of cost containment.
Secondly, and this may be the key that unlocks the boardroom, the increased risk to the corporation in an era where every aspect of business is touched by third parties puts the CPO and their team at the front line of protecting the business’s reputation. At a time when there is a 22% chance of a security breach of at least 10,000 records within the next 24 months (and the average cost of a breach was $4 million last year, combined with the fact that the cost is likely to be 10% higher if a third party was involved), the procurement organization is in a make or break position – financially as well as reputationally.
To ensure a safe and resilient supply chain, the CPO needs to weave risk management and cyber security awareness into the processes, systems and culture of his or her organization, remembering that the security of the organization is only as good as the weakest link. Providers should be comprehensively vetted and selected for their low risk profile as well as their proposition. And it is not a one-off exercise: continuous monitoring of the changing risk position of providers is also essential as well as being an excellent opportunity for automation within the procurement function.
So, where will the conversation be this time next year? As adoption of the Internet of Things compounds existing cyber risks, all indicators point towards a negative trend across all types of incident. A 2016 report from Symantec showed:
- Zero-day vulnerabilities, i.e. vulnerabilities in software of which the software creators are unaware, increased 125% in the previous year
- The total number of identities exposed through data breaches increased by 23%, although it was also noted that many companies are choosing not to reveal the full extent of their data breaches and Symantec estimates that a massive 85% are unreported
- Phishing attacks increased 55%
This means that the risk management element of the CPO’s role becoming more important and a closer working relationship with the CIO must emerge. This alliance will be designed to reduce the vulnerabilities introduced into the organization by third parties, to monitor ongoing changes in risk profile and to close existing gaps as they are identified.
Eleanor Winn is the Managing Director of EMEA for SIG. Prior to joining SIG, she was a Managing Director with Alsbridge, after her own advisory firm Source was acquired by them in 2015. She is a recognized IT and sourcing expert who has extensive experience in onshore and offshore outsourcing across IT and various other business processes. She has been responsible for implementing sourcing deals for a wide range of global clients, leading successful programs involving all stages of the sourcing lifecycle from strategy development through to supplier management. She is acknowledged as a skilled influencer, consistently building high performing and loyal teams. She has spent her entire career in outsourcing, including experience working for providers, clients and advisors.